UNIT 1: SR as an Institution
What is attestation?
1. Notion of Isomorphism/Convergence
 The production of homogenous practices (i.e., the
reports), isomorphism is discernible in how SR
practices have institutional meaning and conform
to a set of converging expectations about
appropriate behavior.
2. Institutional Meaning
 Institutional meaning is evidenced here by the
existence of a shared language (e.g. notions such
as stakeholder engagement, materiality or triple
bottom line reporting) and by the development of
specific metrics. SR institution exists because SR
practices and expectations have converged around
a set of norms.
3. Stability of Practices
 SR has “become embedded in the operational
routines and practices of hundreds of large
companies in multiple countries” (Levy et.al.,
2010).
4. Being and Doing
 As institutional theory emphasizes, social
processes are characterized by stability and inertia,
and an important focus of this theory is the
explanation of why when something is
institutionalized it is not likely to change (Zucker,
1977).
 Will microenterprises like Carenderia, Vending Kiosks
prepare a Sustainability Reporting to be required by
DTI/LGU in terms of Economic, Environment, and Social
Impacts? Why?
CHAPTER 1: Importance of Auditing
Free Market Economy
 A free market economy exists only if accurate, reliable
data is available
 Auditors contribute to an effective capital market by
providing independent evaluations about the reliability
of an organization's financial statements or the
efficiency and effectiveness of various aspects of its
performance
What is auditing?
 Auditing is both more and less than public accounting
 More because it includes internal and operational
auditing, governmental auditing, and other services
that evaluate and report on managerial performance
 Less because public accounting firms provide a variety
of other assurance and non-audit services
Define Auditing
“A systematic process of objectively obtaining and
evaluating evidence regarding assertions about economic
actions and events to ascertain the degree of
correspondence between those assertions and established
criteria and communicating the results to interested users.
 Attestation involves gathering evidence about
assertions, evaluating the evidence against objective
criteria, and communicating the conclusion reached.
 Auditing is specific attestation service where the
auditor gathers evidence to determine whether the
financial statements are fairly presented in accordance
with Generally Accepted Accounting Principles and
issues an opinion to be used by third-party users,
management, and the Board of Directors
Auditing is all about evidence
 The auditor gathers evidence to determine if the
client's processes are working correctly, its financial
data are recorded and presented correctly, and its
financial statements as a whole are fairly presented.
 This implies that--
 the process of auditing is to gather and evaluate
evidence to test assertions
 the audit process is systematic
 the auditor must be independent of the entity audited
and the process followed in gathering evidence must
be unbiased
Discuss Management & GAAP
 When management prepares financial statements, they
assert that those statements are fairly presented in
accordance with GAAP
 GAAP is the criteria by which "fairness" of financial
statement presentation is judged
 However, the interpretation and application of GAAP is
difficult
 The auditor's task is to determine whether the financial
statements present fairly in accordance with GAAP
Comment on Communication
 Communication of audit results to management and
third parties completes the audit process
 To minimize misunderstandings, this communication
follows a prescribed format that states the
responsibilities of both management and the auditor,
summarizes the audit process, and expresses the
auditor's opinion on the financial statements
Define an Unqualified Audit Report & List Its Three
Paragraphs
 Most audits result in reports that do not contain
reservations about the fair presentation of the financial
statements.
1. Introductory paragraph - identifies company, statements,
and accounting periods examined, management's
responsibility for the financial statements, auditor's
responsibility for expressing an opinion
2. Scope paragraph - performance of the audit in
accordance with GAAS and limitations of the audit
3. Opinion paragraph - statements present fairly, in all
material respects, in conformity with GAAP
Why is there a need for assurance services?
1. Potential bias in providing information - management has
a vested interest in providing information that will make
management look good
2. Remoteness of users - most users do not have the
opportunity or time to interview management, tour
company facilities, or review financial records firsthand.
Instead, they rely on the financial statements
3. Complexity - many transactions are more complex than
they were a decade ago. Users depend on auditors to
ensure they are fairly presented and fully disclosed in
financial statements
Discuss the accounting profession’s decade of
unprecedented turmoil & change
1. The failure of one of the largest public accounting firms
(Andersen)
2. Four of the largest bankruptcies ever - each in companies
where financial statement misrepresentation had taken
place
3. Billions of investment and retirement dollars lost
4. Perception that auditors were not independent from their
clients
What was Congress’ response?
 Passing the Sarbanes-Oxley Act of 2002. That focused
on five critical improvements in how financial
information is presented.
1. Improved corporate governance
2. Reporting on internal controls
3. Greater independence of audit function
4. Acknowledgment of greater audit responsibility
5. Audit standard setting moved to a new quasi-public
organization
Improved Corporate Governance
 The lack of corporate governance was a major factor in
business failures; most notably, a failure of Boards of
Directors to oversee management, and effectively
utilize the audit function.
 Sarbanes requires Boards of Directors be independent
of the organization and exercise oversight over
management and the audit function
 Further, the Board of Directors, through its audit
committee, is the "client" of the public accounting firm.
Reporting on Internal Controls
 In most cases of major fraud, companies had poor
internal controls over financial reporting
 Sarbanes requires the CEO and CFO of SEC registered
companies to assess and publicly report on the quality
of its internal controls over financial reporting
Greater Independence of Audit Function
 The audit function must be independent and objective
if assurances are to be trusted by third parties. Auditor
independence has been strengthened by requiring:
1. The audit committee has the authority to hire and fire the
external auditors
2. Mandatory rotation of the audit engagement partner
every five years
3. Consulting work cannot be performed for audit clients
4. Increased oversight of potential independence conflicts
by the audit committee
 Non-public companies and smaller audit firms are not
required to follow all these guidelines
Audit Standard Setting Moved
 The public lost confidence in the ability of the
profession to serve the public interest. Sarbanes
created the Public Company Accounting Oversight
Board (PCAOB).
 The PCAOB has authority to develop audit standards for
audits of publicly traded companies.
 The PCAOB is also charged with performing peer review
of all public accounting firms that perform audits of
public companies.
 The PCAOB is comprised of five public members
appointed by the SEC. No more than two members can
be CPAs.
Discuss AICPA’s definition of assurance services
 The AICPA's Special Committee on Assurance Services
defines assurance as: "independent professional
services that improve the quality of information, or its
context, for decision makers."
 Assurance services involve three components:
 Information or a process on which the assurance is
provided
 A user or group of users who derive value from
the assurance provided
 An assurance service provider
What are the attributes needed to perform
assurance services?
1. Subject matter knowledge
2. Independence from parties requesting assurance
3. Agreed upon criteria to evaluate quality of presentation
4. Expertise in the process of gathering and evaluating
evidence
What are the levels of assurance provided?
1. Positive assurance (such as an audit opinion)
2. Limited or negative assurance (such as a review of
financial statements)
3. No assurance (such as a compilation of financial
statements)
The AICPA's Special Committee on Assurance
Services has identified six areas of potential service:
1. Risk Assessment - the quality of processes implemented
by an organization to identify, assess, and manage risks.
2. Business Performance Measurement - the processes to
identify, measure, and communicate alternative measures
of performance
3. Information System Reliability - the quality of controls to
ensure system security, reliability, timeliness, and accuracy
4. Healthcare Performance Measurement - provide
information about the quality of services provided by
healthcare providers
5. Electronic Commerce - provide assurance that systems
and tools are designed and functioning with integrity and
security
6. ElderCare Plus - provide assurance whether the needs of
the elderly are being met by various caregivers
What are attest services?
 Attest services are a subset of assurance services
 Attest services always involve evaluation of an
assertion made by one party to a third party
 Attest services always involve a report sent to a third
party
Requirements to Enter the Public Accounting
Profession
 Accounting and Auditing Expertise - in addition to
technical knowledge, auditor must have sound
conceptual understanding of financial reporting and
auditing
 Knowledge of Business and its Risks - auditor must
understand the basic structure of a business in order to
identify significant risks affecting the client
 Understanding Accounting System Complexity - auditor
must understand the challenges posed in a system in
which traditional source documents do not exist
Who Are the Providers of Assurance Services?
 The Public Accounting Profession
 The Internal Audit Profession
 The Governmental Audit Profession
The Public Accounting Profession
 More than 45,000 CPA firms in the United States,
ranging sole-practitioners to large multinationals such
as the Big 4.
 These firms provide a variety of services in the areas of
assurance and financial statement services, tax
planning and compliance, and consulting
 The SEC has prohibited accounting firms from providing
most consulting services to public companies that they
audit
 Such restriction on services has not been specified by
the AICPA or regulatory authorities for public
accounting firms that do not audit SEC registered
clients
Organization of CPA Firms
 The organizational hierarchy of CPA firms has been
described as a pyramidal structure.
 Partners (or owners) are at the top and are responsible
for the overall conduct of each audit
 Next, managers review the detailed audit work
performed by staff auditors
 Seniors are responsible for overseeing much of the day-
to-day activities on a specific audit
 Staff auditors perform the basic, detailed audit work.
 Partners and managers may be involved in a number of
audit engagements being conducted simultaneously;
seniors and staff are usually assigned to only one audit
at a time
The Internal Audit Profession
 Internal auditing is defined as
" an independent, objective assurance and consulting
activity designed to add value and improve an organization's
operations. It helps an organization accomplish its objectives
by bringing a systematic, disciplined approach to evaluate
and improve the effectiveness of risk management, control,
and governance processes."
Internal auditors add value to an organization by
 evaluating processes to identify and management risk,
develop and implement effective internal controls
 assuring management and the Board of Directors on
the company's compliance with policies or regulatory
requirements, or the effectiveness of processes and
operations
 providing consulting services such as analyzing
problems and identifying potential solutions
 performing operational audits designed to evaluate the
effectiveness, economy, and efficiency with which
resources are employed
 Its broad scope makes internal auditing an excellent
training ground for future management positions
Governmental Auditing Profession
 Employed by various Federal, state, and local agencies
 Governmental auditors perform all the types of audits
that internal auditors perform including compliance,
operational, and performance audits
Professional and Regulatory Organizations
 Philippine Standards on Auditng
https://www.aasc.org.ph/downloads/PSA/PSA.php
 FINANCIAL REPORTING FRAMEWORK
 Financial statements are ordinarily prepared and
presented annually and are directed toward the
common information needs of a wide range of users.
Many ofnthose users rely on the financial statements
as their major source of information because they do
not have the power to obtain additional information to
meet their specific information needs.
Professional and Regulatory Organizations
Thus, financial statements need to be prepared in
accordance with one, or a combination of:
a) accounting standards generally accepted in the
Philippines;
b) International Accounting Standards; and
c) another authoritative and comprehensive financial
reporting framework which has been designed for use
in financial reporting and is identified in the financial
statements.
Professional and Regulatory Organizations
 Framework for Auditing and Related Services
 This Framework distinguishes audits from related
services. Related services comprise reviews, agreed-
upon procedures and compilations. Audits and reviews
are designed to enable the auditor to provide high and
moderate levels of assurance respectively, such terms
being used to indicate their comparative ranking.
Engagements to undertake agreed-upon procedures
and compilations are not intended to enable the
auditor to express assurance.
 The Framework does not apply to other services
provided by auditors such as taxation, consultancy, and
financial and accounting advice.
Chapter 2 CORPORATE GOVERNANCE
- ENHANCING THE AUDIT FUNCTION
Define Corporate Governance
 "a process by which the owners and creditors of an
organization exert control and require accountability
for the resources entrusted to the organization. The
owners (stockholders) elect a board of directors to
provide oversight of the organization's activities"
List primary parties involved in corporate
governance
 Stockholders
 Boards of Directors
 Audit Committees of the Board
 Management
 Self-Regulatory Accounting Organizations (e.g. AICPA,
FASB)
 Other Self-Regulatory Organizations (e.g. NYSE, NASD)
 Regulatory Agencies (e.g. SEC)
 External Auditors
 Internal Auditors
What are SEC concerns regarding the auditing
profession?
 Auditors were no longer willing to confront clients over
questionable accounting practices
 Consulting fees were impairing auditor independence
 Accountants were using technical interpretations of
GAAP to push the limits of accounting
What are the Public Oversight Board (POB)
concerns?
 Analytical procedures used inappropriately to replace
direct tests of account balances
 Audit firms not thoroughly evaluating internal control
and applying substantive procedures to address
weaknesses in control
 Audit documentation, especially related to audit
planning, did not meet professional standards
 Auditors ignored warning signs of fraud and other
problems
 Auditors were not providing sufficient warning about
companies that might not continue as 'going concerns'
The Sarbanes/Oxley Act of 2002 was passed by
Congress in response to massive accounting
scandals.
Significant provisions include:
 Establishes the Public Companies Accounting Oversight
Board (PCAOB) with broad authority, including the
power to set auditing standards for audits of publicly
traded companies
 Requires the CEO and CFO certify the financial
statements
 Requires companies to provide a comprehensive report
on internal controls over financial reporting and that
auditors report on internal controls
 Audit Committees given expanded powers as the 'audit
client' and must pre-approve any non-audit services by
its external auditors
 Audit Committees must report their activities to the
public
 Audit Committees must have at least one person who is
a financial expert. Other members must be
knowledgeable in financial accounting and control
 Audit engagement partners, as well as other partners
and managers with significant roles in the audit, must
be rotated off the engagement every five years
 A "cooling off" period before an audit partner or
manager can take a high-level position with an audit
client without jeopardizing the independence of the
public accounting firm
 Increased disclosure of "off-balance sheet" transactions
or agreements that may have a material effect Requires
the GAO to study a number of issues including the
effect of consolidation on competition with the
accounting profession, and an analysis of mandatory
audit firm rotation
Sarbanes/Oxley granted the PCAOB broad authority
including the power to
 Set auditing standards - the PCAOB has chosen to set
auditing standards
 Set financial accounting standards - the PCAOB has
chosen to let the FASB continue to set accounting
standards
 Set standards for the reports on internal control and
risk management
 Perform quality reviews of public accounting firms and
recommend penalties if the firms fail to perform
 Establish quality control standards for the audits of
public companies
 Require all public accounting firms that audit public
companies to register with the PCAOB and become
licensed to perform such audits
What are auditor independence provisions?
 Prohibits audit firms from performing consulting work
for their audit clients (in most cases)
 Makes the Audit Committee the auditor's client
 Requires the Audit Committee to pre-approve any non-
audit services by the audit firm
 Requires partner rotation on all public company audits
every five years
Discuss Corporate Responsibility for Financial
Reports
 Sarbanes/Oxley Act requires the CEO and CFO to certify
the accuracy of the financial statements and provides
criminal penalties for misrepresentation
 The Act also--
 Requires management to describe whether they have
implemented a Corporate Code of Conduct
 Requires management to report on the effectiveness of
internal control over financial reporting
What is the enhanced role of audit committees
under Sarbanes?
 Is designated as the audit client
 Has oversight responsibilities over the internal audit
and financial reporting processes
 Must be comprised of "outside" directors, i.e. not
members of management or have other relationships
with the organization
 Must report on its activities, including the results of
significant discussions with the external auditor
Audit committee responsibilities include
 Be appraised of all significant accounting decisions
made by management
 Be appraised of all significant changes in accounting
systems and system controls
 Have authority to hire and fire the external auditor
 Review the audit plan and discuss audit results with the
auditor
 Have authority to hire and fire the head of the internal
audit function and set the budget for the internal audit
function
 Review the audit plan and discuss all significant results
 Receive all regulatory audit reports and meet with
regulatory auditors to discuss findings
What are the required communications to the
audit committee?
 Auditing standards (SAS 61) require specific
communications between the audit committee and the
external auditor:
 Auditor's responsibility under Generally Accepted
Auditing Standards
 Significant Accounting Policies
 Management Judgments and Accounting Estimates
 Significant Audit Adjustments
 Other Information in Annual Reports
 Disagreements with Management
Comment on Generally Accepted Auditing
Standards
 General Standards provide guidance in hiring and
training of auditors
 Fieldwork Standards help auditors plan and perform
the audit
 Reporting Standards help ensure clear communication
between auditor and statement users
General Standards
 The examination is to be performed by a person or
persons having adequate technical training and
proficiency as an auditor
 In all matters relating to the assignment, the auditor
must maintain an independent mental attitude
 Due professional care is to be exercised in the
performance of the examination and preparation of the
report
the report should contain a clear-cut indication of the
character of the auditor's examination, if any, and the
degree of responsibility the auditor is taking
Attestation Standards
 Financial statement audits are only a small part of the
demand for assurance services.
 Attestation standards have been developed to ensure
quality for a broader array of services beyond financial
statement audits.
 Such services include attesting to financial forecasts
and projections, pro forma financial information,
internal controls, compliance with contracts or
regulatory requirements, and agreed-upon procedures
 Similar to GAAS with the exception of
 Assertions are specific to the area on which the
attestation is being performed
 Practitioner must have adequate knowledge in
subject matter of the assertion
 Practitioner shall perform engagement only if the
assertion is capable of evaluation against an
established reasonable criteria and reasonable
consistent estimation or measurement
 The report provides assurance related to the
specific assertion

Fieldwork Standards
 The work shall be adequately planned and assistants, if
any, properly supervised
 A sufficient understanding of the entity and its
environment, including its internal control, is to be
obtained to assess the risk of material misstatement of
the financial statements whether due to error or fraud,
and to design the nature, timing, and extent of further
audit procedures
 Sufficient competent audit evidence is to be obtained
through audit procedures performed to provide a
reasonable basis for an opinion regarding the financial
statements under examination

Reporting Standards
 The audit report shall state whether statements are
fairly presented in accordance with Generally Accepted
Accounting Principles
 The audit report shall identify those circumstances in
which accounting principles have not been applied on a
consistent basis with the preceding period
 Informative disclosures in the financial statements are
to be regarded as reasonably adequate unless
otherwise stated in the audit report
 The audit report shall contain either expression of
opinion regarding the financial statements, taken as a
whole, or an assertion that an opinion cannot be
expressed. When an opinion cannot be expressed, the
reasons should be stated. In all cases where an
auditor's name is associated with financial statements,
Overview of Audit Process: A
Standards-Based Approach(1)
 Planning the Audit
 Understanding with the Audit Client
 Scope of services to be provided
 Management responsibilities
 Coordination of work with client personnel
 Audit fees and expectations of each party
 Develop an Understanding of Materiality
 Audit must be planned to provide reasonable
assurance that material
misstatements will be detected
Overview of Audit Process: A Standards-
Based Approach(2)
 Develop a Preliminary Audit Program
 Develop understanding of client business and
industry
 Develop understanding of risks client faces and
how they might affect
the company's financial statements
 Develop understanding of management compensation
plans and how those
 plans may motivate management actions
 Develop preliminary understanding of client's internal
controls over
 financial reporting
 additional evidence. This will lead auditor to one of
three states:
 Auditor reaches a conclusion and the client agrees
to adjust the
 financial statements
 Auditor reaches a conclusion, but the client disagrees.
The auditor
 will issue a report describing the differences in
opinion
 Auditor is unable to reach a conclusion and the
amounts are so
 material, the auditor cannot render an opinion
Overview of Audit Process: A Standards-
Based Approach(6)
 Reach an Audit Conclusion and Issue a Report
 For most engagements, the auditor will reach a
conclusion that the financial statements are fairly
stated and will issue an unqualified audit report
 Before issuing the report, the auditor will meet with
the audit committee to discuss the audit process and
the overall fairness of the company's financial
statements

Overview of Audit Process: A Standards-Based

Approach(3)
 Develop audit program on audit risk, internal control
quality,
 accounting assertions, and materiality
 Develop understanding of client's accounting policies
and procedures
 Anticipate financial statement items likely to require
adjustment
 Identify factors that might require modification of audit
tests
 Determine the type of reports to be issued

Overview of Audit Process: A Standards-Based

Approach(4)
Gathering Audit Evidence: Testing Assertions
Third Standard of Fieldwork requires auditor to gather
"sufficient, competent, evidential matter" in order to reach
a conclusion on the fairness of the financial statements
 Audit Process is Designed to Examine Assertions
 The assertions inherent in the accounting
communication: existence,
 completeness, rights and obligations,
valuation, and disclosure/
 presentation

Overview of Audit Process: A Standards-

Based Approach(5)
Summarize Audit Evidence and Reach Audit Conclusion
 If the evidence supports fair presentation, auditor can
move on to
 other areas of investigation
 If the evidence does not support fair presentation,
auditor will gather