TOPIC 1 PRINCIPLES OF AUDITING

Definition and explanation of auditing

Auditing is the process of objectively obtaining and evaluating evidence about the information in-order to
report on the compliance of the information with the established criteria to interested users. The definition is
explained below

 Information – In order to do auditing, there must be information in a verifiable form like an entity’s
financial statements or the income tax returns to URA.
 Criteria – the information is evaluated against established criteria like the international financial reporting
standards (IFRS) in the audit of historical financial statements, the domestic tax department guideline for
income tax returns or the criteria agreed upon with the client.
 Evidence – is any information collected by the auditor to determine whether the information being audited
is stated in accordance with the established criteria. The auditor should collect sufficient appropriate
evidence using various ways like inspection of documents and observation of procedures.
 Competent and independent person – the audit is done by an auditor that must be competent in order
to understand the criteria and that is independent of the client in order to be objective. Independence
ensures that the audit can be relied on by various stakeholders.
 Audit report – the auditor’s findings on the compliance of the information against established criteria
must be communicated in an audit report to interested users to facilitate decision making.

An audit can also be defined as the systematic and independent examination of the books of accounts,
statutory records, documents and vouchers of an organization to ascertain whether the financial statements
as well as non-financial disclosures present a true and fair view of the organisation.

The terms auditing and performing an audit are used interchangeably. The key terms in auditing are further
explained using the example on the audit of financial statements.

An audit of financial statements

In conducting an audit of financial statements of a company, auditors check compliance of the financial
statements with the international reporting standards and the companies’ act of Uganda 2012.

When collecting audit evidence, auditors for example check whether:

 The statement of financial position:

- Includes all the assets, equity and liabilities at the reporting date
- Includes only assets and liabilities that existed at the reporting date
- Includes only assets providing economic benefits and liabilities creating obligations to the entity.
- Amounts are properly valued, classified and disclosed in accordance with relevant IFRSs

 The statement of profit or loss and other comprehensive income:

- Includes only revenue and expenses transactions that occurred during the period
- Includes all revenue and expenses for the period
- Shows revenue and expenses at accurate amounts
 The related notes are complete and comply with the relevant IFRSs

1 Principles of Auditing Notes 2020

The audit of financial statements involves verifying the entity’s accounting records and collecting evidence
from external banks and debtors.

The relationship between auditing and accounting

Some people confuse auditing and accounting as the audit of financial statements is done by Certified Public
Accountants (CPAs). The following shows the relationship between the two in relation to financial statements.

Accounting is the recording of the entity’s transactions and events and the preparation of financial reports to
facilitate decision making about the entity.

Management is responsible for preparing financial statements that show a true and fair view of the entity’s
financial position, performance and cash flows and comply with the applicable financial reporting frame work
(international financial reporting standards (IFRSs) and laws).

Conversely, the audit of financial statements obtains sufficient appropriate audit evidence using audit
procedures in accordance with auditing standards

The auditor expresses an opinion in an audit report (based on the evidence obtained) whether the financial
statements show a true and fair view of the entity’s financial position, performance and cash flows with the
relevant IFRSs and laws. The financial statements together with the audit report are included in the entity’s
financial report.

Accountants use accounting standards whereas auditors of financial statements use both accounting and
auditing standards to do their work.

Demand for auditing

Users demand that the information they are given should be audited because this increases its credibility and
reduces information risk. Information risk is the risk that information on which decision are made may be
misstated. Information risk may arise from the following factors;

 Conflict of interest – there may be a conflict of interest between the principal (shareholders) and the
agents (the directors) who manage the company on their behalf. Managers are likely to serve their
interests by manipulating information provided to shareholders. For example, they may inflate profits in
order to earn higher bonuses or to have their employment contracts renewed. Agency theory explains
the demand for auditing (see diagram). Auditing the company’s financial statements annually protects
the shareholders’ investments from unscrupulous managers and protects other stakeholders from
fraudulent shareholders.

 Remoteness of information – the separation from management prevents users from accessing all the
information required to make decisions and leads to information asymmetry. Information asymmetry
refers to the difference in the amount of information available to the various parties to a business
transaction which makes those with information to have an information advantage over others.
Management may withhold or give wrong information about the current and future prospects of the entity
from external users like shareholders. Auditing reduces information asymmetry by providing reliable
information to users.

2 Principles of Auditing Notes 2020

 Complexity of information – many users may not understand complex entry transactions or may lack
knowledge of IFRSs used in the preparing financial statements. Auditors assist users in this aspect
 High volume of data – as entities expand, the likelihood of intentional and unintentional misstatements
increases. An audit is therefore needed to detect such misstatements.

The commonest way for users to obtain reliable information is to have an independent audit. An auditor is
appointed by shareholders to audit financial statements and provide assurance to users that the financial
statements are reliable. External users such as shareholders and lenders use the audited financial
statements to make decisions because they assume they are reasonably complete, accurate, and unbiased.
They rely on the audited information as the auditor is independent from the client.

The agency theory showing the demand for auditing

Hires the auditor to check the

fairness of financial reports

Principal
Auditor
(Shareholders /investors)
Makes an audit report that adds
credibility to financial reports

Prepares financial reports

showing accountability for
resources The fairness of the financial
reports is verified by an
Provide Capital & hires
independent auditor to
agents to manage resources Agent (Managers) reduce information risk

The development of auditing

The nature and objective of auditing has changed over time globally as entities and accounting change to
suit the needs of users of information. These changes can be grouped into four main phases (see table
below).
Period Business developments Audit objective Nature of auditing
Prior the  Audit of city states, individuals (like tax  Detection of fraud  Detailed
industrial collectors & real estate agents and verification of
revolution business ventures) transactions
(1850)  No reliance on
internal controls
1850s to  Formation of companies  Detection of fraud  Audit of financial
1920s and errors statements

3 Principles of Auditing Notes 2020

  Companies audit made compulsory by  No reliance on
the companies’ Acts to maintain internal controls
company solvency
1920s to  Development of capital markets to  Determine whether  Reliance on
1940s raise more capital for companies financial statements internal controls
 Need for efficient capital markets to are accurate and and sampling
maximize company earnings show a true and fair became necessary
view due to the high
 Detection of fraud volume of
and errors transactions
1940s to  Development of auditing standards  Determine whether  Internal control
date  Increased demand for reporting financial statements determines the
compliance and internal controls show a true and fair audit approach
 Big financial scandals in the 21st view (1940-1985)
century e.g. Enron (2001), WorldCom  Risk assessment
(2202) and the global banking crisis determines the
around 2010. audit approach –
 Closer supervision of auditors by firms the risk based
governing accountants audit (1985 to
date)

Parties that use audited financial statements

 Suppliers and trade creditors are interested in information that will help them determine whether the
amounts owing to them will be paid on time.
 Lenders – want information that will enable them to decide whether their loans will be paid when due, and
whether or not to issue new loans to the entity.
 Investors / shareholders – who supply risk capital in the form of funding, this group are concerned with
the risk inherent in, and the return provided by their investments
 Customers will be interested in the continuance of the entity, especially if they depend on it themselves.
 Employees – wish to know about the stability and profitability of their employers. This may give them
confidence about their jobs and could be used to discuss salary and conditions of employment.
 The Government and government agencies are interested in the allocation of resources and the activities
of the entities in general.
 The General public may be affected by an entity in a number of different ways, especially how an entity
may contribute to the local economy.
 Management – The larger a business grows, the more important it is to keep track of who is accountable
for what. This is especially true when shareholders are on-board and accountability is a demand.
Managers need to ensure they are keeping up to date with providing accurate reports as far as they can,
but there is no substitute for an independent audit of financial statements to crosscheck performance.
 Tax authorities – audited financial statements are important to tax authorities to ensure the accuracy of
taxes and additional duties declared and paid by your company.

4 Principles of Auditing Notes 2020

Types of auditing

There are many types of audit but only the following are considered in this section.

Statutory Audit

This is the audit required by the laws of a country.

 For example, in Uganda, the following entities are required to have annual audit by the laws below:
 Companies-the Companies Act
 Government ministries and local government authorities-the public finance and Accountability Act
 Banks-the Financial Institutions Act
 The Appointment procedures and duties of the external Auditor and the scope of the audit are specified
by the law.
 The main advantage of this audit is to protect the interests of the various stakeholders in the entity like
banks that have given loans to the company

Non-Statutory Audit (private audit)

This is an audit not required by law but is performed because it is needed by the proprietors, members
trustees, governing bodies or other interested stakeholders.

 For example, the audit of sole traders and many charities is non-statutory or private audit.
 The appointment procedures and duties of the external auditor and the scope differ from entity to entity
 The scope of the audit varies with the needs of the client and may cover only a few areas where
management suspects errors or fraud like cash receipts and payments
 The main advantage of this audit is to improve accountability in the business

External audit
It is the annual audit of financial statements done by external auditors that are appointed by shareholders.
 It is usually a statutory audit
 Its objective is to enable the auditor to express an opinion on whether the financial statements:
 Give a true and fair view ( or present fairly in all material respects )
 Are prepared in accordance with the relevant financial reporting standards and laws
 The external auditor report is submitted to the shareholders of a company and may be published
 It is done in accordance with the laws, auditing standards and the code of ethics in the country

Internal audit
Internal audit is an appraisal or monitoring activity established or provided as a service to the entity
 It helps the organization achieve its objectives by improving the effectiveness of risk management, the
internal control system and governance process
 It is done by internal auditors who are employees or who are outsourced
 It is statutory in banks and the public sector

5 Principles of Auditing Notes 2020

 Internal audit reports are submitted to management and used for improving the system. Internal
auditors do not express an opinion on the financial statements.

Forensic Audit
Forensic audit is the use of audit procedures to collect reliable evidence and prepare a report suitable for use
in a court of law or to settle a legal matter.
 It involves a detailed review of documentary evidence, collection of exhibits like documents and
computer files, quantifying fraud related loss, tracing lost funds and other assets, identification and
recovery of assets, identification of expert witnesses etc.
 For example, it is used in investigations of fraud by employees, tax evasion, professional negligence
cases (e.g. if you want to sue an auditor for negligence, you would request a separate forensic audit
to determine how much the poor audit cost you) and determining the amount of the insurance claims.
 It is done by financial experts who include certified fraud examiners
 Although it is the courts that determine fraud, a forensic auditor may testify in court as an expert witness
and the forensic audit reports provide court with answers to the how, where, what why and who
questions.

Public Sector audit

State owned companies and institutions are required by law in several jurisdictions to have their affairs
examined by a public sector auditor. In many countries, public sector audits are conducted under the
supervision of the auditor general which is an institute responsible for strengthening public sector
accountability and governance and promoting transparency.

Public sector audit involves the scrutiny of the financial affairs of the state owned enterprises to assess
whether they have been operated in way which is in the best interest of the public and whether standard
procedures have been followed to comply with the requirements in place to promote transparency and good
governance (e.g. public sector procurement rules). Public sector audit therefore goes a step further than the
financial audit of private organizations which primarily focuses on the reliability of financial statements. Audits
of public sector companies are becoming increasingly concerned with the efficiency, effectiveness and
economy of resources used in state organizations which has given way for the development of value for
money audits.

Tax audit

Tax audits are conducted to assess the accuracy of the tax returns filed by a company and are therefore
used to determine the amount of any over or under assessment of tax liability towards the tax authorities. In
some jurisdictions, companies above a certain size are required to have tax audits after regular intervals
while in other jurisdictions random companies are selected for tax audits through the operation of a balloting
system.

Information System audit

Information system audit involves the assessment of the controls relevant to the IT infrastructure within an
organization. Information system audits may be performed as part of the internal control assessment during
internal or external audit.

6 Principles of Auditing Notes 2020

Information system audit generally comprises of the evaluation of the following aspects of information system:

 Design and internal controls of the system

 Information security and privacy
 Operational effectiveness and efficiency
 Information processing and data integrity
 System development standards

Environmental & Social audit

Environmental & Social Audits involve the assessment of environmental and social footprints that an
organization leaves as a consequence of its economic activities. The need for environmental auditing is
increasing due to higher number of companies providing environment and sustainability reports in their
annual report describing the impact of their business activities on the environment and society and the
initiatives taken by them to reduce any adverse consequences.

Environmental auditing has provided a means for providing assurance on the accuracy of the statements and
claims made in such reports. If for example a company discloses the level of CO2 emissions during a period
in its sustainability report, an environment auditor would verify the assertion by gathering relevant audit
evidence.

Compliance audit

In many countries, companies are required to conduct specific audit engagements other than the statutory
audit to comply with the requirements of particular laws and regulations. Examples of such audits include:

 Verification of reserves available for distribution to shareholders before the declaration of interim dividend
 Audit of the statement of assets and liabilities submitted by a company at the time of liquidation
 Performance of cost audit of manufacturing companies to verify the cost of production in order for a
regulator to determine the maximum price to be allowed after allowing a reasonable profit margin to
companies operating in a sensitive sector (e.g. pharmaceuticals industry)

Value for money audit / performance audit

Value for money audits involves the assessment of the efficiency, effectiveness and economy of an
organization's use of resources. Value for money audits are increasingly relevant to sectors which do not
have profit as their main objective such as the public sector and charities. They are usually performed as part
of internal audit or public sector audit.

Construction audit

This is an analysis of the costs incurred for a specific construction project. Activities may include an analysis
of the contracts granted to contractors, prices paid, overhead costs allowed for reimbursement, change
orders, and the timeliness of completion. The intent is to ensure that the costs incurred for a project were
reasonable.

7 Principles of Auditing Notes 2020

Investigative audit.

This is an investigation of a specific area or individual when there is a suspicion of inappropriate or fraudulent
activity. The intent is to locate and remedy control breaches, as well as to collect evidence in case charges
are to be brought against someone.

Comprehensive audit

Usually includes compliance, performance and financial audits and is done to collect detailed evidence
needed to restructure an entity or to carry out fraud investigations.

Benefits and limitations of an external audit

Benefits of an audit

The following are the key benefits of an audit to an entity:

 Provides reliable information to capital markets – this improves investor confidence, ensures that
capital is invested in the most profitable business and improves the efficiency of capital markets.
 Enhances the credibility of financial statements, for example, audited financial statements:
- Are used by financial institutions to determine the capacity of loan repayments when evaluating
loan applications
- Are used by tax authorities as a basis for tax assessment
- May be used by workers to demand higher wages and salaries
 Improves the stewardship function of management especially where management is separate from
ownership
 Reduces the risk of fraud and error-regular audits may:
- Create fear among employees and act as a deterrent to fraud and errors
- Lead to detection of errors and frauds in financial statements and the incorporation of necessary
adjustments
 Improvement of the internal control system as auditors give advice on ways of improving the
system.
 Provide information in business acquisition/mergers-audited financial statements:
- Are used by prospective buyers to carry out due diligence on the business to be acquired
- Facilitate the negotiation of terms of new partners and the settlement of claims on the
retirement/death of existing partners.

Limitations of an audit

The auditor’s report cannot give absolute assurance (100%) that the financial statements are free from
material error and fraud. Auditors do not certify the financial statements are correct, but only express an
opinion. This is due to inherent limitations of an audit that arise from the nature of financial reporting, the
nature of audit and the need for the audit to be conducted within a reasonable period of time and at reasonable
cost.

 Management use judgment in applying the financial reporting standards and laws when preparing
financial statements

8 Principles of Auditing Notes 2020

 Many financial statements figures (e.g. inventory) are accounting estimates which are arrived at
subjectively that no additional auditing procedures can make figures 100% accurate. Auditors simply
check whether the estimates are reasonable given the circumstances.
 Management may not provide all the information necessary for the audit intentionally or unintentionally.
 There may be a problem of completeness of information
 Auditors use judgments in collecting evidence e.g. in assessing risk, what items to test, how many
items to test and whether the errors are representative of the population
 Much of the audit evidence is persuasive rather than conclusive as it shows as it shows what is
probable and not certain
 Audit procedures used to gather audit evidence may not detect fraud involving sophisticated and
carefully organized schemes designed to conceal it. For example, an auditor may not be an expert in
the authentication of falsified documents.
 An auditor is not an official investigation into alleged wrong doing. Accordingly, the auditor is not given
specific legal powers, such as the power of search, which may be necessary for such an investigation.
 Auditors use sampling and do not test all the transactions and balances included in the financial
statements in-order to complete the audit on time and at a reasonable cost. This creates sampling risk
(the risk that the conclusions reached may be different from those if the whole populations were tested.

Due to the inherent limitations of an audit, there is the risk that some material misstatements of the financial
statements may not be detected, even though the audit is properly planned and performed in accordance
with auditing standards.

The differences between auditing and accounting

Accounting is the process of recording, analyzing, summarizing and communicating financial information
about an entity in financial reports to various users to facilitate decision making. Accounting involves book-
keeping and the preparation of financial statements and is the responsibility of management.

On the hand, auditing is the independent examination of financial statements and accounting records (books
of accounts) and expression of an opinion on financial statements. Auditing does not involve the preparation
of the accounting records and the financial statements. However, auditors may offer such accounting services
to clients under separate contracts. However, even where the financial statements are prepared by the
auditor, there is still need for an audit. Generally one can say that auditing is done after accounting has taken
place.

Auditing is usually conducted at the end of the financial year while accounting is conducted throughout the
year i.e. it is a continuous process.

Auditing is guided by auditing standards and guidelines (ISAs) and supervised by professional bodies (like
the institute of certified public accountants of Uganda). As for accounting, it is guided by accounting standards
(IASs or IFRSs) and guidelines and supervised by management.

Auditing is performed by a qualified accountant whereas accounting is conducted by any competent

accountant.

Auditing is conducted not only for the owners but also other stake holders whereas accounting is concluded
by management.

9 Principles of Auditing Notes 2020

Auditing is conducted using tests as an aid to the process of auditing whereas accounting is conducted using
vouchers, various books of accounts e.g. Journals, ledgers etc.

Auditing is based on accounting information which implies that accounting has to be done first and auditing
follows.

Differences between auditing and investigations

 An Audit is carried out to ensure that the Statement of financial position (balance Sheet) and the profit
and Loss A/C show a true and fair picture. But, on the other hand, an investigation is carried out on for
some predefined purpose e.g. to know the financial position of the company or its earning capacity.

 An Audit is limited only for an examination of the accounts of the concern but the investigation covers
not only examination of accounts, it involves probing deep into the matter and looking for required
information far behind the books whenever necessary.

 The Investigation is not legally compulsory but audit is statutorily compulsory in case of joint stock
companies.

 Auditing can only be conducted by a chartered accountant but it is not necessary that an investigator
must be a Chartered accountant.

 An audit is always carried out on behalf of the owner of the business, but the investigation may be
conducted on behalf of the proprietor of the business, in case he suspects any fraud, or on behalf of the
outside parties.

 An audit always relates to a period of 1 year or 6 months but the investigation may cover several years.

 Investigation is done when the books of accounts are already subject to a regular audit i.e. the
investigation starts where the audit ends.

Unlike auditor, an investigator is not bound by accounting conventions, policies and disclosure requirements.

10 Principles of Auditing Notes 2020