Chapter 2: External Audit

Objective: To describe the regulatory framework in which external (statutory) audits occur.

1.1 Sources
The regulatory environment of external audits is predominantly statutory, which means audit of
the financial statements of companies (and maybe other organisations) is required by national law
(statute). However, some jurisdictions allow for audit exemption (see s.4.2).

1.2 Mechanisms
Auditors need to be regulated to ensure that:
 they maintain high standards of audit work; and
 their reputation with the public is maintained.

Auditors are regulated by:

 statute (i.e. through legislation);
 licensing requirements (e.g. ACCA practicing certificate);
 competence requirements ( e.g. a professional qualification and continuing professional
development);
 professional conduct rules (see Chapter 4);
 auditing standards (see s.3); and
 disciplinary procedures of professional accountancy bodies.

2.1 Mission, Vision and Values

IFAC is a non-profit, non-governmental, non-political international organisation with more than 175
members and associates (representing almost 3 million professional accountants) from more than
130 countries.
 Its mission is to serve the public interest by:
 o contributing to the development, adoption and implementation of high-quality international
standards and guidance;
o contributing to the development of strong professional accountancy organisations and
accounting firms and high-quality practices by professional accountants;
o promoting the value of professional accountants worldwide; and
o speaking out on public-interest issues where the profession's expertise is most relevant.
 IFAC's vision is that the global accountancy profession is recognised as a valued leader in
developing strong and sustainable organisations, financial markets and economies.
 The values of integrity, expertise, and transparency are the guiding principles that IFAC seeks
to exemplify as an organisation through its council, board, boards and committees, volunteers
and staff.

2.2 Standard-setting Board

IFAC has four standard-setting boards:
 IAASB
 IESBA
 IAESB
 IPSASB
2.3.1 IAASB
The International Auditing and Assurance Standards Board (IAASB) is an independent standard-
setting body that serves the public interest by setting high-quality international standards for
auditing, assurance, and other related areas.
The objective of the IAASB is to improve the uniformity of auditing practices and related services
throughout the world by issuing pronouncements (e.g. ISAs) on audit and assurance functions and
promoting their acceptance worldwide.
2.3.2 IESBA
The International Ethics Standards Board for Accountants (IESBA) is an independent standard-
setting body that serves the public interest by setting robust ethics standards for professional
accountants worldwide, including auditor independence requirements.
The IESBA has two objectives:
 To develop guidance on professional ethics and promote its understanding and acceptance by member
bodies.
 To continually monitor and stimulate debate on a wide range of ethical issues to ensure that IFAC's
ethical guidance (issued by the IESBA) is responsive to the expectations and challenges of individuals,
businesses, financial institutions and others relying on accountants' work.
2.3.3 IAESB
The objective of the International Accounting Education Standards Board (IAESB) is to develop
guidance, conduct research and facilitate the exchange of information to ensure that accountants
are adequately trained to meet their responsibilities.
2.3.4 IPSASB
The International Public Sector Accounting Standards Board (IPSASB) works to improve public
sector financial reporting worldwide by developing international accrual-based accounting
standards for use by governments and other public sector entities.

3.1 Structure
 Exam advice

The Code of Ethics, most ISAs and ISAE 3000 Assurance Engagements Other Than Audits or
Reviews of Historical Financial Information are examinable documents (see Chapter 00).

3.2 Scope and Authority of ISAs

ISAs provide the necessary standards for audit work to enable the auditor to express an
independent opinion on the financial statements. All standards relevant to the audit process for an
assignment must be followed. All IAASB pronouncements, including the ISAs, can be downloaded
free from www.IFAC.org.
Suppose the auditor cannot obtain reasonable assurance as to whether the financial statements
are free from material misstatement. In that case, ISAs require that the opinion be modified or that
the auditor withdraws from the engagement.
Each standard contains an introduction, objectives, definitions, requirements and application detail
(see Exhibit 1 below). If any objective cannot be achieved, the auditor must use his judgment to
re-evaluate his ability to achieve the overall audit objective and, therefore, the effect on the
auditor's report.
By their nature, ISAs require auditors to use their professional judgment when applying them.
If, in exceptional circumstances, the auditor judges that it is necessary to depart from a
fundamental principle or essential procedure to achieve the standard's objective more effectively,
the departure must be justified in the working papers.
The requirements of the standards do not override local laws or regulations governing audit and
assurance. However, if national regulations have been followed, but relevant ISAs have not been
applied in their entirety, the auditor's report cannot state, "we conducted our audit in accordance
with International Standards on Auditing".

Exhibit 1 ISA 200

The following is the contents page for ISA 200.

INTERNATIONAL STANDARD ON AUDITING 200

OVERALL OBJECTIVES OF THE INDEPENDENT AUDITOR AND
THE CONDUCT OF AN AUDIT IN ACCORDANCE WITH
INTERNATIONAL STANDARDS ON AUDITING
(Effective for audits of financial statements for periods beginning on or after December 15, 2009)

CONTENTS
Paragraph

Introduction
Scope of this ISA .............................................................................................................................................................1–2

An Audit of Financial Statements .....................................................................................................................................3–9

Effective Date ...................................................................................................................................................................10

 Overall Objectives of the
Auditor .....................................................................................................................................................................................
..11–12
Definitions .......................................................................................................................................................................13
Requirements
Ethical Requirements Relating to an Audit of Financial
Statements ................................................................................................................................................................................
...........14

Professional
Skepticism .................................................................................................................................................................................
..........15

Professional
Judgment ..................................................................................................................................................................................
.........16

Sufficient Appropriate Audit Evidence and Audit

Risk ...........................................................................................................................................................................................
17

Conduct of an Audit in Accordance with

ISAs ........................................................................................................................................................................................1
8–24

Application and Other Explanatory Material

An Audit of Financial
Statements ................................................................................................................................................................................
.....A1–A13

Definitions ..................................................................................................................................................................A14–A15

Ethical Requirements Relating to an Audit of Financial

Statements ................................................................................................................................................................................
....A16–A19

Professional
Skepticism .................................................................................................................................................................................
...A20–A24

Professional
Judgment ..................................................................................................................................................................................
..A25–A29

Sufficient Appropriate Audit Evidence and Audit

Risk ....................................................................................................................................................................................A30
–A54

Conduct of an Audit in Accordance with

ISAs ...................................................................................................................................................................................
A55–A78

3.3 Development
Projects are identified by IAASB members, advisory groups (e.g. business communities), the
Forum of Firms (an independent association of international networks of firms), national auditing
standard-setting bodies and IFAC members.
A task force carries out research and development of an exposure draft (ED). This may be a joint
project with a national auditing standard-setting body.
The typical development process is as follows:
4.1 Statutory Regulation
Because of the importance of the company's external auditor and his relationships with directors
and shareholders, the role of audit and duties of the auditor are often explicitly laid down in statute.
Hence, the external auditor is often referred to as a statutory auditor.
Statutory regulations cover, for example:
 Requirement for audited accounts and audit exemption.
 Eligibility and requirements to become and remain statutory auditors.
 Appointment, removal or resignation of auditors.
 Auditors' reports, duties and rights.
 Monitoring of auditors.
 Rights of shareholders to raise audit concerns at the company's annual general meeting of
shareholders (AGM).
 Liability of auditors.
 Requirement of specific reports (e.g. for annual audits, interim financial statements for listed
companies and accounts of small companies).
In many jurisdictions the requirements for entities (listed, private, public, etc) to be audited are set
out in statute.

4.2 Audit Exemption It is a statutory requirement in nearly all jurisdictions that

companies be audited. However, some jurisdictions recognise that for some "small" companies
the benefit of having an audit is relatively limited and may not justify the costs involved.
Specific requirements vary, but "small" usually means:
 Concentration of ownership and management in a small number of individuals (e.g. owner-
managers).
 Few sources of income.
 Simple management structures and accounting functions.
As control functions will typically be limited, management tends to have greater involvement in
supervising/applying controls (which increases the potential for management override).
Activity 1 Audit Exemption

Suggest FOUR reasons why a small company may require an audit and provide counter-
arguments to those reasons.
*Please use the notes feature in the toolbar to help formulate your answer.
Argument for audit Counter-argument
1. Shareholders not involved in Statutes may provide reasonable protection for minority
management need the assurance shareholders (e.g. holders of at least 10% of shares may call
provided by an audit. for an audit).
2. Audited financial statements are A separate valuation exercise can be carried out at any time.
essential for valuing shares in an There are also other critical factors to valuing shares (e.g. a
unlisted company. controlling holding) outside of the scope of an audit.
3. Banks rely on audited financial  The bank can require an audit to be carried out as a
statements when making loans and condition of the loan.
reviewing the value of the security.  Valuation of a loan's security (i.e. land and buildings) is
relatively easy to obtain.
 Reviews can be carried out of management accounts,
budgets and cash flows, and separate assurance can be
obtained on these.
4. Suppliers who offer credit terms  Depending on when the credit is taken, the financial
need audited financial statements to statements may be 6 to 18 months out of date.
assess the entity's ability to pay.  Trade and credit references will be taken before any
substantial credit is granted.
 Management guarantees can also be given/taken.
5. Management needs an audit as  An audit can still be carried out if management decides to
an independent check. have one.
 Other assurance services and reviews can be provided to
management to cover the specific benefits management
believes are obtained from an audit.

4.3 Eligibility to Become an Auditor

Most jurisdictions require a statutory auditor to be appropriately qualified. For example:
 a member of a recognised professional body; or
 holding an approved international qualification.

Being "appropriately qualified" means not only having passed examinations of a recognised body
(e.g. Advanced Auditing and Assurance (UK) to register as an auditor and sign auditor's reports in
the UK) but also:
 obtaining a minimum number of years of practical and post-qualified relevant audit experience;
 continuous application of ethical criteria;
 continuous relevant practical experience; and
 continuous professional education.

Many countries have "mutual recognition" arrangements so that after passing country-specific
examinations (e.g. law and taxation), a statutory auditor of one country may become a statutory
auditor of another.
In most jurisdictions, officers (i.e. directors) and employees of a company are usually ineligible to
be statutory auditors. Although statute is often not prescriptive in barring others (e.g. family and
friends), this is addressed by the IESBA's Code of Ethics (see Chapter 4).

4.4 Recognised Supervisory Bodies (RSBs)

 Exam advice

The following detail on RSBs should be read in general; it is beyond the AA syllabus.
An RSB is a professional body (e.g. ACCA) whose rules, regulations and procedures have been
approved by the government and whose members are recognised by statute as eligible to sign
auditor's reports.
ACCA is also a recognised qualifying body (RQB) in that it is allowed to examine and award
relevant professional qualifications.
RSBs must have rules to ensure, for example, that:
 A person is not eligible unless "appropriately qualified".
 Only "fit and proper" persons are appointed as company auditors.
 Company audit work is conducted "properly and with integrity".
 Technical standards are applied to company audit work.
 Competence of company auditors is maintained.
Key point

Although statutes lay down requirements for external auditors, the RSBs implement them.

4.5 Rights and Duties of Auditors

4.5.1 Duties
In most instances, the primary duty of a statutory auditor is to report to the company's
shareholders on the financial statements (statement of financial position, statement of profit or loss
and other comprehensive income, statement of cash flows, accompanying notes, etc.) prepared to
an accounting reference period (usually for a year).
Other duties relating to the statutory audit will vary between jurisdictions but may, for example,
include the requirement to report that:
 proper accounting records have been kept; 
 the auditor has received all necessary information and explanations; and
 the directors' report is consistent with the information contained in financial statements.

Definition

Accounting records:
 the records of initial accounting entries and supporting records (e.g. records of electronic fund
transfers, invoices, contracts);
 the general and subsidiary ledgers, journal entries and other adjustments to the financial statements
that are not reflected in formal journal entries; and
 records such as work sheets and spreadsheets supporting cost allocations, computations,
reconciliations and disclosures.

4.5.2 Rights
An auditor cannot fulfil statutory duties without commensurate rights (which must also be
legislated). For example:
 To have access to the books, accounts, and vouchers at all times.
 To require from company officers any information and explanations considered necessary for the audit.
 To have unrestricted access to persons within the entity from whom the auditor determines it necessary
to obtain audit evidence.
 To receive notice of, attend and be heard at the general meeting of the company on business which
concerns them as an auditor (e.g. a resolution to remove them from office).
Also, the auditor may have rights associated with his vacation of office (e.g. by resignation or
removal) to bring matters to the attention of shareholders and creditors (e.g. if the auditor is
removed because he gives a qualified audit opinion or if he resigns because he is not given
access to necessary information).

4.6 Appointment of Auditors

Key point

The shareholders are ultimately responsible for the appointment of the external auditor.
In most jurisdictions, auditors are appointed by the shareholders to whom they report. The process
may be delegated to directors (or, under corporate governance, to a supervisory or audit
committee) and then approved by the shareholders.
Typically, the appointment is for one year. The auditors will then offer themselves for re-
appointment (e.g. at the AGM) to be voted on by the shareholders. Re-appointment is not
automatic.
The auditor's remuneration is generally fixed by whoever makes the appointment. In practice, the
shareholders usually delegate the negotiation of this to the directors or, under corporate
governance procedures, to be recommended by the audit committee (see Chapter 3).
The audit appointment process is detailed later in Chapter 5.

4.7 Removal of Auditors

4.7.1 Removal by Directors
It is generally more difficult to remove auditors than appoint them. This is because auditors should
not be removed just on the whim of directors (e.g. because the auditor wants to qualify his opinion
and the directors disagree).
As the shareholders are responsible for the appointment of the auditor, only the shareholders have
the power to remove the auditor from office (e.g. by ordinary resolution in a general meeting of
shareholders).

Exam advice

In addition to the statutory audit, many jurisdictions place statutory duties upon auditors in other areas
related to companies (e.g. reporting on internal controls, reporting on directors' remuneration statements,
reporting on the ability to distribute reserves, reporting on the ability to buy back shares). Apart from the
statutory audit, all other statutory duties of the auditor are beyond the scope of the syllabus.

4.7.2 At Point of Re-election

If for whatever reason, an auditor no longer wishes to act for a client after the end of a current
appointment, he simply does not stand for re-election after completing the annual audit.
As a matter of professional courtesy, the auditor will usually have discussed with management the
decision not to seek re-appointment in good time to allow a replacement to be proposed for
appointment at the AGM.
 Exam advice

In the examination, if a scenario indicates the possibility of auditor resignation, avoid leaping to the
immediate conclusion that the auditor should resign. Work through all options first, and then consider the
need for the auditor to seek appropriate ethical and legal advice (e.g. from ACCA) and only then suggest
that the auditor assess the need to resign.

4.7.3 Resignation During Engagement

Although it is relatively rare, there are reasons why an auditor would resign from an engagement.
These include:
 significant limitations placed on the work of the auditor by management;
 loss of trust/working relationship with management (e.g. significant doubt over management's integrity)
 regulatory requirements (e.g. discovery of significant fraud).

Typically, the auditor must give written notice of his resignation to the client, which is sent to the
appropriate regulatory and audit authorities.
The auditor must consider his professional duty to complete the engagement (e.g. he should not
resign to avoid giving a qualified audit opinion) and the legal consequences of resignation.
Where resignation may have implications for legal proceedings (see Chapter 11), the auditor
should seek ethical and legal advice before taking any action (e.g. from the ACCA and solicitors).
4.7.4 Role of the Audit Committee
Where an entity has an audit committee, there is often a requirement under various corporate
governance codes for such committees to have specific responsibilities with the external auditors
(e.g. recommending appointment, remuneration, reviewing circumstances of resignation).
See Chapter 3 for details of the audit committee.

4.8 Limitations of External Audits

The auditor cannot provide absolute assurance in an audit because of the inherent
limitations of external audits. These inherent limitations arise from:
 the nature of financial reporting;
 the nature of audit procedures; and
 the need for the audit to be conducted within a reasonable period and at a reasonable cost.

4.8.1 The Nature of Financial Reporting

Some financial statement items are subject to an inherent level of variability because they involve
judgment by management or subjective decisions or assessments, or a degree of uncertainty (e.g.
accounting estimates).
4.8.2 The Nature of Audit Procedures
There are practical and legal limitations on the auditor's ability to obtain audit evidence, including
the following:
 There is a possibility that management or others may not intentionally or unintentionally provide all
information that the auditor requires.
 An audit is not an investigation into alleged wrongdoing, so the auditor does not have any specific legal
powers necessary for such an investigation.
 Any system of internal control has inherent limitations (see Chapter 9).
 Fraud may be concealed so that it is difficult to detect with audit procedures (see Chapter 11).
 Most audit evidence is persuasive, rather than conclusive (see Chapter 15). For example, physical
possession of an asset does not necessarily prove legal ownership.
 Testing is on a sample basis (see Chapter 19).

4.8.3 Timeliness and Cost v Benefit

There is an expectation by users of financial statements that the auditor will form an opinion on the
financial statements within a reasonable period and will achieve a balance between benefit and
cost.
As it is impracticable for the auditor to address all information that may exist, it is necessary for the
auditor to:
 Plan the audit so that it is performed effectively.
 Direct audit efforts to the areas where the risk of material misstatement is most expected.
 Use testing and other means of examining populations for misstatement.

Syllabus Coverage This chapter covers the following Learning Outcomes.

A. Audit Framework and Regulation

External audits
1. Describe the regulatory environment within which external audits take place.
2. Discuss the reasons and mechanisms for the regulation of auditors.
3. Explain the statutory regulations governing the appointment, rights, removal and resignation of
auditors.
4. Explain the regulations governing the rights and duties of auditors.
5. Describe the limitations of external audits.
6. Explain the development and status of International Standards on Auditing (ISAs).
7. Explain the relationship between International Standards on Auditing and national standards.

Summary and Quiz

 IFAC includes the International Auditing and Assurances Standards Board (IAASB) and the
International Ethics Standards Board for Accountants (IESBA).
 The objective of the IAASB is to improve the uniformity of auditing practices and related
services throughout the world by issuing International Standards on Auditing (ISAs).
 The objective of the IESBA is to develop guidance on professional ethics in the form of the
IFAC Code of Ethics for Professional Accountants.
 ISAs set out the standards for an auditor to express an independent opinion on financial
statements.
 A Recognised Supervisory Body (RSB) is a professional body whose members are
recognised, by UK company law, as eligible to sign auditor's reports.
 The primary duty of a statutory auditor is to express an opinion of the annual financial
statements. The auditor must have a legal right to access information and explanations to
fulfil this duty.
 Generally, auditors are appointed, re-appointed and removed by the shareholders in
general meetings. Auditors may choose not to be re-appointed; they rarely resign.
 Limitations of external audit arise from the nature of financial reporting, the nature of audit
procedures and the need for timely reporting at a reasonable cost.