AUDIT EVIDENCE

SUFFICIENT
▪ AMOUNT or QUANTITY of evidence
▪ Related terms:
o PSA 550 Quantity
o PSA 530 Size
o PSA 330 Extent
▪ Relationships and considerations:
o More competent, less evidence
o More material, more evidence
o Riskier, more evidence
o Experience
▪ GENERALIZATIONS:
o Quality, Sufficiency
o Poor quality cannot be compensated
by the amount of evidence
APPROPRIATE
▪ Measures the QUALITY of evidence
RELIABILITY
1. NATURE of evidence
✓ Type of procedures
(HOW?)
✓ DIRECT VS. INDIRECT
2. SOURCE of evidence
✓ External vs. Internal
RELEVANCE
▪ BEARING on objective
▪ Consistent with objective
▪ Timeliness of evidence
R&O – records and
documents (direction of
test)
EXISTENCE – actual asset
itself

G DIRECT INDIRECT
E ▪ First-hand ▪ Inquiry (internal)
o Inspection, Observation, ✓ Valid
N
Recalculation, Reperformance ✓ Frequently used
E
R EXTERNAL INTERNAL
A
EFFECTIVE INTERNAL CONTROLS INEFFECTIVE
L
I DOCUMENTED ORAL
Z
A Do we accept records and documents as GENUINE? YES
T ▪ With reasonable doubt --- investigate further
Do we authenticate documents? NO
I
▪ Unless there is reasonable doubt
O Do we make legal determination of fraud? NO
N
S ORIGINAL PHOTOCOPIES

ASSERTIONS
C Completeness V Valuation and C Classification and
O Occurrence A Allocation Understandability
C Classification C Completeness O Occurrence & R&O
A Accuracy E Existence C Completeness
C Cut-Off R Rights and Obligations A Accuracy and V&A
TRANSACTIONS BALANCES PRESENTATION & DISCLOSURE
 AUDIT PROCEDURES
INQUIRY Seeking information from knowledgeable persons
✓ VALID
✓ INDIRECT
✓ INTERNAL
INSPECTION Of Asset (Existence) – first to address
Of Records and Documents (R&O)

EXC: Assets without physical form (Records and Documents ONLY)

▪ Investments – Stock certificate
▪ Notes Receivable – Promissory Note
▪ Patent – Registration document
▪ Goodwill - RECALCULATION

OBSERVATION Looking at a PROCESS or PEOPLE DOING THE PROCESS

RECALCULATION Checking the mathematical accuracy or performing independent
calculations
REPERFORMANCE Independent execution of the process
Example: Performing a test count on a sample of inventory.
CONFIRMATION From External Parties through a CONFIRMATION LETTER, a special form
of INQUIRY
ANALYTICAL ✓ Analysis of significant ratios and trends, relationships
PROCEDURES ▪ Abnormal
▪ Inconsistent
▪ Fluctuation
✓ TEST OF REASONABLENESS
▪ Reasonable --- work less
▪ Unreasonable --- work more

TRUE ▪ One procedure: One assertion

Inspection of obsolete inventory --- Valuation and Allocation
▪ One procedure: Two or more assertions
External confirmation of AR --- Existence and R&O
▪ Two or more procedures: One assertion
Inspection, Inquiry, Observation, etc. --- Material Inventory
▪ At least one procedure addresses at least one assertion

RULES ON GATHERING EVIDENCE

1. Many Alternative procedures – choose the alternative with the LOWEST COST (Economies of audit)
2. No Alternative procedure – Regardless of difficulty, cost, and inconvenience, GATHER THE
EVIDENCE
3. Evidence is MORE IMPORTANT than the cost.
 TRANSACTION CYCLES
REVENUE CYCE

Inventory
Sales Credit Shipping Billing Accounting
control or
Department Deparrtment Department Department Department
warehouse

VALUATION R&O ACCURACY

SALES DEPARTMENT ACTIVITIES: CONTROLS:

Obj: Increase Sales
CREDIT DEPARTMENT
Obj: Minimize exposure
to high-risk customers
WAREHOUSE
Obj: To control transfers
of inventory
SHIPPING
DEPARTMENT
Obj: All shipments are
authorized, and
customers are billed
BILLING DEPARTMENT
Obj: All billings are
shipped
ACCOUNTING ACTIVITIES:
DEPARTMENT
1. Looks and negotiates terms with
customers
2. Prepares SALES ORDER
3. Monitors status of Order and
updates the customer
4. Grants sales returns and
allowances and prepares CM
ACTIVITIES:
1. Investigate customer credit ratings
2. APPROVED SALES ORDER/ CREDIT 2.ISSUES list of authorized customers
REQUEST
3. Notify the sales department
ACTIVITIES:
1. Reviews approved sales order---
“GO” signal
2. Monitors the availability of goods
ordered
3. Authorizes the issuance of goods
ACTIVITIES:
1. Prepares SHIPPING DOCUMENTS
(BOL or Delivery receipt)
2. Release goods to carrier and
obtains receipt
3. Notify sales department
ACTIVITIES:
1. Prepares SALES INVOICE after
comparing sales order and
approved sales order
1. Matches SO, SD, SI (source documents)
2. Entries in the journals and ledgers (accounting records)
1. Exclusive function to communicate with
customers
2. MAINTAINS list of authorized
customers
3. Maintains range of prices for products
CONTROLS:
1.Independent from sales department
CONTROLS:
1. Inventory control providing sales
department an access to inventory
LEVELS
2. Inventory management concepts
CONTROLS:
1. Pre-numbered shipping documents
2. Related billings are made om a periodic
basis
CONTROLS:
1. Pre-numbered sales invoice
2. Shipping document first before
preparing invoice.

AUDITOR’S CONCERN:
Approved
Shipping Doc. Sales Invoice ISSUE
Sales Order
CASE 1 R&O
CASE 2 VALUATION
CASE 3 ACCURACY
OTHER ISSUES
CASH SALES No participation of CREDIT DEP’T SMALL INHERENT: No Segregation of Duties
Lower Segregation of Duties ENTITY
TO OFFSET: Active participation of
owner-manager or strict monitoring
known as the COMPENSATING CONTROL.
 COLLECTION CYCLE

MAILROOM

ACCOUNTING DEPARTMENT TREASURY DEPARTMENT

MAILROOM ACTIVITIES:
▪ Receives remittance advice (date of payment and balance) and customer
check
▪ Restrictively endorse the check
▪ Prepares list of remittances (if NO remittance advice)

ACCOUNTING DEPARTMENT
TREASURY DEPARTMENT
PREVENTIVE CONTROL:
▪ Minimum of two (2) receptionists (JOINT CUSTODY)
▪ Remittance advice vs. cash summaries (from treasury)
▪ Updates accounting records
▪ Updates cash records, prepares deposit slips, prepares cash summaries,
deposits cash collections

RULES ON DEPOSIT:
✓ At the end of the day OR
✓ Next business day

TREASURER: Authorization concern; Holds investment (buy and sell)

CASHIER: No authorization function

AUDITOR’S CONCERN
Detection of Prompt Deposits and Lapping Compare RADS. (Remittance Advice; Deposit slips)
Prevent Lapping Direct deposit to bank by customer. (LOCKBOX) This is only
accessible by the bank employees.
CONCEALMENT OF LAPPING THROUGH:
Write-off Scan the journal entries near year-end.

AUTHORIZATION OF WRITE-OFF: TREASURER

Journal Voucher Form

Sales return Scan the journal entries near year end.

Where are the returns? Warehouse (EXISTENCE)
Where are the records and documents? Credit Memo (R&O)

Skimming Theft with no record

“NO TRACES AT ALL”
Most effective way of concealment
Most difficult to detect

User
Department
USER DEPARTMENT
PURCHASING DEPARTMENT
Obj: To meet the needs of user
departments at least possible cost
RECEIVING DEPARTMENT (Warehouse)
Obj: Received goods are based on
approved purchase order
ACCOUNTING DEPARTMENT
ACOOUNTING DEPARTMENT
ACCOUNTING DEPARTMENT (VOUCHERS)
Obj: Payments will be made ONLY to
shipments received
TREASURY DEPARTMENT
ACQUISITION CYCLE
Purchasing Receiving Accounting
Department Department Department
Prepares PUCHASE REQUISITION SLIP
✓ General request: Usual amounts
✓ Special request: large amounts, thus, requires the approval of an
officer
▪ Upon consultation with the Budget, approves the request
▪ Communication with the vendors; Checks quantity and quality
▪ Prepares list of authorized suppliers
▪ Prepares the PURCHASE ORDER
--- supplier, receiving department, accounting, user department
AUDITOR’S CONCERN:
“Side Agreements” and/or Kickbacks and Bribe
Preventive Control: Competitive Bidding to promote transparency
▪ Accept incoming deliveries per Approved Purchase Order (should
be a BLIND COPY specifically the quantity)
▪ Counts and checks the goods for BOTH quantity and condition
PURPOSE OF BLIND COPY:
✓ To prevent UNDERDELIVERY
✓ To prevent OVERPAYMENT
✓
▪ Prepares RECEIVING REPORT (accompanied by purchase order
and the BOL from the supplier)
▪ Matches the source documents:
✓ Purchase order (approved purchase requisition)
✓ Receiving report
✓ Vendor’s Invoice
▪ Updates the accounting records
DSIBURSEMENT CYCLE
TREASURY DEPARTMENT
▪ Receives Statement of Accounts and prepares the VOUCHER
▪ Prepares VOUCHER PACKAGE (PR, PO, RR, Vendor’s Invoice,
monthly statements) and daily summary
▪ Prepares CHECKS *
▪ Signs the check
✓ General check – 1 signatory (CONTROL: at least two)
✓ Specific check – 2 or more signatories (Higher officer
signs first)
▪ Mails the check (the last who signed mails the check)
▪ Cancels the supporting documents when payment is delivered:
✓ Stamp “PAID”
✓ Write Check No. on Voucher
VOUCHER – evidence of authorized expenditure
CANCELLED CHECKS – evidence of actual payment

Personnel
Department
(HR)
PERSONNEL (HR) DEPARTMENT
Obj: To ensure employees in payroll are
rendering services to the company
PRODUCTION DEPARTMENT (USER)
Obj: To ensure that time records
represent actual hours
ACCOUNTING EPARTMENT (PAYROLL)
Obj: To ensure that payroll calculation in
every period is correct
TREASURY DEPARTMENT
Obj: All payroll cash disbursements are
based on recognized liability
PAYROLL CYCLE
Production Accounting Treasury
Department
(User) Department Department
▪ In-charge of hiring and firing of personnel
▪ Rate establishment and promotion
▪ Determines who shall be included and excluded in the payroll
▪ Determines terms of settlement for terminated employees
▪ Sets policy
▪ AUTHORIZATION function
CLOCKCARDS
▪ Proof of service hours
▪ Advantage over technology: Authorization control
▪ EXISTENCE
TIME TICKET
▪ Breakdown of service hours and assignment to specific
jobs
▪ VALUATION
CLOCKCARD vs, TIME TICKET --- Tests ACCURACY.
▪ Prepares PAYROLL REGISTER
▪ Considers updates on employee’s pay rates and deductions
AUDITOR’S CONCERN:
✓ Ask for a copy of the Payroll Register
✓ NAME OF EMPLOYEES --- ask HR department
✓ HOURS --- ask Production department
✓ RATES --- ask the HR department
✓ GROSS PAY --- Recalculation
✓ DEDUCTIONS --- Not usually audited but considered for
noncompliance issues
✓ NET PAY --- Recalculation
EXISTENCE --- for ghost employees
▪ Prepares payment in an envelope for the PAY-OFF (payroll
distribution)
RULES ON UNCLAIMED PAYROLL
▪ CASH: Deposit to a Special Account in bank
▪ CHECK: Retained by the Treasurer
AUDITOR’S CONCERN:
✓ Observe the distribution process. (EXISTENCE)
✓ Overpayment (EXISTENCE)
✓ ABSENT EMPLOYEES --- ask the HR department if the employee
is not a ghost employee
 PRODUCTION CYCLE (Materials)

STORE Production STOCK Shipping

ROOM Department ROOM Department

STOREROOM ▪ For raw materials

▪ Request materials from the Purchasing department through a PURCHASE
REQUISITION SLIP
▪ Receives the goods from the receiving department (general warehouse)
▪ Issues raw materials to production upon receipt of the MATERIAL
REQUISITION SLIP

PRODUCTION DEPARTMENT ▪ Prepares MATERIAL REQUISITION SLIP --- document of issuance of raw
materials
▪ Prepares MATERIAL USAGE REPORT --- summarizes the use of materials

MRS vs. MUR --- addresses EXISTENCE

STOCK ROOM Stores Finished Goods awaiting sale

ACCURACY --- Recorded inventory against physical count

SHIPPING DEPARTMENT *see Revenue Cycle

FINANCE AND INVESTMENT CYCLE

FINANCE INVESTMENT
CUSTODY UNISSUED EQUITY AND DEBT ▪ Negotiable certificates --- brokerage account
CERTIFICATES --- Appropriate Internal ▪ Titles to real estates --- safe with entity OR
Official (Secretary) OR independent bank safe deposit box
external custodian

AUTHORIZATION BOD BOD or investment committee

RECORDING General accounting General accounting OR Treasury Department

(for the subsidiary ledgers)

ACCESS At least two high-ranking official (Dual Control or Joint Custody)

GENERAL CONSIDERATIONS

INCOMPATIBLE DUTIES DIRECTIONAL TESTING

Optimum
o Authorization Occurrence; Overstatement Tracing
o Recording Vouching; Validity Completeness
o Independent checks Existence Understatement
o Custody Records Pre-numbered documents
o Execution Source documents
UNBILLED SHIPMENTS
MAS --- CARE o Start with what is present
Minimum --- CAR o In this case, sample is taken from the shipping documents
to test for the failure to bill.
 ACCEPTANCE
A AUDITABILITY Adequacy of records

P PRE-CONDITIONS OF AUDIT 1. The client uses an acceptable framework: PFRS.

2. PREMISE of audit is understood by management.
i. FS is an EXCLUSIVE responsibility of management.
(Should not share responsibility with external & internal auditors)
ii. Audit DOES NOT RELIEVE management from such responsibility.

R RELEVANT ETHICS PICPO + Independence

COMPETENCE – Auditor has necessary skills and competence to handle

the engagement.

I INTEGRITY OF CLIENT LIARS

LOW AUDIT FEE

IDENTITY AND REPUTATION OF:

✓ Key management
✓ Related Parties

ATTITUDE TOWARDS AGGRESSIVE ACCOUNTING

REASONS FOR CHANGE OF AUDITORS

▪ Acquired through communication with the predecessor auditor

RULES ON COMMUNICATION
✓ Ask permission from management.
✓ Predecessor agreed yet management refused --- Predecessor
shall inform the successor regarding such refusal.
✓ WHAT TO ASK?
1. Reasons for change of auditors
2. Material disagreements with management
3. Facts that may affect integrity of management

SCOPE LIMITATION --- Decline or reject the engagement.

M MUTUAL UNDERSTANDING ENGAGEMENT LETTER – documents the mutual understanding of the

client and the auditor.

CONTENTS (FOREBER MUR):

Forms of Report
Objective and Scope of the Audit (includes limitations)
Responsibilities of Auditor
Expected Reports (audit report, Management Letter, etc.)
Billings and Fees
Experts and Others
Responsibilities of Management (FS, IC, Unrestricted Access)

MRL --- expectation to receive such

Unavoidable RMM may remain undiscovered (limitations)
Request for client to confirm terms of engagement

IMPORTANCE:
1. Avoid misunderstanding
2. Document and confirm the auditor’s acceptance of engagement
 RECURRING AUDIT:
NO NEED to send new EL UNLESS:
✓ Client misunderstands the objective and scope of audit
✓ Revised or special terms of engagement
✓ Recent change of senior management, BOD, or ownership
✓ Significant change in NATURE or SIZE of client
✓ Legal requirements & pronouncements

AUDIT OF COMPONENTS:
Factors affecting decision to send a SEPARATE LETTER (CLOSIE):
Component Auditor (Who appoints the CA?)
Legal requirements
Ownership by the parent
Separate Audit report is to be issued on component
Independence of component management
Extent of any worked performed by other auditor

E EVIDENCE Sufficient Appropriate Audit Evidence

LETTERS
REQUIRED? PREPARER SIGNATORY STAGE
ENGAGEMENT Mutual understanding between
AUDITOR
LETTER the auditor and the client YES AUDITOR EARLY
AND CLIENT
MANAGEMENT ▪ Summary of Findings and
LETTER recommendations
▪ Can be used to add requirements NO AUDITOR AUDITOR LATE
but not to remove

MANAGEMENT Documents management’s

REPRESENTATION acceptance of its responsibility YES CLIENT CLIENT LATE
LETTER

CHANGES IN TERMS OF AUDIT

LOW TO HIGH ASSURANCE ALLOWED as long as auditor is willing to comply with the necessary
requirements

HIGH TO LOW ASSURANCE GR: NOT ALLOWED

(Lowering level of assurance)
RULES:
✓ With REASONABLE JUSTIFICATION
▪ Change in need of service
▪ Misunderstanding as to nature of audit originally requested

DO NOT REFER TO ORIGINAL PROCEDURES AND ORIGINAL ENGAGEMENT.

EXC: The new engagement is an AGREED-UPON PROCEDURES

✓ WITHOUT RJ --- Withdraw and determine any obligations to report to other

parties.

ISSUES WERE IDENTIFIED

AUDITOR DECIDES TO CONTINUE Document how issues were resolved.

AUDITOR DECIDES TO WITHDRAW Communicate reasons to management and TCWG.

Document matters regarding withdrawal
 RISK ASSESSMENT PROCEDURES
RISK ASSESSMENT
PROCEDURES

ENTITY AND ENVIRONMENT INTERNAL CONTROL

▪ FS Level ▪ People and process to prevent, detect, correct
▪ Assertion level (accounts, balances, transactions) inherent risks

INHERENT RISK RMM CONTROL RISK

DETECTION RISK
AUDIT RISK

INHERENT RISK ➢ Susceptibility of ABT to misstatement assuming there were no

related controls.
✓Cash --- theft ➢ May be assessed
✓Bonds payable, leases, pensions --- complex calculations quantitatively or
✓Profit-based bonus --- Manipulation qualitatively,
✓Related-party transactions --- Lack of objectivity individually, or
✓Estimated transaction --- Inherently risky by nature together, @100%
BUT NOT 0%
➢ The more susceptible to misstatement, the higher the IR, the
more procedures are required. ➢ Exists
➢ Lower IR --- less extensive procedures INDEPENDENT of
audit
CONTROL RISK ➢ Risk that cannot be prevented or detected and corrected on a
timely basis by internal controls ➢ Can be assessed by
▪ LOW (less than high, below max): Auditor plans to rely auditor BUT NOT
on internal controls. CONTROL
▪ HIGH (maximum): Auditor believes that control may not
be effective.

RISK OF ➢ It is a function of both the inherent risk and the control risk.
MATERIAL ➢ RMM from fraud is considered as SIGNIFICANT RISK (a risk that requires special
MISSTATEMENTS considerations).

DETECTION RISK ➢ PROCEDURES performed by auditor to reduce audit risk to an acceptable low level
will NOT DETECT misstatement that exists and that could be material.
➢ Generally controlled by auditor

AUDIT RISK ➢ Auditor EXPRESSES an INAPPROPRIATE audit opinion when FS are materially
misstated.
➢ AR = (IR * CR) * DR
➢ Complement of Level of Assurance (user’s confidence) obtained and conveyed
➢ INVERSELY related to Materiality

RISK ➢ Performed to obtain an understanding of entity, its environment, and internal control
ASSESSMENT AND to determine the NET of FAPs
PROCEDURES ➢ On compliance with laws and regulations, auditor shall obtain an understanding of:
▪ Legal and regulatory framework applicable to entity
▪ How the entity is complying with that framework
➢ The depth of overall understanding required by auditor is LESS THAN that possessed
by the management.
➢ To Achieve Efficiency, RAP may be performed concurrently with FAP.

➢ MINIMUM PROCEDURES: Inquiry (of management and others within the entity;
Analytical procedures, Observation, Inspection (of assets and of documents).
 Inquiry with TCWG; Internal Audit personnel; Employees; In-house legal counsel
others
UNDERSTANDING ✓ Measurement and review of financial performance
OF ENTITY AND ✓ Nature of incentives
ENVIRONMENT ✓ Objectives and strategies, including related business risks
✓ Selection and application of accounting policies, and reasons for change
✓ External factors (demand competition, etc.)
[

INITIAL AUDIT CONTINUING AUDIT

▪ Prior year FS were unaudited ▪ Same auditor during consecutive years
▪ Prior year FS were audited by another auditor
▪ Prior year working paper or documentation
▪ PSA 510: Opening balances o PERMANENT: working paper of continuing
o May contain material misstatements importance
o Makes initial audit riskier

ASSESS THE LEVEL OF ASSESS THE LEVEL OF

INHERENT RISK CONTROL RISK
DETERMINE THE
SET DESIRED LEVEL Auditor may rely on Studying and ACCEPTABLE
OF AUDIT RISK his knowledge of the evalutaing the DETECTION RISK DESIGN
client's business and effectiveness of the SUBSTANTIVE TESTS
Based on judgment Computed using the
industry and results client's accounting
Formula Model
of preliminary and internal control
analytical procedures systems

STEPS IN USING THE AUDIT RISK FORMULA


MAIN OBJECTIVE: To determine
the scope of audit procedures
DYNAMIC – It can change
anytime.
CONTINUAL AND ITERATIVE –
It is repetitive.
NOT DISCRETE
NOT INDPENDENT
AUDIT PLANNING
BENEFITS (CAFÉ PA)
Coordination of work done by auditors and experts
Assignment of work properly
Facilitating the direction and supervision of engagement team members
Effective and efficient audit
Potential problems are identified and addressed on a timely basis
Appropriate attention is devoted to important areas

OUTPUTS OF AUDIT PLANNING

OVERALL AUDIT STRATEGY AUDIT PLAN

▪ Sets the Scope, Timing, and Direction of audit ▪ MORE DETAILED because it includes the NTE of
(STD) procedures to be performed by ET members
o DIRECTION --- risk based i.e., we only focus on ✓ RAPs
risky areas *Understanding of internal control has a
▪ Guides the development of the audit plan LARGE, HUGE IMPACT on audit program
✓ FAPs
▪ INVOLVED: Key management and key personnel ✓ Other Procedures
▪ DOCUMENTATION: Memorandum
▪ MATERIALITY: Overall materiality (a.k.a. ▪ INVOLVED: All
Preliminary materiality, FS materiality) ▪ DOCUMENTATION: Checklist and Standard Audit
✓ MAXIMUM misstatement that an auditor can Program
tolerate and still conclude that the FS is fairly
presented. (ACCEPTABILITY) Standard Audit Program – list of audit procedures
▪ BASIS: to be performed and contains:
✓ Prior year FS Procedures
✓ Interim FS Objectives
✓ Budgeted FS/ Forecasted FS Assertions
Difference? NOTE: If CR is low, include TOC. But if CR is high,
▪ BENCHMARK – depends on the need of the user. EXCLUDE TOC.
It is usually one of the ff. :
✓ NIBT “common” (for profit-oriented users) ▪ MATERIALITY: Performance materiality which
✓ Total Revenue addresses specific accounts
✓ Total Asset ✓ SMALLEST amount of misstatement that has
✓ Gross Profit an impact on FS. (AUDITABILITY)
✓ Total Current Assets

Procedures Evidence Risk Materiality

Inversely related

FACTORS AFFECTING THE NATURE AND INITIAL AUDIT ENGAGEMENTS ADDITIONAL

EXTENT OF PLANNING (SECTa)
▪ Size and Complexity of entity
▪ Key audit team member’s previous Experience
with the audited entity
▪ Changes in circumstances during audit
▪ Timing of appointment of auditor
CONSIDERATIONS
▪ Reasons for change of auditors
▪ Review of predecessor auditor’s working
papers
▪ Evidence regarding opening balances
 MATERIALITY
NOTES
▪ It is the amount that would AFFECT THE JUDGMENT of a Reasonable person.
▪ In determining materiality, auditor considers the general needs rather than specific needs.
▪ Materiality of auditor SHOULD NOT be disclosed.

▪ Users are assumed to have:

✓ Have appropriate knowledge of business, economy, and accounting
✓ Recognize that FS inherently include some level of uncertainty
✓ Understand how materiality affects both preparation and audit of FS
✓ Have willingness and ability to properly analyze the FS and make appropriate decision

▪ In some circumstances, auditor may evaluate misstatement as material EVEN BELOW THE
MATERIALITY if it concerns:
a. Misstatement that changes a loss into income (to avoid negative perception)
b. Misstatement that changes income to loss (to avoid taxes or takeover)
c. Misstatement that involves concealment of unlawful transaction

•Determine Overall Materiality

1 •FS Level

•Determine Performance Materiality

2 •Account Balance Level

•Compare the aggregate amount of uncorrected misstatements with overall

3 materiality. (COMPLETION STAGE)

NOTES:
✓ Auditors usually allocate preliminary levels of materiality to BS items rather than the IS items
because BS has fewer items.
✓ A percentage applied to NIBT from continuing operations will normally be higher than that
applied to total revenue.
✓ Auditor shall consider stability of selected base for benchmarks so that materiality would not
fluctuate significantly between annual audits.
✓ Materiality levels maybe revised as audit progresses considering circumstances.

SPECIFIC USES OF MATERIALITY

PLANNING PHASE CONCLUDING PHASE

Identifying and Assessing RMM Evaluating identified misstatements
Planning and uncorrected misstatements

Determining the NET of FAPs Forming an Opinion

Testing
 INTERNAL CONTROLS
INTERNAL CONTROL --- a system designed to achieve the objectives of entity.

OBJECTIVES OF ENTITY:
1. Prepare RELIABLE financial reports.
2. Have effective and efficient internal controls.
3. Compliance with laws and regulations
4. Safeguarding of entity’s asset

▪ IC systems are designed, maintained, and implemented by: TCWG (oversight), Management (day-to-day
operations), and other personnel (execution).

▪ AREAS of Internal Control: Administrative controls and Accounting controls

▪ Auditor is concerned ONLY to matters that are RELEVANT to the FS assertions. (Primary)

▪ SECONDARY PURPOSE: To provide recommendations for improvement.

ESSENTIAL CONCEPTS OF INTERNAL CONTROL:

1. A process
2. Effected by TCWG, Management, and other personnel
3. Can be expected to provide reasonable assurance of achieving entity’s objectives

INHERENT LIMITATIONS:
a. Cost should not exceed benefits
b. Most IC are directed to routine transactions.
c. Inadequacy of procedures and compliance deterioration.
d. ACCHuCo
Anticipated Transactions
Changes in conditions
Cost-Benefit
Human error / Limitation
Collusion
Override of management

4. Designed to help achieve entity’s objectives

5. Substance (Implementation) over Form (Design)
Design --- What are the controls?
Implementation --- How were the controls were implemented?
Maintenance --- When?

COMPONENTS OF INTERNAL CONTROL

CRIME
CONTROL ACTIVITIES They help ensure that management directives are carried out.

▪ AUTHORIZATION

▪ PERFORMANCE REVIEWS
Relating different sets of date to one another, analyzes the relationships,
investigating, and taking corrective actions.

▪ INFROMATION PROCESSING
Controls are performed to check accuracy, completeness, and
authorization of transactions
 ▪ PHYSICAL CONTROLS
Encompasses physical security of assets, including adequate safeguards;
authorization for access to computer programs and data files; periodic
counting and comparison with amounts shown on control records.

▪ SEGREGATION OF DUTIES

RISK ASSESSMENT PROCESS It describes management’s actions towards the risks around the entity.

Identify
Assess (significance of risk and likelihood of occurrence)
Manage

INFORMATION AND Components of Information System:

COMMUNICATION SYSTEMS ▪ Infrastructure
▪ Software
▪ People
▪ Input/Data
▪ Output/Meaningful Information

Communication involves providing and understanding of individual roles and

responsibilities pertaining to IC over financial reporting.

Communication can be made electronically, orally, through management’s

actions.
MONITORNG Evaluating the effectiveness of controls.

ONGOING MONITORING --- built-in; regular management and supervisory

activities

SEPARATE EVALUATIONS --- Communication of strengths and weaknesses and

recommendations for improvement. Oftentimes, this is performed by
INTERNAL AUDITORS, but external auditors may also do the task.

CONTROL ENVIRONMENT ✓ Sets the tone of organization, influencing the control consciousness of
people
✓ Includes management’s attitude, awareness, and actions
✓ Strengthened when management maintains culture of honesty and ethical
behavior

ELEMENTS: (CHAMPOI)
Commitment to competence
Human resource policies and practices
Assignment of authority and responsibility
Management’s philosophy and operating style
Participation by TCWG
Organizational structure
Integrity and ethical values

Chart of Accounts Bank Reconciliation

Manual Quarterly Statements
Passwords User Logs
Biometrics CCTV
 ADDITIONAL NOTES

Obtain an understanding of
internal control.

Document the understanding

of accounting and IC system.

Assess the control risk level.

Perform TOC.

Document assessed level of

control risks.
 FURTHER AUDIT PROCEDURES
TEST OF CONTROLS SUBSTANTIVE TESTS

▪ Evaluates the effectiveness of the entity’s controls
in preventing, detecting, and correcting material
misstatements at assertion level.
▪ NOT REQUIRED especially when controls are
INEFFECTIVE.
▪ Controls that appear to function in the past years
and on which auditor wishes to rely in current
year can be tested AT LEAST EVERY THIRD YEAR.
▪ RELIANCE APPROACH --- auditor tests ONLY the
controls he plans to rely upon
▪ Detect material misstatements at the assertion
level.
▪ Regardless of effectiveness of controls, these ARE
ALWAYS PERFORMED.
▪ NATURE (MOST IMPORTANT)
✓ Test of details of balances
--- Most effective; Most expensive
✓ Test of details of transaction
✓ Substantive Analytical procedures
--- This is required as RAP but not as FAP.
--- Least Effective

▪ HOW? Observe the process or people doing the ▪ EXTENT – AMOUNT of evidence needed
process ✓ As RMM increases, the extent increases

▪ PROCEDURES: ▪ TIMING – interim or at year-end depending on the

o Inquiry assessed RMM
o Observation (common)
o Inspection ▪ PROCEDURES – any procedure other than
o Reperformance reperformance REO

IC CR TOC RMM DR ST

IC CR TOC RMM DR ST

INTERNAL CONTOL DEFFICIENCY

▪ Internal control is PRESENT BUT FAILED. (unable)
▪ Internal control is REQUIRED BUT THER’S NONE. (missing)

▪ COMMUNICATE: Significant deficiency

✓ A deficiency of sufficient importance to merit the attention of TCWG.
✓ Management by Exception
✓ WRITTEN COMMUNICATION (management letter) to TCWG and appropriate level of governance

▪ US GAAS
✓ Significant deficiency = Reportable Condition
✓ If reportable condition results into a material misstatement in FS, Material Weakness in Internal
Control, should communicate as well regarding such fact.
▪ INDICATORS
a. Ineffective aspects of control environment
b. Absence or ineffectiveness of entity’s risk assessment process
c. Misstatements not prevented, detected, and corrected as discovered by auditor
d. Management’s inability to foresee the preparation of FS
e. Restatement of previously issued FS to reflect correction of MM
 AUDIT SAMPLING
100% EXAMINATION SELECTIVE TESTING

a. Very Small population; Large transaction ▪ Special characteristics

✓ PPE – acquisition, disposal Examples:
✓ Equity transactions – Maximum: Obsolete Inventory
QUARTERLY ISSUANCE OF DIVIDENDS High value or key items
Items over a certain amount
b. IT System
✓ Cost-effective
SAMPLING
✓ Uses AUDIT PROGRAMS
▪ Testing a sample drawn from population
c. Significant risk
▪ One unit may represent the entire population
✓ FRAUD (intentional)

ISSUE:
▪ VOIDED DOCUMENTS – the document is present, but audit procedures cannot be applied to the document.
✓ PROPERLY VOIDED – do not automatically consider as error, but replace the sample
✓ NOT PROPERLY VOIDED – considered as ERROR and should not be replaced

▪ MISSING DOCUMENTS – the document cannot be audited simply because of its absence; ERROR

GENERAL APPROACHES

STATISTICAL NON-STATISTICAL
✓ Relies on judgment and mathematics ✓ Relies on PURE JUDGMENT
✓ Gives REASONABLE ASSURANCE ✓ No regard to specific technique
✓ Probability Theory ✓ SUBJECTIVE
✓ “KNOWN CHANCE” of selection ✓ Best Example: HAPHAZARD
✓ OBJECTIVE
✓ Quantified, sufficient, measurable

SPECIFIC APPROACHES
RANDOM TECHNIQUE ▪ Each item has an EQUAL CHANCE of selection
▪ Pre-number Items --- Random Number Generator

ADVANTAGE: Unpredictability
DISADVANTAGE: Costly and time-consuming

SYSTEMATIC SAMPLING ▪ Alternative of random sampling

▪ Determining a constant sampling interval and then selects sample based on
the size of interval
▪ Items don’t need to be pre-numbered
▪ Compute the size and then interval
▪ For the selection of first item: Random selection or Haphazard

ADVANTAGE: Cheaper; Less time-consuming

DISADVANTAGE: Loses unpredictability because of Pattern

HAPHAZARD SELECTION Sample is selected without following an organized or structured technique.

SEQUENTIAL SAMPLING ▪ Few errors are expected from the population

▪ Used when controls are deemed effective or assessed control risk is low
▪ “STOP” or “GO”; NON-STATISTICAL
▪ Sample size is not fix.
DISCOVERY SAMPLING ▪ NON-STATISTICAL
▪ One deviation can lead to a conclusion
▪ ASSUMPTION: Controls are effective.
▪ Example: Laptop Passwords

VALUE-WEIGHTED SAMPLING ▪ NON-STATISTICAL

▪ Also known as the Probability Proportional to Size Sampling
▪ Each peso is treated as one sampling unit. (Monetary Unit Sampling)
▪ The higher the value, the greater the representation in the sample.

STRATIFICATION ▪ STATISTICAL
▪ Can only be applied in substantive tests
▪ Decreases the effect of variance of population; decreases the sample size
▪ More emphasis is given to those items with higher monetary value
▪ Population is divided into groups or strata.
▪ NO INTER-STRATUM projections

Pilot sampling – used to identify the extent of variability in the population

DETECTION RISK

SAMPLING RISK NON-SAMPLING RISK

✓ Relates entirely to SAMPLE SIZE ✓ Not related to the sample size

✓ Conclusions reached using the sample may ✓ This is about the AUDITOR not the audited.
not be the conclusion that would have been (Fatigue, Error in judgment, Wrong procedure,
reached if the entire population was audited Failure to recognize error)

✓ CAN BE ELIMINATED by 100% Examination ✓ CANNOT BE ELIMINATED

✓ ONLY risk that can be eliminated ✓ Can be REDUCED through Proper Planning and
Adequate direction, review, and supervision.

TOC Sampling --- “characteristics” ALPHA RISK

ATTRIBUTES SAMPLING
ERROR: Deviation; %; Need NOT be projected

POPULATION IC TOC CR DR ST
FS
SAMPLE

TOC Sampling --- “characteristics” BETA RISK

ATTRIBUTES SAMPLING
ERROR: Deviation; %; Need NOT be projected

POPULATION IC TOC CR DR ST
FS
SAMPLE
Substantive Sampling --- “amounts” ALPHA RISK
VARIABLE SAMPLING
ERROR: Misstatement; Pesos (₱); PROJECTED

POPULATION IC TOC CR DR ST
FS
SAMPLE

Substantive Sampling --- “amounts” BETA RISK

VARIABLE SAMPLING
ERROR: Misstatement; Pesos (₱); PROJECTED

POPULATION IC TOC CR DR ST
FS
SAMPLE

FACTORS AFFECTING SAMPLE SIZE

ACCEPTABLE SAMPLING RISK

✓ Level of sampling risk the auditor is willing to accept.

TOLERABLE DEVIATION RATE

✓ Maximum rate of deviations the auditor is willing to accept, without modifying the planned degree of
reliance on internal control.

EXPECTED DEVIATION RATE

✓ Rate of deviations the auditor expects to find in the population before testing begins.
✓ Developed from the prior year’s results or through pilot sample
✓ If UNREASONABLY HIGH (exceeding the tolerable deviation rate), OMIT TOC.

STEPS
1. Develop EDR and TDR and usually, TDR > EDR.
NOTE: The difference between the TDR and EDR is the Margin of error (a.k.a. Precision level,
or Allowance for sampling risk).

2. Determine the sample deviation rate.

3. Compare the sample deviation rate (adjusted to margin of error) and the tolerable rate.

✓ SDR > TDR --- More extensive procedures shall be performed.

✓ SDR < TDR
a. CONSIDERABLY LOWER --- Sample results support the planned degree of reliance
b. BARELY LOWER --- Non-statistical sampling (Sample results does not justify)
Statistical sampling (Max Population deviation rate is considered)
 ADDITIONAL NOTES

SUMMARY OF BASIC STEPS IN ADUIT Evaluate

SAMPLING sample results.
Apply audit
procedures.
Select the
sample.
Determine the
sample size.
Determine the
procedures to
Define the be performed.
objective of
the test.

ANOMALOUS ERROR

▪ Errors arising from an ISOLATED EVENT that has not recurred other than the specifically identifiable
occasions.

▪ NOT REPRESENTATIVE of population; NOT PROJECTED

▪ Must be considered together with projected errors to determine the combined effect on balances or
transactions

BLOCK SELECTION

▪ Selecting blocks of CONTIGUOUS items from the population.

▪ LEAST desirable method because samples may not be representative of the population.
 COMPLETING THE AUDIT
SUBSEQUENT EVENTS

December 31 April 10 April 15

✓ BS date ✓ Date of auditor’s ✓ Date of issuance of
✓ End of reporting report FS
period ✓ Auditor has ✓ BOD authorizes the
✓ Date of FS gathered SAAE issuance

Auditor HAS RESPONSIBILITY to GR: Auditor has NO RESPONSIBILITY.

perform procedures to obtain EXC: if KNOWN
SAAE that ALL (unknown and/or 1. It has come to his attention.
known) events during this period 2. Management informs the auditor
have been identified.

PROCEDURES: ADJUSTING EVENT:

1. Inquiry of management
2. Reviewing management procedures in
identifying subsequent events.
3. Reviewing minutes of meeting
4. Reviewing the latest interim FS and
management reports (budgets)
5. Inquiry of entity’s lawyers (litigation, etc.)
✓ If management has amended the FS, auditor should
revise its report accordingly.
✓ NO NEED TO EXTEND THE DATE OF REPORT
NON-ADJUSTING EVENT
✓ REVISE THE DATE

DUAL DATE THE REPORT AS OF DATE OF SUBSEQUENT EVENT

✓ Auditor’s responsibility is LIMITED ONLY ✓ Auditor’s responsibility to subsequent events is

to the specific event. EXTENDED as of this date.

ISSUE
MANAGEMENT DID NOT AMEND despite the KNOWN EVENT to auditor.
1. Ask the management to amend the FS.
AGREE
DISAGREE

2. Determine if the Auditor’s Report was released to the entity.

NOT RELEASED: Issue a Qualified, Adverse, or Disclaimer of Opinion
RELEASED

3. Ask the management to NOT ISSUE the FS unless amended,

NOT ISSUED: Ask to amend the FS. Then
ISSUED

4. Communicate with BOD or seek legal advice if appropriate.

 GOING CONCERN
GOING CONCERN ASSUMPTION

▪ Ordinarily, entity is viewed as CONTINUING in business, unless management:

✓ Intends to LIQUIDATE the entity
✓ Intends to CEASE trading
✓ HAS NO REALISTIC ALTERNATIVE but to liquidate or cease trading

▪ Relevant to general-purpose FS but may or may not be relevant to special-purpose FS

▪ MANAGEMENT’S RESPONSIBILITY: Assess its ability to continue as going concern
NOTE: If there is history of profitable operations and ready access to financial resources,
management may make its assessment WITHOUT DETAILED ANALYSIS

▪ AUDITOR’S CONCERN:
✓ Obtain SAAE about the appropriateness of management’s use of going concern assumption.
✓ Obtain SAAE about the presence of material uncertainty

RULES ON EVALUATING MANAGEMENT’S USE OF ADDITIONAL PROCEDURES WHEN EVENTS OR

GC ASSUMPTION CONDITIONS WERE IDENTIFIED

▪ Cover the same period as that used by the
management.
▪ Inquire (ONLY) of management of events beyond
the period assessed.
▪ Request management to extend to AT LEAST 12
MONTHS if management’s assessment covers
less than 12 months
▪ QUALIFY or DISCLAIM AN OPINION if
management refuses to extend its assessment.
▪ Review management’s plans for future actions
based on its going concern assessment.
▪ Gather SAAE TO CONFIRM OR DISPEL whether a
material uncertainty exists.
▪ Seek written representations from management
regarding its plans for future action

AUDIT CONCLUSIONS AND REPORTING

Management Auditor’s Disclosure of
Opinion
Assessment Judgment Material Uncertainty
GC UM + GOCU
GC Q or A
GC Adverse
LC UM + EOM
LC Q or A
LC Adverse
NOTE: MULTIPLE UNCERTAINTIES --- Automatic Disclaimer of Opinion

INDICATORS OF UNCERTAINTY MITIGATING FACTORS (Mitigators)

✓ Negative ✓ Plans of management to deal with the effects of
✓ FINANCIAL indicators
1. Negative Cash flows
2. Long term loans WITHOUT prospects of renewal ✓ RULE: INCREASE CASH or NO OUTFLOW
✓ OPERATIONAL
1. Loss of major customer EXAMPLES:
2. Arrears in dividend 1. Borrowings
✓ MISMATCH OF DUE DATES 2. Refinancing
1. LTA financed by STL 3. Sell Assets or Shares
2. STA financed by LTL

SIGNIFICANT DELAY IN SIGNATURE OR APPROVAL OF FS:

✓ Auditor shall consider the reasons for delay. If it relates to going concern assumption, auditor shall consider:
▪ The need to perform additional procedures
▪ The effect on auditor’s conclusion regarding existence of material uncertainty
 LITIGATIONS, CLAIMS, AND ASSESSMENT
NOTES

▪ MANAGEMENT is the primary source of information about litigation, claims, and assessment.
▪ Auditor CORROBORATES such information through a Letter of Audit Inquiry.

RULES FOR LETTER OF AUDIT INQUIRY:

✓ Prepared by the management
✓ Sent by the auditor
✓ Responses shall be DIRECTLY communicated to the auditor

CASES:
✓ Management refuses to give permission --- Q or DO
✓ Lawyer refuses to reply --- Q or DO
✓ Lawyer is unable to estimate the likelihood of unfavorable outcome --- EOM

RELATED PARTIES

▪ MANAGEMENT’S RESPONSIBILITY: Identification and disclosure of related parties and related transactions

▪ AUDITOR’S CONCERN: Obtain SAAE about the identification and proper disclosure by management of
✓ Related parties
✓ Effects of related transactions material to the FS

Auditor shall:
1. Be aware of related parties and transactions because,
✓ Required by GAAP to be disclosed.
✓ May affect the FS
✓ Source of audit evidence affects auditor’s assessment of reliability
✓ Related party transaction may be motivated by other than ordinary business considerations.
2. Check completeness of client-provided information about related parties
3. Consider the adequacy of control procedures over authorization and recording of related party
transactions
4. Be alert for unusual transactions which may indicate the existence of previously unidentified related party
transactions.
5. Carry out procedures which may identify the existence of related party transactions.

Given the nature of RPT, evidence may be limited. Thus, the following procedures may be performed:
✓ Confirming the terms and amount of transaction with RELATED PARTY
✓ Inspecting evidence in the possession of RELATED PARTY
✓ Confirming or discussing information with PERSONS ASSOCIATED with the transaction (e.g., banks)

OMITTED PROCEDURES
▪ Auditor shall assess the importance of omitted procedure.

▪ Omission may result to IMPAIRMENT of opinion.

✓ Presence of COMPENSATING PROCEDURES
✓ NO Compensating Procedures --- apply the omitted procedure or an alternative procedure
RESULT TO:
a. No necessary revisions --- No communication is required
b. Necessary revisions --- Apply the same procedures for Subsequent Events.
 ADDITIONAL NOTES

WRAP-UP PROCEDURES

1. Identifying liability items not given appropriate accounting treatment

✓ May be performed at early stage but SHOULD BE EXTENDED up to completing the audit phase

2. Addressing required disclosures

3. Overall review of the audit engagement and formation of the audit opinion

4. Other wrap-up procedures

a. Obtain Management Representation Letter
b. Audit Documentation and communication with TCWG --- may be performed all throughout the audit
as timely as practicable but generally finalized at the end part of engagement.

WRITTEN REPRESENTATION LETTER

▪ Evidence of management’s acceptance of its responsibility.

▪ THEORETICALLY, the date of MRL should come earlier than the date of audit report (Last day of fieldwork).
▪ PRACTICALLY, the two documents are dated the same.
▪ Reduces misunderstanding between the client and the auditor.
▪ Cannot be a substitute for other audit evidence,
▪ Can serve as evidence when such representation is the only evidence available.

MANAGEMENT REFUSES TO PROVIDE REPRESENTATIONS --- Qualified or Disclaimer of Opinion

 AUDIT REPORT
✓ Use of PSA Wordings UNMODIFIED OPINION REPORT
▪ FS are presented fairly ▪ Shall be in writing
Purpose: IMPLICATIONS: ▪ Hardcopy or Electronic
▪ Conformity A. MM discovered were corrected at
▪ Uniformity Auditor’s Satisfaction ASSOCIATION W/ FINANCIAL
▪ Consistency B. MM may still exist EXCEPT that they INFORMATION
(Year-to-year PSA) were NOT discovered.
▪ Global comparability C. Discovery of MM even if not corrected. 1. Consent to use of name =
NOT AN IMPLICATION: professional matter
A. Guaranteed Fairness 2. Attachment of report
B. Accuracy
C. Viability or Attractiveness as
Investment Option

TITLE

T
▪ INDEPENDENT AUDITOR’S REPORT
a. Emphasizes ethics compliance
b. Distinction from reports issued by others

ADDRESSEE

A
▪ Party for whom the report is prepared
EXTERNAL USERS:
❖ Either BOD or shareholders, or both
❖ Shareholders – ULTIMATE

CASE: Who is the addressee under the ff?

P Addressee; PAYING, RETAINING, ENGAGING; Audit client

B
S Auditee
A

O
OPINION PARAGRAPH
1. Opening Paragraph

R Reference to SSAP and Notes

A* Audited: “We have audited…”
T Title of FS Audited
E Entity Audited
D Date and period covered by FS

2. Opinion Proper

In our opinion, Use of judgment

the FS of… present fairly,
in all material respects For each specific element
For each FS
FS as a whole

in accordance with PFRS Applicable FR Framework

FRAMEWORK SIMILARITY DIFFERENCE

Additional disclosure or
Fair presentation framework
Comply with departure is allowed
requirements Strictly Compliance
Compliance framework
requirement ONLY
 BASIS OF OPINION

Ba General Rule: NO NEED TO EXPLAIN if the opinion is UNMODIFIED.

What to include?

C Compliance with PSA

R Reference to the section describing auditor’s responsibilities
I Independence
E Ethics including the jurisdiction of Code of Ethics (IESBA)
S SAAE

GOING CONCERN

Go ✓ Uncertainty paragraph
✓ May or May Not be present
✓ NOTE: Presence of uncertainty DOES NOT NEGATE the use of going concern, but
such fact shall be DISCLOSED.

Under the OLD standard, this section is addressed under the EOM paragraph.

K
KEY AUDIT MATTER (KAM) PARAGRAPH
✓ Matters of MOST SIGNIFICANCE in the FS.
✓ Selected from matters communicated with TCWG

WHEN? WHY?
1. Required by Law 1. To understand the entity
2. For matters of most significance 2. REQUIRED for Listed Entities
3. Entity’s choice

RESPONSIBILITY PARAGRAPHS

M
MANAGEMENT’S RESPONSIBILITY
EXPLICIT
Under the OLD standard, this section is addressed under the EOM paragraph.
1. FS is in accordance with PFRS
2. Internal Control relevant to FS
3. Going concern ASSESSMENT

IMPLICIT – Other responsibilities

A
AUDITOR’S RESPONSIBILITY

AR Auditor’s Responsibility in accordance with the PSA

RA Reasonable Assurance (not absolute)
MM assessed risk of Material Misstatements

Scope paragraph
P Policies and Estimates
O Overall presentation of the FS (IAM RMM; Obtaining SAAE to support opinion)
G Going concern EVALUATION for appropriateness
I Internal Control (required TO CONSIDER NOT TO EXPRESS AN OPINION ON)

Note: Scope of audit – procedures of audit

This section may be presented through the following:

✓ Within the body of auditor’s report
✓ Within an appendix to auditor’s report by indicating the location of appendix
✓ IF PERMITTED, a reference to a website containing such responsibilities.
 E
ENGAGEMENT PARTNER’S NAME

✓ REQUIRED for listed entities

UNLESS, there is a threat to personal security (Discuss with TCWG.)

S
SIGNATURE
✓ Signature of the CERTIFYING PARTNER
✓ Name of audit firm OR personal name of auditor (SEC requirement) OR BOTH

CERTIFYING PARTNER
▪ ULTIMATELY responsible for the opinion
▪ Should have a COMPREHENSIVE KNOWLEDGE of entity

RULES
▪ Manual
▪ Include:
a. BOA Accreditation No.
b. SEC Accreditation No.
c. TIN No.
d. Privilege Tax Receipt No.
e. License, including secondary licenses

DA
ADDRESS OF THE AUDITOR --- jurisdiction where the auditor practices

DATE OF THE AUDIT REPORT ---- SAAE has been obtained

OTHER REPORTING RESPONSIBILITIES

May be presented as:

✓ SEPARATE SECTION – if responsibilities are in addition to responsibilities under ISA, the report is divided
into:
▪ Report on the Audit of FS – ObaMA (basic parts of audit report)
▪ Report on Other Legal and Regulatory Requirements – other responsibilities.

✓ SAME SECTION as related report elements – responsibilities address same topics as presented

ADDITIONAL NOTES

DETERMINATION OF KAMs

A. Matters communicated with TCWG

B. Matters requiring significant auditor’s attention by considering the following:
✓ Areas of higher or significant RMM
✓ Areas that involved significant management judgment
✓ Effect of significant events or transactions that occurred during the period.

C. KAMs – matters with most significance to the audit

DO NOT COMMUNICATE KAMs when:

✓ Precluded by law or regulation
✓ Auditor’s determination because of adverse consequences that outweigh public interest
✓ Would require the modification of opinion

ABSENCE OF KAMs
✓ The auditor shall include a statement of such fact under the KAM section.
INCONSISTENCY (Other Information Paragraph)

FS is correct; OI is wrong 1. Discuss with the management.

2. Ask management TO CORRECT the other information.
✓ CORRECTED --- include an Other Information paragraph in the auditor’s
report

CONTENTS:
a. Identify other information
b. Describe the responsibility for other information: TO READ
▪ LISTED: Read OI obtained and expected to be obtained
▪ NON-LISTED: Only those OBTAINED

c. Management is responsible for the other information.

✓ NOT CORRECTED --- the report remains UNMODIFIED, but an Other

Information paragraph shall state the fact that OI is incorrect.
TAO
Ba --- EOM OM
GoK --- OI
MA
ESDA

WHAT IF Other Information is NOT provided?

✓ UNMODIFIED
✓ State in Other Information Paragraph such fact.

FS is wrong; OI is correct ✓ Revise the report as appropriate (Qualified, Adverse, or Disclaimer)

✓ Include an Other Information paragraph

TAO
Ba --- OI EOM OM
GoK
MA
ESDA

SUPPLEMENTARY INFORMATION

✓ Disclosure requirement by BIR

✓ Disclosure requirement by SEC

RULES:
▪ Integral to FS --- covered by auditor’s opinion
▪ Not integral to FS --- shall be presented in a way that sufficiently and clearly differentiates from FS.
Otherwise, ask management to change presentation.
 MODIFICATIONS
AND ADDITIONAL COMMUNICATIONS
REASON: PFRS Departure (detected misstatement in FS with knowledge and evidence of auditor)
Material disagreements with the management

QUALIFIED ADVERSE
▪ SILENT ▪ Material AND PERVASIVE
▪ Material ONLY ▪ “So material”
▪ “EXCEPTION OPINION” ▪ “Highly material”
▪ FS, as a whole, is fairly stated

CHANGES IN AUDIT REPORT CHANGES IN AUDIT REPORT

1. Opinion paragraph 1. Opinion paragraph
“Except for the effects of the matter described in “Because of significance of the matter described in
the Basis paragraph the FS present fairly…” the basis paragraph… the FS DO NOT present
fairly.”
2. Basis for Opinion paragraph
CRIES + Explanatory paragraph 2. Basis paragraph

Explanatory paragraph
a. AMOUNT --- Quantify the effects.
b. DISCLOSURE --- Explain how misstated.
c. OMISSION --- present the missing information
in the report and description of the nature of
the information as well.

NOTE: Piecemeal Opinion is NOT ALLOWED as it may confuse

the readers. That is why, it is inappropriate to explain the
reason for modification in the Opinion paragraph.

REASON: Inability to gather SAAE (no evidence, no knowledge)

SCOPE LIMITATION --- unable to perform procedures

QUALIFIED DISCLAIMER OF OPINION

▪ SILENT ▪ Material AND PERVASIVE
▪ Material ONLY ▪ “So material”
▪ “Highly material”

CHANGES IN AUDIT REPORT CHANGES IN AUDIT REPORT

1. Opinion paragraph
“Except for the POSSIBLE EFFECTS of the matter
described in the Basis paragraph the FS present
fairly…”
2. Basis for Opinion paragraph
✓ Explain the reason for the inability.
1. Opinion paragraph
*RETED --- We were Engaged to audit… (opening
paragraph)
2. Basis paragraph
▪ Refer to Auditor’s responsibility
▪ State that SAAE is obtained to provide basis for
such opinion.
▪ CRIES --- ICE + Explanation is presented in the
Auditor’s responsibility section
(Independence, Compliance with PSA, Ethics)

3. Auditor’s responsibility
REMOVE ARRAMM POGI
REPLACE with ICE

4. REMOVE KAMs and OIP unless required by law or

regulation
SCOPE LIMITATION AUTOMATIC DISCLAIMER OF OPINION
(MIMI)
✓ Management-imposed
1. Ask management to remove limitation. 1. MULTIPLE uncertainties
2. Communicate with TCWG regarding the limitation.
3. WITHDRAW or DISCLAIM 2. Not INDEPENDENT and Not allowed to
Note: Check the stage of completion. withdraw

✓ Circumstance-based --- DISCLAIM 3. No MRL

Reason: Due to nature of audit procedures (i.e., ST alone
is insufficient and internal controls are not reliable) 4. Questionable INTEGRITY of management

MODIFICATIONS TO AUDIT REPORT

EMPHASIS OF MATTER ▪ Refers to a matter appropriately presented or disclosed in the FS

fundamental to user’s understanding
▪ Highlight paragraph in the audit report as it draws users attention to the
amount/note in the FS
▪ “We draw the attention to Note 6 in the FS…”

REQUIREMENTS:
1. Would NOT MODIFY the opinion
2. NOT key audit matter (KAM)

EXAMPLES:
1. A note that discloses uncertainty
2. A note for the change in accounting policy
3. A note explanation justifying departure

OTHER MATTER PARAGRAPH ▪ Refers to matter other than those presented or disclosed in the FS

REQUIREMENTS:
1. NOT PROHIBITED by the law or regulation
2. NOT key audit matter (KAM)

EXAMPLES:
1. Prior year FS were not audited.
2. PYFS were audited by other auditor whose report is not presented.
3. PYFS opinion was changes
4. Planned scope
5. Application of materiality
6. Reason of inability to withdraw from a scope-limited engagement.
7. Report is intended to specific users
8. Another set of FS has been prepared in accordance with another GP
framework and auditor has also issued report.

TAO
Ba --- EOM OM
GoK --- OI
MA
ESDA
 ADDITIONAL COMMUNICATIONS

CORRESPONDING ▪ Integral part of current FS and are intended to be READ in relation to current period.
FIGURES ▪ Audit report refers ONLY to the CURRENT FS.

AUDITOR’S RESPONSIBILITIES:
1. Obtain SAAE regarding GAAP compliance of the figures.
2. Assess whether:
a. Accounting policies used are consistent
b. Appropriate adjustments and/or disclosures have been made
c. Corresponding figures agree with amounts and other disclosures in prior
period.

RULES ON REPORTING:
1. Comparatives SHOULD NOT be specifically IDENTIFIED.

2. If prior auditor’s report issued a Q, A, or DO:

a. Unresolved and results to modification of current
---Report on the figures shall be MODIFIED.
b. Unresolved but does not result to modification of current
---Report on the figures shall be MODIFIED.
c. Resolved and properly dealt with
---DO NOT REFER to previous modification
---EXC: Such matter is MATERIAL --- include EOM in the report

3. If prior auditor’s report issued Unmodified and auditor discovered a material

misstatement
a. PYFS revised and reissued --- auditor should be satisfied
b. PYFS not revised and reissued; Figures not restated or no additional disclosures
--- Issue MODIFIED report on current FS with respect to the figures
c. PYFS not revised and reissued; Figures were restated, or additional disclosures
were made
--- Include EOM describing circumstances and referencing to disclosures

INCOMING AUDITOR:
1. Indicate:
a. PYFS were audited by another auditor.
b. Type of report issued by predecessor auditor and if modified, the reasons
c. Date of the REPORT

2. If PYFS were not audited, state in the report that THE FIGURES WERE UNAUDITED.

COMPARATIVE FS ▪ Separate FS used for COMPARISON

▪ Auditor’s reports refer to EACH FS presented.

AUDITOR’S RESPONSIBILITIES: (SAME with corresponding figures)

1. Obtain SAAE regarding GAAP compliance of the figures.
2. Assess whether:
a. Accounting policies used are consistent
b. Appropriate adjustments and/or disclosures have been made
c. Corresponding figures agree with amounts and other disclosures in prior
period.

RULES ON REPORTING:
1. Comparatives are SPECIFICALLY IDENTIFIED.

2. Opinion on the PYFS is different from the previously expressed opinion

✓ Disclose the substantive reasons in EOM paragraph
 INCOMING AUDITOR:
1. PYFS were audited by ANOTHER AUDITOR (continuation of No. 2 on rules on
reporting)
a. Predecessor REISSUES --- Incoming auditor reports ONLY on current period.
b. Incoming auditor should indicate:
▪ PYFS was audited by another auditor
▪ Type of report issued and if modified, the reasons
▪ Date of the REPORT

2. Incoming auditor discovered MM on FS where the predecessor had issued an

UNMODIFIED opinion
a. Discuss with management
b. Obtain management authorization to contact the predecessor
c. Propose to predecessor the need of restatement and reissuance of report
▪ Agreed --- same rules with No. 1
▪ Disagreed --- include in INTRODUCTORY PARAGRAPH: “predecessor
reported on PYFS before restatement.”

3. PYFS were NOT AUDITED --- incoming auditor shall state such fact in the report

OPENING AUDITOR’S RESPONSIBILITIES:

BALANCES Obtain SAAE whether
✓ Material misstatements in opening balances exist
✓ Appropriate accounting policies were CONSISTENT, or changes thereto were
accounted properly.

AUDIT PROCEDURES:
✓ Prior period balances were CORRECTLY BROUGHT FORWARD or properly restated,
if appropriate
✓ Appropriate accounting policies were PROPERLY APPLIED
✓ One or more of the following:
a. Review of predecessor’s working paper
b. Evaluation of whether audit procedures performed currently provide evidence
relevant to opening balances
c. Specific audit procedures to obtain evidence regarding opening balances

CONCLUSIONS:
a. Unable to obtain SAAE regarding opening balances --- Q or DO
b. Opening balances contain material misstatement --- Q or A
c. Accounting policies were not consistently applied --- Q or A
d. Modification in PYFS remains relevant and material to current --- modify
accordingly

AUDIT OF GROUP ADDITIONAL PROCEDURES

FS UNDERSTANDING THE COMPONENT AUDITOR
Group engagement team shall consider the following when requesting component
auditor:
a. Component auditor’s understanding on ETHICS and INDEPENDENCE
b. Professional competence
c. Involvement of group engagement team in the work of CA
d. Whether CA operates in regulatory environment that ACTIVELY oversees auditors

TYPE OF WORK TO BE PERFORMED

Significant Components
i. Audit of financial information of component using component materiality
ii. Audit of account balances, etc. relating to likely significant risks of MM of the group
FS
iii. Specific audit procedures relating to likely significant risks

Insignificant Components --- ANALYTICAL PROCEDURES at group level

 CONCLUSIONS
a. Work of CA cannot be used and auditor was unable to gather SAAE --- Q or DO
b. CA issues modified report, auditor would consider the nature and significance of such
modification
c. Auditor ASSUMES work of component auditor --- Make NO REFERENCE to work of CA
d. Auditor does NOT ASSUME --- REFERENCE to work of CA

EXPERTS ▪ Individuals skilled in areas other than accounting and auditing.

Expert hired by auditor Auditor’s External expert

HIGHEST degree of Objectivity

Expert employed by auditor Auditor’s Internal expert

Expert hired by management Management’s External expert

Expert employed by management Management’s Internal expert

LEAST Objective

Findings of this expert may still be used

PROVIDED THAT,
A. There is limited experts in the field.
B. Cost-constraint

ISSUE
▪ Expert’s findings result to modification --- NO REFERENCE to expert name but REFER
to the expert’s findings

▪ Expert’s work does not provide SAAE or not consistent with other evidence
a. Discuss with the entity and the expert
b. Apply additional procedures, including possible engagement of another expert
c. Modify auditor’s report

EVALUATION OF AUDITOR’S EXPERT

1. Assess the competence and objectivity of expert.
COMPETENCE: Professional certification or licensing and experience and
reputation in the field
OBJECTIVITY: Inquiry

2. Understand the field of expertise of expert.

▪ Nature, scope, objectives of expert’s work
▪ Adequacy of auditor’s work

3. Establish terms of agreement – IN WRITING

4. Evaluate the APPROPRIATENESS of auditor’s work as audit evidence.

 DOCUMENTATION
AUDIT DOCUMENTATION GUIDELINES
a. Heading
▪ PREPARED by client or auditor USED by the auditor i. Name of client
ii. Type of working paper
▪ PROOF OF: iii. Content
o Gathered evidence iv. Date or period covered
o Performed procedures
o Compliance with PSAs b. Indexing – use of lettering or numbering system

▪ PRIMARY FUNCTIONS: c. Cross-indexing/ cross referencing – provides a

o Support auditor’s opinion trail
o Support auditor’s compliance with PSAs
o Assist auditor throughout the engagement d. Tick marks – symbols indicating that procedures
were performed
▪ SECONDARY FUNCTIONS:
o Planning future audits
o Providing information useful in rendering other services (MAS or Tax consultancy)
o Providing adequate defense in case of litigation

▪ FORM, CONTENT, EXTENT:

o Auditor’s judgment because it NEITHER necessary nor practicable to document every matter
o The following REQUIRES documentation:
a. Significant matters
b. Departure from a basic principle or essential procedure
c. Who performed and reviewed the audit work and the date and extent of performance and review

▪ OWNERSHIP:
✓ Personal property of auditor.
✓ Client may use it as reference but should NOT be a substitute for client’s records.

▪ AUDIT FILE/ARCHIVE: Collection of documentation shall be assembled within 60 DAYS after the date of the
report

▪ RETENTION: for PSA purposes --- 5 YEARS; For SEC ---- 7 YEARS

▪ CLASSIFICATION:
o Permanent file – has CONTINUING significance in recurring audits [EXAMPLES: Sticky Notes]
o Current file – significant ONLY for a particular year [EXAMPLES: Sticky Notes]

ISSUES (see REO Handouts No. 13) nakakapagod magtype

1. Documentation of new information after the date of auditor’s report.

2. Changes after the date of auditor’s report resulting from the process of assembling and
completing the audit file.
3. Changes after the documentation completion date.
 ACCOUNTING ESTIMATES
RMM may be greater when accounting estimates are involved.

AUDITOR’S RESPONSIBILITIES:
1. Obtain SAAE that accounting estimate is PROPERLY ACCOUNTED AND DISCLOSED.
2. Obtain SAAE that accounting estimate is REASONABLE

APPROACHES (one or more):

1. Review and test the process used by management to develop the estimate.
2. Make an independent estimate.
3. Review subsequent events which confirm the estimate made.

MISSTATEMENT

CLEARLY TRIVIAL IMMATERIAL (collectively) MATERIAL (individual)

Not accumulated Accumulated
Need not be corrected Propose for corrections then
management considers
IF NOT CORRECTED: IF NOT CORRECTED:
▪ Make a Summary of Uncorrected
Not corrected Misstatements (SUM) and attach Communicate with TCWG.
it to the MRL
▪ Past Adjusting Journal Entry
(PAJE)

NOTE: In case of doubt, NOT CLEARLY TRIVIAL!

Description Advantage Disadvantage

NARRATIVE Statement Detailed and Engagement- Time-consuming
specific
FLOWCHART Visual presentation Easy to understand Difficult to prepare

DECISION TABLE Cost-effect; Logical flow FLOW Difficult to prepare

QUESTIONNAIRE Requires specific answer Engagement-specific Time-consuming for

respondents

CHECKLIST YES or NO Easy to accomplish No though or attention is

given to items and not
engagement-specific
 ERROR, FRAUD, NONCOMPLIANCE
ERROR (HIMOOD)
Human Mistake (fatigue, judgment)
Inaccurate or unreasonable estimate
Misinterpretation
Oversight
Omission (unintentional) --- not presumed as ERROR directly
Data processing inaccuracy

FRAUD (irregularity)
✓ Intentional act and concealed
✓ Auditor is concerned with those fraudulent acts causing MM to the FS.

TYPES OF FRAUD
1. Misappropriation of Assets (MOA) FRAUDSTERS
▪ Theft of entity’s actual assets or information 1. Employee
▪ Employee fraud 2. Management
3. BOD
2. Fraudulent Financial Reporting (FFR) 4. Third parties
▪ Related to the FS intended to deceive the users
▪ Management fraud

RULES
1. Responsibility to for detection of fraud and error are essentially the same.
2. Chance of detection
▪ Error > Fraud
▪ Employee fraud > Management fraud

3. COMMUNICATION
✓ Material or immaterial DETECTED fraud.
✓ To an officer ONE LEVEL HIGHER than the one who commit the fraud

4. OPINION
✓ Material fraud ONLY
✓ If corrected, do not include such fact in the report.

5. We DO NOT presume fraud except for revenue recognition.

FRAUD RISK FACTORS – red flags; present in times of fraud but their presence DOES NOT automatically mean
fraud exists.
1. Pressure/ Incentives
✓ “force” or “benefit”
2. Opportunity
✓ “chance” because of position or inadequacies of controls
3. Attitude or Rationalization of Act
✓ Related to the control environment and/or culture

ISSUE
❖ Too personal fraud risk factors such as financial stress of employees and/or adverse relationship
between management and employee.
o RULE: Auditor DOES NOT PLAN audit to discover them but when encountered, CONSIDER!

LEVELS TO PREVENT LEVELS TO DETECT

1. Operational management 1. Internal control
2. Risk management committee 2. Internal auditor
3. Internal audit 3. External auditor (least likely)
NONCOMPLIANCE (illegality)
✓ Most laws and regulations are related to Operations rather than Financial Reporting.
✓ Generally, it has an INDIRECT EFFECT on the FS.
✓ Considered ONLY when it has a DIRECT EFFECT on FS, such as disclosure or recognition
✓ Auditor is concerned with “Noncompliance of ENTITY” not of its people (personal misconduct)
o Omission of right (Ignorance) – ERROR
o Commission of wrong (Intentional) – FRAUD
✓ Noncompliance is a MATTER OF LAW.

RULES
▪ Regardless of materiality, it SHALL BE COMMUNICATED.
▪ After communication, is there an action?
o YES – edi wow
o NO – Management’s integrity and its representations become QUESTIONABLE. Thus, WITHDRAW.

ADDITIONAL NOTES
 CODE OF ETHICS
According to R.A. 9298, a CPA is an individual who holds
Valid Certificate of Registration (COR) ▪ Issued by BOA
▪ Admission to profession
▪ Lifetime

Professional Identification Card (PIC) ▪ Issued by PRC

▪ License to practice profession
▪ Renewable every three years

PROFESSION

CHARACTERISTICS SPECIFIC ATTRIBUTES OF ACCOUNTING

a. Mastery of a PARTICULAR skills 1. Systematic body of theory

(Accounting, auditing, taxation) 2. Professional authority
b. Adherence by its members to a Common 3. Community sanction
Code of Conduct 4. Regulative code
c. Public service 5. Culture

NEEDS CCPQ OBJECTIVES OF ACCOUNTING

1. Credibility 1. To work to highest standard of

2. Confidence professionalism
3. Professionalism 2. To attain highest level of performance
4. Quality of Service 3. To meet public interest requirement.

International Ethics
IFAC IESBA Standards Board for
Accountants

PICPA International COE

Embrace or adapt

✓ BOA recommended the adoption

✓ CPA (Professional Accountant) – mandatory compliance with COE regardless of sector

SECTORS
▪ ACPAE – academe
▪ ACPACI – commerce and industry
o OLD: Employed professional accountants
o NEW: Professional accountants in business
▪ ACPAPP – public practice
▪ GACPA – Government association of CPAs

If some parts are NOT APPLICABLE – follow the remaining parts.

In case of CROSS-BORDER CPAs – follow whichever is stricter.

CODE OF ETHICS?

A set of concepts and principles that guide us in determining what behavior helps or harms an individual
and/or the society.

PURPOSE: A purpose of reflecting the accountancy profession’s recognition of its public interest responsibility.
FUNDAMENTAL 1. Professional Behavior – Avoid discreditable acts to the profession
PRINCIPLES PICPO ▪ Engagement-related issue
▪ Referral is allowed but referral with a fee (commission) is not allowed.
▪ Publicity refers to communication of FACTS to the public.
✓ Anniversaries --- every 5 years
▪ Advertising is a communication of SERVICES to the public and is allowed if:
✓ Tasteful, Truthful, Substantiated (with proof), Not disparaging to
others, Not involved in solicitation (personal offer of service)

2. Integrity – Honesty in the dealings and being straightforward

3. Confidentiality
✓Applies to SENSITIVE information
▪ Information gathered from prior work experience are allowed to be
disclosed.
✓FOREVER
✓Applies to social environment

ALLOWED DISCLOSURES
1. with management’s permission
▪ communication with predecessor auditor
▪ use of predecessors’ working paper (permanent file)

2. required by the regulation

▪ Quality Review Committee audits the work of auditors
▪ Ethical conflicts within the organization

RULES
1. Follow the entity’s internal policies. (HR department)
2. If not resolved, talk to immediate supervisor or the next level of
superior.
3. Seek independent legal advice on confidential basis – permitted to
disclose and there is NO NEED to ask for management’s permission
4. RESIGN

3. required by the law

▪ under subpoena (needed in court)
▪ personal defense in litigation

4. Professional Competence and Due Care

PROFESSIONAL COMPETENCE
✓Attaining and maintaining professional knowledge and skills

✓ATTAINMENT (Basic): Education, Examination, Experience

✓MAINTENANCE: CPD units (Public practice = 120; Others = 15)

DUE CARE
✓Act diligently in accordance with applicable technical and professional
standards.
✓Exercise of caution in performance of engagement

5. Objectivity
– free from bias, conflict of interest or undue influence of others.

CONCEPTUAL The PA shall apply the framework to identify, evaluate and address threats to
FRAMEWORK compliance with the fundamental principles.

INTERNATIONAL Established for audit, reviews, and other assurance engagements regarding threats to
INDEPENDENCE independence specific to these engagements.
STANDARDS
STRUCTURE PART 1: Complying with the Code, Fundamental Principles & Conceptual Framework
PART 2: Professional Accounts in Business (PAIBs)
PART 3: Professional Accountants in Public Practice (PAPPs)
PART 4A: Independence for Audit and Review Engagements
PART 4B: Independence for Assurance Engagements other than Audit and Review
Engagements

THREATS TO INDEPENDENCE
SELF – INTEREST Deals with financial or other interest that affects a PA’s judgement or behavior.
THREAT a. Fees (Questionable)

✓ Significantly low fee (POACH clients)

✓ Unpaid fee for a long period of time
✓ Contingent fee – a fee based on an outcome PROHIBITED
▪ % of audited net income
▪ Allowed IF it is determined by third parties or the court
✓ Undue dependence of fees from a client

b. Fear of disengagement
c. Possible employment
d. Close-business relationship

LOANS
GR: Not allowed
Safeguards
Non-financial
Financial institution
institution
Members of audit
Under normal
team (always Immaterial
lending conditions
material)
Under normal
lending conditions
Audit firm Immaterial
and the amount is
immaterial

INVESTMENT
 Network
Client Service Members Firm
Firms

Required Independence AUDIT Assurance

Assurance (report not
REVIEW
restricted)
Assurance (restricted
REVIEW
report)

SELF – REVIEW Not appropriately evaluating the results of a previous judgment made or simply
THREAT re-evaluation of previous work.

ISSUES
1) Two or more services for one client
▪ GR: No threat
▪ Exception
Service 1 Assurance Audit Audit
Service 2 Subject matter of assurance FS Installation

2) From the client to the audit firm (resigning employee)

FAMILIARITY THREAT Due to long or close relationship with the client, PA will be too sympathetic to
their interests.

A. Family
a. Immediate family member (Spouse and dependent child)
b. Close family member (Parents, sibling, non-dependent child)
B. Familiar
a. From the audit firm to the client (resigning employee)
b. Long association of client
▪ LIMIT: 5 YEARS
▪ MAY RETURN: AFTER 2 YEARS
c. Gifts and Hospitalities
Generally, it is NOT ALLOWED unless clearly trivial.

ADVOCACY THREAT Promoting a client’s position instead of PUBLIC.

ISSUES
1. Expert witness client
2. Corporate finance service to audit client (SR threat also)
3. Litigation service to an audit client (SR threat also)
4. Underwriter to an audit client
“Comfort Letter” – signatory: auditor / addressee: underwriter

INTIMIDATION Professional accountant is deterred from acting objectively because of actual or

THREAT perceived pressure.

ADDITIONAL NOTES
 ANALYTICAL PROCEDURES
PSA 520 requires the auditor the use of analytical procedures in planning and overall review stages of audit.

STEPS

1. PYFS
Develop expectations regarding the PAINT 2. Anticipated results (budgets)
financial statements. 3. Industry averages
4. Non-financial information
5. Typical relationships among
Compare the expectattions with the FS balances
financial statements under audit.

Investigate significant differences

USES AND OBJECTIVES

STAGE OF AUDIT OBJECTIVE

Planning ▪ To understand the client’s business
▪ To identify areas that may represent specific risks

Substantive Tests ▪ To obtain evidence to confirm individual account balances

Overall Review ▪ To identify unusual fluctuations that were not identified in planning and testing
phases
▪ To confirm conclusions reached

ADDITIONAL CONSIDERATIONS WHEN USED AS SUBSTANTIVE TEST

✓ Focus on accounts that are PREDICTABLE.

o IS accounts are more predictable than BS accounts.
o Accounts not subject to management discretion are generally PREDICTABLE.
o Relationships in a stable environment are more predictable than those in a dynamic or unstable
environment
 SYSTEM QUALITY CONTROL
PURPOSE:
✓ To provide reasonable assurance of
o Compliance with professional standards and regulatory and legal requirements
o Reports issued are appropriate

ELEMENTS OF QUALITY CONTROL (HEAL ME)

LEADERSHIP ▪ Promoting an internal culture that recognizes the significance of quality in
RESPONSIBILITIES FOR performing engagements
QUALITY IN THE FIRM ▪ Depends on clear, consistent, and frequent actions and messages from all
levels
▪ May be communicated through:
✓ Training seminars
✓ Meetings
✓ Formal or informal dialogues
✓ Mission statements
✓ Newsletters
✓ Memoranda
▪ Person assigned with such operational responsibility shall have sufficient and
appropriate experience, ability, authority, and responsibility

ETHICAL REQUIREMENTS ▪ Compliance with relevant ethical requirements

▪ Emphasis of fundamental principles

INDEPENDENCE
▪ Maintenance of independence
✓ Communicate the independence requirements
✓ Identify threats and take appropriate actions to eliminate or reduce them
to acceptable level through safeguards OR if appropriate, withdraw

Requires:
o Engagement partners to provide relevant information regarding client
engagements
o Personnel to promptly notify firm of threats to independence
o Accumulation and communication of relevant information
To determine whether independence requirements is satisfied
To maintain and update independence records
To take appropriate actions against identified threats

▪ Breach of independence requirements

✓ Promptly notify the firm of independence breaches to:
Engagement partner
Other relevant personnel who may need to take appropriate action
✓ Prompt communication to the firm regarding actions taken by the
engagement partner to assess if further action is needed

▪ Written confirmation of compliance

✓ Obtained at least annually by the firm from all required personnel
▪ SAME SENIOR PERSONNEL (long period) - Set out criteria to reduce
familiarity threat to acceptable level
▪ LISTED ENTITIES – required rotation of engagement partner after
specified period

ACCEPTANCE AND ▪ Only undertake engagements or continue relationships when:

CONTINUANCE OF ✓ Client has integrity and no information against that
CLIENT RELATIONSHIPS ✓ The firm is competent and has capabilities, time, resources
AND SPECIFIC ✓ The firm can comply with ethical requirements
ENGAGEMENTS
 ▪ Obtain the information deemed necessary before accepting the engagement
✓Issues were identified and firm decides to accept --- document how the
issues were resolved.

INTEGRITY
Consider:
✓ Identity and business reputation of PO-KM-RP-TCWG
✓ Nature of operations and business practices
✓ Aggressive interpretation of accounting standards and IC environment
✓ Aggressive maintenance of firm’s fee as low as possible
✓ Indications of inappropriate limitations
✓ Indications of money laundering or other criminal activities
✓ Reasons for appointment of firm and non-reappointment of previous firm

Obtained from:
✓ Communications with existing or previous providers of professional
accountancy services and other third parties
✓ Inquiry of other firm personnel or third parties
✓ Background searches of relevant databases

COMPETENCE
✓ Review specific requirements of engagement and existing partner and staff at
all relevant levels
Consider:
✓ Knowledge of relevant industries or subject matters
✓ Experience with relevant regulatory or reporting requirements; ability to
gain necessary skills and knowledge effectively
✓ Sufficient personnel with necessary capabilities and competence
✓ Experts’ availability
✓ Engagement Quality Control Reviewer is available
✓ Ability to complete the engagement within a deadline

HUMAN RESOURCES ▪ Sufficient personnel with necessary capabilities, competence, and commitment
to ethical principles

CAPABILITIES AND COMPETENCE can be developed through:

✓ Professional education
✓ CPD including trainings
✓ Work experience
✓ Coaching

▪ The firm shall emphasize the need for continuous training and provide the
necessary resources and assistance for such trainings.
▪ External persons may be used to provide the necessary resources if not
available or for other reasons.

PERFORMANCE EVALUATION
1. The firm shall:
o Make personnel aware of firm’s expectations
o Provide evaluation and counseling to personnel
o Promotion and disciplinary actions depend on quality of performance and
compliance to ethical principles

2. Size and circumstances of firm may influence the performance evaluation.

ASSIGNMENT OF ENGAGEMENT TEAMS

▪ Assign responsibility to engagement partner
Communicate the identity and role of EP to key members of client
management and TCWG
EP has appropriate capabilities, competence, authority, time
Responsibilities of EP are clearly defined and communicated to the partner
 ▪ Monitor workload and availability of EP
▪ Assign appropriate staff
▪ Assessment of staff’s capabilities and competence

ENGAGEMENT ▪ Engagements are performed in line with professional standards and regulatory
PERFORMANCE and legal requirements.
▪ Appropriate reports are issued
▪ Establish consistency in quality of engagement performance through guidance
materials
▪ All members of the team understand the objectives of their work.

SUPERVISION AND REVIEW

Supervision
Tracking the progress
Considering the capabilities and competence
Addressing significant issues
Identifying matters for consultation or consideration

Review
More experienced members including the engagement partner review
the work of the less experienced members

CONSULTATION (see REO Handouts No. 14)

DIFFERENCES OF OPINION
▪ Conclusions reached should be documented and implemented.
▪ The report should not be issued until the matter is resolved.
▪ Consulting with another practitioner or firm or professional or regulatory
body

EQCR
▪ Provides an objective evaluation of significant judgments made by the
engagement team and conclusions reached
Require EQCR for all audits of listed entities
Set out criteria for others whether to subject them to EQCR
➢ Require EQCR for all engagements meeting such criteria

▪ Complete EQCR before the issuance of report.

▪ It does not relieve the engagement partner from its responsibilities.
▪ Criteria of which engagements are subject to EQCR shall include:
Nature and extent
Identification of unusual circumstances or risks
Whether laws or regulations require EQCR

▪ Set out:
NTE of EQCR
Criteria for eligibility of EQCR
Documentation requirements for EQCR

MONITORING ▪ SQC are relevant, adequate, operating effectively and complied with in practice.
*refer to REO Handouts 14 ▪ Performed by competent individuals and covers both the appropriateness of
for specific details design and effectiveness of the operation of the system quality control.
▪ Ongoing consideration and evaluation of SQC (see REO Handouts 14)

▪ Inspection of a selection of completed engagements is on a CYCLICAL basis.

▪ INSPECTION: One engagement per engagement partner over an inspection
cycle (not more than 3 years)
▪ Some engagements may be selected for inspection WITHOUT prior
notification to the engagement team,
▪ Inspectors SHOULD NOT be involved in the engagement nor the EQCR.
▪ External persons may be used to do the inspection in the case of small firms
and sole practitioners.
 ▪ Arrangements to share resources with organizations to facilitate monitoring
activities is allowed.

APPROPRIATE ACTIONS FOR DEFICIENCIES NOTED

▪ Evaluate the effect and determine whether:
▪ Communicate the noted deficiencies and recommendations to the relevant
engagement partners and other appropriate personnel,
▪ Recommendations:
▪ Report is inappropriate OR procedures were omitted --- the firm should
determine further action to comply and should also consider legal advice.
▪ At least annually, firm should communicate the results of monitoring to the
partners and other individuals within the firm.
▪ Reporting of identified deficiencies ORDINARILY DOES NOT include
identification of specific engagements unless necessary.
▪ Some firms may implement some or all the monitoring procedures on a
NETWORK BASIS.
▪ Appropriate documentation

COMPLAINTS AND ALLEGATIONS

▪ May come from within or outside the firm.
▪ Establish clearly defined channels
▪ Documented as well as the responses of the firm against them

ADDITIONAL NOTES

A deficiency in the firm’s SQC does not indicate that a particular audit engagement was not performed
accordingly, nor the report was inappropriate.
 SPECIAL REPORTING
PSA 800: Special Considerations – Audit of FS prepared in accordance with SPECIAL PURPOSE FRAMEWORKS

OBJECTIVE OF AUDITOR To address appropriately the special considerations relevant to:

✓ Acceptance of engagement
✓ Planning and performance of engagement
✓ Forming an opinion and reporting on FS

DEFINITIONS Special Purpose FS – FS prepared in accordance with special purpose

framework.

Special purpose framework – designed to meet the needs of SPECIFIC users and
can either be a fair presentation or a compliance framework.

SPECIAL PURPOSE Tax basis of accounting; cash receipts and disbursements basis of accounting;
FRAMEWORKS financial reporting established by regulator (SEC, IC, BSP); financial reporting of
a contract

ACCEPTANCE OF Auditor shall obtain an understanding of:

FINANCIAL REPORTING a. Purpose for which the FS is prepared
FRAMEWORK b. Intended users
c. Management steps in determining that the financial reporting
framework is acceptable in the circumstance

DESCRIPTION OF
APPLICABLE FINANCIAL
REPORTING FRAMEWORK
(auditor’s report)
✓ Describe the purpose and if necessary, the intended users OR refer to the notes
for such information.
✓ If management has a choice of FRF, management steps in determining that the
financial reporting framework is acceptable in the circumstance

FORMING AN OPINION ▪ Apply PSA 700.

AND REPORTING ▪ IN ADDITION, include:
CONSIDERATIONS Statement that indicates the basis of accounting or should refer to the note
for such information.
EOM (TAO Ba EOM)
i. Basis of Accounting
ii. Restriction of distribution

PSA 805: Special Considerations – Audit of Single FS and Specific Elements, Accounts, or Items of an FS

OBJECTIVE OF AUDITOR To address appropriately the special considerations relevant to:

✓ Acceptance of engagement
✓ Planning and performance of engagement
✓ Forming an opinion and reporting on single FS or specific EAI of an FS.

DEFINITIONS Element of an FS or “Element” – means an element or account or item of an FS.

It includes the related disclosures.

ENGAGEMENTS Expression of an opinion on:

(examples) ▪ AR, ADA, Inventory, etc. including related notes
▪ Schedule of externally managed assets and income of private pension plans
including related notes
▪ Schedule of net intangible assets including related notes
▪ Schedule of disbursements in relation to lease, including related notes

ACCEPTANCE OF a. Application for ISAs – Is it practicable? (Auditability, Related to historical

ENGAGEMENT information)
b. Acceptability of FRF -auditor shall determine its acceptability
c. Form of Opinion – Is the opinion appropriate? (See Forming Opinion below)
CONSIDERATIONS WHEN ▪ Examine other related accounts
PLANNING AND ▪ Materiality should be related to specific account and examination shall be
PERFORMING THE AUDIT MORE EXTENSIVE. (i.e., lower materiality level)
▪ Auditor’s report on the component shall not accompany the FS of entity.

FORMING AN OPINION ▪ Apply PSA 700 and when applicable apply PSA 800 as necessary in the
AND REPORTING circumstance.
CONSIDERATIONS
RULES
a. Audit of a single FS or a specific element MAY BE PUBLISHED TOGETHER
with entity’s complete set of FS.

b. Adverse or DOO --- complete set of FS

✓ Do not include an unmodified opinion on the single of FS or specific
element in the same auditor’s report.

✓ Unmodified opinion on SPECIFIC ELEMENT is allowed if:

➢ Not prohibited by law or regulation
➢ Opinion is not published together with the report containing the
adverse or disclaimer of opinion
➢ Element does not constitute a major portion of entity’s complete FS

✓ Unmodified opinion is NOT ALLOWED to be expressed on a single FS.

PSA 810: Engagements to Report on Summary Financial Statements

OBJECTIVE OF AUDITOR ✓ To determine if it is appropriate to accept the engagement.

✓ To form an opinion on summary FS based on evaluation of conclusions drawn
from evidence obtained.
✓ To clearly express the opinion through a written report

DEFINITIONS Applied criteria – criteria applied in preparing the summary FS

Audited FS – FS audited by auditor and from which the summary is drawn

Summary FS – contains less detail than the FS while providing consistent

structured representation

ENGAGEMENT Accept ONLY if the same auditor has audited the FS from which the summary is
ACCEPTANCE derived.

RULES BEFORE ACCEPTING

▪ Determine whether the applied criteria are acceptable.
✓ Nature of entity
✓ Purpose of summary FS
✓ Information needs of intended users
✓ Applied criteria will not result into a misleading summary FS

▪ Obtain the agreement of management regarding its responsibility on:

✓ Preparation of summary is in accordance with applied criteria
✓ To make the audited FS available to intended users of summary FS without
undue difficulty
❖ If need not be available, describe the law or regulation in the
summary FS.
✓ To include auditor’s report in any document that contains the summary FS

▪ Agree with management the form of opinion to be expressed on the

summary FS unless inconsistent.
AUDIT PROCEDURES d. Application for ISAs – Is it practicable? (Auditability, Related to historical
information)
e. Acceptability of FRF -auditor shall determine its acceptability
f. Form of Opinion – Is the opinion appropriate? (See Forming Opinion below)
AUDITOR’S REPORT ON SUMMARY FS

ELEMENTS TITLE: Need to be appropriately titled and to be read in conjunction with the
most recent audited FS

ADDRESSEE: If addressee is different from the addressee of the report on the

audited FS, evaluate the appropriateness of using different addressee.

STATEMENT: Summary FS do not contain all the disclosures required and the
auditor’s report thereon is not a substitute for reading the audited FS and
auditor’s report thereon.

DATE: No earlier than

a. Date that the auditor has obtained SAAE
b. Summary FS have been prepared and management has taken
responsibility
c. Date of auditor’s report on the audited FS.

See REO Handouts 16 for further details

FORM OF OPINION UNMODIFIED OPINION

a. The accompanying summary FS are consistent, in all material respects, with
the audited FS, in accordance with the [applied criteria].

b. The accompanying summary FS are a fair summary of the audited FS in

accordance with the [applied criteria].

LAW OR REGULATION PRESCRIBES THE WORDINGS

✓ Apply procedures under 810 and any further procedures necessary to enable
the auditor to express the prescribed opinion
✓ Assess: Will it cause misunderstanding to the users?
❖ YES: Can additional explanation mitigate such misunderstanding?
➢ NO: Do not accept the engagement unless required by law

NOTE: Engagement conducted in accordance with such law DOES NOT COMPLY with ISA. Thus, the
auditor’s report SHALL NOT INDICATE that it was in accordance with the ISA.

REFERENCE TO
i. Qualified Opinion (ISA 705)
AUDITOR’S REPORT ON
ii. EOM or OM (ISA 706)
AUDITED FS
iii. Material Uncertainty on GC
(ISA 570)
iv. Communication of KAM
(ISA 701)
v. Statement of uncorrected
material misstatement and
others (ISA 720)
✓ State in the auditor’s report the inclusion of
such matter.
✓ Describe:
o The basis of qualified opinion on audited
FS and effect on summary FS
o The matter referred to EOM, OM, OR MUGC
and effect on summary FS
o Uncorrected MM of other information and
effects on the summary FS

▪ When auditor’s report on audited FS includes (Table A) and auditor is satisfied

that summary FS are consistent with the audit FS, then additional elements
(Table B) shall be included on the auditor’s report on summary FS.

Auditor’s report on audited FS contains adverse opinion or disclaimer of

opinion, additional elements:
i. State the existence of such opinion
ii. Describe the basis of opinion
iii. State that it is inappropriate to express opinion on summary FS.
MODIFIED OPINION ON Summary FS are not consistent with audited FS and applied criteria and
SUMMARY FS management does not agree to make necessary changes. --- ADVERSE

RESTRICTION ON When there is restriction or that the report on audited FS alerts the users, include
DISTRIBUTION OR USE similar restriction or alert in the report on summary FS.
OR ALERTING READERS

SUMMARY OF AUDIT RELATED SERVICES

REVIEW AGREED-UPON COMPILATION

References PSRES and PREPS PSRSs and PRSPS PSRSs and PRSPS
Perform procedures as
Express conclusion whether
agreed upon with the Use accounting expertise
material modifications are to
Objective client and third parties to collect, classify, and
be made to conform with
and report on factual summarize FS.
PFRS
findings
Ethical requirement Independence + PICPO PICPO PICPO
Level of assurance Moderate (limited) Zero / None Zero / None
Procedures are May or may not be agreed
Exclusively by AUDITOR Agreed-upon by parties
determined by by parties
Review report
Report provided Report on factual findings Compilation report
(negative form)
Availability of report All users Limited All users

ADDITIONAL NOTES
 AUDITING IN CIS
CHARACTERISTICS OF CIS

✓ LACK OF VISIBLE TRANSACTION TRAILS – Data can be entered into the computer system without
supporting documents.

✓ CONSISTENCY OF PERFORMANCE – Clerical errors are eliminated. However, an incorrect program could
be very devastating because of consistent erroneous data processing.

✓ EASE OF ACCESS TO DATA AND COMPUTER PROGRAMS – Can be accessed and altered by unauthorized
persons with no visible evidence.

✓ CONCENTRATION OF DUTIES – Normally segregated functions under manual processing may be

combined in CIS environment.

✓ SYSTEM GENERATED TRANSACTIONS – Initiated by the CIS itself without input document. (Interest
computation)

✓ VULNERABILITY OF DATA AND PROGRAM STORAGE MEDIA – Can be easily changed having no trace of
original content. This may happen inadvertently and ma result into loss of huge amount of information.

INTERNAL CONTROLS IN CIS ENVIRONMENT

GENERAL CONTROLS
(Related to the overall computer information system)
ORGANIZATIONAL ▪ Define the strategic decision and establish an organization framework.
CONTROLS ▪ Clear assignment of authority and responsibility
▪ Strategic information and technology plan
▪ Policies and procedures
▪ Monitoring if IT activities performed by third parties

SEGREGATION OF DUTIES
a. CIS department vs. User department
✓ CIS department shall be independent BOTH from the provider of
input data and user of output data
✓ Function of CIS department: To process transactions
✓ All changes in computer files must be initiated and authorized by the
USER DEPARTMENT

b. Within the CIS department

CIS Director – exercises control over the CIS Operation

System Analyst – designs new systems, evaluates, and improves existing
systems, prepares specifications for programmers
Programmer – writes program according to specifications, tests and debugs,
prepares computer operating instructions
Computer operator – operates the computer to process transactions
Data Entry Operator – prepares and verifies input data for processing
 Librarian – custodian of systems documentation, programs, and files
Control Group – reviews the process from the input throughout the output
as well as its distribution to authorized personnel

OPTIMAL SEGREGATION – each of the tasks shall be assigned to different

employees.

MINIMUM – for small entities, systems development and computer operations

shall be separated.

SYSTEMS DEVELOPMENT, ▪ User department must participate in system design

MAINTENANCE, AND ▪ Adequate documentation shall be made (procedural)
DOCUMENTATION CONTROLS ▪ Control of all master and transaction files – user department
▪ Required written specification approval – user department and management
▪ Testing of new systems – user department and IT personnel
▪ Approval of new systems before implementation – user, management, IT
▪ Approval of changes in program – user, management, IT

ACCESS CONTROLS To ensure that access is limited only to authorized personnel. (passwords)

PHYSICAL ACCESS CONTROL

a. Limited Physical Access – guard, automated key cards, manual key locks
b. Visitor entry log

ELECTRONIC ACCESS CONTROL

a. Requiring user identification and regular changes of passwords
b. Defining user data access privilege
c. Call back

HARDWARE CONTROL
a. Diagnostic routines
b. Boundary protection
c. Periodic maintenance

DATA TRANSMISSION CONTROL

a. Parity check – data are processed and transmitted in arrays of bits.
Redundant bit may be added to verify the integrity of information processed.
b. Data encryption – data are coded into secret characters to avoid
unauthorized individuals from reading the information.
c. Message Acknowledgement technique (Echo check) – receiving device
sends message that verifies a transmission back to sending device
d. Private lines – using phone lines owned or leased by organization, thereby
more secure

OTHER ACCESS CONTROL ACTIVITIES

a. OS generating a computer log of failed access attempt and generates warnings
for repeated access failure
b. Programmers SHOULD NOT HAVE ACCESS to input data and application
programs currently used.
c. Computer operators are RESTRICTED ONLY to application programs currently
used.
d. Computer operators are LIMITED TO ACCESS ONLY the operations manual and
not the detailed program documentations.

DATA RECOVERY AND Maintenance of back-up files and off-site storage procedures.
PROCEDURAL CONTROLS
PROCESSING CONTROLS
a. Written manual of systems and procedures for all computer operation
b. Back-up and recovery
✓ Grandfather-father-son principle on file retention – three generations
of master files and transaction files
 ✓ Snapshots – daily picture (copy) of data files and retained until weekly
file is prepared, until monthly file is created, until annual file is created.
Audit software routines are embedded at different points in the
processing logic.
c. Contingency processing
✓ Reciprocal agreement / Mutual aid impact
✓ Internal site
✓ Hot site --- already installed with equipment (not in the premises)
✓ Cold site --- ready for equipment to be brought in
d. File Protection Rings – this controls operator error by writing data on tapes
containing critical information
e. Internal and External Labels – identification of files

MONITORING CONTROLS ✓ Designed to ensure that IT controls are working effectively.

✓ Periodic evaluation of adequacy and effectiveness of the overall CIS
✓ Monitoring of key IT performance indicators
✓ Internal/External IT audits
.

APPLICATION CONTROLS
(Related to the specific use of the system)
CONTROLS OVER INPUT Designed to provide reasonable assurance that:
▪ Transactions are properly authorized before processed by computer
▪ Transactions are accurately converted into machine readable form and
recorded in the computer data files
▪ Transactions are not lost, added, duplicated, or improperly changed

▪ Incorrect transactions are rejected, corrected, and if necessary, resubmitted

on a timely basis.

COMMON CONTROLS
a. Key verification – data are entered twice (by different operators)
b. Limit check – uses predetermined upper and lower limit
c. Validity test – comparison of data against a master file or table of accuracy
d. Self-checking digit – used to detect transpositional error; contains
redundant information permitting accuracy check
e. Completeness check (Missing data check) – processing will not continue
unless all data required are supplied
f. Menu driven input – contains a set of menu or Q&A that guides the user
g. Field check – proper character is supplied in each field (Numeric only, etc.)
h. Field size check – data supplied is within the number of digits or string of
characters required
i. Logic tests – rejects illogical or inconsistent data
j. Control totals
Record Count (item count) – number of items being input in a given
batch
Financial total – total of the amount of all items in a batch
Hash total – total of one field of information of all items in a batch that
has no intrinsic meaning (e.g., total of voucher numbers)

CONTROLS OVER Designed to provide reasonable assurance that:

PROCESSING ▪ Transactions are processed accurately
▪ Transactions are not lost, added, duplicated, or improperly changed

▪ Processing errors are identified and corrected on a timely basis

CONTROLS OVER OUTPUT Designed to provide reasonable assurance that:

▪ Results are complete and accurate
▪ Outputs are distributed to authorized personnel only
 TEST OF CONTROLS IN CIS ENVIRONMENT

✓ The effectiveness of the general CIS is essential to the effectiveness of CIS application controls.

✓ It is MORE EFFICIENT to review general controls first before the application controls.

TESTING THE RELIABILITY OF GENERAL CONTROLS

▪ Observing client’s personnel in performing their duties
▪ Inspecting program documentation
.
▪ Observing security measures in force

TESTING THE RELIABILITY OF APPLICATION CONTROLS

AUDITING AROUND THE COMPUTER ▪ Generally, it tests the manual control structure
▪ Focuses solely on input documents and IT output
▪ Ignores the client’s data processing procedures
▪ BLACK BOX APPROACH

AUDITING WITH THE COMPUTER The auditor uses the computer as an audit tool.

AUDITING THROUGH THE COMPUTER ▪ Examines DIRECTLY the computer and its system and application
software using CAATs
▪ WHITE BOX APPROACH

COMPUTER-ASSISTED AUDITING TECHNIQUES (CAATs)

CONSIDERATIONS CATEGORIES OF TECHNIQUES

✓ Degree of technical competence in IT a. Program Analysis
✓ Availability of CAATs and appropriate computer facilities b. Program Testing
✓ Impracticability of manual tests c. Continuous testing
✓ Effectiveness and efficiency d. Review of Operating Systems
✓ Timing of tests

PROGRAM ANALYSIS
CODE REVIEW Actual analysis of logic of program’s processing routines

COMPARISON PROGRAMS Comparison of computerized files

FLOWCHARTING SOFTWARE Produce flowcharts that may be used in both the mainframe and
microcomputer environments

PROGRAM TRACING AND Allow auditor to recognize logic sequence or dormant section of code that may
MAPPING be a potential source of abuse

PROGRAM TRACING – each instruction executed is listed along with control

information affecting the instruction

PROGRAM MAPPING – identifies sections of code that can be entered and thus
are executable

SNAPSHOT Takes picture at specified processing points in program processing

.

PROGRAM TESTING
TEST DATA ▪ Conducted on a surprise basis
▪ Utilizing client’s software to process both valid and invalid transactions
▪ Client’s software should detect all exceptions planted in auditor’s test
data to conclude that controls are effective
INTEGRATED TEST FACILITY (ITF) ▪ Dummy transactions are built into the system during the original design
Integrated Test Data ▪ Integrates fictitious and actual data without management’s knowledge
Minicompany Approach ▪ Incorporates a simulated or subsidiary into accounting system for the
sole purpose of running test data through it

BASE CASE SYSTEM EVALUATION ▪ Special type of test data

(BCSE) ▪ Provides much more assurance than test data alone
▪ Develops test data that purports to test every possible condition that an
auditor expects a client’s software will confront
▪ Time-consuming and expensive

NOTE: Test each control only once. Problems that may be encountered:
➢ Ascertaining that test data is not included in client’s accounting records
➢ Determining if program tested is actually used by client
➢ Adequately developing test data for every possible control
➢ Developing adequate data to test key controls may be extremely time-
consuming

PARALLEL SIMULATION ▪ Shifts control over the computer

▪ Should be performed on a surprise basis

▪ Can be accomplished using:

Generalized audit software – designed to perform common audit
tasks
Purpose-written programs – perform audit tasks in specific
circumstances

LIMITATIONS
✓ Time-consuming for creating auditor’s software
✓ Incompatibility of audit and client’s software
✓ Tracing differences between two set of outputs to differences in
programs may be difficult
✓ Time involved in processing large quantities of data

CONTROLLED REPROCESSING ▪ A variation of parallel simulation that instead of using generalized audit
software, the auditor uses a copy of client’s application program

LIMITATIONS
✓ Copy of the program is identical to the currently used by client
✓ Keeping current with changes in program
✓ Time involved in processing large quantities of data
 CONTINUOUS (CONCURRENT) TESTING
Utilizes EDI which sometimes do not retain permanent audit trails thus requiring capture of audit data
EMBEDDED AUDIT MODULES
SYSTEM CONTROL AUDIT REVIEW FILES
(SCARF)
AUDIT HOOKS
TRANSACTION TAGGING
EXTENDED RECORDS
.
REVIEW OF OS AND OTHER SYSTEM SOFTWARE
JOB ACCOUNTING DATA
Operating System Logs
LIBRARY MANAGEMENT SOFTWARE
ACCESS CONTROL AND SECURITY SOFTWARE
.
COMPUTERIZED AUDIT TOOLS
GENERALIZED AUDIT SOFTWARE (GAS)
Package Programs
ELECTRONIC SPREADSHEETS
AUTOMATED WORKING SOFTWARE
DATABASE MANAGEMENT SYSTEM
▪ Program routines incorporated into an application program
designed to perform audit function (calculations) or logging activity
▪ Used to select client data for subsequent testing and analysis
▪ Created by embedded audit module used to collect information into
a special computer file for subsequent review and analysis
▪ Selects type of transactions
▪ Exit point in an application program allowing auditor to
subsequently add an audit module
▪ Sometimes used to accomplish transaction tagging
▪ An identifier providing a transaction with special designation is
added to transaction record.
▪ It is “tagged” and then traced through critical control points in the
information system
▪ Tag – used to allow logging of transactions or snapshot of activities
▪ Attaches additional data that would not otherwise be saved to
regular historic records and thereby helps to provide a more
complicated trail
▪ Includes reports of resources used by the computer system
▪ May be used to review the work processed, to determine whether
unauthorized applications were processed and to determine that
authorized applications were processed properly
Logs changes in programs, program modules, job control
language, and other processing activities
▪ Supplements physical and control measures related to
computer
▪ Helpful in online environments or in systems with data
communications
Designed to perform audit tasks such as:
Reading computer files
Selecting samples
Performing calculations
Creating data files
Printing reports in an auditor-specified format
▪ Used for analytical procedures and performing mathematical
procedures
▪ Contain variety of predefined mathematical operation and functions
▪ Generate trial balances, lead schedule, or other workpapers useful to
audit
▪ Used to perform
analytical procedures
mathematical calculations
generation of confirmation request
prepare customized automated workpapers
▪ Manage the creation, maintenance, and processing of information
▪ Data are organized in predefined records while database software is
used to select, update, sort, display, or print records
TEXT RETRIEVAL SOFTWARE ▪ Enables access to various databases, including database of standard-
Text Data Software setting body
▪ Allows user to browse through text files like browsing through books

PUBLC DATABASE Used to obtain accounting information of a particular company and

industry as well as other publicly available information

WORD PROCESSING SOFTWARE Used in variety of communications-related manners

ADDITIONAL NOTES
 ADDITIONAL CONCEPTS
EXTERNAL CONFIRMATIONS
✓ Direct written response from the third party to the auditor in paper form (electronic or other medium)
✓ May be used in: PIABALITA
Property title deeds held by lawyers or Loans from lenders
financiers for safe custody
Investments purchased from stockbrokers Inventories held by third parties at bonded
but not delivered at reporting date warehouses
Absence of certain conditions (side Terms of agreements or transactions with
agreements) third parties and details of modifications
Bank balances and other information from AP balances
banks
AR balances

TYPES OF EXTERNAL CONFIRMATION

POSITIVE NEGATIVE
As to responses from confirming party
✓ Respond directly to auditor ONLY IF confirming
✓ Responds directly to auditor whether the
party disagrees
confirming party agreed or disagreed with the
✓ Used when auditor believes that recipients has no
information or providing the information
reason to disregard the request
As to related RMM

✓ Information system and internal controls are

unreliable or ineffective. RMM is low.
✓ Fraud risk factors prevent auditor from relying on Very few or no exceptions expected.
evidence from entity

As to availability of sources

Available ONLY to outside entity Available within and outside the entity

As to characteristics of items involved

Large number of small, homogenous account
Small number of large account balances
balances

EXTERNAL CONFIRMATIONS PROCEDURES

1. Auditor requests from management.
2. Management prepares and signs confirmation request.
3. Auditor controls sending of request to the confirming party.
4. Confirming party send response directly to auditor.

EVALUATION OF EVIDENCE OBTAINED

a. Response without exception – agreement with the information or has provided information
b. Response deemed unreliable – obtain further audit evidence to resolve doubts
c. Non-response – perform alternative audit procedure
d. Response with exception – investigate exceptions whether they are indicative of misstatements

ADDITIONAL NOTES
PSA TITLE

120 Frame of PSA on auditing

200 Overall Objective of the Independent Auditor and the Conduct of an Audit in
accordance with PSA
210 Agreeing the terms of Audit Engagements
220 Quality control for an Audit of FS
230 Audit Documentation
240 Auditor’s Responsibilities relating to Fraud in an Audit of FS
250 Consideration of Laws and regulations in an Audit of FS
260 Communication with TCWG
265 Communicating Deficiencies in Internal Control to TCWG and Management

300 Planning an Audit of FS

315 Identifying and Assessing the RMM through understanding the entity and its
environment
320 Materiality in Planning and Performing an Audit
330 Auditor’s Responses to Assessed Risks

402 Audit considerations relating to Entity using Service organization

450 Evaluation of Misstatements identified during the Audit

500 Audit Evidence

501 Audit Evidence – Specific considerations for Selected items
505 External Confirmations
510 Initial Audit Engagements – Opening Balances
520 Analytical Procedures
530 Audit Sampling
540 Auditing Accounting Estimates, Including Fair Value Accounting Estimates and
Related Disclosures
550 Related Parties
560 Subsequent events
570 Going concern
580 Written Representations

600 Special Considerations – Audit of Group FS, including the Work of Component
Auditors
610 Using the Work of Internal Auditors
620 Using the Work of an Auditor’s Expert

700 Forming an Opinion and Reporting on FS

701 Communicating KAM in the Independent Auditor’s Report
705 Modifications to the Opinion in the Independent Auditor’s Report
706 EOM paragraph and OM paragraph in the Independent Auditor’s Report
710 Comparative Information – Corresponding Figures and Comparative FS
720 The Auditor’s Responsibility in Relation to Other Information in Documents
containing Audited FS

800 Special Considerations – Audits of FS prepared in accordance with Special Purpose

Framework
805 Special Considerations – Audits of Single FS and Specific Elements, Accounts, or
Items of an FS
810 Engagement to Report on Summary FS