Professional Documents
Culture Documents
ASP301
Auditing and Assurance
Principles
STUDENT
Name:
Student Number:
Program:
Section:
Home Address:
Email Address:
Contact Number:
PROFESSORS
Name: AUREA B. NATIVIDAD /RONNELSON S. PASCUAL
Academic Department: DEPARTMENT OF BUSINESS EDUCATION
Consultation Schedule:
Email Address: aureabnatividad105@gmail.com / ronnelson.pascual@yahoo.com.ph
Contact Number: ABN 09256093145 / RSP 09432027827
General Instructions
1. Read your textbook, if you have, for an initial understanding of the topic.
1. 2. Pay attention to the illustrations and explanation, make sure to follow all that is being
required to you by the professor.
3. As you study the module, please prepare mind map for every lesson.
5. Provided here with you is the checklist for submission. Make sure to separate each
Enrichment, Assessment, and Mind map per lesson, staple it individually. Please put
your name on each activity for proper recording. Proper filing and recording is one of
the good traits of an accountant.
6. If this module will not be printed, kindly write all your answers to enrichment and
assessment on a yellow paper, the mind map will be on a bond paper. For the multiple
choice questions, write the correct letter only.
7. If this will be printed, the assessment and mind map will be submitted on bond paper
and the enrichment only on yellow paper.
CCC BSA students shall maintain honesty and integrity at all times.
8. Contents of this material are owned by the City College of Calamba. You may not
reproduce, distribute, publish, display, modify, create derivative works, transmit nor may
you distribute any part of this or offer it for sale, or use it to construct any kind of
database.
VI. Module Outcomes At the end of this course, the students shall be able to
1. Skillfully apply learned knowledge, theories, concepts and principles
required by their course in performing their profession
2. Fulfil their professional obligations as required by the standards of the
industry or their profession
3. Manifest excellence in their respective fields through licensure
examinations, job acquisition, and practice of profession.
4. Manifest moral uprightness by observing proper decorum and conduct at all
times and displaying the qualities of a person with high professional and
ethical standards.
5. Manifest understanding on standards and carefully following each standard
in order to maintain high quality of the service
Lesson Objectives:
1. State the meaning of Auditing and the Financial Statement Audit
2. Enumerate types of Audit and identify examples of Auditing firms
3. Define the types of Audit and Auditors
4. Illustrate the definition of Auditing
5. Give examples of situations in businesses that will demand for a financial statement audit.
Getting Started
Good day! Welcome to Auditing and Assurance Principles Course. Before I continue, I want to congratulate you
for finishing IA1, IA2 and IA3, job well done. I would like to orient you first on what you are going to expect here in this
course. First, you might be bored (hehe) since this is pure theoretical discussion of the auditing and assurance principles,
NO COMPUTATION YET, don’t worry because after you take this, you are going to receive the computation part
already and that is Auditing Practices.
I would also like to inform you that you have to change your point of view here, from the point of view of an
accountant who is preparing financial statement in IA1, IA2 and IA3, you are now going to have the point of view of an
auditor here. If in the previous courses you studied the initial and subsequent recognition of an account making sure it
followed the standards in GAAP or IFRS, and you also made sure that in those courses that you took all your recordings
are complete, properly valued, accurate as to its rights and obligation and disclosures and your final output here is
properly presented Financial Statement. In this course, you are going to verify if all the assertations by the entity is in
correspondence with the criteria such as GAAP or IFRS, and here your final report is the Auditor’s report. So, better yet,
you must change your point of view at this time and refer to yourself as auditor. So, let us start the ball rolling.
Definitions of audit
There are different definitions of audit from different bodies, you are encouraged to know them by heart.
To enable the auditor to express an opinion whether the financial statements are prepared, in all material respects, in
accordance with an identified financial reporting framework. (Philippine Standards on Auditing)
This definition is limited only to Financial statement audit. Accountant is not only limited to financial statement audit but
can also conduct operational audit and compliance audit. Therefore, the more applicable definition is the American
Accounting Association definition.
“An audit is a systematic process of objectively obtaining and evaluating evidence regarding assertions about economic
actions and events to assertion the degree of correspondence between those assertions and established criteria and
communicating the results to interested users.” (American Accounting Association)
Audit as systematic process – there is a step by step process that the auditor needs to follow. Remember that you are going to
increase the reliability of the financial statement or a report therefore the process of auditing must be followed properly.
Audit involves obtaining and evaluating evidence about assertions regarding economic actions and events – There are many
ways in obtaining evidence in an audit, reperformance, recalculation, analytical procedures, observation and many more. These
evidences are being obtained and evaluated whether it supports the assertion (claim) of the entity that it follows the standards in
recording economic actions and events.
Audit is conducted objectively – the auditor should conduct the audit without any bias. Not partial in any conclusion that he is
about to make.
Auditors ascertain the degree of correspondence/connection between assertion and established criteria - The business has a
claim regarding their reports in financial statement such as it is free of material misstatement, the financial statement is presented
in accordance with the Philippine Financial reporting standards (being referred to as criteria), these claims /assertions ( that the
report is complete and free of material misstatement) will be verified/checked by the auditor if the business really follow the
standards/criteria in reporting.
Auditors communicate the audit results to various interested users - The main objective of auditing is to issue an auditor’s
report that is to be used by the intended users, such as bankers, investors, employees, management and many more, for them to
make an economic decisions. Intended users preferred an audited financial statement since this increase or decrease the
credibility of the financial statements.
NOTE: Assertions – are representations made by an auditee about economic actions and events.
Established Criteria – users basis against which assertions have been evaluated or measured.
Assertions made by That the financial statement That the organization has That the organization’s activities
the auditee are fairly presented complied with laws, are conducted effectively and
regulations or contracts efficiently
Established criteria Financial reporting Laws, regulations and Objectives set by the board of
standards or other financial contracts directors
reporting framework
Application:
Search examples of companies who provide a external auditing services. Name those companies and check the services
that they render.
The auditors who perform compliance audit on the other hand are being hired by the government, they are Certified
Public Accountants or Accountants that are being hired by the government to check if the government agencies (such as
NEDA, DENR and many more) or local government units in our case is the City of Calamba, are complying with Laws
and regulations. This auditors to government agencies are called COA or Commission on Audit. While the auditors on
compliance of laws and regulations to the private companies are called BIR or Bureau of Internal Revenue. Their main
goal is to report on the degree of compliance in laws and regulations.
Application:
Research, about the COA and BIR auditors. What are the differences of the two.
Application:
Research on samples of internal audit report and compare the differences between the Financial statement audit report
and the Compliance audit.
In summary, if you are going to read the definition of audit according to American Accounting Association, this applies
to the three types of audit. In this course, we will focus our discussion in the Financial Statement Audit.
The management (responsible party) is responsible for the preparation of the financial statement that is in accordance
with the financial reporting framework (PFRS or IFRS). The prepared financial statement, will then be evaluated by
the auditor as to the degree of following the standards in recording in accordance with the management assertion. After
evaluating evidences and checking on the degree of correspondence to standards and management assertion then the
auditor will prepare the audit report that will increase or decrease the credibility of the financial statement, that will
then be the basis of the users of financial statement in their decision making.
There are three levels of assurance that can be provided in assurance services, please see below for the explanation. The
Reasonable assurance, is the assurance that is being provided in an audit of financial statements.
Level of assurance
Absolute assurance – in this level of assurance it means that the financial statement is free of error, meaning 100% of the document
will be examined. It will take a longer period of time to examine everything and it is more costly, that is why this level of
assurance is NOT being provided during an audit.
Reasonable assurance - In this level of assurance, the assurance that you are giving here is a moderate level of assurance, this
means that the financial statement is free from material misstatement taken as a whole, there is still a possibility of error because
sampling is being done to obtain a representation, from the whole population. This type of assurance is being provided in a
financial statement audit.
Limited assurance - while in here this a type of assurance that very limited, this is done in a review statement.
An Audit conducted in accordance in accordance with Philippine Standards on Auditing (PSAs) is designed to provide
only reasonable assurance that the financial statements taken as a whole are free from material statements. That is
because of inherent limitation.
Factors result to inherent limitation
1. The use of testing/Sampling Risk
2. Error in application of judgment/Non-sampling Risk
3. Reliance on management representation
4. Inherent limitations of the client’s accounting and internal control systems
5. Nature of evidence
Reasonable Assurance is the assurance that the auditor provides because of these inherent or the natural limitation of
the audit based on the Standards on Auditing.
1. The use of testing /Sampling Risk
In an audit, sampling is being done to gather evidence that will represent the whole population. Meaning if the
samples that had been gathered is NOT a proper representation of the whole population wrong conclusion or report will
be prepared. The figure below, will show that the sample might not represent the whole population because the sample
that you got does not have error or have minimum error while the if you are going to check the whole population it will
consists a lot of error.
Population
Sample
1. Comply with the “Code of Professional Ethics for Certified Public Accountant”
2. Conduct an audit in accordance with Philippine Standards on Auditing
3. Plan and Perform audit with an attitude of professional skepticism
To properly conduct an audit of financial statements the auditor should follow the general principles governing the audit
of financial statements.
Complying with the Codes of Professional Ethics for Certified Public Accountants, these principles are necessary
since the public are putting their trust to the works of the auditors, integrity, objectivity, and concern for the public
rather than self interest should be practiced by the auditor.
Since, auditors are increasing the credibility of the financial statement, there must be certain standards that all auditors
should follow to maintain the credibility of all the works of the auditor, and that standards is being called as Philippine
Standards on Auditing.
Professional skepticism is an attitude of having a questioning mind or need to have a critical assessment that you as an
auditor should recognize the possibility that financial statement is materially misstated. That means that if you are
going to conduct a financial statement audit, you always have to put in mind that the financial statement that you are
going to audit might be wrong, in this case you will be alert on how you are going to evaluate the financial statement.
▪ Need for an independent financial audit
1. Conflict of interest between management and users
2. Expertise
3. Remoteness
4. Financial consequences
Why need an independent financial statement audit?
Conflict of interest between users and management - users like the bank wants a truthful report so that when they are
going to grant a loan they will be assured that the business is going to pay them back without any delay. On the other
hand, businesses wanted to have a loan from the bank that is why there is a possibility that they will do everything to
0btain the loan even to the point of presenting a wrong financial statement. In this case, the bank will require for an
audited financial statement.
Expertise- the users of the financial statements are not so familiar or expert pertaining to financial statement reporting
that is why they need auditor’s (an expert in accounting field just like an accountant ) to verify reliability of the
financial statement.
Remoteness – Banks, stockholders, creditors and Board of directors (these are the samples of the users of the financial
statements ) were not able to access the information or the details of the financial statement or the entity’s record, that is
why they need a third party who is an auditor to verify the record of the management .
Financial Consequences – Since the financial statement is the language of the business, and the decision makers are
after the result of the financial statement so that they can make an informed economic decisions. The users of the
financial statements wants that this report must be audited first before they can rely to it, remember that the audit report
increases or decreases the credibility of a financial statement.
2. The auditor should always maintain independence with respect to the financial statement under audit. Since,
the auditor is going to increase the reliability of the financial statement, he/she must maintain the independence
in mind and appearance so that the users of financial statement will rely fully on that report. Why? To
maintain objectivity of the auditor while doing the audit and specially preparing a report.
3. Auditor/Client agreement - there should be no long term conflict between the management and the auditor,
short term conflict may exist during the conduct of the audit in case there are disagreements on principles and
other standards, however, it will be hard is there is a long term conflict between the two because the auditor’s
report might be directly affected by this conflict or the management might not cooperate during the audit.
4. Effective internal control reduces the possibility of errors and fraud affecting the financial statement – Internal
control is the system that is being applied inside the business to efficiently and effectively manage the
operation, and it says that if there is an effective internal control there is a big possibility that there is less error
that may be present in the financial statement. Why? Because there will be proper recording of transactions,
error/fraud will be lessened if the internal control is in place and properly implemented.
5. Consistent GAAP or PFRS application results in the fair presentation of the financial statement.
6. Validity of prior information the previous audit that has been conducted by the auditors in a company can be
used as a basis for audit procedures of the current year.
7. An audit benefits the public. The users rely on the financial statement as their major source of information for
their decision making.
Summary of the Lesson
✓ Audit is a systematic process of objectively obtaining and evaluating evidence regarding assertions about
economic actions and events to assertion the degree of correspondence between those assertions and established
criteria and communicating the results to interested users.” (American Accounting Association)
✓ There are three types of audit, the compliance audit, operational audit and financial statement audit.
✓ There are three types of auditors, the government auditors, internal auditors and the external auditors.
✓ There are three levels of assurance absolute assurance, reasonable assurance and the limited assurance. The
reasonable assurance is the type of assurance that is being provided in the financial statement audit.
✓ Auditing is a type of assurance services, there are many assurance services that are being practice right now since,
this increase the credibility of an entity.
✓ Example of big auditing firms are the following SGV & Co. (SyCip Gorres Velayo & Co.) (affiliate of Ernst and
Young), Manabat Delgado Amper & Co., (formerly C.L. Manabat & Co.) (affiliate of Deloitte Touche Tohmatsu
(DTT), Isla Lipana & Co. (formerly Joaquin Cunanan & Co.) (affiliate of Pricewaterhouse Coopers)
Enrichment Activities
1. Why do we need assurance services?
2. Is assurance services only applicable in accounting profession? Explain your answer.
3. In your own word, please define auditing?
4. Who hires the external auditor?
5. What is reasonable assurance, why does the financial statement can provide only reasonable assurance?
d. Provide users with an unbiased opinion about the fairness of information reported in the financial
statements
9. The level of assurance provided by an auditor on an audit report is
a. low c. moderate
b. high d. none
10. Which of the following is not one of the general principles governing the audit of financial statements?
a. The auditor should plan and perform the audit with an attitude of professional skepticism
b. The auditor should obtain sufficient appropriate evidence primarily through inquiry and analytical procedures
to be able to draw reasonable conclusions
c. The auditor should conduct the audit in accordance with PSA
d. The auditor should comply with Philippine Code of Professional Ethics.
11. Which of the following statement about independent financial statement audit is incorrect?
a. Scope of the audit refers to audit procedures deemed necessary in the circumstances to achieve the
objectives of the audit.
b. The auditor’s opinion enhances the credibility of the financial statements
c. The phrase used to express the auditor’s opinion is “present fairly in all material respect”
d. The risk that the auditor will fair to uncover material misstatement is eliminated when the auditor
conducts the audit in accordance with PSAs.
12. Which one of the following is not among the conditions that give rise to a demand by external users for
independent audits of financial statements?
a. Remoteness of users
b. Complexity of making economic decisions
c. Potential conflict of interest between users and preparers of the statement
d. Consequence for making decision
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
Getting Started
After we had studied the overview of Auditing, we will now go the professional standards that govern the
auditing profession.
The Board of Accountancy promulgated ten generally accepted auditing standards (GAAS) that establish required level of
quality for performing financial statement audits.
Philippine Standards on Auditing (PSAs) are issued to clarify the meaning of these ten GAAS.
Generally Accepted Auditing Standards (GAAS)
GAAS represent measures of the quality of the auditor’s performance, these standards must be looked at as a
minimum standard of performance that auditors should follow. These are 10 GAAS that are being divided into three
groups the General Standards, Standards of Fieldwork and Standards on Reporting.
Technical Training and Proficiency - the examination of the financial statement is to be conducted by person or
persons having adequate training and proficiency as an auditor. The auditors must be updated with latest standards,
rulings and regulations.
Independence - In all matters relating to audit, it is important for the auditor to maintain its independence both in
independence in mind and in appearance. You should have no bias at all times. What is independence in mind, that
means that you will be objective in the conduct of the audit no matter what, this is your personal stand. Independence
in appearance is if the public or other person will look at you they will be convinced that you are independent from the
FS that you are auditing, you don’t have any interest in the entity, interest means, you are not a stock holder or a
member of management or your family member is not related to the entity that you are auditing.
Due Professional care - this is to be exercised by the auditor in the performance of the audit and the preparation of the
report. This means that diligence and professional care is expected in the conduct of the audit.
Planning – the work is to be properly planned and assistants, in any are to be properly supervised. The audit is to be
planned properly by the auditor. Planning is an important step in audit, because the proper execution of an audit
depends on its effective planning.
Internal control consideration – the internal control is to be properly studied and evaluated to check on the possible
reliance on internal control, because the possible reliance on internal control will determine the extent of the audit.
This means that if the auditor is convinced that the internal control is effective and implemented, the substantive test or
gathering of evidence will be lessened .
Evidential matter - Sufficient competent evidential matter is to be obtained through inspection, observation, inquiries
and confirmations to afford a reasonable basis for an opinion regarding the financial statement under examination.
Generally Accepted Accounting Principles - The report shall state whether the financial statement is presented in
accordance with generally accepted accounting principles
Inconsistency – The report shall identify those circumstances in which principles have not been consistently observed
n the current period in relation to the preceding period. IF there is an inconsistency in the application of the standards
this must be presented in the report.
Disclosure - Informative disclosures are to be regarded as reasonably adequate unless otherwise stated in the report.
There are information that are not present in the face of the Financial statement but must be known to the user therefore
proper disclosures must be done.
Opinion – The report shall either be contain an expression of opinion regarding the financial statements, taken as a
whole or an assertion to that effect that an opinion cannot be expressed. Whenever, the opinion cannot be expressed the
reasons therefore should be stated. In all cases, when an auditor’s name is associated with the financial statements the
report should contain a clear indication of the character of the auditor’s examination if any and the degree of the
responsibility he is taking.
Under the Philippine Standards on Quality Control (PSQC), a firm has an obligation to establish a system of quality
control designed to provide it with reasonable assurance that the firm and its personnel comply with professional
standards and regulatory and legal requirements, and that the report issued by the firm are appropriate in the
circumstances.
First, the public is relying on our audit, the auditing firm has to maintain the quality of the work of each personnel in the
firm to ensure that the process in conducting the audit according to standard is being followed. What is the auditing firm?
It is a company that provides auditing services, there are big auditing firms and small auditing firms please see the
summary section in the previous lesson. Second, the audit is usually being conducted by team so implementation of
quality control is important to maintain the quality of the audit, meaning the implementation of the audit will be in
accordance with standards. It is only by implementing quality control policies and procedures that CPA’S can ensure that
all members of the audit teams perform the same level of quality work.
LEADERSHIP RESPONSIBILITY FOR QUALITY ON AUDITS – Audit firms shall establish policies and
procedures designed to promote an internal culture based on recognition that quality is essential in the performance of the
audit.
The engagement partner shall be responsible for the overall quality of the audit. An engagement partner is the one who
signing the audit report and should set an example for the maintain the quality of the audit.
The audit firm, for example SGV, specifically the engagement partner of SGV, shall make sure that the established
policies of the firm to promote internal culture on recognition of quality of the audit shall be followed.
ETHICAL REQUIREMENTS
The firm shall establish policies and procedures designed to provide it with reasonable assurance that the firm and its
personnel are complying with ethical requirements which include:
a. Integrity
b. Objectivity
c. Professional competence and due care
d. Confidentiality
e. Professional behavior
It is the responsibility of the engagement partner to make sure that the engagement team is complying with this ethical
standard. If ever there is non-compliance, the engagement partner must be properly resolved and documented the non-
compliance.
Integrity, Objectivity, Professional competence and due care, confidentiality and professional behavior are the ethical
requirements that has been set by the standard to be followed by the individual practitioner and even the auditing firm.
It says that the policies and procedures of the auditing firm should ensure that these ethical requirements is being
followed, and the engagement partner particularly is the responsible for the implementation of this standard.
INDEPENDENCE
The firm should establish policies and procedures designed to provide it with reasonable assurance that the members of
the engagement team, the firm and, where applicable, the network firms maintain independence when providing assurance
services.
The engagement partner’s responsibility is to form a conclusion on compliance with independence requirements that
apply to the audit engagement. The engagement partner should
a. Obtain relevant information to identify circumstances and relationships that create threats to independence;
b. Evaluate information on identified breaches of the firm’s independence policies and procedures to determine whether
they create a threat to independence
c. Take appropriate safeguards to eliminate such threats or reduce them to an acceptable level; and
One of the theoretical framework of auditing is independence, this is an important framework and even standard to
follow by the firm and practitioners since this will directly affect the trust of the users in case it has been found out that
the auditor is biased in the conduct of his audit.
That is why the firm shall have policies and procedures to make sure that independence is being followed by the firm,
audit team, auditors or even network firms.
Again it is the responsibility of the engagement partner to form a conclusion about the independence of the audit firm
and the audit team, the engagement partner should follow the steps stated above to check the independence of the audit
team or the firm.
Threats to independence is the possibility of the auditor not being independent to the entity.
Safeguards are actions to reduce the threat meaning to make sure that the auditors will be independent from the entity
being audited.
The engagement partner should be satisfied that appropriate procedures regarding the acceptance and continuance of
client relationships and specific audit engagement have been followed and that conclusions reached in this regards are
appropriate and have been documented.
Not all clients are to be accepted into engagements, there are times that you are to turn down clients due to
integrity issue. Remember that you are going to provide an opinion in their financial statement, but if you are going to
associate your name to a gambler or drug dealer or any business that do not have that integrity, basically you are going
to put your auditing firm at risk and worst the whole auditing profession.
Not only the entity is going to be evaluated, but also the competence of the audit firm, meaning the firm
itself shall evaluate whether a certain engagement shall be accepted. Does the firm can make the audit with professional
care considering its time, capabilities and its resources.
Recruitment
Performance evaluation, compensation and promotion
Since the audit is providing its expertise in this field, proper human resource development should
implemented in its personnel. That is why the audit firm must include it to its policies and procedures, from
recruitment to assignment to engagements. There shall be no practitioners in auditing shall be hired without proper
qualifications and trainings, this is based on the general standards, technical proficiency and adequate training.
If you are hearing some news from audit practitioner, you will notice that their pay is not that high but, they
have a good succession plant and career development. You are going to notice that almost all of the CPA who became
an auditor first especially those who are coming from big 5, is every marketable. Every season, the auditors are being
promoted as long as they are satisfying all the requirements and trainings.
ENGAGEMENT PERFORMANCE
The firm should establish policies and procedures designed to provide it with reasonable assurance that
engagements are performed in accordance with professional standards and other regulatory and legal requirements and
that the audit report issued is appropriate in the circumstances
Direction
Assistance should informed of their responsibilities, that nature of the entity’s business, potential problems that may arise
and the detailed approach to the performance of the engagement.
Supervision
This involves monitoring the progress of the audit resolving accounting and audit issues, and considering the level of
consultation appropriate for the engagement.
Review
Work performed by assistants should be reviewed to consider whether the audit procedures, evidence and documentation
are appropriate to support eh conclusion reached.
Consultation
The firm should establish policies and procedures that encourage firm personnel to seek assistance from authoritative
sources either within or outside the firm.
The engagement performance is the actual field work of the audit, and it must follow certain quality
standards that is why it is expected from the audit firm to establish policies and procedures that will guide the
personnel in conduct of the field. Please take note that the engagement partner is the primary responsible for all of
these. These are direction, supervision, review and consultation. It says that the staff must be properly assisted and
supervised by their immediate head to make sure that they are achieving the objectives of the audit, also, it is
important that the work of the staff or the auditors must properly reviews, and consultation shall be done if in case
there are issues to be resolved that is beyond the knowledge of an auditor.
The engagement quality control review is that is being done towards the end of the audit process to make sure that
the quality of the report is being reviewed by an another party evaluating the significant judgements made and
conclusion reached in formulating auditor’s report.
This quality control review shall be practiced by the auditing firm to once again check the quality of the report to be
issued.
Difference of Opinion
The engagement team should follow the firm’s policies and procedures for dealing with and resolving differences of
opinion that arise within the engagement team, with those consulted and, where applicable, between the engagement
partner and the engagement quality control reviewer.
The engagement partner should inform the members of the engagement team to bring matters involving differences of
opinion to the attention of the engagement partner or others within the firm as appropriate without fear of reprisals. The
audit report should not be issued until the matter involving differences of opinion is resolved.
Differences on opinion happens after the quality control review procedures, and this differences of opinion should
resolved according to policies and procedures, the engagement partner is responsible to resolve the issue in
differences in opinion.
Monitoring
The continued adequacy and operational effectiveness of quality control policies and procedures is to be monitored.
Policies and procedures must be adopted to provide reasonable assurance that the systems of quality control and relevant,
adequate and operating effectively.
The firm’s quality control policies and procedures should be communicated to its personnel in a manner that provides
reasonable assurance that the policies and procedures are understood and implemented.
The audit firm shall continue to monitor the adequacy and operational effectiveness of control policies and
procedures and making sure that this quality control procedures are being communicated, understood and
implemented by the audit firm.
All audit firms must obtain certification of accreditation to practice public accountancy, the practitioner will be
accredited once he/she completed the requirements asked by BOA, and somehow this is costly.
Enrichment Activities
1. Why do we need to maintain professional standards in Auditing?
2. What is GAAS and why is it needed in the practice of auditing?
3. Explain each group of GAAS and why these are important?
Assessment
Lesson 2 - THE PROFESSIONAL STANDARDS
Name: ___________________________________________ Section: _____________ Score: __________
9. The person responsible for the audit engagement and its performance, and for the auditor’s report that is issued in
behalf of the firm is the
a. quality control reviewer c. engagement partner
b. client’s management d. audit manager
10. Which of the following quality control objectives would be atleast important to the auditor?
a. Engagement performance c. Determination of audit fee
b. Human Resources d. Independence
11. Which of the following quality control policies and procedures does not relate to human resources and
assignment?
a. Emphasize independence of mental attitude in training programs and in supervision and review of the audits
b. Monitor the effectiveness of recruiting programs
c. Identify criteria which will be considered in evaluating individual performance and expected proficiency.
d. Identify on a timely basis the staffing requirements of specific audits.
12. In pursuing a CPA firm’s quality control objectives, a CPA firm may maintain records indicating which partners
or employees of the CPA firm were previously employed by the CPA firm’s clients. Which quality control
element would this be most likely to satisfy?
a. Monitoring c. Independence
b. Assignment d. Skills and Independence
13. In compliance with the element of human resources, the firm should address issues relating to
a. engagement performance
b. assignment of engagement teams
c. consultation
d. differences of opinion
14. In making a decision to accept or retain a client, the firm should consider
a. Its competence
b. Its ability to comply with ethical requirements
c. The integrity of the client’s management
d. All three should be considered.
https://www.accountingtools.com/articles/analytical-procedures.html
https://smallbusiness.chron.com/examples-internal-controls-57039.html
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
Getting Started
Usually the there is a wrong connotation with the auditor, whether that is internal auditor or external auditor, most of
the times the clients are thinking that they are here to look for the error and fraud in the entity. But no, that is not the main
objective of the audit. Please read on for you to understand what is the point of view of the auditors pertaining to Fraud,
Error and Non-compliance.
ERROR
Unintentional misstatements or omissions in financial statement, including the omission of an amount or a disclosure,
such as:
Examples:
o Mistakes in the underlying records and accounting data
o Incorrect accounting estimate or principles
o Mistake in the application of accounting policies
FRAUD
o An intentional act by one or more individuals among management those Charged with Governance,
Employees, Third parties, involving the use of deception to obtain an unjust or illegal advantage.
o The auditor’s primary concerned is that fraudulent acts that cause a material misstatement in the financial
statement.
In auditing the financial statement, it is the responsibility of the auditor to design the audit to provide a
reasonable assurance of detecting material misstatement in the financial statement. Please take note that it is not the
main responsibility of the auditor to search for errors or fraud. However, because of this procedure in providing
reasonable assurance in detecting material misstatements, error, fraud or non-compliance will be discovered.
We, all know the difference between fraud and error is the intentionality. Error is unintentional while fraud is
intentional, though in fraud, the auditor is primarily concerned only in fraudulent acts that cause a material
misstatement in the financial misstatement. There is a thin line in identifying the difference between the two, that is
why the auditor should practice his professional judgement and further investigate if there is a need.
What is being discussed above is the types of fraud, wherein you will notice that the perpetrator are coming from
two levels the upper level of management and the lower level of fraud which are being committed by the employees.
The upper level management perpetrator can commit the Fraudulent Financial Reporting, this means that the
management can override the internal control and allow the misrepresentation of financial statement meaning even if
the transaction is not existing they are allowing it to be recorded to get a higher asset /income and lower expenses /
liabilities, even to the point of going against the accounting standards.
While the lower level fraud or employee’s fraud are being categorized as Misappropriation of asset. In here,
the employees are directly involve with fraud such as stealing of companies property, embezzling of receipts is using a
receipt that did not occur and using the cash in personal expenses, and lapping of accounts receivable (this one we
already discussed this in your IA1).
How can the auditor detects this possible fraud, well there is Fraud risk factor, a scenario wherein there is a
possibility that fraud may exist. Take note, NOT ALL FRAUD risk factor in an entity has fraud, however, all fraud has
fraud risk factor. If you are going to look above, If by looking at how the management override control in the Internal
control of the company or by just looking at the industry conditions you notice that that particular industry is suffering
from financial loss and because of that the company’s financial stability is in question, this is what to we call as fraud
risk factor in management level. While in employee’s level, you noticed that there is no proper safeguard on valuable
assets and its internal control are weak, this can be a concern on fraud risk factor in employees level.
3. Auditor The auditor is not and cannot be held responsible for the prevention of fraud and
error. The main responsibility of the auditor is to design the audit to obtain reasonable
assurance that the financial statement as a whole are free from material misstatement,
whether caused by fraud or error.
Planning Phase 1. Make inquiries of management about the
possibility of misstatement due to fraud and error
As referred to above table, you are going to notice that fraud prevention and control is the main responsibility
of the management. The main responsibility of the auditor is design an audit with reasonable assurance that the
financial statement are free from material misstatement whether that is due to fraud and error.
It also shows the step by step procedures on detecting material misstatement due to fraud or error. This will be
discussed in details below.
Planning Phase
1. The auditor should make inquiries of management about the possibility of misstatement due to fraud and error.
• Management assessment of risk due to fraud
• Controls established to address the risk
• Any material error or fraud that has affected the entity or suspected fraud that the entity is investigating.
These inquiries may provide useful information concerning the risk of material misstatements in the financial statements
resulting from employees fraud. However, such inquiries are unlikely to provide useful information regarding the risk of
material misstatements in the financial statements resulting from management fraud.
2. The auditor should assess the risk that fraud or error may cause the financial statements to contain material
misstatements. According to PSA 20 the auditor may specifically asses the risk of material misstatement due to fraud and
consider the assessment in designing the audit procedures to be performed. Assess the “fraud risk factor”, events or
condition that provide an opportunity, a motive or means to commit fraud, or indicate that fraud may already have
occurred.
Note: Fraud risk factor don’t necessary means that fraud may occur however, when fraud occurs there is a fraud risk
factor.
In planning stage, this is the part wherein the auditor is having some inquiries to the management, the auditor
shall include the above points for inquiries and check for the fraud risk factors. Of course if you are going to have an
inquiry with the management about the possibility of fraud and in that particular scenario for example the one who is
committing fraud is the management itself it will be hard for you to get those information, in this case the possible area
that will be uncovered only is the employee fraud. So, in case management fraud maybe what you can do is check on
other way like looking at industry condition or possibility of override of controls, except for inquiry to management.
In case the auditor asses that there is a possibility of fraud, the auditor may approach the audit with heighted
professional skepticism. Meaning “Hindi mo talaga pagkakatiwalaan ang lahat ng ibibigay sa iyo, parang pag-ibig lang
yan once na niloko ka hindi ka na basta basta magtitiwala”.
Since, this will be your response once based on your judgement there is a possibility of fraud, the audit team that will
be selected (remember we are still in a planning phase here) will be with appropriate level of knowledge, skill and
ability to deal with the possible fraud risk in the entity.
You are going to include those staff who are experienced in this type of situation.
The auditor may decide to consider management selection and application of significant accounting policies,
particularly those related to income determination and asset valuation.
TESTING PHASE
3. During the course of the audit, the auditor might find circumstances that may lead to possibility of existence of fraud
and error, the auditor should perform procedures necessary to determine if material misstatement exist due to fraud and
error.
4. After identifying the material misstatement in the financial statement, the auditor should determine whether the
misstatement is fraud or error.
However, if it is found to be fraud, and the effect is not material. The auditor should report the fraud to the appropriate
level of management at least one level above to those persons involve. Be satisfied that there is no other implication of
fraud for that identified perpetrator.
However, if the auditor detects a material fraud or has been unable to evaluate whether the effect on financial statements
is material or immaterial, the auditor should consider implication for the other aspects of the audit particularly the
reliability of management representation. Discuss the matter and the approach to further investigation with an appropriate
level of that is at least one level above those involved.
Attempt to obtain evidence to determine whether a material fraud in fact exists and if so, their effect and
Suggest that the client consult with legal counsel about the question at law.
Whenever you find a misstatement during the testing phase, the first question that you need to raise is whether
that misstatement is error or fraud. If that is error that will not a big issue, simply check whether the effect of the error
is material or not material if the error is material you can just request for the adjustment in financial statement.
Now, if the misstatement that you found is a fraud, then check if it is material or immaterial misstatement. If
that is not material misstatement, (remember we discussed in the previous lesson above that we are only concern to
error or fraud that materially affects the misstatements) you just only need to report the fraud to the management as
stated above. Why do we still need to report the incident of fraud to the immediate head of the perpetrator? This is a
fraud, whether small or big the intentionality is present there is a possibility that what you see is just a tip of an iceberg.
That is why, it says also in the statement above that you as an auditor must be satisfied that that fraud is only up to that
level only.
COMPLETION PHASE
5. The auditor should obtain a written representation from the client management that
• It acknowledges its responsibility for the implementation and operations of accounting and internal control
systems that are designed to prevent and detect fraud and error.
• It believes the effects of those uncorrected financial statement misstatement aggregated by the auditor during the
audit are immaterial, both individually and in the aggregate, to the financial statements taken as a whole. As
summary of such items should be included in or attached to the written representation.
• It has disclosed to the auditor all significant facts relating to any frauds or suspected frauds known to
management that may have affected the entity. And
• It has disclosed to the auditor the results of tis assessments of the risks that the financial statements may be
materially misstated as a result of fraud
In the completion phase, the management representation letter that is being discussed above shall be
discussed in details in the later part of the module. But to give you an idea, obtaining a management representation
letter is important in the part of the auditor because this letter claims the responsibility for the establishment and
implementation of the entity’s internal control, that whenever there is uncorrected financial statement errors is not
material in aggregate amount, and of course the management disclosed all the facts about fraud that might exists in the
entity.
7. If the auditor is unable to evaluate the effect of fraud on the financial statements because of a limitation on the scope of
the auditor’s examination, the auditor should either qualify or disclaim his opinion on the financial statement.
In the issuance of the auditor’s report, you will see that the entity will not receive a clean opinion (Unqualified opinion)
if the material error/fraud has not been adjusted in the financial statement. Also, if there is a scope limitation because
of inability to gather enough documents or evidences pertaining to fraud or error, the auditor might disclaim or qualify
an opinion. Disclaimer of opinion is not issuing an opinion at all, due to scope limitation and a qualified opinion is not
a clean opinion.
Note: Because of the inherent limitations of an audit there is an unavoidable risk that material misstatements in the
financial statements resulting from fraud and error may not be detected. Therefore, the subsequent discovery of
material misstatement in the financial statements resulting from fraud or error does not, in and of itself, indicate that the
auditor has failed to adhere to the basic principles and essential procedures of an audit.
The risk of not detecting a material misstatement resulting from fraud is higher than the risk of not detecting a material
misstatement resulting from error.
The risk of the auditor not detecting a material misstatement resulting from management fraud is higher than for
employee fraud because those charged with governance and management are in position that assumes their integrity
and enables them to override the formally established control procedures.
The following policies and procedures, among others, may assists management in discharging its responsibilities for the
prevention and detection of noncompliance
• Monitoring legal requirements and ensuring that operating procedures are designed to meet these requirements
• Instituting and operating appropriate systems of internal control
• Developing, publicizing and following a Code of Conduct
• Ensuring employees are properly trained and understand the Code of Conduct
• Monitoring compliance with he Code of Conduct and acting appropriately to discipline employees who fail to
comply with it.
• Engaging legal advisors to assist in monitoring legal requirements.
• Maintaining a register of significant laws with which the entity has to comply within is particular
industry and a record of complaints.
Non-compliance to laws and regulations are commission or omission of the requirement of law. Meaning the
entity is considered non-compliant if the entity does not follow exactly what is written in the laws and regulations. Of
course it is the management and those charge with governance responsibilities to make sure that the entity is compliant
to laws and regulations, the auditors are not expected to detect noncompliance with laws and regulations but the auditor
must recognize that noncompliance with this laws and regulations may materially affect the financial statement.
For example if the company is evading tax, and once the BIR found it out there is a possibility that the
company will pay a large amount of penalty or worst the company will be closed due to this illegal acts. Most of the
times this non-compliance are not reflected in the financial statements, like for example your non-compliance with
environmental laws, but once the DENR finds out that the entity is non-compliant with the said environmental law, then
they might pay a large amount of money and again worst case scenario is shutdown of business until they comply with
the said law.
That is why the entity’s management and those charge with governance must make sure that they are following
those laws and regulations that is applicable to the industry they belong.
Auditor’s responsibility
Planning Phase
Testing Phase
4. When the auditor becomes aware of the possibility of In case the you observe non-compliance from laws and
noncompliance, the auditor should obtain an understanding of the regulations, let say you observed that they are not following
nature of the act and the circumstances in which it has occurred , certain environmental regulation, you have to further
and sufficient information to evaluate the possible effect on the investigate it whether it has a possible effect on financial
financial statements. When evaluating the possible effect on the statements. In here, you have to check if there is a penalty
FS, the auditor considers. that the company should pay or worst there will be potential
litigation.
* Potential financial consequences, such as fines, penalties,
damages, threat or expropriation of assets, enforced
discontinuation of operations and litigation.
This potential non-compliance that you observed must be
*Whether the potential financial consequences require properly documented.
disclosures.
Completion phase This is a document that will be obtained from the management
regarding the entity’s disclosure of possible non-compliance.
6. The auditor should obtain written representation that
management has disclosed to the auditor all known actual or
possible noncompliance with laws and regulations that could
materially affect the financial statements.
Consider the Effect on the Auditor’s Report In case, the auditor gathered enough evidence that there is
non-compliance and that is not being resolved during the
7. When the auditor believes that there is noncompliance with course of the audit, therefore there will be an effect on the
law’s and regulations that materially affect the financial auditor’s report.
statements, he should request the management to revise the
financial statements. Otherwise, a qualified or adverse opinion
will be issued.
Note: An audit is subject to unavoidable risk that some material misstatements in the financial statements will not be
detected, even though the audit is properly planned and performed.
The risk is higher with regard to material misstatement resulting from noncompliance with laws and regulations because
• There are many laws and regulations
• Noncompliance may involve conduct designed to conceal it, such as collusion, forgery, deliberate failure to record
transactions, senior management override or controls intentional misrepresentations being made to the auditor
Enrichment Activities
1. What are the things that you need to do as auditor in case in the course of your audit you found out that
there is fraud, error or non-compliance?
2. Define the fraud risk factor and what is the importance of this in the course of your audit?
3. What is the primary purpose of an audit?
Assessment
Lesson 3 - AUDITOR’S RESPONSIBILITY
Name: ___________________________________________ Section: _____________ Score: __________
1. An intentional act by one or more individuals among management, employees or third parties which
results in misrepresentation of financial statements refers to
a. Error c. Fraud
b. Noncompliance d. Illegal acts
2. The responsibility for adopting sound accounting policies, maintaining adequate internal control, and
making fair presentation in the financial statement rests
a. with management
b. with independent auditor
c. Equally with management and the auditor
d. With internal audit department
3. Which of the following is most correct regarding the distinction (s)between the auditor’s responsibilities
for searching for errors and fraud
a. little c. no
b. a significant d. various
4. Which of the following is an example of error ?
a. Defalcation
b. Suppression or omission of the effects of transactions from the records or documents
c. Recording of transactions without substance
d. Misapplication of accounting policies
5. Fraudulent financial reporting is most likely to be committed by whom?
a. line employee of the entity
b. outside members of the entity’s board of directors
c. entity’s management
d. the entity’s auditors
6. Which of the following statements best describes an auditors’ responsibility to detect errors and fraud?
a. An auditor should assess the risk that errors and fraud may cause the financial statements to contain
material misstatements and should design the audit to provide reasonable assurance of detecting errors
and fraud that are material to the financial statements.
b. An auditor is responsible to detect material errors, but has no responsibility to detect material fraud
that are concealed through employee collusion or management override of the internal control structure.
c. An auditor has no responsibility to detect errors and fraud unless analytical procedures or
tests of transaction identify conditions causing a reasonably prudent auditor to suspect that the financial
statements were materially misstated.
d. An auditor has no responsibility to detect errors and fraud because an auditor is not an insurer and an
audit does not constitute a guarantee.
7. If several employees collude to falsify documents, the chance a normal audit would uncover such act is:
a. very low c. zero
b. very high d. none of the above
8. When performing a financial statement audit, auditors are required to explicitly assess the risk of
material misstatement due to
a. errors c. Noncompliance
b. Fraud d. Business risk
9. Which of the following best describes what is meant by the term fraud risk factor?
a. Factor whose presence indicates that the risk of fraud is high
b. Factor whose presence often has been observed in circumstances where fraud occurred.
c. Factor whose presence requires modification of planned audit procedures.
d. Factor that indicates internal control weakness
10. Which of the following procedures would assist the auditor in identifying noncompliance with laws and
regulations?
a. Inquiring from the client’s lawyers
b. Inspecting correspondence with relevant regulatory agencies
c. Inquire of management concerning entity’s policies and procedures regarding compliance with laws
and regulations.
d. Discuss with the client management the policies or procedures adopted for identifying, evaluating
and accounting for litigation, claims and assessment
11. An auditor who discovers that a client’s employees have paid small bribes to public officials most likely
would withdraw from the engagement if the
a. Client receives financial assistance from various government agencies
b. Evidence that is necessary to prove that the illegal acts were committed does not exist
c. Employee’s actions affect the auditor’s ability to rely on management’s representations
d. Notes to the financial statements fail to disclose the employees’ actions.
12. These are acts of omission or commission by the entity being audited, either intentional or unintentional,
which are contrary to the prevailing laws and regulations
a. Fraud
b. Misappropriations
c. Noncompliance
d. Defalcation
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
Lesson Objectives:
✓ Recite the audit process
✓ Differentiate the financial statement assertions and audit procedures
✓ Demonstrate process of accepting an engagement.
✓ Construct an example of engagement letter
Getting Started
In this lesson you are going to understand the overview of the whole audit process, but the acceptance of an audit
engagement will be discussed here thoroughly. You will learn what are the things you need to understand in accepting a
new and an old client.
The audit of financial statement generally begins with the financial statements prepared by the entity’s management. If
you do not have financial statements you don’t have any audit to perform.
As you can see in the figure below this is simply the flow of the audit, it starts with the financial statements
that is prepared by an entity, those management has assertions regarding the financial statements, then the auditor will
verify the correspondence with those assertions against the criteria (GAAP, PFRS or IFRS), this verification procedures is
also known as the audit procedures, and during the audit procedures evidence shall be gathered by the auditor and
audit opinion about the credibility of the financial statement is being formed based on the gathered evidenced. This is
an overview of how the audit will be conducted.
Classification - transactions and events have been recorded in the proper accounts
Assertions about account balances at the period end
Existence – assets, liabilities, and equity interest exists
Rights and obligations – the entity holds or controls the rights to assets and liabilities are the obligations of the entity.
Completeness - All assets, liabilities and equity interests that’s should have been recorded have been recorded.
Valuation and allocation – assets, liabilities and equity interest are included in the financial statements at appropriate
amounts and any resulting valuation or allocation adjustments are appropriately recorded
Audit assertions are the implicit or explicit claims and representations made by the management responsible for the
preparation of financial statements regarding the appropriateness of the various elements of financial statement and disclosures.
Audit assertions are also known as Management Assertions and Financial Statement Assertions.
For example, if a balance sheet of an entity shows buildings with carrying amount of P1,000,000, the auditor shall assume that the
management has claimed that the building recognized in the balance sheet exists at the period end, the entity owns or controls those
buildings, the buildings are valued accurately in accordance with the measurement basis. All buildings are owned and controlled
by the entity are included withing the carrying amount of 1 million.
Assertions about classes of transactions and events for the period under audit – this pertains to income statement/financial
performance assertion
Assertion Sample: salaries and wages cost
Occurrence Salaries & wages expense has been incurred during the period in respect of the personnel employed by
the entity. Salaries and wages expense does not include the payroll cost of any unauthorized personnel.
Completeness Salaries and wages cost in respect of all personnel have been fully accounted for.
Accuracy Salaries and wages cost has been calculated accurately. Any adjustments such as tax deduction at source
have been correctly reconciled and accounted for.
Cut off Salaries and wages cost recognized during the period relates to the current accounting period. Any
accrued and prepaid expenses have been accounted for correctly in the financial statements.
Classification Salaries and wages cost has been fairly allocated between:
Assertions about account balances at the period end – this pertains to balance sheet / financial position assertion
Assertion Sample Inventory Balance
Existence Inventory recognized in the balance sheet exists at the period end.
Completeness All inventory units that should have been recorded have been recognized in the financial statements. Any
inventory held by a third party on behalf of the audit entity has been included in the inventory balance.
Rights and Audit entity owns or controls the inventory recognized in the financial statements. Any inventory held
obligations by the audit entity on account of another entity has not been recognized as part of inventory of the audit
entity.
Valuation and Inventory has been recognized at the lower of cost and net realizable value in accordance with IAS 2
allocation Inventories. Any costs that could not be reasonably allocated to the cost of production (e.g. general and
administrative costs) and any abnormal wastage has been excluded from the cost of inventory.
Occurrence, Transactions with related parties disclosed in the notes of financial statements have occurred during
rights and the period and relate to the audit entity.
obligation
Completeness All related parties, related party transactions and balances that should have been disclosed have been
disclosed in the notes of financial statements.
Classification The nature of related party transactions, balances and events has been clearly disclosed in the notes of
and financial statements. Users of the financial statements can clearly determine the financial statement
understandability captions affected by the related party transactions and balances and can easily ascertain their financial
effect.
Accuracy and Related party transactions, balances and events have been disclosed accurately at their appropriate
valuation amounts.
Audit procedures
Selection of the appropriate procedure to satisfy a particular assertion is affected by a number of factors including
the auditor’s assessment of materiality and risk. Regardless, of the procedures selected, there is only one basic criterion.
The procedure selected should enable the auditor to gather sufficient and appropriate evidence about a particular assertion.
Below are the audit procedures used by the auditor to gather sufficient and appropriate evidence
Evidence
Audit evidence refers to the information obtained by the auditor in arriving at the conclusions on which the audit
opinion is based. Audit evidence comprise source documents and accounting records underlying the financial statements
and corroborating information from other sources. This evidence about the financial statement will either prove or
disprove the validity of management assertion.
Given the audit procedures above, which are easily understood. Kindly provide specific scenario in an audit in which
you can use these audit procedures.
Issuing a Report
Audit Planning
Accepting an Engagement
The procedures performed at this stage of the audit are referred to in PSA 300 “preliminary planning activities”
These procedures involve:
a. Performing procedures regarding the continuance of the client relationship and the specific audit engagements
b. Evaluating compliance with ethical requirements , including independence
c. Establishing an understanding of the terms of the engagement
AUDIT PLANNING
In planning an audit, the auditor obtains more detailed knowledge about the client’s business and industry in order to
understand the transaction s and events affecting the financial statement and to identify potential problems that might be
encountered during the audit.
A preliminary assessment of risk and materiality should also be made to be able to develop overall audit strategy and a
detailed approach for the expected conduct and scope of the examination
If the auditor wants to assess control risk at less than high level sufficient appropriate evidence must be gathered /obtained
to prove that the internal control is functioning effectively and that it can be relied upon. This evidence can be obtained
by performing test of controls.
The extent of the substantive tests is highly dependent on the results of the auditor’s consideration of internal control.
If the internal control is functioning effectively the scope f substantive test can be decreased. However, if it is not
functioning effectively, you must gather more evidence.
ISSUING A REPORT
On the basis of audit evidence gathered and evaluated, the auditor forms a conclusion about the financial statement. This
conclusion in the form of an opinion, is communicated to various interested users through an audit report.
The audit process that has been stated above is an overview on how the auditor shall conduct the audit. This will be
discussed in details in the succeeding lessons. I will just discussing the overview of each process for your guidance.
The first step in an audit process is the acceptance of engagement. Not all engagements are to be accepted, both the
qualification of the auditee/management and the competence of the auditor shall be evaluated before the engagement. Why?
Because the public is trusting the work of an auditor therefore the auditor needs to make sure that all his engagements are done only
on entities which has integrity and the auditor is competent enough to conduct the audit. This also involves the preliminary
planning activities, which will be discussed later.
The second step in audit process is the audit planning, this is a crucial part since there will be an in depth study of the client
business and industry to be able to have a knowledge on how the financial statements reporting will be affected, in here, risk and
materiality are being assessed to come up with audit strategy. The output for this process aside from audit strategy are the audit
program, audit plan and time budget. Materiality and risk will be discussed in the later period.
The third step, is the understanding of internal control it has direct effect in the substantive procedures that will be conducted
by the auditor, just like the audit planning. As we read if the internal control is effective, therefore the financial statement is
reliable, if the financial statement is reliable the Nature, Extent and Timing of Test (NET Test) will be lessened.
The fourth step is substantive test, in this process, an auditor is going to examine evidence and documents to verify whether the
amounts presented in the financial statement are according to entity’s assertions. The substantive test will be dependent on the
result of the result of the consideration of internal control, whether the Nature, Extent and Timing of test will heightened or
lessened.
Once you are done with your substantive test, and gathered evidences that supports the assertions regarding account balance,
the auditor is going to do some final steps before he/she issues a report on financial statement. These additional steps are review
of subsequent event and contingencies (these are the events that happened after the reporting period but before the issuance of the
report) , assessing the going concern assumption (the going concern assumption, is the assumption that the business will continue
indefinitely), performing overall analytical review procedures, and obtaining written representations from client’s management.
Please remember that these steps are essential in the completion of the financial statement.
And lastly, is the issuance of the audit report, please do remember that there are 4 kinds of audit opinion that an auditor may
issue, first is the unqualified opinion (this is a clean opinion) a preferred opinion of all the entities and the interested users, qualified
opinion (this is a scenario where the FS is free from material misstatement except for some cases), adverse opinion (this is an
opinion telling the users that the financial statement is misstated) and the disclaimer of opinion (this is actually not an opinion, but
the auditor will not issue an opinion in this case because of some scope limitations). Well, we are going to discuss this in details in
the last part of this module.
ACCEPTING AN ENGAGEMENT
According to the firm’s quality control policies and procedures, there must be a system for deciding whether to accept or
reject an audit engagement
Making this decision the firm should consider the following
Competence One of the primary considerations before accepting an audit engagement is to determine whether the auditor
has the necessary skills and competence to handle the engagement. Before accepting an audit engagement, the auditor
should obtain a preliminary knowledge of the client’s business and industry to determine whether the auditor has the
degree of competence
The standards states that the accountant should not portray themselves as having expertise which they do not possess.
Independence – Before accepting and audit engagement, the auditor should consider whether there are any threats in the
audit team’s independence and objectivity and, if so, whether adequate safeguards can be established.
The Code of Ethics requires the predecessor auditor to respond fully to the incoming auditor’s inquiry and advise the
incoming auditor if there are any professional reasons why engagement should not be accepted.
Accepting an Engagement
“Not all engagements are to be accepted by the auditors”, there must be a proper procedure on how to qualify the
clients and even to check the capabilities of the audit firm in the conduct of the audit.
There are factors that needs to be considered by the auditor upon accepting an engagement, first is the
competence of the auditor, the ability of the auditor to perform the audit, for example if the entity’s business
industry is not yet familiar with you and your time is not enough to do the background investigation of that certain
industry, it will be hard in you to perform an audit. This also includes the ability to serve the client properly.
Second factor to consider is the independence of the auditor, the auditor is to make sure that the he/she is
independent from the entity he/she is going to audit. The standard sets the procedures on how to check if the
auditor is independent or not. Like for example if the auditor is a stock holder of the entity that he is going to audit
then he is considered not independent, as well as if the auditor’s immediate family is a board member of part of
management of the entity he is going to audit, the auditor is also not independent in this situation. If the auditor is
not independent in the entity he is auditing the decisions or even the reports that he/she will make can be questioned
by the users of the financial statement.
While in the part of the client, background investigation is to be done by the auditor to make sure that the
prospective client has no integrity issue, why is it important to do that? Because the auditor might enter into a risky
engagement wherein his name will be involved in not good acts/illegal acts.
How are you going to do background investigation?
Make inquiries of appropriate parties in the business community such as prospective clients, bankers, legal counsel, or
underwriter to obtain information about the reputation of the client.
Also, making communication to the predecessor auditor, who is the predecessor auditor? This is the previous auditor,
you have to ask what is the Reason why there is a change in auditor, any Disagreement between the prospective
client and the predecessor auditor, and any facts that might have a bearing on the Integrity of the client.
Communication to the predecessor auditor somehow will give you an idea the reason why there is a change of
auditor.
Below is a flow on how to communicate to predecessor auditor,
In general, conditions which would have caused an accounting firm to reject a prospective client may also result or lead to
a decision of terminating an audit engagement.
• Clients should be evaluated
o At least once a year or
o Major events occurred
ENGAGEMENT LETTER
Engagement letter – written contract between the auditor and the client
Contents
➢ Objective and Scope – which is to express an opinion in the financial statement
➢ The management responsibility for the fair presentation of the financial statement
➢ The scope of the audit
➢ The forms or any reports or other communication that the auditor expects to issue.
➢ The fact that because of the limitations of the audit, there is an unavoidable risk that material misstatements may
remain undiscovered.
➢ The responsibility of the client is to allow the auditor to have unrestricted access to whatever records,
documentation and other information requested in connection with the audit.
Additional Contents:
1. Billing arrangements
2. Management written representation
3. Arrangements including the involvement of the experts
4. Acknowledgement from management
Importance
o Avoid misunderstandings with respect to the engagement
Recurring Audits
The auditor normally does not send new engagement letter every year. However, the following factors may cause the
auditor to send a new engagement letter.
• Any indication that the client misunderstand the objective and scope of the audit.
• Any revised or special terms.
• A recent change of senior management, board of directors or management
• Legal requirements and other government agencies pronouncements
If the auditor opt not to send a new engagement letter, the auditor should remind the client of original agreement
After evaluating the competence of the auditor and the integrity of the client, if there is no issue in
accepting an engagement this is the time the auditor is going to prepare the engagement letter. An engagement
letter once signed by the client will be a binding contract between the client and the auditor, this will clarify what will
be the responsibilities of the management during the audit as well as the auditor. Sometimes, if it is a recurring audit
the auditor does not send a new engagement letter however, if there are changes in the terms of the contract or
clarifications or some other factors written above new engagement letter is prepared.
Audit of Components
When the auditor or a parent entity is also the auditor of its subsidiary, branch or division (component), the auditor should
consider the following factors in making a decision of whether to send a separate letter to the component
✓ Who appoints the auditor of the component
✓ Whether a separate audit report is to be issued on the component
✓ Legal requirements
✓ The extent of any work performed by the other auditor
✓ Degree of ownership of parent
Degree of independence of the component’s management.
Enrichment Activities
1. If you are an auditor how are you going to accept a new client?
2. Prepare an engagement letter for your audit
Assessment
Lesson 4 - THE AUDIT PROCESS – ACCEPTING AN ENGAGEMENT
Name: ___________________________________________ Section: _____________ Score: __________
https://smallbusiness.chron.com/examples-internal-controls-57039.html
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
Topics include risk based approach as audit methodology; audit evaluation and
planning, including the concept of the risk and materiality, assessing internal
controls and test of controls; performance of an audit; evidence collection,
analysis and substantive tests
VI. Module Outcomes At the end of this course, the students shall be able to
1. Skillfully apply learned knowledge, theories, concepts and principles
required by their course in performing their profession
2. Fulfil their professional obligations as required by the standards of the
industry or their profession
3. Manifest excellence in their respective fields through licensure
examinations, job acquisition, and practice of profession.
4. Manifest moral uprightness by observing proper decorum and conduct at all
times and displaying the qualities of a person with high professional and
ethical standards.
5. Manifest understanding on standards and carefully following each standard
in order to maintain high quality of the service
Fail to plan, plan to fail – John Maxwell, this is the quote that I am always telling my student before the start of this
lesson. Auditing is the same in real life because if you fail to plan you will plan to fail. As you read on you will
understand why, a poorly planned audit means higher cost of the conduct of the audit.
Audit planning is not a simple process. It involves consideration of client industry and regulatory factors,
client operations and administration, availability and assignment of firm resources, engagement timing and much more.
Fortunately, the hard work of proper planning may not only enable for efficient audit execution, but it also provides
auditors with important risk management techniques. Complying with all applicable professional standards when
delivering services helps reduce professional liability risk.
The information learned during planning should be applied throughout the engagement to achieve appropriate
conclusions. Planning for the current engagement should have started with the control possible control deficiency
identified in the prior audit and addressed the issue throughout the audit process.
Gaining an understanding of the client and its environment presents an opportunity for the auditor to view the
client’s business and the engagement form a perspective other than the debits and credits underlying the financial
statements. This holistic view of the various industry, regulatory, internal and external factors may allow for possible
information on how to perform an engagement. Identifying areas with greatest risk can allow for additional testing or
analysis.
Assignment of an engagement team and scheduling of resources may seem like simple logistical issues.
Nevertheless, the level of experience on the team, use of experts, and scheduling of who will review and when are all
variables that can significantly alter the engagement approach and affect is success. Assigning complex or difficult
areas of an audit to the appropriate level of expertise, dept of experience, or extent of review is an important step in
reducing likelihood of an error.
Figure
Source of information
1. Review of prior years’ working papers
2. Tour of clients facilities
3. Discussion with people within and outside the entity
4. Reading books, periodicals and other publication related to the client’s industry
The auditor should also ensure that assistants assigned to an audit engagement obtain sufficient knowledge of the client’s
business and industry to be able to carry out the work delegated to them.
With the information obtained, the auditor should consider how it affects the financial statements and whether the
assertions in the financial statement are consistent with the auditor’s knowledge of the business.
The auditor should have a proper understanding about the industry, regulatory and other external factors that
may affect the financial reporting of the entity, let say the entity is in food industry, or is this under PEZA (Philippine
Economic Zone Authority) company wherein there will be separate regulations for taxation and other reporting
standards.
For the internal factor, type of entity and accounting policy wherein you are going to check the ownership, its
legal structure like if this is partnership, corporation (public or closed corporation), governance and main source of
finance. Included in here is the accounting policies.
Their objectives and strategies, this is related to business risk Measurement and review of financial
performance, measures like KPI (Key performance) index, budgets and targets) Like for example in this season, what
is the business strategies of tourism business?
How are you going to get all these information? See all possible sources of information above.
It is not only the engagement partners who should know the background of an entity being audited but also the
assistants who will be part of the audit team.
The additional considerations in audit planning on new engagements are getting information from the
previous audit engagements such as the opening balance of the financial statements, this is important since, the wrong
opening balance of the financial position will lead you to wrong ending balance of financial position under audit. That
is why you have to make check whether the opening balances do not contain material misstatement.
Consistent of application of accounting policies and proper disclosures are important to consider as well so that there
will be proper comparison of figures later on, specially in doing the analytical procedures.
Once the auditor has gained a sufficient understanding about the entity and its environment including its internal
control, then the overall audit strategy shall be formulated. The best audit strategy is the approach that results in the most
efficient audit, an effective audit performed at the least possible costs.
In developing overall audit strategy, the auditor must consider the carefully the appropriate levels of materiality and audit
risk
Audit planning will lead you to efficient and effective performance of an audit, for you to be able to give a reasonable
assurance that the financial statement is not materially misstated.
In planning the audit, you will be able to identify the amount of evidence that you have to accumulate and the timing
and how are you going to perform the evidence gathering.
Significant factors:
1. Materiality
Information is material if its omission or misstatements could influence the economic decision of users taken on the basis
of the financial statements. At the planning stage, the auditor should make a preliminary estimate of materiality for use
during examination. Materiality may be viewed as:
• The largest amount of misstatement that the auditor could tolerate in the financial statement
• The smallest total amount that could misstate the financial statements
Auditor’s determination of materiality is a matter of professional judgment and necessary involves quantitative factors (
amount of the item in relation to the financial statements) and qualitative factors (the nature of misstatement)
One of the factors that affects the overall strategy is assessing the materiality level. What is a materiality, as
discussed above, this is the amount of omission or commission in the financial statement that made the financial
statement misstated, in which it can influence the decision of the users.
Let say there is an overstatement of revenue amounting to 5,000,000 pesos, this is a commission that made the
financial statement materially misstated. Because of this commission the additional recording of revenue, the investors
decided to increase their investment in the company knowing that the company is doing good which in fact it is not
doing that good since it has an overstatement of 5,000,000 pesos. Given the real financial statement without the
overstatement of 5,000,000 the investor will not have additional investment. (this is the meaning of “it can influence
the decision of the users).
Now, let us proceed with the discussion, this means that the auditor shall use his professional judgement and
assess the materiality level. The question is how much of the largest amount of misstatement that the auditor could
tolerate in the financial statement? And how much is the smallest amount that could misstate the financial statement?
Do you understand this? The largest amount of misstatement that the auditor could tolerate is what do we call
tolerable misstatement, meaning if the auditor set a tolerable misstatement P100,000 meaning this is the largest amount
that the auditor can tolerate. Any amount less than the P100,000 misstatement is basically tolerable.
Because the assessment of materiality level will lead us to identify how much evidence are we going to gather.
It says that there is an inverse relationship between materiality level and evidence to be gathered. Let us say your
materiality level is set to 500 pesos that means you have to gather more evidences than a materiality level that is set to
5,000. Why? There are many transactions that possibly starts with 500 pesos and up compared with 5,000 pesos.
Therefore, more evidences shall be gathered for a lower amount of peso than higher amount.
However, if the materiality level is set too low, you might spend too much time in gathering evidence and it will cost
you a lot.
Using Materiality Levels
The following steps may be used as a guide when using materiality levels. Steps 1 and 2 are performed in the planning
phase while step 3 is performed in the completion stage.
The auditor should determine the amount of misstatement that could be material to the financial statements taken as a
whole. If the materiality level is set too low, auditor will be wasting his time, auditing accounts that are not important.
However, if materiality level is set too high, auditor may not detect misstatement that could be material to the readers of
the financial statements.
When establishing materiality levels on a financial statement level, the auditor should consider that the financial
statements are interrelated that is a misstatement on one financial statement usually affect’s the other statement.
For this reason the auditor should consider materiality in terms of the smallest aggregate level of misstatement that could
distort any one of the financial statement.
Common method of estimating materiality at the financial statement level is to multiply statement base (total
assets, sales, or net income) by certain percentage.
That means if the materiality level set is low peso amount, the evidence that will be required to gathered is more
than the materiality level that is set on a high amount.
The first step in determining materiality level is determining the overall materiality in a financial statement level,
your basis can be the total assets, total sales or net income by certain percentage. The percentage will be dependent
on your judgement. Most of the times, it will be practical that the basis of the materiality level is the assets and the
total sales, because sometimes the entity does not have income. Let say your basis for the materiality level is 5% of
total assets, and you total assets is 1,000,000 therefore your 50,000 is the overall materiality at financial statement
level. Please take note that the percentage and the basis can change according to auditor’s judgement.
Another point to consider is the auditor should also consider materiality in terms of the smallest aggregate level
of misstatement that could distort any one of the financial statement. That means, what if, if the auditor uses two
basis of setting materiality level? The first one is the basis is asset and like what discussed above it is 50,000 and the
second one is the total revenue which is 40,000, in this scenario you have to consider the smallest level of
misstatement that could distort the fs which is the 40,000.
Like what has ben discussed above whenever you are going to assess the materiality too low, you are going to
gather more evidence which somehow will require more time to do and sometimes that will be impractical, same as
assessing the materiality level too, high meaning you are going to gather less evidence in which sometimes your audit
will not give a reasonable assurance. That is why the auditor’s judgement is somehow important.
Since the standard does not provides specific guidelines for this, this is highly subjective and requires great deal of
judgment by auditors.
Second step is to determine the tolerable misstatement – at account balance level.
How is this done, from the overall materiality that you obtained in step one, you are going to allocate this Let say
500,000 pesos to the account balances level. The specific procedures on how you are going to apply it in each
account depends on your judgement. But please take note that this allocation will serve as the amount of tolerable
misstatement in that particular account. Let us say, according to the procedure that you identify as an auditor, your
tolerable misstatement is being set in AR amounting to 50,000, therefore, during the conduct of your audit, you found
out that the AR has misstatement of 40,000 this is still not considered as materially stated, even if it reached to the
amount of 50,000 pesos. However, if the misstatement reached to 50,001 pesos this is being considered as materially
misstated.
Step 3 Compare the aggregate amount of uncorrected misstatement with the overall materiality
After performing audit procedures, the auditor will have to compare the aggregate uncorrected misstatements with overall
materiality (preliminary estimate of materiality or revised materiality level) to determine whether or not the financial
statements are materially misstated.
AUDIT RISK
After determining the materiality levels, the auditor should design the audit to provide reasonable assurance that the
financial statements taken as a whole are free from material misstatement.
Again, in assessing audit risk you need to use professional judgement, and to design audit procedures to ensure it is
reduced to an acceptably low level.
When designing substantive audit procedures, the auditor should consider three main issues.
1. What level of assurance does the auditor wish to attain that the financial statement do not contain material
misstatement?
2. How susceptible is the account to material misstatement?
3. How effective is the client’s internal control in preventing or detecting misstatement?
As we remember reasonable assurance is not giving an assurance that it is free from misstatements. In this case, the
procedures that you need to perform as auditor is to design your audit to increase likelihood of detecting these
misstatements. As the level of assurance increases, the scope of the substantive tests increases. As the susceptibility of
the account to material misstatement increases, the scope of the auditor’s substantive test also increases. AS the
effectiveness of the internal control increases, the scope of the auditor’s substantive test decreases.
In audit planning, after assessing the materiality, you are going to assess also the audit risk, this audit risk assessment
is an important part in audit planning as well because as you assess the audit risk you assess as well the amount of
reasonable assurance that you are going give as auditor. In here, you have many factors to consider before you come
up with the audit risk. Please do remember that after you assess this risk, you will know the extent of substantive test
that you are going to conduct in your audit.
As you will read below, an audit risk is that the auditor gives an inaapropriate audit opinion on the financial
statement. That is why there is a word risk, a danger that the opinion that will be provided by the auditor might be
wrong. As the audit risk decreases, the reasonable assurance increases, and as the reasonable assurance increase the
Nature, extent and timing of test also must increase to compensate the increase in reasonable assurance.
The audit risk complements that reasonable assurance, let us say if audit risk is 5% then the reasonable assurance is
95%
Below, is the discussion of the audit risk model, please take note of new terms like, inherent risk, control risk and
detection risk.
Audit risk refers to the risk that the auditor gives an inappropriate audit opinion on the financial
statements. Audit risk is a complement of audit assurance. As the designed level of audit risk decreases, the auditor
should design more effective substantive procedures.
Inherent risk the susceptibility of an account balance or class of transactions to a material misstatement assuming that
there were no related internal controls. In this concept it recognizes that some account balances, by nature are more
susceptible to misstatement than others.
PSA 315 requires the auditor to asses inherent risk at the financial statement and account balance of transaction class.
Factors that affect the risk of misstatement at the financial statement level include:
1. management integrity
2. Management characteristics (aggressive attitude toward financial reporting)
3. Operating Characteristics (profitability of the entity relative to its industry is inadequate)
4. Industry Characteristics (e.g. the industry is experiencing a large number of business failures)
Inherent risk is a danger that material misstatement in financial statement might exist before the
consideration of internal control. Meaning the inherent risk is the risk that is existing already in the company despite
of the existing internal control because of the factors such as the nature of the entity and it’s integrity, management,
operating and industry characteristics. Let say during your background investigation, the industry of the entity that
you are engaged is going down, and the business wants to thrive in this case, the entity might do everything to get a
loan from a bank.
Other factors that affects inherent risk are susceptibility of the account to theft, let say the entity has raw materials
that is gold, complexity of calculations related to account let say the entity is a mining entity, etc.
Control risk – the risk that a material misstatement that could occur in an account balance or class of transactions will not
be prevented or detected and corrected on a timely basis by accounting and internal control systems.
This is related to the effectiveness of the client’s internal control.
If the entity’s internal control is effective, the assessed level of control risk decreases (and vice versa). As the assessed
level of control risk increases, the auditor should design more effective substantive procedures.
Detection risk - the risk that an auditor’s substantive procedures will not detect a material misstatement.
As the acceptable level of detection risk decreases, the assurance directly provided from substantive tests increases.
Hence, the auditor should design more effective audit procedures in order to achieve the desired level of assurance.
Control risk and inherent risk are being assessed by the auditor, while detection risk cab be controlled by the auditor to
achieve the desired level of audit risk.
Control risk, this is also being assess by the auditor, specifically what is being assessed is the effectiveness of the
internal control, if the internal control is effective as evaluated by the auditor, the assessment of control risk is low, and
vice versa.
And in detection risk this is the possibility of the auditor not to detect material misstatement during the audit, this one is
not being assessed but being computed as seen in an audit risk model. Remember that if the detection risk is low,
therefore you have to increase the NET (Nature, Extent and Timing), test in the substantive
The inherent risk and control risk are what do we call the Risk of Material Misstatement. This risks are not controllable
by the auditor.
Detection risk can be looked at as the complement of the assurance provided by substantive tests. A 10% acceptable level
of detection risk means that substantive test must be designed to provide a 90% assurance to provide a 90% assurance of
detecting material misstatements.
This occurs because the auditor believes that the financial statements are fairly stated when in fact the financial statements
are materially misstated.
Thus, a lower acceptable level of detection risk increases the assurance to be provided by substantive tests. To obtain
greater assurance, the auditor will have to modify the scope of his substantive tests such as
Performing more effective substantive procedure (nature)
Performing year-end procedures (timing)
Using larger sample size (extent) , And vice versa.
There is an inverse relationship between materiality and the level of audit risk, that is, the higher the materiality level, the
lower the audit risk and vice versa.
For example, if, after planning for specific audit procedures, the auditor determines that the acceptable materiality level is
lower, audit risk is increased. The auditor would compensate for this by either:
Reducing the assessed level of control risk, where there is possible, and supporting the reduced level by carrying out
extended additional test of control or
Reducing the detection risk by modifying the nature, timing and extent of planned substantive procedures.
When we are talking about the relationship between materiality level and audit risk, as discussed above there is
an inverse relationship between the two. Meaning if the materiality level is set in low amount, the audit risk will be
high, in order to lower down the audit risk, the auditor will reduce the detection risk (this is the only risk that the
auditor can control), and how are we going to reduce the detection risk? By increasing the Nature, extent and timing
of the audit procedures.
Same goes when there is a higher level of materiality, if you set it in high level since there is an inverse
relationship therefore, the audit risk will be low, then in that case the detection risk shall be increase in that case it
can lessen the NET test.
These includes
a. Inquiries of management and others within the entity
b. Analytical procedures
c. Observation and inspection
The information that will be obtained from these procedures will be used to support assessment of risk of material
misstatement. By doing this process, you will have an idea on how the entity is being operated.
The risk assessment procedures are being done to check what are the possible risks that may arise in the entity
through these procedures, inquiries of the management and other within the entity, analytical procedures,
observation and inspection.
You might ask, what is importance of this risk assessment procedures? Basically this risk assessment procedures will
give a back ground information to the auditor on how the company operates by just looking at it on a general
perspective. For example, if you are going to do inquiry about the management and others within the entity, you will
understand how they operate, what is the value system of the company in which can have a direct effect in the
financial statement preparation. This will be the same as the analytical procedures, observation and inspection.
ANALYTICAL PROCEDURES
This involves analysis of significant ratios and trends, including the resulting investigation of fluctuations and
relationships that are inconsistent with other relevant information or deviate from predicted amounts.
PSA 520 requires the auditor to use analytical procedures in the planning and overall review stages of the audit.
Analytical procedures help the auditor in identifying unusual transactions and event s that may affect the fair presentation
of the financial statements.
Step 2 Compare the expectations with the financial statements under audit
The auditor compares the financial statements with his expectations to identify significant fluctuations that are
inconsistent with the auditor’s knowledge or that deviate from predicted amounts.
Investigate unexpected differences (unusual fluctuations) To determine whether financial statements contain Step 3
material misstatement.
Analytical procedures are a type of evidence used during an audit. These procedures can indicate possible
problems with financial records of a client, which can then be investigated more thoroughly. Analytical procedures
involved comparisons of different sets of financial and operational information to see if historical relationships are
continuing forward into the period under review. In most cases, these relationships should remain consistent over time.
If not, it can imply that the client’s financial records are incorrect, possibly due to errors or fraudulent reporting
activity.
Compare the days sales outstanding metric to the amount of prior years. This relationship between receivables and
sales should remain about the same over time, unless there have been changes in the customer base, the credit policy of
the organization, or its collection practices. This is a form of ratio analysis.
Review the current ratio over several reporting periods. This comparison of current assets to current liabilities should
be about the same over time, unless the entity has altered its policies related to accounts, receivable, inventory, or
accounts payable. This is a form of ratio analysis.
Compare the ending balances in the compensation expense account for several years. This amount should rise
somewhat with inflation. Unusual spikes may indicate that fraudulent payments are being made to fake employees
through payroll system. This is a form of trend analysis. And there are many more.
When the results of these procedures are materially different from expectations, the auditor should discuss them
with management. A certain amount of skepticism is needed when having this discussion, since management may not
want to spend the time to delve into a detailed explanation or may be hiding fraudulent behavior. Management
responses should be documented and could be valuable as baseline when conducting the same analysis in the following
year.
Audit program
The audit program executes the audit strategy, it sets in detail the audit procedures to be performed in each segment of the
audit. The program serves as a set of instructions to assistant involved in the audit and as a means to control and record
the proper execution of the work.
This should always include a detailed list of audit procedures that the auditor believes are necessary to accomplish the
audit objectives.
Time Budget
This is an estimate of the time that will be spent in executing the audit procedures listed in the audit program. This
provides a basis for estimating audit fess and assists the auditor in assessing the efficiency of the assistants.
Planning is continuous throughout the engagement because of changes to conditions or unexpected results of audit
procedures. The overall audit plan and the audit program should be revised as necessary during the course of the audit
and the reason for significant changes would be recorded.
Audit plan is a continuous and iterative process. It means that it can change throughout the process, however, the audit
plan at the beginning of the engagement is an important part since this will lead you to properly conduct your audit
effectively and efficiently.
Enrichment Activities
1. Discuss in detail what is assessment of materiality level, assessment of audit risk and analytical procedures and
State the relationship of these in the substantive testing.
2. Get a sample of Audit plan, audit program and budget and check how will this be helpful in the conduct of the
audit.
3. Is it true that once you are done with your plan you are not allowed to change it anymore?
Assessment
Lesson 1 - AUDIT PLANNING
]Name: ___________________________________________ Section: _______ Score: __________
Please encircle the best answer
1. Initial audit planning involves four matters. Which of the following is not one of these?
a. Develop an overall audit strategy
b. Request that bank balances be confirmed
c. Schedule engagement staff and audit specialists
d. Identify the clients’ reason for the audit.
2. In developing the overall audit plan for a new client, factor not to be considered is
a. Materiality levels
b. The client’s business, including the structure of the organization and accounting system used
c. The amount of estimated audit fee
d. The audit risks a procedures to be performed to achieve audit objectives.
3. The audit team gathers information about a new client’s business and industry in order to obtain
a. an understanding of the clients internal control system for financial reporting
b. an understanding of how economic events and transactions affect the company’s financial statements
c. information about engagement risk
d. information regarding whether the company is engaging in financial statement fraud.
4. To obtain an understanding of a continuing client’s business in planning an audit, an auditor most likely would
a. Perform test of details of transactions and balances
b. Review prior year working papers and the permanent file for the client
c. Read specialized industry journals
d. Re-evaluate the client’s internal control system.
5. The preliminary judgement about materiality and the amount of audit evidence accumulated are ______________
related
a. directly c. not
b. indirectly d. inversely
6. Which of the following statements is not correct about materiality?
a. The concept of materiality recognizes that some matters are important for fair presentation of financial
statements in conformity with the applicable financial reporting framework, while other matters are not important
b. An auditor considers materiality for planning purposes in terms of the largest aggregate level of misstatement
that could be material to any one of the financial statements
c. Materiality judgements are made in light of surrounding circumstances and necessarily involve both
quantitative, and qualitative judgments.
d. An auditor’s consideration of materiality is influence by the auditor’s perception of the need needs of a
reasonable person who will rely on financial statement
7. All else being equal, as the level of materiality decreases, the amount of evidence required will
a. remain the same c. change in an unpredictable fashion
b. decrease d. increase
8. The concept of materiality
a. Applies only to publicly held firms
b. Has greater application to the standards of reporting than the other generally accepted auditing standards
c. Requires that relatively more effort to be directed to those assertions that are more susceptible to misstatement
d. Requires the auditor to make judgements as to whether misstatements affect the fairness of the financial
statement.
9. Auditors frequently refer to the terms audit assurance, overall assurance, and level of assurance to refer to
_________
a. detection risk c. acceptable audit risk
b. audit report risk d. inherent risk
10. The risk that financial statements are likely to be misstated materially without regard to the effectiveness of
internal control is the
a. inherent risk c. Client risk
b. Audit risk d. Control risk
11. Audit risk consists of all but the following components
a. inherent risk c. detection risk
b. substantive risk d. control risk
12. Relationship between control risk and detection risk is ordinarily
a. Parallel c. Inverse
b. Direct d. Equal
13. Which is not correct regarding an auditor’s decision that a lower acceptable audit risk is appropriate?
a. More evidence is accumulated
b. Less evidence is accumulated
c. Special care is required in assigning experienced staff
d. Review of audit documentation is performed by personnel not assigned to the engagement.
14. These consists of the analysis of significant ratios and trends including the resulting investigation of fluctuations
and relationship that are inconsistent with other relevant information or deviate from predictable amount
a. Financial statement analysis c. Analytical Procedures
b. Variance analysis d. Regression analysis
15. A document that details what the auditor will do to gather sufficient, appropriate evidence is the
a. audit strategy c. audit procedure
b. audit program d. audit risk model
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
Getting Started
This is an audit, why? You will find out here in this lesson. But first you to be familiar with Internal control and
how important this is in the preparation of financial statement. Once you understand what is the importance of internal
control then, you will have a grasp of why is this an important process in the audit. Just read on and learn.
Assessing control risk is the process of evaluating the design and operating effectiveness of an entity’s internal control as
to how it prevents or detects material misstatements in the financial statement.
According to PSA 315, internal control is the process designed and effected by those charged with governance,
management, and other personnel to provide reasonable assurance about the achievement of the entity’s objectives with
regard to reliability of financial reporting effectiveness and efficiency of operations and compliance with applicable laws
and regulations
Internal control can be expected to provide reasonable assurance of achieving entity’s objectives. Because of the inherent
limitations that may affect the internal control’s effectiveness.
- Cost of the internal control should not exceed the expected benefits to be derived.
- Most internal controls tend to be directed at routine transactions rather than non-routine
transactions.
- Potential for human error due to carelessness, distraction, mistakes of judgement or
misunderstanding of instructions
- The possibility of collusion among employees
- The possibility of overriding of internal control of the management .
- The possibility that procedures may become inadequate due to changes in conditions, and
compliance with procedures may deteriorate.
Internal control is designed to help achieve entity’s objectives.
The objective that is relevant to the auditor is the financial reporting objective.
Every company like to believe that its employees and management are above reproach and would never do
something to harm the organization. However, it is also a wise business move to have systems in place to ensure
things are running smoothly and there aren't any issues. Internal controls are procedural measures an organization
adopts to protect its assets and property. Broadly defined, these measures include physical security barriers, access
restriction, locks and surveillance equipment. They are more often regarded as procedures and policies that protect
accounting data. company records, cash and other assets. Think of these controls as a type of insurance; no one wants
to ever use them, but they are good to have in the event there's an issue.
Our main goal in this lesson is to assess the control risk, this means to assess whether the internal control is in place
and it is operating effectively, because if not, the control risk will be high. This means that the financial statement
that is being produced from that entity might be materially misstated, and you cannot trust that as auditor.
Control environment
Includes attitudes, awareness, and actions of management and those charged with governance concerning the entity’s
internal control and its importance in the entity.
The entity must have an audit committee which will be responsible for overseeing the financial reporting policies
and practices of the entity.
• Commitment to competence
The entity should consider the level of competence required for each task and translate it to requisite knowledge
and skills
• Personnel policies and procedures
The entity must implement appropriate policies for hiring training, evaluating, promoting, and compensating
entity’s employees will bear directly the effectiveness of entities internal control.
• Assignment of responsibility and authority / organizational structure
Appropriate methods of assigning responsibility must be implemented to avoid incompatible functions and to
minimize the possibility of errors because of too much work load assigned to an employees.
Control environment is one of the components that comprises the internal control, this means that the upper
management and those charged with governance must be totally involved in establishing an effective internal control,
their attitude towards the effective implementation of internal control, their awareness of laws and regulations, and
their actions towards proper management is to be taken into consideration. You will easily spot a weak internal
control if a management has “bad” attitude towards the entity’s welfare, that is if they have no integrity and good
ethical values. Their operating styles and management philosophy is somehow flawed like they are the one who is
initiating a presentation of false financial statement. Also, if they don’t have an intact or proper policies and
procedures in the conduct of the responsibilities of their personnel. And many more as discussed above. Just a note,
that these are the items that the auditor can look into in evaluating the management’s control environment in an
internal control.
Risk Assessment
Business risk is the risk that the entity’s business objectives will not be attained as a result of internal and external factors
such as technological developments, changes in customers demand and other economic changes.
You noticed that there is another risk assessment that is being discussed here. This is aside from the audit risk,
inherent risk and control risk that are being assessed by the auditor. This risk assessment is pertaining to the business
risk that should be assessed as part of the component of entity’s internal control. In this case, the business risk is the
exposure the of the entity itself in the danger considering the factors such as economic factor, environmental factor and
other external factor that can put the entity at risk of losing.
• Describe on a timely basis the transactions in sufficient detail to permit proper classification of transactions for
financial reporting
• Measure the value of transaction in a manner that permits recording their proper monetary value in the financial
statement
• Determine the time period in which transactions occurred to permit recording of transactions in the proper
accounting period.
• Present properly the transactions and related disclosures in the financial statements.
Communication involves providing an understanding of individual roles and responsibilities pertaining to internal
control over financial reporting. Communication can be made electronically, orally, and through the actions of the
managements. It can take such forms as policy, manual, accounting and financial reporting manuals, and memoranda.
A good internal control must have a system to properly communicate relevant information thru a good
information and communication system. A good information and communication system must report all the relevant
information on a timely basis and with proper amount of reporting.
Proper communication includes also the proper understanding of the personnel with their individuals roles.
Even if you have a very good internal control but if you fail to communicate the reports that are being generated from
that good internal control or you fail to inform the employees involved in that internal control still you internal control
is not good.
As you can see above, the information system should include basically the process of accounting, the
identifying, classifying, recording and reporting process, because the end result of all these are the effective and
efficient operation of the business and the financial statement that is being produced from that operation.
Control activities
These are policies and procedures that help ensure that management directives are carried out.
The following are the specific control procedures that are relevant to financial statements audit.
Performance review
These control activities include reviews and analyses of actual performance versus budgets, forecasts and prior
period performance; relating different sets of data to one another, together with analyses of the relationships and
investigative and corrective actions.
Information processing
A variety of controls are performed to check accuracy, completeness, and authorization of transactions. When
computer processing is used in significant accounting applications, internal control procedures can be classified into two
types: general and application controls
Physical controls
These activities encompass the physical security of assets, including adequate safeguards such as secured facilities
over access to assets and records; authorization for access to computer programs and data files; and periodic counting and
comparison with amounts shown on control records.
Segregation of duties
Assigning different people the responsibilities of authorizing transactions, recording transactions, and maintaining
custody of assets is intended to reduce the opportunities to allow any person to be in a position to both perpetrate and
conceal errors or fraud in the normal course of the person’s duties.
One of the components of the internal control is the control activities. The controls that will be discussed are
important in a financial statement audit because it will have a direct effect on how well the financial statement is
being presented. These are the controls that should be seen in the internal control.
Control Activities includes performance review, information processing, physical control and segregation of
duties. Usually in a company which have an internal control, the performance review is being implemented, this is
the review of the performance of a company on a periodic basis, it can be monthly, quarterly semi-annual or annually.
In here the target is being compared with the actual performance of the company, and identifying what will be the
actions if ever the target is not being achieved.
In information processing it is important to make sure that the records are complete, accurate and properly
authorized. This will also be true with internal control CIS environment.
Physical controls are controls that is going to protect the asset of the company such as controls to safeguarding of
cash, controls in safeguarding valuable inventories. In the absence of these controls, the assets can easily be a prone
to theft.
Segregation of duties, in here it is very important for the entity to separate the duty of the preparer, from the
reviewer and the approver, so that there will be a check and balance.
Monitoring
A process of assessing the quality of internal control performance over time. It involves assessing the design and
operation of controls on a timely basis and taking necessary corrective actions. This is done to ensure that controls
continue to operate effectively.
Ongoing monitoring activities are built into the normal recurring activities of an entity and include regular management
and supervisory activities. Such as preparation of monthly bank reconciliation.
Separate evaluations are monitoring activities that are performed on non-routine basis, such as functions performed by
internal auditors.
What you are going to monitor here is the internal control’s effectiveness overtime, meaning the entity must
check if there is a need for improvement for some of the controls that are in place, to make sure that the internal
control is operating effectively.
Other, aspect is the ongoing monitoring activities, such as the bank reconciliation, to make sure that the cash
is being handled effectively, and also the physical inventory count.
The function of the internal auditors can also help for the separate evaluation of the internal control in place.
In small businesses, with very few office employees, it is difficult to have proper segregation of duties or maintain a
separate internal audit department. Small business’s internal control system is comparably weak than the larger entities.
These weaknesses, however, can be compensated if the owner/manager actively participates in the operation of the
business.
Consideration of the entity’s internal control systems involves the following steps:
1. Obtaining understanding of the internal control
2. Documents the understanding of accounting and internal control systems
3. Assess the level of control risk
4. Perform Test of controls
5. Documents the assessed level of control risks
Evaluating the design of a control involves considering whether the control, individually or in combination with other
controls, is capable of effectively preventing, or detecting and correcting, material misstatements. Implementation of
control means that the control exists and that the controls have been placed in operations.
An initial understanding of the design of the entity’s internal control systems is ordinary obtained by:
• Making inquiries of appropriate individuals
• Inspecting documents and records; and
• Observing of entity’s activities and operations.
After obtaining, sufficient knowledge about the design of the system, the auditor should determine whether these controls
have been implemented. This accomplished by performing a “walk through” test.
Walk through test – tracing one or two transactions through the entire accounting systems, from their initial recording at
source to their final destination as a component of an account balance in the financial statements.
Does it prevent, detect or correct material misstatement. Now, after checking the design it is important to make sure
that this designed internal control will be implemented accordingly. The idea is even if you have a good internal
control design but you are not implementing that does not serve the purpose. The next question is how are you going to
check whether that is being implemented, well simple, thru these process, inquiry, observation and inspection.
The main purpose why you auditor try to understand the internal control is because by doing this you can identify types
of potential misstatement, consider factors that may cause material misstatement and design the NET test.
Documentation is another step in internal control consideration, your understanding with the internal control should
be properly documented using the following form.
When the auditor’s knowledge of the entity’s internal control indicates that internal controls related to a particular
assertion are not effective, the auditor may simply assess control risk at a high level. Hence, no test of controls need to
be performed and the auditor will rely primarily on substantive tests.
On the other hand, if the auditor believes that controls appear to be reliable, the auditor would plan to assess control risk at
less than high level. For this purpose, the auditor should
• Identify specific internal control policies or procedures that are likely to prevent or detect and correct material
misstatement relevant to financial statement assertion and
• Perform test of controls to determine the effectiveness of such policies and procedures.
This is a simple 3rd step. Okay don’t panic. This is the assessment part if you are going to remember in the audit risk
model there is a part there that you are going to assess the control risk actually this is just a preliminary assessment of
control risk. Now, how are you going to assess the control risk, by understanding the internal control, and
documenting it. If you are done understanding the internal control you will somehow has idea how the internal
control works if that is effective or not. Then, based on your findings that is how you are going to have preliminary
assessment
I am telling that is simple because there is a rule, if the internal control is not effective then, your assessment of
control risk is high, automatic if you don’t trust the internal control you will go directly to substantive testing, in this
case the NET TEST will be extensive.
However, if you found out that the internal control is effective, your preliminary assessment of control risk is less than
high, then you are planning to rely on internal control, if you are really going to rely on the internal control you are
somehow going trusting the financial reports that the internal control is producing then what you need to do is have
the test of control this is double checking/supporting your decision in relying on internal control.
The test of controls are performed to obtain evidence about the effectiveness of the
• Design of the accounting and internal control systems; or
• Operation of the internal control through out the period.
The auditor should only test the controls if he/she is planning to rely upon the internal control.
PSA requires the auditor to obtain audit evidence through test of control to support any assessment of control risk at less
than high level. The lower the assessment of the control risk the more support the auditor should obtain that the internal
control is suitably designed and operating effectively. The greater the reliance to internal control the more extensive the
test of those controls that need to be performs.
The certain controls such as segregation of duties, documentary evidence (audit trail) many not exist. In this case, the
auditor will have to test the effectiveness of the control procedure by making inquiry of appropriate client personnel and
observing the application of the control procedures.
Obtaining an understanding of the entity’s internal control and assessing control risk are often done simultaneously.
In the first step you had an understanding of the internal control, in here you are going to test the internal
control that is why it is being called as test of control. REMEMBER that you are just going to have test of control if you
are planning to rely on the internal control if NOT, DO NOT do test of control.
What you need to do are inquire, observe, reperform and inspect these has been discussed above.
In determining whether or not to test the remaining period, the following factors must be considered.
• The result of the interim test
• The length of remaining period
• Whether changes have occurred in the accounting and internal control systems during the remaining period.
The question right now is when are you going to conduct test of control?
Answers: Usually the auditor will have that interim visit with the client, interim means shorter than a full fiscal year
let say the reporting period is every December then the interim period is any period before December, this is the time
that the test of control if being done. Additional test of control can be done if the need arises like the auditor needs
to gather more evidence regarding the possible change of the internal control. How are you going to check whether
you will have additional test? Check the result of the interim test (did you get enough information to support your
findings in your test of control?), The length of the remaining period (did you conduct the test of control on the last
part of the 3rd quarter or the 4th quarter? ) in this case, most probably you already covered the majority of the items
that you need to check and lastly if there is changes that happen in the internal control or accounting system.
How much evidence are you going to collect to assess the effectiveness of internal control? Not 100% of course but
only get a sufficient amount of evidence to support the assessed level of control risk.
Sample. If the combined assessed level of inherent risk and control risk is high, the detection risk needs to be low to
reduce audit risk to an acceptably low level, in this regard, the auditor, may consider modifying
What is the use of the test of control? The test of control will lead you to finally assess the control risk whether
high or low. If the control risk is high meaning that the internal control is weak if the internal control is weak are you
going to trust the financial statement that they presented to you? I think the answer should be no. Then for you to
get a reasonable assessment that the financial statement is fairly presented you have to get more evidences by doing
an extensive NET (Nature, Extent and Timing) of substantive test.
Now if the control risk is low then internal control is effective, therefore, the auditor will depend on the financial
statement that is being generated by the internal control, in this case, the NET test shall be reduced.
When determining the audit evidence of implementation by performing risk assessment procedures, the auditor
determines that the relevant controls exist and the entity is using them.
When performing test of the operating effectiveness of controls, the auditor obtains audit evidence that controls operate
effectively.
If the control risk is assessed at high level, the auditor should document his conclusion that control risk is at high level.
If control risk is assessed at less than high level, the auditor should document his conclusion that control risk is less than
high and the basis for that assessment. This basis is actually the result fo test of control.
Hence, the auditor cannot assess the control risk at less than high level without performing test of control.
What is being discussed above pertaining to the documentation of the assessed level of control risk is this,
whether you are going to rely on internal control or not, you still need to properly document the evaluation and result
of the control risk. This is needed so that whenever, the auditor will be questioned, the auditor can shall that there is
due diligence in the conduct of an audit and also there is a basis for any decision that he made.
AS the result of the consideration of the auditor of the accounting and internal control systems, the auditor may become
aware of weaknesses in the system. In this regard, the auditor is required to report to the appropriate level of management
material weaknesses in the design or operation of the accounting and internal control systems, which have come to the
auditor’s attention.
This communication must be in writing and must be done as earliest opportunity so that appropriate corrective action may
be taken as soon as possible. Oral communication could also be made provided these are adequately documented in the
audit working papers.
One thing that needs to be emphasized, the auditor is not required to search for and/or identify internal control
weaknesses. The auditor must however, communicate the internal control weaknesses to the client when they come to
their attention during the course of the audit.
During the conduct of the consideration of the internal control, an auditor’s primary responsibility is verify
whether the internal control is effective, now along the way, the auditor might notice there are some weaknesses in
the internal control design and operation. Then it is the responsibility of the auditor to communicate it with the
management as earliest time possible
Enrichment Activities
1. Why documentation of the consideration of internal control is important?
2. Since small entity cannot afford to have an internal control in his business is okay for them to not have internal
Control? Why?
Assessment
Lesson 2 - CONSIDERATION OF INTERNAL CONTROL
Name: ___________________________________________ Section: _____________ Score: __________
1. The primary responsibility for establishing and maintaining an internal control rest with
a. The external auditors c. Management and those charged with governance
b. The internal auditors d. The controller or the treasurer
2. In an audit of financial statements, an auditor’s primary consideration regarding an internal control activity is
whether the control
a. Reflects management’s philosophy and operating cycle
b. Affects management’s financial statement assertions
c. Provides adequate safeguards over access to assets
d. Enhances management’s decision-making process
3. An effective system of internal control
a. Cannot be circumvented by management
b. Can reduce the cost of an external audit
c. Can prevent collusion among employees
d. Eliminates risks and potential loss to the organization
4. Which of the following is correct about internal control?
a. Accounting and internal control systems provide management with conclusive evidence that objectives are
reached
b. One of the inherent limitations of accounting and internal control systems is the possibility that the procedures
may become inadequate due to changes in conditions, and compliance with procedures may deteriorate
c. Most internal control tend to be directed at non-routine transaction.
d. Management does not consider costs of the accounting and internal control system
5. Basic to a proper control environment are the quality and integrity of personnel who must perform the prescribed
procedures. Which is not a factor in providing for the competent personnel?
a. Segregation of duties c. Training programs
b. Hiring practices d. Performance evaluations
6. Which of the following would contribute most to the safeguarding of assets?
a. Access to computer facilities and records is limited to authorized personnel
b. Training programs are conducted to develop competence of newly hired personnel
c. Control and subsidiary accounts are reconciled on a regularly schedule basis
d. Blank stock of all purchase orders and sales invoices are prenumbered
7. Which of the following deal with ongoing or periodic assessment of the quality of internal control by
management?
a. Quality control activities c. Oversight activities
b. Monitoring activities d. Management activities
8. The policies and procedures that help ensure that management directives are carried out are referred to as the
a. Control environment c. Monitoring of controls
b. Control activities d. Information system
9. Which of the following may represent biggest challenge smaller public companies face in implementing effective
internal control?
a. a lack of expertise c. limited resources
https://accounting-simplified.com/audit/introduction/audit-assertions/
https://www.journalofaccountancy.com/issues/2017/sep/importance-of-audit-planning.html
https://whitecollaraccountant.com/audit-planning/
https://www.accountingtools.com/articles/analytical-procedures.html
https://smallbusiness.chron.com/examples-internal-controls-57039.html
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
Getting Started
This lesson is almost same with lesson 6, only this is having a computerized environment. Computerized
environment is not just using excel file in recording, but this is using software for the whole accounting system and other
transactions that is related to financial statement presentation. Some of the topics are already discussed in your
computerized accounting subject. So, what you are going to learn here is how are you going to consider auditing in a
computerized environment.
With the rapid development in technology in recent years, computer information system (CIS) have become feasible,
perhaps essential for use even in small scale business operations. Almost all entities now use computers to some extent
in their accounting systems.
The widespread use of computers has offered new opportunities for professional accountants and has also created some
challenging problems to auditors. Regardless of the extent of computerization or the methods of data processing being
used, the responsibility for the establishment and implementation of appropriate internal control systems rest with
management and those charged with governance. The auditor’s responsibility is to obtain an understanding of the entity’s
internal control system to be able to assess control risk and determine the nature, timing and extent to be performed in
substantive test.
2. Consistency of performance
CIS performs functions exactly as programmed. If the computer is programmed to perform a specific data processing the
computer system is going to do that exactly the same manner. On the other hand, an incorrect program will be so much
devastating since the computer will perform erroneous data processing.
In a CIS environment, data and computer programs may be accessed and altered by unauthorized persons leaving no
visible evidence. It is important, therefore, that appropriate controls are incorporated to the system to limit the access to
data files and programs only to authorized personnel.
4. Concentration of duties
Proper segregation of duties is an essential characteristics of a sound internal control system. However, because of the
ability of the computer to process data efficiently, there are functions that are normally segregated in manual processing
that are combined in a CIS environment.
These characteristics in a CIS environment can be considered as advantages and disadvantages at the same
time, given these characteristics the internal control must be properly implemented so that reports that will be generated
from the Computerized information system will be properly presented.
Many of the control procedures used in manual processing also apply in a CIS environment. Examples are Authorization
of transactions, Proper segregation of duties, and Independent checking. The elements of internal control are the same,
the computer just changes the methods by which these elements are implemented.
When computer processing is used in significant accounting applications, internal control procedure can be
classified into two types general and application control.
General Controls
This control relates to the overall computer information system. These controls includes.
1. Organizational controls
In a CIS environment, the plan of an organization for an entity’s computer system should include segregation
between the user and CIS department, and segregation of duties within the CIS department.
Functions within the CIS department must be properly segregated for good organizational controls. The entity’s
organizational structure should provide for definite lines of authority and responsibility within CIS department.
CIS Director
3. Access Controls
Access to computer should be limited only to operators and other authorized employees. Additionally, appropriate controls
such as the use of passwords must be adopted in order to limit access to data files and programs only to authorized
personnel.
and secured off-site. In the event of disruption, reconstruction of files is achieved by updating the most recent back up
with subsequent transaction data.. When magnetic tape are used, a common practice in file retention called Gran-father,
Father, son practice requires an entity to keep the two most recent generation of master files and transaction files in order
to permit reconstruction of master file if needed.
5. Monitoring Controls
Monitoring controls are designed to ensure that CIS controls are working effectively as planned. This includes periodic
evaluation of the adequacy and effectiveness of the overall CIS operations conducted by persons within or outside the
entity.
General Controls
This control is important to be established in a CIS environment since, even if your application control will that be
effective, but there are absence of these controls there is a possibility that there will be infiltration in the program that
can generate an erroneous or fraudulent report, then the whole CIS system will be of no value. That is why the entity
should invest in these controls firs.
Organization Control – proper segregation of duties CIS dept and user department and among CIS dept. There should
be a proper segregation of duties from CIS dept and a user department because if the user department can change the
program itself, or delete a fraudulent transaction meaning they can manipulate the program and generate a wrong report
without audit trail.
System development and documentation control – whenever a Computerized Information System is being developed,
there must be a proper documentation of the user’s manual and the program itself, so that whenever there will be
changes, the programmer can easily track it. Also, even if the programmer will resign the system will still be used and
changed since there is a documentation on how it is being made.
Access Data - this is an important control, whoever have an access to the program can change the information,
therefore, passwords are necessary and these programs are not available for all. There are some CIS that provide access
like input only, edit only, for approval etc. Limited access is a better control.
Data Recovery Control – I know that you had experienced losing a file and it is a devastating experience. This is also
true in an entity, and since in CIS environment you can easily lose file because of a virus, file being corrupted or it is
intentionally stolen or deleted. Then this control is very important, to recover a file, having a back up file is very
important for you not to lose everything.
Monitoring Control – periodical monitoring of the effectiveness of the CIS is an important general controls as well.
Application Controls
Application controls are those policies and procedures that relate to specific use of the system.
Field check
This ensures that the input data agree with the required field format. For example, all SSS number must
contain ten digits. When an employee inputs more or less than 10 digits will be rejected by the computer.
Validity check
Information entered are compared with valid information in the master file to determine the authenticity
of the input. Coding for male 1 and for female as 2. Any code other than 1 and 2 will not be accepted by the
computer.
Limit check
Limit check or reasonable check is designed to ensure that data submitted for processing do not exceed a
pre determined limit or a reasonable amount.
Control totals
These are totals computed based on the data submitted for processing. Control totals ensure the
completeness of data before and after they are processed. This includes Financial total, Hash total and Record
total.
Voucher No. 141
P20,000
Financial total = 40,000 (15k+20k+5k) Voucher No. 143
Hast total = 426 (141+142+143)
Record count = 3 P5,000
The effectiveness of the general CIS controls is essential to the effectiveness of CIS application controls. Thus it ma be
more efficient to review the design of the general controls first before reviewing the application controls.
There are three words that you just need to remember here, the input, process and output. For the input the above list
are being enumerated to discuss how the control of input is being implemented, and for the process, that processing will
happen inside a computer program in this case, the programmer should make sure that the demand of the users shall be
generated by the system, and for the output have to make sure that the result of the processing is complete, accurate and
given only to the authorized personnel.
Testing the reliability of the general controls may include observing client’s personnel in performing their duties,
inspecting program documentation, and observing the security measures in force. In testing application controls the
auditor may either:
1. Audit around the computer, or
2. Use Computer assisted Audit techniques.
Auditing around the computer can be used only if there are visible input documents and detailed output that will enable the
auditor to trace individual transactions back and forth. Also known as black box approach.
Test data – the auditor prepares fictitious transactions with valid and invalid transactions that will be entered into the
client’s computer program. Since, the auditor creates the data the auditor will know what is the right output.
Integrated test facility - a disadvantage of the test data technique is that the auditor does not have an assurance that the
program tested is the same program used by the client throughout the accounting period. IN order to overcome this
disadvantage, the test data technique can be extended to an integrated test facility (ITF)
In here, the auditor creates dummy or fictitious employee or other appropriate unit for testing within the entity’s computer
system. In ITF, it integrates the processing of test data with the actual processing of ordinary transactions without
management being aware of the testing. After this, the dummy transaction must be reversed.
3. Parallel simulation
In here, the auditor is required to write a program that simulates key features or processes of the program under
review. The simulated program is then used to reprocess transactions that were previously processed by the client’s
program.
This can be accomplished by using generalized audit software or purpose written programs. Generalized audit software
consists of generally available computer packages which have been designed to perform common audit tasks such as
performing or verifying calculations, summarizing and totaling files, and reporting in a format specified by auditor.
Like what is being discussed earlier in this lesson the internal control in CIS environment and the normal
accounting system is somewhat the same in terms of consideration of internal control if you are planning to rely on the
CIS of the entity, then you have to perform test of control. In this case the test of controls can be divided into two the
black box approach and the white box approach. The black box approach can be done when there is an input document
and output document that can be tested, this is also known as Auditing around the computer.
Enrichment Activities
1. Explain what is general control and Application control?
2. How are you going to conduct test of control in a CIS environment?
Assessment
Lesson 3-AUDITING IN A COMPUTERIZED ENVIRONMENT
Name: ___________________________________________ Section: _____________ Score: __________
11. Which of the following procedures is an example of auditing “around” the computer?
a. The auditor traces adding machine tapes of sales order batch totals to a computer printout of the sales journal
b. The auditor develops a set of hypothetical sales transactions and, using the client’s computer program, enters
the transactions into the system and observes the processing flow.
c. The auditor enters hypothetical transaction into the client’s processing system during client processing of live”
data.
d. The auditor observes client personnel as they process the biweekly payroll. The auditor is primarily concerned
with computer rejection of data that fails to meet reasonableness limits.
12. Which of the following best describes the test data approach?
a. auditors process their own test data using the client’s computer system and application program
b. auditors process their own test data using their own computers that simulate the client’s computer system
c. auditors use auditor-controlled software to do the same operations that the client’s software does, using the
same data files.
d. auditors use client-controlled software to do the same operations that the client’s software does, using auditor
created data files.
13. In auditing through a computer, the test data method is used by auditors to test the
a. Accuracy of input data
b. Validity of the output
c. Procedures contained within the program
d. Normalcy of distribution of test data
14. Which of the following methods of testing application controls utilizes a generalized audit software package
prepared by the auditors?
a. Parallel simulation
b. Integrated testing facility approach
c. Test data approach
d. Exception report tests
15. An integrated test facility (ITF) would be appropriate when the auditor needs to
a. Trace a complex logic path through an application systems
b. Verify processing accuracy concurrently with processing
c. Monitor transactions in an application system continuously
d. Verify load module integrity for production programs
16. Compliance testing of an advanced CIS
a. Can be performed using only actual transactions since testing of simulated transaction if of no consequences
b. Can be performed using actual transactions or simulated transactions
c. Is impractical since many procedures within the CIS activity leave no visible evidence of having been
performed
d. Is inadvisable because it may distort the evidence in master files
17. Total of amounts in computer-record data fields, which are NOT usually added but are used only for data
processing control purposes are called
a. Records totals c. Processing data totals
b. Hash totals d. Grand totals
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
Lesson Objectives:
• Recite the meaning of the terms related to performance of the substantive tests
• Define and distinguish analytical procedures, test of details, audit evidence, working papers, related parties, the
work of the auditor’s experts, work of internal auditors and accounting estimates
• Provide examples of audit evidence, working papers, related parties, works of auditor’s experts and accounting
estimates and discuss how they should be treated by the auditor during substantive testing
A CPA’s advantage in the market for audit services is a grasp of the ways of evaluating evidence. The purpose of evaluating
evidence is not to confirm management’s assertion but to afford a reasonable basis to conclude objectively whether the
management’s assertions are corroborate with the audit evidence. This lesson begins by introduction how practitioners
acquire evidence is the common thread across all audit engagements. This lesson relates financial statement assertions to
audit objectives to audit procedures, and introduces the use of audit procedures as tests of controls, substantive tests of
details, and analytical procedures.
Based on audit objectives, the auditor should plan and perform audit procedures. Audit procedures are the means for
obtaining sufficient appropriate audit evidence to satisfy financial statement assertions and to support audit opinion on the
fairness of the financial statements. They are the detailed instructions for the collection of a particular type of evidence that
is to be obtained during the audit. Since audit procedures are performed to verify management assertions, they would differ
depending on the particular assertion or account audited.
SUBSTANTIVE TESTING
Substantive procedures – audit procedures designed to detect material misstatements at the assertion level
Other best descriptions: Substantive procedures may also be described as audit procedures that are designed to:
• Detect material peso/monetary errors or fraud
• Substantiate the validity of management's assertions regarding the financial statements. Thus,
substantive procedures are sometimes called validation procedures because they provide evidence
about the existence of misstatement.
• Gather evidence in respect to all material classes of transactions, account balances, and disclosures.
• Be performed in response to the assessment of the risks of material misstatement at the assertion level,
which includes the results of tests of controls, if any. In other words, substantive procedures are
performed in response to the planned level of detection risk.
1. Nature: relates the quality of audit evidence (performing more effective or less effective
audit procedures)
2. Timing: also relates to the quality of evidence (performing the audit procedures at year-
end or at interim date)
3. Extent: relates to the quantity of audit evidence (using larger sample size or smaller
sample size)
Whether or not to use substantive analytical procedures or to perform tests of details of transactions and balances, the auditor
usually consider the relative effectiveness and efficiency of the tests.
1. Tests of details – examining or obtaining audit evidence on the actual details of account balance, class of
transactions, and disclosure
• The objective of tests of details is to substantiate or identify misstatements in the recorded amounts.
a) Test of details of transactions – testing of transactions which give rise to the ending balance of a given
account; these involve examining authorization, recording and posting of transactions (such as
examining receipts or disbursements of Cash account)
• Applicability of test of details of transactions: It is used when the account being substantiated
has relatively few or smaller volume of transactions of relatively material amounts occurring during
the year (for example, PPE, intangibles, bonds payable and stockholders’ equity accounts)
• Test of transactions are often performed several months prior to the balance sheet date.
• Tests of details of transactions primarily involve tracing and vouching.
2. Substantive analytical procedures – these are analytical procedures performed during testing phase to substantiate
predictable relationships among both financial and non-financial data
The following procedures, individually or in combinations, may be used as risk assessment procedures, test of controls,
or substantive procedures, depending on the context in which they are applied by the auditor:
a. Inquiry – consists of seeking information of knowledgeable persons, both financial and non-financial, within the
entity or outside the entity.
• Inquiry is used extensively throughout the audit in addition to other audit procedures.
• Inquiries may be formal written inquiries or informal oral inquiries.
• Evaluating responses to inquiries is an integral part of the inquiry process.
• Evidence obtained from inquiry can be gathered with every type of audit test.
In respect of some matters, the auditor may consider it necessary to obtain written representation
from management and, where appropriate, those charged with governance to confirm responses to
oral inquiries.
b. Confirmation – represents audit evidence obtained by the auditor as a direct written response to the auditor from a
third party (the confirming party) in paper form, or by electronic or other medium
• Confirmation is a specific type of inquiry that involves the process of obtaining a representation
of information or of an existing condition about account balances and transactions or events
directly from independent third parties.
• Confirmations are controlled by the auditor because the auditor:
c. Selects the parties to be contacted
d. Prepares and mails the confirmation requests, and
As you can see, a test of details is just what it says it is. You are digging into the details of transactions. While analytical
procedure compare or examines the relationship of financial data (ratios, FS accounts) or financial & non-financial data.
The auditor shall design and perform audit procedures that are appropriate in the circumstances for the purpose of
obtaining reasonable assurance or sufficient appropriate audit evidence to reduce audit risk at acceptably low level thereby
enable the auditor to draw reasonable conclusions on which to base the auditor’s opinion.
Most of the auditor's work in forming the auditor's opinion consists of obtaining and evaluating audit evidence. The
auditor shall conclude whether sufficient appropriate audit evidence has been obtained based on his professional
judgment.
1. Accounting records (Underlying data) – accounting records/data prepared by the client’s personnel and from
which financial statements are prepared
a. Records of initial accounting entries
b. Supporting records, such as checks and records of electronic fund transfers, invoices and contracts
c. General and subsidiary ledgers
d. Journal entries and other adjustments to the financial statements that are not reflected in formal journal entries
e. Records such as worksheets and spreadsheets supporting cost allocations, computations, reconciliation and
disclosures
2. Corroborating evidence – corroborating information that are used by the auditor to verify the fairness of the
accounting records
a. Documents (such as checks, bank statements, contracts and minutes of meetings)
b. Information/evidence from other sources such as:
• Previous audits
• Quality control procedures for client acceptance and continuance
• Confirmations from third parties
• Industry analysts’ reports
The auditor shall design and perform audit procedures that are appropriate in the circumstances for the purpose of
obtaining sufficient appropriate audit evidence.
1. Sufficiency – the measure of the quantity or amount of audit evidence that the auditor shall accumulate
2. Appropriateness – measures the quality of audit evidence, that is, its relevance and its reliability in providing
support for the conclusions on which the auditor's opinion is based
a. Relevance – deals with the logical connection with, or bearing upon, the purpose of audit procedures and the
assertion under consideration
• Audit evidence is considered relevant if it pertains to the assertions being evaluated or to the
specific audit objective being tested. For example:
➢ Obtaining audit evidence relating to the physical existence of inventory is not relevant
in obtaining audit evidence relating to the valuation of inventory.
➢ Accounts receivable confirmations are relevant to the existence of receivables, but not
to their valuation (i.e., a customer can confirm that a receivable exists, but this does not
necessarily imply that the customer has the intent or the ability to pay).
• The relevance of information to be used as audit evidence may be affected by the direction
of testing.
• A given set of audit procedures may provide audit evidence that is relevant to certain
assertions, but not to others.
• Obtaining audit evidence regarding a particular assertion, for example, the existence of
inventory, is not a substitute for obtaining audit evidence regarding another assertion.
• Audit evidence from different sources or of a different nature may often be relevant to the
same assertion.
Generalizations about reliability are subject to important exceptions, for example, even when
the information to be used as audit evidence is obtained from sources external to the entity,
circumstances may exist that could affect its reliability (such as if the source is not
knowledgeable or a management’s expert may lack objectivity).
More assurance is ordinarily obtained from consistent audit evidence obtained from different
sources or of a different nature than from items of audit evidence considered individually.
4. Internally generated evidence circulated externally (such as sales invoices from sale to customers and paid
checks and cost allocations)
5. Internally generated evidence not circulated externally (such as purchase requisitions, customer’s order and
cost allocations)
6. Oral evidence
Persuasive Evidence:
Audit evidence is persuasive if it is sufficient both in quantity and quality to support audit opinion. Thus, sufficiency
and appropriateness of audit evidence are the determinants of persuasiveness of audit evidence. The auditor may need to
rely on audit evidence that is persuasive rather than conclusive. However, to obtain reasonable assurance, the auditor must
not be satisfied with audit evidence that is less than persuasive.
Cost-benefit considerations:
The auditor should consider the relationship between the cost of obtaining audit evidence and the usefulness of the
information obtained.
The valid bases for omitting an audit test/procedure for which there is no alternative are:
a. Relative risk (or inherent risk) involved
b. Relationship between the cost of obtaining audit evidence and the usefulness of the information obtained
c. Degree of reliance on the relevant internal controls (or Assessment of control risk at a low level)
Difficulty and expense involved in testing a particular item is not a valid basis for an auditor of deciding
to omit an audit procedure.
The auditor should prepare, on a timely basis, audit documentation that provides:
a. A sufficient and appropriate record of the basis for the auditor’s report; and
b. Evidence that the audit was performed in accordance with PSAs and applicable legal and regulatory requirements.
Audit documentation:
• It refers to the documentation of audit evidences collected and evaluated by the auditor to support the audit opinion.
• The records kept by the auditor that documents:
a. The procedures applied
b. The tests performed
c. The information or evidenced obtained, and
d. The conclusions the auditor reached in the engagement
• Also called “working papers” or “workpapers” or audit file
File documentation plays a critical role in the planning and performance of the audit. During an audit engagement, data
are compiled and included in the audit working papers. It provides the record that work was in fact performed and it forms
the basis for the auditor’s report. It will also be used for quality control reviews, monitoring of adherence to the accounting
firm’s standards, and possibly inspections by third parties.
To comply with the quality control standards, firms should have policies and procedures that specifically
address engagement documentation. These documentation policies should be documented and
communicated to all staff.
2. Current audit file – contains evidence gathered and conclusions reached relevant to the audit of a particular
year. It is designed to support management assertions. Includes all papers accumulated during the current
year’s audit:
• Copy of the financial statements
• Audit plan and audit programs
• Working (top) trial balance – listing of unadjusted ending balances of accounts (contains columns for
adjusting and reclassifying entries)
• Adjusting and reclassifying entries – adjustments are made to correct material errors while
reclassifications are made to properly present information in the financial statements
• Lead or top schedule (assembly sheet) – shows the major components of an amount reported in the
financial statements; this working paper show the grouping of related accounts; it eliminates
voluminous details from the auditor’s working trial balance by classifying and summarizing similar or
related items
• Supporting schedules – schedules that support specific amounts on the financial statements; usually the
largest portion of the audit file
• Audit memoranda – includes documentation on discussions of certain items such as internal control,
inventory observation, errors identified, and problems encountered
• Account analysis – shows the activity during the period in a particular short-term account
• Correspondence with other parties such as lawyers, customers, banks, and management
• Audit notes – used to record items of work to be done and questions concerning the audit investigation
• Abstract or copies of minutes of board of directors’ meeting
review by providing a trail useful to the auditor and supervisors in reviewing the working papers. (For example,
reported findings should be adequately cross-referenced to supporting documentation.)
Audit working papers should have an indexing system that shows the relationship between findings,
conclusions, and the related facts. The main advantage of properly indexed working papers is to better organize the
working papers.
5. Tick marks – symbols that describe the audit procedures performed. Tick marks are explained in working papers.
Management is responsible in identifying and ensuring sufficiency of related party disclosures on the FSs. The auditor
shall obtain evidence about the sufficiency and appropriateness of related party disclosures.
The auditor shall inquire of management regarding:
• The identity of the entity’s related parties, including changes from the prior period
• The nature of the relationships between the entity and these related parties; and
• Whether the entity entered into any transactions with these related parties during the period and, if so, the type
and purpose of the transactions.
During the audit, the auditor shall remain alert, when inspecting records or documents, for arrangements or related party
relationships or transactions that management has not previously identified or disclosed to the auditor.
In particular, the auditor shall inspect the following for indications of the existence of related party relationships or
transactions that management has not previously identified or disclosed to the auditor:
An expert (or a specialist) refers to a person or firm possessing special skill, knowledge, and experience in a particular field
other than accounting or auditing. An expert may be engaged by the entity or by the auditor, employed by the entity or by
the auditor, employed by the entity or by the auditor. Under PSAs, they are classified into the following categories.
a. Auditor’s expert – An individual or organization possessing expertise in a field other than accounting or auditing, whose
work in that field is used by the auditor to assist the auditor in obtaining sufficient appropriate audit evidence. An auditor’s
expert may be either an auditor’s internal expert (who is a partner or staff, including temporary staff, of the auditor’s firm
or a network firm), or an auditor’s external expert.
b. Management’s expert - is an individual or organization possessing expertise in a field other than accounting or auditing,
whose work in that field is used by the entity to assist the entity in preparing the financial statements.
When information to be used as audit evidence has been prepared using the work of a management’s expert, the auditor
shall, to the extent necessary, having regard to the significance of that expert’s work for the auditor’s purposes:
3. Evaluate the appropriateness of that expert’s work as audit evidence for relevant assertion
The auditor shall consider:
a. The relevance and reasonableness of that expert’s findings or conclusions, their consistency with other audit
evidence, and whether they have been appropriately reflected in the financial statements;
b. If the expert’s work involves use of significant assumptions and methods, the relevance and reasonableness of
those assumptions and methods; and
c. If that expert’s work involves significant use of source data the relevance, completeness, and accuracy of that
source data
Internal auditors – Those individuals who perform the activities of the internal audit function. Internal auditors may
belong to an internal audit department or equivalent function.
Determining Whether and to What Extent to Use the Work of the Internal Auditors
The external auditor shall determine:
(a) Whether the work of the internal auditors is likely to be adequate for purposes of the audit; and
(b) If so, the planned effect of the work of the internal auditors on the nature, timing or extent of the external auditor’s
procedures.
In determining whether the work of the internal auditors is likely to be adequate for purposes of the audit, the external
auditor shall evaluate:
Management is responsible for making accounting estimates that are reasonable when preparing and presenting financial
statements.
The objective of the auditor is to obtain sufficient appropriate audit evidence about whether:
(a) accounting estimates, including fair value accounting estimates, in the financial statements, whether recognized or
disclosed, are reasonable; and
(b) Related disclosures in the financial statements are adequate, in the context of the applicable financial reporting
framework.
Obtaining sufficient appropriate evidence is particularly difficult when auditing client accounting estimates (e.g.
Allowance for doubtful accounts, loss reserves, pension expenses). When evaluating reasonableness, the auditor
concentrates on assumptions or factors
The three basic approaches for evaluating the reasonableness of these estimates are:
1. To review and test management’s process of deriving the estimate (consider the reasonableness and accuracy of
management’s approach)
2. Develop one’s own expectation of the accounting estimate and compare it to management’s and
3. Review subsequent events or transactions occurring prior to the completion of fieldwork which bear on the estimate
Assessment
Lesson 4 SUBSTANTIVE TESTING (EVIDENCE GATHERING)
Name: ___________________________________________ Section: ____________ Score: __________
To test your ability in designing substantive procedures, listed below are the management’s assertions – kindly fill-in the
blanks with audit procedures necessary to gather sufficient appropriate audit evidence as a basis in expressing audit opinion
on the financial statements of the company.
Existence
Existence
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
VI. Module Outcomes At the end of this course, the students shall be able to
• Skillfully apply learned knowledge, theories, concepts and
principles required by their course in performing their profession
• Fulfil their professional obligations as required by the standards of
the industry or their profession
• Manifest excellence in their respective fields through licensure
examinations, job acquisition, and practice of profession.
• Manifest moral uprightness by observing proper decorum and
conduct at all times and displaying the qualities of a person with
high professional and ethical standards.
• Manifest understanding on standards and carefully following each
standard in order to maintain high quality of the service
Getting Started:
There is neither sufficient time nor, given the laws of probability, sufficient reason to test all of the transactions underlying
an entity’s account balances or classes of transactions. As a result, many if not most of the conclusions auditors reach about
controls, balances, and classes of transactions are based on testing samples rather than entire populations. This topic
introduces audit sampling (PSA 530 redrafted) auditors use to test internal controls and account balances. This topic includes
the discussion on the nature of audit sampling, risk and explaining the difference between statistical and non-statistical
sampling. Thereafter, it also introduces frequently used audit sampling techniques by auditors.
Whether audit sampling is a required: Audit sampling is not required part of any audit procedure because when designing
audit procedures, the auditor should determine appropriate means of selecting items for testing as follows:
• Items to obtain information. The auditor may examine items to obtain information about
matters such as the client’s business, the nature of transactions, accounting and internal control
systems.
• Items to test procedures. The auditor may use judgment to select and examine specific items to
determine whether or not a particular procedure is being performed.
c. Audit sampling: Sampling is essential throughout audits as auditors attempt to gather sufficient appropriate
evidence in a cost efficient manner.
Sampling risk:
• The possibility that the auditor’s conclusion, based on a sample may be different from the conclusion reached if the
entire population were subjected to the same audit procedure.
• The risk that the sample is not representative of the population and that the auditor's conclusion will be different
from the conclusion had the auditor examined 100% of the population.
• The possibility that even though a sample is properly chosen, it may not be representative of the population.
1. Risk that affects audit effectiveness and may lead to an inappropriate audit opinion (“Beta risk” or “Type
II error”) – the risk the auditor will conclude that:
a. In the case of a test of control, that control risk is lower than it actually is, or
b. In the case of a substantive test, that a material error does not exist when in fact it does
2. Risk affects audit efficiency as it would usually lead to additional work to establish that initial conclusions
were incorrect (“Alpha risk” or “Type I error”) – the risk the auditor will conclude that:
a. In the case of a test of control, that control risk is higher than it actually is, or
b. In the case of a substantive test, that a material error exists when in fact it does not
The auditor can eliminate sampling risks by examining the entire population. However, examining the entire population is
normally not possible for the auditor. Instead, the auditor usually manages or controls sampling risk by making the sample
more representative of the population by:
Non-sampling risk: all aspects of audit risk that are not due to sampling. Non-sampling risk is the possibility that auditors
will arrive at an erroneous conclusion not because of the chosen sample but due to other factors.
• Non-sampling risk is always present and cannot be measured.
• Non-sampling risk can be controlled by adequate planning and supervision of audit work and proper adherence
to quality control standards.
• Examples of non-sampling risk:
➢ The auditor might use/select inappropriate procedures (audit procedures that are not appropriate to achieve
a specific objective)
➢ The auditor might misinterpret evidence or the results of audit tests
➢ and fail to recognize an error (for example, failure by the auditor to recognize misstatements in documents
examined)
Non-sampling risks cannot be totally eliminated in audit. There is always a chance of human error in audit as the auditor’s
judgement may not always be correct. However, the auditor can manage non-sampling risks through:
• Proper planning
• Adequate direction and supervision of the audit team and timely review of their work
In statistical sampling, auditors specify the sampling risk they are willing to accept and then calculate the sample
size that provides that degree of reliability. Results are evaluated quantitatively. Statistical sampling measures
quantitatively the risk from testing only part of an audit population.
a. Advantages of statistical sampling: Conclusions may be drawn in more precise ways when
using statistical sampling because it enables the auditor to:
a. Measure the sufficiency of the audit evidence obtained.
b. Provide an objective basis for quantitatively evaluating sample results.
c. Design an efficient sample.
d. Quantify sampling risk so as to limit/control risk to an acceptable level.
b. Random sample selection: Random sample selection methods should be used in statistical
sampling. Such methods give all items in the population an equal chance to be included in the
sample to be audited.
2. Non-statistical sampling – the sample size is not determined mathematically. Auditors use their judgment in
determining sample size, and sample results are evaluated judgmentally. Conclusions may be drawn in more
precise ways when using statistical sampling methods.
• It is acceptable for auditors to use either or combination of statistical and non-statistical sampling.
• Both sampling approaches involve judgment in planning, executing the sampling plan, and evaluating
the results of the sample.
• Both sampling approaches can provide sufficient competent evidence.
• Sampling methods are used by auditors in both control testing and substantive testing.
• Basic distinction between statistical sampling and non-statistical sampling: Statistical sampling is a
mathematical approach to inference, whereas non-statistical sampling is a more subjective approach.
When designing and performing audit sampling, the auditor normally observes the following 10 steps.
The steps above are the same regardless of, the sampling approach selected whether statistical or non-statistical, the type of
audit sampling technique utilized and whether the test is the performance of test of controls or test of details.
When designing an audit sample, the auditor shall consider the purpose (objective) of the audit procedure based on the
assessment of ROMM at the assertion level. The auditor’s consideration includes the specific purpose (test of controls or
test of details) to be achieved and the combination of audit procedures that is likely to best achieve that purpose.
The auditor considers what conditions constitute a deviation or misstatement by reference to the objectives of the tests.
For example, suppose that a control requires support for every disbursement to include an invoice, a voucher, a receiving
report, and a purchase order; all stamped “Paid”. The auditor believes that the existence of an invoice and a receiving report,
both stamped “Paid”, is necessary to indicate adequate performance of control. Therefore a deviation may be defined as “ a
disbursement not supported by an invoice and a receiving report that has been stamped “Paid”.
For example, in a test of details relating to the existence of accounts receivable, such as confirmation, payments made by
the customer before the confirmation date but received shortly after that date by the client, are not considered misstatement.
Population means the entire set of data from which a sample is selected and about which the auditor wishes to draw
conclusions. For example, all of the items in an account balance or class of transactions constitute a population. The auditor
needs to identify the relevant population and consider its characteristics from which the sample will be drawn. Considering
the characteristics of the population would include:
• Preliminary assessment of expected rate of deviation or misstatement and the auditor’s tolerable rate of deviation
or misstatement
• Determining whether stratification or value-weighted selection is appropriate
• Ascertaining the completion of population
In addition, it is important that the population is appropriate to satisfy the established objective of the audit procedures by
considering the direction of the test.
Assessment of Expected Rate of Deviation or Misstatement and Tolerable Rate of Deviation or Misstatement
Tolerable deviation rate or misstatement is the rate of deviation or monetary amount the auditor is willing to accept on the
population.
For Test of Controls, the auditor makes a preliminary assessment of the expected rate of deviation based on the auditor’s
understanding of the relevant controls or on the examination of a small number of items from the population (pilot testing).
This assessment is made in order to design an audit sample and determine the sample size. For example, if the expected rate
of deviation is unacceptably high than the auditor’s tolerable rate of deviation, the auditor will normally decide not to
perform tests of controls. Similarly, for test of details, the auditor makes an assessment of the expected misstatement in the
population. If the expected misstatement is high, 100% examination or use of a large sample size may be appropriate when
performing tests of details. This is normally the case when the auditor’s expected misstatement is approximately or higher
than tolerable misstatement.
Stratification
Audit efficiency may be improved if the auditor stratifies a population by dividing into discrete sub-populations which have
an identifying characteristic. Stratification reduces the variability of items within each stratum and allows sample size to be
reduced without increasing sampling risk. For example, 20% of the items in a population may make up 90% of the value of
an account balance. The results of audit procedures applied to a sample of items within a stratum can only be projected to
the items that make up that stratum.
Value-weighted selection
When performing tests of details, it may be efficient to identify the sampling unit as the individual monetary units that make
up the population. This is discussed further below under ‘Monetary Unit Sampling’.
The population used to make a sample selection needs to contain all sampling units that are to be subjected to sampling
procedures. The totality of the population may be verified by:
• Footing the population items and comparing the total obtained to that of the population
• Accounting for numerical sequence of prenumbered documents or records
If the auditor wishes to test the operating effectiveness of a prescribed control designed to ensure that all shipments are
billed, the auditor would not detect deviations by sampling billed items because that population would not be expected to
contain items that were shipped but not billed. An appropriate population for detecting such deviation is usually the
population of all shipped items.
When understanding the risks of material misstatement, the direction in which the population may be misstated may need
to be considered. When testing for overstatement, items to be examined are selected directly from the population of audit
interest. While, when testing for understatement, items to be examined are selected from a reciprocal or independent
population.
Populations on which we may perform audit sampling to test for understatement and examples of appropriate reciprocal
populations may include:
Sampling unit is the individual items constituting a population. The sampling unit might be physical items (for example,
checks listed on deposit slips, credit entries on bank statements, sales invoices or debtors’ balances) or monetary units. The
total population of the sampling units could be manually prepared documents or lists, documents generated from computer
systems, or an electronic file provided by the entity.
The decision whether to use a statistical or non-statistical sampling approach is a matter for the auditor’s judgment; in
making that judgment the auditor consider the following:
• Effectiveness
• Need for quantitative estimate of sampling risk
However, sample size is not a valid criterion to distinguish between statistical and non-statistical approaches and the choice
between the two approaches is independent of audit procedures to be performed.
Attribute sampling is a statistical sampling method used to estimate the rate (%) of occurrence (exception) of
a specific characteristic or attribute. Samples taken to test the operating effectiveness of controls are intended to
provide a basis for the auditor to conclude whether the controls are being applied as prescribed. Attribute sampling
generally deals with yes/no questions. For example, "Are time cards properly authorized (i.e., to assure recorded
hours were worked)?", or "Are invoices properly voided (e.g., stamped "paid") to prevent duplicate payments?"
a. Discovery sampling – a special type of attribute sampling appropriate when the auditor believes the population
deviation rate is zero or near zero. It is used when the auditor is looking for a very critical characteristic or
deviations (e.g., fraud). The auditor predetermines the desired reliability (confidence) level (e.g., 95%) and the
maximum acceptable tolerable rate (e.g., 1%), and a table is then used to determine sample size. If no deviations
are found in the sample, the auditor can be 95% certain that the rate of deviation in the population does not
exceed 1%. If deviations are found, a regular attribute sampling table may be used to estimate the deviation rate
in the population, and audit procedures may need to be expanded.
b. Stop-or-go sampling (sequential sampling) – is designed to avoid oversampling for attributes by allowing the
auditor to stop an audit test before completing all steps. It is used when few errors are expected in the population.
Sequential sampling separates the sampling process into several states. After a step, the auditor determines if
it is warranted to accept or increase the preliminary level of control risk.
a. Probability-proportional-to-size (PPS) sampling – sampling technique where the sampling unit is defined as
an individual peso in a population. Once a peso is selected, the entire account (containing that peso) is audited.
• It is a sampling plan that automatically stratifies the population.
b. Classical variables sampling – a statistical sampling method used to estimate the numerical measurement of
a population, such as a peso value (e.g., accounts receivable balance). This sampling method is used primarily
in substantive testing. The objective of variables sampling is to obtain evidence about the reasonableness of
monetary amounts. The auditor estimates the true value of the population by computing a point estimate of the
population and computing a precision interval around this point estimate. Classical variables sampling measures
sampling risk by using the variation of the underlying characteristic of interest.
1. Mean-per-unit estimation – a sampling plan that uses the average value of the items in the sample to
estimate the true population value (i.e., estimate = average sample value x number of items in
population). MPU does not require the book value of the population to estimate true population value.
2. Ratio estimation – a sampling plan that uses the ratio of the audited (correct) values of items to their
book values to project the true population value. Ratio estimation is a highly efficient technique when
the calculated audit amounts are approximately proportional to the client's book amounts.
3. Difference estimation – a sampling plan that uses the average difference between the audited (correct)
values of items and their book values to project the actual population value. Difference estimation is
used instead of ratio estimation when the differences are not nearly proportional to book values.
Types of sampling:
Audit sampling is used for both tests of controls (attributes sampling) and for tests of details of transactions and balances
(usually, variables sampling). In both attributes sampling and variables sampling, the plans may be either nonstatistical or
statistical.
1. Attribute sampling – estimates the quality characteristic of a population; it estimates the rate of deviation for
internal controls that the auditor decides to rely upon
Applicability of attribute sampling: primarily used for test of controls because attribute sampling deals with
estimating deviation from internal control procedures
The auditor shall determine a sample size sufficient to reduce sampling risk to an acceptably low level. The sample size
can be determine by the application of statistically-based formula or through exercise of professional judgment (non-
statistical)
The table below lists the factors affecting sample size for test of controls and test of details
Factor Relationship
Tolerable deviation rate Inverse
Allowable risk of assessing control risk too low/Sampling risk (beta risk) Inverse
Expected population deviation rate Direct
Factor Relationship
Assessment of the ROMM/level of control risk Direct
Other substantive tests Inverse
Tolerable misstatement Inverse
Allowable risk of incorrect acceptance/Sampling risk (beta risk) Inverse
Expected amount of misstatement Direct
Effect of Stratification Inverse
Population size Negligible effect
The principal methods of selecting samples are the use of random selection, systematic selection and haphazard selection.
Sample selection methods are classified into probabilistic (statistical) and non-probabilistic (non-statistical)
• Random-number sampling – use of a computerized random number generator or random number tables.
• Systematic selection – the number of sampling units in the population is divided by the sample size to give a
sampling interval regardless of the amount involved (for example 50, and having determined a starting point within
the first 50, each 50th sampling unit thereafter is selected).
• Stratified selection - grouping of items of similar size and each group is treated as a separate population. For
example, assume 1,000 items are stratified into two groups: the 100 largest items will all be examined individually,
but sampling techniques will be applied to the remaining 900 items. In this case, the population size for the sampling
application would be 900, not 1,000. Stratification is used when there is a wide range (variability) in the monetary
size of items in the population.
• Haphazard selection – the auditor selects the sample without following a structured technique, but the method is
intended to avoid or predictability (for example avoiding difficult to locate items, or always choosing or avoiding
the first or last entries on a page) and thus attempt to ensure that all items in the population have a chance of
selection. Haphazard selection is not appropriate when using statistical sampling.
• Direct sample selection – auditor selects items based on judgmental criteria such as likelihood of misstatement,
characteristics such as different time periods, or large amounts.
• Block selection – involves selecting a block(s) of contiguous items from within the population. Block selection
cannot ordinarily be used in audit sampling because most populations are structured such that items in a sequence
can be expected to have similar characteristics to each other, but different characteristics from items elsewhere in
the population.
The auditor shall perform audit procedures, appropriate to the purpose, on each item selected, and evaluate the audit
evidence obtained.
Voided Sample
The auditor shall perform the procedure on a replacement item. If the auditor is satisfied that the sample has been properly
voided such that it does not constitute a deviation, and the chosen replacement is examined.
Missing or Lost Sample
If the auditor is unable to apply the designed audit procedures, or suitable alternative procedures, to a selected item, the
auditor shall treat that item as a deviation from the prescribed control, in the case of tests of controls, or a misstatement, in
the case of test of details.
Stopping the test before completion
Occasionally the auditor might find a large number of deviations in auditing the first part of a sample. As a result, the
auditor might believe that even if no additional errors were to be discovered in the remainder of the sample, the results of
the sample would not support the planned level of control risk.
STEP 9: Evaluate the tests results
The auditor uses judgment in evaluating the results and reaching an overall conclusion. In evaluating the sample results,
the auditor:
Audit sampling (sampling) involves the application of audit procedures to less than 100% of items within a class of
transactions or account balance such that all sampling units have a chance of selection. When designing tests of controls
and test of details, the auditor shall determine means of selecting items for testing that are effective in meeting the purpose
of the audit procedure.
Enrichment Activity:
1. Describe the relationship between sampling risk and sample size
2. Which one is of greater concern to the auditor: risk affecting audit effectiveness or risk affecting audit efficiency? Explain
briefly.
Assessment
Lesson 1: AUDIT SAMPLING
Name: ___________________________________________ Section: _____________ Score: __________
a. Sampling risk
b. Confidence levels
c. Statistical sampling
d. Tolerate rate and the expected rate of deviation
9. The risk that the auditor does not recognize misstatement or deviations included in the sample for what they are
a. Sampling risk
b. Confidence levels
c. Statistical sampling
d. Nonsampling risk
10. Which of the following is not an element of nonsampling risk?
a. The auditor uses inappropriate procedures in auditing accounts receivable
b. The use of unreasonable small sample size
c. Misinterpretations of audit evidence
d. Auditor fails to recognize the error in the sample
11. Which of the following best illustrates the concept of sampling risk?
a. A randomly chosen sample may not be representative of the population as a whole on the
characterized of interest.
b. An auditor may select audit procedure that are nor appropriate to achieve the specific objective.
c. An auditor may fail to recognize errors in the documents examined for the chosen sample.
d. The documents related to the chosen sample may not be available for inspection.
12. At times a sample may indicate in the case of a test of controls, that controls are more effective than they actually are.
This situation illustrates the risk of
a. Over-reliance
b. Under-reliance
c. Incorrect precision
d. Incorrect rejection
13. At times a sample may indicate in the case of a test of controls, that controls are less effective than they actually are.
This situation illustrates the risk of
a. Over-reliance
b. Under-reliance
c. incorrect precision
d. incorrect rejection
14. At times a sample may indicate in the case of a test of details that a material misstatement does not exist when in fact
it does. This situation illustrates the risk of
a. incorrect rejection
b. incorrect acceptance
c. over reliance
d. under reliance
15. At times a sample may indicate in the case of a test of details that a material misstatement exists when in fact if does
not. This situation illustrates the risk of
a. incorrect rejection
b. incorrect acceptance
c. over reliance
d. under reliance
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
Lesson Objectives:
Getting Started:
Completing an engagement poses for an auditor a number of important questions, none of which have been addressed
completely thus far but all of which bear directly on the auditor’s report: What risks are imposed by related parties? Are
management’s assertions dependent on estimates or on legal interpretations? This lesson addresses these among other
questions an auditor confronts when completing an engagement.
Discussion:
The procedures being performed in completing the audit are necessary. These procedures are usually performed by audit
managers or other senior members of the audit team who have extensive audit experience with the client because the
procedures involve many subjective judgments by the auditor. These procedures do not pertain to specific transaction cycles
or accounts.
Definition of Terms:
(a) Date of the financial statements – The date of the end of the latest period covered by the financial statements,
which is normally the date of the most recent balance sheet in the financial statements subject to audit.
(b) Date of approval of the financial statements – The date on which those with the recognized authority assert that
they have prepared the entity’s complete set of financial statements, including the related notes, and that they have
taken responsibility for them.
(c) Date of the auditor’s report – the date selected by the auditor to the date the report on the financial statements. The
auditor’s report is not dated earlier than the date on which the auditor has obtained sufficient appropriate audit
evidence includes evidence that the entity’s complete set of financial statements has been prepared and that those
with the recognized authority have asserted that they have taken responsibility for them.
(d) Date the financial statements are issued – the date that the auditor’s report and audited financial statements are
made available to third parties, which may be, in many circumstances, the date that they are filed with a
regulatory authority. In the case of the public sector, this may be the date audited financial statements and the
auditor’s reports thereon are presented to the legislature.
(e) Subsequent events- Events occurring between the date of the financial statements and the date of the auditor’s
report, and facts that become known to the auditor after the date of the auditor’s report.
• Subsequent events refer to events occurring between period end (the date of the financial statements or the balance
sheet date) and the date of the auditor’s report that may affect the financial statements and the auditor’s report.
• These events are also called post-balance sheet events/transactions since they occur after or subsequent to the
balance sheet date.
• Subsequent events may also refer to facts discovered after the date of the auditor’s report.
• The period between the date of the financial statements and the date of the auditor's report is called the subsequent
period. During this period, the auditor has an active responsibility to investigate certain subsequent events.
Subsequent events relevant to the auditor: limited to those subsequent events (both requiring adjustment or
disclosure) that occur subsequent to date of the FS and the date of the auditor’s report
The auditor should perform procedures designed to obtain sufficient appropriate audit evidence that all events
up to the date of the auditor’s report that may require adjustment of, or disclosure in, the financial statements have
been identified.
c. Reading minutes of the meetings (of shareholders, those charged with governance, audit and executive
committees) including those held after period end and inquiring about matters discussed at meetings for
which minutes are not yet available.
d. Reading the entity’s latest available interim financial statements as well as budgets and cash flow forecasts
and other related management reports; compare them with the financial statements under audit.
e. Obtaining representation letter from management regarding whether any events occurred during the
subsequent period that require adjustments to or disclosure in the financial statements.
2. To consider/evaluate the effect of subsequent events (whether such events are properly accounted for and
adequately disclosed) on the financial statements and on the auditor’s report
When subsequent events that materially affect the financial statements are identified, the auditor should
consider whether such events are properly accounted for and adequately disclosed in the financial statements.
Litigation and claims involving an entity may have a material effect on the financial statements and thus may be
required to be disclosed and/or provided for in the financial statements.
The auditor should carry out procedures to identify existence of any litigations and claims involving the entity
which may result in a material misstatement of the financial statements. Such procedures would include the
following:
• Make appropriate inquiries of management including obtaining representations
• Review minutes of those charged with governance and correspondence with the entity’s legal counsel
The auditor should seek direct communication with the entity’s lawyers when litigation or claims have been
identified or when the auditor believes they may exist. The letter would ordinarily specify the following:
• A list of litigation and claims;
• Management’s assessment of the outcome of the litigation or claim and its estimate of the financial
implications, including costs involved; and
• A request that the entity’s legal counsel confirm the reasonableness of management’s assessments and
provide the auditor with further information if the list is considered by the entity’s legal counsel to be
incomplete or incorrect.
The letter, which should be prepared by management and sent by the auditor, should request the lawyer to
communicate directly with the auditor.
If management refuses to give the auditor permission to communicate with the entity’s legal counsel, this would
be a scope limitation and should ordinarily lead to a qualified opinion or a disclaimer of opinion. Where the entity’s
legal counsel refuses to respond in an appropriate manner and the auditor is unable to obtain sufficient appropriate
audit evidence by applying alternative audit procedures, the auditor would consider whether there is a scope
limitation which may lead to a qualified opinion or a disclaimer of opinion.
• Going concern assumption – an entity is ordinarily viewed as continuing in business for the foreseeable future with
neither the intention nor the necessity of liquidation, ceasing trading or seeking protection from creditors pursuant
to laws and regulations.
Management’s responsibility:
a. Management should assess the entity’s ability to continue as a going concern – making a judgment about the
future outcome of uncertain events or conditions (for a period of one year from balance sheet date)
b. To disclosure (based on the result of assessment)
Auditor’s responsibility:
a. Overall evaluation of the appropriateness of management’s use of the going concern assumption in the
preparation of the financial statements
b. Identifying material uncertainties about the entity’s ability to continue as a going concern that need to be
disclosed in the financial statements
c. Whether such events or conditions are adequately disclosed in the financial statements
d. Consider report modification because of these events or conditions
e. If conditions or events such as those identified previously create substantial doubt as to the ability of the entity
to continue as a going concern, the auditor should consider whether management has feasible plans (plans for
and the ability to implement alternative means of maintaining adequate cash flows)
The auditor has no responsibility to predict future events or conditions that may cause an entity to
cease to continue as a going concern. Thus, auditors are not required to design audit procedures solely
to detect going concern problems.
Events or conditions that may give rise to business risks, that individually or collectively, may cast
doubt about the entity’s ability to continue as a going concern:
Factors that can mitigate the adverse effects of identified material going concern uncertainty: The auditor should
consider whether management has plans for and the ability to implement alternative means of maintaining adequate
cash flows to mitigate events and conditions that may cast doubt about the entity’s ability to continue as a going
concern.
Audit procedures to identify conditions and events that may cast doubt about an entity’s ability to continue as
a going concern:
• Analytical procedures
• Subsequent events review
• Review of compliance with debt and loan agreements
• Reading minutes of meetings
• Inquiry of legal counsel
• Confirmation with related and third parties of arrangements for financial support
• Auditor’s responsibility: The auditor should obtain appropriate written representations from management.
b. Other purposes:
➢ It confirms oral representations made by management during the audit
➢ It reduces the possibility of misunderstanding between the auditor and the client concerning the matters that
are the subject of the representations
➢ It documents management’s acceptance acknowledgment of its responsibility for fair presentation of the
financial statements
➢ It may provide corroborative evidence when audit evidence may not be reasonably expected to be available
For example: Audit evidence to corroborate management’s intention to hold a specific investment for long-
term appreciation or to discontinue a line of business
➢ It complements, but do not replace or substitute, other audit procedures or other audit evidence that the
auditor could reasonably expect to be available
➢ That management acknowledges its responsibility for the design and implementation of internal control to
prevent and detect error
➢ That management believes the effects of those uncorrected financial statement misstatements aggregated by the
auditor during the audit are immaterial, both individually and in the aggregate, to the financial statements taken
as a whole
• Auditor’s responsibility on representations relating to matters that are material to the financial statements:
a. Seek corroborative audit evidence from sources inside or outside the entity;
b. Evaluate whether the representations made by management appear reasonable and consistent with other audit
evidence obtained, including other representations; and
c. Consider whether the individuals making the representations can be expected to be well informed on the
particular matters.
• Example of a management representation letter: The following letter is not intended to be a standard letter.
Representations by management will vary from one entity to another and from one period to the next.
(Entity Letterhead)
This representation letter is provided in connection with your audit of the financial statements of ABC
Company for the year ended December 31, 19X1 for the purpose of expressing an opinion as to
whether the financial statements present fairly, in all material respects, the financial position of ABC
Company as of December 31, 19X1 and of the results of its operations and its cash flows for the year
then ended in accordance with (indicate applicable financial reporting framework).
We acknowledge our responsibility for the fair presentation of the financial statements in
accordance with (indicate applicable financial reporting framework).
We confirm, to the best of our knowledge and belief, the following representations:
• There have been no irregularities involving management or employees who have a significant role
in internal control or that could have a material effect on the financial statements.
• We have made available to you all books of account and supporting documentation and all minutes
of meetings of shareholders and the board of directors (namely those held on March 15, 19X1 and
September 30, 19X1, respectively).
• We confirm the completeness of the information provided regarding the identification of related
parties.
• If required, add “On behalf of the board of directors (or similar body).”
• The financial statements are free of material misstatements, including omissions.
• The Company has complied with all aspects of contractual agreements that could have a material
effect on the financial statements in the event of noncompliance.
• There has been no noncompliance with requirements of regulatory authorities that could have a
material effect on the financial statements in the event of noncompliance.
• The following have been properly recorded and, when appropriate, adequately disclosed in the
financial statements:
➢ The identity of, and balances and transactions with, related parties.
➢ Losses arising from sale and purchase commitments.
➢ Agreements and options to buy back assets previously sold.
➢ Assets pledged as collateral.
• We have no plans or intentions that may materially alter the carrying value or classification of
assets and liabilities reflected in the financial statements.
• We have no plans to abandon lines of product or other plans or intentions that will result in any
excess or obsolete inventory, and no inventory is stated at an amount in excess of net realizable
value.
• The Company has satisfactory title to all assets and there are no liens or encumbrances on the
company’s assets, except for those that are disclosed in Note X to the financial statements.
• We have recorded or disclosed, as appropriate, all liabilities, both actual and contingent, and have
disclosed in Note X to the financial statements all guarantees that we have given to third parties.
• Other than . . . described in Note X to the financial statements, there have been no events
subsequent to period end which require adjustment of or disclosure in the financial statements or
Notes thereto.
• The . . . claim by XYZ Company has been settled for the total sum of XXX which has been
properly accrued in the financial statements. No other claims in connection with litigation have
been or are expected to be received.
• There are no formal or informal compensating balance arrangements with any of our cash and
investment accounts. Except as disclosed in Note X to the financial statements, we have no other
line of credit arrangements.
• We have properly recorded or disclosed in the financial statements the capital stock repurchase
options and agreements, and capital stock reserved for options, warrants, conversions and other
requirements.
Yours truly,
(Senior Executive Officer)
(Senior Financial Officer)
• Legal representation letter – client’s letter of inquiry to lawyer who have been consulted by the client concerning
litigation, claims, or assessments to provide corroborative evidential matter; such letter of inquiry should be mailed
only by the auditor after preparation by the client and review by the auditor
• Application of materiality:
1. Representations may be limited to matters that are considered either individually or collectively material to the
financial statements
2. Materiality limits would not apply when obtaining written client representation on:
a. Fraud or irregularities involving management
b. Availability of minutes of meetings
• Effect if management refuses to provide the necessary written representations: Refusal by management to
provide a written representation requested by the auditor that the auditor deems necessary constitutes a scope
limitation and would result in a qualified opinion or a disclaimer of opinion. In such circumstances, also consider:
a. Any reliance placed on other representations made by management during the audit; and
b. Any additional implications of the refusal on the auditor’s report.
• When management representation is contradicted by other audit evidence: The auditor should investigate the
circumstances and, when necessary, reconsider the reliability of other representations made by management
Auditor’s responsibility
1. Review related party transactions to ensure that they have been properly identified, recorded and disclosed in the
financial statements
2. Obtain a written representation from management concerning:
a. Completeness of information on identification of related parties; and
b. Adequacy of disclosure in the FS
• The auditor needs to have the level of knowledge of the entity’s business and industry that will enable
identification of the events and transactions and practices that may have material effect on the
financial statements.
• An audit cannot be expected to detect all related party transactions.
Reasons for the review: The auditor should modify the auditor’s report in case of:
• Inability to obtain sufficient appropriate audit evidence concerning related parties and transactions with such parties
• Inadequate disclosure in the FS
Performing analytical procedures in the overall review at/near the end of the audit
Analytical procedures involve analysis of significant ratios and trends including the resultant
investigation of fluctuations and relationships that are inconsistent with other relevant information or
expectation:
Analytical procedures are required to be performed during the planning and overall review stages.
• Purpose of performing analytical procedures in the overall review stage of the audit: to ensure that the
auditor’s overall conclusion as to whether the financial statements as a whole are consistent with the auditor’s
understanding of the entity.
• Auditor’s focus when performing analytical procedures in the overall review stage:
a. Identifying unusual fluctuations or transactions or unexpected account balances that were not previously
identified
➢ Requires investigation, adequate explanation and appropriate corroborative evidence by performing
additional tests of details
b. Assessing the validity of the conclusions reached and evaluating the overall financial statements presentation
• Omitted audit procedures may be discovered (after the audit report has been submitted) during a firm's internal
inspection program or during peer review.
• Auditor’s action:
a. The auditor should assess the importance of the omitted procedures to his ability to support the audit
opinion.
b. The auditor should determine whether other audit procedures that were applied tend to compensate for the
omitted audit procedures. If so, no further action is necessary.
c. If, on the other hand, the omitted audit procedures impair the auditor's ability to support the previously
issued opinion, and there are people relying (or likely to rely) on the report, then the auditor should promptly
undertake to apply the omitted procedures or the corresponding alternative procedures.
d. If, after applying the omitted procedures, the auditor determines that the financial statements are materially
misstated and that the auditor's report is inappropriate, the auditor should discuss the matter with the
management and take steps to prevent future reliance on the report.
When completing an engagement, an auditor must review both for material subsequent events and for contingent liabilities.
Each requires considerable judgment because, unlike many other audit areas, neither is recorded in the financial statements.
To form an overall opinion on the financial statements taken as a whole, auditors review the entire set of audit documentation
and perform overall analytical procedures.
Enrichment Activities
Instructions: Encircle the letter of your answer. Erasures/Alterations are not allowed.
1. The auditor shall perform audit procedures designed to obtain sufficient appropriate audit evidence that all events
occurring between the date of the financial statements and the date of the auditor’s report that require adjustment of, or
disclosure in, the financial statements have been identified. The auditor is not, however, expected to perform additional
audit procedures on all matters to which previously applied audit procedures have provided satisfactory conclusions.
When the auditor identifies events that materially affect the financial statements, the auditor shall determine whether
such events are properly accounted for and adequately disclosed in the financial statements.
2. Which of the following is least likely a procedure that would be performed by the auditor near the auditor’s report date?
a. Reviewing the procedures that management has established to ensure that subsequent events are identified.
b. Inquiring of management as to whether any subsequent events have occurred which might affect the financial
statements.
c. Reading the minutes of the meetings of shareholders, the board of directors and audit executive committees
held throughout the audit year.
d. Reading / comparing the entity’s latest available interim financial statements.
3. The auditor has no obligation to perform any audit procedures regarding the financial statements after the date of the
auditor’s report. However, when, after the date of the auditor’s report but before the date the financial statements are issued,
the auditor becomes aware of a fact which may materially affect the financial statements, the auditor shall:
I. If the auditor’s report has not yet been issued to the entity, the auditor shall modify the opinion appropriately
so that the auditor expresses a qualified opinion or an adverse opinion.
II. If the auditor’s report has already been issued to the entity, the auditor shall notify management or those
charged with governance, as appropriate, not to issue the financial statements and the auditor’s report
thereon to third parties. If the financial statements are nevertheless subsequently issued, the auditor shall
take action, in light of the auditor’s legal rights and obligations and the recommendations of the auditor’s
legal counsel, to prevent reliance on the auditor’s report.
a. I and II c. II only
b. I only d. Neither I nor II
Assessment
Lesson 2: COMPLETING THE AUDIT
Instructions: Encircle the letter of your answer. Erasures/Alterations are not allowed.
1. The objective of the auditor, as required by PSA 580 is to corroborate, by means of written representations
I. The validity of the premises, relating to management’s responsibilities, on which an audit is conducted
II. Other audit evidence obtained with regard to specific assertions in the financial statements
a. I only c. I and II
b. II only d. Neither I or II
2. When considering the use of management’s written representations as audit evidence about the completeness
assertion, an auditor should understand that such representations
a. Complement, but do not replace, substantive tests designed to support the assertion.
b. Constitute sufficient evidence to support the assertion when considered in combination with a sufficiently low
assessed level of control risk.
c. Are not part of the evidence considered to support the assertion.
d. Replace a low assessed level of control risk as evidence to support the assertion.
4. For which of the following matters should an auditor obtain written management representations?
a. Management’s cost-benefit justifications for not correcting internal control weaknesses.
b. Management’s knowledge of future plans that may affect the price of the entity’s stock.
c. Management’s compliance with contractual agreements that may affect the financial statements.
d. Management’s acknowledgment of its responsibility for employee’s violations of laws.
5. A written representation from a client’s management that, among other matters, acknowledges responsibility for
the fair presentation of financial statements, should normally be signed by the
a. Chief executive officer and the chief financial officer.
b. Chief financial officer and the chair of the board of directors.
c. Chair of the audit committee of the board of directors.
d. Chief executive officer, the chair of the board of directors, and the client’s lawyer.
6. What is (are) the circumstances the may cause the auditor to doubt the reliability of one or more written
representations
I. One or more written representations are inconsistent with other audit evidence
II. The auditor has identified significant issues related to management’s commitment to competence,
communication and enforcement of integrity and ethical values, or diligence.
a. I only c. Either I or II
b. II only d. Neither I nor II
7. When relevant parties do not provide the general or specific written representations requested by the auditor, the
auditor shall
I. Reconsider the assessment of the integrity of management and, where appropriate, those charged with
governance
II. Take appropriate actions, including determining the possible effects on the opinion in the auditor’s report
III. Ask for the reasons
a. I, II and III c. III, II and I
b. II, III and I d. III, I and II
8. When relevant parties do not provide the general written representations about the premises, relating to
management’s responsibilities, on which an audit is conducted, the auditor is unable to obtain sufficient
appropriate audit evidence. If the possible effects on the financial statements of such inability are pervasive, the
auditor shall disclaim an opinion on the financial statements.
When relevant parties do not provide specific written representations requested by the auditor, it constitutes a
scope limitation. Where this is the case, the auditor shall consider the effect on the opinion in the auditor’s report
in accordance with PSA 705.
a. True, True c. False, True
b. False, False d. True, False
9. When performing risk assessment procedures to obtain an understanding of the entity and to assess the entity’s
going concern, the auditor shall:
I. Inquire of management as to whether events or conditions exist that, individually or collectively, may cast
significant doubt about the going concern assumption.
II. Consider management’s assessment of the entity’s ability to continue as a going concern, if such an
assessment has been performed, to determine whether management has identified events conditions that
may cast significant doubt on the entity’s ability to continue as a going concern and management’s plans
to address them
III. Discuss with management the basis for its intended use of the going concern assumption, if management
has not yet performed such an assessment
a. I, II and III c. I and III
b. I and II d. I only
10. In evaluating the management’s assessment of the entity’s ability to continue as a going concern, he should
consider the following, except
a. The independence of the management
b. The process that management has followed to make its assessment
c. The assumptions on which the assessment is based and management’s plan for future action.
d. Whether the assessment has taken into account all relevant information of which the auditor is aware of as a
result of the audit procedures.
11. What is the auditor’s responsibility of detecting significant doubt about the entity’s ability to continue as a going
concern?
a. Analyze the ability of the company to generate cash flows.
b. The auditor should make extensive analytical procedures.
c. Consider those events that may require disclaimer of opinion.
d. The auditor should inquire of management of indication of those events or conditions.
12. Examples of events or conditions which individually or collectively , may cast significant doubt about the going
concern assumption include the following except:
a. Net liability or net current liability position.
b. Change from credit to cash-on-delivery transactions with suppliers.
c. Labor difficulties or shortages of important supplies.
d. Compliance with capital or other statutory requirements.
13. Which of the following may an auditor least likely consider a symptom of an entity’s significant going-concern
problems?
a. Significant recurring working capital deficiencies.
b. Legal proceedings that might jeopardize the entity’s ability to operate.
c. A new government regulation imposes a change in accounting principle.
d. A recurring default in meeting the entity’s financial obligation.
14. Which of the following conditions or events most likely would cause an auditor to have substantial doubt about an
entity’s ability to continue as a going concern?
a. Cash flows from operating activities are negative.
b. Research and development projects are postponed.
c. Significant related party transactions are pervasive.
d. Stock dividends replace annual cash dividends.
15. When events or conditions have been identified which may cast significant doubt on the entity’s ability to
continue as a going concern, the auditor shall (choose the incorrect statement)
a. Obtain sufficient appropriate audit evidence to determine whether or not a material uncertainty exists through
performing additional audit procedures, including consideration of other mitigating factors.
b. Evaluate management’s plans for future actions based on its going concern assessment and whether the
outcome of these plans will improve the situation, and obtain sufficient appropriate audit evidence that
management’s plans are feasible in the circumstances.
c. Determine whether any additional facts or information have become available since the date on which
management made its assessment.
d. Not request specific written representations from management regarding its plans for future action.
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
Lesson Objectives:
• Discuss each type of audit reports and state what situation it is being used
• Construct an example of engagement letter
Getting Started:
This lesson introduces carefully phrased written reports that explain a practitioner’s findings. It encompasses reports which
are essential to the audit or other assurance services. The auditor’s report is considered the primary product of assurance
(financial statement audit) service.
Auditor’s Opinions
a) Unmodified (unqualified) opinion (PSA 700 Redrafted) —The opinion expressed when the FSs are prepared, in all
material respects, in accordance with the applicable financial reporting framework (frf).
b) Modified opinion (PSA 705 Reddrafted)—The three types of are:
i. Qualified opinion – the auditor is satisfied that the FSs are presented fairly, except for a specific aspect of them.
ii. Adverse opinion – the auditor does not believe the FSs are fairly presented.
iii. Disclaimer of opinion – the auditor does not know if the FSs are presented fairly.
The table below illustrates how the auditor’s judgment about the affects the type of opinion to be expressed.
Nature of Matter Giving Rise to the Material but Not Material and Pervasive
Modification Pervasive
FSs are materially misstated Qualified opinion Adverse opinion
Inability to obtain SAAE (Scope limitation):
Due to management imposed limitation Qualified opinion Resign, if appropriate; or
Disclaimer of opinion
Other limitations Qualified opinion Disclaimer of opinion
Pervasive effects or possible effects on the FSs are those that, in the auditor’s judgment:
a) Are not confined to specific elements, accounts or items of the FSs;
b) If so confined, represent or could represent a substantial proportion of the FSs; or
c) In relation to disclosures, are fundamental to users’ understanding of the FSs.
Auditor’s Reports
The auditor’s report shall be in writing (hard copy format or an electronic medium).
The following are the parts of a standard auditor’s report with unqualified opinion without emphasis of matter paragraph
and other matter paragraph:
Title
The auditor’s report shall have a title that clearly indicates that it is the report of an independent auditor. For example,
“Independent Auditor’s Report,” affirms that the auditor has met all of the relevant ethical requirements regarding
independence and distinguishes the independent auditor’s report from reports issued by others.
Addressee
The auditor’s report is normally addressed to those for whom the report is prepared, often either to the shareholders and/or
to TCWG of the entity.
Introductory Paragraph
This section describes the responsibilities of those in the organization responsible for the FSs and internal control relevant
to the preparation of FSs that are free from material misstatement, whether due to fraud or error.
Auditor’s Responsibility
This section states that the responsibility of the auditor is to express an opinion on the FSs based on the audit.
Auditor’s Opinion
This includes a section with the heading “Opinion.” Use the phrase: The financial statements present fairly, in all material
respects, in accordance with [the applicable financial reporting framework].
If the auditor addresses other reporting responsibilities (e.g., reportorial requirement of regulatory authorities) in the
auditor’s report on the FSs that are in addition to to report on the FSs, these shall be addressed in a separate section in the
auditor’s report that shall be sub-titled “Report on Other Legal and Regulatory Requirements”.
The auditor’s report shall be signed. The auditor’s signature is either in the name of the audit firm, the personal name of
the auditor or both, as appropriate.
In the Philippines, Securities Regulation Code (SRC) Rule 68 requires that the auditor’s report on FSs filed with the
Securities and Exchange Commission (SEC), which will likewise be filed with the Bureau of Internal Revenue (BIR), be
manually signed. In case of an auditing firm, the certifying partner shall sign his/her own signature and shall indicate that
he/she is signing for the firm, the name of which is also indicated in the report. The auditor is also required to state the
signing accountant’s license number, Tax Identification No. (TIN), Privilege Tax Receipt (PTR) No., registration number
with the PRC/BOA, and accreditation issued by the SEC.
The auditor’s report shall be dated no earlier than the date on which the auditor has obtained SAAE on which to base the
auditor’s opinion on the FSs, including evidence that:
a. All the statements that comprise the FSs, including the related notes, have been prepared; and
b. Those with the recognized authority have asserted that they have taken responsibility for those FSs.
The date of the auditor’s report informs the user of the auditor’s report that the auditor has considered the effect of events
and transactions of which the auditor became aware and that occurred up to that date.
In the Philippines, under SRC Rule 68, management is required to submit to the SEC, together with the FSs, a ‘Statement
of Management Responsibility’ that indicates, that the company’s Board of Directors reviewed and approved the FSs
before such statements are submitted to the stockholders of the company.
A paragraph included in the auditor’s report that refers to a matter appropriately presented or disclosed in the FSs, in the
auditor’s judgment, is of such importance that it is fundamental to users’ understanding of the FSs. The auditor can
include emphasis of matter paragraph provided the auditor has obtained SAAE that the matter is not materially misstated
in the FSs. The inclusion of this paragraph in the auditor’s report does not affect the auditor’s opinion.
When the auditor includes an Emphasis of Matter paragraph in the auditor’s report, the auditor shall:
• Include it immediately after the Opinion paragraph;
• Use the heading “Emphasis of Matter,” or other appropriate heading;
• Include in the paragraph a clear reference to the matter being emphasized and to where relevant disclosures that fully
describe the matter can be found in the FSs; and
• Indicate that the auditor’s opinion is not modified in respect of the matter emphasized
A paragraph included in the auditor’s report that refers to a matter other than those presented or disclosed in the FSs that,
in the auditor’s judgment, is relevant to users’ understanding of the audit, the auditor’s responsibilities or the auditor’s
report.
The auditor shall include this paragraph immediately after the Opinion paragraph and any Emphasis of Matter paragraph,
or elsewhere in the auditor’s report if the content of the Other Matter paragraph is relevant to the Other Reporting
Responsibilities section.
• The auditor shall include additional paragraph on the standard auditor’s report immediately before the opinion
paragraph, and use the heading “Basis for Qualified Opinion,” “Basis for Adverse Opinion,” or “Basis for Disclaimer
of Opinion,” as appropriate.
Opinion Paragraph
• The auditor shall use the heading “Qualified Opinion,” “Adverse Opinion,” or “Disclaimer of Opinion,” as
appropriate, for the opinion paragraph.
We have audited [if disclaimer of opinion, We were engaged to audit] the accompanying financial statements of [Name of
Client], which comprise the statements of financial position as at [Reporting Date], 2019 and 2018, and the statements of
[comprehensive income, income, operations, or other appropriate title used in the financial statements], statements of
changes in equity and statements of cash flows for the years then ended, and a summary of significant accounting policies
and other explanatory information.
Management is responsible for the preparation and fair presentation of these financial statements in accordance with
[Applicable Financial Reporting Framework], and for such internal control as management determines is necessary to
enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error.
Auditors’ Responsibility
Our responsibility is to express an opinion on these financial statements based on our audits. We conducted our audits in
accordance with Philippine Standards on Auditing. Those standards require that we comply with ethical requirements and
plan and perform the audit to obtain reasonable assurance about whether the financial statements are free from material
misstatement.
An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the financial
statements. The procedures selected depend on the auditors’ judgment, including the assessment of the risks of material
misstatement of the financial statements, whether due to fraud or error. In making those risk assessments, the auditors
consider internal control relevant to the entity’s preparation and fair presentation of the financial statements in order to
design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the
effectiveness of the entity’s internal control. An audit also includes evaluating the appropriateness of accounting policies
used and the reasonableness of accounting estimates made by management, as well as evaluating the overall presentation
of the financial statements.
We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our [qualified or
adverse, as appropriate] audit opinion.
Our responsibility is to express an opinion on these financial statements based on conducting the audit in accordance with
Philippine Standards on Auditing. Because of the matter described in the Basis for Disclaimer of Opinion paragraph,
however, we were not able to obtain sufficient appropriate audit evidence to provide a basis for an audit opinion.
In our opinion, the financial statements present fairly, in all material respects, the financial position of [Name of Client] as
at [Reporting Date], 2019 and 2018, and its financial performance and its cash flows for the years then ended in
accordance with [Applicable financial reporting framework].
The Company’s inventories are recognized in the statement of financial position at P16 million Based on the audit evidence
obtained, we believe that an adjustment to inventories of P5 million is required to recognize slow moving items at their net
realized value. The tax effect of this adjustment is P1.5 million. Accordingly, we believe that shareholders’ equity and
profit for the year are overstated by P3.5 million respectively.]
Qualified Opinion
In our opinion, except for the effects of the matters descried in the basis for qualified opinion paragraph, the financial
statements present fairly, in all material respects, the financial position of [Name of Client] as of [Reporting Date], 2019
and 2018, and its financial performance and its cash flows for the years ended in accordance with Philippine Financial
Reporting Standards.
As discussed in Note X to the financial statements, the Company’s financing arrangements expired and the amount
outstanding was payable on December 31, 20XI. The company has been unable to re-negotiate or obtain replacement
financing and is considering filling for bankruptcy. Based on the audit evidence obtained, we believe that the company will
not be able to meet its obligations in the ordinary course of business. Accordingly, we do not agree with management’s
preparation and presentation of financial statements on a going concern basis. Had the financial statements been prepared
on a liquidation basis of accounting, we believe that it would have had a significant negative effect on the company’s
financial position and financial performance.
Adverse Opinion
Adverse Opinion
In our opinion, because of the significance of the matter discussed in the basis for adverse opinion paragraph, the financial
statements do not present fairly, in all material respects the financial position [Name of Client] as of [Reporting Date], 2019
and 2018, and of its financial performance and its cash flows for the years then ended in accordance with Philippine
Financial Reporting Standards.
The company’s investment in its joint venture XYZ (Country X) Company is carried at xxx on the company’s statement
of financial position, which represents over 90% of the company’s net assets as at December 31, 2019. We were not
allowed access to the management and the auditors of XYZ, including XYZ’s auditors’ audit documentation. As a result,
we were unable to determine whether any adjustments were necessary in respect of the company’s proportional share of
XYZ’s assets that it controls jointly, its proportional share of XYZ’s liabilities for which it is jointly responsible, its
proportional share of XYZ’s income and expenses for the year, and the elements making up the statement of changes in
equity and statement of cash flow.
Disclaimer of Opinion
Because of the significance of the matter described in the Basis for Disclaimer of Opinion paragraph, we have not been
able to obtain sufficient appropriate audit evidence to provide a basis for an audit opinion. Accordingly, we do not express
an opinion on the financial statements.
Emphasis of Matter
We draw attention to Note X to the financial statements, which appropriately describe the significant uncertainty related to
the outcome of a lawsuit in which the company is the defendant. The lawsuit alleges infringement of certain patent right
and claims royalties and punitive damages in the amount of P10 million to the outcome of the lawsuit, the company believes
that it will be able to successfully defend its case and, accordingly, no provision for any liability that may result has been
recognized in the financial statements. Our opinion is not qualified in respect of this matter.
TIN
By:
[NAME OF PARTNER]
Partner
CPA License No.
SEC A.N.
TIN
BIR AN.
PTR No., Issued on [Date, Place of Issue]
Makati City, Philippines
[Date of Auditors’ Report]
Supplementary information – information that is presented together with the FSs that is not required by the applicable
FRF used to prepare the FSs, normally presented in either supplementary schedules or as additional notes.
The auditor shall evaluate whether such supplementary information is clearly differentiated from the audited FSs. If such
supplementary information is not clearly differentiated, the auditor shall ask management to change how the unaudited
supplementary information is presented. If management refuses to do so, the auditor shall explain in the auditor’s report
that such supplementary information has not been audited. The fact that supplementary information is unaudited does not
relieve the auditor of the responsibility to read that information to identify material inconsistencies with the audited
financial statements.
Comparative Information
The two broad approaches to the auditor’s reporting responsibilities in respect of comparative information are:
a) Corresponding figures –comparative information where amounts and other disclosures for the prior period are
included as an integral part of the current period FSs, and are intended to be read only in relation to the amounts and
other disclosures relating to the current period (referred to as “current period figures”). The level of detail presented in
the corresponding amounts and disclosures is dictated primarily by its relevance to the current period figures; and
b) Comparative FSs –comparative information where amounts and other disclosures for the prior period are included for
comparison with the FSs of the current period but, if audited, are referred to in the auditor’s opinion. The level of
information included in those comparative FSs is comparable with that of the FSs of the current period.
Audit Procedures
b) The accounting policies reflected in the comparative information are consistent with those applied in the current
period or, if there have been changes in accounting policies, whether those changes have been properly accounted,
presented and disclosed.
If the auditor becomes aware of a possible material misstatement in the comparative information while performing the
current period audit, the auditor shall perform such additional audit procedures necessary to obtain SAAE, including
requesting written representations for all periods referred to in the auditor’s opinion.
Audit Reporting
Corresponding figures
The auditor’s opinion shall not refer to the corresponding figures because the auditor’s opinion is on the current period
FSs includes corresponding figures, except:
a) Modification in auditor’s report on the prior period remain unresolved
b) Misstatement in prior period FSs
c) Prior period FSs not audited
d) Prior period FSs audited by a predecessor auditor
The auditor shall modify the auditor’s opinion on the current period’s FSs.
If the auditor obtains audit evidence that a material misstatement exists in the prior period FSs on which an unmodified
opinion has been previously issued, and the corresponding figures have not been properly restated, the auditor shall
express a qualified opinion or an adverse opinion in the auditor’s report on the current period FSs.
When the prior period FSs that are misstated have not been amended and an auditor’s report has not been reissued, but the
corresponding figures have been properly restated or appropriate disclosures have been made in the current period FSs,
the auditor’s report may include an Emphasis of Matter paragraph.
The auditor shall state in an Other Matter paragraph in the auditor’s report that the corresponding figures are unaudited.
The auditor shall state (if nor prohibited by law to do so) in an Other Matter paragraph in the auditor’s report:
a) That the FSs of the prior period were audited by the predecessor auditor;
b) The type of opinion expressed and, if the opinion was modified, the reasons therefore; and
c) The date of that report.
The auditor’s opinion shall refer to each period for which FSs are presented on which an audit opinion is expressed.
The opinion expressed on the prior period FSs may be different from the opinion previously expressed if the auditor
becomes aware of circumstances or events that materially affect the FSs of a prior period during the course of the audit of
the current period. The auditor shall disclose the substantive reasons for the different opinion in an Other Matter
paragraph.
In addition to expressing an opinion on the current period’s FSs, the auditor shall state in an Other Matter paragraph:
a) that the FSs of the prior period were audited by a predecessor auditor;
b) the type of opinion expressed and, if the opinion was modified, the reasons therefore; and
c) the date of that report,
unless the predecessor auditor’s report on the prior period’s FSs is reissued with the FSs.
If the prior period FSs were not audited, the auditor shall state in an Other Matter paragraph that the comparative FSs are
unaudited.
Other information refers to financial and non-financial information (other than the FSs and the auditor’s report thereon)
which is included, either by law, regulation or custom, in a document containing audited FSs and the auditor’s report
thereon. Other information may comprise, for example:
• A report by management or TCWG on operations.
• Financial summaries or highlights.
• Employment data.
• Planned capital expenditures.
• Financial ratios.
• Names of officers and directors.
• Selected quarterly data.
“Documents containing audited FSs” refers to annual reports (or similar documents), that are issued to owners (or similar
stakeholders), containing audited FSs and the auditor’s report, as well as other documents containing audited FSs, such as
those used in securities offerings.
The auditor’s opinion does not cover other information and the auditor has no specific responsibility for determining
whether or not other information is properly stated. However, the auditor reads the other information because the
credibility of the audited FSs and the auditor’s report may be undermined by material inconsistencies between the audited
FSs and other information.
Material Inconsistencies
If, on reading the other information, the auditor identifies a material inconsistency, the auditor shall determine whether the
audited FSs or the other information needs to be revised.
Material Inconsistencies Identified in Other Information Obtained Prior to the Date of the Auditor’s Report
If revision of the audited FSs is necessary and management refuses to make the revision, the auditor shall modify the
opinion in the auditor’s report.
If revision of the other information is necessary and management refuses to make the revision, the auditor shall
communicate this matter to TCWG; and
a) Include in the auditor’s report an Other Matter paragraph describing the material inconsistency.
b) Withhold the auditor’s report.
c) Withdraw from the engagement, if possible.
d) Seek advice from the auditor’s legal counsel.
Material Inconsistencies Identified in Other Information Obtained Subsequent to the Date of the Auditor’s Report
If revision of the audited FSs is necessary, the auditor shall follow the relevant requirements in “Subsequent Events”.
If revision of the other information is necessary and management agrees to make the revision, the auditor shall carry out
the procedures necessary under the circumstances, which may include reviewing the steps taken by management to ensure
that individuals in receipt of the previously issued FSs, the auditor’s report thereon, and the other information are
informed of the revision.
If revision of the other information is necessary, but management refuses to make the revision, the auditor shall notify
TCWG of the auditor’s concern regarding the other information and take any further appropriate action, which may
include obtaining advice from the auditor’s legal counsel.
If, on reading the other information for the purpose of identifying material inconsistencies, the auditor becomes aware of
an apparent material misstatement of fact, the auditor shall discuss the matter with management. Misstatement of fact
occurs when other information that is unrelated to matters appearing in the audited FSs that is incorrectly stated or
presented. A material misstatement of fact may undermine the credibility of the document containing audited FSs.
If the auditor concludes that there is a material misstatement of fact in the other information which management refuses to
correct, the auditor shall notify TCWG of the auditor’s concern and take any further appropriate action, which may
include obtaining advice from the auditor’s legal counsel.
Introduction
Special purpose FSs are FSs prepared in accordance with a special purpose framework designed to meet the financial
information needs of specific users.
The financial reporting framework (FRF) must be acceptable. The financial information needs of the intended users are a
key factor in determining the acceptability of the FRF and is a matter of professional judgment.
The auditor shall comply with (a) relevant ethical requirements, including independence and (b) all PSAs relevant to the
audit.
The auditor’s report shall include an Emphasis of Matter paragraph alerting users of the auditor’s report that the FSs are
prepared in accordance with a special purpose framework and that, as a result, the FSs may not be suitable for another
purpose. In addition to the above, the auditor may consider it appropriate to indicate that the auditor’s report is intended
solely for the specific users.
[Appropriate Addressee]
We have audited the accompanying financial statements of ABC Company, which comprise the balance sheet as at
December 31, 20X1, and the income statement, statement of changes in equity and cash flow statement for the year then
ended, and a summary of significant accounting policies and other explanatory information. The financial statements have
been prepared by management of ABC Company based on the financial reporting provisions of Section Z of the contract
dated January 1, 20X1 between ABC Company and DEF Company (“the contract”).
Management is responsible for the preparation of these financial statements in accordance with the financial reporting
provisions of Section Z of the contract; this includes the design, implementation and maintenance of internal control
relevant to the preparation of financial statements that are free from material misstatement, whether due to fraud or error.
Auditor’s Responsibility
Our responsibility is to express an opinion on these financial statements based on our audit. We conducted our audit in
accordance with Philippine Standards on Auditing. Those standards require that we comply with ethical requirements and
plan and perform the audit to obtain reasonable assurance about whether the financial statements are free from material
misstatement.
An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the financial
statements. The procedures selected depend on the auditor’s judgment, including the assessment of the risks of material
misstatement of the financial statements, whether due to fraud or error. In making those risk assessments, the auditor
considers internal control relevant to the entity’s preparation of the financial statements in order to design audit
procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness
of the entity’s internal control. An audit also includes evaluating the appropriateness of accounting policies used and the
reasonableness of accounting estimates made by management, as well as evaluating the overall presentation of the
financial statements.
We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion.
Opinion
In our opinion, the financial statements of ABC Company for the year ended December 31, 20X1 are prepared, in all
material respects, in accordance with the financial reporting provisions of Section Z of the contract.
Without modifying our opinion, we draw attention to Note X to the financial statements, which describes the basis of
accounting. The financial statements are prepared to assist ABC Company to comply with the financial reporting
provisions of the contract referred to above. As a result, the financial statements may not be suitable for another purpose.
Our report is intended solely for ABC Company and DEF Company and should not be distributed to or used by parties
other than ABC Company or DEF Company.
[Auditor’s signature]
[Date of the auditor’s report]
[Auditor’s address]
Audits of Single Financial Statements and Specific Elements, Accounts or Items of a Financial Statement
Introduction
“Element of a financial statement” or “element” means an “element, account or item of a financial statement.” Examples
of Specific Elements, Accounts or Items of a Financial Statement
• Accounts receivable, allowance for doubtful accounts receivable, inventory, including related notes.
• A schedule of externally managed assets and income of a private pension plan, including related notes.
• A schedule of disbursements in relation to a lease property, including explanatory notes.
• A schedule of profit participation or employee bonuses, including explanatory notes.
The auditor shall comply with relevant ethical requirements, including independence and all PSAs relevant to the audit.
If the auditor is not also engaged to audit the entity’s complete set of financial statements, the auditor shall determine
whether the audit of a single financial statement or of a specific element of those financial statements in accordance with
PSAs is practicable.
Form of opinion
The auditor’s decision as to the expected form of opinion is a matter of professional judgment. It may be affected by
whether use of the phrase “presents fairly, in all material respects” in the auditor’s opinion on a single financial statement
or on a specific element of a financial statement prepared in accordance with a fair presentation framework is generally
accepted in the particular jurisdiction.
If the auditor undertakes an engagement to report on a single financial statement or on a specific element of a financial
statement in conjunction with an engagement to audit the entity’s complete set of financial statements, the auditor shall
express a separate opinion for each engagement.
If the auditor concludes that it is necessary to express an adverse opinion or disclaim an opinion on the entity’s
complete set of financial statements as a whole, PSA 705 does not permit the auditor to include in the same auditor’s
report an unmodified opinion on a single financial statement that forms part of those financial statements or on a specific
element that forms part of those financial statements. This is because such an unmodified opinion would contradict the
adverse opinion or disclaimer of opinion on the entity’s complete set of financial statements as a whole.
If the auditor concludes that it is necessary to express an adverse opinion or disclaim an opinion on the entity’s
complete set of financial statements as a whole but, in the context of a separate audit of a specific element that is included
in those financial statements, the auditor nevertheless considers it appropriate to express an unmodified opinion on that
element, the auditor shall only do so if:
a) The auditor is not prohibited by law or regulation from doing so;
b) That opinion is expressed in an auditor’s report that is not published together with the auditor’s report containing the
adverse opinion or disclaimer of opinion; and
c) The specific element does not constitute a major portion of the entity’s complete set of financial statements.
[Appropriate Addressee]
We have audited the accompanying balance sheet of ABC Company as at December 31, 20X1 and a summary of
significant accounting policies and other explanatory information (together “the financial statement”).
Management is responsible for the preparation and fair presentation of this financial statement in accordance with those
requirements of the Financial Reporting Framework in Jurisdiction X relevant to preparing such a financial statement, and
for such internal control as management determines is necessary to enable the preparation of the financial statement that is
free from material misstatement, whether due to fraud or error.
Auditor’s Responsibility
Our responsibility is to express an opinion on the financial statement based on our audit. We conducted our audit in
accordance with Philippine Standards on Auditing. Those standards require that we comply with ethical requirements and
plan and perform the audit to obtain reasonable assurance about whether the financial statement is free from material
misstatement.
An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the financial
statement. The procedures selected depend on the auditor’s judgment, including the assessment of the risks of material
misstatement of the financial statement, whether due to fraud or error. In making those risk assessments, the auditor
considers internal control relevant to the entity’s preparation and fair presentation of the financial statement in order to
design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the
effectiveness of the entity’s internal control. An audit also includes evaluating the appropriateness of accounting policies
used and the reasonableness of accounting estimates, if any, made by management, as well as evaluating the overall
presentation of the financial statement.
We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion.
Opinion
In our opinion, the financial statement presents fairly, in all material respects, the financial position of ABC Company as
at December 31, 20X1 in accordance with those requirements of the Financial Reporting Framework in Jurisdiction X
relevant to preparing such a financial statement.
[Auditor’s signature]
[Date of the auditor’s report]
[Auditor’s address]
Introduction
Summary FSs refer to historical financial information that is derived from FSs but that contains less detail than the FSs,
while still providing a structured representation consistent with that provided by the FSs of the entity’s economic
resources or obligations at a point in time or the changes therein for a period of time.
Engagement Acceptance
The auditor shall accept an engagement to report on summary FSs only when the auditor has been engaged to conduct an
audit of the FSs from which the summary FSs are derived.
Form of Opinion
When the auditor has concluded that an unmodified opinion on the summary FSs is appropriate, the auditor’s opinion
shall use one of the following phrases:
a) The summary FSs are consistent, in all material respects, with the audited FSs, in accordance with [the applied
criteria]; or
b) The summary FSs are a fair summary of the audited FSs, in accordance with [the applied criteria].
When the auditor’s report on the audited FSs contains a qualified opinion, an Emphasis of Matter paragraph, or an Other
Matter paragraph, but the auditor is satisfied that the summary FSs are consistent, in all material respects, with or are a
fair summary of the audited FSs, in accordance with the applied criteria, the auditor’s report on the summary FSs shall:
a) State that the auditor’s report on the audited FSs contains a qualified opinion, an Emphasis of Matter paragraph, or an
Other Matter paragraph; and
b) Describe:
i. The basis for the qualified opinion on the audited FSs, and that qualified opinion; or the Emphasis of Matter or the
Other Matter paragraph in the auditor’s report on the audited FSs; and
ii. The effect thereof on the summary FSs, if any.
When the auditor’s report on the audited FSs contains an adverse opinion or a disclaimer of opinion, the auditor’s report
on the summary FSs shall
a) State that the auditor’s report on the audited FSs contains an adverse opinion or disclaimer of opinion;
b) Describe the basis for that adverse opinion or disclaimer of opinion; and
c) State that, as a result of the adverse opinion or disclaimer of opinion, it is inappropriate to express an opinion on the
summary FSs.
If the summary FSs are not consistent, in all material respects, with or are not a fair summary of the audited FSs, the
auditor shall express an adverse opinion on the summary FSs.
When distribution or use of the auditor’s report on the audited FSs is restricted, or the auditor’s report on the audited FSs
alerts readers that the audited financial statements are prepared in accordance with a special purpose framework, the
auditor shall include a similar restriction or alert in the auditor’s report on the summary FSs.
[Appropriate Addressee]
The accompanying summary financial statements, which comprise the summary balance sheet as at December 31, 20X1,
the summary income statement, summary statement of changes in equity and summary cash flow statement for the year
then ended, and related notes, are derived from the audited financial statements of ABC Company for the year ended
December 31, 20X1. We expressed an unmodified audit opinion on those financial statements in our report dated
February 15, 20X2. Those financial statements, and the summary financial statements, do not reflect the effects of events
that occurred subsequent to the date of our report on those financial statements.
The summary financial statements do not contain all the disclosures required by [describe financial reporting framework
applied in the preparation of the audited financial statements of ABC Company]. Reading the summary financial
statements, therefore, is not a substitute for reading the audited financial statements of ABC Company.
Management is responsible for the preparation of a summary of the audited financial statements in accordance with
[describe established criteria].
Auditor’s Responsibility
Our responsibility is to express an opinion on the summary financial statements based on our procedures, which were
conducted in accordance with Philippine Standard on Auditing (PSA) 810, “Engagements to Report on Summary
Financial Statements.”
Opinion
In our opinion, the summary financial statements derived from the audited financial statements of ABC Company for the
year ended December 31, 20X1 are consistent, in all material respects, with (or a fair summary of) those financial
statements, in accordance with [describe established criteria].
[Auditor’s signature]
[Date of the auditor’s report]
[Auditor’s address]
Audit and attestation reports express any one of four types of opinions: unqualified (the assertion that financial statements
are presented fairly), qualified (presented fairly except), adverse (are not presented fairly), or disclaimer (“we do not
express an opinion…”). The type of opinion expressed depends on the circumstances and on materiality.
Enrichment Activities
Assessment
Lesson 3: THE AUDITOR’S REPORT ON FINANCIAL STATEMENTS
Name: ___________________________________________ Section: _____________ Score: __________
a. I only c. Either I or II
b. II only d. Neither I or II
2. PSA 705 establishes three types of modified opinions, namely, a qualified opinion, an adverse opinion, and a disclaimer
of opinion is appropriate depends upon:
I. The nature of the matter giving rise to the modification, i.e., whether the financial statements are
materially misstated or whether there is an inability to obtain sufficient appropriate audit evidence
II. The auditor’s judgment about the pervasiveness of the effects or possible effects of the matter on the
financial statements.
3. This term is used to describe the effects or possible effects on the financial statements of a matter that, in the auditor’s
judgment, are not confined to specific elements, accounts or items of the financial statements.
a. Persuasive c. Pervasive
b. Reasonable d. Effective
4. When an auditor issues an adverse opinion, the implication is that the auditor
a. Does not know if the statements are presented fairly.
b. Does not believe the statements re fairly presented.
c. Is satisfied that the statements are presented fairly except for a specific aspect of them.
d. Is satisfied that the statements are presented fairly.
5. Addition of an “emphasis off a matter” paragraph o what remains an unqualified opinion is least likely for which of the
following situation?
a. Related party transactions
b. Scope limitation
c. A significant subsequent event
d. An uncertainty
6. When the auditor includes an Emphasis of Matter paragraph in the auditor’s report , the auditor shall
I. Include it immediately after the Opinion paragraph in the auditor’s report.
II. Use the heading “Emphasis of Matter”
III. Include in the paragraph a clear reference to the matter being emphasized and to where relevant
disclosures that fully describe the matter can be found in the financial statements; and
IV.Indicate that the auditor’s opinion is not modified in respect of the matter emphasized
7. An auditor includes a separate paragraph in an otherwise unmodified report to emphasize that the entity being reported
on had significant transactions with related parties. The inclusion of this separate paragraph.
a. Is considered an “except fc r” qualification of the opinion.
b. Violates PSAs if this information is already disclosed in notes to the financial statements.
c. Necessitates a revision of the opinion paragraph to include the phrase “with the foregoing
explanation”
d. Is appropriate and would not negate the unqualified opinion.
9. King, CPA, was engaged to audit the financial statements of Newton Company after its fiscal year had ended. King
neither observed the inventory count nor confirmed the receivables by direct communication with debtors, but was
satisfied concerning both after applying alternative procedures. King’s auditor’s most likely contained a (an).
a. Qualified opinion
b. Disclaimer of opinion
c. Unqualified opinion
d. Unqualified opinion with an explanatory paragraph.
10. Restrictions imposed by a client prohibit the observation of physical inventories, which account or 35% of all assets.
Alternative audit procedures cannot be applied although the auditor was able to examine satisfactory evidence for all other
items in the financial statements.
The auditor should issue a (an).
a. “Except for” qualified opinion.
b. Disclaimer of opinion
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
The Framework does not apply to other services provided by auditors such as taxation, consultancy, and financial and
accounting advice.
Levels of Assurance
Assurance in the context of this Framework refers to the auditor’s satisfaction as to the reliability of an assertion being
made by one party for use by another party. To provide such assurance, the auditor assesses the evidence collected as a
result of procedures conducted and expresses a conclusion. The degree of satisfaction achieved and, therefore, the level of
assurance which may be provided is determined by the procedures performed and their results.
In an audit engagement, the auditor provides a high, but not absolute, level of assurance that the information subject to
audit is free of material misstatement. This is expressed positively in the audit report as reasonable assurance.
In a review engagement, the auditor provides a moderate level of assurance that the information subject to review is free
of material misstatement. This is expressed in the form of negative assurance.
For agreed-upon procedures, as the auditor simply provides a report of the factual findings, no assurance is expressed.
Instead, users of the report assess for themselves the procedures and findings reported by the auditor and draw their own
conclusions from the auditor’s work.
In a compilation engagement, although the users of the compiled information derive some benefit from the accountants’
involvement, no assurance is expressed in the report.
Audit
The objective of an audit of financial statements is to enable the auditor to express an opinion whether the financial
statements are prepared, in all material respects, in accordance with an identified financial reporting framework. The phrase
used to express the auditor’s opinion id “present fairly, in all material respects.” A similar objective applies to the audit of
financial or other information prepared in accordance with appropriate criteria.
In forming the audit opinion, the auditor obtains sufficient appropriate audit evidence to be able to draw conclusions
on which to base that opinion.
The auditor’s opinion enhances the credibility of financial statements by providing a high, but not absolute, level
of assurance. Absolute assurance in auditing is not attainable as a result of such factors as the need for judgment, the use of
testing, the inherent limitations of any accounting and internal control systems and the fact that most of the evidence
available to the auditor is persuasive, rather than conclusive, in nature.
Reviews
The objective of a review of financial statements is to enable an auditor to state whether, on the basis of procedures
which do not provide all the evidence that would be required in an audit, anything has come to the auditor’s attention that
causes the auditor to believe that the financial statements are not prepared, in all material respects, in accordance with an
identified financial reporting framework. A similar objective applies to the review of financial or other information prepared
in accordance with appropriate criteria.
A review comprises inquiry and analytical procedures which are designed to review the reliability of an assertion
that is the responsibility of one party for use by another party. While a review involves the application of audit skills and
techniques and the gathering of evidence, it does not ordinarily involve an assessment of accounting and internal control
systems, tests of records and of responses to inquiries by obtaining corroborating evidence through inspection, observation,
confirmation and computation, which are procedures ordinarily performed during an audit.
Although the auditor attempts to become aware of all significant matters, the procedures of a review make the achievement
of this objective less likely than in an audit engagement, thus the level of assurance provided in a review report is
correspondingly less than that given in an audit report.
Related Services
Agreed-upon Procedures
In an engagement to perform agreed-upon procedures, an auditor is engaged to carry out those procedures of an
audit nature to which the auditor and the entity and any appropriate third parties have agreed and to report on factual findings.
The recipients of the report must form their own conclusions from the report by the auditor. The report is restricted to those
parties that have agreed to the procedures to be performed since others, unaware of the reasons for the procedures, may
misinterpret the results.
Compilations
In a compilation engagement, the accountant is engaged to use accounting expertise as opposed to auditing expertise
to collect, classify and summarize financial information. This ordinarily entails reducing detailed data to a manageable and
understandable form without a requirement to test the assertions underlying that information. The procedures employed are
not designed and do not enable the accountant to express any assurance on the financial information. However, users of the
compiled financial information derive some benefit as a result of the accountant’s involvement because the service has been
performed with due professional skill and care.
Summary of the Lesson
Assurance services improve (or report on) the quality of information; in contrast, attestation services are a type of assurance
service about subject matter that is the responsibility of another party. In today’s era, accountants (CPAs and NonCPAs) are
mostly engaged in non-assurance services because of the impact of the issuances from the BIR such as P3million sale
threshold and 8% income tax for mixed income earners which are not present before.
Enrichment Activities
Assessment
Lesson 4: ASSURANCE AND RELATED SERVICES
Name: ___________________________________________ Section: _____________ Score: __________
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
1. Practice of Public Accountancy – Practice of public accountancy shall constitute in a person, be it his/her
individual capacity, or as a partner or as a staff member in an accounting or auditing firm, holding out
himself/herself as one skilled in the knowledge, science and practice of accounting, and as a qualified person to
render professional services as a certified public accountant; or offering or rendering, or both, to more than one
client on a fee basis or otherwise, services such as:
a. The audit or verification of financial transaction and accounting records
b. The preparation, signing, or certification for clients of reports of audit, balance sheet, and other financial,
accounting and related schedules, exhibits, statements or reports which are to be used for publication or for
credit purposes, or to be filed with a court or government agency, or to be used for any other purpose
c. The design, installation, and revision of accounting system
d. The preparation of income tax returns when related to accounting procedures
e. The representation of clients before government agencies on tax and other matters related to accounting
f. Renders professional assistance in matters relating to accounting procedures and the recording and presentation
of financial facts or data
2. Practice in Commerce and Industry – Practice in commerce and industry shall constitute in a person:
a. Involved in decision making requiring professional knowledge in the science of accounting, (as well as the
accounting aspects of finance and taxation); or
b. When the CPA represents his employer before government agencies on tax and other matters related to
accounting
c. When such employment or position requires that the holder thereof must be a CPA.
The IRR provides that business or company in the private sector should employ a duly registered
CPA if:
a. Paid-up capital is at least P5.0 million; and/or
b. Annual revenue is at least P10.0 million
3. Practice in Education / Academe – Practice in education or the academe shall constitute in a person in an
educational institution which involve teaching of accounting, auditing, management advisory services, finance,
business law, taxation, and other technically related subjects.
4. Practice in Government – Practice in the government shall constitute in a person who holds, or is appointed to, a
position in an accounting professional group in government or in a government-owned and/or controlled
corporation, including those performing proprietary functions, where decision making requires professional
knowledge in the science of accounting, or where a civil service eligibility as a CPA is a prerequisite.
Sector – is the area of practice of accountancy namely public accountancy, commerce and industry,
academe/education and government
Certificate of Accreditation – a certificate under seal, issued by the PRC upon the recommendation
by the BOA, attesting that Individual CPAs, including the staff members thereof, firms including the
sole proprietors and the staff members thereof and partnerships of CPAs including the partners and
the staff members thereof, are duly accredited to practice public accountancy in the Philippines.
CPA Examinations:
All applicants for registration for the practice of accountancy shall be required to undergo a licensure examination to
be given by the BOA in such places and dates as the PRC may designate subject to compliance with the requirements
prescribed by the PRC in accordance with Republic Act No. 8981.
2. Scope of Examinations:
The CPA examination shall cover, but are not limited to, the following subjects:
1. Theory of Accounts (80 – 100 items)
2. Business Law and Taxation (50 – 70 items)
3. Management Services (50 – 70 items)
4. Auditing Theory (80 – 100 items)
5. Auditing Problems (40 – 50 items)
6. Practical Accounting I (40 – 50 items)
7. Practical Accounting II (40 – 50 items)
4. Removal Examination:
• The candidates with conditional status shall take an examination in the remaining subjects within 2 years from
the preceding examination.
• If the candidate fails to obtain at least a general average of 75% and a rating of at least 65% in each of the
subjects reexamined, he/she shall be considered as failed in the entire examination.
• The original exam and the removal exam are counted as one exam only.
• The examination in which the candidate was conditioned together with the removal examination
on the subject in which he/she failed shall be counted as one complete examination.
• The IRR provides that the required refresher course (whether regular or special refresher course)
shall be offered only by an educational institution granting a degree of BSA.
• Certificate of Registration – has no expiry; shall remain in full force until/unless withdrawn,
suspended or revoked
• Professional Identification Card – subject to expiry; renewable every 3 years
• The BOA shall not register either, any person who has falsely sworn, or misrepresented
himself/herself in his/her application for examination.
• Registration shall not be refused and a name shall not be removed from the roster of CPAs on
conviction for a political offense (or for an offense, in the opinion of the BOA, that does not
disqualify a person from practicing accountancy)
Suspension and Revocation of Certificates of Registration and Professional Identification Card and Cancellation of
Special Permit:
The BOA shall have the power, upon due notice and hearing, to:
a. Suspend or revoke the practitioner’s certificate of registration and professional identification card
b. Suspend him/her from the practice of his/her profession
The members in the said integrated and accredited national professional organization shall receive benefits and
privileges appurtenant thereto upon payment of required fees and dues. Membership in the integrated organization shall not
be a bar to membership in any other association of CPA.
• CPE Objective:
a. To provide and ensure the continuous education of a registered professional with the latest trends in the
profession brought about by modernization and scientific and technological advancements;
b. To raise and maintain the professional's capability for delivering professional services;
c. To attain and maintain the highest standards and quality in the practice of his profession;
d. To make the profession globally competitive; and
e. To promote the general welfare of the public.
• Continuing Professional Education (CPE) – refers to the inculcation assimilation and acquisition of knowledge,
skills, proficiency and ethical and moral values, after the initial registration of a professional that raise and enhance
the professional's technical skills and competence
• CPE program – consists of properly planned and structured activities, the implementation of which requires the
participation of a determinant group of professionals to meet the requirements of voluntarily maintaining and
• All CPAs shall comply with the rules and regulations on CPE.
Code of Ethics for Professional Accountants in the Philippines (the Code of Ethics) promulgated by the Board of
Accountancy
Compliance with the Code of Ethics is necessary in order to ensure the highest quality of performance and to maintain
public confidence in the profession and in the context of audit of financial statements, maintain public confidence in the
auditor’s work.
1. Part A of the Code of Ethics – establishes the fundamental principles of professional ethics relevant to the auditor
when conducting an audit of financial statements and provides a conceptual framework for applying those principles
The fundamental principles of professional ethics are:
a) Integrity
b) Objectivity
c) Professional competence and due care
d) Confidentiality, and
e) Professional behavior
2. Part B of the Code of Ethics – illustrates how the conceptual framework is to be applied in specific situations
3. Independence
• It is in the public interest that the auditor be independent of the entity subject to the
audit.
• The auditor’s independence from the entity safeguards the auditor’s ability to form an
audit opinion without being affected by influences that might compromise that opinion.
• Independence enhances the auditor’s ability to act with integrity, to be objective and to
maintain an attitude of professional skepticism.
Independence requirements comprise of both:
a) Independence of mind
b) Independence in appearance
Enrichment Activities
Assessment
Lesson 5: THE CODE OF ETHICS AND REPUBLIC ACT 9298
Name: ___________________________________________ Section: _____________ Score: __________
Instructions: Encircle the letter of your answer. Erasures/Alterations are not allowed.
1. Which statement is incorrect regarding the Revised Code of Ethics for Professional Accountants in the
Philippines?
a. Professional accountants refer to persons who are Certified Public Accountants (CPA) and who hold a valid
certificate issued by the Board of Accountancy.
b. Where a local law is in conflict with a provision of the IFAC Code, the IFAC Code requirement prevails.
c. The Revised Code of Ethics for Professional Accountants in the Philippines is mandatory for all CPA’s and is
applicable to professional services performed in the Philippines on or after June 30, 2008.
d. Professional accountants should consider the ethical requirements as the principles which they should follow
in performing their work.
2. Which statement is incorrect regarding the Code of Ethics for Professional Accountants in the Philippines?
a. The objectives as well as the fundamental principles are of a general nature and are not intended to be used to
solve a professional accountant’s ethical problems in a specific case.
b. The code is divided into two parts, part A and part B.
c. Part A refers to general applications of the code
d. Part B applies only to those professional accountants in public practice.
3. In order to achieve the objectives of the accountancy profession, professional accountants have to observe a
number of prerequisites or fundamental principles. The fundamental principles include the following, except
a. Objectively
b. Professional Competence and Due care
c. Confidentiality
d. Confidence
4. Which of the following is not explicitly referred to in the Code of Ethics as source of technical standards?
a. Commission of Audit (COA)
b. Auditing standards and Assurance Council (AASC)
c. Securities and Exchange Commission (SEC)
d. Relevant legislation
5. Professional accountants may encounter problems in identifying unethical behavior or in resolving an ethical
conflict. When faced with significant ethical issues, professional accountants should do the following, except
a. Follow the established policies of the employing organization to seek a resolution of such conflict.
b. Should not consult with those charged with governance of the organization, such as the board of directors or
the audit committee.
c. If a significant conflict cannot be resolved, a professional accountant may wish to obtain professional advice
from the relevant professional body or legal advisors, and thereby obtain guidance on ethical issues without
breaching confidentiality.
d. If, after exhausting all relevant possibilities, the ethical conflict remains unresolved, a professional accountant
should, where possible, refuse to remain associated with the matter creating the conflict.
6. Which of the following statements is (are) correct about objectivity and integrity?
a. The principle of integrity imposes the obligation on all professional accountants to be straightforward and
honest in professional and business relationship. Integrity also implies fair dealing and truthfulness.
b. The principle of objectivity imposes an obligation on all professional accountants not to compromise their
professional or business judgment because of others.
c. Both a and b.
d. Neither a nor b.
7. A professional accountant should not be associated with reports, returns, communications or other information
that
a. Contains a false or misleading statement
b. Contains statements or information furnished recklessly or without any real knowledge of whether they are
true or false.
c. Omits or obscures information required to be submitted and such omission or obscurity would be misleading.
d. All of the above.
8. Which of the following is incorrect regarding professional competence and due care?
a. Professional competence may be divided into three separate phases.
b. The attainment of professional competence requires initially a high standard of general education.
c. The maintenance of professional competence requires a continuing awareness of development in the
accountancy profession.
d. Diligence encompasses the responsibility to act in accordance with the requirements of an assignment,
carefully, thoroughly and on a timely basis.
9. Which of the following is the least required in attaining professional competence?
a. High standard of general education.
b. Specific education, training and examination in professionally relevant subjects.
c. Period of meaningful work experience.
d. Continuing awareness of development in the accountancy profession.
10. Which of the following is incorrect regarding confidentiality?
a. Professional accountants have an obligation to respect the confidentiality of information about a client’s or
employer’s affairs acquired in the course of professional services.
b. The duty of confidentiality ceases after the end of the relationship between the professional accountant and
the client or employer.
c. Confidentiality should always be observed by a professional accountant unless specific authority has been
given to disclose information or there is a legal or professional duty to disclose.
d. Confidentiality requires that a professional accountant acquiring information in the course of performing
professional services neither uses nor appear to use that information for personal advantage or for the
advantage of a third party.
11. A professional accountant has a professional duty or right to disclose confidential information in each of the
following, except
a. To comply with technical standards and ethics requirements
b. To disclose to BIR fraudulent scheme committed by the client on payment of income tax.
c. To comply with the quality review of a member body or professional body
d. To respond to an inquiry or investigation by a member body or regulatory body.
12. The principle of professional behavior imposes an obligation on professional accountants to
a. Comply with relevant laws and regulations
b. Avoid any action that may bring discredit to the profession
c. Both a and b
d. Neither a nor b
13. In marketing and promoting themselves and their work, professional accountants should
a. Not use means which brings the profession into disrepute
b. Not make exaggerated claims for the services they are able to offer, the qualifications they possess, or
experience they have gained.
c. Not make disparaging references or unsubstantiated comparisons to the work of others
d. All of the above.
References
Salosagcol J., Tiu M., Hermosilla R. Auditing Theory (A guide in understanding PSA) 2014
Philippine Standards on Auditing
Auditing by David N. Ricchiute
Auditing & Assurance Principles by Ireneo J, Ireneo S. & George J.
Various review centers
Wiley CPA excel 2016 Focus notes
LEARNING MODULE
CHECKED BY
APPROVED BY
ELLEN C. ALMORO
Director
Department of Business Education