Professional Documents
Culture Documents
Auditing is the process of objectively obtaining and evaluating evidence about the information in-order to
report on the compliance of the information with the established criteria to interested users. The definition is
explained below
Information – In order to do auditing, there must be information in a verifiable form like an entity’s
financial statements or the income tax returns to URA.
Criteria – the information is evaluated against established criteria like the international financial reporting
standards (IFRS) in the audit of historical financial statements, the domestic tax department guideline for
income tax returns or the criteria agreed upon with the client.
Evidence – is any information collected by the auditor to determine whether the information being audited
is stated in accordance with the established criteria. The auditor should collect sufficient appropriate
evidence using various ways like inspection of documents and observation of procedures.
Competent and independent person – the audit is done by an auditor that must be competent in order
to understand the criteria and that is independent of the client in order to be objective. Independence
ensures that the audit can be relied on by various stakeholders.
Audit report – the auditor’s findings on the compliance of the information against established criteria
must be communicated in an audit report to interested users to facilitate decision making.
An audit can also be defined as the systematic and independent examination of the books of accounts,
statutory records, documents and vouchers of an organization to ascertain whether the financial statements
as well as non-financial disclosures present a true and fair view of the organisation.
The terms auditing and performing an audit are used interchangeably. The key terms in auditing are further
explained using the example on the audit of financial statements.
In conducting an audit of financial statements of a company, auditors check compliance of the financial
statements with the international reporting standards and the companies’ act of Uganda 2012.
Some people confuse auditing and accounting as the audit of financial statements is done by Certified Public
Accountants (CPAs). The following shows the relationship between the two in relation to financial statements.
Accounting is the recording of the entity’s transactions and events and the preparation of financial reports to
facilitate decision making about the entity.
Management is responsible for preparing financial statements that show a true and fair view of the entity’s
financial position, performance and cash flows and comply with the applicable financial reporting frame work
(international financial reporting standards (IFRSs) and laws).
Conversely, the audit of financial statements obtains sufficient appropriate audit evidence using audit
procedures in accordance with auditing standards
The auditor expresses an opinion in an audit report (based on the evidence obtained) whether the financial
statements show a true and fair view of the entity’s financial position, performance and cash flows with the
relevant IFRSs and laws. The financial statements together with the audit report are included in the entity’s
financial report.
Accountants use accounting standards whereas auditors of financial statements use both accounting and
auditing standards to do their work.
Users demand that the information they are given should be audited because this increases its credibility and
reduces information risk. Information risk is the risk that information on which decision are made may be
misstated. Information risk may arise from the following factors;
Conflict of interest – there may be a conflict of interest between the principal (shareholders) and the
agents (the directors) who manage the company on their behalf. Managers are likely to serve their
interests by manipulating information provided to shareholders. For example, they may inflate profits in
order to earn higher bonuses or to have their employment contracts renewed. Agency theory explains
the demand for auditing (see diagram). Auditing the company’s financial statements annually protects
the shareholders’ investments from unscrupulous managers and protects other stakeholders from
fraudulent shareholders.
Remoteness of information – the separation from management prevents users from accessing all the
information required to make decisions and leads to information asymmetry. Information asymmetry
refers to the difference in the amount of information available to the various parties to a business
transaction which makes those with information to have an information advantage over others.
Management may withhold or give wrong information about the current and future prospects of the entity
from external users like shareholders. Auditing reduces information asymmetry by providing reliable
information to users.
The commonest way for users to obtain reliable information is to have an independent audit. An auditor is
appointed by shareholders to audit financial statements and provide assurance to users that the financial
statements are reliable. External users such as shareholders and lenders use the audited financial
statements to make decisions because they assume they are reasonably complete, accurate, and unbiased.
They rely on the audited information as the auditor is independent from the client.
Principal
Auditor
(Shareholders /investors)
Makes an audit report that adds
credibility to financial reports
The nature and objective of auditing has changed over time globally as entities and accounting change to
suit the needs of users of information. These changes can be grouped into four main phases (see table
below).
Period Business developments Audit objective Nature of auditing
Prior the Audit of city states, individuals (like tax Detection of fraud Detailed
industrial collectors & real estate agents and verification of
revolution business ventures) transactions
(1850) No reliance on
internal controls
1850s to Formation of companies Detection of fraud Audit of financial
1920s and errors statements
Suppliers and trade creditors are interested in information that will help them determine whether the
amounts owing to them will be paid on time.
Lenders – want information that will enable them to decide whether their loans will be paid when due, and
whether or not to issue new loans to the entity.
Investors / shareholders – who supply risk capital in the form of funding, this group are concerned with
the risk inherent in, and the return provided by their investments
Customers will be interested in the continuance of the entity, especially if they depend on it themselves.
Employees – wish to know about the stability and profitability of their employers. This may give them
confidence about their jobs and could be used to discuss salary and conditions of employment.
The Government and government agencies are interested in the allocation of resources and the activities
of the entities in general.
The General public may be affected by an entity in a number of different ways, especially how an entity
may contribute to the local economy.
Management – The larger a business grows, the more important it is to keep track of who is accountable
for what. This is especially true when shareholders are on-board and accountability is a demand.
Managers need to ensure they are keeping up to date with providing accurate reports as far as they can,
but there is no substitute for an independent audit of financial statements to crosscheck performance.
Tax authorities – audited financial statements are important to tax authorities to ensure the accuracy of
taxes and additional duties declared and paid by your company.
There are many types of audit but only the following are considered in this section.
Statutory Audit
For example, in Uganda, the following entities are required to have annual audit by the laws below:
Companies-the Companies Act
Government ministries and local government authorities-the public finance and Accountability Act
Banks-the Financial Institutions Act
The Appointment procedures and duties of the external Auditor and the scope of the audit are specified
by the law.
The main advantage of this audit is to protect the interests of the various stakeholders in the entity like
banks that have given loans to the company
This is an audit not required by law but is performed because it is needed by the proprietors, members
trustees, governing bodies or other interested stakeholders.
For example, the audit of sole traders and many charities is non-statutory or private audit.
The appointment procedures and duties of the external auditor and the scope differ from entity to entity
The scope of the audit varies with the needs of the client and may cover only a few areas where
management suspects errors or fraud like cash receipts and payments
The main advantage of this audit is to improve accountability in the business
External audit
It is the annual audit of financial statements done by external auditors that are appointed by shareholders.
It is usually a statutory audit
Its objective is to enable the auditor to express an opinion on whether the financial statements:
Give a true and fair view ( or present fairly in all material respects )
Are prepared in accordance with the relevant financial reporting standards and laws
The external auditor report is submitted to the shareholders of a company and may be published
It is done in accordance with the laws, auditing standards and the code of ethics in the country
Internal audit
Internal audit is an appraisal or monitoring activity established or provided as a service to the entity
It helps the organization achieve its objectives by improving the effectiveness of risk management, the
internal control system and governance process
It is done by internal auditors who are employees or who are outsourced
It is statutory in banks and the public sector
Forensic Audit
Forensic audit is the use of audit procedures to collect reliable evidence and prepare a report suitable for use
in a court of law or to settle a legal matter.
It involves a detailed review of documentary evidence, collection of exhibits like documents and
computer files, quantifying fraud related loss, tracing lost funds and other assets, identification and
recovery of assets, identification of expert witnesses etc.
For example, it is used in investigations of fraud by employees, tax evasion, professional negligence
cases (e.g. if you want to sue an auditor for negligence, you would request a separate forensic audit
to determine how much the poor audit cost you) and determining the amount of the insurance claims.
It is done by financial experts who include certified fraud examiners
Although it is the courts that determine fraud, a forensic auditor may testify in court as an expert witness
and the forensic audit reports provide court with answers to the how, where, what why and who
questions.
State owned companies and institutions are required by law in several jurisdictions to have their affairs
examined by a public sector auditor. In many countries, public sector audits are conducted under the
supervision of the auditor general which is an institute responsible for strengthening public sector
accountability and governance and promoting transparency.
Public sector audit involves the scrutiny of the financial affairs of the state owned enterprises to assess
whether they have been operated in way which is in the best interest of the public and whether standard
procedures have been followed to comply with the requirements in place to promote transparency and good
governance (e.g. public sector procurement rules). Public sector audit therefore goes a step further than the
financial audit of private organizations which primarily focuses on the reliability of financial statements. Audits
of public sector companies are becoming increasingly concerned with the efficiency, effectiveness and
economy of resources used in state organizations which has given way for the development of value for
money audits.
Tax audit
Tax audits are conducted to assess the accuracy of the tax returns filed by a company and are therefore
used to determine the amount of any over or under assessment of tax liability towards the tax authorities. In
some jurisdictions, companies above a certain size are required to have tax audits after regular intervals
while in other jurisdictions random companies are selected for tax audits through the operation of a balloting
system.
Information system audit involves the assessment of the controls relevant to the IT infrastructure within an
organization. Information system audits may be performed as part of the internal control assessment during
internal or external audit.
Environmental & Social Audits involve the assessment of environmental and social footprints that an
organization leaves as a consequence of its economic activities. The need for environmental auditing is
increasing due to higher number of companies providing environment and sustainability reports in their
annual report describing the impact of their business activities on the environment and society and the
initiatives taken by them to reduce any adverse consequences.
Environmental auditing has provided a means for providing assurance on the accuracy of the statements and
claims made in such reports. If for example a company discloses the level of CO2 emissions during a period
in its sustainability report, an environment auditor would verify the assertion by gathering relevant audit
evidence.
Compliance audit
In many countries, companies are required to conduct specific audit engagements other than the statutory
audit to comply with the requirements of particular laws and regulations. Examples of such audits include:
Verification of reserves available for distribution to shareholders before the declaration of interim dividend
Audit of the statement of assets and liabilities submitted by a company at the time of liquidation
Performance of cost audit of manufacturing companies to verify the cost of production in order for a
regulator to determine the maximum price to be allowed after allowing a reasonable profit margin to
companies operating in a sensitive sector (e.g. pharmaceuticals industry)
Value for money audits involves the assessment of the efficiency, effectiveness and economy of an
organization's use of resources. Value for money audits are increasingly relevant to sectors which do not
have profit as their main objective such as the public sector and charities. They are usually performed as part
of internal audit or public sector audit.
Construction audit
This is an analysis of the costs incurred for a specific construction project. Activities may include an analysis
of the contracts granted to contractors, prices paid, overhead costs allowed for reimbursement, change
orders, and the timeliness of completion. The intent is to ensure that the costs incurred for a project were
reasonable.
This is an investigation of a specific area or individual when there is a suspicion of inappropriate or fraudulent
activity. The intent is to locate and remedy control breaches, as well as to collect evidence in case charges
are to be brought against someone.
Comprehensive audit
Usually includes compliance, performance and financial audits and is done to collect detailed evidence
needed to restructure an entity or to carry out fraud investigations.
Benefits of an audit
Provides reliable information to capital markets – this improves investor confidence, ensures that
capital is invested in the most profitable business and improves the efficiency of capital markets.
Enhances the credibility of financial statements, for example, audited financial statements:
- Are used by financial institutions to determine the capacity of loan repayments when evaluating
loan applications
- Are used by tax authorities as a basis for tax assessment
- May be used by workers to demand higher wages and salaries
Improves the stewardship function of management especially where management is separate from
ownership
Reduces the risk of fraud and error-regular audits may:
- Create fear among employees and act as a deterrent to fraud and errors
- Lead to detection of errors and frauds in financial statements and the incorporation of necessary
adjustments
Improvement of the internal control system as auditors give advice on ways of improving the
system.
Provide information in business acquisition/mergers-audited financial statements:
- Are used by prospective buyers to carry out due diligence on the business to be acquired
- Facilitate the negotiation of terms of new partners and the settlement of claims on the
retirement/death of existing partners.
Limitations of an audit
The auditor’s report cannot give absolute assurance (100%) that the financial statements are free from
material error and fraud. Auditors do not certify the financial statements are correct, but only express an
opinion. This is due to inherent limitations of an audit that arise from the nature of financial reporting, the
nature of audit and the need for the audit to be conducted within a reasonable period of time and at reasonable
cost.
Management use judgment in applying the financial reporting standards and laws when preparing
financial statements
Due to the inherent limitations of an audit, there is the risk that some material misstatements of the financial
statements may not be detected, even though the audit is properly planned and performed in accordance
with auditing standards.
Accounting is the process of recording, analyzing, summarizing and communicating financial information
about an entity in financial reports to various users to facilitate decision making. Accounting involves book-
keeping and the preparation of financial statements and is the responsibility of management.
On the hand, auditing is the independent examination of financial statements and accounting records (books
of accounts) and expression of an opinion on financial statements. Auditing does not involve the preparation
of the accounting records and the financial statements. However, auditors may offer such accounting services
to clients under separate contracts. However, even where the financial statements are prepared by the
auditor, there is still need for an audit. Generally one can say that auditing is done after accounting has taken
place.
Auditing is usually conducted at the end of the financial year while accounting is conducted throughout the
year i.e. it is a continuous process.
Auditing is guided by auditing standards and guidelines (ISAs) and supervised by professional bodies (like
the institute of certified public accountants of Uganda). As for accounting, it is guided by accounting standards
(IASs or IFRSs) and guidelines and supervised by management.
Auditing is conducted not only for the owners but also other stake holders whereas accounting is concluded
by management.
Auditing is based on accounting information which implies that accounting has to be done first and auditing
follows.
An Audit is carried out to ensure that the Statement of financial position (balance Sheet) and the profit
and Loss A/C show a true and fair picture. But, on the other hand, an investigation is carried out on for
some predefined purpose e.g. to know the financial position of the company or its earning capacity.
An Audit is limited only for an examination of the accounts of the concern but the investigation covers
not only examination of accounts, it involves probing deep into the matter and looking for required
information far behind the books whenever necessary.
The Investigation is not legally compulsory but audit is statutorily compulsory in case of joint stock
companies.
Auditing can only be conducted by a chartered accountant but it is not necessary that an investigator
must be a Chartered accountant.
An audit is always carried out on behalf of the owner of the business, but the investigation may be
conducted on behalf of the proprietor of the business, in case he suspects any fraud, or on behalf of the
outside parties.
An audit always relates to a period of 1 year or 6 months but the investigation may cover several years.
Investigation is done when the books of accounts are already subject to a regular audit i.e. the
investigation starts where the audit ends.
Unlike auditor, an investigator is not bound by accounting conventions, policies and disclosure requirements.