Financial Audit Manual Overview

1
Table of Contents
Introduction................................................................................................................ 9
A. Basis for Manual Preparation.........................................................................................................9
B. Scope of this Manual....................................................................................................................10
C. Project requirements and INTOSAI prerequisites.........................................................................10
D. COA Audit Framework..................................................................................................................11
Overview of the Financial Audit Manual....................................................................12
A. Objectives of Financial Audit........................................................................................................12
B. The Financial Statements Audit Process.......................................................................................12
C. Applying the INTOSAI Financial Audit Guidelines (ISSAI 2000-2999)............................................13
Section 1................................................................................................................... 14
Preliminary Engagement Activities............................................................................14
I. Ensuring Auditor’s Individual Declaration of Independence and Compliance with Relevant
Ethical Requirements....................................................................................................................14
II. Defining the Terms of Audit Engagement.....................................................................................15
A. Establishing the Terms of Audit Engagement............................................................................16
B. Communicating the Terms of Engagement................................................................................17
Appendix 1-1. Auditor’s Declaration of Independence and Compliance with Relevant Ethical
Requirements...............................................................................................................................19
Appendix 1-2. Engagement Letter with attached Management Representation Letter Format............22
Section 2................................................................................................................... 28
Planning Phase.......................................................................................................... 28
I. Preparing the Overall Audit Strategy............................................................................................28
II. Conducting Preliminary Risk Assessment.....................................................................................30
A. Understanding Risks Principles..................................................................................................30
B. Understanding the Audit Entity.................................................................................................31
C. Summarizing the Results of Preliminary Identification of Risks.................................................45
III. Conducting Final Risk Assessment................................................................................................48
A. Determining the Materiality Thresholds....................................................................................48
B. Assessing Risks and Determining Risk Responses......................................................................49
IV. Preparing the Audit Engagement Plan..........................................................................................55
A. Updating the Overall Audit Strategy..........................................................................................55
B. Preparing the Audit Program.....................................................................................................56
C. Preparing the Engagement Planning Memorandum.................................................................56
Appendix 2-1. Overall Audit Strategy.....................................................................................................58
Appendix 2-2. Understanding the Agency Template.............................................................................61
Appendix 2-2A. Critical Processes Template..........................................................................................63
Appendix 2-2B. Financial Accountability LogFrame...............................................................................64
Appendix 2-3. Agency-Level Controls Checklist.....................................................................................65
Appendix 2-3A. Control Activities – Cash Receipts checklist..................................................................78
Appendix 2-4. General Accounting Plan................................................................................................80
Appendix 2-5. Variance Analysis of Financial Statements......................................................................81
Appendix 2-6. Summary Report on the Preliminary Identification of Risks...........................................82
Appendix 2-7. Template on Determining Materiality Level...................................................................83
Appendix 2-8. Results of Risk Assessment at the Assertion Level..........................................................89
Appendix 2-9. Audit Program................................................................................................................90
Appendix 2-10. Engagement Planning Memorandum...........................................................................91
Section 3................................................................................................................... 92
Audit Execution Phase............................................................................................... 92
I. Execute Audit Tests......................................................................................................................92
A. Determining the Nature, Timing and Extent of Audit Procedures.............................................92
B. Preparing Audit Documentation and Gathering Audit Evidence..............................................106
C. Addressing Risk Areas that Need Specific Considerations.......................................................112
D. Summarizing Proposed Audit Adjustments and Evaluating Effects in the Audit Opinion........120
II. Summarize Audit Observations and Recommendations and Communicate with Those
Charged with Governance..........................................................................................................122
A. Areas for Consideration in Summarizing Audit Observations..................................................122
B. Communicate with Those Charged with Governance..............................................................124
C. Elements of Audit Observation................................................................................................126
D. Performing Review of Overall Audit Work...............................................................................127
E. Tracking Status of Prior Years’ Recommendations..................................................................128
III. Conduct Exit Conference............................................................................................................129
Appendix 3-1. Summary of Audit Observations and Recommendations.............................................130
Appendix 3-2. Affirmation of Audit Team’s Independence and Compliance with Ethical
Standards....................................................................................................................................131
Appendix 3-3. Recommendations Tracking Sheet...............................................................................132
Section 4................................................................................................................. 133
Reporting Phase...................................................................................................... 133
I. Write the Independent Auditor’s Report....................................................................................134
A. Forming an Audit Opinion........................................................................................................134
B. Forms of Independent Auditor’s Report..................................................................................142
II. Specific Elements of the Independent Auditor’s Report.............................................................150
A. Title..........................................................................................................................................150
B. Addressee................................................................................................................................150
C. Report on the Audit of Financial Statements...........................................................................151
D. Report on Other Legal and Regulatory Requirements/ Supplementary Information..............164
E. Name of the Engagement Partner...........................................................................................167
F. Signature of the Auditor..........................................................................................................167
G. Auditor’s Address....................................................................................................................167
H. Date of the Independent Auditor’s Report..............................................................................167
III. Comparative Information...........................................................................................................167
A. Corresponding Figures and Comparative Financial Statements...............................................167
A.1. Corresponding Figures.............................................................................................................168
A.2. Comparative Financial Statements..........................................................................................169
IV. Types of Audit Report.................................................................................................................169
Appendix 4-1A. Illustration of Cases for Modified Opinion..................................................................171
Section 5................................................................................................................. 175
Quality Control Review............................................................................................ 175
I. Quality Control versus Quality Assurance...................................................................................175
II. Responsibility for Quality Control System and Quality Control Procedures...............................175
III. Quality Control Review Process in COA......................................................................................176
IV. Quality Control Documents........................................................................................................176
V. Quality Control Review Documents............................................................................................177
Appendix 5-1. Completion Compliance Checklist................................................................................179
3
Appendix 5-2. Auditee Feedback Sheet...............................................................................................187
Appendix 5-3. Supervising Auditor/Regional Supervising Auditor’s Evaluation Form..........................190
Appendix 5-4. Director’s Evaluation Form...........................................................................................191
Appendix 5-5. Financial Management Performance Rating.................................................................192
Appendix 5-5A. Financial Management Performance Rating..............................................................194
Works Cited............................................................................................................. 197
Technical Working Group and Resource Persons......................................................198
List of Exhibits
Exhibit 1. General principles of public sector auditing in the audit of financial statements........................8
Exhibit 2. COA Audit Framework...............................................................................................................11
Exhibit 3. Audit Activities by Phase............................................................................................................12
Exhibit 4. Risk assessment procedures for going concern assumption......................................................37
Exhibit 5. Diagramming Tool....................................................................................................................126
Exhibit 6. Decision Tree in Preparing the Auditor's Report......................................................................134
Exhibit 7. Summary of Reporting Phase activities....................................................................................140
Exhibit 8. Quality Control Documents.....................................................................................................177
List of Tables
Table 1. The link between general auditing principles and financial audit specific requirements...............9
Table 2. ISSAIs related to written representations....................................................................................16
Table 3. Sources of financial information..................................................................................................31
Table 4. Principles of Internal Control.......................................................................................................33
Table 5. Examples of conditions and events that may indicate risks of material misstatements..............44
Table 6. Assertions in considering misstatements.....................................................................................45
Table 7. Other ISSAIs for consideration.....................................................................................................45
Table 8. Examples of Risks.........................................................................................................................48
Table 9. Risk Decision Table.......................................................................................................................53
Table 10. List of Current Audit File and Permanent Audit File.................................................................107
Table 11. ISSAI 2540 requirements..........................................................................................................115
Table 12. Summary of Modifications of the Independent Auditor’s Report............................................147
Table 13. Levels of Quality Control Review..............................................................................................175
List of Illustrations
Illustration 1. Working Paper on Preliminary data analysis.......................................................................31
Illustration 2. Walkthrough Analysis for Source Agency – Fund Transfer Account....................................35
Illustration 3. Sample Working Paper on the Evaluation of Confirmation Replies.....................................99
Illustration 4. Sample Trend Analysis.......................................................................................................102
4
Illustration 5. Proposed Summary WP in Substantive Test......................................................................105
Illustration 6. Sample Top Schedule and Audit Conclusion......................................................................108
Illustration 7. Summary of Proposed Audit Adjustments........................................................................119
Illustration 8. Summary of Uncorrected Misstatements..........................................................................121
Illustration 9. Sample - Elements of an Audit Observation......................................................................126
Illustration 10. Sample - Audit Recommendation....................................................................................126
List of Annexes
Annex 1 – IPSAS Disclosure Checklist............................................................................................................i
Annex 2 – PFRS Disclosure Checklist............................................................................................................ii
5
List of Acronyms
Acronym Definition
AAPSI Agency Action Plan and Status of Implementation
AAR Annual Audit Report
ADA Advice to Debit Account
ADADJ Advice to Debit Account Disbursements Journal
ADB Asian Development Bank
AICF Agency's Internal Control Framework
ALCC Agency-Level Controls Checklist
AM Audit Memorandum
AOM Audit Observation Memorandum
AP Audit Program
APMT Action Plan Monitoring Tool
ASEAN Association of Southeast Asian Nations
ATL Audit Team Leader
ATM Audit Team Member
CAAR Consolidated Annual Audit Report
CAATs Computer assisted audit techniques
CAF Current Audit File
CD Cluster Director
CGS Corporate Government Sector
COA Commission on Audit
COE COA Order of Execution
CPSE Commercial Public Sector Entity
CR Control Risk
CRDC Consolidated Report of Daily Collections
DV Disbursement Voucher
EPM Engagement Planning Memorandum
FOU Field Operating Units
FRF Financial Reporting Framework
FS Financial Statements
GAM Government Accounting Manual
GAP General Accounting Plan
GL General Ledger
IAR Independent Auditor’s Report
ICPPP Internal Control Policy, Procedures and Practices
IDI INTOSAI Development Initiative
INTOSAI International Organization of Supreme Audit Institutions
IR Inherent Risk
ICSPPS Internal Control Standards for Philippine Public Sector
IPSAS International Public Sector Accounting Standards
6
Acronym Definition
ISQC International Standard on Quality Control
ISSAI International Standards of Supreme Audit Institutions
JEV Journal Entry Voucher
KAM Key Audit Matters
LGU Local Government Unit
ML Management Letter
MOA Memorandum of Agreement
MRL Management Representation Letter
MT Materiality Template
NC Notice of Charge
ND Notice of Disallowance
NFD Notice of Finality of Decision
NGO Non-government organization
NS Notice of Suspension
OAS Overall Audit Strategy
OR Official Receipt
PAF Permanent Audit File
PD Presidential Decree
PDA Preliminary data analysis
PFRS Philippine Financial Reporting Standards
PPE Property, Plant and Equipment
QCR Quality Control Review
R-CDTA Regional Capacity Development Technical Assistance
RA Republic Act
RANTA Registry of Notice of Transfer Allocation
RBFAM Risk-Based Financial Audit Manual
RD Regional Director
RMM Risk of Material Misstatement
RRAAL Results of Risk Assessment at the Assertion Level
RSA Regional Supervising Auditor
RTS Recommendation Tracking Sheet
SA Supervising Auditor
SAI Supreme Audit Institution
SAOR Summary of Audit Observations and Recommendations
SCBAA Statement of Comparison of Budget and Actual Amounts
SCF Statement of Cash Flows
SFPer Statement of Financial Performance
SFPos Statement of Financial Position
SRPIR Summary Report on Preliminary Identification of Risks
UTA Understanding the Agency
WP Working Paper
7
Introduction
A. Basis for Manual Preparation
1. The Commission on Audit entered into an agreement with the Asian Development Bank for the
Regional Capacity Development Technical Assistance (R-CDTA) entitled Enhancing the Roles of
Supreme Audit Institutions in Selected Association of Southeast Asian Nations (ASEAN). The project
was funded by the Japan Fund for Poverty Reduction. The agreement was signed on February 27,
2015, and the Project was jump started in early 2016.
2. The Project aims to increase compliance with international standards on public sector financial
audits of the participating SAIs by at least 20%. This objective agrees with a similar strategy of the IDI
for the SAIs to adopt the INTOSAI audit guidelines so that they can meet the expectations of their
stakeholders through quality audits and ultimately strengthen the accountability of government.
The cause and effect relationship of the INTOSAI principles vis-à-vis public sector accountability is
demonstrated as follows:
Exhibit 1. General principles of public sector auditing in the audit of financial statements
Principles of Value added

financial audit through the
The Level 4 According to
financial audits
Financial Audit ISSAI 20, SAIs
ISSAIs can be used contribute to
ISSAI 100 ISSAI 200 explains as authoritative the
lists 8 those principles in standards in the strengthening of
general the context of audit practice or public sector
principles financial auditing used as an accountability
for public and those are example for best
sector elaborated further practice of
auditing on ISSAIs at level 4 financial audits in
the public sector
General
principles of
public sector Financial audit
auditing practice
3. In effect, the COA-ADB Financial Audit Manual will put into practice the IDI plan :
“to promote implementation of the INTOSAI audit principles by translating these into
audit procedures in the SAIs audit manuals and followed in the actual financial audit
practice of the SAI.The results for financial audits, communicated through audit reports
to the stakeholders; increase confidence of the stakeholders towards public sector
financial statements and enable better control over the use of taxpayers’ money.
Ultimately each financial audit will directly contribute to the SAIs role to strengthen
accountability, integrity, and transparency of governments and public sector entities.”
8
B. Scope of this Manual
4. The manual covers audit of general-purpose financial statements. Hence, auditors are required to
examine whether the financial statements are categorized as general-purpose or special-purpose.
5. For those which are categorized as special-purpose financial statements, ISSAI 2800 applies. This
deals with special considerations relevant to (a) the acceptance of the engagement; (b) the planning
and performance of the engagement; and (c) forming an opinion and reporting on the financial
statements. ISSAI 2800 does not supersede the requirements of other ISSAIs and merely applies
suppletorily.
6. Audits covered by ISSAI 2800 shall be conducted in accordance with the audit requirements as
agreed upon by the auditee and the Commission based on the respective Terms of Reference or
similar documents.
7. In this manual, the terms management/agency/unit/corporation are used interchangeably and refer
to the auditee.
C. Project requirements and INTOSAI prerequisites
8. A briefer on the INTOSAI fundamental prerequisites, fundamental principles and the ISSAI financial
audit guidelines is necessary to better explain their being considered as benchmarks of this Financial
Audit Manual.
9. The ISSAI Framework is structured in four levels: Level 1: Founding Principles; Level 2: Prerequisites
for the Functioning of SAIs; Level 3: Fundamental Auditing Principles; and, Level 4: Auditing
Guidelines.
10. The eight Fundamental Auditing Principles of Level 3, which are listed below, are the key elements
of public sector auditing regardless of the mandate of the SAI or the type of audits to be conducted.
These Principles and the Level 4 Auditing Guidelines (which are based on the detailed guidelines of
the Principles) are guides in preparing the Financial Audit Manual. The link is illustrated in this IDI
table showing the Principles, ISSAI guidelines and COA’s existing policies and practices as well as the
application of the principles in this Manual.
Table 1. The link between general auditing principles and financial audit specific requirements
General
COA’s existing policy and application of the
Auditing Principle explanation in ISSAI 100
principles in this Manual
Principle
Ethics and Auditors should comply with COA has adopted the Revised Code of Conduct and
independence relevant ethical requirements and Ethical Standards for COA Officials and Employees
be independent. under Resolution No. 2018-010 dated February 1,
2018.
Professional Auditors should maintain an This is emphasized under Section 1 (Preliminary
judgment, due appropriate professional behavior Engagement Activities) of this Manual and
care and by applying professional skepticism, throughout the entire audit process.
skepticism professional judgment and due care
throughout the audit.
Quality control Auditors should perform the audit The audit tools to assist and guide auditors in
9
General
COA’s existing policy and application of the
Auditing Principle explanation in ISSAI 100
principles in this Manual
Principle
in accordance with professional ensuring the quality of audit are prescribed in the
standards on quality control. Manual. The auditors’ compliance with the Manual
will be assessed using the Quality Control
Documents prescribed under Section 5 of this
Manual.
Audit team Auditors should possess or have The training of auditors is a continuous activity.
management access to the necessary skills. They will be trained on the use of audit tools
and skills prescribed in the Manual and subsequent
issuances to keep them updated on international
standards.
Audit risk Auditors should manage the risks of The adoption of the Manual will address this
providing an inappropriate report in concern.
the circumstances of the audit.
Materiality Auditors should consider The determination of materiality threshold is
materiality throughout the audit prescribed under COA Resolution No. 2019-016
process. dated June 25, 2019.
Documentation Auditors should prepare audit The auditor shall be guided by the step by step
documentation in sufficient detail procedures provided in Section 3 Part I.C. of this
to provide a clear understanding of Manual.
work performed, evidence obtained
and conclusions reached.
Communication Auditors should establish effective The auditors maintain open communication with
communication throughout the the auditees which is also defined in the Audit
audit process. Terms of Engagement proposed in the Manual.
11. The Plan of action towards full compliance with the ISSAI is based on the IDI recommended
approach, subject to the SAI’s own development selection requirements.
D. COA Audit Framework
12. Presented below as Exhibit 2 is a graphical presentation of the COA Audit Framework common to all
audit streams – Financial Audit, Compliance Audit and Performance Audit. The orange box displays
the Strategic Audit Planning and Risk Identification comprising the Preliminary Engagement,
Planning, Execution and Reporting. The blue box displays the four stages of the audit giving
important consideration on quality control encompassing all four stages.
10
Exhibit 2. COA Audit Framework
Strategic Planning and Risk Identification
Preliminary Engagement
FINANCIAL
AUDIT
PE AU
DI CE
RF
AU LIAN
OR DIT
T
M
P
M
AN
CO
CE
Quality Control
Overview of the Financial Audit Manual
A. Objectives of Financial Audit
1. The objectives of a financial audit in the public sector are often broader than expressing an opinion
whether the financial statements have been prepared, in all material respects, in accordance with
the applicable financial reporting framework (i.e. the scope of the ISSAIs). The audit mandate, or
obligations for public sector entities, arising from legislation, regulation, ministerial directives,
government policy requirements, or resolutions of the legislature may result in additional
objectives. These additional objectives, which may be of equal importance to the opinion on the
financial statements, may include audit and reporting responsibilities, for example, relating to
reporting whether public sector auditors found any instances of non-compliance with authorities
including budgets and accountability frameworks, and/or reporting on the effectiveness of internal
control. However, even when there are no such additional objectives, there may be general public
expectations in regard to public sector auditors’ reporting of non-compliance with authorities or
reporting on effectiveness of internal control. Such additional responsibilities would be reported in a
separate section of the auditor’s report. In complying with these responsibilities, the auditor shall
observe each requirement of an ISSAI, unless, the entire ISSAI is not relevant or the requirement is
conditional and such condition does not exist. In exceptional circumstances, the auditor may judge it
necessary to depart from a relevant requirement in an ISSAI. In such circumstances, the auditor shall
perform alternative audit procedures to achieve the aim of that requirement. The need for the
auditor to depart from a relevant requirement is expected to arise only where the requirement is for
a specific procedure to be performed and, in the specific circumstances of the audit, that procedure
would be ineffective in achieving the aim of the requirement.
B. The Financial Statements Audit Process
2. The financial audit guidelines are explained with the aid of illustrations and suggested templates for
use as the case may be.
3. Guidelines are divided in five main sections excluding this Overview section:
Section 1: Preliminary Engagement Activities; Section 3: Audit Execution Phase;

Section 2: Planning Phase; Section 4: Reporting Phase; and,
11
Section 5: Quality Control Review.
4. Exhibit 3 presented as follows identifies the more important aspects discussed in each of the
sections and the applicable ISSAI.
Exhibit 3. Audit Activities by Phase

Ensure engagement team’s independence and compliance with ethical standards (ISSAIs 2200; 2220)
Preliminary
Define the terms of engagement (ISSAIs 2210; 2260)
QUALITY CONTROL
Engagement
Obtain management representation letter (ISSAI 2580)
 Prepare overall audit strategy (ISSAI 2300)
 Understand the audit entity (ISSAI 2240; 2250; 2265; 2300; 2315; 2550; 2610)
 Summarize results of preliminary identification of risks (ISSAI 2315; 2610)
Planning
 Determine materiality thresholds (ISSAI 2320)
 Assess risks and determine risk responses (ISSAIs 2315; 2330)
 Prepare audit engagement plan (ISSAI 2300)
Execute audit tests (ISSAIs 2260; 2230; 2500; 2501; 2520; 2530; 2540; 2560; 2600; 2450)
Execution Summarize audit observations and recommendations (ISSAI 2230; 2450)
Conduct exit conference (ISSAI 2230)
Evaluate misstatement (ISSAI 2450)

Reporting Obtain reaffirmation of management written representations (ISSAI 2580)
Form an audit opinion (ISSAI 2700 series; 2800; 2805)
Establish responsibility for quality control system and quality control procedures (ISSAI 2220)
Quality Control
Quality Control Review Process (ISSAI 2220)
Review
Document Quality Control Review Process (ISSAI 2220)
C. Applying the INTOSAI Financial Audit Guidelines (ISSAI 2000-2999)
5. The ISSAI 2700 notes that depending on the standards applied, the public sector auditors may refer
to relevant auditing standards in one of the following ways:
a) in accordance with national standards, which are based on [or consistent with] the Fundamental
Auditing Principles (ISSAIs 100-999) of the International Standards of Supreme Audit Institutions
(refer to ISSAI 200.12);
b) in accordance with international standards (ISSAIs 2000-2999) (refer to ISSAI 200.13a);
c) in accordance with ISSAIs (refer to ISSAI 200.13b)
COA has adopted the INTOSAI Financial Audit Guidelines under COA Resolution Nos. 2013-007,
2014-011, and 2016-007.
12
Section 1
Preliminary Engagement Activities
1. Under Presidential Decree 1445 (PD 1445) or the Government Auditing Code of the Philippines, the
COA operates under the audit residency approach where government auditors and COA-assigned
administrative staff have the legal right to hold office in COA resident audit offices based in the
audited agencies.
2. Residency audits are justified by the multifarious audit and non-audit functions performed on a
year-round basis by the COA Auditors. Aside from audits (financial, compliance, initial fraud reviews,
post audit of transactions, cash examinations of cash accountable officers), they perform non-audit
related functions required by law including the custody of vouchers and witnessing of asset
disposals; among others. Given the power of the Commission under PD 1445 to institute measures
designed to preserve and ensure the independence of its representatives, COA is moving its auditors
by phase from the premises of the auditees to the Satellite Audit Offices, subject to availability of
facilities.
3. With the mandate of COA under the Constitution and the PD 1445, there are certain ISSAI
requirements which can be done away with:
a. a review of the auditee’s professional and ethical practices as the results cannot be used as basis
for deciding whether to accept or not to accept and/or to continue with the engagement under
ISSAI 2220. COA is mandated under the Constitution and the PD 1445 to conduct audit of all
government agencies and instrumentalities. Unethical practices constitute “corrupt acts” under
Republic Act (R.A.) 3019, the Anti-Graft and Corrupt Practices Act, and R.A. 6713, the Code of
Conduct and Ethical Standards for Public Officials and Employees, and must be considered by
the COA Auditor; and,
b. the need for management conformity with the terms of engagement under ISSAI 2210. COA
audits are mandated by law and the auditee has no discretion to refuse audit. The engagement
terms, which are contained in a formal letter issued to the Agency (discussed in this Section),
must be explained during the entrance conference for easy understanding and compliance by
the agency.
4. Preliminary engagement activities will involve:
I. Ensuring Auditor’s Individual Declaration of Independence and Compliance with Relevant

Ethical Requirements; and,
II. Defining the Terms of Audit Engagement.
I. Ensuring Auditor’s Individual Declaration of Independence and Compliance with Relevant Ethical
Requirements
5. The purpose of FS audit is to enhance the degree of confidence of intended users in FS. This is
achieved by the expression of an opinion by the auditor on whether the FS are prepared, in all
material respects, in accordance with an applicable FRF. In the case of most general purpose
frameworks, the opinion is on whether the FS are presented fairly, in all material respects in
13
accordance with the framework. An audit conducted in accordance with the standards and relevant
ethical requirements enables the auditor to form that opinion, which is required under ISSAI 2200.
6. The audit team is also required under ISSAI 2220 to implement quality control procedures at the
engagement level to have a reasonable assurance that:
a. The audit complies with professional standards and applicable legal and regulatory
requirements; and,
b. The auditor’s report issued is appropriate in the circumstances.
7. To ensure COA stakeholders that the audits conducted are in accordance with international
standards, the SA/RSA, ATL and Audit Team Members shall execute their respective Auditor’s
Declaration of Independence and Compliance with Relevant Ethical Requirements as prescribed
under COA Resolution No. 2020-003 dated January 24, 2020 (Appendix 1-1). This is also in line with
the adoption of the Revised Code of Conduct and Ethical Standards for COA Officials and Employees
under COA Resolution No. 2018-010 dated February 1, 2018.
8. Throughout the audit engagement, the CD/RD shall ensure that:
a. They comply with relevant ethical requirements prescribed under COA Resolution No. 2018-010.
b. There are no threats to the independence of the auditors.
c. The engagement team collectively possesses appropriate competence and capabilities to: (i)
perform the audit engagement in accordance with professional standards and applicable legal
and regulatory requirements; and (ii) issue an auditor’s report that is appropriate in the
circumstances.
d. Due professional care is exercised. Due professional care requires the auditor to
exercise professional skepticism, an attitude that includes a questioning mind and a critical
assessment of audit evidence and to use the knowledge, skill, and ability called for by the
profession of public accounting to diligently:
i. Gather and objectively evaluate evidence;

ii. Gauge the experience and qualification level of an audit staff in relation to the audit
area/s where he/she is assigned. More experienced staff or those with special skills and
expertise are assigned to assertions and accounts with high risk. Technical audit staff such
as civil engineers should be requested when the audit requires an evaluation of
infrastructure projects;
iii. Exercise closer supervision over critical areas especially where fraud was uncovered; and,
iv. Identify areas where additional elements of unpredictability should be incorporated in the
audit procedures that need to be performed.
II. Defining the Terms of Audit Engagement
9. The two sub-steps in undertaking this particular activity are: Establishing the terms of Audit
Engagement; and, Communicating the Terms of Audit Engagement with those charged with
governance.
14
A. Establishing the Terms of Audit Engagement
10. The terms of the audit engagement required under ISSAI 2210 shall be established before the
commencement of the audit of a certain financial period through the yearly issuance of the audit
engagement letter (Appendix 1-2) or other suitable form of written engagement, and as may be
necessary if there are revisions to the terms or to remind the management of existing terms,
considering the following factors:
a. Any indication that the entity misunderstands the objective and scope of the audit;
b. Any revised or special terms of the audit engagement;
c. A recent change of senior management;
d. A significant change in nature or size of the entity’s business;
e. A change in legal or regulatory requirements;
f. A change in the financial reporting framework adopted in the preparation of the financial
statements; and
g. A change in other reporting requirements. (ISSAI 2210, para. A30)
11. The audit engagement letter (Appendix 1-2) or other suitable form of written engagement shall be
issued yearly for each audit engagement shall include: (a) the objective and scope of the audit of the
financial statements; (b) the responsibilities of the auditor; (c) the responsibilities of management;
(d) identification of the applicable financial reporting framework which is IPSAS or PFRS, for the
preparation of the financial statements; (e) reference to the expected form and content of any
reports to be issued by the auditor; and, (f) a statement that there may be circumstances in which a
report may differ from its expected form and content.
12. This letter shall also specify the required disclosures for inclusion in the Notes to FS, particularly,
Related Parties, Claims and Litigations and Segment Accounting, if these exist; the performance
review to be done on the financial accounting and reporting practices of the auditee; the deadline
for the submission of a final Management written representation and the requests for copies of
specific reports and appointments for interview.
13. Written representation is a written statement provided by management, and where appropriate,
those charged with governance to confirm certain matters or support other audit evidence. It also
contains management’s representation that:
a. It has fulfilled its responsibilities for the preparation and fair presentation of FS in accordance
with applicable FRF;
b. It has provided the auditors with all relevant information and access as required in the
Engagement Letter. The management’s responsibility as discussed in the Engagement Letter
shall be included in the written representation;
c. All transactions have been recorded and are reflected in the FS; and,
d. Other concerns such as propriety of selection and application of accounting policies, compliance
with applicable frameworks in terms of recognition, measurement and presentation of accounts
and disclosures, and specific assertions in the FS.
15
14. Written representations are particularly required under the following ISSAIs:
Table 2. ISSAIs related to written representations

ISSAI Subject
2240 The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements (para. 39)
2250 Consideration of Laws and Regulations in an Audit of Financial Statements (para. 16)
2450 Evaluation of Misstatements Identified during the Audit (para. 14)
2501 Audit Evidence – Specific Considerations for Selected Items (para. 12)
2540 Auditing Accounting Estimates, including Fair Value Accounting Estimates and Related Disclosures
(para. 22)
2550 Related Parties (para. 26)
2560 Subsequent Events (par. 9)
2570 Going Concern (para. 16e)
2580 Written Representations
2710 Comparative Information (para. 9)
15. The Management Representation Letter should be issued as near as practicable to, but not after, the
date of the auditor’s report on the FS. The written representations shall be for all FS and period(s)
referred to in the auditor’s report (ISSAI 2580, para. 14).
16. The MRL, required under ISSAI 2580, is in addition to the Statement of Management’s
Responsibility, prescribed under COA Circular Nos. 2015-002 dated March 9, 2015 and 2015-004
dated July 16, 2015.
17. If the auditor did not receive the requested written representation or doubts the competence,
integrity, ethical value or diligence of management, or its commitment to, or enforcement thereof,
in particular, if written representations are inconsistent with other audit evidence, and the matter
remained unresolved despite additional audit procedures performed, the auditor shall determine
the effect that such concerns or non-submission thereof, may have on the reliability of oral or
written representations and audit evidence in general.
18. For foreign assisted projects, the engagement letter will consider the requirements of the foreign
lending/grantor institution.
B. Communicating the Terms of Engagement
19. The engagement letter shall be issued to management or to those charged with governance. This is
being issued to formally inform the auditee of the audit requirements, including the responsibilities
of the auditor and the auditee, and as a matter of professional courtesy and engagement direction.
After the engagement letter is formally acknowledged as received, the audit team shall arrange for
an entrance conference taking into consideration the availability of management, to discuss the
conditions cited in the terms of engagement including the planned scope, timing of the audit,
significant risks identified by the auditor and the Financial Performance Management Rating for the
previous audit period. There is no need to seek conformity by the auditees with the terms of
engagement because COA is constitutionally and legally mandated to audit all government agencies.
However, the auditee’s cooperation and assistance should be sought specifically on their
16
responsibilities under the terms of engagement, such as submission of required documents or
schedules, and availability in meetings or interviews on dates agreed upon during the entrance
conference or meeting.
20. The engagement letter issued by the auditor of the head office/region/component with complete
set of books shall automatically cover the audit of component/field offices without complete set of
books. The auditors assigned to those offices need not issue a separate engagement letter.
17
Appendix 1-1. Auditor’s Declaration of Independence and Compliance with
Relevant Ethical Requirements
(Template from COA Resolution No. 2020-003 dated Jan. 29, 2020)
Auditor’s Declaration of Independence and Compliance

with Relevant Ethical Requirements
(Individual Declaration Form)
As [team member/team leader/supervising auditor], I am part of the audit group/team of

[name of the agency] that will conduct the following audit(s) for [period covered]:
£ Financial Audit
£ Performance Audit: [Audit topic]
£ Compliance Audit: [subject matter]
£ Other Assurance engagement: ____(please specify)____
A. Declaration of Independence and Compliance with Relevant Ethical Requirements
For the purpose of this audit, I declare that, to the best of my knowledge (please put a
check mark ‘’ on the box):
£ I do not have relatives within the fourth civil degree of consanguinity or affinity
who are directors, officers or holding financial reporting functions in the auditee;
£ I, or any members of my family within fourth civil degree of consanguinity or

affinity, do not have any business relationships with or financial interest in the
auditee or any of its directors, officers and employees that would compromise my
independence;
£ I have not been previously employed with the auditee within the last five years;
and
£ I have not received in the past and will refuse and benefits, gifts, gratuities or
preferential treatment from persons employed by or associated with the auditee
that would compromise my independence and objectivity.
In addition:
 I will not provide any professional service to the entity relating to the financial
information being audited or related to management responsibilities or power that
would compromise my objectivity;
 I will perform the audit with the highest degree of excellence and professionalism
and in accordance with applicable auditing standards;
18
 I will perform the audit with honesty, integrity, impartiality and political neutrality;
 I will exercise due professional care in conducting/supervising the audit and in

preparing the audit reports;
 I will protect the confidentiality of information obtained during the audit process
and will not disclose such information to third parties, unless the law or an
appropriate court requires me to do so; and
 I will abide with the provisions of Rule III of the Revised Code of Conduct and
Ethical Standards for Commission on Audit (COA) Officials and Employees per COA
Resolution No. 2018-010 dated February 1, 2018 and I understand that non-
compliance with the provision shall partake of the nature of an administrative
offense under the Civil Services Law.
B. Circumstances which may impair my compliance with the above statements: (Please
provide separate sheet as necessary)
B.1: Relatives of the auditee

Degree of Position held in
Name of the relative
relationship the auditee
B.2: Business interests in the auditee

Nature/Type of Business Interest
B.3: Previous employment with the auditee

Nature of Employment Duration
B.4: Other circumstances

Description
I hereby certify that I understand the requirements and responsibilities of the above
statements and that I have provided complete details of the circumstances which may
compromise my compliance. I also acknowledge that I am responsible in making timely
written notification in the event that any other circumstances arise during the audit period
that may affect compliance with this declaration.
Signature over printed name Date:____________

Positions (SAE II/SA IV/SA V)
Designation (SA/ATL/ATM)
19
20
CONCLUSION ON COMPLIANCE WITH
INDEPENDENCE AND RELEVANT ETHICAL REQUIREMENTS
Based on my knowledge and belief, and after considering the results of my interview and
validation of the declared statements of [indicate name of the audit team member/ATL/SA],
I conclude that there are no indicators of non-compliance with the requirements. Any
existing conditions that may impair compliance with independence and ethical requirements
have been eliminated or reduced to an acceptable level as follows:
Risks of Non-compliance Disposition/Safeguards
Signature over printed name Date:_____________

Assistant Cluster or Assistant Regional Director/
Supervising Auditor/Audit Team Leader
21
Appendix 1-2. Engagement Letter with attached Management Representation
Letter Format
REPUBLIC OF THE PHILIPPINES

COMMISSION ON AUDIT
Commonwealth Avenue, Quezon City, Philippines
Date
AGENCY HEAD
Agency XYZ
Quezon City
Attention: Chief Accountant
Dear ______________;
Pursuant to the Philippine Constitution of 1987, Article IX-D, Section 2, the Commission on Audit (COA) shall
examine, audit, and settle all accounts pertaining to the revenue and receipts of, and expenditures or uses of
funds and property, owned or held in trust by, or pertaining to, the Government, or any of its subdivisions,
agencies, or instrumentalities. In this connection, the COA Audit Team will audit your Agency’s financial reports
and financial reporting processes for the year ended xxx.
A. Audit objectives
1. The objectives of this audit are as follows:
1.1 Express an opinion on whether your financial statements are fairly presented, in all material
respects, in accordance with International Public Sector Accounting Standards (IPSAS)/Philippine
Financial Reporting Standards (PFRS);
1.2 Communicate whether the internal control, particularly those affecting accounting and financial
reporting systems, are operating effectively to provide reasonable assurance that misstatements,
losses, or non-compliance would be reported in a timely basis; and
1.3 Communicate the results of tests of compliance with selected provisions of laws and regulations,
including budgets and accountability issues, and details of audit suspensions, charges and
disallowances identified during the audit.
B. Auditor’s responsibilities
2. We will conduct our audits in accordance with International Standards of Supreme Audit Institutions
(ISSAIs) issued by the International Organization of Supreme Audit Institutions (INTOSAI) to which the
Commission is a member. Those standards require that we comply with ethical requirements and plan
and perform the audit to obtain reasonable assurance about whether the financial statements are free
from material misstatement and comply with applicable laws and regulations.
3. We will perform procedures to obtain audit evidence about amounts and disclosures in the financial
statements. The procedures selected depend on the auditor’s judgment, including assessment of the
risks of material misstatement of the financial statements; whether due to fraud or error. In making
those risk assessments, we will limit internal control testing to those controls over financial reporting
and compliance issues which we consider critical based on our experienced professional judgment.
However, we will not test compliance with all laws and regulations applicable to the Agency. We
caution that non-compliance may occur and not be detected by these tests and that such testing may
not be sufficient for other purposes.
4. Our procedures will include internal control review; examination of documents/records/reports;
22
analysis, confirmation and inspection of selected accounts, transactions and projects, as necessary.
5. We will communicate in writing any significant deficiencies and material weaknesses that come to our
attention as a result of the audit. In addition, we will communicate suggestions to improve agency
operations and address control deficiencies identified during our audit.
6. We will issue Annual Audit Report containing the IAR and Observations and Recommendations for
those with complete sets of books.
C. Agency Financial Management Performance
7. As part of the audit, we will assess agency financial management performance.
D. Audit Limitations
8. Although the audit is designed to provide reasonable assurance of detecting errors and irregularities
that are material to the financial statements, it is not designed and cannot be relied upon to disclose all
fraud, defalcations, or other irregularities. However, we will inform you of any material errors, and all
irregularities or illegal acts, unless they are clearly inconsequential, that come to our attention.
E. Agency’s responsibilities
9. Management is responsible for:
9.1 The preparation and fair presentation of the following financial statements in accordance with
IPSAS/IFRS and submission of the same on deadlines set by the Commission on Audit:
9.1.1 Statement of Financial Position

9.1.2 Statement of Financial Performance/Statement of Comprehensive Income/
Statement of Profit or Loss
9.1.3 Statement of Cash Flows
9.1.4 Statement of Changes in Net Assets/Equity/Statement of Changes in Equity
9.1.5 Statement of Comparison of Budgets and Actual Amounts
9.1.6 Notes to Financial Statements
9.2 Making all financial records and reports, and related information available to us and for adjusting
the financial statements to correct material misstatements, and other information as required
under ISSAI 2720;
9.3 Issuing the Management Representation Letter (MRL) duly signed by the Chief Accountant/Head of
Finance Group and the Head of the Agency/Authorized Representative upon the submission of the
financial statements to be updated as near as practicable to, but not after, the date of the auditor’s
report on the financial statements as there are events occurring up to the date of the auditor’s
report that may require adjustment to or disclosure in the financial statements. (Sample MRL
format is attached for your reference. The management should include only provisions that are
relevant or applicable in the circumstances of the current audit.)
9.4 Submitting status of any pending claims and litigation involving the Agency, breakdown of related
party transactions and subsequent events which have to be adjusted and/or disclosed in the Notes
to Financial Statements; and
9.5 Such internal control as it determines necessary to enable the preparation of financial statements
that are free from material misstatement, whether due to fraud or error.
23
10. Management is encouraged to confer with the auditor as to the required formats of the financial
statements to facilitate compliance with the presentation requirements of the IPSAS/PFRS.
11. The audit of financial statements does not relieve management or those charged with governance of
their responsibilities.
F. Assistance from Management
12. We will request assistance for the following, among others:
12.1 Assignment of focal person/s to facilitate meetings and requests relative to the audit;
12.2 Preparing schedules or analyses and providing needed documents;
12.3 Conferring with your officials and staff to facilitate understanding of the agency operation;
12.4 Access to the work of internal auditors to facilitate review of internal control and risk
assessment related to audit of financial information;
12.5 Workspace for the duration of the audit as required; and
12.6 Facilitating the requirements of the audit team/s assigned to conduct field inspections and
observations.
G. Use and reproduction of COA audit reports
13. The working papers for this engagement are the property of the Commission on Audit and constitute
confidential information. However, certain documents may be made available upon request subject to
pertinent COA issuances. The Annual Audit Report, once released, will be published in the COA website,
for information of the public.
H. Audit Timelines
14. Subject to availability of requirements contained in this Letter, we expect to complete our audit and
transmit the required audited financial statements and report to management on or before ( indicate
the prescribed period).
I. Auditee’s Feedback on Audit Team’s Performance
15. After completion of the audit, the COA Central Office will send a Feedback Sheet to assess the team’s
performance as a way of improving the quality of our audits and our service to our audit clients. Please
send the filled in sheet duly signed by your Designated Official to the Office of the [Cluster/Region],
[Sector], Commission on Audit, Quezon City.
We look forward to your full cooperation during the audit.
Sincerely,
__Signature over Printed Name__

Cluster/Regional
Director
Date Received by the Agency:

By: Name and Signature:____________________
Stamp date and signed received
24
Letterhead of the Audited Agency
Date (near but never after the date of the Auditor’s Report)
Management Representation Letter
Cluster/Regional Director
Commission on Audit
Commonwealth Avenue
Quezon City
Attention: The Supervising Auditor
Subject: Name of Agency/Corporation/LGU/Project Being Audited
This representation letter is provided in connection with your audit of the financial statements of the
Agency/Corporation/LGU/Project for the year ended December 31, 20xx for the purpose of expressing opinion
as to whether the financial statements are presented fairly, in all material respects, in accordance with
International Public Sector Accounting Standards (IPSAS)/Philippine Financial Reporting Standards (PFRS) and as
to other terms required, if any.
Statement of Management's Responsibility for the Financial Statements
We affirm that the financial statements for the __(name of Agency/Corporation/LGU/Project)_ are
management's responsibility; that these were prepared in accordance with the IPSAS/PFRS, that all relevant
information was provided the Commission on Audit Team, that access to relevant information and records were
made available and that all transactions were recorded and reflected in the financial statements; and that all
instances of non-compliance of which we are aware of are disclosed to the COA audit team.
Specific Affirmations pertaining to the Financial Statements Provided to the Commission on Audit
We affirm that to the best of our knowledge and belief, having made such inquiries as we considered necessary
for the purpose of appropriately informing ourselves:
A. Financial Statements
We have fulfilled our responsibilities, as set out in the terms of the audit engagement dated (indicate date),
for the preparation of the financial statements in accordance with the IPSAS/PFRS:
1. In particular, the financial statements are free from material misstatements including omissions
and errors, and are fairly presented.
2. Significant assumptions used in making accounting estimates, including those measured at fair
value, are reasonable.
3. Related party relationships and transactions, if any, have been appropriately accounted for and
disclosed in accordance with the requirements of the IPSAS/PFRS.
4. All events subsequent to the date of the financial statements and for which IPSAS/PFRS require
adjustment or disclosure have been adjusted or disclosed.
5. All matters related to claims, litigations, assessments and dispute have been disclosed to COA by
our Legal Office and external legal counsel. All known actual or possible litigation and claims whose
effects should be considered when preparing the financial statements have been accounted for
and disclosed in accordance with the applicable financial reporting framework.
6. The effects of uncorrected misstatements are immaterial, both individually and in the aggregate,
to the financial statements as a whole. A list of the uncorrected misstatements is attached to the
25
representation letter. Financial statements are restated to correct material misstatements in prior
period financial statements that affect the comparative information.
7. The selection and application of accounting policies are appropriate.
8. The following have been recognized, measured, presented or disclosed in accordance with the
IPSAS/PFRS:
a. Plans or intentions that may affect the carrying value or classification of assets and liabilities;
b. Liabilities, both actual and contingent;
c. Title to, or control over, assets, the liens or encumbrances on assets, and assets pledged as
collateral; and
d. Aspects of laws, regulations and contractual agreements that may affect the financial
statements, including non-compliance.
9. Specific accounting estimates, including the methods, assumptions, data used, the related
disclosures and whether these are appropriate and in accordance with the applicable financial
reporting framework.
10. When some or all of the documents that comprise an annual report will not be available until after
the date of the auditor’s report, representation has been made that the final version of the
documents will be provided to the auditor when available, and prior to our issuance, such that the
auditor can complete the required procedures.
In preparing the financial statements, management is also responsible for assessing the
Agency/Corporation/LGU/Project’s ability to continue as a going concern, disclosing, as applicable, matters
related to going concern and using the going concern basis of accounting unless management either intends
to liquidate the Agency/Corporation/LGU/Project or to cease operations, or has no realistic alternative but
to do so.
B. Internal Control
1. We have assessed the effectiveness of the [Agency/Corporation/LGU/Project's] internal control in

achieving the following objectives:
a. Reliability of financial reporting;
b. Compliance with applicable laws and regulations;
c. Safeguarding of assets; and
d. Achievement of agency objectives.
2. We have disclosed to you all significant deficiencies in the design or operation of internal control
that could adversely affect the entity's ability to meet the internal control objectives and identified
those we believe to be material weaknesses.
3. There have been no changes to internal control subsequent to (date of latest audited financial
statements), or other factors that might significantly affect it. (If there were changes, describe
them, including any corrective actions taken with regard to any significant deficiencies or material
weaknesses.)
4. We acknowledge our responsibility for the design, implementation and maintenance of internal
control to prevent and detect fraud.
C. Compliance
1. The activities and financial transactions are in compliance with the relevant government rules and
regulations.
2. We have provided you with interpretation of compliance requirements that may have varying
interpretations.
3. All contracts, agreements and other correspondence have been made available.
4. We have disclosed all contracts and agreements with service organizations, including any
communications with those organizations related to instances of non-compliance.
5. The Agency/Corporation/LGU/Project has been operating effectively, throughout the period
26
covered by the audit.
D. Information Required
1. We have provided you with:

a. Access to all information deemed relevant to the preparation of the financial statements such
as records, documentation and other matters;
b. Additional information requested for the purpose of the audit; and
c. Unrestricted access to persons within the entity determined necessary to obtain audit
evidence.
2. All transactions have been recorded in the accounting records and are reflected in the financial
statements.
3. We have disclosed to you the specific results of our assessment of the risk indicating that the
financial statements may be materially misstated as a result of fraud.
4. We have disclosed to you all information in relation to fraud or suspected fraud that we are aware
of and that affects the entity and involves: management; employees who have significant roles in
internal control; or others where the fraud could have a material effect on the financial
statements.
5. We have disclosed to you all known instances of non-compliance or suspected non-compliance
with laws and regulations whose effects should be considered when preparing financial
statements.
6. We have disclosed to you the identity of related parties and all the related party relationships and
transactions of which we are aware.
Signed:
_____Signature over Printed Name____ _____Signature over Printed Name_____

Chief Accountant /Head of Finance Group Head of Agency/Authorized Representative
Date Date
27
28
Section 2
Planning Phase
1. Under ISSAI 2300, planning is not a discrete phase of an audit but rather a continual and iterative
process that often begins shortly after the completion of the previous audit and continues until the
completion of the current audit.
2. Planning activities involve the following steps:
I. Preparing the Overall Audit Strategy

II. Conducting Preliminary Risk Assessment
A. Understanding Risks Principles
B. Understanding the Audit Entity
a. Updating information base for financial audit and conducting preliminary risk assessment
1. Updating the understanding of the Agency’s Internal Control System (AICS)
2. Testing compliance with the General Accounting Plan (GAP) or other similar
documents
3. Financial statements analysis
b. Assessing other matters for consideration
1. Understanding Fraud Risks
2. Understanding risks from non-compliance with laws, rules and regulations
c. Assessing related parties
C. Summarizing the results of preliminary identification of risks
III. Conducting Final Risk Assessment

A. Determining the materiality threshold
B. Assessing risks and determining risk responses
a. Performing Risk assessment
b. Determining Risk responses
IV. Preparing the Audit Engagement Plan

A. Updating the Overall Audit Strategy
B. Preparing the Audit Program
C. Preparing the Engagement Planning Memorandum
I. Preparing the Overall Audit Strategy
3. Establishing the audit strategy involves setting the scope, timing and direction of the audit towards the
development of an Audit Engagement Plan. When developing the overall strategy, ISSAI 2300
identifies these concerns:
a. Identify the characteristics of the engagement that define its scope;

b. Ascertain the reporting objectives of the engagement to plan the timing of the audit and the
nature of the communications required;
c. Consider the factors that, in the auditor’s professional judgment, are significant in directing the
engagement team’s efforts;
29
d. Consider the results of preliminary engagement activities and, where applicable, whether
knowledge gained on other engagements performed by the engagement partner for the entity is
relevant; and,
e. Ascertain the nature, timing and extent of resources necessary to perform the engagement.
4. The overall audit strategy is a record of the key decisions considered necessary to properly plan the
audit and to communicate significant matters to the engagement team. The strategy will document
the decisions arising from conducting the planning steps. The specific details of risk assessment and
further audit procedures to be performed would be documented in the detailed audit plan.
5. When the risks of material misstatement have been identified and assessed, the overall strategy
(including timing, staffing, and supervision) can be finalized, and the detailed audit plan developed.
The detailed plan will set out the further audit procedures required at the assertion level that
responds to the identified and assessed risks.
6. The auditors can refer to Appendix of ISSAI 2300 for lists of examples of matters that the auditor may
consider in establishing the overall audit strategy.
7. The auditor shall plan the nature, timing and extent of direction and supervision of engagement team
members and the review of their work. (ISSAI 2300, para. 11) These may vary depending on many
factors, including:
 The size and complexity of the entity.

 The area of the audit.
 The assessed risks of material misstatement (for example, an increase in the assessed risk of
material misstatement for a given area of the audit ordinarily requires a corresponding increase
in the extent and timeliness of direction and supervision of engagement team members, and a
more detailed review of their work).
 The capabilities and competence of the individual team members performing the audit work.
ISSAI 2220 contains further guidance on the direction, supervision and review of audit work.
8. The involvement of the Engagement Quality Control Review (EQCR) and need for expert and IT
auditors should also be considered in the preparation of the OAS as well as in the detailed audit plan.
For the EQCR, the auditors should refer to COA Resolution 2019-018 and Memorandum 2019-016
both dated August 13, 2019 for the roles and responsibilities of the reviewer.
9. As work commences, changes may be required to the overall strategy and detailed plans to respond to
new circumstances, audit findings, and other information obtained. Any such changes are to be
documented along with the reasons in the audit documentation, such as the overall audit strategy or
audit plan.
10. A planning meeting should be scheduled well in advance of the commencement of fieldwork. This will
provide the time necessary to prepare or make changes in the detailed audit plan.
11. Team members should be encouraged to come to the meeting with a questioning mind, and be
prepared to participate and share information with an attitude of professional skepticism. They should
set aside any beliefs that management and those charged with governance are honest and have
30
integrity. The extent of the discussion should be influenced by the roles, experience, and the
information needs of the audit engagement team members.
12. Team discussions need not be confined to just the planning meeting. Audit team members should be
encouraged to communicate and share the information that they obtain throughout the audit on any
matters of relevance, particularly when it affects the assessment of risk and planned audit procedures.
13. The overall audit strategy is prepared by the ATL, reviewed by the SA/RSA and approved by the
CD/RD. The auditor may need to modify the overall audit strategy as the circumstances arise because
of unforeseen events, changes in conditions, or audit evidence obtained from the results of audit
procedures which require significant changes in strategy. These changes, while allowable, must be
approved by the CD/RD upon the recommendation of the SA/RSA. Frequent changes should be
avoided as these indicate poor planning. The overall audit strategy template is attached as Appendix
2-1 of this Section.
II. Conducting Preliminary Risk Assessment
A. Understanding Risks Principles
14. Based on paragraph 1.6.1 of RBFAM, risk is the probability of an act or event occurring that would
have an adverse effect in the achievement of an agency’s objectives. Thus, the threat that an event,
action or inaction will adversely affect the agency’s ability to successfully achieve its mandate and
objectives and execute its strategies is defined as the agency risk.
15. On the other hand, the risk that the auditor may express an inappropriate opinion on the FS is known
as audit risk. Although audit risks and agency risks are dissimilar in nature, it is often the case that
identification of significant agency risks leads to the detection of audit risks.
16. The three components of audit risks are:
a. Inherent risk is the susceptibility of an assertion, about a class of transaction, account balance or
disclosure to a misstatement that could be material, either individually or when aggregated with
other misstatements, before consideration of any related controls. (IRRBAM, para. 2.6.1 (b))
b. Control risk is the risk that a misstatement that could occur in an assertion about a class of
transaction, account balance or disclosure and that could be material, either individually or when
aggregated with other misstatements will not be prevented, or detected and corrected, on a
timely manner by the entity’s internal control. (IRRBAM, para. 2.6.1 (c))
c. Detection risk is the risk that the auditor’s procedures will not detect a misstatement that exists
in an assertion that could be material, individually or when aggregated with misstatements.
(RBFAM, para. 1.6.1)
17. The factors that may affect inherent risk assessment are:
a. Judgment – a high degree of judgment is involved in business transactions.

i. Degree of subjectivity
ii. Competence and experience of agency personnel
31
b. Estimates – significant estimates are included in transactions, which make it more likely that an
estimation error will be made.
i. Susceptibility to material misstatement
ii. Variations from expected amounts
iii. Transactions not subjected to routine processing
c. Complexity – the transactions in which a business engages are highly complex, and so are more
likely to be completed or recorded incorrectly.
i. Size and composition
ii. Effects of external factors
iii. Completion of unusual/complex transactions at or near period-end
18. The preliminary assessment of control risk is based on the following:
a. Evaluation of the design of controls done in Understanding the Process activity;

b. Information obtained from prior periods’ engagements, if available; and
c. Information obtained from the results of walkthrough procedures in Understanding the Process
activity.
19. For a given level of audit risk, the acceptable level of detection risk bears an inverse relationship to the
assessed risks of material misstatement (inherent risk plus control risk) at the assertion level. For
example, the greater the risk of material misstatement the auditor believes exists, the less the
detection risk that can be accepted and, accordingly, the more persuasive the audit evidence required
by the auditor. (ISSAI 2200, para. A44)
20. Detection risk relates to the nature, timing and extent of the auditor’s procedures that are determined
by the auditor to reduce audit risk to an acceptably low level. It is therefore a function of the
effectiveness of a procedure and of its application by the auditor. Matters such as: (a) adequate
planning; (b) proper assignment of personnel to the engagement team; (c) the application of
professional skepticism; and (d) supervision and review of the audit work performed, would help
enhance the effectiveness of an audit procedure and of its application, and reduce the possibility that
an auditor might select an inappropriate audit procedure, misapply an appropriate audit procedure, or
misinterpret the audit results. (ISSAI 2200, para. A45)
B. Understanding the Audit Entity
21. The resident auditors assigned in their respective agencies perform, among others, financial and
compliance audits. Thus, auditors have practically broad knowledge of agency operations which
should be summarized in the UTA Template attached as Appendix 2-2.
22. The UTA template may include the following:
a. A general overview of the entity’s organization and operations;

b. The agency’s main activities and critical processes;
c. Projects/Programs/Activities;
d. Results of previous audit;
e. Auditor’s notes on any component that may be significant to the conduct of financial audit.
23. To enhance auditor’s understanding of the audit entity, the following steps shall be undertaken:
32
a. Updating information base for financial audit and conducting preliminary risk assessment;
b. Assessing other matters for consideration; and,
c. Assessing Related Parties transactions
a. Updating Information Base for Financial Audit and Conducting Preliminary Risk Assessment
24. Given the extent and quality of information available to COA Auditors, the sources of financial
information to be used as basis for the preliminary risks assessment review are categorized as:
Table 3. Sources of financial information

Category Sources Information to be obtained
1. COA  Financial, compliance and performance audit reports; cash  Possible causes of
information examination reports; fraud audit reports; project audit reports; misstatements due to errors,
base  Bank Statements and Bank Reconciliation Statements; fraud;
 Property and personnel accountability audits  Financial statements accounts
 Notice of Suspensions, Notice of Charges and Notice of which may be misstated;
Disallowances, Notice of Finality of Decisions, COA Order of  Inherent risks for specific
Execution; accounts particularly cash,
 Evaluation/investigation reports/emerging issues from newspaper PPE, expenditures;
accounts;  Possible controls which need
 Financial Reports such as Reports of Checks Issued and Report of to be tested;
Collections and Deposit;  Possible risk areas
 Disbursement Vouchers;
 Recommendation Tracking Sheet;
 UTA Template and Financial Accountability LogFrame
2. Auditees  Charter or mandate;  Adequacy of internal control
and other  Organizational Chart/Functional Chart; over financial reporting;
offices  Manual of operations;  Risks posed affecting specific
 Internal audit reports; financial statements accounts;
 Minutes of meetings and conferences with the agency;  Agency’s primary functions;
 Official directives, new laws and regulations affecting the agency;  Limits of authority
 Appropriations/annual budget and other financial and project reports  Operations flow in relation to
internal control
3. Generated  General Accounting Plan;  Adequacy of internal control;
based on  Financial Statement Analysis;  Risks posed affecting financial
audit  Agency-level Controls Checklist statements accounts;
analysis  Risks on assertions related to
performed presentation and disclosure
25. Analysis of information under categories 1 and 2 may assist the audit team in identifying accounts with
possible material misstatements. The results of analysis based on categories 1 and 2 information is
presented in Illustration 1.
Illustration 1. Working Paper on Preliminary data analysis

Sample Amount Real
Income/Expense Assertions
Source Issues Involved Account
Account Affected Affected
Document (in PhP) Affected
Category 1
33
Sample Amount Real
1. Unrecorded reconciling items, i.e. 500,000.00 Cash Interest Income Complete-
Bank interest income ness
Reco
ncilia
tion
State
ment
s
2. Two NDs considered final and 5,000,000.00 R Accuracy,
Notic executory were issued NFD/ COE. e Complete-
es of The disallowance was not yet c ness
disall recorded in the books. ei
owan v
ce a
bl
e;
Retained
Earnings/
Accumula
ted
Surplus/
(Deficit)
3. Ten livelihood projects undertaken 4,500,000.00 Due from Accuracy/
Perfo by partner NGOs in 2016 are non- NGOs; Existence
rman existent. Funds released to the Cash
ce NGOs cannot be accounted for.
Audit
Five vehicles cannot be presented 1,758,000.00 PPE Depreciation Accuracy
Repo
and remained unaccounted expense Occurrence
rt
Existence
Valuation
4. Shortage of PhP10,000,000.00, not 10,000,000.00 Cash; Existence
Cash yet restituted R Accuracy
Exam e Valuation
inatio c
n ei
Repo v
rt a
bl
e
5. Property and equipment officially 59,000,000.00 C Accuracy
Prior turned over to LGUs were still o Existence
Year’ reported under Construction in n Valuation
s Progress account st
audit r
adjus u
tmen c-
ts/ ti
Finan o
cial n
Audit in
Repo P
rts r
34
Sample Amount Real
o
gr
e
ss
P
P
E
6. Misstated accounts remained 500,000.00 In Supplies Expense Accuracy

Reco unadjusted v Valuation
m- e
mend n
ation t
Track o
ing ry
Sheet 200,000.00 P Depreciation
P Expense
E
Category 2
1. Supply ledger cards were not Undetermined In Supplies Accuracy
Inter regularly updated, and preparation v expense Valuation
nal and submission of reports on the e
Audit issuance of supplies to the n
Repo Accounting Office is delayed by t
rts three to six months. o
ry
The procurement plan of the agency 500,000.00 In Loss/ spoilage Accuracy
was not reflective of the actual v Valuation
requirements. This resulted in e
overstocking of slow-moving n
supplies, of which significant t
amounts were already expired o
and/or damaged. ry
2. 10 projects were already completed 20,000,000.00 CI Accuracy
Proje but not yet turned-over to P Valuation
ct implementing agency P
Repo P
rts E
Two projects were terminated 2,000,000.00 CI Accuracy
P Valuation
P
P
E
26. The activities and information that can be gathered under Category 3 are discussed below.
a.1 Updating the Understanding of the Agency’s Internal Control System (AICS)
35
i. Internal Control is an integral process that is effected by an agency’s management and personnel,
and is designed to address risks and provide reasonable assurance that in pursuit of the agency’s
mission, the general objectives are being achieved.
ii. Internal Control should provide reasonable assurance regarding the achievement of agency’s
objectives in the following categories:
 Effectiveness and efficiency of operations;

 Reliability of financial reporting;
 Compliance with applicable laws and regulations; and,
 Safeguarding of assets.
iii. The preliminary assessment of the Internal Control System of the agency is based on the five
components of the internal control:
 Control Environment – sets the tone of an organization, influencing the control

consciousness of its staff. It is the foundation for all other components of internal
control, providing discipline and structure.
 Risk Assessment – process of identifying and analyzing relevant risks to the
achievement of the agency’s objectives and determining the appropriate response.
 Control Activities – The policies and procedures established to address risks and to
achieve the agency’s objectives. The procedures that an organization puts in place to
treat risk.
 Information & Communication – effective processes and systems that identify, capture
and report operational, financial and compliance-related information in a form and
timeframe that enable people to carry out their responsibilities.
 Monitoring – the process that assesses the quality of the internal control system’s
performance over time.
iv. The principles of internal control are presented in Table 4.
Table 4. Principles of Internal Control

Components Principles
Control 1) Management and staff demonstrate personal and professional integrity and ethical values;
Environment 2) Management sets the “tone at the top” (i.e. management’s philosophy and operating style);
3) Management establishes an appropriate government organizational structure;
4) Management and staff exhibit commitment to competence; and,
5) Management establishes human resource policies and practices.
Risk Assessment 6) Management identifies and defines appropriate objectives and risk tolerance in specific and
measurable terms;
7) Management identifies, evaluates and assesses agency’s risks; and,
8) Management determines appropriate response to the identified, evaluated, and assessed
agency’s risks.
Control Activities 9) Management designs control activities which are appropriate, function consistently
according to plan throughout the period, cost effective, comprehensive, reasonable and
directly relate to the control objectives and to address risks;
10) Management develops control activities which include a range of diverse policies and
procedures; and,
11) Management develops effective information technology control activities.
36
Components Principles
Information & 12) Management develops and maintains reliable and relevant financial and non-financial
Communication information;
13) Management communicates information throughout the agency; and,
14) Management communicates information with external parties.
Monitoring 15) Management establishes and operates activities to monitor the internal control system and
evaluates the results; and,
16) Monitoring activities ensure that audit findings and recommendations are adequately and
promptly resolved.
v. An effective internal control system requires that:
 Each of the five components of internal control is present and functioning.

 The five components are operating together in an integrated manner.
vi. For the evaluation of Internal Control Structure, the ALCC template attached as Appendix 2-3 will
be used. (Culled from the Internal Control Standards for Philippine Public Sector 2017 (ICSPPS)
under COA Resolution No. 2018-007 dated February 1, 2018.)
vii. Upon the completion of the ALCC template, the generated answers shall be evaluated and the
results of the evaluation shall be summarized. The summary of the evaluation shall form part of
the preliminary assessment of the Internal Control System. The auditor should be able to identify
which areas of internal control activities must be tested as a result of the preliminary evaluation.
To guide the auditor in evaluating the critical internal control processes to be tested, the
procedures can be designed in the form of a checklist questionnaire. An example of a checklist
questionnaire for cash receipts is attached as Appendix 2-3A.
viii. If the entity has established such a process (referred to hereafter as the “entity’s risk assessment
process”), the auditor shall obtain an understanding of it, and the results thereof. If the auditor
identifies risks of material misstatement that management failed to identify, the auditor shall
evaluate whether there was an underlying risk of a kind that the auditor expects would have
been identified by the entity’s risk assessment process. If there is such a risk, the auditor shall
obtain an understanding of why that process failed to identify it, and evaluate whether the
process is appropriate to its circumstances or determine if there is a significant deficiency in
internal control with regard to the entity’s risk assessment process. (ISSAI 2315, para. 16)
ix. If the entity has not established such a process nor has an ad hoc process, the auditor shall
discuss with management whether business risks relevant to financial reporting objectives have
been identified and how they have been addressed. The auditor shall evaluate whether the
absence of a documented risk assessment process is appropriate in the circumstances, or
determine whether it represents a significant deficiency in internal control. (ISSAI 2315, para. 17)
a.2 Testing Compliance with the General Accounting Plan (GAP) or other similar documents
The GAP shows the overall accounting system of the agency/unit including the standard source
documents, the flow of transactions and recording in the books of accounts, and their conversion
into financial information/data presented in the financial reports. The general flow of transaction
37
as well as the possible source documents, books of accounts and monitoring reports generally
required by affected accounts using the GAM for national government agencies as guide, is
illustrated in Appendix 2-4.
The actual flow of transactions of a particular subsystem as well as the existence of the
documents and books of accounts can be established through a walkthrough analysis using
sample transactions pertaining to the subsystem being analyzed. The auditors are required to
prepare the GAP indicating the specific source documents and reports by account applicable to
their respective agencies which should be used in the walkthrough analysis.
To illustrate, the fund transfer process is tested based on the standard documents flow identified
in the GAM using, five journal vouchers for fund transfers of various types. The results show the
need for the Chief Accountant to clarify why certain activities and forms were not used. There is
also a need to establish the officials authorized to approve the fund transfers, among others. The
walkthrough analysis of the fund transfers process is shown below:
Illustration 2. Walkthrough Analysis for Source Agency – Fund Transfer Account

Description of Control IC
Process Results of Walkthrough
Activities Assertion
Preparation/ All documentary Validity The check disbursement process starts with the
Documentation requirements as preparation of disbursement voucher (DV) initiated by
prescribed by COA the Requesting Office. The Designated Staff forwards
Circulars are attached the DVs, supporting documents (SD) and obligation
request and status (ObR) to the Budget Division.
Authorization/ The Disbursement Authorization Authorized signatories for Budget, Accounting and
Approval Voucher is signed by Cost/Responsibility Centers are Affixed. In accordance
authorized signatories with rules and regulations
Review Computations Accuracy Accounting Clerk verifies & recomputes the amount of
mathematically DV in accordance with rules and regulations before
correct forwarding to Cashier
Payment All documents in Validity The check is prepared in accordance with rules and
voucher package regulations. Then, DVs and SDs will be stamped as
have been stamped “PAID” upon the release of checks to the creditors
"paid". before submission to the Accounting Division.
Recording Recorded in the Completenes The check register is prepared by the Account
Check Disbursement s Controller which serves as a logbook for the checks
Journal issued and thereafter recorded in the Check
Disbursement Journal.
Supported with Validity Accounting staff prepares JEV & for the signature of the
approved JEV Chief Accountant
Supported with SL Accuracy
Authorization/ Recorded in the Authorization Chief Accountants approves JEV for recoding to the GL
Approval General Ledger
a.3 Financial Statements Analysis
There are two types of financial analysis that can be applied by the auditor.
38
a. One is variance analysis where the auditor can compare the latest set of FS and the
corresponding period of the preceding year's FS balances. The results of the analysis will
provide an initial indication about whether a risk of material misstatement exists. An example
of variance analysis is presented in Appendix 2-5.
b. Another form of FS analysis is a tie-in analysis. The auditor compares the figures of the
accounts or group of accounts or contra accounts in the FS and reported in the Notes to FS. A
tie-in analysis will show whether the figures presented and disclosed are reliable and properly
presented.
i. Figures of accounts in the SFPos are compared against those reported in other statements
and in the Notes to FS. For instance, the Cash balance of the SFPos should agree with the
ending balance figure of the SCF and Notes to FS. Differences indicate mathematical errors
or omissions.
ii. The amount reflected in the budget and actual amounts columns in the SCBAA should
match the figures reflected in the various registries maintained and financial
accountability reports prepared by the Budget Division/Unit.
iii. The auditors should have a good knowledge of the chart of accounts, account description,
contra-accounts, accounts that shall no longer be appearing in the year end SFPos such as
Cash-MDS, Regular, and accounts that are for exclusive use of a particular agency or
groups of agencies to be able to perform extensive tie-in-analysis of accounts within a
specific financial statement, and between and among financial statements.
The auditor shall conduct a Tie-in Analysis of Financial Statements, taking into
consideration, but not limited to, the following:
 Total Balance of Cash and Cash Equivalents in the Statement of Financial Position =
Cash and Cash Equivalents as of 31 December in the Statement of Cash Flows
 Net Assets (Total Assets less Total Liabilities = Net Assets/Equity
 Accumulated Surplus/(Deficit) in the Statement of Financial Position = Accumulated
Surplus/(Deficit) in the Statement of Changes in Net Assets/Equity (SCN/AE)
 Surplus/(Deficit) for the Period in the Statement of Financial Performance =
Surplus/(Deficit) for the Period in the SCNAE
 Receipt of Notice of Cash Allocation in the SCF plus the Constructive Receipt of NCA
thru Tax Remittance Advice = Gross Subsidy Income from the NG in the Notes to FS
The review of FS shall be anchored on the IPSAS/PFRS. The auditor shall see to it that all applicable
disclosures or additional information not evident on the face of the FS, such as but not limited to
the following, are incorporated in the Notes to FS:
 Breakdown of accounts (with corresponding figures) and relevant information for each
account;
 Breakdown of accounts with significant balances by region;
 Reasons for the significant increase/decrease of balances;
 Abnormal, unreconciled/unidentified and dormant accounts (with corresponding figures);
39
 Aging of receivables and payables;
 Pending lawsuits;
 Subsequent events with financial impact
As part of risk assessment procedures, the auditor shall consider whether events or conditions
exist that may cast significant doubt on the entity’s ability to continue as a going concern.
Exhibit 4. Risk assessment procedures for going concern assumption

Determine if management conducted preliminary assessment of entity’s
ability to continue as going concern.
Yes No
Discuss with Management if there are events or conditions Discuss with management the basis
that, individually or collectively, may cast significant doubt for the intended use of the going
on the entity’s ability to continue as a going concern concern basis of accounting
Yes No
Discuss Management’s plan to address such

Evaluate Management’s assessment
events and conditions

In evaluating management’s assessment of the entity’s ability to continue as a going concern, the
auditor shall:
a. cover the same period as that used by management to make its assessment as required by the
applicable financial reporting framework, or by law or regulation if it specifies a longer period.
If management’s assessment of the entity’s ability to continue as a going concern covers less
than twelve months from the date of the financial statements as defined in ISSAI 2560 the
auditor shall request management to extend its assessment period to at least twelve months
from that date;
b. consider whether management’s assessment includes all relevant information of which the
auditor is aware as a result of the audit; and,
c. inquire of management as to its knowledge of events or conditions beyond the period of
management’s assessment that may cast significant doubt on the entity’s ability to continue as
a going concern.
Assessment of going concern issues is a must for GOCCs classified as Commercial Public Sector
Entities.
b. Assessing Other Matters for Consideration
b.1.Understanding Fraud Risks
40
18. Misstatements in the FS can arise from either fraud or error. The distinguishing factor between fraud
and error is whether the underlying action that results in the misstatements of the FS is intentional or
unintentional.
19. Although fraud is a broad legal concept, the auditor is concerned with fraud that causes a material
misstatement in the FS. Two types of intentional misstatements are relevant to the auditor;
misstatements resulting from fraudulent financial reporting and misstatements resulting from
misappropriation of assets. Although the auditor may suspect or, in rare cases, identify the occurrence
of fraud, the auditor does not make legal determinations of whether fraud has actually occurred.
20. The auditor, though, should obtain evidence on management processes of addressing fraud risks from
identification to responding and to monitoring compliance with management processes by those
charged with governance.
21. When performing risk assessment procedures and related activities to obtain an understanding of the
entity and its environment, including the entity’s internal control, required by ISA 2315 (Revised), the
auditor shall perform the procedures (ISSAI 2240, para. 18) to obtain information for use in identifying
the risks of material misstatement due to fraud. (ISSAI 2240, para. 17)
a. Make inquiries of management regarding:
i. Management’s assessment of the risk that the financial statements may be materially
misstated due to fraud, including the nature, extent and frequency of such assessments;
ii. Management’s process for identifying and responding to the risks of fraud in the entity,
including any specific risks of fraud that management has identified or that have been
brought to its attention, or classes of transactions, account balances, or disclosures for
which a risk of fraud is likely to exist;
iii. Management’s communication, if any, to those charged with governance regarding its
processes for identifying and responding to the risks of fraud in the entity; and
iv. Management’s communication, if any, to employees regarding its views on business
practices and ethical behavior.
b. Make inquiries of management, and others within the entity as appropriate, to determine
whether they have knowledge of any actual, suspected or alleged fraud affecting the entity. (ISSAI
2240, para. 19)
c. For those entities that have an internal audit function, the auditor shall make inquiries of
appropriate individuals within the function to determine whether they have knowledge of any
actual, suspected or alleged fraud affecting the entity, and to obtain its views about the risks of
fraud. (ISSAI 2240, para. 20)
d. Unless all of those charged with governance are involved in managing the entity, the auditor shall
obtain an understanding of how those charged with governance exercise oversight of
management’s processes for identifying and responding to the risks of fraud in the entity and the
internal control and management has established to mitigate these risks. (ISSAI 2240, para. 21)
41
e. Evaluate whether unusual or unexpected relationships that have been identified in performing
analytical procedures, including those related to revenue accounts, may indicate risks of material
misstatement due to fraud. (ISSAI 2240, para. 23)
f. Consider whether other information obtained by the auditor indicates risks of material
g. Evaluate whether the information obtained from the other risk assessment procedures and
related activities performed indicates that one or more fraud risk factors are present. While fraud
risk factors may not necessarily indicate the existence of fraud, they have been present in
circumstances which where frauds have occurred and therefore may indicate risks of material
22. After performing the above procedures, a discussion shall be made among the audit team members
on how and where the entity’s financial statements may be susceptible to material misstatements due
to fraud and shall be documented through Audit Memoranda.
23. The following are examples of circumstances that may indicate the possibility that the FS may contain
a material misstatement resulting from fraud:
a. Discrepancies in the accounting records, including:
i. Transactions that are not recorded in a complete or timely manner or are improperly recorded
as to amount, accounting period, classification or entity policy;
ii. Unsupported or unauthorized balances or transactions;
iii. Last-minute adjustments that significantly affect financial results;
iv. Evidence of employees’ access to systems and records inconsistent with that necessary to
perform their authorized duties; and,
v. Tips or complaints to the auditor about alleged fraud.
b. Conflicting or missing evidence, including:
i. Missing documents;
ii. Documents that appear to have been altered;
iii. Unavailability of documents other than photocopied or electronically transmitted documents
when documents in original form are expected to exist;
iv. Significant unexplained items or reconciliations;
v. Unusual balance sheet changes, or changes in trends or important FS ratios or relationships –
for example, receivables growing faster than revenues;
vi. Inconsistent, vague, or implausible responses from management or employees arising from
inquiries or analytical procedures;
vii. Unusual discrepancies between the entity’s records and confirmation replies;
viii. Large number of credit entries and other adjustments made to accounts receivable records.
ix. Unexplained or inadequately explained differences between the accounts receivable sub-
ledger and the control account, or between the customer statements and the accounts
receivable sub-ledger; and,
x. Missing or non-existent cancelled checks in circumstances where cancelled checks are
ordinarily returned to the entity with the bank statement.
42
b.2.Understanding Risks from Non-compliance with Laws, Rules and Regulations
24. Non-compliance by the entity with laws and regulations may result in a material misstatement of the
FS. Detection of non-compliance, regardless of materiality, may affect other aspects of the audit
including, for example, the auditor’s consideration of the integrity of management or employees.
25. Transactions which are non-compliant with existing laws and regulations are considered illegal and
irregular and, thus, disallowed in audit as required under existing COA regulations. Notices of
Disallowance issued to entities for non-compliance with laws, rules and regulations are not yet taken
up in the books until a Notice of Finality of Decision has been issued in accordance with Rules and
Regulations on Settlement of Accounts. There is a financial error or misstatement in the event that the
management failed to record disallowances which are final and executory.
26. The auditor should be guided with the requirements under ISSAI 2250 in their consideration of
compliance with laws and regulations to include among others the following procedures:
a. Obtain an understanding of the entity and its environment in accordance with ISSAI 2315
(Revised). The auditor shall obtain a general understanding of:
i. The legal and regulatory framework applicable to the entity and the industry or sector in
which the entity operates; and
ii. How the entity is complying with that framework. (ISSAI 2250, para. 12, a and b)
b. Obtain sufficient appropriate audit evidence regarding compliance with the provisions of those
laws and regulations generally recognized to have a direct effect on the determination of material
amounts and disclosures in the financial statements. (ISSAI 2250, para. 13)
c. Perform the following audit procedures to help identify instances of non-compliance with other
laws and regulations that may have a material effect on the financial statements:
i. Inquiring of management and, where appropriate, those charged with governance, as to

whether the entity is in compliance with such laws and regulations; and
ii. Inspecting correspondence, if any, with the relevant licensing or regulatory authorities.
(ISSAI 2250, para. 14, a and b)
d. During the audit, the auditor shall remain alert to the possibility that other audit procedures
applied may bring instances of non-compliance or suspected non-compliance with laws and
regulations to the auditor’s attention. (ISSAI 2250, para. 15)
e. Request management and, where appropriate, those charged with governance, to provide
written representations that all known instances of non-compliance or suspected non-compliance
with laws and regulations whose effects should be considered when preparing financial
statements have been disclosed to the auditor. (ISSAI 2250, para. 16)
27. In the absence of identified or suspected non-compliance, the auditor is not required to perform audit
procedures regarding the entity’s compliance with laws and regulations, other than those set out in
paragraphs 33 to 47. (ISSAI 2250, para. 17)
43
28. If the auditor becomes aware of information concerning an instance of non-compliance or suspected
non-compliance with laws and regulations, the auditor shall obtain:
a. An understanding of the nature of the act and the circumstances in which it has occurred; and
b. Further information to evaluate the possible effect on the financial statements. (ISSAI 2250, para.
18, a and b)
29. If the auditor suspects there may be non-compliance, the auditor shall discuss the matter with
management and, where appropriate, those charged with governance. If management or, as
appropriate, those charged with governance do not provide sufficient information that supports that
the entity is in compliance with laws and regulations and, in the auditor’s judgment, the effect of the
suspected non-compliance may be material to the financial statements, the auditor shall consider the
need to obtain legal advice. (ISSAI 2250, para. 19)
30. If sufficient information about suspected non-compliance cannot be obtained, the auditor shall
evaluate the effect of the lack of sufficient appropriate audit evidence on the auditor’s opinion. (ISSAI
2250, para. 20)
31. The auditor shall evaluate the implications of non-compliance in relation to other aspects of the audit,
including the auditor’s risk assessment and the reliability of written representations, and take
appropriate action. (ISSAI 2250, para. 21)
32. As discussed in ISSAI 2250, the auditor shall conclude on the results of non-compliance. This may
affect the audit opinion as will be discussed in Section 4 – Reporting Phase.
c. Assessing Related Parties
33. Related Parties pertain to (i) persons or other entities that have control or significant influence,
directly or indirectly through one or more intermediaries, over the reporting entity, (ii) entities over
which the reporting entity has control or significant influence, directly or indirectly through one or
more intermediaries, and (iii) other entities under common control with the reporting entity through
having common controlling ownership and common key management.
34. In understanding the entity’s Related Party Relationships and Transactions, the auditor shall inquire of
management regarding the identity of the entity’s related parties, including changes from the prior
period; the nature of the relationships between the entity and these related parties; and whether the
entity entered into any transactions with these related parties during the period and, if so, the type
and purpose of the transactions. (ISSAI 2550, para. 13)
35. The auditor shall inquire of management and others within the entity, and perform other risk
assessment procedures considered appropriate, to obtain an understanding of the controls, if any,
that management has established to identify, account for, and disclose related party relationships and
transactions in accordance with the applicable financial reporting framework; authorize and approve
significant transactions and arrangements with related parties; and authorize and approve significant
transactions and arrangements outside the normal course of business. (ISSAI 2550, para. 14)
44
36. During the audit, the auditor shall remain alert, when inspecting records or documents, for
arrangements or other information that may indicate the existence of related party relationships or
transactions that management has not previously identified or disclosed to the auditor.
In particular, the auditor shall inspect the following for indications of the existence of related party
relationships or transactions that management has not previously identified or disclosed to the
auditor:
a. Bank and legal confirmations obtained as part of the auditor’s procedures;

b. Minutes of meetings of shareholders and of those charged with governance; and,
c. Such other records or documents as the auditor considers necessary in the circumstances of the
entity. (ISSAI 2550, para. 15)
37. If the auditor identifies significant transactions outside the entity’s normal course of business when
performing the audit procedures required by paragraph 15 of ISSAI 2550 or through other audit
procedures, the auditor shall inquire of management about:
a. The nature of these transactions; and,

b. Whether related parties could be involved. (ISSAI 2550, para. 16)
38. The auditor shall share relevant information obtained about the entity’s related parties with other
member of the engagement team. (ISSAI 2550, para. 17)
39. In meeting the ISSAI 2315 (Revised) requirement to identify and assess the risks of material
misstatement, the auditor shall identify and assess the risks of material misstatement associated with
related party relationships and transactions and determine whether any of those risks are significant
risks. In making this determination, the auditor shall treat identified significant related party
transactions outside the entity’s normal course of business as giving rise to significant risks. (ISSAI
2550, para. 18)
40. If the auditor identifies fraud risk factors (including circumstances relating to the existence of a related
party with dominant influence) when performing the risk assessment procedures and related activities
in connection with related parties, the auditor shall consider such information when identifying and
assessing the risks of material misstatement due to fraud in accordance with ISSAI 2240. (ISSAI 2550,
para. 19)
41. As part of the ISSAI 2330 requirement that the auditor respond to assessed risks, the auditor designs
and performs further audit procedures to obtain sufficient appropriate audit evidence about the
assessed risks of material misstatement associated with related party relationships and transactions.
These audit procedures shall include those required by paragraphs 21 – 24 of ISSAI 2550. (ISSAI 2550,
para. 20)
42. If the auditor identifies arrangements or information that suggests the existence of related party
relationships or transactions that management has not previously identified or disclosed to the
auditor, the auditor shall determine whether the underlying circumstances confirm the existence of
those relationships or transactions. (ISSAI 2550, para. 21)
45
43. If the auditor identifies related parties or significant related party transactions that management has
not previously identified or disclosed to the auditor, the auditor shall:
a. Promptly communicate the relevant information to the other members of the engagement team;
b. Where the applicable financial reporting framework establishes related party requirements:
i. Request management to identify all transactions with the newly identified related parties
for the auditor’s further evaluation; and,
ii. Inquire as to why the entity’s controls over related party relationships and transactions
failed to enable the identification or disclosure of the related party relationships or
transactions;
c. Perform appropriate substantive audit procedures relating to such newly identified related
parties or significant related party transactions;
d. Reconsider the risk that other related parties or significant related party transactions may exist
that management has not previously identified or disclosed to the auditor, and perform
additional audit procedures as necessary; and,
e. If the non-disclosure by management appears intentional (and therefore indicative of a risk of

material misstatement due to fraud), evaluate the implications for the audit. (ISSAI 2550, para.
22)
44. For identified significant related party transactions outside the entity’s normal course of business, the
auditor shall:
a. Inspect the underlying contracts or agreements, if any, and evaluate whether:

i. The business rationale (or lack thereof) of the transactions suggests that they may have
been entered into to engage in fraudulent financial reporting or to conceal
misappropriation of assets;
ii. The terms of the transactions are consistent with management’s explanations; and,
iii. The transactions have been appropriately accounted for and disclosed in accordance with
the applicable financial reporting framework; and,
b. Obtain audit evidence that the transactions have been appropriately authorized and approved.
(ISSAI 2550, para. 23)
45. If management has made an assertion in the financial statements to the effect that a related party
transaction was conducted on terms equivalent to those prevailing in an arm’s length transaction, the
auditor shall obtain sufficient appropriate audit evidence about the assertion. (ISSAI 2550, para. 24)
46. Entities that are under common control by a state, (that is, a national, regional or local government)
are not considered as related unless they engage in significant transactions or share resources to a
significant extent with one another. (ISSAI 2550, para.10)
47. The objective of assessing related parties is to obtain an understanding of related party relationships
and transactions sufficient to be able:
46
a. To recognize fraud risk factors, if any, arising from related party relationships and transactions
that are relevant to the identification and assessment of the risks of material misstatement due to
fraud; and,
b. To conclude, based on the audit evidence obtained, whether the FS, insofar as they are affected
by those relationships and transactions:
i. Achieve fair presentation (for fair presentation frameworks); or

ii. Are not misleading (for compliance frameworks)
C. Summarizing the Results of Preliminary Identification of Risks
48. In summarizing the information gathered, focus is on conditions which will facilitate identification of
risk of misstatements due to errors or fraud on the FS as a whole or to specific accounts at the
assertion level during the risk assessment process.
49. Appendix 2 of ISSAI 2315 lists conditions and events that may indicate risks of material misstatements.
As emphasized below, these are only examples and should not be considered as a complete listing.
Information gathered at this point may relate to some of these conditions/events:
Table 5. Examples of conditions and events that may indicate risks of material misstatements
Conditions and Events that May Indicate Risks of Material Misstatement
Listed below are examples of conditions that may indicate the existence of risks of material misstatement in the financial
statements. The examples provided cover a broad range of conditions and events; however, not all conditions and events
are relevant to every audit engagement and the list of examples is not necessarily complete.
 Constraints on the availability of capital and credit
 Changes in the supply chain
 Expanding into new locations
 Changes in the entity such as large acquisitions or reorganizations or other unusual events
 Existence of complex alliances and joint ventures
 Use of off balance sheet finance, special-purpose entities, and other complex financing arrangements such as build-
operate-transfer, etc.
 Significant transactions with related parties
 Lack of personnel with appropriate accounting and financial reporting skills
 Changes in key personnel including departure of key executives
 Deficiencies in internal control, especially those not addressed by management
 Incentives for management and employees to engage in fraudulent financial reporting
 Changes in the IT environment
 Installation of significant new IT systems related to financial reporting
 Congressional, investigative bodies or COA inquiries into the entity’s operations or financial results by regulatory or
government bodies
 Past misstatements, history of errors or a significant amount of adjustments at period end
 Significant amount of non-routine or non-systematic transactions including intercompany transactions and large
revenue transactions at period end
 Transactions that are recorded based on management’s intent, for example, debt refinancing, assets to be sold and
classification of marketable securities
 Application of new accounting pronouncements
 Accounting measurements that involve complex processes
 Omission, or obscuring, of significant information in disclosures
 Pending litigation and contingent liabilities, for example, claims and lawsuits
47
50. For ease in analysis, the potential misstatements may be grouped into three categories considering
the following assertions:
Table 6. Assertions in considering misstatements

Category Assertion Condition
Transaction Occurrence All recorded transactions and events actually took place.
level Completeness All transactions and events that should be recorded have been recorded.
assertions
Accuracy Full amounts of all transactions and events were recorded without error.
Cutoff All transactions and events were recorded within the correct reporting period.
Classification All transactions have been recorded in the correct accounts in the general ledger.
Account Existence All account balances exist for assets, liabilities, and equity.
balance Rights and The entity holds or controls the rights to assets, and liabilities are the obligations of
assertions obligations the entity.
Completeness All reported asset, liability, and equity balances have been fully reported.
Accuracy, Assets, liabilities, and equity interests have been included in the financial statements
valuation and at appropriate amounts and any resulting valuation or allocation adjustments have
allocation been appropriately recorded.
Classification Assets, liabilities and equity interests have been recorded in the proper accounts.
Presentation Presentation For account balances, assets, liabilities and equity interests are appropriately
and Other aggregated or disaggregated and clearly described, and related disclosures are
disclosures relevant and understandable in the context of the requirements of the applicable
financial reporting framework.
For transactions and events, they are appropriately aggregated or disaggregated and
clearly described, and related disclosures are relevant and understandable in the
context of the requirements of the applicable financial reporting framework.
Understandability The information included in the financial statements has been appropriately
presented and is clearly understandable.
Accuracy All information disclosed is in the correct amounts, and which reflect their proper
values.
Completeness All transactions that should be disclosed have been disclosed
Rights and Disclosed rights and obligations actually relate to the reporting entity.
obligations
Occurrence Disclosed transactions have indeed occurred.
51. In conducting preliminary assessment, the applicable ISSAIs shall be considered if the following
situations arise:
Table 7. Other ISSAIs for consideration

ISSAI Nos. Other Applicable ISSAs
ISSAI 2402 – Audit The auditor shall determine whether the entity outsources aspects of their operation to other service
Considerations organization. ISSAI 2402 shall apply as the auditor obtain understanding of the nature and
Relating to an significance of the services provided by the service organization and their effect on the entity’s
Entity Using a internal control relevant to the audit, sufficient to identify and assess the risk of material
Service misstatement. Likewise, the auditor shall be guided by ISSAI 2402 in designing and performing audit
Organization procedures responsive to those risks.
ISSAI 2510 – Initial ISSAI 2510 discussed that in conducting an initial audit engagement the auditor shall read the most
Audit Engagements recent financial statements, if any, and the predecessor auditor’s report thereon, if any, for
- Opening Balances information relevant to opening balances, including disclosures. The auditor shall then obtain
sufficient appropriate evidence about whether: (a) opening balances contain misstatements that
48
ISSAI Nos. Other Applicable ISSAs
materially affect current period’s financial statements; and (b) appropriate accounting policies
reflected in the opening balances have been consistently applied in the current period’s financial
statements or changes thereto are appropriately accounted for and adequately presented and
disclosed in accordance with the applicable financial reporting framework.
ISSAI 2620 – Using In case the auditor does not possess the specialized skills or knowledge required when the matter
the Work of an involved is in a field other than accounting or auditing and may need to obtain it from an auditor’s
Auditor’s Expert expert. ISSAI 2620 establishes requirements and provides guidance in determining the need to
employ or engage an auditor’s expert and the auditor’s responsibilities when using the work of an
auditor’s expert.
The auditor has sole responsibility for the audit opinion expressed, and that responsibility is not
reduced by the auditor’s use of the work of an auditor’s expert. Nonetheless, if the auditor using the
work of an auditor’s expert, having followed this ISA, concludes that the work of that expert is
adequate for the auditor’s purposes, the auditor may accept that expert’s findings or conclusions in
the expert’s field as appropriate audit evidence. (ISSAI 2620, para.3)
52. The preliminary assessment should also include account/s covered by Specific Audit Instructions
issued by the concerned Supervising Auditor. The results of the preliminary assessment will be
summarized to include the FS accounts affected; possible risk identified from the information
gathered and the type of risk in terms of assertion. Additional information required to firm up the
assessments should also be indicated so that the necessary documents or appointments for interviews
with officials concerned are obtained. A sample Summary Report on the Preliminary Identification of
Risks and other matters is attached as Appendix 2-6.
53. The results of the preliminary identification of risks will be forwarded to the RRAAL. The auditor shall
also assess the risks at the financial statement level using the results of evaluation of the Agency-Level
Controls Checklist, Fraud Risk Analysis, risks from non-compliance with laws, rules and regulations and
related party transactions. Sample significant risks at the financial statement level are as follows:
a. Lack of concern of the head of the agency and governing board on ethical and moral values;
b. Management’s lack of competence; and
c. Actual fraud incidence affecting the entity.
All identified significant risks at the financial statement level shall likewise be forwarded to the RRAAL,
and assessed accordingly. For this purpose, the Step 1 column in the RRAAL shall be merged to reflect
the significant financial statement level risks.
54. The SRPIR becomes the initial basis for conducting further risk assessment and updating the overall
audit strategy. Materiality considerations will be discussed as part of the conduct of final risk
assessment.
III. Conducting Final Risk Assessment
A. Determining the Materiality Thresholds
49
55. Materiality threshold pertains to the amount of materiality set as benchmark to evaluate the
significance of misstatements or omissions noted during audit.
56. ISSAI 2320 explains that misstatements and omissions are considered to be material if they,
individually or in aggregate, could reasonably be expected to influence the economic decisions of
users of the FS. The users are considered as a group of users of FS rather than as individual users.
57. The concept of materiality is applied both in planning and performing the audit, and also in evaluating
the effect of identified misstatement in the FS. It is also based on the concept that items of little
importance do not require to be audited since these will not affect the judgment or action of a
reasonable FS user. While materiality is primarily based on the auditor’s professional judgment, such
judgment should consider both qualitative and quantitative aspects to reduce the risk of audit
decisions which are either overly liberal or conservative.
58. Clearly trivial as mentioned in ISSAI 2450, para. A2 does not mean “not material.” Misstatements that
are clearly trivial will be of wholly different (smaller) order of magnitude, or of a wholly different
nature than those that would be determined to be material, and will be misstatements that are clearly
inconsequential, whether taken individually or in the aggregate and whether judged by any criteria of
size, nature or circumstances.
59. ISSAI 2320 describes qualitative considerations specific to determining materiality levels in the public
sector: When determining whether a particular class of transactions, account balance, disclosure, or
other assertion which is part of the financial reporting framework, is material by virtue of its nature,
public sector auditors take into account qualitative aspects such as:
a) The context in which the matter appears; for example, if the matter is also subject to compliance
with authorities, legislation or regulations, or if law or regulation prohibits overspending of public
funds, regardless of the amounts involved;
b) The needs of the various stakeholders and how they use the financial statements;
c) The nature of the transactions that are considered sensitive to users of the financial statements;
d) Public expectations and public interest, including emphasis placed on the particular matter by
relevant committees in the legislature, such as a public accounts committee, including the
necessity of certain disclosures;
e) The need for legislative oversight and regulation in a particular area; and
f) The need for openness and transparency; for example, if there are particular disclosure
requirements for frauds or other losses.
60. In determining the materiality thresholds, COA Resolution No. 2019-016 dated June 25, 2019
prescribing the Guidelines in Determining and Using Materiality Threshold in Financial Audit shall be
adopted. The Template on Determining Materiality Level (Appendix 2-7) will document the materiality
level used in audit.
B. Assessing Risks and Determining Risk Responses
61. The steps are broken into: (a) performing risk assessment; and (b) determining risk responses.
50
a. Performing Risk Assessment
62. As discussed in the preliminary risk assessment, the SRPIR becomes the initial basis for further risk
assessment. The auditor shall conduct final risk assessment on each of the relevant assertions in the
SRPIR.
63. Risk assessment involves the identification of sources of risk and assessment as to whether
information obtained could result in a material misstatement in the financial statements. Risk of
material misstatement at the assertion level (risk that the financial statements are materially
misstated prior to audit) consists of inherent risks and control risks which were discussed earlier.
(ISSAI 2003)
64. The following are examples of risks that the entity may encounter:
Table 8. Examples of Risks

Inherent risks Control Risks
 Highly complex transactions  Non-preparation of bank reconciliation
 Transactions which do not regularly occur or  Use of funds for purposes other than the intended purposes or for
non-routine transactions such as accounting personal purposes
for losses/damages due to fire/calamity  Unreconciled accounts
 Transactions which require estimations such  Failure to recognize properties transferred to other agencies or
as determination of fair value; allowance for work-in progress already completed
doubtful accounts and impairments  Delay in recording transactions such as liquidation reports,
issuances of supplies and failure to recognize book reconciling
items
65. The auditors should, however, not limit their evaluation on the risks identified during Preliminary
Assessment as there could be intervening events or circumstances that may need equal attention. This
includes material items in the FS even if initially, they have no risk as these should eventually be
included in the audit plan.
66. The ISSAI Implementation Handbook – Financial Audit relative to ISSAI 2315 enumerates the steps
involved in a risk assessment as:
a. Inherent risk identification;

b. Inherent risk assessment;
c. Identification of significant risk;
d. Understanding internal control;
e. Evaluating internal control design and implementation of internal controls; and,
f. Final risk assessment.
Step 1. Inherent Risk Identification
67. There are two major classifications of inherent risk: agency risk and fraud risk. Agency risk results from
significant conditions, events, circumstances, actions that could adversely affect the entity’s ability to
achieve its objectives and exercise its strategies. Fraud risk is related to events or conditions that
indicate an incentive or pressure to commit fraud.
51
68. For identifying risks, the auditor considers: factors like the nature of the operation, accounting
policies, agency objectives and strategies and financial implications, review of financial performance,
relevant controls to mitigate risks at the agency and transactional levels, and laws and rules applicable
for the audited entity.
Step 2. Inherent Risk Assessment
69. The auditor needs to assess the identified risks and determine their importance for the audit of the
financial statements before considering any internal control that might mitigate such risks. Risk
assessment involves consideration of two attributes about inherent risks: (i) the likelihood of a
misstatement occurring as a result of the risk with the probability rated as low or high; (ii) the
magnitude (monetary impact) if the risk would occur.
70. The auditor should gather information from the concerned management officials about their risk
assessment process and as to how risks are identified and managed. The SRPIR (Appendix 2-6) may be
updated as the need arises or when additional information is obtained.
71. Significant risks or pervasive risks affecting the FS as a whole are segregated. These risks will be
considered in all the financial statements accounts. In the case of inherent risks on FS accounts, these
are sorted by FS account and summarized to reflect the final conditions and assertions identified.
Step 3. Identification of Significant Risks
72. A significant risk is where the assessed risk of material misstatement is so high that in the auditor’s
judgment, it will require special audit consideration as in these cases:
a. large non-routine transactions;

b. matters requiring judgment or management intervention such as changes in accounting
impairment policies;
c. error or fraud is high;
d. non-compliance with laws and regulations; or,
e. unreliable internal control.
73. For significant risks, the auditor should: evaluate internal control over these risks, such as control
activities and indirect (pervasive) internal controls; design an audit response to obtain audit evidence
with high reliability including tests of controls and substantive procedures. Substantive analytical
procedures alone are not sufficient and are not considered as an appropriate response.
74. Significant risks will include unqualified accounting staff; lack of values formations training, accounting
and procurement training of concerned staff; fraudulent project transactions; non-routine large
transactions; and non-compliance with laws and regulations. These risks are considered in all of the
accounts affected, usually all FS accounts.
Step 4. Understanding Internal Control
75. Since not all control activities are relevant to the audit, an understanding of the controls related to the
risk of misstatement is necessary to ensure that the relevant control is identified. This is initially
52
undertaken during the preliminary risk identification (Appendices 2-2 to 2-6 for initial assessment).
Only controls related to the risk of material misstatement should be identified.
76. Based on the understanding of control activities and the determination as to whether they are likely to
achieve the control objectives, the auditor reassesses control risk to decide whether to test controls.
Step 5. Evaluation of Internal Control Design and Implementation of Internal Controls
77. Significant risks are identified as to whether they are pervasive or specific. Significant risks are
considered pervasive if these are not confined to specific elements, accounts or items of the financial
statements. If so confined, the affected account represents or could represent a substantial
proportion of the financial statements.
78. After significant risks are identified and determined to be pervasive or specific, controls are identified
to mitigate them; and controls are tested, observed or inspected to ensure that these are
implemented and functioning, as follows:
i. Test of Internal Control Design Adequacy
In selecting controls to test, key controls must be considered. Important or key controls address
the risk of a material misstatement. Testing internal control design determines whether the
control is designed in a way that would prevent or detect an error or fraud.
In testing internal control design, the auditor should only test those controls that are important
to the auditor’s conclusion about whether the controls of the Agency/Unit/Corporation/Project
sufficiently address the assessed risk of misstatement to each relevant assertion.
There might be more than one control that addresses the assessed risk of misstatement to a
particular relevant assertion; conversely, one control might address the assessed risk of
misstatement to more than one relevant assertion. It is neither necessary to test all controls
related to a relevant assertion nor necessary to test redundant controls, unless redundancy is
itself a control objective.
The auditor should test the adequacy of control design by determining whether the
Agency/Unit/Corporation/Project controls satisfy the Agency/Unit/Corporation/Project’s control
objectives and can effectively prevent or detect errors or fraud that could result in material
misstatements in the financial statements.
An example of a control being designed well is a journal entry recording and approval where one
person prepares and another one reviews and approves, irrespective of whether they are
actually following such rule.
ii. Two types of controls
There are two types of controls, preventive controls and detective controls.
a. Preventive Controls are designed to discourage errors or irregularities from occurring.

Examples of preventive controls are:
53
o Segregation of Duties – Duties are segregated among different people to reduce the risk
of error or inappropriate action;
o Approvals, Authorizations, and Verifications– Management authorizes employees to
perform certain activities and to execute certain transactions within limited parameters;
and,
o Security of Assets (Preventive and Detective) – Access to equipment, inventories,
securities, cash and other assets is restricted; assets are periodically counted and
compared to amounts shown on control records.
b. Detective Controls are designed to find errors or irregularities after they have occurred.
Examples of detective controls are:
o Review of Performance – Management compares information about current

performance to budgets, forecasts, prior periods, or other benchmarks to measure the
extent to which goals and objectives are being achieved and to identify unexpected
results or unusual conditions that require follow-up;
o Reconciliations – An employee relates different sets of data to one another, identifies
and investigates differences, and takes corrective action, when necessary;
o Physical Inventories – Annual or Semi-annual;
o Audits – Internal or External
iii. External auditors, in this case COA Auditors, can also use the works of internal auditors, when
they have determined that the internal audit function is likely to be relevant to the audit. The
guidance on the use of the works of internal auditors and in assessing their objectivity is provided
under ISSAI 2610.
iv. The internal auditor may be presumed to be objective if the following criteria are met and the
internal auditor’s function is established by legislation or regulation:
 The internal auditor is accountable to top management and to those charged with
governance;
 The internal auditor reports the audit results both to top management and those charged
with governance;
 The internal audit unit is located organizationally outside the staff and management
function of the unit under audit;
 The internal auditor is sufficiently removed from political pressure to conduct audits and
report observations, opinions, and conclusions objectively without fear of political
reprisal;
 The top management permits internal auditors to audit operations for which they have
previously been responsible for to avoid any perceived conflict of interest; and,
 The internal auditor has access to those charged with governance. 1
v. Irrespective of the degree of autonomy and objectivity of the internal audit function, such
function is not independent of the entity as required of the external auditor when expressing an
opinion on financial statements. The external auditor has sole responsibility for the audit opinion
1
(Nzechukwu, 2016, p. 546)
54
expressed, and that responsibility is not reduced by the external auditor’s use of the work of the
internal auditors.
79. The level of control risks is assessed as to high or low based on the results of tests. ( Appendices 2-2 to
2-6 for initial assessment)
Step 6. Final Risk Assessment
80. The final step in the risk assessment phase of the audit is to review the results of the risk assessment
procedures performed, and assess the risks of material misstatements at the FS level and the assertion
level for classes of transactions and disclosures. The risk of material misstatement is the susceptibility
of the financial statements, accounts, and assertions to material misstatement, and the risk that the
entity’s current internal controls would be ineffective in proactively identifying and correcting the
misstatements.
81. The risk of material misstatement is a product of the two risks, inherent risk and control risk. This is
often represented using the following equation:
Risk of Material Misstatement = Inherent Risk × Control Risk
82. Risk values are based on auditor’s best judgment and are not quantifiable. Therefore, the above
equation is just a means for auditor's understanding of the relationship between risks and not actually
used to calculate risks.
83. The assessment of inherent risk and control risk constitute the Risk of Material Misstatement (RMM)
where accounts are assessed as minimal, low, moderate or high risk. The following discussions on risk
responses and Risk Decision Table provide the auditor’s assessment of the RMM considering the result
of the assessment of the inherent risk and control risk.
b. Determining Risk Responses
84. Responses to the results of the risk assessment are based on the decision model setting the nature of
audit procedure/s and extent of audit to be performed given the results of a risk assessment and
depending on the level of risk of material misstatement established for specific audit objectives,
accounts and assertions.
85. To summarize, the risk responses to be adopted may be:
a. When both inherent and control risks are low, the overall RMM is minimal. Hence, further testing
of controls is performed to firm up the audit conclusion reached together with a less extensive
level of substantive tests.
b. When inherent risk is low but control risk is high, the RMM is moderate. As such, there is no need
to perform tests of controls as these cannot be relied on anyway. Since inherent risk is low, an
extensive level of substantive tests is required.
c. When inherent risk is high and control risk is low, the RMM is low. Hence a high reliance is placed
on tests of controls and a less extensive level of substantive tests is required.
d. When both inherent and control risks are high, RMM is high. No reliance is placed on control
hence no need to test controls but an extensive level of substantive tests is required.
55
86. These risk responses are summarized in the Risk Decision Table presented in Table 9.
Table 9. Risk Decision Table

IR CR RMM (IR x CR) Risk Response
Low Low Minimal High reliance on controls and a less extensive level of substantive tests
High Moderate No reliance on controls and an extensive level of substantive tests
High Low Low High reliance on controls and a less extensive level of substantive tests
High High No reliance on controls and an extensive level of substantive tests
87. Following the risk decision table, tests of controls are performed when control risks are low. No tests
of controls are needed when control risk is high because there is no point testing controls which are
absent or cannot be relied upon.
88. The result of the test of controls will determine the nature, extent and timing (net) of the substantive
tests that will be performed. Substantive tests are procedures performed by the auditor to detect
material misstatement or fraud related to transactions or account balances.
89. Level of substantive testing is required regardless of the results of control testing. If weak internal
controls exist or if important controls are not in place, extensive substantive testing will be required.
On the other hand, if controls are found to be effective, the amount of substantive testing required is
significantly lower or less extensive, because there is less chance of error in the underlying records.
90. The resulting test of assessed risks will form the foundation for the next audit phase which is to
determine how to respond to the assessed risks through the design of audit procedures. The results of
risk assessment at the assertion level is illustrated in Appendix 2-8.
91. Assessed risks at the financial statement level are pervasive in nature, and require overall audit
responses such as determining the experience of those assigned to perform the work, the level of
supervision required, and any required modification to the nature and extent of planned audit
procedures, such as performing substantive procedures at the period end instead of at an interim
date; or modifying the nature of audit procedures to obtain more persuasive audit evidence.
92. The assessment of the risks of material misstatement at the financial statements level, and thereby
the auditor’s overall responses, is affected by the auditor’s understanding of the control environment.
An effective control environment may allow the auditor to have more confidence in internal control
and reliability of audit evidence generated internally within and thus, for example, allow the auditor to
conduct some audit procedures at an interim date rather than at the period end. Deficiencies in the
control environment, however, have the opposite effect; for example, the auditor may respond to an
ineffective control environment by:
a. Conducting more audit procedures as of the period end rather than at an interim date.
b. Obtaining more extensive audit evidence from substantive procedures.
c. Increasing the number of locations to be included in the audit scope. (ISSAI 2330, para. A2)
93. The auditor shall perform audit procedures to evaluate whether the overall presentation of the
financial statements is in accordance with the applicable financial reporting framework. In making this
evaluation, the auditor shall consider whether the financial statements are presented in a manner that
reflects the appropriate:
56
a. classification and description of financial information and the underlying transactions, events and
conditions; and
b. presentation, structure and content of the financial statements.
94. Assessed risks at the assertion level relate to particular account balances, classes of transactions, and
disclosures. The response is to perform further audit procedures such as tests of details, tests of
controls, and substantive analytical procedures.
IV. Preparing the Audit Engagement Plan
95. The fundamental elements in preparing the audit engagement plan are: (a) updating the overall audit
strategy; (b) preparing the audit program; and (c) preparing the engagement planning memorandum.
A. Updating the Overall Audit Strategy
96. The overall audit strategy prepared during the preliminary risk assessment needs to be updated to
consider the results of final risk assessments by preparing an Updated OAS. This is to document any
changes in the EPM and audit plan, the reasons for the changes, the date when the decision to change
was made and the signature of the ATL/SA as evidence of concurrence.
97. ISSAI 2450 requires the auditor to revise the overall audit strategy if: (a) the nature of identified
misstatements and the circumstances of their occurrence indicate that other misstatements may exist
that, when aggregated with misstatements accumulated during the audit, could be material; or (b) the
aggregate misstatements accumulated during the audit, approaches the materiality level determined
in accordance with ISSAI 2320.
98. The overall audit strategy for COA purposes should consider the key activities from the Risk
Assessment Process to the Reporting Phase. Moreover, there are audit activities or requirements
which no longer form part of the risk assessment process but must be included in the Strategy. These
pertain to, among others:
a. Special considerations: Related Parties; Litigation and Claims; Segment Reporting and Subsequent
Events with procedures discussed in Section 3, Execution Phase;
b. Other accounts determined falling within the performance materiality level not covered in the risk
assessment;
c. In the case of nationwide audits, the Strategy should consider synchronization of timelines for
group planning, execution and reporting; setting materiality thresholds in a uniform manner;
scheduling of audit inspections; confirmations from external parties, among others.
B. Preparing the Audit Program
99. An audit program contains the audit procedures to be performed for a specific audit objective for the
financial account and the risks identified by assertion. Audit Program for each audit areas included in
the overall audit strategy should be prepared.
57
100. The audit program saves time and labor; increases efficiency; controls the work performed; maintains
uniformity and continuity; identifies responsibilities; helps to maintain continuity; and, facilitates
presentation of evidence.
101. The auditor may use standard audit programs relevant to the risks identified or to the audit areas. An
audit program template is provided as Appendix 2-9.
C. Preparing the Engagement Planning Memorandum
102. The final activity of the Planning Phase is preparing the EPM. As a planning tool, EPM sets out the
objectives of the audit and spells out how the auditor aims to achieve these objectives. As
supervision and monitoring tool, it tracks the progress of the audit and promotes high quality and
professional audit work.
103. This Memorandum contains the following:
Part 1 – Audit Coverage, Objective and Methodology
a. Audit Scope/coverage- should be clearly described;

b. Audit objectives -should be clearly defined; and,
c. Audit methodology- should be clearly established supported with audit programs.
Part 2 - Significant contents of the Overall Audit Strategy
A brief narration of the major activities to be performed supported by the final overall audit strategy
updated brought about by new conditions, unforeseen events, or audit evidence obtained from the
results of audit procedures which includes the following, among others:
a. Materiality thresholds;
b. The number of staff to conduct the audit;
c. The major timelines: entrance conference, exit conference, securing management representation
letter, audit report issuance;
d. Coordination activities relative to a nationwide audit;
e. Inspections to be conducted; and,
f. External confirmations to be performed.
Part 3 – Summary of major accounts and assertions for audit considerations
a. Accounts and Assertions with high risks of material misstatements and significant risks identified
in the final risk assessment template. (Appendix 2-8)
b. Other Material Accounts (OMA) refer to financial statement accounts above or equal to the
performance materiality but were not considered as significant based on the results of the Final
Risk Assessment.
c. Special Considerations: Related Parties, Litigation and Claims, Segment Reporting and
Subsequent Events
Part 4 – Audit Program (Appendix 2-9)
58
104. The EPM serves as the “blueprint” of the financial audit after the Planning Phase and contains the
detailed audit procedures to be performed in response to the results of the risk assessment and the
procedures for audit areas which no longer had to pass through a risk process but are required to be
performed. It must be prepared by the Audit Team Leader, reviewed by the SA/RSA and approved by
the CD/RD. Template of EPM (Appendix 2-10) and other related appendices are attached to elaborate
on certain facts as considered necessary.
105. As a result of unexpected events, changes in conditions, or the audit evidence obtained from the
results of audit procedures, the auditor may need to modify the overall audit strategy and audit plan
and thereby the resulting planned nature, timing and extent of further audit procedures, based on
the revised consideration of assessed risks. This may be the case when information comes to the
auditor’s attention that differs significantly from the information available when the auditor planned
the audit procedures. For example, audit evidence obtained through the performance of substantive
procedures may contradict the audit evidence obtained through tests of controls. (ISSAI 2300)
59
Appendix 2-1. Overall Audit Strategy
(SECTOR) (CLUSTER) - Agency XYZ
OVERALL AUDIT STRATEGY
Audit Team/Address ________________________________________________________________________________________

Prepared by ___________________________________________________________ Date Prepared _____________________
Reviewed by __________________________________________________________ Date Reviewed _____________________
Approved by __________________________________________________________ Date Approved ____________________
A. Introduction
A.1.Background
State the COA Office Order on the creation and composition of the audit team.
B. Audit Scope and Period Covered
Financial audit of CY 20xx Financial Statements
C. Significant Milestones
P Target Date to Accomplish

h Person 2017 2018
a Activities Expected Output Respon-
Remarks
s sible
e M J J A S O N D J F M A
A. PLANNING
1 Conduct initial risk assessment based on Summary Report on the
available data and additional documents Preliminary Identification
requested from management: of Risks
a. Initial analysis of available documents/reports
b. Initial variance and tie in analysis (latest
available TB of the Current Year)
c. Initial indication of Misstatements
d. Updated UTA Template
e. Updated General Accounting Plan
f. Updated Agency-level Control Checklist
g. Validation of implementation of prior year's
audit recommendations
2 Establish materiality threshold. Materiality Template
3 Update risk assessment based on the additional Results of Risk Assessment
information, data and reports. (Including testing at the Assertion Level
of control for significant inherent risk and
60
P Person Target Date to Accomplish
h Activities Expected Output Respon- 2017 2018
a Remarks
sible M J J A S O N D J F M A
s establishing the overall audit risk). Prepare
summary of risk assessment by account and by
assertion.
4 Identify other audit activities not covered in the Summary of other audit
risk assessment (Segment reporting, litigation activities
and claims, related parties, subsequent event,
accounting estimates and analysis of accounts,
etc.)
5 Updating overall audit strategy (OAS) Updated OAS
6 Prepare Audit Engagement Planning Approved Engagement
Memorandum including audit program by Planning Memorandum
account/by assertion/ by special considerations supported with Audit
(ISSAI 2800) Program by
7 Approve Audit Engagement Planning account/assertions/special
Memorandum. considerations
8 Issue Specific Audit Instructions to the audit team Specific Audit Instructions
for the execution of the audit plan.
B. EXECUTION
1 Conduct the audit based on the approved Audit Working Papers by account
Engagement Planning Memorandum and the
attached Audit Program
2 Issue AOM, ND, NS, NC, Audit Memorandum, as AOM, NS, ND, NC, AM
the need arises
3 Perform final financial statements variance and WP on Financial Analysis
tie-in analysis.
4 Review financial statements and corresponding Summary of notes for
Notes to FS to ensure compliance to presentation review
and disclosure requirements by ISSAIs.
5 Prepare summary of proposed audit adjustments Summary of proposed audit
and evaluate effects in the audit opinion adjustments
6 Prepare Summary of Audit Observations and Summary of Audit
Recommendations Observations and
Recommendations
7 Follow-up of the Agency Action Plan and Status of Agency Action Plan and
Implementation Status of Implementation
8 Prepare the recommendation tracking sheet Recommendation Tracking
indicating the control number and deadline for Sheet
implementation
9 Conduct exit conference Minutes of exit conference
61
P Person Target Date to Accomplish
h Activities Expected Output Respon- 2017 2018
a Remarks
sible M J J A S O N D J F M A
s
C. REPORTING
1 Secure an updated Management Representation Management
Letter which is dated near the date of the audit Representation Letter
report
2 Draft the annual audit report including section on Draft AAR
the results of internal control review
3 Submit draft audit report to the supervisor for Draft Audit Report
review
Accomplish compliance completion checklist Compliance completion
supported by audit working papers covering checklist (Part I)
activities from Preliminary Engagement to
Reporting except for submission of draft audit
report to CD/RD
4 Submit draft audit report to the Director for Draft Audit Report
review
5 Finalize AAR and sign the IAR Final AAR and signed IAR
6 Transmit the audit report to the management Duly received Transmittal
Letter
7 Wrap-up, organization and archiving of working Duly indexed Working
papers Papers
D. Quality Control Review
1 Accomplish completion compliance checklist Completion compliance
supported by audit working papers for the checklist
remaining procedures (submission of draft audit
report to quality control)
2 Send the Auditee Feedback Sheet to Agency for Auditee Feedback Sheet
accomplishment
3 Accomplish the Supervising Auditor’s/Regional Supervising Auditor’s/
Supervising Auditor’s Evaluation Form Regional Supervising
Auditor’s Evaluation Form
4 Accomplish the Director’s Evaluation Form Director’s Evaluation Form
5 Rate Management Performance Financial Management
Performance Rating
Note: Highlight the date the activities are to be implemented.
62
Appendix 2-2. Understanding the Agency Template
UNDERSTANDING THE AGENCY

A. MANDATE
Relevant law, rule or regulation defining the purpose of the agency.
B. OPERATIONS
The Agency’s (a) main activities and (b) critical processes using the Critical Processes
Template attached as Appendix 2-2A.
C. STRUCTURE
Describe the Agency’s organizational structure and its relation to other key government
agencies. (Attach the Agency’s organizational structure, as necessary)
D. KEY STAKEHOLDERS
List stakeholders, or unified stakeholder groups, whose expectations or actions (or

inactions) can significantly influence management or affect the agency objectives
E. KEY ENVIRONMENTAL FACTORS
Briefly describe the environment of the agency and how the operations of the Agency are
affected/influenced by environmental factors.(e.g., Political Environment, Social
Environment, Legal and Regulatory Environment, Technological Environment)
F. PROGRAMS/ PROJECTS/ ACTIVITIES
Briefly describe the Agency’s major/significant programs/projects/activities for the year

including the expected outputs and budget allocation and initial evaluation on whether
the expected outputs are in line with the objectives and strategies of the agency and the
budget allocation is appropriate using the Financial Accountability LogFrame attached as
Appendix 2-2B.
G. ACCOUNTING POLICIES
Brief description of key accounting policies applied, including financial reporting

standards/financial reporting framework (e.g. IPSAS, PFRS)
H. RESULTS OF PREVIOUS AUDIT
Significant audit findings included in the financial, compliance, and performance audit
reports that have financial implications
1) Audit opinion/s rendered on the agency for the last three years and the reason for
qualifications, if any
2) Financial management rating of the auditor on the auditee
63
I. RECENT DEVELOPMENT/NEWS
RECENT DEVELOPMENT/NEWS IMPACT ON THE AGENCY

 Source (e.g. Inquirer/date)  Subject to Congressional inquiry
 Court/COA/CSC Decisions  Subject to Ombudsman case
UTA Summary
The UTA Summary shall include the entity risks which should be summarized in the
Summary of Preliminary Identification of Risks:
a) UTA Reference – States the part/component of the UTA where the information was
taken from.
b) Identified Agency Risk – Indicates the agency risks identified while understanding
the agency.
c) Impact on the FS – States the impact of risk to the FS and the specific amount if it
materializes based on your initial understanding.
UTA Ref. Identified Agency Risk Impact on the FS and the specific amount
64
Appendix 2-2A. Critical Processes Template
Critical Processes Condition, Facts, Flowchart Ref./ Analysis

Criteria Risk Statement
(Accounting and Operations) Reality Narrative Process (Impact/Effect to FS)
(4) (6)
(1) (2) (3) (5)
1) Critical Processes – Processes identified in the UTA with financial impact

2) Condition, Facts, Reality – Describe the system and its functions/use/ per interview
3) Flowchart reference/Narrative process – Indicate flowchart reference Nos. or narrative process
4) Criteria – Rules and regulations/standards relating to the processes and good internal control practices
5) Analysis – Comparison of No. 2 and No. 4
6) Risk Statement – Risks linkage to financial statement assertions
Critical Processes Summary:

65
Appendix 2-2B. Financial Accountability LogFrame
Particulars 1 2 3
Accountable Planning, Monitoring and Knowledge Management Policy Development and Coordination Division Partnership Development Division
Operational Units Division
Program Monitoring and Evaluation Reports prepared through AFC Consultations for policy development Volunteer management, capacity develop
research studies and social mobilization
Outputs expected  No. of M&E Reports 324  No. of policy agenda 17  No. of projects showcased
(efficiency targets)  No. of M&E Reports disseminated 6300  No. of consultations/workshops 833  No. of stakeholder collaborations
facilitated supported
 No. of M&E system maintained 1  No. of consultations supported 1716  No. of partnership agreements
facilitated
 No. of evaluative study conducted 3  No. of policy briefs/reviews 12
 No. of website updated 1  No. of local issues resolved 147
 No. of website visits 20000  No. of plans/profiles 14
 No. of knowledge products 30244
disseminated (publications and
 No. of database system 3
developed/updated
Budget by object of Consultancy services - 8,350,000 Traveling Expenses – Local - 4,661,000 Traveling Expenses – Local - 8,617,000
expenditures Traveling expenses - 5,469,000 Consultancy Services - 8,000,000 Training Expenses - 3,946,000
Donations - 3,712,000 Representation Expenses - 7,071,000 Awards/Rewards Expenses - 1,560,000
Other MOOE - 5,518,000 Donations - 13,281,000 Other Professional Services - 10,083,000
Printing and Publication - 1,369,000 Traveling Expenses – Foreign - 1,694,000 Representation Expenses - 5,904,000
Other MOOE - 5,518,000 Other MOOE - 1,443,000
Budget PS 6,005,000.00 8,115,000.00 8,083,0
allocated MOOE 24,418,000.00 40,225,000.00 31,553,0
Total 30,423,000.00 48,340,000.00 39,636,0
LogFrame Summary
66
Appendix 2-3. Agency-Level Controls Checklist
AGENCY-LEVEL CONTROLS CHECKLIST

Agency/Project : Name
Audit Period : January 1 to December 31, 20xx
Internal Control Component Yes No NA Remarks

I. Control Environment
1. Management demonstrates personal and professional integrity and ethical values.
1.1 Management should establish and communicate the integrity and ethical values of the agency.
a) Management’s actions influence others to behave and respond in ways that are
deemed valuable and appropriate to their agency’s outcomes.
b) Management promotes the primacy of public interest in the performance of
duties.
c) Management develops, regularly reviews, and updates manual that addresses
expectations regarding agency’s practices and ethical behaviors; disciplinary
policies and procedures; and methods of reporting fraud, other misconduct, etc.
d) Management’s commitment to integrity and ethical behavior is communicated
effectively throughout the agency, both in words and deeds. This may be
achieved through oral communications in meetings, via one-on-one discussions,
and by example in day-to-day activities.
e) Management and staff are familiar with the importance of high ethics and
controls.
f) Existing and new employees are provided with the code of ethics/conduct.
g) There are appropriate policies regarding agency’s practices, conflicts of interest,
and code of conduct that are established and communicated.
h) The agency conducts value development programs for its officials and
employees in order to strengthen their commitment to the public.
i) The following subjects, among others, are included in the agency’s programs
and other parallel efforts on value development:
 Ethical and moral values;
 Rights, duties, and responsibilities of public servants; and
 Socio-economic conditions prevailing in the country.
1.2 Management and staff should exhibit a supportive attitude toward internal control at all times throughout the agency.
a) The head of agency or the governing body shows concern for integrity and
ethical values.
b) The agency adopts innovative programs and continually conducts
experimentation/research on measures to motivate officials and employees in
raising the level of observance of public ethical standards.
c) There is a mechanism in place to regularly educate and communicate to
management and employees the importance of internal controls, and to raise
their level of understanding of controls.
1.3 Every officer and employee in the agency should maintain and demonstrate personal and professional integrity and ethical
values, and has to comply with the applicable code of conduct at all times.
a) Management acts to remove or reduce incentives, opportunities, or temptations
that may prompt personnel to engage in dishonest, illegal, or unethical acts.
b) Coverage of ethical dilemmas, ethical failures, and ethical successes are
included in the agency’s newsletter, bulletin, or other printed forms.
c) All employees are aware that all forms of fraudulent acts against the agency will
result in administrative and criminal investigations.
d) The agency conducts continuing refresher courses, seminars, and/or
67
workshops to promote high standards of ethics in the public service.
e) There is a committee or officer designated to conduct investigation over
disciplinary matters.
f) The agency promulgates rules and regulations governing expeditious, fair, and
equitable judgment of employees’ complaints or grievances in accordance with
the policies enunciated by the Civil Service Commission (CSC).
g) The head of agency or the governing body ensures that the policy on fiscal
responsibility is faithfully adhered to in all the financial affairs, transactions, and
operations of the agency.
2. Management sets the “tone at the top.”
2.1 The “tone at the top” should reflect management’s commitment, involvement, and support toward internal controls in the
agency.
a) Management creates an internal audit service as part of the internal control
system.
b) Management provides sufficient resources to carry out internal controls.
c) Management leads by example with respect to good governance, risk
management, and internal controls.
d) Management sets a good example through its own actions and its conduct,
reflecting what is proper rather what is acceptable or convenient.
e) Values of the agency and creation of roles and responsibilities with respect to
good governance, risk management, and internal controls are communicated
from the top as key values of the agency.
f) Management commits to provide appropriate attention to internal controls,
including the effects of information systems processing.
g) The head of agency or the governing body gives adequate consideration to
understanding management’s processes for monitoring risks affecting the
agency.
h) The head of agency or the governing body represents an informed, vigilant,
and effective overseer of the financial reporting process and the agency’s
internal control, including information systems processing and related computer
controls.
i) The agency implements the government-wide Quality Management Program.
j) Management shows a positive and supportive attitude toward the functions of
accounting, information management systems, personnel operations,
monitoring, and internal and external audits and evaluations.
2.2 The code of conduct, counseling, and performance appraisals should support the internal control objectives and, in particular,
the objective of “ethical operations.”
a) The head of agency ensures that officials and employees attend value
development programs and participate in parallel value development efforts.
b) The head of agency or the governing body ensures adherence to the principle
that public office is a public trust.
c) A code of conduct/ethics can support and enable the desired types of employee
behavior and point out the consequences of violating the principles of the code.
d) Management continually reinforces its principles in word and deed, with training
programs, model behavior, and by taking appropriate actions in response to
violations.
e) The agency establishes performance evaluation system.
2.3 Agency’s policies, procedures, and practices should promote orderly, ethical, economical, efficient, and effective conduct of
operations.
a) There are control features interwoven into, and making an integral part of each
system in the agency that management can use to regulate and guide its
operations.
b) The agency adopts and implements control policies and measures on the
following:
68
 delegation of authority and supervision;
 segregation of functions for processing, reviewing, recording, custody,
and approval;
 access to resources and records;
 completeness and integrity of transaction documents and reports;
 verification of transactions; and,
 reconciliation of records and data.
c) The agency takes appropriate measures to promote transparency and
accountability in the management of public finances.
d) The design and implementation of an agency’s quality management system are
influenced by the following:
 organizational environment;
 changes in that environment and the risks associated with that
environment;
 varying needs;
 particular objectives;
 services it provide;
 processes it employ; and
 size and organizational structure.
e) Management’s development of accounting estimates tends to be conservative
and is consistent with objective and fair reporting.
f) Manuals of procedures are in use.
g) The agency has written policies on, but not limited to, the following:
 delegation or assumption of duties when an employee is absent;
 annual vacations for all staff;
 obtaining background or reference for new staff;
 training programs for employees; and,
 rotation of employees.
h) The agency requires designated official/s to regularly monitor or review
compliance with the requirements of loan contracts, trust agreements, and
similar contracts.
i) The agency complies with the policies, standards, and guidelines promulgated
by the CSC to promote economical, efficient, and effective personnel
administration in the government.
2.4 Personnel should be reminded periodically of their obligations under an operative code of conduct issued by the
management.
a) All employees are provided with updated code of ethics/conducts, at least
yearly, and receive periodic training on the application of the code.
b) All personnel are aware that the agency’s control environment is within the
framework of public service accountability, where government, its partners, and
agents assume fiduciary responsibilities toward the public they serve.
2.5 Overall performance appraisals should be based on an assessment of many critical factors, including the employees’ role in
effecting internal control.
a) Management sets realistic (i.e., not unduly aggressive) financial targets and
expectations for operating personnel.
b) The agency’s operating units are able to achieve the expected results and
contribute to the achievement of its sectoral or societal goals.
c) The agency establishes its Performance Evaluation System (PES) or other
applicable tools based on an objectively measured output and the performance
of personnel and units, such as the Performance Management System-Office
Performance Evaluation System developed by the CSC.
d) The head of agency or the governing body has evaluated on a continuing basis
the quantitative and qualitative measures of its performance as reflected in the
69
units of work measurement and other indicators of agency performance,
including the standard and actual costs per unit of work.
3. Management establishes an appropriate government organizational structure.
3.1 The organizational structure should clearly define key areas of authority and responsibility, and establish appropriate lines of
reporting.
a) The organizational structure is appropriately centralized or decentralized given
the nature of its operations, and management has clearly articulated the
considerations and factors taken into account in balancing the degree of
centralization versus decentralization.
b) Key areas of authority and responsibility are defined and communicated
throughout the agency.
c) Reporting relationships have been established and have effectively provided
officers or personnel concerned with the information they need to carry out
their responsibilities and perform their jobs.
d) Management periodically evaluates the organizational structure and makes
changes, as necessary, in response to changing conditions.
e) Job descriptions and performance evaluations contain specific references to
internal control-related duties, responsibilities, and accountability.
3.2 Management should develop and communicate policies to employees to ensure that they understand or are aware of the
following:
3.2.1 their duties and responsibilities;
3.2.2 how their individual actions interrelate and contribute to the agency’s objectives;
3.2.3 the authority they are delegated; and
3.2.4 how and for what they will be held accountable.
a) Authority and responsibility are clearly defined throughout the agency and are
clearly communicated to all employees.
b) There are written job descriptions, reference manuals, or other forms of
communication to inform personnel of their duties.
c) Job descriptions clearly indicate the degree of authority and accountability
delegated to each position and the responsibilities assigned.
d) There are adequate policies and procedures for authorization and approval of
transactions at the appropriate level.
e) The head of agency or the governing body:
 promulgates administrative issuances necessary for the efficient
administration of the offices under them and for the proper execution of
the laws relative thereto;
 exercises disciplinary powers over officers and employees under them in
accordance with law;
 appoints all officers and employees of the agency (except those whose
appointments are vested in the President or in some other appointing
authority); and
 delegates authority to officers and employees in accordance with EO No.
292 or the law creating the agency.
f) The authority and responsibility for the agency’s operations, as may be
necessary to implement the plans and programs, are adequately delegated by
the head of agency or the governing body to the bureau and regional directors,
or their equivalent.
 the delegation is in writing;
 it has indicated to which officer or class of officers or employees the
delegation is made; and
 it has vested sufficient authority to enable the delegate to discharge his
assigned responsibility.
g) Assignment of responsibilities is clear, including responsibilities for information
system processing and program development.
70
h) There is an appropriate structure for assigning ownership of data, including
who is authorized to initiate and/or change transactions. Ownership is assigned
for each application and database within the IT infrastructure.
i) There is an appropriate segregation of incompatible activities (i.e., separation of
accounting for, and access to assets).
3.3 Management should develop and maintain documentation of its internal control system to facilitate the establishment and
communication of the who, what, where, and why of internal control execution.
a) Job descriptions and performance evaluations contain specific references to
internal control-related duties, responsibilities, and accountability.
b) Levels of authority and responsibility are documented by way of written policy
and, more generally, through the agency’s organizational chart.
c) Employee job descriptions clearly document the authority level of each
employee.
4. Management exhibits commitment to competence.
4.1 Management should establish policies and procedures in hiring staff with the necessary skills and knowledge.
a) Existing policies and procedures have resulted in recruiting and developing
competent and trustworthy people, necessary to support an effective internal
control structure.
b) The agency establishes, administers, and maintains qualification standards.
c) The establishment, administration, and maintenance of qualification standards
are with the assistance and approval of the CSC.
d) The degree of qualifications of an officer or employee is determined based on
the qualification standards of a particular position.
e) The qualification standards express the minimum requirements for a position in
terms of education, training and experience, civil service eligibility, physical
fitness, and other qualities required for successful performance.
4.2 Management should establish policies and procedures that current staff receives adequate ongoing training, mentoring, and
supervision.
a) Personnel have sufficient competence and training necessary for their assigned
level of responsibility or the nature and complexity of the agency’s mandate.
4.3 Management should establish policies and procedures in determining the level of knowledge and skill needed to help ensure
orderly, ethical, economical, efficient and effective performance, as well as a good understanding of individual responsibilities
with respect to internal control.
a) Job performance is periodically evaluated and reviewed with each employee.
4.4 Management should have defined succession and contingency plans for key roles in the agency so it can continue to achieve
its objectives, whether there are sudden personnel changes or just the need for training personnel for the long-term
replacement of critical positions.
a) Management develops a manual that addresses continuity plan for succession
and contingencies.
b) Management establishes criteria for employee retention and considers the effect
to operations if a large number of employees are expected to leave or retire in a
given period.
c) Management develops contingency plans to ensure that candidates for
succession are trained for assuming the target role so that internal controls will
not lapse.
5. Management establishes human resource policies and practices.
5.1 Management should establish human resource policies and practices, incorporating the methods by which people are hired,
trained, evaluated, compensated, and promoted.
a) Policies and procedures are clear and these are issued, updated, and revised
on a timely basis. They are effectively communicated to personnel at
decentralized and/or foreign locations.
b) The mission, goals, and objectives of the agency are clearly communicated to
all personnel.
c) Background checks are conducted on candidates for employment.
71
5.2 Hiring and staffing decisions should exemplify assurance that individuals recruited have the integrity, proper education, and
experience required to carry out their jobs; and that the necessary formal, on-the-job, and ethics trainings are provided.
a) There are trainings/orientations for new employees, or current employees when
starting a new position, to discuss the nature and scope of their duties and
responsibilities. Such trainings/ orientations include a discussion of specific
internal controls they are responsible for.
b) Management demonstrates commitment to provide personnel with sufficient
accounting and financial training, to keep pace with the growth and/or
complexity of the agency.
c) Employees receive guidance, review, and on-the-job training from supervisors
to help ensure proper workflow and processing of transactions and events,
reduce misunderstandings, and discourage wrongful acts.
5.3 Management should enforce transparency in recruitment, performance appraisal, and promotion processes.
a) Openness of the selection processes should be secured, by publishing both the
recruitment rules and vacant positions, to help realize ethical human resource
management.
b) There are screening procedures for job applicants.
c) Management formulates and enforces a system of measuring and evaluating
periodically and objectively the performance of the agency, and submits the
same annually to the required authority.
d) Management provides appropriate bases for compensation, promotion, and fair
incentives to help ensure integrity and adherence to ethical values.
II. RISK ASSESSMENT
6. Management identifies and defines objectives and risk tolerance in specific and measurable terms.
6.1 Management defines objectives in specific and measurable terms.
a) Agency objectives are established, communicated, and monitored.
b) The key elements of the agency’s strategic plan are communicated throughout
the agency.
c) All employees have a basic understanding of the agency’s overall strategy,
strategic plan, and objectives.
6.2 Management considers internal expectations and external requirements when defining objectives.
a) In establishing the internal context, the agency considers an understanding of
the following:
 capabilities of the agency in terms of resources and knowledge;
 information flows and decision-making processes;
 internal stakeholders;
 objectives and the strategies that are in place to achieve them;
 perceptions, values, and culture;
 policies and processes;
 standards and reference models adopted by the agency; and
 structures.
6.3 Management considers the risk tolerances in the context of the agency’s applicable laws, regulations, and standards.
a) Management considers how much risk it is willing to accept when setting
strategic direction and strives to maintain risk within those levels.
b) Management has a risk assessment framework in place.
c) The agency’s risk assessment is fully integrated into the other components of
risk management process, which includes the following:
 communication and consultation;
 establishing the context;
 risk assessment (comprising risk identification, risk analysis, and risk
evaluation);
 risk treatment; and
 monitoring and review.
72
7. Management identifies, evaluates, and assesses agency’s risks.
7.1 Management identifies all risks that may occur (internal or external factors) at both the agency and activity levels.
a) Management identifies the causes and sources of the risk (hazard in the context
of physical harm), events, situations, or circumstances which can have a
material impact upon objectives and the nature of that impact.
b) Management identifies the likelihood of the risks happening and the impact or
consequence when these happen.
c) Management reviews the risk assessment and considers actions to mitigate the
significant risks identified.
d) Management considers the presence (or absence) and the effectiveness of any
existing controls in determining the risk’s consequences and probabilities.
e) In establishing the external context, Management considers familiarization with
the environment in which the agency and the system operates, including the
following:
 cultural, political, legal, regulatory, financial, economic, and competitive
environment factors whether international, national, regional, or local;
 key drivers and trends having impact on the objectives of the agency; and
 perceptions and values of external stakeholders.
f) Internal audit service (or another group within the agency) performs periodic (at
least annual) risk assessment.
7.2 Management adopts appropriate tools for the analysis and assessment of risks.
a) Management develops an adequate mechanism for identifying operations risks,
including those resulting from the following:
 entering new programs or lines of operation;
 offering new products and services;
 privacy and data protection compliance requirements; and
 other changes in the agency, economic, and regulatory environment.
b) Management performs periodic review to anticipate and identify routine events
or activities that may affect the agency’s ability to achieve its objectives and
address them.
7.3 Management considers the potential risks related to fraud and corruption.
a) Management designs an overall risk response and specific actions for
responding to fraud risks.
b) Management includes fraud risk management programs as part of the agency’s
governance structure.
c) Management assesses fraud risk exposure periodically to identify specific
potential schemes and events that the agency needs to mitigate.
d) Management establishes prevention mechanisms and techniques to avoid
potential key fraud risk events and, where feasible, to mitigate possible impacts
on the agency.
e) Management establishes detection techniques to uncover fraud events when
preventive measures fail or unmitigated risks are realized.
f) Management establishes a reporting process to solicit input on potential fraud,
and a coordinated approach to investigation and corrective action should be
used to help ensure potential fraud is addressed appropriately and timely.
g) There are processes to ensure that accounting department is aware of
significant transactions with related parties, so it can determine if such
transactions are appropriately accounted for and disclosed.
8. Management determines appropriate response to the identified, evaluated, and assessed agency’s risks.
8.1 Management designs appropriate response to the relevant agency’s risks.
a) The head of agency or governing body oversees and monitors the risk
assessment process and takes action to address the significant risks identified.
8.2 Management identifies, analyzes, and responds to significant changes that could impact the internal control system.
73
a) The accounting department has a process for identifying and addressing
changes in IPSAS/PFRS, as well as for approving changes in accounting
principles and policies.
b) There are groups or individuals who are responsible for anticipating or
identifying changes with possible significant effects on the agency.
c) There are processes in place to inform appropriate levels of management about
changes with possible significant effects on the agency.
d) Management reports to the head of agency or the governing body on changes
that may have a significant effect on the agency.
e) There are processes to ensure that the accounting department is aware of
changes in the operating environment, so it can review the changes and
determine what, if any, effect the change may have on the agency’s accounting
practices.
f) There are channels of communication between the accounting department
and/or individual(s) in charge of monitoring regulatory rules, so the accounting
department is aware of regulatory changes that could affect the agency’s
accounting practices.
g) The head of agency or the governing body reviews and approves significant
changes in the agency’s accounting practices.
h) Management works with the agency’s independent auditors or other third party
experts to determine if it is addressing complex changes in IPSAS/ PFRS
appropriately.
i) Budgets/forecasts are updated during the year to reflect changing conditions.
III. CONTROL ACTIVITIES
9. Management designs control activities which are appropriate, consistently functioning according to plan throughout the
period, cost-effective, comprehensive, reasonable, and directly related to the control objectives.
9.1 Controls are in the right place and commensurate to the risk involved.
a) Management establishes policies and procedures to address risks and to
achieve the agency’s objectives.
b) Management identifies all relevant objectives and associated risks for each
significant activity, in conjunction with conducting the risk assessment and
analysis function.
c) Management identifies the actions and control activities needed to address the
risks and directs their implementation.
9.2 Controls are complete, practicable, and directly addressing the identified control objectives.
a) Management establishes control activities pertaining to top-level management
review, human resources management, information systems management,
physical asset management, and performance measurement
9.3 Controls are complied with by all employees involved and not bypassed in the absence of key personnel.
a) Management establishes policies to ensure that duties are logically divided or
segregated (whether manually or through appropriate set up of information
technology [IT] applications) among different people to reduce the risk of fraud
or inappropriate actions.
b) The organizational charts and written job descriptions adequately define the
lines of authority, duties, and accountability of all personnel.
c) The IT organizational chart clearly reflects areas of responsibility and lines of
reporting and communication.
9.4 The cost of implementing the control does not exceed the benefits derived.
a) Management sets clear objectives in terms of budget and other financial and
operating goals. These objectives are clearly written and communicated
throughout the agency, and are actively monitored.
10. Management develops control activities which include a range of diverse policies and procedures.
10.1 Management develops and undertakes diverse range of policies and procedures needed to address risks in achieving
agency’s objectives.
74
a) Management develops policies, and procedures including the following:
 top level reviews and performance;
 authorization and approval procedures;
 segregation of duties;
 control over access to resources and records;
 verifications;
 reconciliations;
 reviews of operations, processes and activities;
 management of human capital;
 establishments of controls for physical assets and vulnerable assets; and
 documentations.
10.2 Management designs control activities at the appropriate level of agency’s organizational structure.
a) There is an appropriate segregation of incompatible activities (e.g., separation
of accounting functions from access to assets; IT operation functions separate
from systems and programming; and database administration function separate
from applications and systems programming).
b) Management designs its control activities at the agency level, transaction level,
or both, depending on the level of precision needed to ensure achievement of
objectives and address risks in the operations.
c) Management designs a variety of transaction control activities for operational
processes which include verifications, reconciliations, authorizations and
approvals, physical control activities, and supervisory control activities.
11. Management develops effective information technology control activities.
11.1 Management designs an effective information system and use of information technology.
a) Management designs appropriate general and application controls to ensure
proper operations of agency’s information systems.
11.2Management designs appropriate type of control activities to help ensure complete and accurate information processing.
a) Management creates a plan and establishes a structure that clearly describes
the agency’s security management program and policies, and the procedures
that support it, including procedures for the secured storage and disposal of
sensitive information.
b) Management designs controls that limit or detect access to computer resources
(data, programs, equipment, and facilities) to safeguard against loss,
unauthorized modification, and disclosure.
c) Management designs controls that prevent unauthorized programs or
modifications to existing programs.
d) Management designs controls that limit and monitor access to the powerful
programs and sensitive files that control the computer hardware and secure
applications supported by the system.
e) Management establishes policies, procedures, and organizational structure to
prevent one individual from controlling all key aspects of computer-related
operations, and thereby conducting unauthorized actions or gaining
unauthorized access to assets or records.
f) Management designs a service continuity plan to ensure that when unexpected
events occur, critical operations continue without interruption; are promptly
resumed; and critical and sensitive data are protected.
g) Management designs application controls that ensure data to be considered are
authorized, converted to an automated form, and entered into the application in
an accurate, complete, and timely manner.
h) Management designs application controls that ensure data are properly
processed by the computer, and files are updated correctly.
i) Management designs controls that ensure files and reports generated by the
application reflect transactions or events that actually occurred; reflect
75
accurately the results of processing; and the reports are controlled and
distributed to the authorized users.
IV. INFORMATION AND COMMUNICATION
12. Management develops and maintains reliable and relevant financial and non-financial information.
12.1An array of pertinent, reliable, and relevant information should be identified.
a) Management obtains and identifies internally generated information, critical to
achieving the agency’s objectives, including information relative to critical
success factors.
b) Management obtains and communicates to all, any relevant external information
that may affect the achievement of its missions, goals, and objectives.
c) Agency is able to prepare accurate and timely financial reports, including interim
reports.
12.2Information should be captured and communicated in a form/content and timeframe that enable people to carry out their
internal control roles and other responsibilities.
a) Relevant information are identified, captured, and communicated in a
form/content and timeframe that enable personnel to carry out internal controls
and other responsibilities.
b) Management’s objectives in terms of budget and other financial and operating
goals are defined and measurable.
c) Management uses communication methods which may include policy and
procedure manuals, management directives, memoranda, bulletin board
notices, internet and intranet web pages, videotaped messages, e-mails, and
speeches.
d) Management obtains information that is summarized and presented
appropriately, and provides pertinent information while permitting a closer
inspection of details as needed.
e) Management develops a mechanism that ensures information will be available
on a timely basis to allow effective monitoring of events, activities, and
transactions and to allow prompt reaction.
f) Actual results are measured against agency’s specific objectives.
12.3Transactions and events must be promptly recorded, properly classified, and fully and clearly documented.
a) There is a clearly identifiable audit trail within the agency.
b) There is a sufficient level of coordination between the accounting and
information system processing functions/ departments.
12.4Information systems deal not only with quantitative and qualitative forms of internally generated data, but also with information
about external events, activities, and conditions necessary for informed decision-making and reporting.
a) The agency’s financial management ensures and monitors user involvement in
the development of programs, including the design of internal control checks
and balances.
b) The agency’s officers and employees concerned receive both operational and
financial information to help them determine whether they are meeting the
strategic and annual performance plans, and the agency’s goals for
accountability of resources.
13. Management communicates information throughout the agency.
13.1Information can be communicated in a verbal, written, and/or electronic form.
a) There is a process to quickly disseminate critical information throughout the
agency, when necessary.
13.2Communication occurs in all directions – flowing down, across, and up the agency – throughout all components and the entire
structure.
a) The lines of authority and responsibility (including lines of reporting) within the
agency are clearly defined and communicated.
b) Policies and procedures are established for, and communicated to personnel at
decentralized locations (including foreign operations).
c) Communication flows down, across, and up the agency, throughout all
76
components and the entire structure.
d) Employees believe they have adequate information to complete their job
responsibilities.
e) Employees’ specific duties are clearly communicated to them, and they
understand the relevant aspects of internal control, how their roles fit into it, and
how their work relates to the work of others.
f) Employees are informed that when the unexpected occurs in performing their
duties, attention must be given not only to the event but also to the underlying
cause, so that potential internal control weaknesses can be identified and
corrected before these can do further harm to the agency.
g) Acceptable behavior versus unacceptable behavior and the consequences of
improper conduct are clearly communicated to all employees.
h) Personnel have a means of communicating information upstream within the
agency through someone other than a direct supervisor, and there is a genuine
willingness to listen on the part of management.
i) Mechanisms exist to allow the easy flow of information down, across, and up the
agency; and easy communications exist between/among functional activities
such as between procurement activities and production activities.
14. Management communicates information with external parties.
14.1Management provides adequate means of communicating with, and obtaining information from external parties.
a) The agency provides a citizen’s charter showing procedures or flow of
documents.
b) The chart is posted in conspicuous places in the department, office, or agency
for the information and guidance of all concerned.
c) All information are classified, summarized, and disseminated on a regular basis.
d) The agency establishes mechanisms to gather feedback and suggestions on
the efficiency, effectiveness, and economy of frontline services.
14.2Management establishes separate reporting line, where it is necessary.
a) Confidential and sensitive information are restricted to those individuals who
need them.
b) Personnel understand that there will be no reprisals for reporting adverse
information, improper conduct, or circumvention of internal control activities.
c) There is a process for employees to communicate improprieties. The process is
well communicated throughout the agency.
d) The process allows for anonymity of individuals who report possible
improprieties.
e) There are processes for reporting improprieties and actions taken to address
them to senior management, the head of agency, or the governing body.
14.3Agency’s method of communication considers the audience to be reached, the nature and availability of the information, the
cost, and the legal or regulatory requirements.
a) Ownership is assigned to a member of management to help ensure that agency
responds appropriately, timely, and accurately to communications with
customers, vendors, regulators, and other external parties.
b) The agency institutes mechanisms by which clients may adequately express
their complaints, comments, or suggestions such as in hotline numbers, short
message service, or information and communication technology.
c) The agency communicates frequently with its constituents or the public it serves
and stakeholders to ensure continual understanding of their requirements,
needs, and expectations.
d) The head of agency or the governing body establishes measures and standards
that will ensure transparency of, and openness in public transactions; e.g.,
biddings, purchases, other internal transactions, including contracts, status of
projects, and other matters involving public interest.
e) The head of agency or the governing body establishes information system that
77
will inform the public of the following:
 policies, rules, and procedures;
 work programs, projects and performance targets;
 performance reports; and
 all other documents classified as public information.
f) The Citizens’ Charter is posted at its office’s main entrance or at the most
conspicuous place, and in the agency’s Seal of Transparency.
g) The Citizens’ Charter includes the following information:
 Vision and mission of the government office or agency;
 Identification of the frontline services offered and the clientele;
 The step-by-step procedure to obtain a particular service;
 The officer or employee responsible for each step;
 The maximum time to conclude the process;
 Document/s to be presented by the client with a clear indication of the
relevance of said document/s;
 The amount of fees, if necessary;
 The procedure for filing complaints in relation to requests and applications,
including the names and contact details of the officials/ channels to
approach for redress;
 Allowable period for extension due to unusual circumstances (i.e.,
unforeseen events beyond the control of government office or agency
concerned); and
 Feedback mechanisms, contact numbers to call, and/or persons to
approach for recommendations, inquiries, suggestions, as well as
complaints.
h) There is a process for tracking communications with customers, vendors,
regulators, and other external parties.
V. MONITORING ACTIVITIES
15. Management establishes and operates activities to monitor the internal control system, and evaluates the results.
15.1Management establishes a baseline to monitor the internal control system.
a) The agency provides routine feedback and monitoring of performance and
control objectives strategies.
b) The agency has plans for periodic evaluations of control activities in critical
operational and support systems.
c) Procedures are in place to monitor if controls are overridden and to determine if
the override was appropriate.
d) Management reviews control processes to ensure that the controls are being
applied as expected.
e) Issues, information, and feedback concerning internal control raised at trainings,
seminars, planning sessions, and other meetings are considered and used by
management to address problems or strengthen the internal control structure.
15.2Management considers ongoing monitoring activities, separate evaluations, or a combination of both, in the conduct of
assessment.
15.2.1 Ongoing activities
a) The agency establishes an internal audit service.
b) The internal audit function is independent (in terms of authority and reporting
relationships) of the activities it audits.
c) The internal audit unit regularly assesses the effectiveness of the internal
controls.
d) The monitoring of internal control occurs in the course of the normal, recurring
operations of the agency.
e) The scope of activities of internal audit service is appropriate, given the nature,
size, and structure of the agency.
78
f) The scope of planned activities of internal audit service is reviewed in advance
by the head of agency or the governing body.
g) The methodology used may include self-assessments using checklists,
questionnaires, or other similar devices/tools.
15.2.2 Separate evaluations
a) There has been a recent quality assurance review of the internal audit function
by an external party such as, but not limited to, the Commission on Audit
auditors.
b) The external party conducting the assessment gains sufficient understanding of
the agency’s missions, goals, objectives, and its operations and activities.
c) The external party gains an understanding of how the agency’s internal control
is supposed to work and how it actually works.
d) The external party analyzes the results of the evaluation/ assessment against
established criteria.
16. Management takes appropriate actions on the findings and recommendations of audit and other reviews.
16.1Deficiencies noted during ongoing monitoring or through separate evaluations are communicated to those positioned to take
necessary action.
a) Management is responsive to the findings and recommendations of audits and
other reviews aimed at strengthening internal control
b) Executives with the proper authority evaluate the findings and
recommendations, and decide upon the appropriate actions to take to correct or
improve control.
c) Policies/procedures are in place to assure that corrective action is taken, on a
timely basis, when control exceptions occur.
16.2The findings and recommendations of audits and other reviews are adequately and promptly resolved.
a) All reported potential improprieties are reviewed, investigated, and resolved on
a timely manner.
b) Management is kept informed through periodic reports on the status of audit and
reviews resolution so that it can ensure the quality and timeliness of individual
resolution decisions.
Note: Please provide documents for all “Yes” answers.
ALCC SUMMARY EVALUATION
AOM REF.
OBSERVATIONS RECOMMENDATIONS
NO./WP
Prepared by:
Date
Reviewed by:
Date
79
Appendix 2-3A. Control Activities – Cash Receipts checklist
INTERNAL CONTROL QUESTIONNAIRE (ICQ) YES NO REMARKS
1) Does the organization structure provide a clear-cut separation of
cashiering function from accounting function?
2) Are the employees of the cashier’s office denied access to accounting
records? Is the collecting officer closely supervised by a responsible
officer of the agency?
3) Are all accountable officers given instructions regarding their duties and
responsibilities?
4) Do accountable officers keep a file of COA and other circulars pertaining
to their work?
5) Are the collecting officer and other employees handling cash provided
with safe?
6) If so, is the duplicate combination of the safe filed with an authorized
official?
7) Is the combination of the safe changed whenever there is a change of
custodian?
8) Is the cashier office amply protected against intrusion by unauthorized
persons?
9) Are all employees handling cash adequately bonded?
10) Are surprise cash counts frequently made by department examiners?
11) Are official receipts booklets used? If so,
a)Are these pre-numbered?
b)Are the booklets issued in numerical sequence?
c) Is the form of payment indicated in the receipts?
d)Is the numerical sequence of issued officials receipts and booklets
checked by the accounting department?
e)Is a register of forms maintained? If so, is it kept up-to-date?
f) Are unused booklets physically safeguarded?
12) Are official receipts issued for every receipt of payment?
13) Is it the practice of collecting officer not to accept postdated checks
payment of charges or fees?
14) Are collections deposited intact and as frequently as required by
regulations?
15) Is the person making deposit escorted by armed guards and provided
with transportation facilities?
16) Are items of deposit subsequently dishonored by the Bank/Treasury
promptly adjusted in the collecting officers’ records?
ACCOUNTING UNIT
17) Are both the totals and details of bank authenticated duplicate deposit
slip matched by the accounting department against the corresponding
official receipts?
18) Are totals of bank-authenticated deposit slips compared with the debit to
respective bank accounts in the book of original entry?
19) Are all cash funds and cash receipts compared with the debit to
respective bank accounts in the book of original entry?
20) Are collection and deposits recorded daily in the cash book?
21) Is the cash book balance compared daily with the cash on hand?
22) Are collection reports submitted regularly to the accounting division?
80
INTERNAL CONTROL QUESTIONNAIRE (ICQ) YES NO REMARKS
23) Is reconciliation made monthly of the collecting officer’s book balance
and the accounting subsidiary ledger balance?
Name of Process/System
Results of Walkthrough
Source of the Gap

ICQ Ref. Description of the
(Weakness - absence of control; Breakdown - no Effect Risk Response
No. Gap
evidence that the control was applied)
Prepared by:
Date
Reviewed by:
Date
81
Appendix 2-4. General Accounting Plan
Subsidy from
Cash Pre- Intangible
FS Revenues National Expenses Receivables Fund Transfer Investments Inventory PPE Liabilities Equity
Advances payments Assets
Government
Source -OR, Stubs, Tickets, NCA, NTA, Authority, DV Billing MOA, DV, Investment DV, DR, Contacts, DV, DR, DV, DR, DV, DR, Reports and
Document Credit Memo, CDC, NCAA, DV, Statement ADA/ Documents IAR, RSMI MOA, IAR, IIRUP, IAR/Repo IAR, Billing documents
Deposit Slips, Deed RANCA/ liquidation liquidation such as Agency Report on rt of lost/ Statements,
of Donation, Directly RANTA documents/ documents bonds, Procurement Lost/Stolen damaged/ MOA,
deposited, CRDC- Report of security Request equipment, destroyed Contracts
from bank, List of disbursemen certificates (APR), DV, Police property/
Deposited t etc. Report on Report/ Approved
Collections, Deposit utilization of Authority to authority
Slips expired dispose
portion
Summari- -Report of collections RANCA/ RCI, RDAI Report of cash None RCI, RADAI None RSMI RCI, RADAI RCI, RCI, CkDJ Applicable
zing report and deposits (RCD) RANTA disbursements, RADAI RADAI reports
-Consolidated Report RCI, Report of such as
of Daily Collections ADA Issued RCD, RCI,
(CRDC-from bank) (RADAI) RADAI, etc.
Basis of JEV JEV JEV JEV JEV JEV JEV JEV JEV JEV JEV JEV JEV
Recording
Books of CRJ GJ CkDJ/ CDJ, CkDJ General SA-CkDJ, CkDJ, CkDJ, CkDJ, CkDJ, CkDJ, CkDJ, GJ
Original General Journal/ ADADJ, ADADJ ADADJ, GJ ADADJ, GJ ADADJ, GJ ADADJ, ADADJ, GJ
Entry Journal CRJ IA-CRJ, GJ GJ
Subsidiary By nature of By MDS By By By For SA: By By By By By specific By By specific By nature of
Ledger collections/revenue/r account Accountable nature/recipient debtors nature/IA nature/term nature/sup nature/credit account specific account/cre adjustment
eceipts Officer s For IA: By s/investee/i plies/accou or/debtor (e.g. account ditor
nature/SA nvestor nt Buildings)
Book of General Ledger (GL) GL GL GL GL GL GL GL GL GL GL GL GL
Final Entry
Monitoring FAR No. 5, BS, BRS RANCA, Report on FAR-1, 1a, 2, Aging Aging Fund RPCI, Lapsing LS, Schedules Aging, Schedules
Reports RANTA, BS, Unliquidated 2a, 3, 4, Schedules Schedules, Managers Inventory of schedules RPCPPE, LDDAP by nature of
BRS Cash BS, BRS Unliquidated Report, semi- (LS) IIRUP adjustment
Advances/ Fund Transfers, schedules expendables
Aging RBUD-for IA
schedule
Note: Not all documents are applicable to all agencies.
82
Appendix 2-5. Variance Analysis of Financial Statements
(For illustration purposes, using selected accounts only)
Variance Possible
FS Account 20xy 20xx
Amount % risks
Cash Collecting 20,000,000.00 15,000,000.00 5,000,000.00 33.30

Officers
Cash in Bank 171,500,000.00 198,550,000.00 (27,050,000.00) 13.60 Possible
unadjusted
reconciling
items
PPE 720,000,000.00 600,000,000.00 120,000,000.00 20.00
Due from NGAs 400,000,000.00 380,000,000.00 20,000,000.00 5.30
Due from LGUs 90,000,000.00 85,010,000.00 4,990,000.00 5.87
Due from officers and 20,000,000.00 19,800,000.00 200,000.00 1.00
employees
Office Supplies 5,000,000.00 4,000,000.00 1,000,000,00 25.00 Possible
Inventory unrecorded
issuances
of supplies
Construction in 659,870,000.00 709,000,000.00 (49,130,000.00) 6.93
Progress
Vehicles/Motor 16,877,900.00 17,671,800.00 (793,900.00) 4.50
Vehicles
Loans Receivable- 79,506,420.00 75,453,010.00 4,053,410.00 5.37
Local Government
Units
Due from NGOs/POs 280,000,000.00 100,000,000.00 180,000,000.00 180.00 Additional
fund
transfers
with
unrecorded
liquidations
Subsidy Income from 1,977,775,640.00 1,889,415,640.00 88,360,000.00 4.68
National Government
Travel expenses 98,566,489.00 85,422,489.00 13,144,000.00 15.39
Salaries and Wages 759,875,555.00 744,230,555.00 15,645,000.00 2.10
Consultancy Services 6,500,000.00 7,000,000.00 500,000.00 7.14
83
Appendix 2-6. Summary Report on the Preliminary Identification of Risks
Inherent Risk Assessment Significant

WP Conditions Possible Assertion Accounts
Information Source
ref noted risks affected Level of Overall IR Risk affected
Likelihood Impact
(L/H) (Y/N)
1. a. Annual Audit Reports
b. Performance audit report
c. Cash examinations reports
d. Evaluation/ Investigation
Reports on Emerging
Issues/Fraud Audit Reports
e. Property Audit
f. Personnel Audit
g. NSs/NDs/NCs
h. Unadjusted prior audit reflected
in PY Financial Audit Reports
i. BRS
2. Internal Audit Office Reports
3. Recommendation Tracking Sheet
4. Agency-level Controls Checklist
5. Financial Analysis
a. Variance Analysis
b. Tie-in Analysis
6. General Accounting Plan
7. Results of Fraud Risk Analysis
8. Results of evaluation of risks from
non-compliance with laws, rules and
regulations
9. Results of assessment of related
party transactions
84
Appendix 2-7. Template on Determining Materiality Level
(Template from COA Resolution No. 2019-016 dated June 25, 2019)
Agency Name
Audit Period
Audit Team/ Group
Cluster/Region, Sector
Check one. (General Guidelines F to G)

 will determine and use: planning materiality,
Stand-Alone Agency performance materiality, testing threshold and
Annual Audit Report threshold for clearly trivial matters
 for: planning, execution and reporting phases
Regional Office / Component  will determine and use: planning materiality,

Management Letter/ Summary of Audit performance materiality, testing threshold and
Observations and Recommendations threshold for clearly trivial matters
(whichever may be applicable)  for: planning and execution phases
 will determine and use: planning materiality,
performance materiality, testing threshold and
Head/Central Office (itself) threshold for clearly trivial matters
Management Letter (if applicable)  for: planning and execution phases
 using: estimates based on the financial statements of
the head office before consolidation
 will determine and use: overall planning materiality
Whole Agency / Whole Group  for: reporting phase
Consolidated Annual Audit Report  using: estimates based on the consolidated/combined
financial statements of the whole agency
A. BASIS of COMPUTATION (General Guidelines C)
The auditor used the previous year’s financial statements as s/he sees that the current year’s
financial results are likely to be the same
The auditor used the interim financial statements for the period January 1 to .
The auditor used annualized balances (see Definition of Terms, Item No. 20)
Others: The auditor used estimates based on

___________________________________________________________________
___________________________________________________________________
B. OVERALL PLANNING MATERIALITY

85
1. Choose an appropriate benchmark (Specific Guidelines A.1.1)
Total Assets
Total Expenditure
Total Revenue
Benchmark used Equity
Total Liabilities
Retained Operating Surplus
Profit Before Tax
Reason(s) for benchmark selection (Specific Guidelines A.1.1.1-3)
Consider the following:
 The elements of the financial statements by which users will be interested in and will focus on
 The nature of the entity, its ownership structure and the way it is financed
 The relative volatility of the benchmark
2. Choose which percentage to use, whether the lower or higher end (Specific Guidelines A.1.2)
Percentage of Benchmark Selected

Check one.
Percentage Reasons for percentage selection (Specific
Benchmark Lower Higher Guidelines A.1.2)
Total Assets 0.5% 1%
Total Expenditure 0.5% 2%
Total Revenue 0.5% 2%
Equity 1% 2%
Total Liabilities 1% 2%
Retained Operating Surplus 1% 5%
Profit before tax 1% 5%
3. Compute the overall planning materiality (Specific Guidelines A.1.3)
Benchmark (PhP) Percentage Overall Planning Materiality

(PhP)
(a) (b) (a x b)
86
C. OVERALL PERFORMANCE MATERIALITY
1. Compute the extent of misstatements in the previous year (Specific Guidelines A.2.1)
Total Misstatements in Overall planning materiality of the Extent of misstatements in
previous year (PhP) current year (PhP) (Template B.3) previous year (%)
(a) (b) (𝑎) x 100
𝑏
2. Select percentage to be used (Specific Guidelines A.2.2)

Performance Materiality
Extent of misstatements
(% of planning
in previous year
materiality)
0 – 40% 80%
40.01 – 100% 60%
Above 100% 50%
3. Compute the overall performance materiality (Specific Guidelines A.2.3)

Overall Planning Materiality Percentage Overall Performance
(PhP) (Template C.2) materiality (PhP)
(Template B.3)
(a) (b) (a x b)
D. SPECIFIC PLANNING and PERFORMANCE MATERIALITY
1. Determine whether it is necessary to apply specific planning materiality (Specific

Guidelines A.3.1)
Total Assets
Total Expenditure
Total Revenue
Particular class of transaction / account
balance/ disclosure Equity
Total Liabilities
Profit Before Tax
Amount (PhP)
87
Reason/s for setting specific planning materiality
Select and explain at least one, whichever is/are applicable
Laws, regulations or the requirements of
the applicable financial reporting
framework affect users’ expectations
Key disclosures in relation to the industry
in which the entity operates
Disclosures of significant events and
important changes in operations
2. Determine percentage to use (Specific Guidelines A.3.2)

Classes of transactions, account Percentage
balances or disclosures
Total Assets 0.125%
Total Expenditure
Total Revenue
Equity 0.25%
Total Liabilities
Profit Before Tax
3. Compute the specific planning materiality (Specific Guidelines A.3.3)
Class of transactions, account Specific Planning Materiality

Percentage
balance or disclosure (PhP) (PhP)
(a) (b) (a x b)
4. The value of specific planning materiality shall be lower than the overall planning materiality;
otherwise, specific planning materiality shall not be set.
5. If a specific planning materiality is set, determine specific performance materiality
(Specific Guidelines A.3.5)
Specific Performance
Specific Planning Materiality Percentage
(PhP) materiality (PhP)
(a) (b) (a x b)
88
E. TESTING THRESHOLD (Specific Guidelines A.4)
Percent of
performance
Risk of Material Testing Threshold
materiality
Accounts Misstatement (Col. 3 x Performance
used
(From ARAPT) materiality)
(Table 5 of
guidelines)
(1) (2) (3) (4)
F. THRESHOLD for CLEARLY TRIVIAL MATTERS (if necessary) (Specific Guidelines A.5)
1. Select a percentage of the overall planning materiality to use as the threshold for clearly trivial matters
(0.25-0.5%)
2. Compute threshold for clearly trivial matters
Overall Planning Materiality Percentage

(Template B.3) (PhP) (0.25-0.5%) Threshold for clearly trivial matters
(PhP)
(a) (b) (a x b)
Prepared by: Reviewed by:
Audit Team Leader Date Supervising Auditor Date
Approved by:
Cluster/Regional Director Date
89
Indicate if thresholds were revised during the conduct of the audit and before evaluation of
misstatements (Specific Guidelines C):
Revised? Reason/s (Specific Guidelines C.1)

Yes No
Overall Planning
Materiality
Overall Performance
Materiality
Specific Planning
Materiality
(if applicable)
Materiality
(if applicable)
*Use additional sheet/s if necessary

If revised, state details of revisions.
Initial amount Final amount Remarks
Overall Planning Materiality
Overall Performance
Materiality
Specific Planning Materiality
(if applicable)
Materiality (if applicable)
Audit Team Leader Date Supervising Auditor Date
Approved by:
Cluster/Regional Director Date
90
Appendix 2-8. Results of Risk Assessment at the Assertion Level
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Risk Response

Type of
Trial Balance Inherent Risks Inherent Risk Assessment Assessment of Controls Overall Risk
Test of Substantive Test
of Material Level of
Control Test
Level of Risk Level of Misstatemen Substantive Analytic
Likelihoo Impac Significa Design and s of
Conditions Overall Controls/ Control t (RMM= Test al
d t nt Risk implementation (TOC) Detail
Final relative to IR Controls Risk (CR) IR×CR) Review
Assertion s
Accou Unaudite inherent to
s (Strong,
nt Title d risk Mitigate W
Affected Sound, (Extensive/
Balance susceptibilit IR P
(L/H) (L/H) (L/H) (Y/N) Adequate, (L/H) (Mi/L/Mo/H) (Y/N) Less (Y/N) (Y/N)
y Re
Inadequate Extensive)
f
/ None)
Note Step 1 to 3 done in the preliminary identification of risks
Working Paper on Assessment of Controls

Design and Implementation Assessment
Area of Responsibility/
Risk Control Sample Transaction Result of Test of Design and Implementation Indicate: Strong, Sound, Level of Control Risk
Control Owner
(Ex. Gaps/Control Weaknesses) Adequate, Inadequate/ None (L/H)
Note: The auditor will give a conclusion on the “Level of Control Risk” to be indicated in the RRAAL based on the Walkthrough Results.
1) Risk Control – Internal Control to mitigate or eliminate the Inherent /significant risks
2) Area of responsibility/Control Owner – division/department/person who is doing this control
3) Sample Transaction – In order to do the walk-through procedure, we need a sample of the transaction (JEV/DV/OR)
4) Result of Test of Design and Implementation – Gaps/control weaknesses identified by the auditor after performance of procedures to test design effectiveness include a mix of inquiry of
appropriate personnel, observation of the company's operations, and inspection of relevant documentation
5) Design Assessment and Implementation Assessment (Strong, Sound, Adequate, Inadequate/ None ) - Results of assessment (if the Control design is inadequate or none the auditor does not
need to Test the control effectiveness) In the NGS the GAM sets the control designs for financial reporting
6) Level of Control Risk – the auditor’s assessment based on the Walkthrough Results
Prepared by: _______________________________ _______________________

Date
Reviewed by: _______________________________ _______________________
Date
91
92
Appendix 2-9. Audit Program
Account :
Risk Statement :
Assertions :
Criteria :
Audit Objective :
WP
Audit Procedures Staff Responsible Mandays
Ref.
Prepared by: (ATL) Date:
Reviewed by: (SA/RSA) Date:
93
Appendix 2-10. Engagement Planning Memorandum
Engagement Planning Memorandum

For _________________________________
Audit coverage ________________________
Date
Prepared by:
Reviewed by:
Approved by:
Part 1 – Audit Coverage, Objective and Methodology
Part 2 – Significant contents of the Overall Audit Strategy
Part 3 – Summary of major accounts and assertions for audit considerations
Part 4 – Audit Program
94
Section 3
Audit Execution Phase
1. During this Phase, the audit activities contained in the approved EPM and the Audit Programs are
pursued to ensure that audit procedures are performed as planned and on time. The steps to be
taken follow:
I. Execute Audit Tests

A. Determining the Nature, Timing and Extent of Audit Procedures
A.1. Performing test of controls
A.2. Performing substantive procedures
B. Preparing audit documentation and gathering audit evidence
C. Addressing risk areas that need specific considerations
D. Summarizing proposed audit adjustments and evaluating effects in the audit opinion
II. Summarize Audit Observation and Recommendation and Communicate with Those Charged
with Governance
A. Areas for consideration in summarizing audit observations
B. Communicate with Those Charged with Governance
C. Elements of audit observation
D. Performing review of overall audit work
E. Tracking status of prior years’ recommendation
III. Conduct Exit Conference
I. Execute Audit Tests
2. Under the Audit Execution Phase, audit procedures listed in the Audit Program attached to the EPM
shall be pursued/conducted.
A. Determining the Nature, Timing and Extent of Audit Procedures
3. The nature, timing and extent of the audit procedures should be based on and be responsive to the
assessed risks of material misstatement at the assertion level.
4. The nature of an audit procedure refers to the purpose of the audit which is either test of controls
or substantive procedure, and the type of audit procedures to be performed. The types of audit
procedures are classified as inspection, observation, inquiry, confirmation, reperformance,
recalculation, and analytical procedures. By type, the first four procedures usually pertain to tests of
controls and the last three to substantive procedures. Substantive procedures can either be
analytical procedures or test of details.
5. Timing of an audit procedure refers to when the audit procedure is performed, or the period or
date to which the audit evidence applies.
a. The auditor may perform audit procedures at an interim date or at period end.
95
If substantive procedures are performed at an interim date, the auditor shall cover the
remaining period by performing:
i. (a) substantive procedures, combined with tests of controls for the intervening period;
or
ii. (b) if the auditor determines that it is sufficient, further substantive procedures only,
that provide a reasonable basis for extending the audit conclusions from the interim date to the
period end. (ISSAI 2330, para. 22)
b. The higher the risk of material misstatement, the more likely it is that the auditor may decide it
is more effective to perform substantive procedures nearer to, or at, the period end rather than
at an earlier date, or to perform audit procedures unannounced or at unpredictable times.
If misstatements that the auditor did not expect when assessing the risks of material
misstatement are detected at an interim date, the auditor shall evaluate whether the related
assessment of risk and the planned nature, timing or extent of substantive procedures covering
the remaining period need to be modified. (ISSAI 2330, para. 23)
c. This is particularly relevant when considering the response to the risks of fraud. It may be better
to perform audit procedures before the period end so the auditor can identify significant
matters at an early stage of the audit, and consequently resolve them with the assistance of
management or by developing an effective audit approach to address such matters.
d. Certain audit procedures can be performed only at or after period end, for example:
i. Reconciling the FS with the accounting records;
ii. Examining adjustments made during the course of preparing the FS; and
iii. Performing procedures to respond to a risk that, at period end, the entity may have entered
into improper contracts or transactions that may not have been finalized.
6. Extent of an audit procedure refers to the quantity of audit procedures to be performed, sample
size of population to be tested, or the number of observations of a control activity.
a. The extent of necessary audit procedures is determined after considering the materiality
threshold, the assessed risk, and the degree of assurance the auditor plans to obtain.
b. In general, the extent of audit procedures increases as the risk of material misstatement
increases. To cite an example, in response to the assessed risk of material misstatement due to
fraud, increasing sample sizes or performing substantive analytical procedures at a more
detailed level may be appropriate.
c. However, increasing the extent of an audit procedure is effective only if the audit procedure
itself is relevant to the specific risk.
96
d. The use of CAATs may enable more extensive testing of electronic transactions and account
files, which may be useful when the auditor decides to modify the extent of testing, say, in
responding to the risks of material misstatement due to fraud. Such techniques can be used to
select sample transactions from key electronic files, to sort transactions with specific
characteristics, or to test an entire population instead of a sample.
7. In determining the extent of tests to be performed, the auditor may apply non-sampling or sampling
technique. In case of sampling technique, either statistical or non-statistical sampling may be
adopted.
a. Non-sampling is applied when all the items in an audit population are to be audited. To
illustrate:
i. Audit objective: to determine the causes for material changes in financial statement account
balances as of end of the year under audit compared with the past year balances.
ii. Items covered: all financial statement accounts.
b. Audit sampling, as defined by ISSAI 2530, is the application of audit procedures to less than 100
percent of items within a population of audit relevance providing a reasonable basis on which
to draw conclusions about the entire population. When designing an audit sample, the
auditor’s consideration includes the specific purpose to be achieved and the combination of
audit procedures that is likely to best achieve that purpose. Consideration of the nature of the
audit evidence sought and possible deviation or misstatement conditions or other
characteristics relating to the audit evidence will assist the auditor in defining what constitutes
a deviation or misstatement and what population to use for sampling. Sampling as an approach
may either statistical sampling or non-statistical sampling.
i. Statistical sampling is an approach with two characteristics: random selection of the sample
items and the use of probability theory to evaluate sample results including measurement of
sampling risks (ISSAI 2530, para. 5 (g)). Statistical based formulas/tables are used to
determine sample size considering population, confidence level, precision; and expected
rate of error considered acceptable. Statistical sampling is used in the following instances:
 to determine the sample size especially in auditees with very large volume of
homogenous transactions; and
 when the sampling results are likely to be included in the audit report to support an
adjustment or qualification.
c. Statistical sampling following the procedures described in Appendix 1 of ISSAI 2530 provides
that:
 Audit efficiency may be improved if the auditor stratifies a population by dividing it into
discrete sub-populations which have an identifying characteristic. The objective of
stratification is to reduce the variability of items within each stratum and therefore allow
sample size to be reduced without increasing sampling risk.
97
 When performing tests of details, the population is often stratified by monetary value.
This allows greater audit effort to be directed to the larger value items, as these items
may contain the greatest potential misstatement in terms of overstatement. Similarly, a
population may be stratified according to a particular characteristic that indicates a
higher risk of misstatement, for example, when testing the allowance for doubtful
accounts in the valuation of accounts receivable, balances may be stratified by age.
 The results of audit procedures applied to a sample of items within a stratum can only be
projected to the items that make up that stratum. To draw a conclusion on the entire
population, the auditor will need to consider the risk of material misstatement in relation
to whatever other strata make up the entire population. For example, 20 percent of the
items in a population may make up 90 percent of the value of an account balance. The
auditor may decide to examine a sample of these items. The auditor evaluates the results
of this sample and reaches a conclusion on the 90 percent of value separately from the
remaining 10 percent (on which a further sample or other means of gathering audit
evidence will be used, or which may be considered immaterial).
 If a class of transactions or account balance has been divided into strata, the
misstatement is projected for each stratum separately. Projected misstatements for each
stratum are then combined when considering the possible effect of misstatements on the
total class of transactions or account balance.
ii. Non-statistical sampling is an approach where samples are not drawn randomly but rather
judgmentally and where probability is not applied. Samples are selected based on the
auditor’s informed assessment of how many samples will be required to yield a reasonably
reliable result. Samples may be carried out: (a) systematically (every nth item say beginning
with the number 3); (b) unsystematically (pulling files from a cabinet without any selection
criteria); or (c) according to the auditor’s judgment (picking large or unusual items from a
computer report). Non-statistical sampling is used when any of these conditions exist:
 the line item/account is not material;

 the risk of material misstatement is low;
 the analytical procedures are effective; and,
 when the sample size needed is small so that the use of statistical sampling becomes very
costly.
8. In the application of appropriate sampling methodology, the auditor shall be guided by the sampling
guidelines covered by a separate issuance.
A.1 Performing Test of Controls
9. ISSAI 2330 states that the auditor shall design and perform tests of controls to obtain sufficient
appropriate audit evidence as to the operating effectiveness of relevant controls if:
a. The auditor’s assessment of risks of material misstatement at the assertion level includes an
expectation that the controls are operating effectively (that is, the auditor intends to rely on the
operating effectiveness of controls in determining the nature, timing and extent of substantive
procedures); or
98
b. Substantive procedures alone cannot provide sufficient appropriate audit evidence at the
assertion level.
10. The operating effectiveness of relevant controls can be tested using the following steps:
a. Identifying appropriate controls to be tested.

b. Deciding on the appropriate testing technique.
c. Determining the appropriate documents to be tested.
d. Determining the level of test (period to be covered, representative sample, extent).
e. Examining evidence/documents to determine whether controls have been properly
implemented.
f. Summarizing and documenting the results of evaluation.
11. The auditor should test the operating effectiveness of a control by determining whether the control
is operating as designed and whether the person performing the control possesses the necessary
authority and competence to perform the control effectively.
12. In the previous example of journal entry recording and approval, although there are two different
individuals preparing, and reviewing and approving the journal entry, the design may not be
operating effectively, if the one preparing and/or the one reviewing and approving, or both, do not
have the necessary authority and competence to do their respective responsibilities.
13. The Control Design may be tested in the following manner:
i. Inquiring – ask appropriate people;

ii. Observing – watch them do the operation or do the particular steps; and,
iii. Inspecting relevant documents – get a copy of the report, look through the pages or
items and the comments that the reviewer made.
14. In designing and performing tests of controls, the auditor shall obtain more persuasive audit
evidence the greater the reliance the auditor places on the effectiveness of a control.
15. The auditor shall (a) perform other audit procedures in combination with inquiry to obtain audit
evidence about the operating effectiveness of the controls, including how the controls were applied
at relevant times during the period under audit, the consistency with which they were applied, and
by whom or by what means they were applied; and (b) determine whether the controls to be tested
depend upon other controls (indirect controls) and, if so, whether it is necessary to obtain audit
evidence supporting the effective operation of those indirect controls. (ISSAI 2330, para. 10)
16. The auditor shall test controls for the particular time, or throughout the period, for which the
auditor intends to rely on those controls in order to provide an appropriate basis for the auditor’s
intended reliance. If the auditor obtains audit evidence about the operating effectiveness of controls
during an interim period, the auditor shall obtain audit evidence about significant changes to those
controls subsequent to the interim period; and determine the additional audit evidence to be
obtained for the remaining period. If the auditor plans to rely on controls over a risk the auditor has
determined to be a significant risk, the auditor shall test those controls in the current period. (ISSAI
2330, para. 11, 12, and 15)
99
A.2 Performing Substantive Procedures
17. To reduce audit risk to acceptable level, the auditor should conduct substantive procedures in order
to detect material misstatements in the assertion level. These comprise of tests of details and
analytical procedures.
18. Irrespective of the assessed risks of material misstatement, the auditor shall design and perform
substantive procedures for each material class of transactions, account balance, and disclosure.
(ISSAI 2330 para. 18)
19. The auditor shall consider whether external confirmation procedures are to be performed as
substantive audit procedures. (ISSAI 2330, para. 19)
Test of Details
20. The auditor shall evaluate the results of sampling using the test of details. An unexpectedly high
misstatement amount in a sample may cause the auditor to believe that a class of transaction or
account is materially misstated, in the absence of further evidence that no material misstatement
exists.
21. Tests of details are categorized into two types: (a) test of transactions; and (b) test of details of
account balances and disclosures.
a. Test of Transactions
22. This requires substantive test of transactions to test errors or fraud in individual transactions and is
used to verify the monetary value of transactions and to obtain reasonable assurance that the
accounting records are accurate, reliable, complete, properly classified and presented, actually took
place, and recorded within the correct reporting period.
23. The auditor’s approach in substantive tests of transactions is to inspect underlying documents, to
trace the flow of transactions through the system and to recompute for mathematical accuracy. The
direction of the trace determines the objective to be satisfied. For example, tracing from a source
document to the accounting record provides evidence of completeness of the accounting records,
that is, it detects errors of understatement.
24. Tracing from the accounting record to the source document (commonly called vouching) provides
evidence of occurrence, that is, it detects errors of overstatement. Usually some tests are made in
both directions.
25. The extent of testing in a particular direction depends on the auditor’s judgment of the likelihood of
error. When an error is detected, the auditor needs to consider the cause of the error and
determine whether any change is called for in the planned nature and extent of testing. (Please
refer to Table 6 – Assertions in Considering Misstatements regarding transaction level assertions.)
b. Test of Details of Account Balances and Disclosures
100
26. This requires substantive testing of the ending balance of a general ledger to provide reasonable
assurance of the completeness, existence, rights and obligations, accuracy, valuation and allocation,
classification and presentation of accounts.
27. External confirmation is one of the procedures adopted in substantive tests. This procedure is used
to address assertions associated with account balances and their elements and to confirm terms of
agreements, contracts, or transactions between an agency and other parties.
28. When using external confirmation procedures, the auditor shall maintain control over external
confirmation requests, including: (a) Determining the information to be confirmed or requested; (b)
Selecting the appropriate confirming party; (c) Designing the confirmation requests, including
determining that requests are properly addressed and contain return information for responses to
be sent directly to the auditor; and (d) Sending the requests, including follow-up requests when
applicable, to the confirming party.
29. In preparing confirmation requests, the following factors should be considered, among others (ISSAI
2505):
a. The specific risks and assertion/s being addressed
b. Layout and presentation of confirmation requests - The auditor may request the respondent
only to indicate whether he or she agrees with the information stated on the request. In other
positive forms, referred to as blank forms, the amount (or other information) is not stated on
the confirmation request, and instead, the recipient is requested to fill in the balance or furnish
other information.
c. Prior experience on the sending of confirmations in previous audits: response rates, knowledge
of misstatements identified during prior years' audits, and any knowledge of inaccurate
information on returned confirmations. For example, if the auditor has experienced poor
response rates to properly designed confirmation requests in prior audits, the auditor may
instead consider obtaining audit evidence from other sources.
d. Method of communications—by mail, email or personal service
e. Management’s authorization or encouragement to the confirming parties to respond to the

auditor
f. The ability of the intended confirming party to confirm or provide the requested information.
When designing confirmation requests, the auditor should consider the types of information
respondents will be readily able to confirm, since the nature of the information being confirmed
may directly affect the competence of the evidence obtained as well as the response rate. For
example, certain respondents' accounting systems may facilitate the confirmation of single
transactions rather than of entire account balances. In addition, respondents may not be able to
confirm the balances of their installment loans, but they may be able to confirm whether their
payments are up-to-date, the amount of the payment, and the key terms of their loans.
30. In case no replies were received, the auditor shall apply alternative procedures to the non-responses
to obtain the evidence necessary to reduce audit risk to an acceptably low level.
101
a. For accounts receivable, this may include examination of subsequent cash receipts (including
matching such receipts with the actual items being paid), shipping documents, or other client
documentation to provide evidence for the existence assertion.
b. For accounts payable, this may include examination of subsequent cash disbursements,
correspondence from third parties, or other records to provide evidence for the completeness
assertion.
31. Types of external confirmation: (2008 Auditing Handbook A130 ISA 505f)
a. Positive confirmation request – a request that the confirming party respond directly to the
auditor indicating whether the confirming party agrees or disagrees with the information in the
request, or providing the requested information. A response to a positive confirmation request
ordinarily is expected to provide reliable audit evidence. There is a risk, however, that a
confirming party may reply to the confirmation request without verifying that the information is
correct. The auditor may reduce this risk by using positive confirmation requests that do not
state the amount (or other information) on the confirmation request, and ask the confirming
party to fill in the amount or furnish other information. On the other hand, use of this type of
“blank” confirmation request may result in lower response rates because additional effort is
required of the confirming parties.
Example of Positive Confirmation: A confirmation letter tells a confirming party that based on
records, its year-end balance of accounts receivable is PhP500,000.00. If the client company
agrees with this amount, it replies to the auditor to confirm the supplied information. If the
amount is incorrect, the confirming party replies to inform the auditor of the correct amount or
information.
b. Negative confirmation request – a request that the confirming party respond directly to the
auditor only if the confirming party disagrees with the information provided in the request.
Example of Negative Confirmation: A confirmation letter tells a confirming party that based on
records, its year-end balance of accounts receivable is PhP500,000.00. If the confirming party
agrees with this amount, it does not have to contact the auditor to confirm the supplied
information. The auditor will then assume that the confirming party agrees with the information
presented to it in the confirmation. Otherwise, it replies to inform the auditor of the correct
amount or information
Negative confirmations provide less persuasive audit evidence than positive confirmations.
Accordingly, the auditor shall not use negative confirmation requests as the sole substantive
audit procedure to address an assessed risk of material misstatement at the assertion level
unless all of the following are present:
a) The auditor has assessed the risk of material misstatement as low and has obtained sufficient
appropriate audit evidence regarding the operating effectiveness of controls relevant to the
assertion;
b) The population of items subject to negative confirmation procedures comprises a large
number of small, homogeneous account balances, transactions or conditions;
102
c) A very low exception rate is expected; and
d) The auditor is not aware of circumstances or conditions that would cause recipients of
negative confirmation requests to disregard such requests.
If Management refuses to allow the auditor to send a confirmation request, the auditor shall:
inquire as to management’s reasons for the refusal, and seek audit evidence as to their validity
and reasonableness; evaluate the implications of management’s refusal on the auditor’s
assessment of the relevant risks of material misstatement, including the risk of fraud, and on the
nature, timing and extent of other audit procedures; and perform alternative audit procedures
designed to obtain relevant and reliable audit evidence.
The auditor shall evaluate whether the results of the external confirmation procedures provide
relevant and reliable audit evidence, or whether further audit evidence is necessary.
When evaluating the results of individual external confirmation requests, the auditor may
categorize such results as follows:
a) A response by the appropriate confirming party indicating agreement with the information
provided in the confirmation request, or providing requested information without exception;
b) A response deemed unreliable;
c) A non-response; or
d) A response indicating an exception.
The auditor shall investigate exceptions to determine whether or not they are indicative of
misstatements.
Illustration 3. Sample Working Paper on the Evaluation of Confirmation Replies

Confirmation Amount
Remarks
Letter No. Per Books Per Confirmation Variance
001 PhPxxx PhPxxx PhPxxx
004 - 050 PhPxxx PhPxxx PhPxxx
Total Amount PhPxxx PhPxxx PhPxxx
Audit Notes:

Date: Date:
32. The auditor should evaluate the combined audit evidence provided by the confirmations and the
alternative procedures to determine whether sufficient audit evidence has been obtained about all
the applicable financial statement assertions. In performing that evaluation, the auditor should
consider (a) the reliability of the confirmations and alternative procedures; (b) the nature of any
exceptions, including the implications, both quantitative and qualitative, of those exceptions; (c) the
audit evidence provided by other procedures; and (d) whether additional audit evidence is needed.
If the combined audit evidence provided by the confirmations, alternative procedures, and other
103
procedures is not sufficient, the auditor should request additional confirmations or extend other
tests, such as tests of details or analytical procedures.
33. Situations where external confirmation procedures may provide relevant audit evidence in
responding to assessed risks of material misstatement include:
a. Bank balances and other information relevant to banking relationships;

b. Accounts receivable balances and terms;
c. Inventories held by third parties at bonded warehouses for processing or on consignment;
d. Property title deeds held by financiers for safe custody or as security;
e. Investments purchased from stockbrokers but not delivered at the reporting date;
f. Amounts due to lenders, including relevant terms of repayment and restrictive covenants; and,
g. Accounts payable balances and terms.
34. There are some assertions for which external confirmations provide less relevant audit evidence,
such as relating to the recoverability of accounts receivable balances, than they do for their
existence.
35. When the auditor determines whether an opinion can be expressed on the financial statements, the
auditor should evaluate any limitations on the nature, extent, or timing of work performed. If
management refuses to allow the auditor to send a confirmation request, the auditor shall: (ISSAI
2505, para. 8)
a. Inquire as to management’s reasons for the refusal, and seek audit evidence as to their validity
and reasonableness;
b. Evaluate the implications of management’s refusal on the auditor’s assessment of the relevant
risks of material misstatement, including the risk of fraud, and on the nature, timing and extent
of other audit procedures; and
c. Perform alternative audit procedures designed to obtain relevant and reliable audit evidence.
36. The auditor may determine that external confirmation procedures performed for one purpose
provide an opportunity to obtain audit evidence about other matters. For instance, confirmation
requests for bank balances often include requests for information relevant to other financial
statement assertions. Such considerations may influence the auditor’s decision about whether to
perform external confirmation procedures.
37. Factors that may assist the auditor in determining whether external confirmation procedures are to
be performed as substantive audit procedures include:
a. The confirming party’s knowledge of the subject matter;
b. The ability or willingness of the intended confirming party to respond:
i. May consider responding too costly or time consuming;

ii. May have concerns about the potential legal liability resulting from responding;
iii. May account for transactions in different currencies; or,
iv. May operate in an environment where responding to confirmation requests is not a
significant aspect of day-to-day operations. In such situations, confirming parties may not
104
respond, may respond in a casual manner or may attempt to restrict the reliance placed on
the response.
c. The objectivity of the intended confirming party such that if the confirming party is a related
party of the entity, responses to confirmation requests may be less reliable.
38. The auditor’s substantive procedures shall include the following audit procedures related to the
financial statement closing process:
a. Agreeing or reconciling information in the financial statements with the underlying accounting
records, including agreeing or reconciling information in disclosures, whether such information
is obtained from within or outside of the general and subsidiary ledgers; and
b. Examining material journal entries and other adjustments made during the course of preparing
the financial statements. (ISSAI 2330, para. 20, a and b)
39. To assist the auditor in reviewing the completeness of disclosures in the Notes to Financial
Statements the Checklist on IPSAS/PFRS Disclosures shall be accomplished. (Annex 1 and 2)
Analytical Procedures
40. Analytical procedures are defined in the ISSAI 2520 as the means of evaluating financial information
through analysis of plausible relationships among both financial and non-financial data. Analytical
procedures also encompass such investigation necessary to identify fluctuations or relationships
that are inconsistent with other relevant information or that differ from expected values by a
significant amount.
41. These are used to obtain evidential matter about particular assertions related to account balances
or classes of transactions. In some cases, analytical procedures can be more effective or efficient
than tests of details for achieving particular substantive testing objectives.
42. Following are examples of sources of information for the conduct of analytical procedures:
a. Financial information for comparable prior period(s) giving consideration to known changes;
b. Anticipated results—for example, budgets, or forecasts including extrapolations from interim or
annual data;
c. Relationships among elements of financial information within the period;
d. Information regarding the industry in which the client operates—for example, gross margin
information; and,
e. Relationships of financial information with relevant non-financial information.
43. The most common types of analytical procedures conducted are trend analysis, ratio analysis, and
reasonableness testing.
a. Trend analysis is the analysis of changes in an account over time. To illustrate:
105
Illustration 4. Sample Trend Analysis
Horizontal
Maintenance and other operating expenses (in
Vertical Analysis Analysis (Rate
thousand pesos) Remarks
of increase)
2017 2016 2015 2017 2016 2015 2017 2016
273
Traveling 800 560 150 2% 1% 0% 433%
%
835
Training 3,000 1,870 200 8% 4% 0% 1400%
% Examine cause of
100 increase
Office supplies 1,000 200 100 3% 0% 0% 900%
%
10,00
Rental expenses 5,000 5,000 14% 10% 21% -50% -50%
0
Light water and 900 Examine cause of
500 250 25 1% 0% 0% 1900%
telephone % increase
17,00
Consultancy services 5,000 17,000 14% 33% 35% -71% 0% Test of details
0
Repairs and
600 550 500 2% 1% 1% 20% 10%
maintenance
770 Examine cause of
Printing 300 870 100 1% 2% 0% 200%
% decrease
20,00
Representation 20,000 25,000 55% 49% 42% 0% 25% Test of details
0
48,07
Total 36,200 51,300 100% 100% 100%
5
b. Ratio analysis is the comparison across time or to a benchmark of relationships between

financial statements accounts and a non-financial data. Examples are contribution margin,
current ratio, days sales in inventory, accounts receivable turnover, debt ratio, debt to equity
ratio, inventory turn-over ratio, payable turn-over ratio, among others.
c. Reasonableness testing is the audit technique used to assess the reasonableness of accounting
transactions or events recorded in the FS by using two or more different sources of data or
information to predict accounting transactions or event. This means testing the validity of
financial information provided through analysis of accounts or changes in accounts between
accounting period involving development of a model to form an expectation based on financial
data, non-financial data or both. Examples are: i) matching the estimated payroll costs based on
the number of employees multiplied by fixed pay rates with the actual payroll costs incurred; ii)
comparing the balances of loans payable with the related interest expenses for the period; iii)
comparing the total rental contracts with the recorded rental income; and, iv) comparing the
total reported application for passports and the like with the recorded income.
44. When designing and performing substantive analytical procedures, either independently or in
combination with tests of details, the auditor shall:
a. determine the suitability of particular substantive analytical procedures for given assertions,
taking account of the assessed risks of material misstatement and tests of details, if any, for
these assertions;
106
b. evaluate the reliability of data from which the auditor’s expectation of recorded amounts or
ratios is developed, taking account of source, comparability, and nature and relevance of
information available, and controls over preparation;
c. develop an expectation of recorded amounts or ratios and evaluate whether the expectation is
sufficiently precise to identify a misstatement that, individually or when aggregated with other
misstatements, may cause the financial statements to be materially misstated; and,
d. determine the amount of any difference of recorded amounts from expected values that is
acceptable.
45. Substantive analytical procedures are conducted when the auditor considers the use of these
procedures as more effective and efficient than tests of details in reducing the risk of material
misstatements at the assertion level to an acceptably low level.
46. If analytical procedures performed identify fluctuations or relationships that are inconsistent with
other relevant information or that differ from expected values by a significant amount, the auditor
shall investigate such differences by: (a) inquiring from management and obtaining appropriate
audit evidence relevant to management’s responses; and (b) performing other audit procedures as
necessary in the circumstances.
Evaluating the Sample Results and Establishing Conclusion
47. As provided in ISSAI 2530, the auditor shall evaluate whether the use of the audit sampling has
provided a reasonable basis for conclusions about the population that has been tested. If the
auditor concludes that audit sampling has not provided a reasonable basis for conclusions about the
population that has been tested, the auditor may:
a. Request management to investigate misstatements that have been identified and the potential
for further misstatements and to make any necessary adjustments; or,
b. Tailor the nature, timing and extent of those further audit procedures to best achieve the
required assurance. For example, the auditor might extend the sample size, test an alternative
control or modify related substantive procedures.
48. Relationship of the results of substantive analytical procedures with the conclusion of the audit
The auditor shall design and perform analytical procedures near the end of the audit as guide when
forming an overall conclusion as to whether the financial statements are consistent with the
auditor’s understanding of the entity.
a. The conclusion drawn from the results of analytical procedures designed and performed are
intended to corroborate conclusions formed during the audit of individual components or
elements of financial statements. This assists the auditor to draw reasonable conclusions on
which to base the auditor’s opinion. (ISSAI 2520, para. A17)
107
If evaluation of the result of substantive analytical procedures discloses significant variances
that may lead to material misstatements, the auditor’s reasonable conclusion may be affected
which necessitates rendering a modified opinion.
b. The results of such analytical procedures may identify a previously unrecognized risk of
material misstatement. In such circumstances, ISSAI 2315 (Revised) requires the auditor to
revise the auditor’s assessment of risks of material misstatement and modify the further
planned audit procedures accordingly. (ISSAI 2520, para. A18)
49. Relationship of test of controls with substantive tests
a. Tests of controls and substantive tests of details of transactions and balances are both tests
involving transactions; in many instances transactions selected for examination are tested for
compliance with controls as well as determining whether monetary errors have occurred, giving
rise to the concept of dual-purpose testing.
b. Tests of controls and substantive tests of transactions are both usually performed for major
classes of transactions that are repetitive and large in volume. Tests of controls detect
departures from prescribed controls but do not directly measure monetary error in accounting
records. Substantive tests must be performed to determine whether monetary errors have
occurred based on the result of tests of controls, determines the extent of substantive tests
considered necessary. In a true dual-purpose test, different procedures are performed to satisfy
different objectives, but they are performed using the same documents at approximately the
same time.
c. Substantive tests of transactions and substantive tests of balances - If the account balance is
affected by many relatively small transactions, the auditor designs substantive tests of balances
directed to selected items (e.g. individual customers, inventory items) which aggregate to create
the ending balance. This commonly occurs for the accounts receivable and inventory balances.
To illustrate: If the auditor verifies the PhP250,000.00 ending balance of a receivable due from a
debtor through confirmation procedures, this is a substantive test of balances. If the auditor
verifies the peso value of the individual transactions comprising the PhP250,000.00 (such as by
verifying sales invoices and remittance advices associated with cash receipts transactions), this is
a substantive test of transactions.
d. Substantive tests of balances of statement of financial position accounts are generally preferred
because there are fewer items in the ending balance than there are transactions that affect the
balance, and there is generally more persuasive evidence available to support the ending
balance.
e. Note also that the substantive tests of balances of statement of financial position accounts
indirectly test the statement of financial performance account balances (sales and expenditure).
For example, the testing of accounts receivable will verify the sales that gave rise to this asset.
50. In the extremely rare circumstances when the auditor considers a misstatement or deviation
discovered in a sample to be an anomaly, the auditor shall obtain a high degree of certainty that
such misstatement or deviation is not representative of the population. The auditor shall obtain this
108
degree of certainty by performing additional audit procedures to obtain sufficient appropriate audit
evidence that the misstatement or deviation does not affect the remainder of the population.
51. The proposed working paper to summarize the results of substantive testing is presented in
Illustration 5.
Illustration 5. Proposed Summary WP in Substantive Test

Substantive Test
Extent of Testing ST Working Program Reference:

Extensive
Less Extensive
Summary of Test Results

Findings Recommendation ST W/P Ref. AOM Ref.
Conclusion:
B. Preparing Audit Documentation and Gathering Audit Evidence
B.1 Audit Documentation
52. The audit documentation serves as sufficient and appropriate record of the auditor’s basis for a
conclusion about the achievement of the overall objectives of the auditor. It also functions as
evidence that the audit was planned and performed in accordance with ISSAIs and applicable legal
and regulatory requirements.
53. Paragraph 3 of ISSAI 2230 also states that: “Audit documentation serves a number of additional
purposes, including the following:
a) Assisting the engagement team to plan and perform the audit.

b) Assisting members of the engagement team responsible for supervision to direct and supervise
the audit work, and to discharge their review responsibilities in accordance with ISSAI 2220.
c) Enabling the engagement team to be accountable for its work.
d) Retaining a record of matters of continuing significance to future audits.
e) Enabling the conduct of quality control reviews and inspections in accordance with ISQC 1 or
national requirements that are at least as demanding.
f) Enabling the conduct of external inspections in accordance with applicable legal, regulatory or
other requirements.”
54. The WPs may be in the form of paper, tapes, films, and other reliable storage and shall be
maintained in two copies (one for the office file and one for the ATL, as back-up copy). The audit
team’s custodian of the WPs shall be responsible for the updating/upgrading of the audit files and
providing a back-up copy for the ATL.
109
55. In the case of electronic files, the file naming standards of COA shall be adopted, if any, otherwise,
the audit team shall devise its own. Backup copies of all electronic WPs shall be maintained by the
audit team and stored separately from the original copies. Fraud investigation WPs shall not be
saved in the network common drive.
56. If, in exceptional circumstances, new or additional audit procedures are performed or a new
conclusion is drawn after the date of the auditor’s report, the auditor shall document:
a. The circumstances encountered;

b. The new or additional audit procedures performed, audit evidence obtained, and conclusions
reached, and their effect on the auditor’s report; and
c. When and by whom the resulting changes to audit documentation were made and reviewed.
(ISSAI 2300)
57. The audit work performed in respect of going concern throughout the performance of the audit
engagement and the conclusions reached by the auditor should be appropriately documented in the
audit file. In particular it is recommended that the following items are clearly recorded:
 The risk assessment procedures about going concern at the planning stage, including notes of
the discussion with management;
 A record of management’s assessment and assumptions;
 Details of audit evidence obtained;
 Specific events and conditions that may cast doubt about the going concern assumption and
details of further procedures performed;
 Details of identified material uncertainties about going concern;
 Written representations from management/owners about future plans and continued support
of the entity;
 Written representation from third parties about support of the entity;
 Evaluation and conclusions about the use of going concern and related disclosures in the
accounts and consequences for the auditor’s report.
B.1.1. Organization of Working Papers
58. Working papers should be properly titled, referenced and cross-referenced to supporting evidence
and signed by the preparer and the reviewer. To prove that the audit responded to the assessed
risks of material misstatements, audit procedures actually performed are summarized on the main
audit working papers of each FS account. Deviations to the planned audit procedures in terms of the
nature, extent and timing of audit procedures must be fully explained with the SA/RSA
acknowledging acceptability of the changes done upon signing the working papers as reviewer.
59. The auditor shall assemble the audit documentation in an audit file and complete the administrative
process of assembling the final audit file on a timely basis after the date of the auditor’s report.
(ISSAI 2230, para. 14). An audit file may be one or more folders or other storage media, in physical
or electronic form, containing the records that comprise the audit documentation for a specific
engagement.
110
60. An audit file may be classified into two types: current audit file and permanent audit file. Current
Audit File (CAF) contains working papers relating to a single audit engagement. 2 Permanent Audit
File (PAF) is a set of records that serves as an ongoing reference for successive audit. The
information in the PAF, which should be regularly updated, is intended to be accessed repeatedly to
assist the audit team in the conduct of their tasks. 3
61. Listed below are the contents of CAF and PAF, among others, which shall be shall be systematically
organized/arranged to facilitate supervisory review, exhibiting a consistent structure thru the use of
a logical or easy-to-follow index code, agreed upon by the auditor and his/her supervisor during the
planning phase of each audit, to promote efficient cross-referencing system, convenience and ease
in locating these WPs when circumstances demand for its use. The auditor shall avail of the use of
databases, word processing search facilities and other software packages, when necessary, to assist
in information storage and retrieval.
Table 10. List of Current Audit File and Permanent Audit File
Current Audit File Permanent Audit File
Preliminary Activities Execution Phase 1. Charter or mandate;
1. Engagement Letter 1. Summary of Proposed Audit 2. Manual of operations;
2. Auditor’s Declaration of Adjustments 3. Internal audit reports;
Independence and Compliance 2. Working Papers (WPs) by account 4. Minutes of meetings and
with Ethical Standards with top schedule and sub schedule conferences of agency officials;
3. Management Representation Letter supported with audit evidence 5. Organizational Chart/ Functional
3. Current Year’s AOM, NS, ND, NC, Chart;
AM, WP on Financial Analysis 6. Official directives, new laws and
(Trend Analysis, Ratio Analysis, regulations affecting the agency;
Reasonableness Testing) 7. Appropriations/annual budget
4. Bank Statements and Bank and other financial and project
Reconciliation Statements reports;
5. Reports of Checks Issued and 8. Property and personnel
Disbursement Vouchers accountability audits;
6. Minutes of exit conference 9. Notices of Suspensions, Charges
Planning Phase Reporting Phase and Disallowances, Notices of
1. Engagement Planning 1. Final AAR and signed Finality of Decisions (NFD), COA
Memorandum IAR/Management Letter Order of Execution (COE);
2. Audit Program 2. Summary of Uncorrected Financial, compliance and
3. Summary of other audit activities Misstatements performance audit reports; cash
Overall Audit Strategy 3. Summary of Audit Observations and examination reports; fraud audit
4. Specific Audit Instructions Recommendations reports; project audit reports;
5. Results of Risk Assessment at the 4. Management Comments 10.Evaluation/investigation
Assertion Level 5. Updated Management reports/emerging issues from
6. Materiality Template Representation Letter newspaper accounts
7. Summary Report on the 11.Financial Reports
Preliminary Identification of Risks Quality Control Review Documents
8. UTA Template and Financial 6. Duly signed Financial Management
Accountability LogFrame Performance Rating
9. Agency-level Controls Checklist 7. Completion Compliance Checklist
Template 8. Auditee Feedback Survey
10. General Accounting Plan/ 9. Director’s Evaluation Form
Walkthrough Analysis 10. Supervising Auditor’s/Regional
11. Prior Years’ AOM, NS, ND, NC, Supervising Auditor’s Evaluation
2
(Current Audit File, 2018)
3
(Bragg, 2018)
111
Current Audit File Permanent Audit File
AM, WP on Financial Analysis Form
(Trend Analysis, Ratio Analysis,
Reasonableness Testing)
12. Agency Action Plan and Status of
Implementation
13. Action Plan Monitoring Tool
14. Recommendation Tracking Sheet
15. Variance Analysis of FS
16. Tie-in Analysis
17. WP on Preliminary Data Analysis
18. Test of Internal Control Design
62. The ATL is primarily responsible for the timely assembly of the final audit file within 60 days from
receipt of transmittal of the audit report (AAR/ML) by the audited agency, in accordance with
Section A21 of ISSAI 2230. As a general rule, the WPs shall be kept under lock and key.
B.1.2. Characteristics of Working Paper
63. Working papers should be complete and accurate, and must support observations, testing,
conclusions, and recommendations. It should also show the nature and scope of the work
performed. Working papers should also be clear and understandable without supplementary oral
explanations.
64. The structure of the working paper should be in a logical format that clearly shows the
purpose/objective of the test (risk being tested), a description of the test, extent of testing
performed, results, conclusion arrived at i.e. any control weaknesses identified, and potential
process improvements, and positive change opportunities. Where working papers are hand written
they should be neat and legible. If working papers are not clear they may lose their worth as
documented evidence.
65. Each top schedule of the accounts presents the Audit Conclusion: whether the audit objective was
met or not and the reason thereof; whether the Main Account audited (e.g. Cash, Receivables,
Inventory, etc.) is considered as fairly stated and presented, shown as follows.
Illustration 6. Sample Top Schedule and Audit Conclusion

ABC Agency
Top Schedule – Cash & Cash Equivalents
December 31, 20x2
Amount
WP Audit Adjustments Per Audit
Account
ref Per Books
DR CR 20x2 (CY) 20x1 (PY)
Cash in A-1 10,000 0 500 9,500 20,000
Bank
Cash A-2 1,000 0 0 1,000 2,000
Collecting
Officer
Short-term A-3 2,000 500 0 2,500 3,500
Investment
Audit conclusion on the audit of cash:

Based on the audit procedures performed for the Cash and Cash Equivalents, total adjustment of Pxxx representing unrecorded bank charges was
taken up in the books to effect the adjusted cash in bank balance per books. We conclude that this account is fairly stated and presented in the
112
financial statements.
Prepared by: Audit Team Member Date of audit completion

Reviewed by: Audit Team Leader Date of review
66. All WPs shall be dated, signed by the preparer and reviewer, and clearly referenced using the
standard tickmarks developed by the audit teams.
67. The WPs shall be cross-referenced to the appropriate source, complete with no unanswered
questions or other evidence of unfinished work. Cross-referencing of documents shall also be made
to provide a link between pages of the WPs which are interrelated and allow the reader/reviewer of
the WPs easy access to the data.
68. All pages in the WPs shall be indexed except in the case of a set of document with several pages,
wherein only the cover page shall be given an index number. The indexing of the files shall be
aligned with the order of presentation in the Table of Contents. The index code shall be indicated at
the right top portion of the WP or on the lower center of the page of the WP and when numbering a
given area, consecutive numbers shall be used (i.e., 2-1, 2-2, 3-1, 3-2, etc.). WPs shall be indexed
according to the Audit Working Paper Checklist agreed by the ATL and the SA or the concerned
Cluster/office.
69. The retention period of working papers shall be in accordance with COA regulations and the related
issuances of the National Archives of the Philippines.
B.2. Audit Evidence
70. The SA/RSA and ATL ensure that all evidence is documented properly in audit working papers. Audit
evidence refers to information used by the auditor in arriving at the conclusions on which the
auditor’s opinion is based. It includes both information contained in the accounting records
underlying the financial statements and information obtained from other sources. (ISSAI 2500)
71. The auditor can obtain evidence in many different ways, such as:
a. Inspection or observation evidenced by photographs, inspection reports; formal analysis

performed by expert/s, and even the object or a portion of the object itself such as substandard
materials.
b. Evaluation of records, reports and documents including disbursement vouchers to prove certain
facts noted in the course of the audit. For instance, proof of a cash shortage in a cash
examination report; one proof of noncompliance with specific terms would be the contract
itself; proof of payments made are the official receipts, and proofs that payments made are valid
are the delivery reports, sales invoices and purchase orders.
c. Interviews/inquiries evidenced by signed interview sheets or a recording of a conversation with

the interviewees; confirmation replies received from banks, debtors and creditors; emailed
replies to queries made from a client or another department. To strengthen evidence through
interviews; other forms of evidence are obtained; say an inspection performed to prove
interviewees’ contention that certain assets are missing.
113
d. Study, comparison, and evaluation of relationships among financial and non-financial data at a
point in time and the trend in those relationships over a period.
e. Questionnaires with a list of questions on a particular area or function may be developed to

obtain information relating to the audit objective. The questionnaire should be short and
answerable by “yes” or “no” only, to facilitate collation and analysis. For this to be considered as
audit evidence, the auditor should request for copy of related documents, records or reports or
results of questionnaire used to conduct alternative procedures.
f. Flowcharts showing the flow of activities through a process. They help to visualize the process
and therefore facilitate an analysis of the operation and assist in identifying inefficiencies,
overlaps and duplications/missing procedures and control weaknesses. Flowcharts are valuable
when documenting a complicated flow of documents or process such as cash receipts, cash
disbursements, and procurement, among others. Completed flowcharts should be discussed
with the interviewee to ensure correctness.
g. Walkthroughs to document the audited entity’s processes. This activity involves following one or
two transactions or activities step-by-step through the process from beginning to end. A
walkthrough test helps to confirm the accuracy of the auditor’s documentation of the process
and ensure that it is understood. Walkthroughs are more effective in understanding the audited
entity’s processes than a general review of manuals and operating procedures, as they provide a
faster and more effective identification of weaknesses and potential problem areas.
h. Re-computation or verifying the mathematical accuracy of figures. The value of this procedure
as evidence is limited as the reliability of the evidence obtained depends on the validity of the
source documents.
i. Reperformance or auditor’s independent execution of procedures or controls that were

originally performed as part of the entity’s internal control, either manually or through the use
of CAATs. For example, reperforming the aging of accounts receivable or comparing the price on
an invoice to that reflected in an approved purchase order.
72. Audit evidence can be obtained either in the form of:
a. Physical - through inspection or observation

b. Documentary - records, reports and documents
c. Testimonial - from third parties
d. Analytical - study, comparison, and evaluation of relationships among financial and non-
financial data
73. If information to be used as audit evidence has been prepared using the work of a management’s
expert, the auditor shall, to the extent necessary, having regard to the significance of that expert’s
work for the auditor’s purposes:
a. Evaluate the competence, capabilities and objectivity of that expert;

b. Obtain an understanding of the work of that expert; and
114
c. Evaluate the appropriateness of that expert’s work as audit evidence for the relevant assertion.
74. When using information produced by the entity, the auditor shall evaluate whether the information
is sufficiently reliable for the auditor’s purposes, including, as necessary in the circumstances:
a. Obtaining audit evidence about the accuracy and completeness of the information; and
b. Evaluating whether the information is sufficiently precise and detailed for the auditor’s
purposes. (ISSAI 2500, para. 9)
75. When designing tests of controls and tests of details, the auditor shall determine means of selecting
items for testing that are effective in meeting the purpose of the audit procedure. (ISSAI 2500, para.
10)
76. If (a) audit evidence obtained from one source is inconsistent with that obtained from another; or
(b) the auditor has doubts over the reliability of information to be used as audit evidence, the
auditor shall determine what modifications or additions to audit procedures are necessary to
resolve the matter, and shall consider the effect of the matter, if any, on other aspects of the audit.
77. If the auditor identified information that is inconsistent with the auditor’s final conclusion regarding
a significant matter, the auditor shall document how the auditor addressed the inconsistency. (ISSAI
2230, para. 11)
C. Addressing Risk Areas that Need Specific Considerations
78. Audit evidence obtained for these areas/issues and requirements should consider the following:
a. Inventory in the public sector is often held for use rather than for resale. As such, property
audits go beyond the usual observations of physical inventories conducted during year-end and
cover year-round activities. Violations to property related regulations especially those included
in the State Audit Code, are reported as part of the auditor’s observations and
recommendations.
If inventory is material to the financial statements, the auditor shall obtain sufficient appropriate
audit evidence regarding the existence and condition of inventory by: (a) attendance at physical
inventory counting, unless impracticable, to: evaluate management’s instructions and
procedures for recording and controlling the results of the entity’s physical inventory counting,
observe the performance of management’s count procedures, inspect the inventory, and
perform test counts; and (b) performing audit procedures over the entity’s final inventory
records to determine whether they accurately reflect actual inventory count results.
If physical inventory counting is conducted at a date other than the date of the financial
statements, the auditor shall, in addition to the procedures required by previous paragraph,
perform audit procedures to obtain audit evidence about whether changes in inventory
between the count date and the date of the financial statements are properly recorded.
115
If the auditor is unable to attend physical inventory counting due to unforeseen circumstances,
the auditor shall make or observe some physical counts on an alternative date, and perform
audit procedures on intervening transactions.
If attendance at physical inventory counting is impracticable, the auditor shall perform

alternative audit procedures to obtain sufficient appropriate audit evidence regarding the
existence and condition of inventory. If it is not possible to do so, the auditor shall modify the
opinion in the auditor’s report in accordance with ISSAI 2705.
If inventory under the custody and control of a third party is material to the financial
statements, the auditor shall obtain sufficient appropriate audit evidence regarding the
existence and condition of that inventory by performing one or both of the following: request
confirmation from the third party as to the quantities and condition of inventory held on behalf
of the entity; and perform inspection or other audit procedures appropriate in the
circumstances. (ISSAI 2501 par. 4 to 8)
b. Litigation and claims
i. These conditions need to be disclosed in the Notes to FS. In addition, audit procedures may
have to be performed to identify litigation and claims which may give rise to the need to
recognize a contingent asset or liability in the FS.
ii. Contingent liability refers to a possible obligation that arises from past events, and whose
existence will be confirmed only by the occurrence or non-occurrence of one or more
uncertain future events not wholly within the control of the entity; or a present obligation
that arises from past events, but is not recognized because: (i) it is not probable that an
outflow of resources embodying economic benefits or service potential will be required to
settle the obligation; or (ii) the amount of the obligation cannot be measured with sufficient
reliability.
iii. Contingent asset refers to a possible asset that arises from past events whose existence will
be confirmed only by the occurrence or non-occurrence of one or more uncertain future
events not wholly within the control of the entity.
iv. Audit procedures for these areas may include:
 Obtain from management and/or from its internal Legal Counsel a description and
evaluation of litigation, claims, and assessments that existed at the date of the balance
sheet being reported on, and during the period from the balance sheet date to the date
the information is furnished, including an identification of those matters referred to
legal counsel. The ISSAI recognizes that public sector auditors such as COA auditors have
the right to communicate directly with the agency’s external legal counsel without need
for management permission.
 Examine documents in the client's possession concerning litigation, claims, and

assessments, including correspondence and invoices from lawyers.
116
 Review of legal expense account if this exists and if management denies having any
litigation and claim related issues.
 Evaluate the likelihood of an unfavorable outcome and its estimate of the amount or
range of potential loss. Assess if the potential loss will affect the reliability of the FS and
require disclosure in the Notes to FS.
c. Segment information - presentation and disclosure of specific segment information discussed in

the ISSAI are not applicable in the Philippines except for certain public sector entities. However,
there may be information similar to segment information requiring disclosure.
i. This is in the case of foreign assisted projects funded by the World Bank; European Union;
USAID; United Nations Development Programme and the ADB where stand-alone audit
reports are submitted to the funding organizations. This can be presented in the following
manner:
Note 10. Audit of Loans and Grants from the Asian Development Bank
A separate special purpose financial audit was performed on government and ADB funds
for Project 12345 “Project on Climate Change” included in this 20xx financial statements
for the Agency. The COA rendered an unmodified audit opinion on the fairness in
presentation of the financial statements and on the Project’s compliance with ADB
requirements particularly on SOE and imprest account procedures prescribed in the Loans
Disbursements Handbook; and on the use of the funds for the purposes intended.
ii. The materiality of misstatements on the overall FS in separate audits will have to be
evaluated.
d. Related party transactions – The auditor is required to examine the documents (minutes of
meetings, bank and legal confirmations, such other documents provided) supporting the
transaction/s; establish whether these transactions are properly accounted for and identify
possible misstatements or errors due to fraud by the very nature of the transactions. In addition,
material transactions should be confirmed with related parties identified and appropriate
background research should be conducted as necessary.
i. The Notes to FS should disclose related party transactions, business rationale and effects of
the transactions on the FS. Key terms, conditions, or other important elements of the
transactions necessary for understanding them should also be disclosed.
ii. Examples of transactions which may qualify as related party transactions in the Philippines
are:
 fund transfers to the agency for projects which are not related to the mandate or
objective of the agency;
 fund transfers to the agency and subsequent transfers of the same amounts to non-
government agencies;
 material cash advances, fund transfers or loans released by the agency to persons or
non-government agencies or parties;
 guarantees and guarantor relationships;
117
 agreements for the provision of services to certain parties under terms and conditions
outside the agency’s normal course of business;
 complex equity transactions such as corporate restructurings or acquisitions;
 transactions with offshore entities in jurisdictions with weak corporate laws;
 leasing of premises or the rendering of management services by the agency to another
party if no consideration is exchanged;
 sales transactions with unusually large discounts or returns;
 transactions with circular arrangements such as sales with commitment to repurchase;
and,
 transactions under contracts whose terms are changed before expiry.
iii. Auditors should be guided by the requirements of ISSAI 2240 in case of intentional non-
disclosure by management of related party transactions. The auditor may also consider the
need to re-evaluate the reliability of management’s responses to audit inquiries and the
management’s representations to the auditor.
e. Accounting estimates are an approximation of monetary amount in the absence of a precise

means of measurement.
i. In the public sector these pertain to:
 Programs: social insurance; governmental employee pension; health care; veterans’

benefits, environmental liabilities; tax revenue and receivables and certain property and
equipment such as specialized military equipment and heritage assets.
 Activities with high estimation uncertainty: outcome of litigation; derivative financial

instruments not publicly traded; fair value accounting estimates for which a highly
specialized entity developed model is used such as employees benefit pension fund
which requires the estimation of an actuary.
 Situations where accounting estimates may be required: inventory obsolescence;

warranty obligations; depreciation method or asset useful life; share-based payments;
property or equipment held for disposal; goodwill or intangible assets; non-monetary
exchange of plant facilities.
ii. The nature and reliability of information to support the accounting estimates may affect the
risks of material misstatement of accounting estimates including the susceptibility to
unintentional or intentional management bias.
iii. For accounting estimates that give rise to significant risks, the auditor obtains appropriate
evidence of management’s decision to recognize or not to recognize accounting estimates in
the financial statements. The auditor then evaluates reasonableness of such estimates and
adequacy of disclosures.
iv. The disclosures should include the assumptions used, the method of estimation, including
any applicable model, the basis for selection of the method of estimation, the effect of any
118
changes to the method of estimation from prior period and the sources and implications of
estimation uncertainty.
v. The requirements of ISSAI 2540 covers the following as well as the audit procedure and
suggested working paper/s:
Table 11. ISSAI 2540 requirements

Working Paper
ISSAI Requirement Audit Procedure
Reference
Planning Phase
Risk assessment Obtain an understanding of the entity and its environment, Understanding the
procedures and including the entity’s internal control in order to provide a Agency including
related activities basis for the identification and assessment of risks of internal control related
material misstatement for accounting estimates to accounting estimates
Identifying and Evaluate the degree of estimation uncertainty associated Preliminary
assessing the risk of with an accounting estimate and shall determine whether, Assessment of risks of
material in the auditor’s judgment, any of those accounting material misstatement
misstatement estimates that have been identified as having high for accounting
estimation uncertainty give rise to significant risks. estimates
Responses to the Based on the assessed risks of material misstatement, the Responses to the
Assessed Risks of auditor shall determine: Assessed Risks of
Material Material Misstatement
Misstatement (a) Whether management has appropriately applied the Template
requirements of the applicable financial reporting
framework relevant to the accounting estimate;
(b) Whether the methods for making the accounting
estimates are appropriate and have been applied
consistently, and whether changes, if any, in accounting
estimates or in the method for making them from the prior
period are appropriate in the circumstances;
(c) whether specialized skills or knowledge in relation to
one or more aspects of the accounting estimates are
required in order to obtain sufficient appropriate audit
evidence.
Audit Execution Phase
Further substantive For accounting estimates that give rise to significant risks, Substantive Testing
procedures to the auditor shall evaluate the following: Working Paper
respond to significant
risks (a) How management has considered alternative
assumptions or outcomes, and why it has rejected them,
or how management has otherwise addressed estimation
uncertainty in making the accounting estimate.
(b) Whether the significant assumptions used by
management are reasonable
(c) Where relevant to the reasonableness of the significant
assumptions used by management or the appropriate
application of the applicable financial reporting framework,
management’s intent to carry out specific courses of
action and its ability to do so.
If, in the auditor’s judgment, management has not

adequately addressed the effects of estimation uncertainty
on the accounting estimates that give rise to significant
risks, the auditor shall, if considered necessary, develop a
119
Working Paper
ISSAI Requirement Audit Procedure
Reference
range with which to evaluate the reasonableness of the
accounting estimate.
Recognition and Measurement Criteria
For accounting estimates that give rise to significant risks,

the auditor shall obtain sufficient appropriate audit
evidence about whether: management’s decision to
recognize, or to not recognize, the accounting estimates in
the financial statements; and, the selected measurement
basis for the accounting estimates are in accordance with
the requirements of the applicable financial reporting
framework.
Evaluating the Based on the audit evidence, evaluate whether the Summary of
reasonableness of accounting estimates in the financial statements are either Misstatements related
estimates, and reasonable in the context of the applicable financial to Accounting Estimate
determining reporting framework, or are misstated
misstatements
Disclosures Obtain sufficient appropriate audit evidence about whether Notes to Financial
the disclosures in the financial statements related to Statements
accounting estimates are in accordance with the
requirements of the applicable financial reporting
framework.
For accounting estimates that give rise to significant risks,

the auditor shall also evaluate the adequacy of the
disclosure of their estimation uncertainty in the financial
statements in the context of the applicable financial
reporting framework
Indicators of Review the judgments and decisions made by Management
management bias management in the making of accounting estimates to Representation Letter
identify whether there are indicators of possible
management bias.
Indicators of possible management bias do not

themselves constitute misstatements for the purposes of
drawing conclusions on the reasonableness of individual
accounting estimates.
Written Obtain written representations from management and, Management
representations where appropriate, those charged with governance Representation Letter
whether they believe significant assumptions used in
making accounting estimates are reasonable.
Documentation The audit documentation shall include: basis for the
auditor’s conclusions about the reasonableness of
accounting estimates and their disclosure that give rise to
significant risks; and, indicators of possible management
bias, if any
f. Subsequent Events pertain to events which occur after the date of the FS but which: i) provide
evidence of conditions that existed at the date of the FS and ii) those that provide evidence of
conditions that arose after the date of the FS.
120
The auditor shall perform audit procedures designed to obtain sufficient appropriate audit
evidence that all events occurring between the date of the financial statements and the date of
the auditor’s report that require adjustment of, or disclosure in, the financial statements have
been identified. The auditor is not, however, expected to perform additional audit procedures
on matters to which previously applied audit procedures have provided satisfactory conclusions.
The auditor shall perform the procedures required by the previous paragraph so that they cover
the period from the date of the financial statements to the date of the auditor’s report, or as
near as practicable thereto. The auditor shall take into account the auditor’s risk assessment in
determining the nature and extent of such audit procedures, which shall include the following:
a) Obtaining an understanding of any procedures management has established to ensure that

subsequent events are identified.
b) Inquiring of management and, where appropriate, those charged with governance as to
whether any subsequent events have occurred which might affect the financial statements.
Specific inquiries about the following matters should be made about these transactions
reported after the date of the FS:
 New commitments, borrowings, or guarantees entered into

 Sales, acquisitions or assets
 Increases in capital or issuances of debt instruments such as issuance of new shares
or debentures or an agreement to merge or liquidate has been made or planned
 Assets appropriated by government or destroyed by fire or flood
 Developments regarding contingencies such as claims or litigations
 Unusual accounting adjustments made or contemplated
 Events have occurred or are likely to occur that will bring into question the
appropriateness of accounting policies used in the FS, such as going concern issues
 Events that have occurred relevant to the measurement of estimates or provisions
made in the FS
 Events that have occurred that are relevant to the recoverability of assets
c) Reading minutes, if any, of the meetings of the entity’s owners, management and those
charged with governance that have been held after the date of the financial statements and
inquiring about matters discussed at any such meetings for which minutes are not yet
available.
d) Reading the entity’s latest subsequent interim financial statements, if any. (ISSAI 2560,
para. 7)
Facts which become known to the auditor after the date of the auditor’s report but before the
date the financial statements are issued (ISSAI 2560)
Where law, regulation or the financial reporting framework does not prohibit management from
restricting the amendment of the financial statements to the effects of the subsequent event or
events causing that amendment and those responsible for approving the financial statements
121
are not prohibited from restricting their approval to that amendment, the auditor is permitted
to restrict the audit procedures on subsequent events to that amendment. In such cases, the
auditor shall amend the auditor’s report to include an additional date restricted to that
amendment that thereby indicates that the auditor’s procedures on subsequent events are
restricted solely to the amendment of the financial statements described in the relevant note to
the financial statements.
Dual dating
When, in the circumstances described above, the auditor amends the auditor’s report to include
an additional date restricted to that amendment, the date of the auditor’s report on the
financial statements prior to their subsequent amendment by management remains unchanged
because this date informs the reader as to when the audit work on those financial statements
was completed. However, an additional date is included in the auditor’s report to inform users
that the auditor’s procedures subsequent to that date were restricted to the subsequent
amendment of the financial statements. The following is an illustration of such an additional
date:
(Date of auditor’s report), except as to Note Y, which is as of (date of

completion of audit procedures restricted to amendment described in
Note Y).
The auditor is not responsible for subsequent matters that occur after the date of the auditor’s
report which management purposely did not divulge to him/her.
g. If events or conditions have been identified that may cast significant doubt on the entity’s ability
to continue as a going concern, the auditor shall obtain sufficient appropriate audit evidence to
determine whether or not a material uncertainty exists related to events or conditions that may
cast significant doubt on the entity’s ability to continue as a going concern (hereinafter referred
to as “material uncertainty”) through performing additional audit procedures, including
consideration of mitigating factors.
These procedures shall include:
a. Where management has not yet performed an assessment of the entity’s ability to continue
as a going concern, requesting management to make its assessment.
b. Evaluating management’s plans for future actions in relation to its going concern assessment,
whether the outcome of these plans is likely to improve the situation and whether
management’s plans are feasible in the circumstances.
c. Where the entity has prepared a cash flow forecast, and analysis of the forecast is a
significant factor in considering the future outcome of events or conditions in the evaluation
of management’s plans for future actions:
i. Evaluating the reliability of the underlying data generated to prepare the forecast; and
ii. Determining whether there is adequate support for the assumptions underlying the
forecast.
d. Considering whether any additional facts or information have become available since the
date on which management made its assessment.
122
e. Requesting written representations from management and, where appropriate, those
charged with governance, regarding their plans for future actions and the feasibility of these
plans.
The auditor shall evaluate whether sufficient appropriate audit evidence has been obtained
regarding, and shall conclude on, the appropriateness of management’s use of the going
concern basis of accounting in the preparation of the financial statements. (ISSAI 2570)
h. Audits of Group Financial Statements (including work of component auditors)
ISSAI 2600 provides the guidance for Group FS. In COA, Group FS refer to consolidated FS
prepared by the head office of a department/agency.
i. The auditors assigned at the head office (group auditor) and field operating offices
(component auditor) conduct the audit of the FS of their respective auditees and prepare an
ML or SAOR, whichever is applicable.
ii. The component auditor transmits the ML/SAOR to the respective auditees, a copy thereof
furnished to the CD through the RD.
iii. The group auditor prepares the CAAR based on the ML/SAOR issued by the component
auditors, and the result of reviews of the Group Financial Statements.
iv. The group auditor is responsible for the issuance of group audit opinion taking into
consideration the materiality threshold established for the Group FS. When the opinion is
modified because of inability to obtain sufficient appropriate audit evidence in relation to
the financial information of one or more components, the reasons for that inability shall be
discussed in the Basis for Modification paragraph in the IAR on the group FS. The group
auditor may refer the matter to the component auditor as deemed necessary for an
adequate explanation of the circumstances.
v. After review of the CAAR, the report is then transmitted to the department/agency.
vi. For consistency of audit focus and area, the group auditor issues Specific Audit Instructions
for compliance by the component auditors down to the provincial/division level. The
component auditors are, however, not constrained to look into areas considered of
significant risks at their level.
D. Summarizing Proposed Audit Adjustments and Evaluating Effects in the Audit Opinion
79. Whenever necessary, proposed audit adjustments of the audit team are forwarded to the Chief
Accountant for action. Once the audit is completed, the Audit Team Leader prepares a list of all
audit adjustments indicating the actions taken by the Chief Accountant as illustrated below.
123
Illustration 7. Summary of Proposed Audit Adjustments
Audit Misstatements Classification Adjusted by
Material by Nature/
AOM Observation/ Amount Effect FS (Factual/ Management?
Circumstance or
No. Description of (In Thousand Accounts Affected (Overstatement)/ Affected Judgmental/ Y N
Occurrence?
Misstatement Pesos) Understatement Projected)
2020- Unrecorded 61,000 Due from NGS Understated SFPos Factual Quantitatively
001 fund transfer to Cash – MDS (Assets) material 
other NGAs
Unrecorded 156,100 Exploration and Overstated SFPos Factual Quantitatively
liquidation Development (Assets) material
report received Expenses
Chemical and SFPer 
Filtering Supplies
Expenses
Due from NGS
2020- Unrecorded 8,850 Cash – LCCA Understated SFPos Factual Quantitatively
002 cancelled/ stale Accounts (Assets and material
checks and Payable Labilities) 
unreleased
checks
Unrecorded bank 100 Cash – LCCA Understated SFPos Factual Quantitatively
debits Interest Income (Assets) material

Accumulated
Surplus/(Deficit) SFPer
80. The auditor shall analyze and evaluate whether the unrecorded audit adjustment will affect the
audit opinion to be issued considering the final and/or revised overall and specific materiality
thresholds established, the size, nature and particular circumstance of misstatement, both in
relation to the particular classes of transaction, account balance, or disclosure, and to the FS as a
whole.
81. When evaluating the operating effectiveness of relevant controls, the auditor shall evaluate whether
misstatements that have been detected by substantive procedures indicate that controls are not
operating effectively. The absence of misstatements detected by substantive procedures, however,
does not provide audit evidence that controls related to the assertion being tested are effective.
82. If deviations from controls upon which the auditor intends to rely are detected, the auditor shall
make specific inquiries to understand these matters and their potential consequences, and shall
determine whether: (a) The tests of controls that have been performed provide an appropriate basis
for reliance on the controls; (b) Additional tests of controls are necessary; or (c) The potential risks
of misstatement need to be addressed using substantive procedures. (ISSAI 2330, para. 17)
83. In a small owner managed entity, the owner-manager may be able to exercise more effective
oversight than in a larger entity, thereby compensating for the generally more limited opportunities
for segregation of duties. On the other hand, the owner-manager may be more able to override
controls because of the informal system of internal control. This is taken into account by the auditor
when identifying the risks of material misstatement due to fraud. (ISSAI 2240, para. 36)
84. When making inquiries as part of obtaining an understanding of management’s process for
identifying and responding to the risks of fraud in the entity, the auditor inquires about the process
to respond to internal or external allegations of fraud affecting the entity. For entities with multiple
locations, the auditor inquires about the nature and extent of monitoring of operating locations or
124
business segments and whether there are particular operating locations or business segments for
which a risk of fraud may be more likely to exist. (ISSAI 2240, para. 37)
85. The auditor should make inquiries of management, internal audit, and others within the entity as
appropriate, to determine whether they have knowledge of any actual, suspected or alleged fraud
affecting the entity. (ISSAI 2240, para. 38)
86. At the end of the audit, the auditor shall make a summary of misstatements that Management was
unwilling to correct or adjust which will be evaluated whether these are material, individually or in
aggregate.
87. For agencies/corporations with FOUs with complete sets of books, the FOU Team Leader submits to
the RSA, the Summary of Uncorrected Misstatements (Illustration 8) for consolidation and
submission to the SA at the Head Office.
Illustration 8. Summary of Uncorrected Misstatements

Amount (Overstatement)/ Understatement
AOM Assets Liability Revenue/ Expense Auditor’s
No. Accounts and Description Total
ref Non- Non- Current Prior Evaluation
Current Current
Current Current Period Period
1 Other Expenses 60 60
Cash in bank (60) Not
To record bank material*
charges
2 Operating expenses 23,000 23,000
Accrued expenses 23,000 Material*
To accrue expenses
3 PPE 50,000 50,000
Accumulated (50,000)
Surplus / Prior Period
Adjustments
Material*
To capitalize major
repairs of buildings
which were previously
charged to expenses
Total 50,060 23,000 23,060 50,000 73,060 Material
to modify
auditor’s
opinion *
* Based on the overall materiality of PhP13.5 million
II. Summarize Audit Observations and Recommendations and Communicate with Those Charged
with Governance
A. Areas for Consideration in Summarizing Audit Observations
88. Upon completion of the Execution Phase but before the conduct of an Exit conference, an audit
summary should be prepared to summarize the work done and conclusions reached (Appendix 3-1).
All uncorrected misstatements accumulated during the audit shall be included in the summary.
89. Misstatement pertains to a difference between the reported amount, classification, presentation, or
disclosure of a financial statement item and the amount, classification, presentation, or disclosure
that is required for the item to be in accordance with the applicable financial reporting framework.
125
90. A misstatement may not be an isolated occurrence. Evidence that other misstatements may exist
include, for example, where the auditor identifies that a misstatement arose from a breakdown in
internal control or from inappropriate assumptions or valuation methods that have been widely
applied by the entity. (Guidance on the determination of projected misstatements and evaluation of
the results is set out in ISSAI 2530.9 Consideration of Identified Misstatements as the Audit
Progresses)
91. The determination of whether a misstatement(s) in a qualitative disclosure is material, in the

context of the applicable financial reporting framework and the specific circumstances of the entity,
is a matter that involves the exercise of professional judgment. Examples where such misstatements
may be material include:
a. Inaccurate or incomplete descriptions of information about the objectives, policies and

processes for managing capital for entities with insurance and banking activities.
b. The omission of information about the events or circumstances that have led to an impairment
loss (e.g., a significant long-term decline in the demand for a metal or commodity) in an entity
with mining operations.
c. The incorrect description of an accounting policy relating to a significant item in the statement
of financial position, the statement of financial performance, the statement of changes in net
assets/equity, statement of comparison of budget and actual amounts, or the statement of cash
flows.
92. The circumstances related to some misstatements may cause the auditor to evaluate them as
material, individually or when considered together with other misstatements accumulated during
the audit, even if they are lower than materiality for the FS as a whole. Circumstances that may
affect the evaluation include the extent to which the misstatement:
a. Affects compliance with regulatory requirements;

b. Affects compliance with debt covenants or other contractual requirements;
c. Relates to the incorrect selection or application of an accounting policy that has an immaterial
effect on the current period’s FS but is likely to have a material effect on future periods’ financial
statements;
d. Masks a change in earnings or other trends, especially in the context of general economic and
industry conditions;
e. Affects ratios used to evaluate the entity’s financial position, results of operations or cash flows;
f. Affects segment information presented in the FS (for example, the significance of the matter to
a segment or other portion of the entity’s business that has been identified as playing a
significant role in the entity’s operations or profitability);
g. Has the effect of increasing management compensation, for example, by ensuring that the
requirements for the award of bonuses or other incentives are satisfied;
h. Is significant having regard to the auditor’s understanding of known previous communications to
users, for example, in relation to forecast earnings;
i. Relates to items involving particular parties (for example, whether external parties to the
transaction are related to members of the entity’s management);
j. Is an omission of information not specifically required by the applicable FRF but which, in the
judgment of the auditor, is important to the users’ understanding of the financial position,
financial performance or cash flows of the entity; or,
126
k. Affects other information to be included in the entity’s annual report (for example, information
to be included in a “Management Discussion and Analysis” or an “Operating and Financial
Review”) that may reasonably be expected to influence the economic decisions of the users.
These circumstances are only examples; not all are likely to be present in all audits nor is the list
necessarily complete.
93. Significant related party matters arising during the audit shall be communicated to management
such as:
a. Non-disclosure of related parties or significant related party transactions by management

b. Significant related party transactions that have not been appropriately authorized and approved
giving rise to suspected fraud
c. Disagreement with management regarding the accounting for and disclosure of significant
related party transactions in accordance with the applicable FRF
d. Non-compliance with applicable law or regulations prohibiting or restricting specific types of
related party transactions
94. As discussed in ISSAI 2240 in relation to ISSAI 2450, the result of fraud will be considered in relation
to other aspects of the audit, even if the size of the misstatement is not material in relation to the
FS. Depending on the circumstances, misstatements in disclosures could also be indicative of fraud,
and, for example, may arise from:
a. Misleading disclosures that have resulted from bias in management’s judgments; or

b. Extensive duplicative or uninformative disclosures that are intended to obscure a proper
understanding of matters in the FS.
B. Communicate with Those Charged with Governance
95. As required under ISSAI 2265, the auditor shall communicate in writing significant deficiencies in
internal control identified during the audit to those charged with governance on a timely basis.
96. The auditor shall include in the written communication of significant deficiencies in internal control:
a) A description of the deficiencies and an explanation of their potential effects; and

b) Sufficient information to enable those charged with governance and management to understand
the context of the communication. In particular, the auditor shall explain that:
i. The purpose of the audit was for the auditor to express an opinion on the financial
statements;
ii. The audit included consideration of internal control relevant to the preparation of the
financial statements in order to design audit procedures that are appropriate in the
circumstances, but not for the purpose of expressing an opinion on the effectiveness of
internal control; and
iii. In relation to significant deficiencies in internal control, the matters being reported are
limited to those deficiencies that the auditor has identified during the audit and that the
auditor has concluded are of sufficient importance to merit being reported to those charged
with governance.
127
97. ISSAI 2450 prescribes the requirements for evaluation of misstatements identified during the audit,
which is done at the completion stage of audit: all misstatements identified should be accumulated
during the audit for the auditor/reviewer to evaluate both their effect on the audit (performing
further audit procedures) and the effect of any uncorrected misstatements on the financial
statements (implication for the auditor’s opinion).
98. The auditor shall communicate with the management and those charged with governance
uncorrected misstatements and the effect that they, individually or in aggregate, may have on the
opinion in the auditor’s report, unless prohibited by law or regulation. The auditor’s
communication shall identify material uncorrected misstatements individually. The auditor shall
request that uncorrected misstatements be corrected.
99. The auditor shall also communicate with the management and those charged with governance the
effect of uncorrected misstatements related to prior periods on the relevant classes of
transactions, account balances or disclosures, and the financial statements as a whole.
100. As defined under ISSAI 2260 (Revised), those charged with governance are the person(s) or
organization(s) with responsibility for overseeing the strategic direction of the entity and
obligations related to the accountability of the entity. This includes overseeing the financial
reporting process. For some entities in some jurisdictions, those charged with governance may
include management personnel, for example, executive members of a governance board of a
private or public sector entity, or an owner-manager. For discussion of the diversity of governance
structures.
101. ISSAI 2260 (Revised) defined management as the person(s) with executive responsibility for the
conduct of the entity’s operations. For some entities in some jurisdictions, management includes
some or all of those charged with governance, for example, executive members of a governance
board, or an owner-manager.
102. ISSAI 2230 and 2260 further requires to document matters that were discussed/communicated
orally, including the nature of the significant matters discussed/communicated, and when and
whom they were discussed/communicated. The auditor may issue AOM/NS/ND/NC to
communicate the significant findings observed as prescribed under the Rules and Regulations on
Settlement of Accounts (COA Circular 2009-006 dated September 15, 2009).
103. The auditor shall issue an AOM for observations relating to financial/operational deficiencies such
as accounting, internal control or property management which do not involve pecuniary loss. An
AOM may also be issued for documentary or other information requirements to enable the
auditor to make a decision in audit.
104. If the agency officials fail to reply within fifteen (15) calendar days from receipt of AOM, the audit
observation on financial/operational deficiencies shall be deemed accepted and shall be included
in the Management Letter and/or Audit Report. In case of failure to submit the required
documents or information needed to reach an audit decision, an NS/ND/NC may be issued by the
auditor, as warranted, after a re- evaluation of available documents/information.
128
105. The agency’s reply/comment shall be evaluated by the auditor vis-a vis the audit observations and
he shall inform the head of the agency and officer concerned in writing, of the results of the
evaluation.
106. The auditor shall issue an NS for transactions of doubtful legality/propriety/regularity which may
result in pecuniary loss to the government, and which will be disallowed in audit if not
satisfactorily explained or validly justified by the parties concerned.
107. The NS shall be issued as often as suspensions are made by the auditor for the purpose of
notifying the agency head and the accountable officer concerned of the amount suspended in
audit.
108. A suspension should be settled within ninety (90) calendar days from receipt of the NS; otherwise,
the transaction covered by it shall be disallowed/charged after the auditor shall have satisfied
himself that such action is appropriate. Consequently, the auditor shall issue the corresponding
ND/NC.
109. The auditor shall issue an ND for transactions which are irregular, unnecessary, excessive,
extravagant and unconscionable and those which are illegal as defined in COA Circular 2012-003
dated October 29, 2012 and other related COA issuances.
110. The ND shall be issued as often as disallowances are made by the auditor in order to notify the
agency head, the accountant, and the persons liable for the amount disallowed in audit.
111. The auditor shall issue the NC as follows:
a) If the amount assessed/appraised is less than what is due the government, the difference shall
be a proper audit charge.
b) If the amount billed is less than the amount due the government, the difference shall also be a
proper audit charge.
c) If the amount collected is less than what is due the government, the difference shall likewise
constitute a proper audit charge.
112. The NC shall be used and issued as often as charges are made by the auditor to notify the agency
head, the accountant and the persons liable for the charges noted in the audit of
revenues/receipts/assessments.
C. Elements of Audit Observation
113. The cumulative effect of immaterial uncorrected misstatements related to prior periods may have
a material effect on the current period’s FS and should also be reviewed.
114. The working paper supporting the summary should include the conclusions reached containing
the elements of audit observation. The required COA format for an audit summary should be
followed.
115. The elements of audit observation are explained as follows and presented in Illustration 9:
129
a. criteria - pertains to the standard or the benchmark. This is usually a policy, circular, directive or
a law.
b. condition – explains whether the criteria were followed or not based on evidence gathered.
c. cause – the reason/s for the existing conditions and unmet criteria.
d. effect – adverse result of the failure to meet criteria which is expressed in terms of losses,
wastage, inability to perform ones tasks or meet client expectations among others.
Illustration 9. Sample - Elements of an Audit Observation

Inventory balance overstated by P1M due to non-recording of issuances in the books of accounts.
The non-recording of inventory issuances distributed to various offices rendered the inventory account overstated by
P1M and understating the corresponding inventory account by the same amount due to the non-preparation by the
Property Officer of the RSMI and its non-submission to the Accounting Office which is contrary to Paragraph 44 of
IPSAS 12 on the recognition of expense.
Criteria: Paragraph 44 of IPSAS 12

Condition: Non-recording of inventory issuances
Cause: Non-preparation by the Property Officers of the RSMI
Effect: Overstatement of Inventory Balance; Understatement of expense
116. Recommendations should address both causes and effects of the observation and may consider
inputs from management. The proposed recommendation for the sample audit observation is
presented below.
Illustration 10. Sample - Audit Recommendation

We recommended that the Property Officer be required to submit the RSMI to the Accountant, and the
Accountant to adjust the Inventory account and Expense account accordingly.
117. The logical relationships between and among the elements of an audit observation as well as the
recommendation is presented in Exhibit 5.
Exhibit 5. Diagramming Tool
Criteria
Cause Condition Effect
Recommendations Evidence Recommendations
D. Performing Review of Overall Audit Work
118. The auditor shall consider the following:
a. Affirmation of audit team’s independence
130
Before reporting, the SA/RSA shall affirm that the Team is still independent of the auditee.
(Appendix 3-2)
b. Consider subsequent events
Sufficient evidence should be gathered to ensure that all events occurring between the date of
the FS and the date of the Auditor’s Report that require adjustment or disclosure are
identified. Subsequent events are more relevant under accrual accounting.
c. Update lead schedule and perform final analytical review
Should there be any changes in the FS, the schedules shall be updated and additional
procedures documented.
d. Consider the adequacy of work performance
The audit team shall make conclusion on whether all planned audit works have been
performed or there are other activities to be undertaken before closing the audit or reporting.
E. Tracking Status of Prior Years’ Recommendations
119. In addition to existing COA regulation requiring the submission of AAPSI and APMT, the audit team
shall prepare an RTS.
120. In instances where there are several recommendations for one observation, each
recommendation shall be counted and evaluated individually.
121. All audit issues with unimplemented recommendations per SIPYAR (Part III of the AAR) should be
reiterated in Part II (Findings and Observations) of the current year’s audit report if the existing
condition still exists that affects the audit opinion. However, the reasons for the failure of the
management to implement recommendation should be assessed to determine if there is a need to
revise or refocus the recommended action. In such case, the status of affected recommendation in
the RTS should be considered “revised”.
122. If the audit issues intended to be addressed by the unimplemented recommendation are no
longer existing due to, among others, closing of the project, or adoption of new accounting
system, or implementation by management of control measures other than the audit team’s
recommended course of action, the status of such recommendation in the RTS can be considered
“closed”.
123. Observations which warrant the issuance of an audit decision (Notice of Suspension/Disallowance/
Charge) shall be acted upon immediately by the audit team and shall likewise be considered
“closed”. This shall be monitored separately using the Statement of Audit Suspensions,
Disallowances and Charges (SASDC).
124. All recommendations considered closed shall be recommended by the SA/RSA for approval of the
CD/RD, and once approved, the same shall be deleted from the SIPYAR of the succeeding year.
131
125. If considered necessary, the Head of the audited agency should be formally informed of the
unimplemented recommendations and possible action to be taken by COA for continued inaction.
Non-implementation of recommendations for no valid reason and without any alternative action
taken to address the problem is a criterion for decreasing the performance rating of an agency as
discussed in Section 5 of this FAM.
126. The format of the RTS to be maintained by the concerned Audit Team Leader and the Office of the
Director for each agency is shown in Appendix 3-3.
127. There are factors preventing the auditee to implement the agreed upon actions, such as
competing priorities; funding issues and lack of staff to implement the recommendations. One
other reason for non-implementation of recommendations is that the recommendation is not
practical and doable. Recommendations should be:
a. Specific – target a specific area for improvement.

b. Measurable – quantify or at least suggest an indicator of progress.
c. Assignable – specify who will do it.
d. Realistic – what results can realistically be achieved, given available resources.
e. Time-bound – specify when the result(s) can be achieved.
III. Conduct Exit Conference
128. The Audit Team Leader prepares the audit highlights as basis for an exit conference with
management subject to the approval of the SA/RSA. Points for discussion are:
a. The scope of the audit conducted

b. Significant risks identified by the auditor during the audit;
c. Significant findings from the audit, including views about qualitative aspects of agency’s
accounting practices, significant difficulties encountered and other significant matters;
d. The misstatements identified and the adjustments which the Chief Accountant failed to take
up;
e. The circumstances that have led to the expected modification of the auditor's report as well as
the expected modification that warrant an emphasis of a matter or other matter including the
proposed wordings;
f. The effect of failure to take up adjustments as far as the audit opinion is concerned;
g. Additional disclosures or explanations for inclusion in the Notes to FS;
h. Audit observations and tentative audit recommendations using the audit summaries as basis;
i. Deadline for submission of management comments;
j. Pending issues and requests such as related parties, litigation and claims, if remained
unsubmitted as of exit conference;
k. Submission of the MRL, if remained unsubmitted as of exit conference;
l. Unimplemented audit recommendations and its impact on the FS; and,
m. Other matters included in the Engagement Letter which have not been addressed.
132
Appendix 3-1. Summary of Audit Observations and Recommendations
Agency _____________________ Prepared by: _______________ Date: __________

_____________________ Reviewed by: ______________ Date: __________
Period _____________________ Approved by: ______________ Date: __________
A. Matrix of Financial Audit Observations and Recommendations
No. AOM No./Date Observation Recommendation Management Comment Auditor’s Rejoinder

1.
2.
3.
4.
B. Summary of Uncorrected Misstatements
Amount (Overstatement)/ Understatement

Accounts and AOM Asset Liability (Revenue)/ Expense Auditor’s
No. Amount
Description Ref. Non- Non- Current Prior Evaluation
Current Current
Current Current Period Period
(a) (b) (c) (d) (e) (f) (g) (h) (i) (j) (k)
(b) – indicate accounts affects and below it, brief description of the misstatement
(c) – indicate AOM No. and date
(d) to (i) – indicate amount of misstatement per account
(j) – indicate gross/aggregate amount of misstatement
(k) – indicate if material and if factual/judgmental/projected
133
Appendix 3-2. Affirmation of Audit Team’s Independence and Compliance with
Ethical Standards
REPUBLIC OF THE PHILIPPINES

COMMISSION ON AUDIT
Commonwealth Avenue, Quezon City, Philippines
AFFIRMATION OF AUDIT TEAM’S INDEPENDENCE AND COMPLIANCE

WITH ETHICAL STANDARDS
I affirm to the best of my knowledge that, I know of nothing that have impaired the Audit Team’s
independence and impartiality that contravened the requirements of any applicable code of
professional conduct.
__(Signature over printed name)__ Date:

Supervising Auditor/Regional
Supervising Auditor
Cluster/Regional Director’s Certification:
I certify that I am not aware of anything that impaired the independence and impartiality of the audit
team.
__(Signature over printed name)__ Date:

134
Appendix 3-3. Recommendations Tracking Sheet
Recommendations Tracking Sheet

As of _____________
Agency:
No. of Audit Recommendation Auditor’s

Management’s
results of
AAR Audit Audit Implemented Not implemented Action/ Reason
Ref. validation/
Year Observation Recommendation for Non-
Fully Restated/ Further
Closed Reiterated Implementation
Implemented Revised Action
(a) (b) (c) (d = e + f + g + h) (e) (f) (g) (h) (i) (j)
Total
Prepared by: Date: Reviewed by: Date: Approved by: Date:
__(Signature over printed name)__ __(Signature over printed name)__ __(Signature over printed name)__
ATL SA/RSA CD/RD
Instructions:
For (e) to (h) – indicate results of auditor’s validation with total number of audit recommendations
implemented/not implemented summarized in the final row
(e) – recommendations which were fully implemented through management’s actions/compliance as
validated by the audit team
(f) – recommendations pertaining to audit issues intended which no longer exists due to, among others,
closing of the project, or adoption of new accounting system, or implementation by management of
control measures other than the audit team’s recommended course of action
(g) – all audit issues with unimplemented recommendations per SIPYAR (Part III of the AAR) should be
reiterated in Part II (Findings and Observations) of the current year’s audit report if the existing condition
still exists that affects the audit opinion
(h) – if the existing condition still exists but the audit team determines that there is a need to revise or
refocus the recommended action
135
Section 4
Reporting Phase
1. After sufficient and appropriate audit evidence has been obtained, the auditor is now ready to
prepare the independent auditor’s report on the audit of the financial statements of the
Agency/Local Government Unit/Corporation. This phase comprises the following:
I. Write the independent auditor’s report

A. Forming an audit opinion
A.1. Evaluating audit evidence obtained
A.2. Considering materiality of uncorrected misstatements
A.3. Evaluating financial statements prepared using the appropriate financial reporting
framework
A.4. Obtaining re-affirmation of written representations
B. Forms of independent auditor’s report
B.1. Unmodified auditor’s report
B.2. Modified auditor’s report
B.2.1. Matters affecting the auditor’s unmodified opinion
B.2.2. Matters not affecting the unmodified opinion
B.3. Auditor’s report on consolidated financial statements
B.4. Auditor’s report on comparative financial statements
II. Specific Elements of the Independent Auditor’s Report

A. Title
B. Addressee
C. Report on the audit of the financial statements
C.1. Opinion section
C.2. Basis for opinion
C.3. Key audit matters
C.4. Emphasis of matter
C.5. Other matter
C.6. Material uncertainty related to going concern
C.7. Other information
C.8. Responsibilities of management and those charged with governance for the financial
statements
C.9. Auditor’s responsibilities for the audit of the financial statements
D. Report on other legal and regulatory requirements/Supplementary Information
E. Name of the engagement partner
F. Signature of the auditor
G. Auditor’s address
H. Date of the independent auditor’s report
III. Comparative information

A. Corresponding figures and Comparative Financial Statements
A.1. Corresponding Figures
A.2. Comparative Financial Statements
136
IV. Types of Audit Report
I. Write the Independent Auditor’s Report
2. Paragraph 17.1 of the Guide to Using International Standards on Auditing in the Audits of Small- and
Medium-sized Entities, Third Edition, Volume 2 – Practical Guidance, 2011 (Guide 2011) states that
the final step in the audit process is to evaluate the audit evidence obtained, consider the impact of
misstatements identified, form an audit opinion, and prepare an appropriately worded audit report.
3. In a similar way, Chapter 9, Audit Reporting of the Financial Audit ISSAI Implementation Handbook
(Handbook 2018) states that the audit report is the final product of the entire audit process, which is
prepared based on sufficient appropriate audit evidence gathered by auditors through performing
audit procedures. In this regard, according to ISSAI 2700, the objectives of the auditor are to form an
opinion on the financial statements, based on an evaluation of the conclusions drawn from the audit
evidence obtained; and to express clearly that opinion through a written report that also describes
the basis for that opinion.
A. Forming an Audit Opinion
4. ISSAI 2700, paragraphs 10 to 13 provide that the auditor shall form an opinion on whether the FS
are prepared, in all material respects, in accordance with the applicable FRF. In order to form that
opinion, the auditor shall conclude as to:
a. whether sufficient appropriate audit evidence has been obtained;

b. whether uncorrected misstatements are material, individually or in aggregate; and
c. whether the FS are prepared in accordance with the requirements of the applicable and
appropriate FRF.
5. The applicable and appropriate FRF for National Government Agencies (COA Resolution No. 2014-
003 dated January 24, 2014), LGUs (COA Resolution No. 2014-003), and Non-CPSEs under the CGS
(COA Circular No. 2015-003 dated April 16, 2015) is the IPSAS, while that for CPSEs, CGS is the PFRS
(COA Circular No. 2015-003 dated April 16, 2015).
A.1. Evaluating Audit Evidence Obtained
6. The relevant ISSAIs that serve as guide in evaluating the sufficiency and appropriateness of audit
evidence obtained in order to draw reasonable conclusions on which to base the audit opinion are:
a. ISSAI 2220 – Quality Control for an Audit of Financial Statements;

b. ISSAI 2330 – The Auditor’s Responses to Assessed Risks;
c. ISSAI 2450 – Evaluation of Misstatements Identified during the Audit;
d. ISSAI 2520 – Analytical Procedures; and
e. ISSAI 2540 – Auditing Accounting Estimates, Including Fair Value Accounting Estimates, and
Related Disclosures. (Item 21, Guide 2011)
7. The objectives of evaluating audit evidence are “to decide, after considering all relevant data
obtained whether:
a. the assessment of the risks of material misstatement at the assertion level are appropriate; and
137
b. sufficient evidence have been obtained to reduce the risks of material misstatement (RMM) in
the financial statements to an acceptably low level.” (Guide 2011)
8. Further, to address such objectives, the important questions to ask and consider under evaluating
audit evidence are:
a. Has sufficient appropriate audit evidence been obtained?

b. Are the accounting estimates made by management reasonable?
c. Did the analytical procedures performed at or near the end of the audit corroborate conclusions
formed during the audit? (Paragraph 17.3 Forming the Opinion, Guide 2011)
9. The following exhibit shows in graphic form the decision that the auditor has to make in preparing
the auditor’s report.
Exhibit 6. Decision Tree in Preparing the Auditor's Report
Back to risk
assessment
ACTIVITY PURPOSE DOCUMENTATION
Evaluate the Determine what New/revised risk factors

audit evidence additional work (if and audit procedures
obtained any) is required Changes in materiality
Communications on audit
findings
Conclusions on audit
Is procedures performed
REPORTING
yes additional
work
required?
no
Form an audit Significant decisions

Prepare the
opinion based on Signed audit opinion
auditor’s report
audit findings
10. It is essential that the auditor has to determine that sufficient appropriate audit evidence has been
obtained, and no additional work is required. Otherwise, the auditor should undertake additional
risk assessment to address such matters as:
a. those that affect the original audit plan;

b. those that have material impact on the auditor’s report;
138
c. those changes that affect the overall materiality threshold arrived at in the planning phase; and,
d. those which necessitates application of additional audit procedures.
11. Audit evidence represents information used by the auditor in arriving at the conclusions as basis for
the auditor’s opinion. Audit evidence includes both information contained in the accounting records
underlying the FS and information obtained from other sources (ISSAI 2500, para. 5(c)). Examples of
the latter are confirmation replies from the Agency’s/Unit’s/Corporation/Project’s depository banks,
debtors, or creditors. Information from third parties is considered to be more reliable as they have
the impartiality that documents obtained from management lacks.
12. Sufficiency is the measure of quantity of audit evidence. The quantity of audit evidence needed is
affected by the auditor’s assessment of the risks of misstatement (the higher the assessed risks, the
more audit evidence is likely to be required) and also by the quality of such audit evidence (the
higher quality, the less may be required). Obtaining more audit evidence, however, may not
compensate for its poor quality. (ISSAI 2500, para. A4.)
13. Audit evidence does not have to be copious. As long as the audit is well documented, and the
procedures manifested in such documents attained the audit objectives, the auditor may conclude
that sufficient evidence is obtained which can support the conclusions made. For example, a
working paper (top schedule and sub-schedules) showing how the cash balance is arrived at in the
statement of financial position, with corresponding tick marks to show the audit procedures
undertaken – vouching (accuracy and/or occurrence), verification of bank reconciliation statements
(completeness and/or accuracy), confirmation (existence, disclosure and/or valuation), cash
examination (existence and/or accuracy), workback of cash flow statement (accuracy) – to address
the risks identified supported with duly validated bank reconciliation statements, cash examination
reports and bank confirmation replies is sufficient enough audit evidence.
14. Appropriateness is the measure of the quality of audit evidence; that is its relevance and its
reliability in providing support for the conclusions on which the auditor’s opinion is based. The
reliability of evidence is influenced by its source and by its nature, and is dependent on the
individual circumstances under which it is obtained. (ISSAI 2500, para. A5.)
15. The auditor must make sure that sources of audit evidence are reliable, those that can be trusted in
terms of authenticity and truthfulness. For example, contracts properly signed by contracting parties
duly witnessed and notarized by a notary public; bank statements obtained directly by management
from depository banks; official receipts with complete information.
16. The evaluation of audit evidence obtained would address the following matters (Section 21.1, Guide
2011):
a. Materiality
i. If the amounts established for overall and performance materiality are still appropriate in
the context of the entity’s actual financial results
ii. If a lower overall materiality (for the financial statements as a whole) than that initially
determined is appropriate, the auditor is required to determine:
 whether it is necessary to revise performance materiality; and,
139
 whether the nature, timing and extent of the further audit procedures remain
appropriate.
b. Risk
In light of the audit observations, assessments of risks of material misstatement at the assertion
level are still appropriate. If not, the risk assessments would be revised, and further planned
audit procedures would be modified.
c. Misstatements
The effect on the audit of identified misstatements and uncorrected misstatements, and the
reason for misstatements/deviations has been considered. These may indicate an unidentified
risk or a significant deficiency in internal control.
Revision of the overall audit strategy and the audit engagement plan applies when:
i. the nature of identified misstatements and the circumstances of their occurrence indicate
that other misstatements may exist that, when aggregated with misstatements accumulated
during the audit, could be material; or
ii. the aggregate of misstatements accumulated during the audit approaches materiality.
Additional audit procedures shall be performed to determine whether misstatements remain (in
classes of transactions, account balance, or disclosures) where management was asked to
correct misstatements.
A.2. Considering Materiality of Uncorrected Misstatements
17. Pertinent paragraphs of ISSAI 2450-Evaluation of Misstatements Identified during the Audit that
guides the evaluation of the effect of misstatements are:
a. Paragraph 3. The objective of the auditor is to evaluate:
i. The effect of identified misstatements on the audit; and

ii. The effect of uncorrected misstatements, if any, on the FS.
b. Paragraph 5. The auditor shall accumulate misstatements identified during the audit, other than
those that are clearly trivial.
c. Paragraph 6. The auditor shall determine whether the overall audit strategy and audit plan need
to be revised if:
i. The nature of identified misstatements and the circumstances of their occurrence indicate
that other misstatements may exist that, when aggregated with misstatement accumulated
during the audit, could be material;
ii. The aggregate of misstatements accumulated during the audit approaches materiality
determined in accordance with ISSAI 2320-Materiality in Planning and Performing an Audit.
140
d. Paragraph 10. Prior to evaluating the effect of uncorrected misstatements, the auditor shall
reassess materiality determined in accordance with ISSAI 2320 to confirm whether it remains
appropriate in the context of the entity’s actual financial results.
e. Paragraph A.21. Circumstances that may affect the evaluation include the extent to which the
misstatement:
i. Affects compliance with regulatory requirements;

ii. Affects compliance with debt covenants or other contractual requirements;
iii. Relates to the incorrect selection or application of an accounting policy that has an
immaterial effect on the current period’s FS but is likely to have a material effect on future
periods’ FS;
iv. Masks a change in earnings or other trends, especially in the context of general economic
and industry conditions;
v. Affects ratios used to evaluate the entity’s financial position, results of operations or cash
flows;
vi. Affects segment information presented in the FS (for example, the significance of the matter
to a segment or other portion of the entity’s business that has been identified as playing a
significant role in the entity’s operations or profitability);
vii. Has the effect of increasing management compensation, for example, by ensuring that the
requirements for the award of bonuses or other incentives are satisfied;
viii. Is significant having regard to the auditor’s understanding of known previous
communications to users, for example, in relation to forecast earnings;
ix. Relates to items involving particular parties (for example, whether external parties to the
transaction are related to members of the entity’s management);
x. Is an omission of information not specifically required by the applicable FRF but which, in
the judgment of the auditor, is important to the users’ understanding of the financial
position, financial performance or cash flows of the entity; or,
xi. Affects other information to be included in the entity’s annual report (for example,
information to be included in a “Management Discussion and Analysis” or an “Operating and
Financial Review”) that may reasonably be expected to influence the economic decisions of
the users of the financial statements. ISSAI 2720 deals with the auditor’s responsibilities
relating to other information.
18. Before the auditor evaluates the results of performing procedures and any misstatements arising
therefrom, the first step is to reassess the amounts established for overall and performance
materiality. This is necessary because the initial determination of materiality will often be based on
estimates of the entity’s financial results, and the actual results may be different. Factors that would
lead to a change include:
a. Initial determination of materiality is no longer appropriate in the context of the entity’s actual
financial results;
b. New information becomes available (such as user expectations) that would have caused the
auditor to determine a different amount (or amounts) initially; and,
c. Unexpected misstatements that may cause the materiality amount for that particular class of
transactions, account balance, or disclosure to be exceeded. (Item 21.2, par. 1, Guide 2011)
141
19. Whenever revisions to materiality is necessary, the auditor is required to consider and document
the impact on the nature, timing and extent of further audit procedures required. (Item 21.2, par. 2,
Guide 2011)
20. During the execution stage, Management may be unwilling to correct or adjust its accounting
records on misstatements determined by the auditor that affect the fair presentation of its FS for
some reason or another. Based on the auditor’s evaluation as shown in Illustration 8, the auditor
shall formulate the appropriate opinion to be rendered.
21. If, at the auditor’s request, management has examined a class of transactions, account balance or
disclosure and corrected misstatements that were detected, the auditor shall perform additional
audit procedures to determine whether misstatements remain. (ISSAI 2450, para. 7)
22. In determining the conclusion, the auditor considers the size (quantitative materiality) and nature of
the misstatements and the particular circumstances of their occurrence (qualitative materiality), and
the effect of uncorrected misstatements related to prior periods on the relevant classes of
transactions, account balances or disclosures, and the financial statements as a whole (ISSAI 2450,
para. 11)
A.3. Evaluating Financial Statements Prepared Using the Applicable Financial Reporting
Framework
23. Before determining what appropriate opinion to render, the auditor must also evaluate if:
a. Financial statements are prepared in accordance with the applicable FRF, either IPSAS or PFRS.
These accounting standards serve as guide in the preparation of the FS:
i. the appropriate presentation and classification of individual and group of accounts – for
example, current and non-current distinction of accounts; real accounts are correctly
presented in the SFPos, nominal accounts in the SFPer;
ii. a complete set of FS that comprises: a statement of financial position, a statement of

financial performance/statement of comprehensive income, a statement of changes in net
assets/equity, a cash flow statement, a separate statement of comparison of budget and
actual amounts or a budget column in the FS (for IPSAS users only), and notes, comprising a
summary of significant accounting policies and other explanatory notes (IPSAS 1a, par.
21/PAS 1, para. 1.10);
iii. minimum required disclosure in the FS and/or in the notes to FS – the standards require
disclosures presented in the FS and/or in the Notes to FS information for each classification
or sub-classification of accounts. For example, minimum disclosure required for property,
plant and equipment includes the initial and subsequent measurements-either cost or
revaluation models; recognition criteria-probable future economic benefit and reliable
measurement of either cost or fair value; treatment of transfers; acquisitions and disposals.
b. Accounting policies are appropriate and are consistent with IPSAS/PFRS – for example, the
adopted accounting policy on measurement of inventory is the lower of cost and net realizable
value which is aligned with paragraph 15 of IPSAS 12/PAS 2-Inventories.
142
c. There are adequate disclosures of significant accounting policies – minimum disclosure of a
summary of significant accounting policies includes:
i. the measurement basis/bases used in preparing the financial statements;

ii. the extent to which the entity has applied any transitional provisions in any IPSAS (PFRS);
and,
iii. other accounting policies used that are relevant to an understanding of the FS (IPSAS/PFRS
1).
d. There is reasonable use of accounting estimates – the assumptions underlying the accounting
estimates must be reasonable, or practical and rational. For example, the estimated useful life of
a motor vehicle of five to 15 years depending on the utility of the vehicle is considered
reasonable in computing for depreciation charges on such an asset.
e. There is relevant, reliable, comparable and understandable presentation of information – the

user must be able to compare the information in the FS with other agencies/units/corporations/
projects within the industry or business it operates; the information in the FS must be easily
comprehensible to the user to avoid misconceptions and misunderstanding; such information
must also be dependable, pertinent and appropriate.
f. There is adequate disclosure of information conveyed in the FS – sufficient disclosure for every
account considered as significant is required to avoid misinterpretation and to help the user
arrive at an informed judgment/decision.
g. There is appropriate use of terminologies – terms and words in the FS and the notes must be
correct and proper to be more understandable to all kinds of users.
24. The various IPSAS necessitates the inclusion of adequate disclosures and appropriate presentation
of accounts in the financial statements which Management needs to address. In this light, the
auditor is required under ISSAI 2330 (The Auditor’s Responses to Assessed Risks) to ensure that such
content of the financial statements are adequate, appropriate and complete. This is with due
consideration to “terminology used as required by the applicable FRF [IPSAS/IFRS], the level of detail
provided, the aggregation and disaggregation of amounts and bases of amounts set forth.”
25. The auditors shall use as guide in the evaluation of Management’s disclosure in the Notes to FS, the
disclosure requirements of each of the IPSAS/PFRS. The Disclosure Checklist to facilitate this process
shown in Annex 1 and 2. The auditor shall consider the results of the accomplished disclosure
checklists in determining the appropriate audit opinion.
143
26. This stage in the audit is summarized in the following figure (Section 20, Guide 2011):
Exhibit 7. Summary of Reporting Phase activities
Evaluate evidence obtained

file reviews nt with TCWG*
required ts identified manageme findings
REPORTING
all misstatemen issues with e audit

Complete Consider Resolve any Communicat
Prepare the auditor’s report

n
documentatio decisions opinion opinion
audit significant Form an auditor’s
Complete Document Issue the
*TCWG = those charged with governance
A.4. Obtaining Re-affirmation of Written Representations
27. ISSAI 2580, paragraph 10 requires that the auditor shall request management to provide a written
representation that it has fulfilled its responsibility for the preparation of the financial statements in
accordance with the applicable financial reporting framework, including where relevant their fair
presentation, as set out in the terms of the audit engagement. The auditor usually makes this
request early on in the audit when communicating the terms of engagement through the
Engagement Letter (Par. 10, Section 1 of this Manual).
Period(s) Covered by Written Representations
28. Further, paragraph A17 of ISSAI 2580 provides that the written representations are for all periods
referred to in the auditor’s report because management needs to reaffirm that the written
representations it previously made with respect to the prior periods remain appropriate. The
auditor and management may agree to a form of written representation that updates written
representations relating to the prior periods by addressing whether there are any changes to such
written representations and, if so, what they are.
Requested Written Representations Not Provided
29. Paragraph 19 of the same ISSAI states that if management does not provide one or more of the
requested written representations, the auditor shall:
a. Discuss the matter with management;

b. Re-evaluate the integrity of management and evaluate the effect that this may have on the
reliability of representations (oral or written) and audit evidence in general; and
144
c. Take appropriate actions, including determining the possible effect on the opinion in the
auditor’s report in accordance with ISSAI 2705, having regard to the requirement in paragraph
20 of ISSAI 2580.
Written Representations about Management’s Responsibilities
30. The auditor shall disclaim an opinion on the financial statements in accordance with ISSAI 2705 if:
a. The auditor concludes that there is sufficient doubt about the integrity of management such
that the written representations required by paragraphs 10 and 11 of ISSAI 2580 are not
reliable; or
b. Management does not provide the written representations required by paragraphs 10 and 11.
B. Forms of Independent Auditor’s Report
31. There are two forms of auditor’s report, unmodified and modified auditor’s report.
B.1. Unmodified Auditor’s Report
32. An unmodified auditor’s report is rendered when the auditor concludes that the FS are free from
material misstatements and are prepared in accordance with the applicable and appropriate FRF
(IPSAS or PFRS).
33. The contents of the opinion paragraph in an unmodified report are:
Opinion
We have audited the financial statements of (Agency/Unit/Corporation/Project) which comprise the

statements of financial position as at December 31, 20X1 and 20X0, statements of financial
performance/profit or loss/comprehensive income, statements of cash flows, statements of
comparison of budget and actual amounts (for IPSAS users) for the years then ended, and notes to
the financial statements, including a summary of significant accounting policies.
In our opinion, the accompanying financial statements of (Agency/Unit/Corporation/Project) are

prepared in all material respects, in accordance with International Public Sector Accounting
Standards or Philippine Financial Reporting Standards.
B.2. Modified Auditor’s Report
34. A modified auditor’s report is rendered if the auditor: (a.1) concludes that the FS are not free from
material misstatements; or (a.2) is unable to obtain sufficient appropriate audit evidence to
conclude that the FS as a whole are free from material misstatement. The auditor’s opinion in a
modified auditor’s report is considered modified if he/she issued qualified or adverse opinion or
disclaim an opinion.
145
a. Qualified Opinion - The auditor shall express a qualified opinion when:
i. The auditor, having obtained sufficient appropriate audit evidence, concludes that
misstatements, individually or in the aggregate, are material, but not pervasive, to the FS; or,
ii. The auditor is unable to obtain sufficient appropriate audit evidence on which to base the
opinion, but the auditor concludes that the possible effects on the FS of undetected
misstatements, if any, could be material but not pervasive.
b. Adverse Opinion - The auditor shall express an adverse opinion when the auditor, having
obtained sufficient appropriate audit evidence, concludes that misstatements, individually or in
the aggregate, are both material and pervasive to the FS. Misstatements are considered
pervasive if in the auditor’s judgment: (a) they are not confined to specific elements, accounts or
items of the FS; (b) if so confined, they represent or could represent a substantial proportion of
the FS; or (c) in relation to disclosures, they are fundamental to users’ understanding of the FS.
c. Disclaimer of Opinion - The auditor shall disclaim an opinion when the auditor is unable to obtain
sufficient appropriate audit evidence on which to base the opinion, and the auditor concludes
that the possible effects on the FS of undetected misstatements, if any, could be both material
and pervasive. A disclaimer is also rendered when, in extremely rare circumstances involving
multiple uncertainties, the auditor concludes that, notwithstanding having obtained sufficient
appropriate audit evidence regarding each of the individual uncertainties; it is not possible to
form an opinion on the FS due to the potential interaction of the uncertainties and their possible
cumulative effect on the FS.
When the auditor disclaims an opinion on the financial statements, the auditor’s report shall not
include the elements required by paragraphs 28(b) and 28(d) of ISSAI 2700. Those elements are:
i. A reference to the section of the auditor’s report where the auditor’s responsibilities are
described; and
ii. A statement about whether the audit evidence obtained is sufficient and appropriate to
provide a basis for the auditor’s opinion.
35. Moreover, even if the auditor has expressed an adverse opinion or disclaimed an opinion on the
financial statements, the auditor shall describe in the Basis for Opinion section the reasons for any
other matters of which the auditor is aware that would have required a modification to the opinion,
and the effects thereof. (ISSAI 2705, para. 27)
36. As discussed in ISSAI 2250, non-compliance with laws, rules and regulation shall also be reported in
the Auditor’s Report on the Financial Statements in the following manner:
a. If the auditor concludes that the non-compliance has a material effect on the FS, and has not
been adequately reflected in the FS, the auditor shall, in accordance with ISSAI 2705, express a
qualified opinion or an adverse opinion on the FS.
b. If the auditor is precluded by management or those charged with governance from obtaining
sufficient appropriate audit evidence to evaluate whether non-compliance that may be
material to the FS has or is likely to have occurred, the auditor shall express a qualified opinion
146
or disclaim an opinion on the FS on the basis of a limitation on the scope of the audit in
accordance with ISSAI 2705.
c. If the auditor is unable to determine whether non-compliance has occurred because of

limitations imposed by the circumstances rather than by management or those charged with
governance, the auditor shall evaluate the effect on the auditor’s opinion in accordance with
ISSAI 2705.
B.2.1. Matters AFFECTING the Auditor’s Unmodified Opinion
37. The auditor may disagree with Management about certain matters such as the acceptability of
accounting policies selected, the method of their application, or the adequacy of disclosures in the
FS resulting in the misstatement of the FS. If such disagreements are significant to the FS, the
auditor shall express a qualified or an adverse opinion.
38. Examples of material misstatements due to disagreements with Management are:
a. Acceptability of accounting policies – for example, policy of using the cost model to recognize
property, plant and equipment, lower of cost and net realizable value to recognize inventory,
amortized cost for loans and receivables are acceptable. Deviation from such policy may result in
material misstatement;
b. Method of application – accounting policies must be used consistently from period to period to
attain comparability of FS. For example, if Management adopts in the current year the cost
model of recognizing property, plant and equipment, and presenting in the FS, it shall apply the
same model for the asset for the next year. Inconsistent application of the policy may lead to a
material misstatement;
c. Adequacy of disclosures – for example, Management discloses the initial and subsequent
measurements of transportation equipment, the year’s acquisitions and disposals, depreciation
charges, accumulated depreciation and allowance for impairment and other important matters
relating to the asset. Anything less would be inadequate, thus, may result in material
misstatement.
If there is a material misstatement of the financial statements that relates to non-disclosure of

information required to be disclosed, the auditor shall:
1. Discuss the non-disclosure with those charged with governance;
2. Describe in the Basis for Opinion section the nature of the omitted information; and
3. Unless prohibited by law or regulation, include the omitted disclosures, provided it is
practicable to do so and the auditor has obtained sufficient appropriate audit evidence
about the omitted information.
39. When the auditor is unable to perform necessary audit procedures or the auditor is unable to gather
sufficient appropriate evidence, limitations on the scope of the audit arise. Such limitations may be
imposed by the entity or imposed by circumstances. The inability to obtain sufficient appropriate
audit evidence will result to either a qualified or a disclaimer of an opinion.
147
40. Scope limitation imposed by the entity takes the form of Management not providing access to
accounting records or the status of the entity’s records (is incomplete, etc.), not allowing or limiting
the conduct of interview with key personnel, sanctioning the undertaking of inspection of projects or
deliveries.
41. Limitations to the scope of the audit should never arise from impositions by the auditor, as this
constitutes deviation from audit engagement protocol and demonstrates unprofessionalism.
42. If the auditor becomes aware that management has imposed a limitation on the scope of the audit
that the auditor considers likely to result in the need to express a qualified opinion or to disclaim an
opinion on the financial statements, the auditor shall request that management remove the
limitation. (ISSAI 2705, para. 11)
43. If management refuses to remove the limitation referred to in paragraph 41, the auditor shall
communicate the matter to those charged with governance, unless all of those charged with
governance are involved in managing the entity, and determine whether it is possible to perform
alternative procedures to obtain sufficient appropriate audit evidence.
44. If the audit was not able to obtain sufficient appropriate audit evidence due to management’s
imposed limitation or non-disclosure of information, the auditor may:
a. Disclaim an opinion and explain its scope limitation in the Basis for Disclaimer of the opinion
paragraph.
b. Consider it necessary to include as Other Matter paragraph in the auditor’s opinion to explain
why it is not possible for the auditor to withdraw from the engagement.
45. Whenever the auditor expresses a modified opinion, a clear description of all the substantive
reasons should be included in the report and, unless impracticable, a quantification of the material
uncorrected misstatements. If, however, it is not practicable to quantify the financial effects of the
material misstatements, the auditor shall so state in Basis for Opinion paragraph.
46. If there is a material misstatement of the financial statements that relates to qualitative disclosures,
the auditor shall include in the Basis for Opinion section an explanation of how the disclosures are
misstated.
47. If there is a material misstatement of the financial statements that relates to the non-disclosure of
information required to be disclosed, the auditor shall:
a. Discuss the non-disclosure with those charged with governance;

b. Describe in the Basis for Opinion section the nature of the omitted information; and
c. Unless prohibited by law or regulation, include the omitted disclosures, provided it is
practicable to do so and the auditor has obtained sufficient appropriate audit evidence about
the information. (ISSAI 1705, para. 23)
48. If management refuses to give the auditor permission to communicate or meet with the entity’s
external legal counsel, or the entity’s external legal counsel refuses to respond appropriately to the
letter of inquiry, or is prohibited from responding; and the auditor is unable to obtain sufficient
148
appropriate audit evidence by performing alternative audit procedures, the auditor shall modify the
opinion in the auditor’s report in accordance with ISSAI 2705. (ISSAI 2501, para. 11)
49. The auditor may modify his/her opinion as appropriate on the following conditions:
a. The auditor is unable to obtain sufficient appropriate audit evidence regarding the opening
balances.
b. If the auditor concludes that the opening balances contain a misstatement that materially
affects the current period’s financial statements, and the effect of the misstatement is not
appropriately accounted for or not adequately presented or disclosed.
c. If the auditor concludes that the current period’s accounting policies are not consistently
applied in relation to opening balances in accordance with the applicable financial reporting
framework; or a change in accounting policies is not appropriately accounted for or not
adequately presented or disclosed in accordance with the applicable financial reporting
framework.
d. If the predecessor auditor’s opinion regarding the prior period’s financial statement included a
modification to the auditor’s opinion that remains relevant and material to the current period’s
financial statements.
B.2.2. Matters NOT AFFECTING the unmodified opinion
50. There are matters that do not affect the auditor’s unmodified opinion but discussed in the Emphasis
of Matter and Other Matter paragraphs in the IAR.
B.2.2.1. Emphasis of Matter Paragraph
51. Emphasis of Matter refer to matters appropriately presented or disclosed in the Notes to FS that, in
the auditor’s judgment, are of such importance that it is fundamental to users’ understanding of the
FS. (ISSAI 2706) The inclusion of an Emphasis of Matter paragraph does not affect the auditor’s
opinion.
52. The placement of an Emphasis of Matter paragraph [or Other Matter paragraph] in the auditor’s
report depends on the nature of the information to be communicated, and the auditor’s judgment
as to the relative significance of such information to be intended users compared to other elements
required to be reported in accordance with ISSAI 2700 (Revised).
53. These are uncertainties, going concern uncertainties, justifiable IPSAS/PFRS departure, and
inconsistencies that are adequately disclosed in the Notes to the FS. These result in an unmodified
opinion with an addition of emphasis of matter paragraph. Lack of disclosure of such matters
significant to the FS would result in either a qualified or adverse opinion, not just the addition of
emphasis of matter paragraph.
54. An uncertainty is a matter whose outcome depends on future actions or events not under the direct
control of the entity but that may affect the FS. When there are significant uncertainties that are
adequately accounted for and disclosed in the Notes to the FS, the auditor should consider
modifying the report by adding an explanatory paragraph to the unmodified report to emphasize
the material uncertainty.
149
55. The auditor should evaluate information gathered during the audit to determine whether there is
substantial doubt about the entity’s ability to continue as a going concern. If there is a significant
doubt about such an ability to continue as a going concern for a reasonable period of time, the
auditor should consider whether the going concern problems are adequately disclosed in the Notes
to FS.
56. If the management of the above entities disclose the matter in its financial statements, the auditor
has to include in the IAR an emphasis of matter paragraph regarding the inability to continue as a
going concern.
57. In extreme cases, such as situations involving multiple uncertainties that are significant to the FS,
the auditor may consider it appropriate to issue a disclaimer of opinion instead of adding an
emphasis of a matter paragraph.
58. Changes affecting accounting principles and estimates may result in inconsistency of FS
presentations. For example, in prior year, the Agency/Unit/Corporation/Project adopted the straight-
line method of depreciating its assets. In the current year, because of some valid reasons, it has
changed its policy to declining balance method. When this arises, Management cannot present
depreciation using two different methods for prior and current years, as this is tantamount to
inconsistent FS. Management may either restate the prior year FS to use the declining balance
method for that year and for the current year to achieve consistency.
59. Management may judge it necessary to depart from financial reporting standards in order to come
up with a fair presentation of FS. If the reasons are adequately disclosed and the auditor believes
that such a departure is justified the auditor should express an unmodified opinion and disclose the
departure in a separate paragraph of the report. Examples of instances of acceptable departure
from financial reporting standards are, new legislation or evolution of a new form of business
transaction.
60. The placement of an Emphasis of Matter paragraph [or Other Matter paragraph] in the auditor’s
report depends on the nature of the information to be communicated, and the auditor’s judgment
as to the relative significance of such information to intended users compared to other elements
required to be reported in accordance with ISSAI 2705 (Revised).
B.2.2.2. Other Matter Paragraph
61. This refers to a matter other than those presented or disclosed in the financial statements that, in
the auditor’s judgment, is relevant to user’s understanding of the audit, the auditor’s responsibilities
or the auditor’s report (ISSAI 2706). Instances where this paragraph is included are:
a. the law, regulation or accepted practice require or permit elaboration on matters to explain the
auditors’ responsibilities in the audit;
b. where FS intending for a specific purpose/user is prepared in accordance with a general

purpose framework such as for the ADB. In such case, the auditor may consider inclusion of an
Other Matter paragraph stating that the auditor’s report is intended solely for the intended
users, and should not be distributed to or used by other parties.
150
c. In accordance with ISSAI 2720 (requirements, para. 10) “Material inconsistencies identified in
other information obtained prior to the date of the auditor’s report”: if the revision of other
information is necessary and Management refuses to make the revision, an Other Matter
paragraph describing the material inconsistency is included.
d. When the prior year audit opinion is different from the current year audit opinion, the change
shall be communicated in the Other Matter paragraph. This applies to audit opinion using
comparative FS approach.
If during our current audit we became aware of events/circumstances that affect the FS of a
prior period, we shall consider such matter when updating our report on the FS of the prior
period.
If in an updated report, we express an opinion different from our previous opinion on the FS of
a prior period, we shall disclose all the substantive reasons for the different opinion in the
Other Matter paragraph of our report. Also, if the updated opinion on the prior period FS is
other than unmodified, we shall include in the opinion paragraph an appropriate modification
with a reference to the Basis for Opinion paragraph.
If we have previously modified our opinion on FS of a prior period because of disagreement

with management (departure from PFRS/IPSAS, uncorrected misstatements, inadequate
disclosure) and prior period FS are restated in the current period to conform with PFRS/IPSAS,
our report on the FS of the prior period shall indicate that the FS have been restated and shall
express an unmodified opinion with respect to the restated FS or to that matter/s presented
which were the subject of prior period modification.
(For placement of this paragraph, please see paragraph 60 on the previous page of this Manual.)
62. Shown in Table 12 is the summary of modifications of the Independent Auditor’s Report:
Table 12. Summary of Modifications of the Independent Auditor’s Report

Matters that: Effect on the Financial Statements
A. Affect the Unmodified Opinion Material but not pervasive Material and Pervasive
1. Disagreement with Management
Qualified Adverse
2. (FS are materially misstated)
3. Scope Limitation Qualified Disclaimer
B. Do NOT affect the Unmodified Opinion
1. Uncertainties
If disclosed in the Notes to FS,
2. Going Concern Uncertainties
Unmodified opinion with
3. Inconsistencies
Emphasis of Matter Paragraph
4. Justifiable departure from IPSAS/PFRS
5. Further explanation on auditor’s If not disclosed in the Notes to
responsibilities in the audit FS, Unmodified opinion with
6. Financial statement intended for specific Other Matter Paragraph
purpose but prepared in accordance with
general purpose framework
7. Material inconsistency in other information
not issued to management
8. Updating of prior year modified opinion to
151
Matters that: Effect on the Financial Statements
unmodified opinion
63. Illustrations for modified opinion is presented in Appendix 4-1 of this Manual.
B.3. Auditor’s Report on Consolidated Financial Statements
64. For consolidated FS where auditors are required to render an auditor’s report, the wordings on the
auditor’s report are the same except in the title and opinion paragraph where it is specifically stated
that the FS and the Notes to FS are consolidated.
65. Consolidated financial statements are the FS of a group presented as those of single economic entity
(PFRS 10). It is presented by the parent corporation in which it consolidates its FS with its
investments in subsidiaries in accordance with PFRS 10.
66. Following is an example of the opinion paragraph of a qualified auditor’s report for consolidated FS:
Report on the Audit of the Financial Statements
Qualified Opinion
We have audited the financial statements of the Agency/Unit/Corporation/Project and its

subsidiaries (the Group), which comprise the statement of financial position as at December 31,
20X1 and 20X0, and the statement of financial performance, statement of changes in net
assets/equity and statement of cash flows for the years then ended, and notes to the financial
statements, including a summary of significant accounting policies.
In our opinion, except for the effects of the matter described in the Basis for Qualified Opinion
section of our report, the accompanying financial statements present fairly, in all material
respects, the financial position of the Group as at December 31, 20X1 and 20X0, and their financial
performance and cash flows for the years then ended, and notes to the financial statements, in
accordance with International Public Sector Accounting Standards or Philippine Financial
Reporting Standards/Philippine Financial Reporting Standards.
B.4. Auditor’s Report on Comparative Financial Statements
67. The auditor is required to render an auditor’s report on comparative information. IPSAS 1, par. 53
states that Management must disclose comparative information in respect of the previous period
for all amounts reported in the FS. Comparative information shall be included for narrative and
descriptive information when it is relevant to an understanding of the current period’s FS.
68. More discussions on comparative FS are presented in Section III, Comparative Information.
69. If the auditor becomes aware of a possible material misstatement in the comparative information
while performing the current period audit, the auditor shall perform such additional audit
procedures as are necessary in the circumstances to obtain sufficient appropriate audit evidence to
determine whether a material misstatement exists. If the auditor had audited the prior period’s
financial statements, the auditor shall also follow the relevant requirements of ISSAI 2560.2 If the
152
prior period financial statements are amended, the auditor shall determine that the comparative
information agrees with the amended financial statements. (ISSAI 2710, para. 8)
70. Prior to issuing the IAR for the prior period, the auditor has performed additional audit procedures
designed to obtain sufficient appropriate audit evidence that all events occurring between the date
of the financial statements and the date of the auditor’s report that require adjustment of, or
disclosure in, the financial statements have been identified. The auditor is not, however, expected to
perform additional audit procedures on matters to which previously applied audit procedures have
provided satisfactory conclusions. This is a requirement of ISSAI 2560, para. 6.
71. The specific audit procedures to be performed by the auditor required by paragraph 6 so that they
cover the period from the date of the financial statements to the date of the auditor’s report, or as
near as practicable thereto. The auditor shall take into account the auditor’s risk assessment in
determining the nature and extent of such audit procedures, which shall include the following:
a. Obtaining an understanding of any procedures management has established to ensure that

subsequent events are identified.
b. Inquiring of management and, where appropriate, those charged with governance as to
whether any subsequent events have occurred which might affect the financial statements.
c. Reading minutes, if any, of the meetings, of the management and those charged with
governance, that have been held after the date of the financial statements and inquiring about
matters discussed at any such meetings for which minutes are not yet available.
d. Reading the agency’s/LGU’S/corporation’s latest subsequent interim financial statements, if
any. (ISSAI 2560, para. 7)
72. If, as a result of the procedures performed as required by paragraphs 6 and 7, the auditor identifies
events that require adjustment of, or disclosure in, the financial statements, the auditor shall
determine whether each such event is appropriately reflected in those financial statements in
accordance with the applicable financial reporting framework. (ISSAI 2560, para. 8)
II. Specific Elements of the Independent Auditor’s Report
73. The IAR prescribed in ISSAI 2700 shall be adopted. The elements are enumerated as follows:
A. Title
The auditor’s report shall have a title that clearly indicates that it is the report of an independent
auditor. (ISSAI 2700 para. 21)
B. Addressee
The auditor’s report is normally addressed to those for whom the report is prepared, often either to
the shareholders or to those charged with governance of the entity whose FS are being audited.
(ISSAI 2700, para. A21)
153
C. Report on the Audit of Financial Statements
The title, Report on the Audit of Financial Statements, is included to distinguish the following
sections form the other reports required to be contained in the IAR.
C.1. Opinion Section
The opinion section should also report:
a. The agency audited;

b. The FS audited, identify the title of each statements;
c. The Notes to FS, including the summary of significant accounting policies; and,
d. The date of or period covered by each FS.
Opinion (for unmodified opinion)
We have audited the accompanying financial statements of the (Agency/Unit/Corporation/

Project), which comprise the statements of financial position as at December 31, 20X1 and
20X0, and the statements of financial performance/profit or loss/comprehensive income,
statements of changes in net assets/equity, statements of comparison of budget and actual
amounts and statements of cash flows for the year then ended, and notes to the financial
statements, including a summary of significant accounting policies and other explanatory
information.
In our opinion, the accompanying financial statements present fairly, in all material respects,
the financial position of (Agency/Unit/Corporation/Project) as at December 31, 20X1 and
20X0, and its financial performance, cash flows, changes in net assets/equity, and comparison
of budget and actual amounts for the year then ended in accordance with International Public
Sector Accounting Standards/Philippine Financial Reporting Standards.
C.2. Basis for Opinion
The auditor’s report shall include a section, directly following the opinion section the “Basis for
Opinion”.
This section shall:
a. States that the audit was conducted in accordance with ISSAI;

b. Refers to the section of the auditor’s report that describes the auditor’s responsibilities under
the auditing standards;
c. Includes a statement that the auditor is independent of the entity in accordance with the
relevant ethical requirements relating to the audit and has fulfilled the auditor’s other
responsibilities under those ethical requirements. The statement shall identify the jurisdiction of
origin of the relevant ethical requirements; and,
d. States whether the auditor believes that the audit evidence the auditor has obtained is sufficient
and appropriate to provide a basis for the auditor’s opinion.
154
Basis for Opinion (for unmodified opinion)
We conducted our audits in accordance with International Standards of Supreme Audit

Institutions (ISSAI). Our responsibilities under those standards are described in the Auditor’s
Responsibilities for the Audit of the Financial Statements section of our report. We are
independent of the Company in accordance with the Revised Code of Conduct and Ethical
Standards for Commission on Audit Officials and Employees (Code of Ethics) together with the
ethical requirements that are relevant to our audit of the financial statements in the
Philippines, and we have fulfilled our other ethical responsibilities in accordance with these
requirements and the Code of Ethics. We believe that the audit evidence we have obtained is
sufficient and appropriate to provide a basis for our opinion.
In case of modified opinion, this section shall state the basis for modification as the first paragraph.
Basis for Qualified Opinion (for Qualified Opinion – same qualification for both years)
The Agency’s inventories are carried in the statement of financial position at Pxxx and Pxxx as at
December 31, 20X1 and 20X0, respectively. Management has not stated the inventories at the
lower of cost and net realizable value but has stated them solely at cost, which constitutes a
departure from IPSAS/PFRS. The Agency’s records indicate that, had management stated the
inventories at the lower of cost and net realizable value, an amount of Pxxx and Pxxx as at
December 31, 20X1 and 20X0, respectively, would have been required to write the inventories
down to their net realizable value. This resulted in the understatement as at December 31, 20X1
and 20X0, respectively, of cost of sales by Pxxx and Pxxx and overstatement of income tax by Pxxx
and Pxxx, net income by Pxxx and Pxxx, and stockholders’ equity by Pxxx and Pxxx.
We conducted our audits in accordance with International Standards of Supreme Audit

Institutions. Our responsibilities under those standards are described in the Auditor’s
Responsibilities for the Audit of the Financial Statements section of our report. We are
independent of the Agency in accordance with the Revised Code of Conduct and Ethical Standards
for Commission on Audit Officials and Employees (Code of Ethics) together with the ethical
requirements that are relevant to our audit of the financial statements, and we have fulfilled our
other ethical responsibilities in accordance with these requirements and the Code of Ethics. We
believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis
for our qualified opinion.
C.3. Key Audit Matters
These are matters that, in the auditor’s professional judgment, are of most significant in the audit of
FS of the current period. These matters are addressed in the context of the audit of the FS as a
whole.
Application of ISSAI 2701 is mandatory for the audit of general purpose financial statements of listed
entities and may also be applied on a voluntary basis for other audits. In the absence of any COA
policy on the matter, KAM, for the meantime, will strictly be applied to listed entities.
The purposes of reporting on KAM in the audit report are to:
155
a. Increase transparency about the audit that was performed. Communicating KAM provides
additional information to intended users of the FS to assist them in understanding those matters
that, in the auditor’s professional judgment, were of most significance in the audit of the FS of
the current period.
b. Focus users of the FS on areas in the FS that are subject to significant management judgment
and significant auditor attention, which may assist the users in better understanding the entity
and FS, and the outcome of the audit as reflected in the auditor’s opinion.
c. Provide users a basis to further engage with management and those in charge of governance,
about certain matters related to the entity, the audited FS, or the audit that was performed.
Communicating KAM in the auditor’s report is not:
a. A substitute for disclosure in the Notes to FS that the applicable FRF requires Management to
make, or that are otherwise necessary to achieve fair presentation;
b. A substitute for the auditor expressing a modified opinion when required by the circumstances
of a specific audit engagement in accordance with ISSAI 2705;
c. A substitute for reporting in accordance with ISSAI 2570 when material uncertainty exists
relating to event or condition that may cast significant doubt on an entity’s ability to continue as
a going concern; or,
d. A separate opinion on individual matters.
When communicating KAM, auditors should consider laws and regulations that restrict the reporting
of such information by imposing confidentiality requirements. The need for confidentiality may be
based on the mandate of the SAI or legislation related to official secrets or privacy. Auditors should
identify such laws and regulations and should consider confidentiality requirements when
determining the KAM to communicate.
The auditor is prohibited under ISSAI 2705 from communicating KAM when the auditor disclaims an
opinion on the FS, unless such reporting is required by law or regulations.
The auditor shall describe each KAM, using an appropriate subheading, in a separate section of the
Auditor’s Report under the heading “Key Audit Matters”. The introductory language shall state that:
a. KAMs are those matters that, in the auditor’s professional judgment, were of most significance
in the audit of the FS for the period; and,
b. Those matters were addressed in the context of the audit of FS as a whole, and in forming the
auditor’s opinion thereon; the auditor does not provide a separate opinion on those matters.
Key Audit Matters
(No KAM to communicate or when the only KAM are those matters that give rise to a modified
opinion)
Except for the matter described in the Basis for Qualified (Adverse) Opinion section or Material
Uncertainty Related to Going Concern section, we have determined that there are no other key
audit matters to communicate in our report.
(For unmodified opinion - 1st paragraph)
156
Key audit matters are those matters that, in our professional judgment, were of most
significance in our audit of the financial statements of the current period. These matters were
addressed in the context of our audit of the financial statements as a whole, and in forming
our opinion thereon, and we do not provide a separate opinion on these matters. For each
matter below, our description of how our audit addressed the matter is provided in that
context.
(For qualified opinion – 1st paragraph)
Key audit matters are those matters that, in our professional judgment, were of most
significance in our audit of the financial statements. These matters were addressed in the
context of our audit of the financial statements as a whole, and in forming our opinion
thereon, and we do not provide a separate opinion on these matters. In addition to the matter
described in the Basis for Qualified Opinion section, we have determined the matters described
below to be the key matters to be communicated in our report.
[Description of each key audit matter in accordance with ISSAI 2701.]
C.4. Emphasis of Matter
Emphasis of Matter
(For unmodified opinion)
We draw attention to Note X of the financial statements, which describes the effects of a fire
in the agency’s facilities. Our opinion is not modified in respect of this matter.
(For qualified opinion)
We draw attention to Note 30 to the Financial Statements which describes the contingent
liabilities for lawsuits or claims filed by third parties against (Agency/Unit/Corporation/
Project) which are either pending in courts or under negotiation, and cases filed by
(Agency/Unit/Corporation) against the (concerned agencies) which are pending before the
Supreme Court, Court of Appeals and the Local Board of Assessments of the Local Government
Unit. Our opinion is not modified in respect of these matters.
(For adverse of opinion)
We draw attention to Note X to the financial statements which describes the uncertainties
related to pending cases in several courts involving various claims against the Agency.
Because of the significance of the matters described in the Basis for Adverse Opinion
paragraph, it is appropriate to, and we do not, express an opinion on the information referred
to above.
157
C.5. Other Matter
Other matter
In our report dated March 1, 20X1, we expressed an opinion that the 20X0 financial
statements did not fairly present the financial position, results of operations, and cash flows of
Agency/Unit/Corporation/Project in accordance with the IPSAS or PFRS because of two
departures from such principles: (1) Agency/Unit/Corporation/Project carried its property,
plant, and equipment at appraisal values, and provided for depreciation on the basis of such
values, and (2) Agency/Unit/Corporation/Project did not provide for deferred income taxes
with respect to differences between income for financial reporting purposes and taxable
income. The Agency/Unit/Corporation/Project has changed its method of accounting for these
items and restated its 20X0 financial statements to conform with the IPSAS or PFRS.
Accordingly, our present opinion on the restated 20X0 financial statements, as presented
herein, is different from that expressed in our previous report.
Relationship between Emphasis of Matter and Other Matter Paragraphs and Key Audit
Matters in the Auditor’s Report
Matters that require an additional paragraph in the IAR, such as that which give rise to a
modified opinion or a material uncertainty related to events and conditions that may cast
significant doubt on the Agency/LGU/Corporation’s ability to continue as a going concern are
considered Key Audit Matters. These matters need not be described in the Key Audit Matter
paragraph, but rather be referred to the Basis for Qualified (Adverse) Opinion or Material
Uncertainty Related to Going Concern section in the KAM paragraph (ISSAI 2701, para. 15).
Sample KAM paragraph in these circumstances:
Except for the matter described in the Basis for Qualified Opinion (Adverse) Opinion section or
Material Uncertainty Related to Going Concern section, we have determined that there are
no other key audit matters to communicate in this report.
Circumstances in which an Emphasis of Matter paragraph may be necessary
Examples of circumstances where the auditor may consider it necessary to include an

Emphasis of Matter paragraph are:
• An uncertainty relating to the future outcome of exceptional litigation or regulatory action.

• Early application (where permitted) of a new accounting standard (for example, a new IFRS
that has a pervasive effect on the financial statements in advance of its effective date.
• A major catastrophe that has had, or continues to have, a significant effect on the entity’s
financial position.
A widespread use of Emphasis of Matter paragraphs diminishes the effectiveness of the

auditor’s communication of such matters. Additionally, to include more information in an
Emphasis of Matter paragraph than is presented or disclosed in the financial statements may
imply that the matter has not been appropriately presented or disclosed; accordingly,
158
paragraph 6 limits the use of an Emphasis of Matter paragraph to matters presented or
disclosed in the financial statements.
Including an Emphasis of Matter Paragraph in the auditor’s report
The inclusion of an Emphasis of Matter paragraph in the auditor’s report does not affect the
auditor’s opinion. An Emphasis of Matter paragraph is not a substitute for either:
a. The auditor expressing a qualified opinion or an adverse opinion, or disclaiming an opinion,

when required by the circumstances of a specific audit engagement; or
b. Disclosures in the financial statements that the applicable financial reporting framework
requires management to make.
Relevant to users’ understanding of the Auditor’s Responsibilities or the auditor’s report
Law, regulation or generally accepted practice in a jurisdiction may require or permit the
auditor to elaborate on matters that provide further explanation of the auditor’s
responsibilities in the audit of the financial statements or of the auditor’s report thereon.
Where relevant, one or more sub-headings may be used that describe the content of the Other
Matter paragraph.
The following is an interaction between Key Audit Matters section, an Emphasis of Matter
paragraph and an Other Matter paragraph when all are presented in the auditor’s report.
Report on the Audit of the Financial Statements
Opinion
…
Basis for Opinion

…
Emphasis of Matter
We draw attention to Note x of the financial statements, which describes the effects of a fire
in the Corporation/Agency/LGU’s production facilities. Our opinion is not modified in respect
of this matter.
Key Audit Matters
Key audit matters are those mattes that, in our professional judgment, were of most
significance in our audit of the financial statements of the current period. These matters
were addressed in the context of our audit of the financial statements as a whole, and in
forming our opinion thereon, and we do not provide a separate opinion on these matters.
[Describe each key audit matter in accordance with ISSAI 2701]
159
Other Matter
In our report dated March 1, 20x2, we expressed an opinion that the 20x1 financial
statements did not fairly present the financial position, results of operations and cash flows
of the Agency/ Corporation/LGU in accordance with IPSAS because of various departures,
among which is the non-recognition of the financial impact of the Regional Trial Court’s
decision ordering the payment of Px.x million relative to the Indigenous People’s case. As
discussed in Note x to the financial statements, the Agency/ Corporation/ LGU has already
recognized the effects of the same and restated the 20x1 financial statements to conform to
IPSAS. Accordingly, our present opinion on the restated 20x1 financial statements, as
presented herein, is no longer modified concerning this matter.
C.6. Material Uncertainty Related to Going Concern
(For unmodified opinion when the auditor has concluded that a material uncertainty exists)
Material Uncertainty Related to Going Concern
We draw attention to Note XXX in the financial statements, which indicates that the
Corporation incurred a net loss of ZZZ during the year ended December 31, 20X1 and, as of
that date, the Corporation’s current liabilities exceeded its total assets by YYY. As stated in
Note 6, these events or conditions, along with other matters as set forth in Note 6, indicate
that a material uncertainty exists that may cast significant doubt on the Corporation’s ability
to continue as a going concern. Our opinion is not modified in respect of this matter.
(For qualified opinion when the auditor has concluded that a material uncertainty exists)
Basis for Qualified Opinion
As discussed in Note yy, the Corporation’s financing arrangements expire and amounts
outstanding are payable on March 19, 20X2. The Corporation has been unable to conclude re-
negotiations or obtain replacement financing. This situation indicates that a material
uncertainty exists that may cast significant doubt on the Corporation’s ability to continue as a
going concern. The financial statements do not adequately disclose this matter.
We conducted our audit…
(For adverse opinion when the auditor has concluded that a material uncertainty exists)
Basis for Adverse Opinion
The Corporation’s financing arrangements expired and the amount outstanding was payable
on December 31, 20X1. The Corporation has been unable to conclude re-negotiations or obtain
replacement financing and is considering filing for bankruptcy. This situation indicates that a
material uncertainty exists that may cast significant doubt on the Corporation’s ability to
continue as a going concern. The financial statements do not adequately disclose this fact.
We conducted our audit…
160
C.7. Other Information
ISSAI 2720, The Auditor’s Responsibilities Relating to Other Information, requires reporting on other

information, financial or non-financial information included in an entity’s annual report.
Obtaining the Other Information
The auditor shall:
a. Determine, through discussion with management, which document(s) comprises the annual
report, and the entity’s planned manner and timing of the issuance of such document(s);
b. Make appropriate arrangements with management to obtain in a timely manner and, if possible,
prior to the date of the auditor’s report, the final version of the document(s) comprising the
annual report; and
c. When some or all of the document(s) determined in “a” will not be available until after the date
of the auditor’s report, request management to provide a written representation that the final
version of the document(s) will be provided to the auditor when available, and prior to its
issuance by the entity, such that the auditor can complete the procedures required by this ISSAI.
The auditor shall read the other information and, in doing so shall:
a. Consider whether there is a material inconsistency between the other information and the FS.
As the basis for this consideration, the auditor shall, to evaluate their consistency, compare
selected amounts or other items in the other information (that are intended to be the same as,
to summarize, or to provide greater detail about, the amounts or other items in the FS) with
such amounts or other items in the FS; and,
b. Consider whether there is a material inconsistency between the other information and the
auditor’s knowledge obtained in the audit, in the context of audit evidence obtained and
conclusions reached in the audit. (ISSAI 2720, para. 14)
While reading the other information, the auditor shall remain alert for indications that the
information not related to the financial statements or the auditor’s knowledge obtained in the audit
appears to be materially misstated. (ISSAI 2720, para. 15)
If the auditor identifies a material inconsistency appears to exist (or becomes aware that the other
information appears to be materially misstated), the auditor shall discuss the matter with
management and, if necessary, perform other procedures to conclude whether:
a. A material misstatement of the other information exists;

b. A material misstatement of the financial statements exists; or
c. The auditor’s understanding of the entity and its environment needs to be updated. (ISSAI 2720,
para. 16)
If the auditor concludes that a material misstatement of the other information exists, the auditor
shall request management to correct the other information. If management:
161
a. Agrees to make the correction, the auditor shall determine that the correction has been made;
or
b. Refuses to make the correction, the auditor shall communicate the matter with those charged
with governance and request that the correction be made. (ISSAI 2720, para. 17)
If the auditor concludes that a material misstatement exists in other information obtained prior to
the date of the auditor’s report, and the other information is not corrected after communicating
with those charged with governance, the auditor shall take appropriate action, including:
a. Considering the implications for the auditor’s report and communicating with those charged
with governance about how the auditor plans to address material misstatement in the auditor’s
report;
b. Withdrawing from the engagement, where withdrawal is possible under applicable law or
regulation. (ISSAI 2720, para. 18)
If the auditor concludes that a material misstatement exists in other information obtained after the
date of the auditor’s report, the auditor shall:
a. If the other information is corrected, perform the procedures necessary in the circumstances; or
b. If the other information is not corrected after communicating with those charged with
governance, take appropriate action considering the auditor’s legal rights and obligations, to
seek to have the uncorrected material misstatement appropriately brought to the attention of
users for whom the auditor’s report is prepared. (ISSAI 2720, para. 19)
If as a result of performing the procedures in paragraphs 14 and 15 of ISSAI 2720, the auditor
concludes that a material misstatement in the financial statements exists or the auditor’s
understanding of the entity and its environment needs to be updated, the auditor shall respond
appropriately in accordance with other ISSAIs. (ISSAI 2720, para. 20)
A separate section in the auditor’s report is used to identify the other information, describe the
auditor’s responsibilities in relation thereto, and, if applicable, report on any material misstatement
of the other information in “Other Matter” paragraph.
Some examples of other information to be disclosed are listed below:
a. Liquidity and capital resource information, such as cash, cash equivalents and marketable
securities; dividends; and debt, capital lease and minority interest obligations
b. Amounts involved in guarantees, contractual obligations, legal or environmental claims, and
other contingencies
c. Financial measures or ratios, such as gross margin, return on average capital employed, return
on average shareholders’ equity, current ratio, interest coverage ratio and debt ratio. Some of
these may be directly reconcilable to the FS
d. Explanations of critical accounting estimates and related assumptions
e. Identification of related parties and descriptions of transactions with them
f. Descriptions of guarantees, indemnifications, contractual obligations, litigation or environmental
liability cases, and other contingencies, including management’s qualitative assessments of the
entity’s related exposures
162
g. Management’s qualitative assessments of the impacts of new financial reporting standards that
have come into effect during the period or in the following period, on the entity’s financial
results, financial position and cash flows
In addressing the requirements of ISSAI 2230 as it applies to Other Information, the auditor shall
include in the audit documentation:
a. Documentation of the procedures performed under ISSAI 2720, and

b. The final version of the other information on which the auditor has performed the work
under ISSAI 2720. (ISSAI 2720, para. 25)
Illustration:
An auditor’s report of any entity, whether listed or other than listed, containing an unmodified
opinion when the auditor has obtained all of the other information prior to the date of the
auditor's report and has not identified a material misstatement of the other information.
Other Information
Management is responsible for the other information. The other information obtained at the date
of this auditor’s report is included in the Annual Report of the Agency/Unit/Corporation/ Project,
but does not include the financial statements and our auditor’s report thereon.
Our opinion on the financial statements does not cover the other information and we do not
express any form of assurance conclusion thereon.
In connection with our audit of the financial statements, our responsibility is to read the other
information and, in doing so, consider whether the other information is materially inconsistent
with the financial statements or our knowledge obtained in the audit or otherwise appears to be
materially misstated.
If, based on the work we have performed, we conclude that there is a material misstatement of
this other information, we are required to report that fact. We have nothing to report in this
regard.
C.8. Responsibilities of Management and Those Charged with Governance for the Financial
Statements
The auditor’s report shall include a section with a heading using the appropriate term to describe
those responsible for the preparation of the FS. This heading need not refer specifically to
“Management,” but may also refer to “Those Charged with Governance” or such term that is
appropriate in the context of the legal framework in the particular jurisdiction.
This section shall describe management’s responsibility for:
a. Preparing the FS in accordance with the applicable FRF, and for such internal control as
management determines is necessary to enable the preparation of FS that are free from
material misstatements whether due to fraud or error; and,
163
b. Assessing the entity’s ability to continue as a going concern and whether the use of the going
concern basis of accounting is appropriate as well as disclosing, if applicable, matters relating to
going concern. The explanation of management’s responsibility for this assessment shall include
a description of when the use of the going concern basis of accounting is appropriate.
Those responsible for the oversight of the financial reporting process, if different from those
responsible for preparing the FS shall also be identified in this section.
Responsibilities of Management and Those Charged with Governance for the Financial
Statements
Management is responsible for the preparation and fair presentation of the financial statements
in accordance with the International Public Sector Accounting Standards or Philippine Financial
Reporting Standards and for such internal control as management determined is necessary to
enable the preparation of financial statements that are free from material misstatement,
whether due to fraud or error.
In preparing the financial statements, management is responsible for assessing the

corporation’s/unit’s/agency’s ability to continue as a going concern, disclosing, as applicable,
matters related to going concern and using the going concern basis of accounting unless
management either intends to liquidate the agency or to cease operations, or has no realistic
alternative but to do so.
Those charged with governance are responsible for overseeing the corporation’s/unit’s/agency’s
financial reporting process.
C.9. Auditor’s Responsibilities for the Audit of the Financial Statements
The auditor’s report shall state that:
a. The objectives of the audit are to: (i) Obtain reasonable assurance about whether the FS as a
whole are free from material misstatement, whether due to fraud or error; and, (ii) Issue an IAR
that includes an opinion.
b. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit
conducted in accordance with ISSAIs will always detect a material misstatement when it exists;
c. Misstatements can arise from fraud or error and are considered material if, individually or in the
aggregate, they could reasonably be expected to influence the economic decisions of users
taken on the basis of these FS;
d. The auditor exercises professional judgment and maintains professional skepticism throughout
the audit;
e. The auditor’s responsibilities are:
i. To identify and assess the risks of material misstatements of the FS, whether due to fraud or
error; to design and perform audit procedures responsive to those risks; and to obtain audit
164
evidence that is sufficient and appropriate to provide a basis for his opinion. The risk of
material misstatement resulting from fraud is higher than for one resulting from error, as
fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the
override of internal control.
ii. To obtain an understanding of internal control relevant to the audit in order to design audit
procedures that are appropriate in the circumstances, but not for the purpose of expressing
an opinion on the effectiveness of the agency’s internal control.
iii. To evaluate the appropriateness of accounting policies used and the reasonableness of
accounting estimates and related disclosures made by management.
iv. To conclude on the appropriateness of management’s use of the going concern basis of
accounting and, based on the audit evidence obtained, whether a material uncertainty
exists related to events or conditions that may cast significant doubt on the agency’s ability
to continue as a going concern. If he concludes that a material uncertainty exists, he is
required to draw attention in the auditor’s report to the related disclosures in the FS or, if
such disclosures are inadequate, to modify his opinion. His conclusions are based on the
audit evidence obtained up to the date of the auditor’s report. However, future events or
conditions may cause the agency to cease to continue as a going concern.
v. To evaluate the overall presentation, structure and content of the FS, including the
disclosures, and whether the FS represent the underlying transactions and events in a
manner that achieves fair presentation.
f. The auditor communicates with those charged with governance regarding, among other
matters, the planned scope and timing of the audit and significant audit observations, including
any significant deficiencies in internal control that he identifies during the audit.
g. The auditor provides those charged with governance with a statement that he has complied
with relevant ethical requirements regarding independence, and communicate with them all
relationships and other matters that may reasonably be thought to bear on his independence,
and where applicable, related safeguards.
h. From the matters communicated with those charged with governance, the auditor determines
those matters that were of most significance in the audit of the FS of the current period and are
therefore the key audit matters.
i. In cases of group audits where ISSAI 2600, paragraph 14 applies, the auditor’s responsibilities in
group audit are: i.1) To obtain sufficient appropriate audit evidence regarding the financial
information of the entities and business activities within the group to express an opinion on the
group FS; i.2) For the direction, supervision and performance of the group audit; and (i.3) To
remain solely responsible for the auditor’s opinion.
Auditor’s Responsibilities for the Audit of Financial Statements
(For unmodified, qualified, and adverse opinion)
165
Our objectives are to obtain reasonable assurance about whether the financial statements as
a whole are free from material misstatement, whether due to fraud or error, and to issue an
auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance,
but is not a guarantee that an audit conducted in accordance with ISSAI will always detect a
material misstatement when it exists. Misstatements can arise from fraud or error and are
considered material if, individually or in the aggregate, they could reasonably be expected to
influence the economic decisions of users taken on the basis of these financial statements.
As part of an audit in accordance with ISSAIs, we exercise professional judgment and maintain
professional skepticism throughout the audit. We also:
 Identify and assess the risks of material misstatement of the financial statements,
whether due to fraud or error, design and perform audit procedures responsive to those
risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for
our opinion. The risk of not detecting a material misstatement resulting from fraud is
higher than for one resulting from error, as fraud may involve collusion, forgery,
intentional omissions, misrepresentations, or the override of internal control.
 Obtain an understanding of internal control relevant to the audit in order to design audit
procedures that are appropriate in the circumstances, but not for the purpose of
expressing an opinion on the effectiveness of the Agency/Unit/Corporation/Project’s
internal control.
 Evaluate the appropriateness of accounting policies used and the reasonableness of

accounting estimates and related disclosures made by management.
 Conclude on the appropriateness of management’s use of the going concern basis of

accounting and, based on the audit evidence obtained, whether a material uncertainty
exists related to events or conditions that may cast significant doubt on the
Agency/Unit/Corporation/Project’s ability to continue as a going concern. If we conclude
that a material uncertainty exists, we are required to draw attention in our auditor’s
report to the related disclosures in the financial statements or, if such disclosures are
inadequate, to modify our opinion. Our conclusions are based on the audit evidence
obtained up to the date of our auditor’s report. However, future events or conditions may
cause the Agency/Unit/Corporation/Project to cease to continue as a going concern.
 Evaluate the overall presentation, structure and content of the financial statements,
including the disclosures, and whether the financial statements represent the underlying
transactions and events in a manner that achieves fair presentation.
We communicate with those charged with governance regarding, among other matters, the
planned scope and timing of the audit and significant audit observations, including any
significant deficiencies in internal control that we identify during our audit.
We also provide those charged with governance with a statement that we have complied with
relevant ethical requirements regarding independence, and to communicate with them all
relationships and other matters that may reasonably be thought to bear on our independence,
166
and where applicable, related safeguards.
From the matters communicated with those charged with governance, we determine those
matters that were of most significance in the audit of the financial statements of the current
period and are therefore the key audit matters. We describe these matters in our auditor’s
report unless law or regulation precludes public disclosure about the matter or when, in
extremely rare circumstances, we determine that a matter should not be communicated in our
report because the adverse consequences of doing so would reasonably be expected to
outweigh the public interest benefits of such communication.
(The last paragraph is not included if there is no KAM to report)
(For disclaimer of opinion)
Our responsibility is to conduct an audit of the Agency/Unit/Corporation/Project’s financial

statements in accordance with ISSAI and to issue an auditor’s report. However, because of the
matter described in the Basis for Disclaimer of Opinion section of our report, we were not able
to obtain sufficient appropriate audit evidence to provide a basis for an audit opinion on these
consolidated financial statements.
We are independent of the Agency/Unit/Corporation/Project in accordance with the ethical

requirements that are relevant to our audit of the financial statements in Code of Ethics, and
we have fulfilled our other ethical responsibilities in accordance with these requirements.
D. Report on Other Legal and Regulatory Requirements/ Supplementary Information
This refers to other reporting responsibilities not addressed under the reporting responsibilities
required by the ISSAIs as part of the report. (ISSAI 2720)
The auditor is required to report on other regulatory requirements, such as the entity’s inclusion in
the Notes to FS information on taxes, duties and license fees paid or accrued during the taxable
year. It may also include applicable requirements from other regulatory bodies.
If supplementary information that is not required by the applicable financial reporting framework is
presented with the audited financial statements, the auditor shall evaluate whether, in the auditor’s
professional judgment, supplementary information is nevertheless an integral part of the financial
statements due to its nature or how it is presented. When it is an integral part of the financial
statements, the supplementary information shall be covered by the auditor’s opinion. (ISSAI 2700,
para. 53)
The following requirements under AASC Alert Series 002 of 2011 may be adopted by
agency/unit/corporation to differentiate the supplementary information from the financial
statements by:
 Disclosing the supplementary information in a separate note at the end of the required notes to
the financial statements and clearly label them as “supplementary information”.
167
 Removing any cross-references from the financial statements to the separate note on
supplementary information so that the demarcation between the financial statements and the
supplementary information is sufficiently clear.
If supplementary information that is not required by the applicable financial reporting framework is
not considered an integral part of the audited financial statements, the auditor shall evaluate
whether such supplementary information is presented in a way that sufficiently and clearly
differentiates it from the audited financial statements. If this is not the case, then the auditor shall
ask management to change how the unaudited supplementary information is presented. If
management refuses to do so, the auditor shall identify the unaudited supplementary information
and explain in the auditor’s report that such supplementary information has not been audited.
If the auditor addresses other reporting responsibilities in the IAR on the financial statements that
are in addition to the auditor’s responsibility under the ISSAIs to report on the financial statements,
these other reporting responsibilities shall be addressed in a separate section in the auditor’s report
that shall be sub-titled “Report on Other Legal and Regulatory Requirements.” Such section is placed
after the “Report on the Financial Statements.” (AASC Alert Series 002 of 2011)
ISSAI 2700 does not specify the wording of the report on supplementary information. However, the
AASC recommended the following elements in a separate section in the auditor’s report:
a. A statement that the audit was conducted for the purpose of forming an opinion on the financial
statements as a whole;
b. A statement that the supplementary information is presented for whatever purpose/s defined
by the regulatory office and is not a required part of the financial statements;
c. A statement that the supplementary information is the responsibility of management;
d. A statement that the supplementary information has been subjected to the auditing procedures
applied in the audit of the financial statements; and
e. If the auditor has issued an unqualified opinion on the financial statements and the auditor has
concluded that the supplementary information is fairly stated, in all material respects, in relation
to the financial statements as a whole, a statement that, in the auditor’s opinion the
supplementary information is fairly stated in all material respects, in relation to the financial
statements as a whole.
Report on Other Legal and Regulatory Requirements
(for unmodified opinion)
Our audits were conducted for the purpose of forming an opinion on the basic financial statements
taken as a whole. The supplementary information in Note X to the financial statements is
presented for the purpose of filing with the Bureau of Internal Revenue and is not a required part
of the basic financial statements. Such supplementary information is the responsibility of
management and has been subjected to auditing procedures applied in our audits of the basic
financial statements. In our opinion, the supplementary information is fairly stated, in all material
respects, in relation to the basic financial statements taken as a whole.
(for qualified opinion)
168
management and has been subjected to auditing procedures applied in our audits of the basic
financial statements. In our opinion, except for the effect of the information of the matter/s
described in the Basis for Qualified Opinion paragraph, the supplementary information is fairly
stated, in all material respects, in relation to the basic financial statements taken as a whole.
(for adverse opinion)
management. Because of the significance of the matter/s described in the Basis for Adverse
Opinion paragraph, it is inappropriate to and we do not express opinion on the supplementary
information referred to above.
(for disclaimer of opinion)
We were engaged for the purpose of forming an opinion on the basic financial statements taken
as a whole. The supplementary information in Note X to the financial statements is presented for
the purpose of filing with the Bureau of Internal Revenue and is not a required part of the basic
financial statements. Such supplementary information is the responsibility of management.
Because of the significance of the matter/s described in the Basis for Disclaimer of Opinion
paragraph, it is inappropriate to and we do not express opinion on the supplementary information
referred to above.
(unmodified opinion & the entity did not disclose all the required supplementary information)
Management of X Company has not presented the supplementary information on taxes, duties
and license fees required for the purpose of filing with the Bureau of Internal Revenue and is not a
required part of the basic financial statements. Our opinion on the basic financial statements is
not affected by the non-presentation of the supplementary information.
(unqualified opinion & the required supplementary information is presented and clearly
differentiated from the audited financial statements but was not audited)
management. We were not able to apply auditing procedures on such supplementary information
because [state the reason/s]. Accordingly, it is inappropriate to and we do not express an opinion
on the supplementary information referred to above.
169
E. Name of the Engagement Partner
“COMMISSION ON AUDIT”, placed before the signature and name of the Supervising Auditor.
F. Signature of the Auditor
The IAR shall be signed by the Supervising Auditor or duly authorized signatory.
G. Auditor’s Address
This represents the official address of the auditor. It is usually a part of the letterhead hence, no
need to include this after the signature of the auditor.
H. Date of the Independent Auditor’s Report
It shall be dated not earlier than the date when the auditor has obtained sufficient appropriate audit
evidence, usually after fieldwork or after the exit conference if there are still procedures to be
undertaken as a result of what has been discussed, as basis of the auditor’s opinion on the FS.
III. Comparative Information
74. ISSAI 2710 – Comparative Information deals with the auditor's responsibilities relating to
comparative information in an audit of FS. The nature of the comparative information that is
presented in an entity's FS depends on the requirements of the applicable FRF. Comparative
information refers to the amounts and disclosures included in the FS in respect of one or more prior
periods in accordance with the applicable FRF.
75. The auditor shall evaluate whether-
a. The comparative information agrees with the amounts and other disclosures presented in the
prior period, or, when appropriate, have been restated; and
b. The accounting policies reflected in the comparative information are consistent with those
applied in the current period or, if there have been changes have been properly accounted for
and adequately presented and disclosed. (ISSAI 2710, para. 7)
A. Corresponding Figures and Comparative Financial Statements
76. There are two different broad approaches to the auditor's reporting responsibilities in respect of
such comparative information: corresponding figures and comparative FS. Under the corresponding
figures approach, the amounts and other disclosures for the prior period included as an integral part
of the current period FS, are intended to be read only in relation to the amounts and other
disclosures relating to the current period (referred to as “current period figures”). The level of detail
presented in the corresponding amounts and disclosures is dictated primarily by its relevance to the
current period figures.
77. The objectives of the auditor are:
170
a. To obtain sufficient appropriate audit evidence about whether the comparative information
included in the FS has been presented, in all material respects, in accordance with the
requirements for comparative information in the applicable FRF; and,
b. To report in accordance with the auditor’s reporting responsibilities.
78. The auditor shall determine whether the FS include the comparative information required by the
applicable FRF and whether such information is appropriately classified.
79. If the financial statements of the prior period were audited by a predecessor auditor, in addition to
expressing an opinion on the current period’s financial statements, the auditor shall state in an
Other Matter paragraph:
a. that the financial statements of the prior period were audited by a predecessor auditor;
b. the type of opinion expressed by the predecessor auditor and, if the opinion was modified, the
reasons therefore; and
c. the date of that report, unless the predecessor auditor’s report on the prior period’s financial
statements is reissued with the financial statements.
80. For this purpose, the auditor shall evaluate whether:
a. The comparative information agrees with the amounts and other disclosures presented in the
prior period or, when appropriate, have been restated; and,
b. The accounting policies reflected in the comparative information are consistent with those
applied in the current period or, if there have been changes in accounting policies, whether
those changes have been properly accounted for and adequately presented and disclosed.
A.1. Corresponding Figures
81. Under ISSAI 2710, when corresponding figures are presented, the auditor’s opinion shall not refer to
the corresponding figures except in the circumstances described below:
a. If the auditor’s report on the prior period, as previously issued, included a MODIFIED opinion
and the matter which gave rise to the modification is unresolved, the auditor shall modify the
auditor’s opinion on the current period’s FS. In the “Basis for Modification” paragraph in the
auditor’s report, the auditor shall either:
i. Refer to both the current period’s figures and the corresponding figures in the description
of the matter giving rise to the modification when the effects or possible effects of the
matter on the current period’s figures are material; or,
ii. In other cases, explain that the audit opinion has been modified because of the effects or
possible effects of the unresolved matter on the comparability of the current period’s
figures and the corresponding figures.
b. If the auditor obtains audit evidence that a material misstatement exists in the prior period
financial statements on which an unmodified opinion has been previously issued, and the
corresponding figures have not been properly restated or appropriate disclosures have not
been made, the auditor shall express a qualified opinion or an adverse opinion in the auditor’s
171
report on the current period financial statements, modified with respect to the corresponding
figures included therein.
c. If the prior period financial statements were not audited, the auditor shall state in an Other
Matter paragraph in the auditor’s report that the corresponding figures are unaudited. Such a
statement does not, however, relieve the auditor of the requirement to obtain sufficient
appropriate audit evidence that the opening balances do not contain misstatements that
materially affect the current period’s financial statements.
82. When the auditor’s report on the prior period, as previously issued, included a MODIFIED opinion
(qualified, disclaimer, or adverse) and the matter which gave rise to the modified opinion is resolved
and properly accounted for or disclosed in the FS in accordance with the applicable FRF, the
auditor’s opinion on the current period need not refer to the previous modification.
A.2. Comparative Financial Statements
83. When comparative FS are presented, the auditor’s opinion shall refer to each period for which FS
are presented and on which an audit opinion is expressed.
84. When reporting on prior period FS in connection with the current period’s audit, if the auditor’s
opinion on such prior period FS differs from the opinion the auditor previously expressed, the
auditor shall disclose the substantive reasons for the different opinion in an Other Matter paragraph
in accordance with ISSAI 2706.
85. If the prior period FS were not audited, the auditor shall state in an Other Matter paragraph that the
comparative FS are unaudited. Such a statement does not, however, relieve the auditor of the
requirement to obtain sufficient appropriate audit evidence that the opening balances do not
contain misstatements that materially affect the current period’s FS.
86. Government entities adopt the IPSAS or PFRS as their FRF. These standards require that comparative
information shall be disclosed in respect of the previous period for all amounts reported in the FS.
IV. Types of Audit Report
87. The audit report considers the management’s comments during the exit conference which should be
reduced in writing and formed part of documentation. This may be in the form of:
a. Annual Audit Report (AAR) – a report prepared at year-end on the results of audit on the
accounts and operations of an Agency/Unit/Corporation/Project. It is composed of the IAR and
discussion on observations with corresponding recommendations. In case the audited agency
failed to submit the FS for audit, no IAR can be issued. The auditor instead will issue ML
containing only the observations with corresponding recommendations. For an
Agency/Corporation with regional/branch offices and FOUs, the AAR shall be the consolidated
report on the results of audit of the head office, and the regional/division/district/field offices of
such Agency/Corporation. This report is transmitted to the agency head by the CD/RD. In the
case of GOCCs, the AAR is also transmitted to the governing board.
172
b. Management Letter (ML) – an audit report on the results of audit of the regional/branch offices,
FOUs, staff bureau and line office with complete set of books of accounts. This is addressed to
the Regional/Branch/Office Head and transmitted by the SA/RSA.
c. Summary of Audit Observations and Recommendations (SAOR) – a report/matrix that

summarizes the audit observations, recommendations, management comments and auditor's
rejoinder. This is the required year-end audit report for regional/field office agency with
incomplete set of books of accounts and national high schools with complete set of books of
accounts. This report is transmitted to the agency head by the SA/RSA. The SAOR shall be the
basis/input for the consolidation of ML/AAR.
88. The audit observations and recommendations are reviewed by the SA/RSA and CD/RD to ensure
that the same are based on the results of audit and duly documented, and all material issues and
concerns noted during the audit are included in the report and/or cleared by the CD/RD.
89. The guidelines on the preparation of audit report including the transmittal of reports and
requirements for the agency to submit the financial statements and documents are prescribed
under pertinent COA Issuances.
173
Appendix 4-1A. Illustration of Cases for Modified Opinion
1. Disagreement with management
a. Departure from IPSAS/PFRS
Recognition of PPE - hospital equipment - does not include an initial estimate of dismantling
cost. Amount is material, but effect is not pervasive.
Qualified opinion
We have audited…
respects, the financial position of the Agency as at December 31, 20CY, and its financial
performance and its cash flows for the year then ended in accordance with International Public
Sector Accounting Standards.
The Agency’s hospital equipment acquired on January 15, 20CY was recognized at a cost of
PhPxxxxx.xx, but such cost did not include an initial estimate of the cost to dismantle and remove
the item and restoring the site on which it is located. The non-recognition of dismantling cost is a
departure from International Public Sector Accounting Standards 17-Property, Plant and
Equipment. PPE, therefore, is understated by PhPxxx.xx at the end of 20CY and depreciation
expense and accumulated depreciation are understated by PhPxx.xx at the end of the same year.
Qualified Opinion
paragraph, the financial statements present fairly, in all material respects, (or give a true and
fair view of) the financial position of the Agency as at December 31, 20X1, and (of) its financial
b. Uncorrected misstatements
Inventory worth PhPxxx.xx is not adjusted for items already expired valued at PhPxxx.xx.
Further, the Corporation refuses to recognize a material loss on a settlement of a lawsuit that
was determinable during the period covered by the audit report.
Adverse opinion
We have audited…
In our opinion, because of significance of the matter(s) described in the Basis for Adverse Opinion
section of our report, the accompanying financial statements do not present fairly, in all material
174
respects, the financial position of the Corporation as at December 31, 20CY, and its financial
performance and its cash flows for the year then ended in accordance with Philippine Financial
Reporting Standards.
The balance of Inventory stated in the financial statements as at December 31, 20CY at
PhP00,000,000 is inaccurate since the Corporation refused to record an allowance for
impairment of inventory items that were already expired. The non-recognition of allowance for
impairment loss of PhP000,000 rendered the valuation of the account higher by PhP000,000, and
impairment loss and allowance for impairment loss lower by PhP000,000 as at the end of the
current year.
As explained in Note xx to the financial statements, during December 20CY, the Corporation
agreed to settle a pending lawsuit by the payment of PhP00,000,000, which was approximately
greater than the amount by PhP000,000 that had been accrued to cover this litigation. No
additional amount was provided in the financial statements.
(If the amount of expired inventory could not be quantified for some reason, an example of the
wordings of the basis for opinion paragraph is presented below.)
Basis for Disclaimer of Opinion
A substantial number of Inventories are considered expired and could no longer be used.
However, an adjustment could not be recorded in the books as the value of such expired
inventory items could not be quantified due to the absence of individual cost. We could not apply
alternative audit procedures because of the disorderly condition of underlying documents
supporting the accounting records.
(If qualitative disclosures were not provided for inventories that were expired, an example of the
wording of the basis for opinion paragraph is shown below.)
Management was unable to disclose information about the events or circumstances that have
led to the expiration of inventories resulting in its significant decline in value. Consequently, an
allowance for impairment loss of PhP000,000 was not recognized rendering the valuation of the
account higher by PhP000,000 and impairment loss and allowance for impairment loss lower by
PhP000,000 as at the end of the current year.
c. Inadequate disclosure
Non-disclosure of a major loans payable in the amount of PhPxxx.xx in the notes to financial
statements incurred to build a new plant in the Visayas to expand its operations. A land acquired
for the plant was not also disclosed. Effect is material but not pervasive.
175
Qualified opinion
We have audited…
In our opinion, except for the effects of the matters described in the Basis for Qualified Opinion
respects, the financial position of the Corporation as at December 31, 20CY, and its financial
performance and its cash flows for the year then ended in accordance with Philippine Financial
Reporting Standards.
The QRST Corporation entered into a loan agreement with BBB Banking Corporation worth
PhP00,000,000 to build a new plant in the Visayas to expand its operations with terms of xx
years at xx% interest annually. This was not, however, disclosed in the financial statements as
required in PFRS 1-Presentation of Financial Statements and PFRS 23-Borrowing Costs, as well as
the information that the Corporation’s payment for the loan’s substantial interest may affect its
working capital. The lack of disclosure precluded the users of the financial statements to make
informed decisions.
Further, a parcel of land acquired where the plant will be situated was not disclosed in the
financial statements. The land is stated at PhP0,000,000 as at December 31, 20CY.
Qualified opinion
In our opinion, except for the omission of the information referred to in the Basis for Qualified
Opinion paragraph, the financial statements present fairly, in all material respects (or “give a
true and fair view of”) the financial position of the Corporation at December 31, 20X0 and of its
financial performance and its cash flows for the year then ended in accordance with.
2. Scope limitation
(The sentence, “We believe that the audit evidence we have obtained is sufficient and
appropriate to provide a basis for our opinion.” is deleted from the Basis for Opinion Paragraph
for modified opinions due to scope limitation.
Likewise, the paragraph on Auditor’s Responsibilities is excluded from the Independent

Auditor’s Report.)
a. The LGU did not conduct a physical inventory of its assets. Evidence supporting its PPE assets
acquired in prior years is no longer available. The condition of its accounting records does not
permit application of adequate alternative procedures. Effect is material and pervasive.
Disclaimer of Opinion
We were engaged to audit…
176
We do not express an opinion on the accompanying financial statements. Because of the
significance of the matter described in the Basis for Disclaimer of Opinion section of our report,
we have not been able to obtain sufficient appropriate audit evidence to provide a basis for an
audit opinion on these financial statements.
Basis for Disclaimer of Opinion
The City did not conduct a physical count of its inventory, stated at PhP000,000 in the
accompanying financial statements as at December 31, 20CY. Further, evidence supporting the
cost of property and equipment acquired prior to December 31, 20CY is no longer available. The
City’s records do not permit the application of adequate alternative procedures regarding the
inventories or the cost of property and equipment.
Disclaimer of Opinion
We do not express an opinion on the accompanying financial statements of the LGU. Because of
the significance of the matter described in the Basis for Disclaimer of Opinion section of our
report, we have not been able to obtain sufficient appropriate audit evidence to provide a basis
for an audit opinion on the financial statements.
b. Non-confirmation of accounts receivable because of a restriction imposed by management
Qualified opinion
We have audited…
In our opinion, except for the possible effects of the matter described in the Basis for Qualified
Opinion section of our report, the accompanying financial statements present fairly, in all
material respects, the financial position of the Corporation as at December 31, 20CY, and its
financial performance and its consolidated cash flows for the year then ended in accordance with
Philippine Financial Reporting Standards.
Basis for qualified opinion
As instructed by management, we did not request confirmation of accounts receivable by direct

correspondence with the debtors of the Corporation. Consequently, we were unable to determine
whether any adjustments to the balance of accounts receivable as at December 31, 20CY were
necessary.
Qualified opinion
paragraph, the financial statements present fairly, in all material respects, (or give a true and
fair view of) the financial position of the Agency as at December 31, 20X1, and (of) its financial
177
Section 5
Quality Control Review
1. Quality control provides reasonable assurance that the audit engagement is performed in
compliance with professional standards and applicable legal and regulatory requirements, and the
audit report is appropriate in the circumstances. (The definition and discussions are covered by ISSAI
2220).
I. Quality Control versus Quality Assurance
2. While Quality Control and Quality Assurance are used interchangeably, there is a clear difference.
Quality control involves policies and procedures through which a SAI ensures that the audit is
carried out in compliance with the SAI auditing standards, rules and procedures in line with the best
international practices while quality assurance is a process through which a SAI monitors and
ensures that quality control is working effectively. Both Quality Control and Quality Assurance
operate within the Quality Management approach implemented by the SAI to ensure that audit
results as well as the means to achieving them, are within the desired level of quality.
II. Responsibility for Quality Control System and Quality Control Procedures
3. The SAI has an obligation to establish and maintain a system of quality control to provide reasonable
assurance that: (a) The SAI and its personnel comply with professional standards and applicable
legal and regulatory requirements; and (b) Reports issued by the auditors are appropriate in the
circumstances. Quality controls are established in all phases of the audit.
4. Within the context of the SAI’s system of quality control, the audit teams are responsible for
implementing quality control procedures that are applicable to the audit engagement and provide
the SAI with relevant information to ensure that quality controls relating to independence are
functional. The SA/RSA is responsible for the overall quality of each audit engagement.
5. The elements of quality control follow (ISQC 1):
a. Leadership responsibilities for quality – Engagement partner shall take responsibility for the
overall quality of audit.
b. Relevant ethical requirements – Fundamental principles of professional ethics are integrity,
objectivity, professional competence and due care, confidentiality, and professional behavior.
c. Acceptance and continuance of client relationships and specific engagements – Information
affecting conclusion include integrity of those charged with governance, competence of the
engagement team, compliance with relevant ethical requirements, and significant matters that
have arisen during the current or previous audit engagements.
d. Human resources – The audit team must have appropriate competence and capabilities such as
experience with audit engagements of a similar nature, understanding of professional standards
and applicable legal and regulatory requirements, technical expertise, and ability to apply
professional judgment.
e. Engagement performance – Direction of the engagement team involves discussion with all
members of the team, appropriate teamwork and training, and supervision.
178
f. Monitoring – Quality control policies and procedures are relevant, adequate, and operating
effectively.
III. Quality Control Review Process in COA
6. The responsibility for the quality of an audit and resulting Audit Report rests with the CD/RD and
SA/RSA. Following the Revised Guidelines in the Implementation of the Unified Audit Approach,
there are three levels of quality control review implemented in all the phases of the audit. These are
summarized below:
Table 13. Levels of Quality Control Review

Outputs Prepared by Reviewed and Signed by
ATM ATL
ATL SA/RSA
SA/RSA CD/RD
7. At the first level, ATLs are responsible for the initial review of the working papers prepared/obtained
by the ATMs, namely, results of evaluation and validation of controls over identified risks,
substantive work reducing residual audit risks to acceptable levels, supporting documents for the
audit report, draft audited FS; and other working papers.
8. At the level of SA/RSA, review should sufficiently satisfy the requirements that the audit
documentation contains adequate evidence of the work done and conclusions reached, and provide
a reasonable basis for an opinion.
9. The SA/RSA is responsible for:
a. Determining whether the overall presentation of the FS, including the related disclosures, is in
accordance with the applicable FRF. (This aspect is discussed in Section 4)
b. Ensuring that all necessary audit procedures have been completed, reviewed, and sufficiently
and appropriately documented.
c. Monitoring compliance by the audit team with auditing standards, laws, regulations and ethical
requirements.
d. Reviewing audit conclusions, recommendations, and professional judgments made by the audit
team.
e. Ensuring that all significant changes made to the audit strategy and audit plan are justified and
appropriately documented and approved.
f. Monitoring Management compliance with the requirements included in the Engagement Letter,
and action on deficiencies requiring corrections in the final FS.
g. Considering the results of COA’s monitoring process (i.e., QA review at the engagement level)
and whether deficiencies noted in the report may affect the audit engagement.
IV. Quality Control Documents
10. Auditor’s Declaration of Independence and Compliance with Relevant Ethical Standards - At the
Preliminary Engagement Phase, the Auditor’s Declaration of Independence and Compliance with
Relevant Ethical Standards signed by all members of the team, confirmed by the SA/RSA during the
179
Execution Phase and concurred by the CD/RD serves as an assurance that the audit is performed by
a team composed of competent and professional auditors.
11. Engagement Letter - COA formally informs the auditee of its audit requirements well ahead of time
as a matter of professional courtesy and engagement direction.
12. Engagement Planning Memorandum is not only a planning tool but also serves as supervision and
monitoring tool for the SA/RSA and the CD/RD. The progress of work by the team members, the
audit procedures performed and the timing of audit activities can be kept track through the Plan.
Deviations to activities approved in the Plan need to be approved by the SA/RSA before these are
effected. Otherwise, the ATL will be required to formally explain why certain procedures were
skipped, why budgeted time for each objective was exceeded, among others. This Plan will then
serve as a gauge of how well each member in the team performed.
V. Quality Control Review Documents
13. Completion Compliance Checklist (Appendix 5-1) - This Checklist enables the SA/RSA and the CD/RD
to check that all the required key procedures from the Preliminary Engagement Phase to Reporting
Phase of the audit were performed, except for drafting of report for submission to the CD/RD for
review. The audit team shall submit the duly signed-off CCC covering the above-mentioned
procedures to support the draft report to be submitted to the CD/RD for review.
After the release of the report, the audit team shall submit a duly signed-off CCC covering the
remaining reporting and quality control procedures. The accomplished checklist serves as basis for
the CD/RD in rating the performance of the audit team along with the auditee performance rating
on the audit team.
14. An Auditee Feedback Sheet (Appendix 5-2) is designed to assess audit team’s performance in the
field. It should be sent directly by the CD/RD to the auditee. This serves as a tool to ensure COA’s
commitment to quality service through quality staff. This Sheet should be addressed to the agency
head who is requested to respond within a given timeframe. The feedback results especially for
audit teams receiving negative feedback should be acted upon by the CD/RD.
a. It is important to seek explanation of the audit team on negative feedback to make them aware
of actions considered unprofessional and/or unethical by the auditee.
b. The CD/RD shall ensure that a report of all feedback results and actions taken by the CD/RD is
submitted to the Assistant Commissioner for his/her information after transmittal of all the
annual audit reports.
15. The Audit Team Leader/Member’s performance will be assessed by their immediate supervisor
based on the Completion Compliance Checklist and compliance with the ethical and professional
standards set in COA Resolution No. 2020-003 using the Supervising Auditor/ Regional Supervising
Auditor’s Evaluation Form (Appendix 5-3). This allows the Supervising Auditor/ Regional Supervising
Auditor to recommend and/or implement necessary interventions for the improvement of the
quality of delivery of audit services.
180
16. Director’s Evaluation Form (Appendix 5-4)
a. The audit team’s performance including that of the SA/RSA will be assessed based on the
Completion Compliance Checklist and the Auditee Feedback Sheet by the CD/RD with the
assessment evaluation to the Assistant Commissioner concerned.
b. This quality control review tool allows the CD/RD and the Assistant Commissioner to have a
reasonable basis for taking appropriate action to ensure the quality of financial audit performed
by the audit teams.
17. Financial Management Performance Rating (Appendix 5-5)
a. This quality control review tool assesses the quality of an auditee’s financial management
performance using the results of the audit performed, including internal control review.
b. When necessary, the results may be provided to the Department of Budget and Management as
one of the bases for reviewing the auditee’s performance.
18. A summary of the Quality Control Documents is presented in Exhibit 8.
Exhibit 8. Quality Control Documents
Q Engagement Letter
U Preliminary
A Auditor’s Declaration of Independence and Compliance with Relevant Ethical Standards
Activities
L
I
T Planning Engagement Planning Memorandum
Y
OAS, PDA, SRPIR, RRAAL, MT, AP
Execution
C
O AOM/AAPSI/APMT/RTS/Minutes of Exit Conference
N Reporting
T Audit Report
R
O Completion Compliance Checklist
L Quality
Control Auditee Feedback Sheet
Review
SA/RSA’s Evaluation Form, Director’s Evaluation Form
Financial Management Performance Rating
181
Appendix 5-1. Completion Compliance Checklist
Name of Agency
Completion Compliance Checklist
Year end ____________
I. Key Procedures
No. Description Document
Preliminary engagement
1. Auditee informed of the audit to be undertaken, its Engagement letter signed and
responsibilities under the audit and the audit requirements delivered
2. Auditors are independent from the auditee and committed to Auditor’s Declaration of
be objective in the conduct of audit Independence and Compliance
with Relevant Ethical Standards
Planning
1. Established the Initial overall audit strategy indicating the Overall Audit Strategy
scope, timing and direction of the audit
2. Auditors gathered/updated and analyzed financial related
information as basis for Preliminary Risk Assessment
- Evaluated results of other audits conducted, cash Working Paper on Preliminary
examination, notices of suspension, disallowances and data analysis
charges issued, personnel/property accountability audit,
investigation of current/emerging issues
- Obtained understanding of agency’s objectives, operations UTA/Financial Accountability
and outputs in relation to funds/appropriations LogFrame
- Assessed existence and design of internal controls related Updated Agency Internal Control
to financial statements Framework/ALCC
- Assessed compliance with the Internal Control Policies, Walkthrough Analysis
Procedures and Practices (or General Accounting Plan for
national agencies)
- Conducted preliminary analytical review of financial Tie-in analysis
statements worksheet/variance analysis
worksheet
3. Summarized information gathered and the results of Summary Report on Preliminary
preliminary risk assessment Identification of Risks
4. Determined Materiality level by identifying and selecting Materiality Template
appropriate benchmark and financial data
5. Conducted risk assessment process Results of Risk Assessment at the
Assertion Level
6. Established the audit engagement plan to execute the audit Approved Engagement Planning
Memorandum with Audit
Program
Execution
182
1. Approved changes in assessed risks of material Approved Revised Risk
misstatements, either due to fraud or errors, reflected in Assessment Template
Engagement Planning Memorandum
2. Approved changes in the Overall Audit Strategy and Audit Approved Revised Overall Audit
Plan Strategy and Audit Plan
3. a. Sufficient documents gathered and fieldwork procedures Working Papers and audit
completed evidence duly indexed
b. Identified, evaluated, and documented related parties and
related party transactions; litigation and claims; segment
reporting; subsequent events; and account balances and
disclosures
4. Communicated to management all audit results per account AOMs/NSs/NDs/NCs;
management’s comments;
memorandum/letter on
auditor’s rejoinder
5. Summarized proposed audit adjustments Summary of proposed audit
adjustments
6. Discussed all misstatements and errors identified during the Minutes of the meeting or
audit with the auditee Interview notes
7. Summarized all uncorrected misstatements and errors Summary of Uncorrected
Misstatements
8. Summarized audit observations and observations for Summary of Audit Observations
approval by the SA/RSA and discussion with the management and Recommendations
9. Conducted exit meeting with the auditee or those charged Minutes of exit conference
with governance (if appropriate)
10. Tracked Status of Prior Years’ Recommendations Recommendation Tracking Sheet
Reporting
1. Presented Financial Statements and notes/disclosures Financial Statements and
complete and in accordance with the prescribed reporting Management Representation
framework Letter dated near but not after
the date of audit report
2. Audit observations based on the results of audit and duly AOM with supporting
documented documents
3. All material issues and concerns noted during the audit
included in the report or cleared
4. AOMs well written with complete elements of an observation
5. All critical matters cleared by the Audit Team Leader with the Working Paper
SA/RSA and CD/RD as deemed appropriate
6. Audit Report issued was appropriate given the established Review Notes
materiality level and other qualitative factors deemed AAR/ML/SAOR
significant
Note: The SAs and ATLs shall see to it that all the above procedures are undertaken before the
submission of the draft report to the CD/RD for review.
183
Prepared by:
__(Signature over printed name)__

ATL
Date: (date submission of draft report to the
CD/RD)
Reviewed by:

SA/RSA
Date:
184
Finalization and Transmittal of Audit Report
1. Audit Report was completed, reviewed and transmitted/ AAR/ML/SAOR
distributed on time
Quality assurance
1. All working papers and other documents in proper order, Audit documentation/Working
complete and signed off by preparer Papers
All top schedules contain the audit conclusion of the auditor
2. All working papers and other documents properly reviewed
and signed off by reviewer
3. All working papers properly indexed and referenced
4. File and secure all working papers
5. All requirements in the templates from Preliminary
engagement to Reporting completed and documented
6. The two-way communication between the auditor and those AOM/AAR/ML/SAOR
charged with governance has been adequately made and
documented.
7. Financial management performance of agency evaluated Duly approved Financial
Management Performance
Rating
8. Team performance evaluated Supervising Auditor’s/Regional
Supervising Auditor’s Evaluation
Form
Director’s Evaluation Form
Plan for the next audit engagement
1. Actual hours completed and relative documentation placed
on file
2. Team debriefing held
3. Overall audit performance/execution reviewed
Prepared by:

ATL
Date:
Reviewed by:

SA/RSA
Date:
185
II. Engagement Sign-off
Yes No
No. Description Remarks
Indicate ✓
1. Based on my consideration of the matters set out below,
supported by sufficient review of relevant and significant
audit documentation, I confirm that:
 The engagement has been appropriately executed in
accordance with the policies and procedures, sufficient
appropriate evidence has been obtained to support
our opinion, and the audit report to be issued is
appropriate in the circumstances.
 I have been sufficiently involved in the audit process,
including in key meetings with the entity and the team.
 The extent and timing of my review of the items and
matters referred to below is sufficiently evidenced,
either in the audit file or through comments below and
through this completion sign-off. Further, all significant
matters have been evidenced as reviewed.
2. Financial statements
I have read the final financial statements [and other
information as appropriate] and am satisfied
that the presentation and related
disclosures are appropriate.
3. I have read the audit report and am satisfied that it was
transmitted at an appropriate time after the financial
statements were authorized for issue by the entity’s
management.
4. I have reviewed the Recommendation Tracking Sheet, and
agree with the disposition of the audit team (of restating
and/or clearing ________ audit observations and
recommendations).
5. I have reviewed the rating given by the audit team on the
financial management performance of the auditee and
find this in order.
6. I checked and noted that the Auditee Feedback Sheet has
been sent to the Office of the Director, Cluster ___.
7. I have prepared the performance rating of the audit team
8. I have discussed the performance rating with the Team.
9. Consultation and significant matters
There has been appropriate consultation on complicated
or contentious matters, and conclusions from consultation
have been agreed, documented and implemented.
All significant matters identified, including matters that
include information inconsistent with the final
conclusions, significant professional judgments, and
matters included the Schedule of Uncorrected
186
Yes No
Indicate ✓
Misstatements and justified departures have been
resolved, communicated to management and
documented to my satisfaction.
10. Sufficient appropriate audit evidence about the assessed
risks of material misstatement due to fraud has been
obtained through designing and implementing the
appropriate responses to those risks.
Identified or suspected fraud has been appropriately
responded to.
11. Sufficient appropriate evidence has been obtained in
relation to financial statement assertions for each
significant financial statement area, including disclosures,
allowing us to draw reasonable conclusions on which to
base our audit opinion.
12. Significant changes to the audit strategy and audit plan
All significant changes made to the audit strategy and
audit plan since planning sign-off have been appropriately
documented and to my satisfaction.
13. The materiality values as assessed in the planning phase
represent the final materiality values and are considered
appropriate.
I am not aware of any other information arising from the
audit that requires those materiality values to be revised
further.
14. Entity representations have been obtained sufficient to
support the audit report.
15. I have been sufficiently involved in the completion process
16. I have reviewed the auditee performance rating prepared
by the audit team and agree to the ratings given
17. Independence
Since planning sign-off, no other matters have arisen that
affect my independence or that of the audit team and/or
of COA, or any such matters arising have been
satisfactorily dealt with.
18. Compliance with ethical requirements
Since planning sign-off, no other matters have arisen that
affect compliance of members of the engagement team
with ethical requirements, or if any matters have arisen,
these have been satisfactorily dealt with.
19. Where procedures additional to the original audit strategy
and plan were deemed necessary to achieve the stated
objectives, these have been included in the audit file and
documented to my satisfaction
20. All necessary audit procedures have been completed,
reviewed, and sufficiently and appropriately documented.
187
Yes No
Indicate ✓
21. Where matters have arisen after the date of the audit
report, which required additional procedures to be
performed or resulted in a change to previous conclusions
drawn, they have been satisfactorily dealt with.
Prepared by:
__(Signature over
printed name)__
SA/RSA
Date:
188
III. Quality Control Review (QCR) Sign-off
Office of the Director _____________________________________________
Yes No
Description Remarks
Indicate ✓
1. I have read and assessed at least the documents indicated below. I
have included additional comments, where necessary to refer to
key meetings attended, any further steps taken and/or any
additional documentation reviewed by me.
 All significant matters
 Documents reviewed on a selective basis to review work
performed in significant areas (specify those documents or
indicate if none is selected)
 The record in the completion sign-off of the engagement team's
involvement in the audit
 Records of internal consultations on significant matters
 Records of important discussions with the entity (significant
matters)
 Schedule of Uncorrected Misstatements
 Others (specify)
2. I have sufficiently reviewed the draft audit report before it was
finalized and transmitted to the auditee.
I have reviewed related documents for significant audit matters.
I have approved the dropping of unimplemented audit
recommendation for the Recommendation Tracking Sheet after
evaluating the audit team report.
3. I have reviewed the Auditee Feedback Sheet and have discussed the
contents with the SA/RSA for feedback to the Team and for their
formal response, if necessary
4. I have read the formal justifications of the Team to the negative
feedback received and taken the necessary action
5. I have reviewed the Performance rating given by the Team on the
Agency and have instructed the SA/RSA to take the necessary
action.
6. I have given the Performance rating of the Team.
I have discussed the performance rating with the Team.
7. I have transmitted a copy of the Audit Report to the auditee.
I have sent the Auditee Feedback Sheet to the auditee.
Since the start of the audit, I am not aware of any matter that arose
that may have affected the independence, objectivity and
competence of the audit team.
Prepared by:
__(Signature over
printed name)__
CD/RD
Date
189
Appendix 5-2. Auditee Feedback Sheet
(Heading)
Auditee Feedback Sheet
Addressee: Date
Dear _____________________,
With reference to the financial audit of the ________________________________________________

please accomplish the attached feedback survey by placing check () mark on the items that best
describe the statements 1-12. We consider our audit clients’ feedback on our audit service very valuable
as this will enable us to ensure and to continually improve the quality of our audits.
Please send the filled-out survey directly to the Office of the Cluster/Regional Director, (Cluster/Region),
(Audit Sector), (Address) within five working days from receipt.
Thank you for your cooperation.
Very truly yours,

190
Agency Name: _______________________
Address: ____________________________
Date: _______________________________
Financial Audit Team to be rated

Calendar Year covered: _______________
Supervising Auditor/Regional Supervising Auditor: ____________________
Audit Team Leader: _______________________
Audit Team Members: _____________________
_____________________
_____________________
Remarks
Disagre Not (pls indicate
No Audit Quality Agree
e Done reason if you
disagree)
1 Requirements contained in the Engagement
Letter were adequately explained by the audit
team.
2 Entrance meeting was held and all questions/
comments were adequately addressed.
3 The objectives and scope of audit were
discussed.
4 The audit was completed within the timeframe
communicated.
5 The audit was conducted in a professional and
courteous manner.
6 The audit was conducted with minimal disruption
to our business.
7 The audit team kept us informed of key issues
throughout the audit.
8 The exit conference provided us the opportunity
to discuss our comments on the observations and
recommendations.
9 All our key concerns were attended to by the
audit team.
10 The audit observations and recommendations
contained in the audit report were properly
communicated.
11 The audit report reflected our comments and/or
actions taken/to be taken.
12 The overall audit provided value to the
organization.
191
Suggestions to improve future financial audits (Please use separate page if necessary.)
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_______________________________
Accomplished by:
Signature: ________________________
Name: ___________________________
Position/Designation: ______________
I fully concur with the answers given, and this form is approved for release to COA
Signature: ________________________
Name: ___________________________
Position/Designation: ______________
Date Approved: ___________________
192
Appendix 5-3. Supervising Auditor/Regional Supervising Auditor’s Evaluation
Form
SUPERVISING AUDITOR’S
EVALUATION FORM
Financial Audit
Agency __________________________________________________________________
Period Covered____________________________________________________________
Team Composition:
Name Position
Audit Team Leader
Audit Team Members
Remarks for
Supervising Auditor/Regional Supervising Auditor’s Evaluation Yes No "No" Answers
1. The financial audit was performed in accordance with the FAM based on my
review of the forms/templates/documents shown in the Completion
Compliance Checklist.
2. The Audit Team Leader and Team Members complied with the ethical and
professional standards of COA in accordance with COA Resolution No. 2020-
003.
3. The audit team’s proposed audit opinion is sufficiently documented and
discussed with me considering the reporting materiality threshold and the
qualitative conditions to come up with the appropriate Independent
Auditor’s Report. (Include only if applicable)
4. The critical issues have been addressed or have been discussed with me for
my proper action.
Considering my responses above, I am (satisfied or not satisfied) with the financial audit performed by
the audit team.
RATING
All ‘yes’ answers – Outstanding
3 ‘yes’ answers – Very Satisfactory
2 ‘yes’ answers – Satisfactory
1 and below ‘yes’ answers – Unsatisfactory
__________________________________________
Rated by:
Signature: ________________________
Name: ___________________________
Position/Designation: Supervising Auditor/ Regional Supervising Auditor
193
Date Approved:___________________
Appendix 5-4. Director’s Evaluation Form
DIRECTOR’S EVALUATION FORM

Financial Audit
Agency __________________________________________________________________
Period Covered____________________________________________________________
Team Composition:
Name Position
Supervising Auditor/Regional Supervising Auditor
Audit Team Leader
Audit Team Members
Remarks for
Director's Evaluation Yes No "No" Answers
1. The financial audit was performed in accordance with the FAM based on the
results of the Completion Compliance Checklist.
2. The audit team complied with the ethical and professional standards of COA
based on the feedback received from the agency and in case of negative
feedback, that the team's justification is acceptable.
3. The Audit Opinion rendered on the Financial Statements was the most
appropriate considering the results of the financial audit conducted. The
reason for the modified opinion is acceptable considering the reporting
materiality threshold and the qualitative conditions cited. (Include only if
applicable)
4. The required review process was performed and that critical issues have
been addressed or have been discussed with me for my proper action.
Considering my responses above, I am (satisfied or not satisfied) with the financial audit performed by
the audit team.
RATING
All ‘yes’ answers – Outstanding
3 ‘yes’ answers – Very Satisfactory
2 ‘yes’ answers – Satisfactory
1 and below ‘yes’ answers – Unsatisfactory
__________________________________________
Rated by:
Signature: ________________________
Name: ___________________________
Position/Designation: Cluster/Regional Director
Date Approved:___________________
194
195
Appendix 5-5. Financial Management Performance Rating

based on the financial audit performed on:
Agency: _____________________
Period: _____________________
Reliability of Financial Information Score Remarks

1. Audit Opinion rendered (20 points unqualified, zero for other opinions) 20
Adequacy of Internal control
2. Internal control survey indicated adequate control environment (5 points 5
adequate)
3. Ethical awareness seminars are conducted and have been attended by 75% of 1
all staff surveyed. (1 point)
4. Risk assessment is being performed to identify risks and responses to these 7
risks. (7 points)
5. Control activities including forms and reports required in the Internal Control 10
Policies, Procedures and Practices are in place (10 points)
6. An internal audit unit exists. (1 point if yes) 1
7. The internal audit unit reviews the internal control of the agency based on 5
reports received. (5 points if yes)
Compliance with Management Representation in the Engagement Letter
8. The requirements in the engagement letter were complied with by the agency. 15
- Submission of complete FS within the deadline set (5 points)
- Audit queries and request for documents were addressed on time (5 points)
- Submission of written representations required on time and near the date
of audit report (5 points)
Adjustments required by the auditor
9. All audit adjustments were considered by the agency and were taken up during 10
the audit period. (0-10 points)
Audit observations and recommendations
10. Observations and recommendations as a result of the audit were considered 2
and management has provided a time plan for implementing the
recommendations. (2 points)
11. Prior period recommendations were implemented during the current year. (0- 10
10 points)
Quality of financial statements furnished for audit
12. The Financial Statements were prepared in accordance with the prescribed 7
reporting framework.
13. The Accounting team that prepared the FS is composed of qualified accounting 2
staff.
14. Cooperation extended to the audit team 5
15. Total Score—perfect score 100
16. Indications of fraud and intentional errors (25)
196
90 to 100% of all applicable criteria Excellent
85 to 89% Very Satisfactory
75% to 84% of total applicable criteria Satisfactory
Below 75% Poor
Group Assessment of the Agency’s Financial Management Performance

We are giving a joint performance score of _______ %.
__(Signature over printed name)__ __(Signature over printed name)__

Supervising Auditor/Regional Supervising Auditor Cluster/Regional Director
Date: Date:
197
Appendix 5-5A. Financial Management Performance Rating
based on the financial audit performed on:
Agency: __________________________________
Period: ___________________________________
Score Remark
Reliability of Financial Information
1. Audit Opinion rendered (20 points unqualified, zero for other opinions)
Adequacy of Internal control
2. Internal control survey indicated adequate control environment (5 points
adequate) Ref: ALCC 1-5
Score = [(no. of yes/85)*5]

Note: 85 is the total question ALCC 1 to 5; If NA is checked, deduct from the
denominator
3. Ethical awareness seminars are conducted and have been attended by 75% of all
staffs surveyed. (1 point) Ref: ALCC 1.1 d & h, 1.3 d (check also remarks)
4. Risk assessment is being performed to identify risks and responses to these risks.
(7 points) Ref: ALCC 6-8

Note: 32 is the total no. of questions under 6 to 8; If NA is checked, deduct from
the denominator
5. Control activities including forms and reports required in the Internal Control
Policies, Procedures and Practices are in place (10 points) Ref: ALCC 9-11

Note: 22 being total questions under 9 to 11; If NA is checked, deduct in the
denominator
6. An internal audit unit exists. (1 point if yes) Ref: ALCC 15.2.1.a
7. The internal audit unit reviews the internal control of the agency based on
reports received. (5 points if yes) Ref: ALCC 15.1 (a-e)

Note: 5 is the total questions under 15.1 a-e; If NA is checked, deduct from the
denominator
Please check IA Audit Plan and audit reports

Compliance with Management Representation in the Engagement Letter
8. The requirements in the engagement letter were complied by the agency.
- Submission of complete FS within the deadline set (5 points)
- Audit queries and request for documents were addressed on time (5 points)
- Submission of written representations required on time and near the date of
audit report (5 points)
198
Score Remark
st
(1) date of 1 submission
Score = (no. of reports submitted on time/no. of required reports)*5
Note: Should be supported with Schedule of quarterly, year-end FS required
under Sec 60 (c) Chapter 15, Volume I of GAM
(2) Score = (no. of replies submitted on time/ no. of communication reports)*5
(3) Check MRL date. If delayed by:

1-5 days = 4 pts.;
6-10 days = 3 pts.;
11-15 = 2 pts.;
16-20 days = 1 pt.;
and more than 20 days = 0
Adjustments required by the Auditor
9. All audit adjustments were considered by the agency and were taken up during
the audit period. (0-10 points)
Score = (total no. of adjustments effected/total no. of adjustments)*10

PhPXX.XX were effected adjustments out of XX
Audit observations and recommendations
10. Observations and recommendations as a result of the audit were considered and
management has provided a time plan for implementing the recommendations.
(2 points) Ref: AAPSI submitted 60 days after the receipt of AAR (Sec 99; RA
11260)
 0 pt. = if no submission yet

 1 pt. = if AAPSI is submitted but without time plan for all recommendations
 2 pts. = if AAPSI is submitted with time plan for all recommendations
11. Prior period recommendations were implemented during the current year. (0-10
points) Ref: Check SIPYAR
Score = (Prior year recommendations fully implemented during the current year/
total unimplemented recommendations in immediately preceding year)*10
Quality of financial statements furnished for audit
12. The Financial Statements were prepared in accordance with the prescribed
reporting framework (7 points)
AOM on errors/deficiency
Computation will be based on planning materiality level.
The excess of total accounting error from planning materiality will be used in
computing the deduction to the perfect point of 7.
199
Score Remark
ex:
planning materiality: 5,800,000.00
Total accounting errors: 6,500,000.00
How to compute for the deduction:
Total Error: 6,500,000.00

Less
Materiality: 5,800,000.00
700,000.00 excess of error over materiality
Deduction is=(700,000.00/5,800,000.00)*7 = 0.84 point
Final score= 7- 0.84 = 6.16
13. The Accounting team that prepared the FS is composed of qualified accounting
staff. (2 points)
Accounting personnel, and their qualification:

 If the preparers of the FS are Accounting Major and CPAs – 2 pts.
 If none are CPAs but Accounting graduates only – 1 pt.
 if none are Accounting graduates – no point
14. Cooperating extended to the audit team. (5 points)
Note: Depends on the AT’s evaluation of cooperation by concerned management
personnel
15. Total Score – perfect score
16. Indications of fraud and intentional errors (-25 points)
90 to 100% of all applicable criteria Excellent

85 to 89% Very Satisfactory
75% to 84% of total applicable criteria Satisfactory
Below 75% Poor
Group Assessment of the Agency’s Financial Management Performance

We are giving a joint performance score of 75% (Satisfactory).
_________________________
Supervising Auditor Cluster Director
Date: Date:
200
Works Cited
Current Audit File. (2018). Retrieved March 6, 2018, from AuditingHelp.com:
https://auditinghelp.com/current-audit-file-13747
Auditing and Assurance Standards Council. (2011, March 11). AASC Alert Series 002 of 2011, Q&A on RR
15-2010 03-11-11. Retrieved December 2020, from Auditing and Assurance Standards Council
Philippines: https://aasc.org.ph/downloads/alerts/Publications/AASC-alert-002-2011.php
Bragg, S. (2018). Permanent File. Retrieved March 6, 2018, from accountingtools.com:

https://www.accountingtools.com/articles/2017/5/17/permanent-file
Nzechukwu, P. O. (2016). Internal Audit Practice from A to Z (1st ed.). Boca Raton, Florida: CRC Press.
201
Technical Working Group and Resource Persons
An output of the Technical Working Group under COA Office Order Nos. 2016-185, 2016-185-A,
2016-185-B, 2017-201 and 2021-002 and Resource Persons under COA Office Order Nos. 2017-781 and
2017-866, with the Assistance of National Consultant Juanita A. Villarosa and inputs from International
Consultant Karin Holmerin, Senior International Advisor, Swedish National Audit Office.
Assistant Commissioner Susan P. Garcia

National Government Sector
Assistant Commissioner Wilfredo A. Agito

Administration Sector
Director Irma S. Besas, Cluster 4, NGS
Director Estelita B. Catubay, Cluster 7, NGS
Director Arlene C. Pira, PMO, CHO
OIC Director Joycelyn R. Ramos, Cluster 1, NGS
OIC Director Marivel C. Broñola, Cluster 7, NGS
Auditor Digna Crescencia G. Filler, Cluster 4, CGS
Auditor Jesusa R. Gauang, DENR 1, Cluster 8, NGS
Auditor Marilyn B. Miran, BOC, Cluster 2, NGS
Auditor Carmela S. Zamora, UPS, Cluster 5, NGS
Auditor Cecilia E. Bernales, DOTr 1, Cluster 7, NGS
Auditor Jeannelyn V. Dulay, BJMP, Cluster 4, NGS
Auditor Andrew T. Garcia, PhilFIDA, Cluster 8, NGS
Auditor Mary Joy P. De Jesus, FAPS-DENR, Cluster 8, NGS
Auditor Jo Anne Bless A. Clavio, NPDC/IA, Cluster 7, NGS
Auditor Reneson S. Evangelista, QAO, PIDS
Auditor Mark Anthony G. Flores, QAO, PIDS
Auditor Vivian P. Reyno, OAC, NGS
Ms. Irah Joelle S. Nicdao, OAC, NGS
202

Financial Audit Manual Overview

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Financial Audit Manual Overview

Uploaded by

Copyright:

Available Formats

1

A. Basis for Manual Preparation

Principles of Value added

C. Project requirements and INTOSAI prerequisites

D. COA Audit Framework

Overview of the Financial Audit Manual

A. Objectives of Financial Audit

B. The Financial Statements Audit Process

Section 1: Preliminary Engagement Activities; Section 3: Audit Execution Phase;

Exhibit 3. Audit Activities by Phase

Evaluate misstatement (ISSAI 2450)

C. Applying the INTOSAI Financial Audit Guidelines (ISSAI 2000-2999)

4. Preliminary engagement activities will involve:

I. Ensuring Auditor’s Individual Declaration of Independence and Compliance with Relevant

8. Throughout the audit engagement, the CD/RD shall ensure that:

b. There are no threats to the independence of the auditors.

i. Gather and objectively evaluate evidence;

II. Defining the Terms of Audit Engagement

Table 2. ISSAIs related to written representations

B. Communicating the Terms of Engagement

Auditor’s Declaration of Independence and Compliance

As [team member/team leader/supervising auditor], I am part of the audit group/team of

A. Declaration of Independence and Compliance with Relevant Ethical Requirements

£ I, or any members of my family within fourth civil degree of consanguinity or

 I will exercise due professional care in conducting/supervising the audit and in

B.1: Relatives of the auditee

B.2: Business interests in the auditee

B.3: Previous employment with the auditee

B.4: Other circumstances

Signature over printed name Date:____________

Risks of Non-compliance Disposition/Safeguards

Signature over printed name Date:_____________

REPUBLIC OF THE PHILIPPINES

Attention: Chief Accountant

C. Agency Financial Management Performance

7. As part of the audit, we will assess agency financial management performance.

9. Management is responsible for:

9.1.1 Statement of Financial Position

F. Assistance from Management

12. We will request assistance for the following, among others:

G. Use and reproduction of COA audit reports

I. Auditee’s Feedback on Audit Team’s Performance

We look forward to your full cooperation during the audit.

__Signature over Printed Name__

Date Received by the Agency:

Management Representation Letter

Attention: The Supervising Auditor

Subject: Name of Agency/Corporation/LGU/Project Being Audited

Statement of Management's Responsibility for the Financial Statements

1. We have assessed the effectiveness of the [Agency/Corporation/LGU/Project's] internal control in

1. We have provided you with:

_____Signature over Printed Name____ _____Signature over Printed Name_____

2. Planning activities involve the following steps:

I. Preparing the Overall Audit Strategy

III. Conducting Final Risk Assessment

IV. Preparing the Audit Engagement Plan

I. Preparing the Overall Audit Strategy

a. Identify the characteristics of the engagement that define its scope;

 The size and complexity of the entity.

II. Conducting Preliminary Risk Assessment

A. Understanding Risks Principles

16. The three components of audit risks are:

a. Judgment – a high degree of judgment is involved in business transactions.

Signature over Printed Name

___Signature over Printed Name _Signature over Printed Name___