Professional Documents
Culture Documents
✓ To provide a moderate level of assurance that the subject Three Party Relationship:
matter is plausible in the circumstances. o Practitioner – CPA in public practice who performs the
assurance engagement. The term practitioner is broader than
Types of Assurance Engagements and their Objectives: the term “auditor” as used in professional standards, which
o Reasonable assurance engagements – engagements that only refers to practitioner performing audit or review
provide high, but not absolute, level of assurance. engagements with respect to historical financial information.
• Also called high-level engagements.
o Responsible party – person/s who is responsible for the
• The objective of a reasonable assurance engagement is a subject matter or the assertion (subject matter information).
reduction in assurance engagement risk to an acceptably For example, an entity’s management is responsible for the
low level as the basis for a positive form of expression of preparation and presentation of financial statements or the
the practitioner’s conclusion. establishment and implementation of internal control.
• Absolute assurance is not attainable: o Intended user/s – person, persons or class of persons for
In assurance engagements, absolute assurance is whom the practitioner prepares the assurance report; they
generally not attainable because of such factors as: are the users to whom the practitioner usually addresses the
✓ Use of judgment. report.
✓ Use of testing.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 1
Appropriate Subject Matter: o The practitioner shall plan and perform the engagement with
o Subject matter refers to the information to be evaluated or an attitude of professional skepticism to obtain sufficient
measured against the criteria. Subject matter information appropriate evidence that the assertions are free of material
means the outcome of the evaluation or measurement of a misstatements.
subject matter.
✓ Professional skepticism – an attitude that includes a
o Requirements for subject matter to be considered appropriate: questioning mind, being alert to conditions which may
indicate possible misstatement due to error or fraud, and
✓ Identifiable a critical assessment of evidence.
✓ Capable of consistent evaluation and measurement
against suitable criteria ✓ Evidence – refers to the information obtained by the
✓ In the form that can be subjected to procedures for practitioner in arriving at the conclusions on which the
gathering evidence to support that evaluation or conclusion is based.
measurement.
✓ Sufficiency – refers to the measure of the quantity of
o Forms of subject matter of an assurance engagement: evidence.
✓ Financial performance or conditions (for example,
historical or prospective financial position, financial ✓ Appropriateness – refers to the measure of the quality
performance and cash flows) for which the subject of evidence, that is, its relevance and its reliability.
matter information may be the recognition,
measurement, presentation and disclosure represented Written Assurance Report:
in the financial statements. o A written assurance report should be in the form appropriate
to a reasonable assurance engagement or a limited assurance
✓ Non-financial performance or conditions (for example, engagement.
performance indicators of an entity) for which the
subject matter information may be key indicators of Attestation Services:
efficiency and effectiveness. o An attestation service is a type of assurance service in which a
practitioner is engaged to issue a written communication that
✓ Physical characteristics (for example, capacity of a expresses a conclusion about the reliability of a written
facility) for which the subject matter information may be assertion that is the responsibility of another party.
a specifications document. Attestation generally refers to an expert's written
communication of a conclusion about the reliability of
✓ Systems and processes (for example, entity’s internal someone else's assertions.
control or IT system) for which the subject matter
information may be an assertion about effectiveness. Relationships among Auditing, Attestation, and Assurance
Services:
✓ Behavior (for example, corporate governance,
compliance with regulation, human resource practices) o Similarity: These services are often used interchangeably
for which the subject matter information may be a because they encompass the same decision-process
statement of compliance or a statement of effectiveness.
o Main difference/distinction: Scope of services
Suitable Criteria: ✓ “Assurance services” is broader in scope and in concept
o Criteria refer to the standard or benchmark used to evaluate than either auditing or attestation. It encompasses both
or measure the subject matter of an assurance engagement, audit and attestation services.
including, where relevant, benchmarks for presentation and
disclosure. ✓ “Attestation services” is broader than audit because
attest function is beyond historical FS. Attestation
o Five characteristics of suitable criteria: services cover even non-GAAP FS.
✓ Relevance – relevant criteria contribute to conclusions ✓ Auditing, particularly FS audit, is a type of assurance and
that assist decision-making by the intended users. attestation service that involves examination of
historical FS prepared in accordance with GAAP.
✓ Completeness – criteria are sufficiently complete when Non-assurance Engagements:
relevant factors that could affect the conclusions in the o Not all engagements are assurance engagements. Non-
context of the engagement circumstances are not assurance engagements are those that do not result in the
omitted. practitioner’s expression of a conclusion that provides a level
of assurance, whether negative assurance or other form of
✓ Reliability – reliable criteria allow reasonably consistent assurance. The practitioner does not convey to the intended
evaluation or measurement of the subject matter when users any assurance as to the reliability of an assertion.
used in similar circumstances by similarly qualified
practitioners. o Examples of non-assurance engagements:
Page | 2
AASC Engagement Applications Related Practice
o No assurance is expressed in the report: The users/recipients Standards Statements
of the report assess for themselves the procedures and Philippine Philippine Auditing
findings reported by the auditor and form their own FS audit
Standards on Practice Statements
engagements
conclusions from the report by the auditor. Auditing (PSAs) (PAPSs)
Philippine
o Distribution of report is restricted: The report on agreed upon Philippine Review
Standards on
procedures engagement is restricted to those parties that have Review Engagement
Review
agreed to the procedures to be performed since others who engagements Practice Statements
Engagements
are unaware of the reasons for the procedures may (PREPSs)
(PSREs)
misinterpret the results. Other assurance
Philippine
Philippine engagements
Compilation of Financial or Other Information Engagements: Assurance
Standards on dealing with
o Objective of compilation engagements: For the accountants to Engagement
Assurance subject matters
use accounting expertise, as opposed to auditing expertise, to Practice Statements
Engagements other than
collect, classify and summarize financial information. (PAEPSs)
(PSAEs) historical financial
information
o No test of assertions. Philippine Philippine Related
Standards on Services Practice
o No assurance is expressed in the report. Related services
Related Services Statements
(PSRSs) (PRSPSs)
Tax Services:
o Tax compliance – includes the preparation of tax returns (for o Other pronouncements:
individuals, corporations, estates and trusts, and other entities) ✓ Philippine Standards on Quality Control (PSQCs) – to be
and acting as client’s representative to tax authorities or in tax applied for all services that fall under the AASC’s
litigations. engagement standards, namely, audit, review, other
assurance, and related services.
o Tax planning – includes the determination of the tax
consequences of planned or potential transactions (legally ✓ Philippine Framework for Assurance Engagements – to
minimizing client’s tax liability) followed by making suggestions be applied for assurance engagements.
on the most desirable course of action.
Philippine Framework for Assurance Engagements:
Management Consulting: o Defines and describes the elements and objectives of an
o Management advisory (consulting) services – refers to the assurance engagement.
function of providing professional advisory (consulting) services,
the primary purpose of which is to improve client’s use of its o Identifies engagements to which assurance engagement
capabilities and resources to achieve the objectives of the standards (PSAs, PSREs, and PSAEs) apply.
organization.
o Provides frame of reference for:
Levels of Assurance for Audit, Review, Agreed-upon Procedures
and Compilation ✓ Practitioners who perform assurance engagements (such
as audit and review engagements).
o Assurance refers to the practitioner’s satisfaction as to the ✓ Others involved with assurance engagements (such as the
reliability of an assertion being made by one party for use by intended users and the responsible party).
another party. The level of assurance is the degree of the ✓ The International Auditing and Assurance Standards Board
practitioner’s satisfaction or degree of certainty the (IAASB) in its development of assurance engagement
practitioner has attained and wishes to convey to intended standards which will be adopted by the AASC for
users. Such level or degree of assurance depends on the application in the Philippines.
procedures performed and the evidence collected by the
practitioner. o Distinguishes assurance engagements and non-assurance
engagements (non-assurance engagements are not covered by
o Engagements and level of assurance: the Framework).
✓ Audit: The auditor provides a reasonable (high, but not
absolute) level of assurance that the information subject o Sets out characteristics that must be exhibited before a
to audit is free of material misstatement. This is practitioner can accept an assurance engagement.
expressed positively in the audit report as reasonable
assurance. In addition to the Framework and PSAs, PSREs and PSAEs,
practitioners who perform assurance engagements are
✓ Reviews: The auditor provides a moderate/limited level governed by:
of assurance that the information subject to review is
free of material misstatement. This is expressed in the • The Code of Ethics for Professional Accountants in
form of negative assurance. the Philippines.
• The Philippine Standards on Quality Control
✓ Agreed-upon procedures: No assurance is expressed. (PSQCs).
The auditor simply provides a report of the factual
findings. Users of the report assess for themselves the The Framework does not itself establish standards or provide
procedures and findings reported by the auditor and procedural requirements for the performance of assurance
draw their own conclusions from the auditor's work. engagements.
- - END - -
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 3
AUDITOR’S PROFESSIONAL AND LEGAL RESPONSIBILITIES ✓ Require CPA firm’s leader (CEO/ managing
AND QUALITY ON AUDIT board of partners or its equivalent), to assume
ultimate responsibility for the firm’s system of
REFERENCES: quality control.
PSQC 1: Quality Control for Firms that Perform Audits and Reviews ▪ Ethical requirements, including independence
of Historical Financial Information, and other Assurance ✓ The CPA firm should establish policies and
and Related Services procedures to provide reasonable assurance
that the firm and its personnel comply with
PSA 220: Quality Control for an Audit of Financial Statements relevant ethical requirements (including
independence).
PSA 240: The Auditor’s Responsibilities Relating to Fraud in an
Audit of Financial Statements ▪ Acceptance and continuance of client relationships
and specific engagements – The CPA firm should
Nature of System of Quality Control establish policies and procedures to provide
● One of the recognized objectives of the accountancy reasonable assurance that the CPA firm will only
profession is to attain the highest levels of performance. undertake or continue relationships and engagements
where it:
● To achieve this objective, there is a need for assurance that all ✓ Has considered the client’s integrity.
professional services provided by CPAs are carried out to the
highest quality or standards of performance. ✓ Is competent to perform the engagement and
has the capabilities, time and resources to do
● Reasonable assurance of meeting such need is provided so.
through a system of quality control.
✓ Can comply with ethical requirements.
● A system of quality control refers to quality control policies
and procedures adopted by CPA firms that are designed to ▪ Human resources – The CPA firm should establish
provide reasonable assurance that the firm and its personnel policies and procedures to provide reasonable
comply with professional standards and regulatory and legal assurance that it has sufficient personnel with the
requirements and that reports issued by the firm or capabilities, competence, and commitment to ethical
engagement partners are appropriate in the circumstances. principles necessary to perform the engagement.
✓ Implement and monitor compliance with those policies. ▪ Monitoring – The CPA firm should establish policies
and procedures to provide reasonable assurance that
Mandatory requirement for CPA firms to establish SQC quality controls are relevant, adequate and operating
● Under Philippine Standard on Quality Control 1 (PSQC 1) CPA effectively and complied with in practice and should
firms are required to establish and implement a system of include an ongoing consideration and evaluation of the
quality control. firm’s system of quality control, including a periodic
inspection of a selection of completed engagements.
Nature and Extent of a System of Quality Control
● The nature and extent of the SQC developed by CPA firms vary Distinction between GAAS/PSA and SQC
from firm to firm due to various factors such as: ● GAAS/PSAs relate to each individual audit engagement,
✓ Size of the CPA firm whereas SQC relates to all professional activities/services of
the firms practice as a whole.
✓ Nature of its practice
Quality Review Committee
✓ Operating characteristics ● To ensure that CPAs work to the highest standards, the
government thru the Professional Regulatory Board of
✓ Its organization Accountancy (BOA) has required all CPA firms and individual
CPAs in public practice to obtain a certificate of accreditation
✓ Geographical dispersion to practice public accountancy. Such certificate is valid for
three (3) years and can be renewed after complying with the
✓ Cost-benefit consideration requirements of the BOA.
Page | 8
✓ Meeting the threshold for a performance
● Recommend to BOA revocation of registration and bonus.
professional ID cards of CPAs for not observing the SQC
requirements. ✓ Having significant personal debts or poor credit
Page | 9
● The auditor should consider compliance with laws and
regulations since noncompliance by the entity with laws and
regulations may materially affect the financial statements.
However, an audit cannot be expected to detect
noncompliance with all laws and regulations.
✓ Damages
✓ Litigation
● Media comment.
- - END - -
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 10
AUDIT PLANNING AND MATERIALITY
▪ The CPA firm or auditor must be independent of the
REFERENCES: client whose financial statements are subject to audit.
▪ Audit opinion is not credible or of little or no value if
PSA 210: Agreeing the Terms of Audit Engagements the auditor is not independent.
PSA 230: Audit Documentation • Professional competence – determine if the CPA firm or
auditor has the necessary skills and competence.
PSA 300: Planning an Audit of Financial Statements
▪ Professional accountants should not portray
PSA 315: Identifying and Assessing the Risks of Material themselves as having the required expertise which
Misstatement through Understanding the Entity and its they do not possess.
Environment
▪ The auditor should obtain preliminary understanding
PSA 320: Materiality in Planning and Performing an Audit of prospective client’s business and industry to
determine whether the auditor has the required
PSA 520: Analytical Procedures degree of competence.
Preliminary Engagement Activities ▪ If the auditor does not possess the industry expertise,
o Perform procedures regarding acceptance or continuance of the he should obtain knowledge of matters that relate to
client relationship. the nature of the entity’s business and industry.
• Acceptance or selection procedures – in case of initial • Ability to serve the client properly – the CPA firm or
audit (prospective/new client) auditor must have capability, time and resources to
perform the audit.
▪ Evaluate integrity of the client’s management
✓ Most of litigations involving CPAs are due to o Establish an understanding of the terms of the engagement
lack of integrity of client’s management. • The CPA firm or auditor shall accept or continue an audit
engagement only when: a. The preconditions for an audit
✓ Lack of management integrity usually results to are present:
high audit risk.
▪ Management has used acceptable financial reporting
▪ Investigate/research the client’s background framework (or suitable criteria or appropriate basis
✓ Internet searches. for) in the preparation of the financial statements.
✓ Review the entity’s financial statements. • Factors to consider in determining the acceptability of the
financial reporting framework:
✓ Consider engaging professionals/investigators
to evaluate the principals associated with the ▪ The nature of the entity.
prospective client.
▪ The purpose of the financial statements.
✓ Obtain credit ratings and reports, if necessary.
▪ The nature of the financial statements.
▪ Inquiring from other firm personnel or third parties
▪ Whether law or regulation prescribes the applicable
▪ Communicate with prospective client’s predecessor financial reporting framework.
auditor: Matters to be inquired of or discussed with
the predecessor (previous/former) auditor by the ✓ Management agrees to the premise that it has
incoming/successor auditor: acknowledged and understood its
responsibilities.
✓ Facts/information that might bear on the
integrity of the prospective client. Agreement on audit engagement terms
o The auditor shall agree on the terms of the audit engagement
✓ Predecessor auditor’s understanding as to the with management or those charged with governance, as
reasons for the change of auditors. appropriate.
✓ Any disagreement between the predecessor o Engagement letter – an agreement between the CPA firm or
auditor and the client regarding accounting auditor and the client for the conduct of the audit. It is a letter
principles or auditing procedures or other from the auditor to the client management, and when signed by
similarly significant matters. the client it serves as a formal written contract between them.
Engagement letter documents and confirms the:
• Continuance or retention procedures – in case of recurring
audit (or existing client) • Auditor’s acceptance of the appointment.
▪ To ensure the audit firm’s continuing compliance with • Client’s acceptance of the terms of the audit engagement.
acceptance and continuance procedures, existing
clients should be evaluated once a year or upon • Responsibilities of both the client management and the
occurrence of the following: auditor.
Page | 15
between the auditor and the client with respect to the ✓ If there is a reasonable change, no reference
engagement. of the same shall be included in the report.
o Engagement letter should be sent to the client preferably before • Not agree if there is no reasonable justification – if the
the start of the engagement. change relates to incorrect, incomplete or otherwise
unsatisfactory information.
o An engagement letter is normally addressed to whoever hired
the CPA. ✓ Withdraw from the engagement – if the auditor is
unable to agree to the change and is not
Audit Engagement in Recurring Audits permitted/allowed to continue the original engagement
o The auditor may decide not to send a new engagement letter or because of his disagreement.
other written agreement each period.
Audit Planning
o The following factors may make it appropriate to send a new o Audit planning involves establishing the overall audit strategy for
engagement letter: the engagement and developing an audit plan, in order to reduce
audit risk to an acceptably low level.
• Revision of the terms of audit engagement because:
✓ Any revised or special terms of the engagement. Factors that affect the nature and extent of audit planning
o The size and complexity of the entity – big companies and
✓ A recent change of senior management or those companies with more complex operations require more audit
charged with governance. planning time.
✓ A significant change in ownership. o Changes in circumstances that occur during the audit
engagement – for example, expansion of operation because of
✓ A significant change in nature or size of the client’s diversification.
business.
o The auditor’s previous experience with and understanding of
• Reminder to the client of the existing terms of the the entity – more work is required to obtain information
engagement any indication that the client misunderstands regarding a new client than for an existing client.
the objective and scope of the audit.
✓ Initial audit requires more audit time because the auditor
Audit procedures when the client requests for a change in has no previous knowledge or is unfamiliar with the
engagement client’s business, industry and internal control which
need to be carefully studied.
o Consider the appropriateness of reasons for the engagement.
✓ Recurring audit requires lesser audit time because of
o If there is a reasonable justification for the change – stop the auditor’s previous knowledge of the entity and its
original engagement and agree on the new terms of industry.
engagement. And then proceed with the new engagement.
o The composition and size of the audit team
• To avoid confusing the users of the new report, do not
mention the following in the new report: Planning stage of audit – the time before fieldwork starts, when the
auditor is gathering information about the client and its environment
✓ The original engagement. and designing overall audit strategy and audit plan.
✓ Any procedures that may have been performed in the Planning Activities for the Audit Engagement
original engagement (except where the engagement is o In order to reduce audit risk to an acceptably low level, the
changed to an engagement to undertake agreed- upon auditor shall:
procedures and thus the reference to the procedures
performed is a normal part of the report). • Establish an overall audit strategy that sets the scope,
timing and direction for the audit, and that guides the
o If there is no reasonable justification – refuse the client’s development of the more detailed audit plan.
request, and continue to perform the original engagement and
issue the original report. • Develop an audit plan that addresses the various matters
identified in the overall audit strategy.
• If the auditor is not permitted to continue the original
engagement, the auditor should withdraw from the Audit plan includes a description of:
engagement and consider reportorial responsibilities to the ▪ The nature, timing and extent of planned risk
BOD or shareholders of the client. assessment procedures.
Whether or not to accept a change in engagement ▪ The nature, timing and extent of planned further audit
o Change to a lower level assurance engagement: The auditor procedures (at the assertion level) – to be performed
shall not agree where there is no justification/basis for the during testing stage.
change to a lower level assurance engagement.
Further audit procedures include:
• The auditor should agree if there is reasonable basis, such ✓ Tests of controls – tests of the operating
as: effectiveness of internal control.
▪ A misunderstanding as to the nature of an audit ▪ Other planned audit procedures (that are required to
or related service originally requested. be carried out to comply with PSAs).
▪ A restriction on the scope of the engagement, Planning the nature, timing and extent of direction
whether imposed by management or caused by o The nature, timing and extent of direction, supervision of audit
circumstances. engagement team members and review of their work depend on
the following factors:
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 16
• Size and complexity of the entity – Audits of small entities Materiality levels
requires lesser (or even no) direction, supervision, and o Materiality at financial statement as a whole – it is the smallest
review of the work of assistants. aggregate level that could misstate/distort any of the financial
statements.
• Area of audit – Difficult aspects of audit demand increased
direction, supervision, and a more detailed review of work • Also known as materiality threshold or planning
of assistants. materiality or overall materiality.
• Risks of material misstatement – As the assessed risk of • Overall materiality is usually expressed as a % of a chosen
material misstatement increases, a given area of the audit, benchmark (such as profit before tax, total revenues, gross
the auditor ordinarily increases the extent and timeliness of profit, total expenses, total equity or net asset value).
direction, supervision and review.
o Materiality at assertion level – materiality level for individual or
• Capabilities and competence of personnel performing the particular class of transactions, account balance, or disclosure
audit work. where appropriate; this is also known as tolerable
misstatement.
Other planning considerations
o The auditor should consider the work of experts and other • Tolerable misstatement refers to allocated materiality to
independent auditors affected accounts (usually statement of financial position
accounts because they are fewer).
• Considering the work of an expert – An expert is a person
or firm possessing special skill, knowledge and experience • Account balance – an individual line item in the financial
in a particular field or discipline other than accounting and statements, such as cash and cash equivalents, loans and
auditing. receivable, etc.
• Considering the work of other independent auditors – • Class of transactions – type of transaction processed by
applicable when a component of the entity is to be audited the client’s accounting system, such as sales transactions
by other independent auditor. and purchasing transactions.
o Discussing planned audit procedures with client management: • Materiality at this level is lesser than the overall
• Discussion is allowed to facilitate the conduct and materiality level but could reasonably be expected to
management of the audit engagement. influence the economic decisions of financial statement
users.
• Discussion should not compromise the effectiveness of the
audit (audit procedures should not be too predictable). o Performance materiality – amount or amounts set by the
auditor:
Determining the appropriate materiality levels
o The auditor shall determine materiality and performance • At less than materiality for the financial statements as a
materiality when planning the audit. whole.
Concept of materiality • At less than materiality level or levels for particular classes
of transactions, account balances or disclosures.
o Materiality is the amount (threshold or cut-off point) at which
judgment of informed decision makers based on the financial Identify the risks of material misstatement:
statement may be altered (changed or influenced). o Identify risks of material misstatement (inherent risk and control
risk) based on understanding the entity and its environment,
o An item or information is material if its omission or misstatement including the entity’s relevant internal control. The auditor shall
could influence the economic decisions of users taken on the provide reasonable assurance of detecting material
basis of the financial statements. misstatements, whether arising from errors or fraud.
o In determining appropriate level of materiality, the auditor uses Risk of material misstatement (RMM) – the risk that the financial
professional judgment using his perception of the needs of statements contain a material misstatement.
reasonable users of the financial statements.
Components of RMM:
Uses of materiality in planning the audit o The risks of material misstatement are a combination of
o To determine the nature, timing and extent of risk assessment inherent risk and control risk:
procedures.
▪ Inherent risk – the susceptibility of an assertion to a
o To identify and assess risk of material misstatement. misstatement that could be material, either individually or
when aggregated with other misstatements, assuming
o To determine the nature, timing and extent of further audit there are no related controls to mitigate such risks
procedures. Inherent risk may also be described as follows:
Considering materiality throughout the audit ✓ The concept of inherent risk recognizes that the
o Planning stage risk of misstatement is greater for some
✓ To identify and assess risks of material misstatements. assertions than for others.
✓ To determine the nature, timing and extent of further ✓ Inherent risk is the risk that financial statements
audit procedures. are likely to be materially misstated.
o Testing stage (materiality levels set during audit planning are Examples of inherent risk:
simply updated/revised if necessary). ✓ Cash is more susceptible to theft than an
inventory of coal.
o Completion stage
✓ To evaluate the effect of uncorrected misstatements, if ✓ Complex calculations are more likely to be misstated
any, on the financial statements and in forming the than simple calculations.
opinion in the auditor’s report.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 17
✓ Estimation transactions, especially if they involve
accounting estimates that are subject to significant ▪ Corroboration of management responses.
measurement uncertainty.
▪ Applying other appropriate audit procedures.
✓ High value inventory (could be easily stolen, thus,
there would be an inherent risk relating to the Specific purpose/focus/objective of analytical procedures in the
existence assertion). three stages of audit
▪ Control risk – the risk that a material misstatement, o In the planning stage – performed as risk assessment
either individually or when aggregated with other procedures (required/mandatory) to obtain an understanding of
misstatements, that could occur will not be prevented or the entity and its environment.
detected and corrected on a timely basis by the entity’s
internal control. Objective/purpose/focus during planning stage:
✓ Control risk is a function of the effectiveness of ✓ To enhance the auditor’s understanding of the entity’s
the entity’s internal control. business and transactions to help plan the nature, timing,
and extent of substantive auditing procedures that will
✓ Control risk is the type of risk that the be used to gather audit evidence.
management has the most control over in the
short term. ✓ To identify areas that may represent specific risks (such
as unusual transactions and events or
✓ Some control risk will always exist because of the abnormal/significant fluctuations in amounts, ratios, or
inherent limitations of any internal control system. trends) that the auditor may need to investigate further.
o Risk of material misstatement (inherent risk and control risk) o In testing stage – as substantive procedures when their
cannot be eliminated or controlled by the auditor because application is, based on the auditor’s judgment, more effective
these are entity’s risks that exist independently of the audit and efficient than test of details (not required).
of financial statements.
Objective/purpose/focus during testing stage:
Assess the identified risks of material misstatement ✓ To obtain audit evidence to confirm individual account
balances.
o Factors to consider whether a risk is significant:
• Whether the risk is a risk of fraud. o In the overall review or completion stage – as an overall review
of the financial statements (required).
• Whether the risk is related to recent significant economic
accounting or other developments and, therefore, Objective/purpose/focus:
requires specific attention. ✓ To identify a previously unrecognized risk of material
misstatement (unusual fluctuations that were not
• Complexity of transactions. identified in the planning and testing phases of the
audit).
• Whether the risk involves significant transactions with
related parties. ✓ To confirm conclusions reached with respect to the
fairness of the financial statements.
• The degree of subjectivity in the measurement of
financial information related to the risk, especially those
involving uncertainty. - - END - -
o Analytical procedures
• Analytical procedures – evaluations of financial
information made by a study of plausible relationships
among both financial and nonfinancial data.
Page | 18
AUDIT RISK
▪ This evidence enables the auditor to express
REFERENCES: an opinion on the financial statements at an
acceptably low level of audit risk.
PSA 450: Evaluation of Misstatements Identified during the Audit
▪ The assessment of risks is a matter of
PSA 330: The Auditor’s Responses to Assessed Risks professional judgment, rather than a matter
capable of precise measurement.
Audit risk
• Risk that the auditor expresses an inappropriate opinion when ✓ Detection risk is the risk that the procedures performed
the financial statements are materially misstated. by the auditor to reduce audit risk to an acceptably low
level will not detect a misstatement that exists and that
• A function of the risks of material misstatement and detection could be material, either individually or when aggregated
risk. with other misstatements.
• Does not include the risk that the auditor might express an o Detection risk relates to the nature, timing and
opinion that the financial statements are materially misstated extent of the auditor’s procedures that are
when they are not. determined by the auditor to reduce audit risk to an
acceptably low level. It is therefore a function of the
• A technical term related to the process of auditing. effectiveness of an audit procedure and of its
application by the auditor.
• It does not refer to the auditor’s business risks such as loss
from litigation, adverse publicity, or other events arising in o For a given level of audit risk, the acceptable level of
connection with the audit of financial statements. detection risk bears an inverse relationship to the
assessed risks of material misstatement at the
Risk of material misstatements assertion level. For example, the greater the risks of
• The risk that the financial statements are materially misstated material misstatement the auditor believes exists,
prior to audit. the less the detection risk that can be accepted and,
accordingly, the more persuasive the audit evidence
required by the auditor.
• Risk of material misstatement may exist at two levels:
o The following matters assist to enhance the
✓ Overall financial statement level – refer to risks of
effectiveness of an audit procedure and of its
material misstatement that relate pervasively to the
application and reduce the possibility that an
financial statements as a whole and potentially affect
auditor might select an inappropriate audit
many assertions.
procedure, misapply an appropriate audit
procedure, or misinterpret the audit results:
✓ Assertion level – refer to risks of material misstatement
that relate to classes of transactions, account balances,
▪ Adequate planning
and disclosures.
▪ Proper assignment of personnel to the
engagement team
• Risk of material misstatement at the assertion level has two
▪ The application of professional skepticism,
components:
and
▪ Supervision and review of the audit work
✓ Inherent risk – the susceptibility of an assertion about a
performed
class of transaction, account balance or disclosure to a
misstatement that could be material, either individually
o Detection risk, however, can only be reduced, not
or when aggregated with other misstatements, before
eliminated, because of the inherent limitations of an
consideration of any related controls.
audit. Accordingly, some detection risk will always
exist.
✓ Control risk – the risk that a misstatement that could
occur in an assertion about a class of transaction, account
Steps in assessing Audit Risk
balance or disclosure and that could be material, either
• Set the desired level of Audit Risk
individually or when aggregated with other
misstatements, will not be prevented, or detected and
✓ Audit risk – the risk that the auditor gives an
corrected, on a timely basis by the entity’s internal
inappropriate audit opinion when the financial
control.
statements are materially misstated; it is the risk that
the auditor may unknowingly fail to modify
o Control risk is a function of the effectiveness of the
appropriately the opinion on financial statements that
design, implementation and maintenance of
are materially misstated.
internal control by management to address
identified risks that threaten the achievement of the
entity’s objectives relevant to preparation of the • Assess the level of Inherent Risk (such as low, medium, or
entity’s financial statements. However, internal high) – for example, low level if likelihood of misstatement
control, no matter how well designed and operated, is low.
can only reduce, but not eliminate, risks of material
misstatement in the financial statements, because ✓ Inherent risk – the susceptibility of an assertion to
of the inherent limitations of internal control. a misstatement that could be material, either
Accordingly, some control risk will always exist. individually or when aggregated with other
misstatements, assuming there are no related
o Risks of material misstatement at assertion level controls to mitigate such risks.
(inherent risk and control risk) are the entity’s risks;
they exist independently of the audit of the financial ✓ Sources of assessment include knowledge of entity
statements. and its environment and preliminary analytical
procedures.
▪ Such risks are assessed in order to determine
the nature, timing and extent of further • Assess the level of Control Risk (such as low, medium, or
audit procedures necessary to obtain high) – for example, low control risk if internal control is
sufficient appropriate audit evidence.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 23
effective, or high control risk if internal control is not ✓ Extent – increasing the extent of
effective. substantive tests by using larger
sample size.
✓ Control risk – the risk that a material misstatement,
either individually or when aggregated with other ✓ Higher acceptable level of detection risk – low
misstatements, that could occur will not be assurance is to be provided by substantive tests by
prevented or detected and corrected on a timely changing any or combination of the following:
basis by the entity’s internal control. ✓ Nature – performing less effective
substantive procedures.
✓ Sources of assessment include knowledge of ✓ Timing – performing substantive procedures
internal control and observation and inspection. at interim dates.
✓ Extent – decreasing the extent of
✓ Combined assessment: substantive tests using smaller sample size.
The auditor usually makes combined assessment of
inherent and control risks. If the combined Summary of relationships among audit risk components
assessment of inherent risk and control risk is high, • The acceptable level of detection risk for a given level of audit
the auditor should: risk bears an inverse relationship to the risks of material
▪ Place more emphasis on obtaining external misstatement at the assertion level.
evidence.
Therefore:
▪ Reduce reliance on internal evidence. ↑ Risk of material misstatement (inherent risk and control
risk), ↓ detection risk that can be accepted, and vice versa.
▪ Design more effective substantive
procedures. • Audit risk and detection risk move in the same direction: ↑
Audit risk, ↑ detection risk, and vice versa.
• Determine the acceptable level of detection risk: The
acceptable level of detection risk depends on the assessed • The relationship between the risks can also be expressed
level of inherent and control risk (inverse relationship). mathematically in the following formula:
✓ Detection risk – the risk that the auditor will not detect Audit Risk = RMM (Inherent Risk x Control Risk) x Detection
such a material misstatement that exists/occurs in an Risk
assertion.
▪ Detection risk is a function of the Inherent risk and control risk are independent variables
effectiveness of an auditing procedure and while detection risk is a dependent variable.
its application by the auditor.
• All the components of audit risk cannot be eliminated by
▪ Detection risk is significantly affected by the the auditor due to the following reasons:
nature, timing, and extent of the auditor’s
substantive procedures. ✓ Inherent risk – some accounts are susceptible to a
material misstatement or the risk of such
▪ Detection risk is a complement of assurance misstatement is greater for some accounts than for
provided by substantive tests (for example, a others.
10% detection risk means a 90% assurance of
detecting material misstatement). ✓ Control risk – due to inherent limitations of internal
control system.
▪ Detection risk can be increased or decreased
by the auditor by performing substantive ✓ Detection risk
tests but can never be reduced to zero because ▪ Use of testing/sampling.
of the inherent limitations in the procedures ▪ Use of auditor’s judgment.
carried out, the human judgments required, ▪ Even when the auditor conducts 100%
and the nature of the evidence examined. examination because audit evidence is
persuasive rather than conclusive in nature.
✓ The auditor uses the Audit Risk Model:
▪ Audit Risk = Inherent risk x Control risk x • The components of audit risk that can or cannot be
Detection risk controlled by the auditor:
✓ Inherent risk and control risk – cannot be
Acceptable level of Audit risk controlled because these are entity’s risk and exist
Detection risk = Inherent risk x Control risk independently of the audit.
- - END - -
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 24
INTERNAL CONTROL ✓ Entity’s objectives: what an entity strives to achieve.
Categories of entity's objectives are the following:
REFERENCES:
• Financial reporting objective – this objective
PSA 330: The Auditor’s Responses to Assessed Risks relates to reliability of financial reporting.
• Operational effectiveness objective – this
PSA 265: Communicating Deficiencies in Internal Control to those objective is intended to enhance effectiveness
Charged with Governance and Management and efficiency of operations.
• Compliance objective – this objective relates
Basic Concepts and Elements of Internal Control to entity’s compliance with applicable laws and
o Internal control (IC) – the process designed, implemented and regulations.
maintained by those charged with governance, management
and other personnel to provide reasonable assurance about Classification of internal control
the achievement of an entity’s objectives.
o According to objectives:
Essential concepts of internal control ✓ Financial reporting controls – controls to achieve
o Internal control is a process. Internal control is not an end in reliability of financial reporting objective.
itself but a means of achieving the entity's objectives.
✓ Operational effectiveness controls – controls to
o Internal control is effected by those charged with achieve operational effectiveness objective.
governance, management and other personnel. Internal
control is accomplished by people at every level of ✓ Compliance controls – controls to achieve compliance
organization. objective.
✓ The potential for human error due to carelessness, ✓ Protection of important documents and records.
distraction, mistakes of judgment and the
misunderstanding of instructions. Human error may ✓ Assurance of compliance with applicable laws and regulations.
include errors in the design or use of automated
controls. Components of Internal Control
o The interrelated components of internal control represent
✓ The possibility that procedures may become means used by an entity to help it achieve its objectives
inadequate due to changes in conditions, and (CRIME). The five interrelated and essential components or
compliance with procedures may deteriorate. aspects of internal control include the following:
✓ Control environment – the overall tone of the
✓ Segregation of duties may be difficult to achieve in a organization.
smaller entity.
✓ Risk assessment – management’s identification and
o Internal control is designed to help achieve the entity's assessment of risks.
objectives. Internal control is geared towards the
achievement of the entity's objectives. ✓ Information, financial reporting and communication
systems – a means of recording transactions and
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 28
communicating responsibilities. Component 3 – Information and Communication System
o Information and communication systems support the
✓ Monitoring the controls – assessment of internal identification, capture, and exchange of information in a
control performance over time. timely and useful manner.
✓ Existing control activities – control policies and o The auditor shall obtain an understanding of the information
procedures. system, including the related business processes, relevant to
financial reporting, including the following areas:
Component 1 – Control Environment: ✓ The classes of transactions in the entity’s operations that
o It sets the tone of an organization, influencing the control are significant to the financial statements.
consciousness of its people.
✓ The procedures, within both information technology (IT)
o It includes the governance and management functions the and manual systems, by which those transactions are
attitudes, awareness, and actions of those charged with initiated, recorded, processed, corrected as necessary,
governance and management concerning the entity’s internal transferred to the general ledger and reported in the
control and its importance in the entity. financial statements.
o It is a set of characteristics that defined good control working ✓ The related accounting records, supporting information
relationships in an entity. and specific accounts in the financial statements that are
used to initiate, record, process and report transactions;
o It is the foundation for effective internal control for it provides this includes the correction of incorrect information and
an appropriate foundation for other components of internal how information is transferred to the general ledger.
control.
Component 4 – Control Activities
o Elements of control environment: o Control activities are the policies and procedures that help
✓ Integrity and ethical values – The entity should establish ensure management’s directives are carried out and that
ethical standards. Ethical standards influence the necessary steps to address risks are taken.
effectiveness of the design, administration and
monitoring of controls. o Control activities address risks that if not mitigated would
threaten the achievement of the entity’s objectives.
✓ Participation by those charged with governance (BOD
and audit committee). o The auditor should obtain a sufficient understanding of
control activities to assess the risks of material misstatement
✓ Management’s philosophy and operating style – at the assertion level and to design further audit procedures
Management’s approach to taking and managing responsive to assessed risks.
business risks, attitudes and actions toward financial
reporting, and attitudes toward information processing o Categories of Control activities: Categories of specific control
and accounting functions and personnel. activities that may be relevant to an audit:
✓ Assignment of authority and responsibility – How ✓ Prenumbering of documents – helps to assure that:
authority and responsibility for operating activities are • All transactions are recorded (completeness).
assigned and how reporting relationships and
authorization hierarchies are established. • No transactions are recorded more than once
(existence).
✓ Commitment to competence – Management’s
consideration of the competence levels for particular ✓ Authorization of transactions – authorization should
jobs and how those levels translate into requisite skills occur before commitment of resources.
and knowledge.
✓ Independent checks to maintain asset accountability –
✓ Personnel or Human resource policies and procedures – independent checks involve the verification of work
The entity must implement appropriate policies for previously performed by others.
recruitment/hiring, orientation, training, evaluating,
counseling, promoting, compensating, and remedial ✓ Documentation – provides evidence of the underlying
actions because the competence of the entity's transactions and is a basis for establishing responsibility
employees will bear directly on the effectiveness of the for the execution and recording of transactions.
entity's internal control.
✓ Performance reviews – includes review of the following:
✓ Organizational structure – The framework within which • Reviews and analyses of actual performance
an entity’s activities for achieving its objectives are versus budgets, forecasts, and prior period
planned, executed, controlled and reviewed. performance.
o Matters the auditor should consider are how management: • Review of functional or activity performance.
✓ Identifies business risks (inherent and residual risks)
relevant to financial reporting. ✓ Information processing controls – ensure that
transactions are valid, properly authorized, and
✓ Estimates the significance of the risks. completely and accurately recorded.
• Application controls – controls which apply to the
✓ Assesses the likelihood of their occurrence. processing of individual applications.
✓ Decides upon actions to manage them. • General controls – which are controls that relate
to many applications and support the effective
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 29
functioning of application controls by helping to o Steps in consideration of internal control:
ensure the continued proper operation of ✓ Obtain sufficient understanding of the internal
information systems. General controls apply to control relevant to the audit – involves obtaining
information processing throughout the company. understanding of the design and operation of internal
control relevant to the audit.
✓ Physical controls – are physical controls for safeguarding
assets involve security devices and limited access to ▪ Evaluate the design of relevant control – involves
programs and to restricted areas, including computer determining whether the control, individually or in
facilities. combination with other controls, is capable of
• Physical segregation and security of assets, effectively preventing or detecting and correcting
including adequate safeguards such secured material misstatements.
facilities over access to assets and records.
▪ Determine whether the control has been
• Authorization for access to computer programs implemented – whether the control is placed in
and data files. operation; a control has been implemented if the
control exists and is being used by the entity.
• Authorized access to assets and records.
Procedures to obtain evidence about the design and
• Required signatures on documents for the implementation of controls:
removal or disposition of asset.
• Inquiry of entity personnel (inquiry alone is
• Periodic counting and comparison with amounts not sufficient).
shown on control records.
• Inspecting documents and records.
• The extent to which physical controls intended to
prevent theft of assets are relevant to the • Observing of application of specific controls.
reliability of financial statement preparation, and
therefore the audit, depends on circumstances • Performing a “walk-through” test – tracing a
such as when assets are highly susceptible to transaction through the accounting system,
misappropriation. from initial recording to presentation in the
financial statements.
✓ Segregation of duties – involves ensuring that individuals
do not perform incompatible duties. Duties should be ✓ Perform preliminary assessment of control risk – the
segregated such that the work of one individual provides assessment of control risk is based on understanding
a crosscheck on the work of another individual. A proper of internal control.
segregation of duties (or incompatible functions)
requires that one person should not be responsible for all ▪ Assess control risk at a high level:
phases of a transaction. It requires assigning different ✓ If internal control is poor or not effective, or
people the responsibilities of:
• Authorizing transactions. ✓ If it is inefficient to rely on internal control
(inefficient to perform tests of controls).
• Recording transactions – recordkeeping.
• Auditor’s response if control risk is
• Maintaining custody of assets involved in the assessed at a high/maximum level:
transactions.
✓ Skip or do not perform tests of
Component 5 – Monitoring the Controls controls.
o Monitoring is a process that assesses the quality of internal
control performance on an ongoing basis. ✓ Rely primarily on substantive tests.
o Management’s monitoring of controls includes considering ▪ Assess control risk at less than high level:
whether they are operating as intended and that they are ✓ If internal control is effective or reliable, and
modified as appropriate for changes in conditions.
✓ If it is inefficient to obtain evidence to justify
o Monitoring assesses the effectiveness of the internal control’s the assessment of control risk at less than
performance over time. high level.
o The objective is to ensure the controls are working properly • Auditor’s response if control risk is
and, if not, to take necessary corrective actions. assessed at less than high/maximum
level:
o Management accomplishes monitoring of controls through
ongoing activities, separate evaluations or a combination of • Perform tests of controls – to confirm
the two. operating effectiveness of controls.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 30
performed to substantiate the reduced assessed o Document the assessed level of control risk
level of control risk. ✓ If the control risk is assessed at a high level, the auditor
should document his conclusion that control risk is at
• Tests performed confirm that the controls tested a high level.
are working effectively.
✓ If the control risk is assessed at less than high level, the
• Unlike substantive tests of details, tests of controls auditor should document:
are not required audit procedure.
• His conclusion that control risk is at less than
• The greater the reliance the auditor plans to place high level, and
on internal control, the more extensive the tests of
those controls that need to be performed. • The basis for that assessment – results of tests
of controls confirming the assessment of control
• Tests of controls generally consist of one (or risk at below high/maximum level.
combination of the following evidence gathering
techniques: Communicating with those charged with governance and
✓ Inquiry management
✓ Observation o The auditor should communicate audit matters of governance
✓ Inspection interest arising from the audit of financial statements with
✓ Reperformance those charged with governance of an entity.
Required Documentation o Governance refers to the role of persons entrusted with the
o Document the understanding of accounting and internal supervision, control and direction of an entity.
control systems.
✓ Form of documentation may vary. o Those charged with governance ordinarily are accountable for
ensuring that the entity achieves its objectives, financial
✓ One form or a combination of forms of documentation reporting, and reporting to interested parties.
may be used at the same time.
Reportable conditions
✓ Forms of documentation: o Significant deficiencies/weaknesses in the design or operation
✓ Internal control questionnaire – consists of a of the internal control which have come to the auditor’s
list of questions on internal control be attention that should be reported to the appropriate level of
answered by "Yes" or "No" response. A management such as the highest official of the company or
negative response is designed to draw those charged with governance (usually to the entity’s audit
attention to a possible weakness in internal committee of the board of directors) in writing, in a formal
control. Written explanations are required for management letter (the by-product of the audit engagement)
"No" answers. at the earliest opportunity so that appropriate corrective
actions may be taken as soon as possible.
✓ Flowcharts – pictorial/symbolic diagram
depicting the operation of a program/system Significant Deficiency
or the sequential flow of authority, processes, o A deficiency may be of such magnitude as to be considered a
transactions and documents. material weakness in internal control. A material internal
control weakness is a condition in which material errors or
▪ Systems flowcharts – used to evaluate fraud would ordinarily not be detected within a timely period
internal control because it shows the by employees in the normal course of performing their
origin of each document in the system, assigned functions.
its subsequent processing, and its final
disposition. No expression of opinion on entity’s internal control
o Consideration of internal control in financial statement audit
▪ IT flowcharts – used in evaluating the is not sufficient to express an opinion on an entity’s controls
internal control in an because only those controls on which an auditor intends to
automated/computerized accounting rely are reviewed, tested, and evaluated. Moreover, the
environment. auditor is not required to identify or search for internal
control weaknesses. Examples of significant weaknesses in
✓ Internal control checklists – a detailed listing of internal control include:
ideal control measures (the auditor tickmarks
the controls adopted by the client). ✓ Weak control environment (such as ineffective
oversight, poor attitude toward internal control, or
✓ Narrative memoranda – a written version of a instances found of management override or fraud).
flowchart. It is a description of the auditor's
understanding of the system of internal ✓ Weaknesses in IT general controls.
control.
✓ Significant business risks that have not been addressed
✓ Decision trees or tables by policies, procedures or internal controls.
▪ Decision trees – are graphic
illustrations that depict the logic of an ✓ Significant internal control activities or application
operation or process. They generally controls not operating as designed, not applied
employ questions with "Yes" or "No" consistently by appropriate individuals, or not
answers, which direct the user to the monitored by appropriate individuals.
next relevant questions.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 31
AUDIT EVIDENCE
✓ Valuation and allocation – assets, liabilities, and
REFERENCES: equity interests are included in the FS at appropriate
amounts and any resulting valuation or allocation
PSA 500: Audit Evidence adjustments are appropriately recorded.
PSA 501: Audit Evidence – Specific considerations for Selected ✓ Existence – assets, liabilities, and equity interests exist.
Items
✓ Rights and obligations – the entity holds or controls
PSA 505: External Confirmations the rights to assets, and liabilities are the obligations
of the entity.
PSA 520: Analytical Procedures
• Assertions about presentation and disclosure
PSA 230: Audit Documentation ✓ Completeness – all disclosures that should have been
included in the financial statements have been
ASSERTIONS AND AUDIT OBJECTIVES included.
• Assertions (or management assertions) are representations ✓ Accuracy and valuation – financial and other
by management, explicit or otherwise, that are embodied in information are disclosed fairly and at appropriate
the financial statements. amounts.
• These assertions relate to the fairness of presentation of the Auditor’s Use of Relevant Assertions:
financial statements; thus, they are directly related to • The auditor uses relevant assertions in developing audit
applicable financial reporting framework. objectives that will be the basis for designing audit
procedures.
• Examples of assertions:
✓ All the assets exist. (Existence). • Relevant assertions are assertions that have a meaningful
bearing on whether an account is fairly stated. For example:
✓ All sales transactions have been recorded. ✓ Existence assertion, not valuation, is typically relevant
(Completeness). to the audit of cash account.
✓ Inventories are properly valued. (Valuation). ✓ The valuation assertion would be relevant to assessing
the inventory balance than assessing sales balance.
✓ All amounts are properly presented and disclosed in
the financial statements. (Accuracy). Audit Objectives
• The auditor develops audit objectives that relate to
Levels of Assertions: management assertions about the financial statement
• Financial statement level – entity’s management components.
representation that the financial statements as a whole are
presented fairly, in all material respects, in accordance with • To achieve audit objectives, the auditor shall design audit
the applicable financial reporting framework. procedures and gather sufficient appropriate audit evidence
whether the assertions are in accordance with the applicable
• Account balance or class of transactions level – entity’s financial reporting framework.
management representation that the underlying account
balances and class of transactions, including related • Audit objectives are used to verify management assertions.
disclosures, are free of material misstatements. Thus, there should be proper matching of auditor’s objectives
with management assertions.
Categories of Assertions used by the Auditor:
• Assertions about classes of transactions and events for the Types of Audit Objectives:
period under audit • Whether general or specific:
✓ Completeness – all transactions and events that ✓ General audit objectives – are broad objectives of
should have been recorded have been recorded. auditing an account balance or class of transactions.
✓ Occurrence – recorded transactions and events have ✓ Specific audit objectives – audit objectives stated in
occurred and pertain to the entity. terms tailored to the specific audit engagement.
✓ Cutoff (proper period) – transactions and events have • Whether substantive or compliance
been recorded in the correct accounting period. ✓ Substantive audit objectives – objectives that relate to
the determination of the validity of assertions on
✓ Accuracy – amounts and other data relating to account balances or class of transactions or disclosures
recorded transactions and events have been recorded found in the financial statements.
appropriately.
✓ Compliance audit objectives – objectives that relate to
✓ Classification – transactions have been recorded in the the degree of entity’s compliance with relevant
proper accounts. controls.
Page | 39
• Audit procedures are the means for obtaining sufficient • Obtain evidence that is more relevant
appropriate audit evidence to satisfy financial statement or reliable (such as obtaining third party
assertions and to support audit opinion on the fairness of the evidence or by obtaining corroborating
financial statements. evidence from a number of
independent sources).
• They are the detailed instructions for the collection of a
particular type of evidence that is to be obtained during the Further audit procedures include:
audit. Since audit procedures are performed to verify • Tests of controls (compliance tests) – audit procedures
management assertions, they would differ depending on the designed to evaluate the operating effectiveness of relevant
particular assertion or account audited. controls in preventing, or detecting and correcting material
misstatements at the assertion level.
Primary Purpose of Audit Procedures:
• Audit procedures are performed to gather necessary (not all) ✓ In designing and performing tests of controls, the
corroborative evidence to achieve audit objectives in order to auditor shall obtain more persuasive audit evidence
result to sufficient appropriate audit evidence on the fairness the higher/greater reliance the auditor places on the
of the presentation of the entity’s financial statements. effectiveness of a control.
✓ Test of controls, although not intended to detect
Nature, Timing and Extent of Audit Procedures: material misstatements, may provide evidence that a
• Nature of an audit procedure – refers to: misstatement is likely to occur.
✓ Its purpose (i.e., test of controls or substantive
procedure) and • Substantive procedures – audit procedures designed to
detect material misstatements at the assertion level.
✓ Its type (i.e., inspection, observation, inquiry,
confirmation, recalculation, reperformance, or ▪ Types of substantive procedures:
analytical procedures).
1) Tests of details – examining or obtaining audit
• Timing of an audit procedure – refers to when to perform the evidence on the actual details of account balance, class
audit procedure, or the period or date to which the audit of transactions, and disclosure.
evidence applies. • The objective of tests of details is to substantiate
or identify misstatements in the recorded
✓ Audit procedures are normally performed: amounts.
▪ Early in the accounting period being examined.
• Directional testing – refers to the direction of an
▪ Throughout the accounting period being audit test.
examined, but with emphasis of the transactions ✓ Tracing – if the auditor starts from original
near the end. source documents and traces forward to the
accounting records, this tests the assertion
▪ Within one to three months after the close of the of completeness. This helps the auditor
accounting period. identify understatement errors.
✓ Audit procedures performed before period end are ✓ Vouching – If the auditor starts from the
known as interim work. accounting records and vouches backwards
to the original source documents, this tests
• Extent of an audit procedure – refers to the quantity to be the assertion of existence or occurrence.
performed or the extent of testing or the number of items to This helps the auditor identify
be examined. overstatement errors.
Audit Procedures for Obtaining Audit Evidence: a) Test of details of transactions – testing of
• Risk assessment procedures – procedures to obtain an transactions which give rise to the ending balance
understanding of the entity and its environment, including its of a given account; these involve examining
internal control, in order to identify and assess the risks of authorization, recording and posting of
material misstatement (RMM). transactions.
Page | 40
costly to perform. determine which audit techniques would best result to the audit
evidence he needs.
2) Substantive analytical procedures – these are
analytical procedures performed during testing phase • Examples of audit techniques:
to substantiate predictable relationships among both ✓ Confirm – to obtain information directly from an
financial and non-financial data. independent third party.
✓ Analytical procedures are evaluations of financial ✓ Inspect – to obtain evidence through physical examination.
information made by a study of plausible
relationships among both financial and ✓ Count – physical examination of assets (such as cash count
nonfinancial data. Analytical procedures or petty cash count).
generally involve comparisons of recorded
amounts to independent expectations developed ✓ Compare – technique used after count of assets; also used
by the auditor. to compare current period balances with those of prior
periods.
✓ Analytical procedures will result to circumstantial
evidence rather than conclusive evidence. ✓ Inquire – asking questions, whether oral or written,
directed to the client or to third parties.
✓ Results of substantive analytical procedures
would entail additional tests to be performed. ✓ Trace – to determine whether transactions supported by
source documents are properly recorded and posted.
✓ Analytical procedures are the audit tests that are
usually the least costly to perform. ✓ Vouch – examine and authenticate of underlying evidential
papers.
Audit Procedures According to Types:
• Inspection – consists of examining records or documents ✓ Verify – to prove the accuracy of extensions, footings,
(whether internal or external, in paper form, or other media), postings, ownership and existence.
or a physical examination of an asset.
Audit Program
• Observation – consists of viewing/looking at a process or • An audit program is a detailed listing of the nature, timing and
procedure being performed by others. extent of planned audit procedures (tests of controls and/or
substantive tests) that the auditor will perform to gather
• External confirmation – represents audit evidence obtained by sufficient appropriate evidenced.
the auditor as a direct written response to the auditor from a
third party (the confirming party) in paper form, or by electronic • It is a set of instructions to assistants involved in the audit and as
or other medium. a means to control and record the proper execution of work.
✓ Inventory confirmation when inventory is under custody ✓ Supporting records, such as checks and records of
and control of a third party. electronic fund transfers, invoices and contracts.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 41
• Client written representation ✓ Externally generated evidence kept by the
client (such as vendor’s invoices, bank
✓ Information obtained by the auditor from audit procedures statements received from the client).
such as inquiry, observation, inspection and computation.
✓ Internally generated evidence circulated
✓ Other information developed by, or available to, the auditor externally (such as sales invoices from sale to
that permits the auditor to reach conclusions through valid customers and paid checks and cost
reasoning. allocations).
• Representation by client personnel – statements from client Information produced by a management expert as audit evidence
personnel in response to queries posed by the auditor. • A management expert is an individual or organization
possessing expertise in a field other than accounting or auditing,
• Results of analytical procedures. whose work in that field is used by the entity to assist the entity
in preparing the financial statements.
• Internal control – existence of effective internal control may be
regarded as a strong evidence of the validity of the accounts and • When information to be used as audit evidence has been
amounts found in the financial statements. prepared using the work of a management’s expert, the auditor
shall, to the extent necessary, having regard to the significance
• Subsequent events – they provide additional evidence regarding of that expert’s work for the auditor’s purpose.
conditions that already existing on the balance sheet that and
affect accounting estimates. o Evaluate the competence, capabilities and objectivity of
that expert.
Sufficient Appropriate Audit Evidence ✓ Competence – relates to the nature and level of
• Sufficiency – the measure of the quantity or amount of audit expertise of the management’s expert.
evidence that the auditor shall accumulate. ✓ Capability – relates to the ability of the management’s
expert to exercise that competence in the
✓ Sufficiency is determined based on the auditor’s circumstances.
professional judgment. ✓ Objectivity – relates to the possible effects that bias,
conflict of interest or the influence of others may have
✓ Audit evidence is sufficient if there is enough of it to afford on the professional or business judgment of the
a reasonable basis for an audit opinion on the financial management expert.
statements.
o Obtain an understanding of the work or field of expertise
• Appropriateness – measures the quality of audit evidence, that of that management’s expert.
is, its relevance and its reliability in providing support for the
conclusions on which the auditor's opinion is based. Aspects of the management’s expert’s field relevant to the
auditor’s understanding may include:
✓ Relevance – deals with the logical connection with, or
bearing upon, the purpose of audit procedures and the ✓ Whether that expert’s field has areas of specialty
assertion under consideration. within it that are relevant to the audit.
Page | 42
AUDIT SAMPLING Whether audit sampling is a required: Audit sampling is not required
part of any audit procedure because when designing audit
REFERENCE: procedures, the auditor should determine appropriate means of
selecting items for testing as follows:
PSA 530: Audit Sampling ✓ Selecting all items (100% examination).
• Error – either control deviations, when performing tests of Approaches to audit sampling:
control, or misstatements, when performing substantive o Statistical sampling
procedures. • In statistical sampling, auditors specify the sampling risk
they are willing to accept and then calculate the sample size
• Anomalous error – means an error that arises from an isolated that provides that degree of reliability. Results are
event that has not recurred other than on specifically identifiable evaluated quantitatively.
occasions and is therefore not representative of errors in the
population. • Statistical sampling measures quantitatively the risk from
testing only part of an audit population.
• Sampling risk – the possibility that the auditor’s conclusion,
based on a sample may be different from the conclusion reached • Any approach to sampling that has the following
if the entire population were subjected to the same audit characteristics:
procedure. ✓ Random selection of a sample; and
• Non-sampling risk – arises from factors that cause the auditor to ✓ Use of probability theory to evaluate sample results,
reach an erroneous conclusion for any reason not related to the including measurement of sampling risk.
size of the sample. For example, most audit evidence is
persuasive rather than conclusive, the auditor might use • Advantages of statistical sampling: Conclusions may be
inappropriate procedures, or the auditor might misinterpret drawn in more precise ways when using statistical sampling
evidence and fail to recognize an error. because it enables the auditor to:
✓ Measure the sufficiency of the audit evidence
• Population – the entire set of data from which a sample is obtained.
selected and about which the auditor wishes to draw
conclusions. For example, all of the items in an account balance ✓ Provide an objective basis for quantitatively
or a class of transactions constitute a population. A population evaluating sample results.
may be divided into strata, or sub-populations, with each
stratum being examined separately. The term population is used ✓ Design an efficient sample.
to include the term stratum.
✓ Quantify sampling risk so as to limit/control risk to
• Confidence levels – the mathematical complements of sampling an acceptable level.
risks.
• Random sample selection: Random sample selection
• Sampling unit – the individual items constituting a population, methods should be used in statistical sampling. Such
for example checks listed on deposit slips, credit entries on bank methods give all items in the population an equal chance to
statements, sales invoices or debtors’ balances, or a monetary be included in the sample to be audited.
unit.
o Nonstatistical sampling – the sample size is not determined
• Stratification – the process of dividing a population into mathematically. Auditors use their judgment in determining
subpopulations, each of which is a group of sampling units which sample size, and sample results are evaluated judgmentally.
have similar characteristics (often monetary value). Conclusions may be drawn in more precise ways when using
statistical sampling methods.
• Tolerable error • It is acceptable for auditors to use either or combination
✓ Tolerable error amount – in substantive procedures, it is of statistical and nonstatistical sampling.
the maximum total error in a population that the auditor is
willing to accept. • Both sampling approaches involve judgment in planning,
executing the sampling plan, and evaluating the results
✓ Tolerable deviation rate – in tests of control, it is the of the sample.
maximum rate of deviation from the prescribed control
procedure the auditor is willing to accept without changing • Sampling methods are used by auditors in both control
control risk assessment or planned reliance on internal testing and substantive testing.
control.
• Statistical sampling is a mathematical approach to
• Expected error inference, whereas nonstatistical sampling is a more
✓ Expected error amount – in substantive tests, it is the subjective approach.
auditor's best estimate of the amount of error the auditor
expects to find in the population. Auditor’s professional judgment:
• Although statistical sampling aids the auditor in quantitative
✓ Expected deviation rate – in tests of control, it is the ways, it is not a substitute for professional judgment.
auditor's best estimate of the rate of deviation from a
prescribed control procedure in the population. • The auditor must exercise professional judgment in both
statistical and nonstatistical sampling to:
✓ Define the population and the sampling unit.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 53
misstated (i.e., sample results fail to identify an
✓ Select the appropriate sampling method. existing material misstatement).
✓ Evaluate the appropriateness of audit evidence. ➢ This means that the auditor wrongly concludes
material error in an account balance does not
✓ Evaluate the nature of deviations or errors. exist when in fact it does.
✓ Consider sampling risk. • Risk of incorrect rejection – the risk that the recorded
account balance (based on the sample) is materially
✓ Evaluate the results obtained from the sample and misstated when in fact it is not materially misstated
project those results to the population. (i.e., sample results mistakenly indicate a material
misstatement).
Types of sampling:
• Attribute sampling – estimates the quality characteristic of a ➢ This means that the auditor wrongly concludes
population; it estimates the rate of deviation for internal that material error in an account balance exists
controls that the auditor decides to rely upon. when in fact it does not.
✓ Applicability of attribute sampling: primarily used for ✓ Sampling risks in tests of controls: (Risk of assessing
test of controls because attribute sampling deals with control risk to low and Risk of assessing control risk to
estimating deviation from internal control procedures. high)
• Variables sampling – estimates the numerical quantity of a • Risk of assessing control risk too low – the risk that
population. the assessed level of control risk (based on the sample)
is lower than the true level of control risk (i.e., sample
✓ Applicability of variable sampling: typically used in results indicate a lower deviation rate than actually
substantive testing of account balances because exists in the population).
variables sampling deal with peso balances.
➢ This means that the auditor wrongly concludes
Sampling risk: that the control risk is low or that client’s internal
• The possibility that the auditor’s conclusion, based on a control system can be relied upon.
sample may be different from the conclusion reached if the
entire population were subjected to the same audit • Risk of assessing control risk too high – the risk that
procedure. the assessed level of control risk (based on the sample)
is higher than the true level of control risk (i.e., sample
• The risk that the sample is not representative of the results indicate a greater deviation rate than actually
population and that the auditor's conclusion will be different exists in the population).
from the conclusion had the auditor examined 100% of the
population. ➢ This means that the auditor wrongly concludes
that the control risk is high or that the client’s
• The possibility that even though a sample is properly chosen, internal control system cannot be relied upon.
it may not be representative of the population.
Analysis of sampling risks:
Two types of sampling risk: Aspects of Auditor’s Effect on
• Risk that affects audit effectiveness and may lead to an sampling wrong audit work Sacrificed
inappropriate audit opinion (“Beta risk” or “Type II error”) – risks conclusion because of
the risk the auditor will conclude that: wrong
conclusion
✓ In the case of a test of control, that control risk is lower Risk of Not Performance Effectiveness
than it actually is, or incorrect materially of less of the audit
acceptance misstated extensive because it
✓ In the case of a substantive test, that a material error when in substantive may lead to
does not exist when in fact it does. fact tests inappropriate
materially opinion due
• Risk affects audit efficiency as it would usually lead to misstated to
additional work to establish that initial conclusions were inappropriate
incorrect (“Alpha risk” or “Type I error”) – the risk the auditor less
will conclude that: extensive
substantive
✓ In the case of a test of control, that control risk is tests
higher than it actually is, or Risk of Materially Additional Efficiency of
incorrect misstated work the audit
✓ In the case of a substantive test, that a material error rejection when in (performance because of
exists when in fact it does not. fact not of unnecessary
materially unnecessary additional
Aspects of audit risk: (Sampling risk and Nonsampling risk) misstated more work
o Sampling risk: aspects of audit risk that are due to sampling; the extensive
risk or the possibility that, when a test of controls or a substantive
substantive test is restricted to a sample, the auditor's tests)
conclusions may be different from the conclusions which would Risk of ↓CR than Performance Effectiveness
have been reached had the tests been applied to all items in the assessing actual CR of tests of of the audit
account balance or class of transactions. control risk – internal controls and because it
too low control is less may lead to
✓ Sampling risks in substantive testing: (Risk of incorrect reliable extensive inappropriate
acceptance and risk of incorrect rejection) substantive opinion due
tests to
• Risk of incorrect acceptance – the risk that the inappropriate
recorded account balance (based on the sample) is not less
materially misstated when in fact it is materially extensive
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 54
substantive expected in the population. Sequential sampling
tests separates the sampling process into several states.
After a step, the auditor determines if it is warranted
to accept or increase the preliminary level of control
Risk of ↑ CR than Additional Efficiency of risk.
assessing actual CR work the audit
control risk – internal (because because of o Variables sampling – sampling in substantive tests:
too high control is non- unnecessary ✓ Probability-proportional-to-size (PPS) sampling – sampling
not performance additional technique where the sampling unit is defined as an
reliable of tests of work individual peso in a population. Once a peso is selected, the
controls entire account (containing that peso) is audited.
would lead to
the • It is a sampling plan that automatically stratifies the
performance population.
of
unnecessary ✓ Classical variables sampling – a statistical sampling method
more used to estimate the numerical measurement of a
extensive population, such as a peso value (e.g., accounts receivable
substantive balance). This sampling method is used primarily in
tests substantive testing. The objective of variables sampling is to
obtain evidence about the reasonableness of monetary
o Nonsampling risk: all aspects of audit risk that are not due to amounts. The auditor estimates the true value of the
sampling. Nonsampling risk is the possibility that auditors will population by computing a point estimate of the population
arrive at an erroneous conclusion not because of the chosen and computing a precision interval around this point
sample but due to other factors. estimate. Classical variables sampling measures sampling
risk by using the variation of the underlying characteristic of
• Nonsampling risk is always present and cannot be interest.
measured.
✓ Three commonly used classical variables sampling:
• Nonsampling risk can be controlled by adequate planning • Mean-per-unit estimation – a sampling plan that uses
and supervision of audit work and proper adherence to the average value of the items in the sample to
quality control standards. estimate the true population value (i.e., estimate =
average sample value x number of items in
• Examples of nonsampling risk: population). MPU does not require the book value of
➢ The auditor might use/select inappropriate the population to estimate true population value.
procedures.
• Ratio estimation – a sampling plan that uses the ratio
➢ The auditor might misinterpret evidence or the results of the audited (correct) values of items to their book
of audit tests and fail to recognize an error. values to project the true population value. Ratio
estimation is a highly efficient technique when the
Types of statistical plans: calculated audit amounts are approximately
o Attribute sampling – sampling in tests of controls proportional to the client's book amounts.
• Attribute sampling is a statistical sampling method used to
estimate the rate (%) of occurrence (exception) of a specific • Difference estimation – a sampling plan that uses the
characteristic or attribute. average difference between the audited (correct)
values of items and their book values to project the
• Samples taken to test the operating effectiveness of actual population value. Difference estimation is used
controls are intended to provide a basis for the auditor to instead of ratio estimation when the differences are
conclude whether the controls are being applied as not nearly proportional to book values.
prescribed.
Comparison of PPS sampling to classical variables sampling
• Attribute sampling generally deals with yes/no questions. Advantages of PPS sampling Advantages of classical
For example, "Are time cards properly authorized (i.e., to variables sampling
assure recorded hours were worked)?", or "Are invoices 1. Generally easier to use. 1. May result in a smaller
properly voided (e.g., stamped "paid") to prevent duplicate 2. Size of sample not based sample size if there are
payments?". on variation of audited many differences between
amounts. audited and book values.
• Attribute sampling models: 3. Automatically results in a 2. Easier to expand sample
✓ Discovery sampling – a special type of attribute stratified sample. size if that becomes
sampling appropriate when the auditor believes the 4. Individually significant necessary.
population deviation rate is zero or near zero. It is used items are automatically 3. Selection of zero balances
when the auditor is looking for a very critical identified. does not require special
characteristic or deviations (e.g., fraud). The auditor 5. Usually results in a smaller sample design
predetermines the desired reliability (confidence) sample size if no considerations.
level (e.g., 95%) and the maximum acceptable misstatements are 4. Inclusion of negative
tolerable rate (e.g., 1%), and a table is then used to expected. balances does not require
determine sample size. If no deviations are found in 6. Can be easily designed and special sample design
the sample, the auditor can be 95% certain that the sample selection can begin considerations.
rate of deviation in the population does not exceed before the complete
1%. If deviations are found, a regular attribute population is available.
sampling table may be used to estimate the deviation
rate in the population, and audit procedures may need Factors influencing determination of sample size for tests of control
to be expanded. and substantive procedures:
Factor Relationship Required sample
✓ Stop-or-go sampling (sequential sampling) – is to sample size size
designed to avoid oversampling for attributes by Tests of Substantive ↓ ↑
allowing the auditor to stop an audit test before control procedures Smaller Larger
completing all steps. It is used when few errors are
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 55
Assessed Direct ↓ ↑
level of IR Lower Higher
and CR
Acceptable Direct ↓ ↑
level of Lower Higher
detection
risk
Reliance on Inverse ↑ ↓
other Higher Lower
substantive
procedures
Expected Expected Direct ↓ ↑
deviation error Lower Higher
rate
Degree or Degree or Direct ↓ ↑
level of level of Lower Higher
intended confidence
reliance
Tolerable Tolerable Inverse and ↑ ↓
deviation error indirect Higher Lower
rate
Risk of Inverse ↑ ↓
assessing Higher Lower
control
risk too
low
Risk of Inverse ↑ ↓
incorrect Higher Lower
acceptance
- - END - -
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 56
COMPLETING THE AUDIT During this period, the auditor has an active responsibility to
investigate certain subsequent events.
REFERENCES:
• Types of subsequent events:
PSA 520: Analytical Procedures ▪ Those requiring adjustment – those that provide evidence
of conditions that existed at the date of the financial
PSA 550: Related Parties statements.
• The auditor shall inquire of management regarding: ✓ Loss of plant due to flood.
✓ The identity of the entity’s related parties (relationships
and transactions), including changes from the prior period. ✓ Loss on uncollectible receivable because of a major
catastrophe suffered by the customer after the BS
✓ The nature of the relationships between the entity and date.
these related parties.
• Subsequent events relevant to the auditor: limited to those
✓ Whether the entity entered into any transactions with subsequent events (both requiring adjustment or disclosure)
these related parties during the period and, if so, the type that occur subsequent to date of the FS and the date of the
and purpose of the transactions. auditor’s report.
• Obtain a written representation from management concerning: ✓ Reviewing procedures management has
✓ Completeness of information on identification of related established to ensure that subsequent events
parties; and are identified.
Page | 62
occurred during the subsequent period that
require adjustments to or disclosure in the • Purpose of performing analytical procedures in the overall
financial statements. review stage of the audit: to ensure that the auditor’s overall
conclusion as to whether the financial statements as a whole are
▪ To consider/evaluate the effect of subsequent events consistent with the auditor’s understanding of the entity.
(whether such events are properly accounted for and
adequately disclosed) on the financial statements and on • Auditor’s focus when performing analytical procedures in the
the auditor’s report. overall review stage:
✓ Identifying unusual fluctuations or transactions or
Litigations and Claims unexpected account balances that were not previously
• Litigation and claims involving an entity may have a material identified.
effect on the financial statements and thus may be required to ▪ Requires investigation, adequate explanation and
be disclosed and/or provided for in the financial statements. appropriate corroborative evidence by performing
additional tests of details.
• Audit procedures regarding litigation and claims:
▪ Identify existence of any litigation and claims: The auditor ✓ Assessing the validity of the conclusions reached and
should carry out procedures to identify existence of any evaluating the overall financial statements presentation.
litigations and claims involving the entity which may result
in a material misstatement of the financial statements. Assessing going concern assumption
Such procedures would include the following: • Financial statements are ordinarily prepared based on going
concern basis, contrary to the quitting concern basis, in the
✓ Make appropriate inquiries of management absence of information to the contrary. This means that the
including obtaining representations. assets and liabilities are recorded on the basis that the entity will
be able to realize its assets and discharge its liabilities in the
✓ Review minutes of those charged with governance normal course of business.
and correspondence with the entity’s legal counsel.
• Going concern assumption – an entity is ordinarily viewed as
✓ Examine legal expense accounts. continuing in business for the foreseeable future with neither
the intention nor the necessity of liquidation, ceasing trading or
✓ Use any information obtained regarding the entity’s seeking protection from creditors pursuant to laws and
business including information obtained from regulations.
discussions with any in-house legal department.
• Management’s responsibility:
▪ Communicate directly with the entity’s lawyers: The ✓ Management should assess the entity’s ability to continue as
auditor should seek direct communication with the entity’s a going concern – making a judgment about the future
lawyers when litigation or claims have been identified or outcome of uncertain events or conditions (for a period of
when the auditor believes they may exist. The letter would one year from balance sheet date).
ordinarily specify the following:
✓ To disclosure (based on the result of assessment).
✓ A list of litigation and claims.
• Disclosure requirements if FS are not prepared on a going
✓ Management’s assessment of the outcome of the concern basis:
litigation or claim and its estimate of the financial ✓ The fact that FS are not prepared on a going concern basis.
implications, including costs involved.
✓ The basis on which the FS are prepared.
✓ A request that the entity’s legal counsel confirm the
reasonableness of management’s assessments and ✓ The reasons why the entity is not regarded as a going
provide the auditor with further information if the concern.
list is considered by the entity’s legal counsel to be
incomplete or incorrect. • Auditor’s responsibility:
o The letter, which should be prepared by ✓ Overall evaluation of the appropriateness of management’s
management and sent by the auditor, should use of the going concern assumption in the preparation of
request the lawyer to communicate directly the financial statements.
with the auditor.
✓ Identifying material uncertainties about the entity’s ability to
• If management refuses to give the auditor permission to continue as a going concern that need to be disclosed in the
communicate with the entity’s legal counsel, this would be a financial statements.
scope limitation and should ordinarily lead to a qualified opinion
or a disclaimer of opinion. ✓ Whether such events or conditions are adequately disclosed
in the financial statements.
• Where the entity’s legal counsel refuses to respond in an
appropriate manner and the auditor is unable to obtain ✓ Consider report modification because of these events or
sufficient appropriate audit evidence by applying alternative conditions.
audit procedures, the auditor would consider whether there is a
scope limitation which may lead to a qualified opinion or a ✓ If conditions or events such as those identified previously
disclaimer of opinion. create substantial doubt as to the ability of the entity to
continue as a going concern, the auditor should consider
Performing Wrap-Up Procedures whether management has feasible plans (plans for and the
Performing analytical procedures in the overall review at/near the ability to implement alternative means of maintaining
end of the audit adequate cash flows).
Analytical procedures involve analysis of significant ratios Factors that can mitigate the adverse effects of identified material
and trends including the resultant investigation of fluctuations and going concern uncertainty:
relationships that are inconsistent with other relevant information • The auditor should consider whether management has plans for
or expectation: and the ability to implement alternative means of maintaining
adequate cash flows to mitigate events and conditions that may
Analytical procedures are required to be performed during cast doubt about the entity’s ability to continue as a going
the planning and overall review stages. concern.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 63
• Examples of mitigating factors: • Forms of management representations: Management
o When there is a history of profitable operations and a representations may be verbal, whether solicited or unsolicited,
ready access to financial resources. or written, whether explicitly such as contained in a
management representation letter or implicitly such as
o Management has plans and ability to maintain adequate contained in financial information provided. The forms of
cash flows by alternative means, such as: representations include:
✓ Disposal of assets (including disposal of operations ✓ A representation letter from management – known as
producing negative cash flows). the management representation letter or client’s
representation letter.
✓ Borrowing money or restructuring debt.
✓ A letter from the auditor (confirmatory letter) – outlining
✓ Leasing (instead of purchasing) of PPE items. the auditor’s understanding of management’s
representations, duly acknowledged and confirmed by
✓ Renewal or, extension or rescheduling of loan management.
repayments.
✓ Relevant minutes of meetings (of the board of directors
✓ Reducing or delaying or postponing expenditures. or similar body).
• Review of compliance with debt and loan agreements ✓ Date: Should be appropriately dated (ordinarily
coincides with date of the auditor’s report.
• Reading minutes of meetings
✓ Signatory: Should be appropriately signed by the
• Inquiry of legal counsel members of management who have primary or overall
responsibility for financial and operating aspects of the
• Confirmation with related and third parties of arrangements for entity.
financial support
• Appropriate signatory of a management representation letter:
Management Representation Letter ✓ Owner-manager
• Auditor’s responsibility: The auditor should obtain appropriate
written representations from management. ✓ Chief/senior executive officer
✓ It reduces the possibility of misunderstanding between ✓ That management acknowledges its responsibility for the
the auditor and the client concerning the matters that design and implementation of internal control to prevent
are the subject of the representations. and detect error.
Page | 64
✓ Representations not directly related to items that are ✓ The auditor should determine whether other audit
material to the financial statements but are significant, procedures that were applied tend to compensate for the
either individually or in aggregate, to the engagement. omitted audit procedures. If so, no further action is
necessary.
✓ Representations that are relevant to management’s
judgments or estimates that are material, either ✓ If, on the other hand, the omitted audit procedures
individually or in aggregate, to the financial statements. impair the auditor's ability to support the previously
issued opinion, and there are people relying (or likely to
• Limitations of management representations: although rely) on the report, then the auditor should promptly
management representations are considered part of evidential undertake to apply the omitted procedures or the
matter, they (are): corresponding alternative procedures.
✓ Not a substitute for performing other audit procedures or
a means to reduce the auditor’s responsibility. ✓ If, after applying the omitted procedures, the auditor
determines that the financial statements are materially
✓ Not as the sole source of evidence on significant audit misstated and that the auditor's report is inappropriate,
matters. the auditor should discuss the matter with the
management and take steps to prevent future reliance
✓ Cannot be substitute for other audit evidence that the on the report.
auditor could reasonably expect to be available.
- - END - -
• Auditor’s responsibility on representations relating to matters
that are material to the financial statements:
✓ Seek corroborative audit evidence from sources inside or
outside the entity.
• Application of materiality:
✓ Representations may be limited to matters that are
considered either individually or collectively material to
the financial statements.
• Auditor’s action:
✓ The auditor should assess the importance of the omitted
procedures to his ability to support the audit opinion.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 65
FORMING AN OPINION AND AUDITOR’S REPORT ✓ Other Reporting Responsibilities
PSA 700: Forming an Opinion and Reporting on Financial ✓ Signature of the Auditor
Statements
✓ Auditor’s Address
PSA 701: Communicating Key Audit Matters in the Independent
Auditor’s Report ✓ Date of the Auditor’s Report
Page | 71
supplementary to the auditor’s responsibilities under the PSAs. o Disclaimer of Opinion – Amend this section to state only the
For example, the auditor may be asked to report certain matters following: “Our responsibility is to express an opinion on the
if they come to the auditor’s attention during the course of the financial statements based on conducting the audit in
audit of the financial statements. accordance with Philippine Standards on Auditing. Because of
o In some cases, the relevant law or regulation may require or the matter(s) described in the Basis for Disclaimer of Opinion
permit the auditor to report on these other responsibilities as paragraph, however, we were not able to obtain sufficient
part of their auditor’s report on the financial statements. In appropriate audit evidence to provide a basis for an audit
other cases, the auditor may be required or permitted to report opinion.”
on them in a separate report.
Basis for Modification Paragraph
Name of the Engagement Partner o The auditor shall include additional paragraph on the standard
o Naming the engagement partner in the auditor’s report is auditor’s report immediately before the opinion paragraph, and
intended to provide further transparency to the users of the use the heading “Basis for Qualified Opinion,” “Basis for Adverse
auditor’s report of a complete set of general purpose financial Opinion,” or “Basis for Disclaimer of Opinion,” as appropriate.
statements of a listed entity.
Opinion Paragraph
Signature of the Auditor o The auditor shall use the heading “Qualified Opinion,” “Adverse
o The auditor’s signature is either in the name of the audit firm, Opinion,” or “Disclaimer of Opinion,” as appropriate, for the
the personal name of the auditor or both, as appropriate for the opinion paragraph.
particular jurisdiction.
o In addition to the auditor’s signature, in certain jurisdictions, the Supplementary Information Presented with the Financial
auditor may be required to declare in the auditor’s report the Statements
auditor’s professional accountancy designation or the fact that o Supplementary information – information that is presented
the auditor or firm, as appropriate, has been recognized by the together with the FSs that is not required by the applicable FRF
appropriate licensing authority in that jurisdiction. used to prepare the FSs, normally presented in either
supplementary schedules or as additional notes.
Date of the Auditor’s Report
o The date of the auditor’s report informs the user of the auditor’s Comparative Information
report that the auditor has considered the effect of events and o The two broad approaches to the auditor’s reporting
transactions of which the auditor became aware and that responsibilities in respect of comparative information are:
occurred up to that date.
✓ Corresponding figures –comparative information where
Modifications to Auditor’s Report amounts and other disclosures for the prior period are
included as an integral part of the current period FSs, and
o The instances of modifications include when the auditor: are intended to be read only in relation to the amounts and
other disclosures relating to the current period (referred to
✓ Adds “Emphasis of Matter Paragraph” as “current period figures”). The level of detail presented in
the corresponding amounts and disclosures is dictated
✓ Includes “Other of Matter Paragraph” primarily by its relevance to the current period figures; and
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 72
Corresponding figures ✓ Financial ratios.
o The auditor’s opinion shall not refer to the corresponding figures
because the auditor’s opinion is on the current period FSs ✓ Names of officers and directors.
includes corresponding figures, except:
✓ Modification in auditor’s report on the prior period remain ✓ Selected quarterly data.
unresolved.
o The auditor’s opinion does not cover other information and the
✓ Misstatement in prior period FSs. auditor has no specific responsibility for determining whether or
not other information is properly stated. However, the auditor
✓ Prior period FSs not audited. reads the other information because the credibility of the
audited FSs and the auditor’s report may be undermined by
✓ Prior period FSs audited by a predecessor auditor. material inconsistencies between the audited FSs and other
information.
o If the auditor obtains audit evidence that a material
misstatement exists in the prior period FSs on which an Restriction on Distribution or Use or Alerting Readers to the Basis of
unmodified opinion has been previously issued, and the Accounting
corresponding figures have not been properly restated, the o When distribution or use of the auditor’s report on the audited
auditor shall express a qualified opinion or an adverse opinion FSs is restricted, or the auditor’s report on the audited FSs alerts
in the auditor’s report on the current period FSs. readers that the audited financial statements are prepared in
accordance with a special purpose framework, the auditor shall
o When the prior period FSs that are misstated have not been include a similar restriction or alert in the auditor’s report on the
amended and an auditor’s report has not been reissued, but the summary FSs.
corresponding figures have been properly restated or
appropriate disclosures have been made in the current period - - END - -
FSs, the auditor’s report may include an Emphasis of Matter
paragraph.
✓ Employment data.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 73
AUDITING IN A CIS (IT) ENVIRONMENT • Development and maintenance controls – designed to
provide reasonable assurance that systems are developed
Risk Assessments and Internal Control: or acquired, implemented and maintained in an
CIS Characteristics and Consideration authorized and efficient manner. They also typically are
designed to establish control over:
Organizational Structure
✓ Project initiation, requirements definition, systems
o Characteristics of a CIS organizational structure includes: design, testing, data conversion, go-live decision,
✓ Concentration of functions and knowledge: Although migration to production environment,
most systems employing CIS methods will include certain documentation of new or revised systems, and user
manual operations, generally the number of persons training
involved in the processing of financial information is
significantly reduced. ✓ Acquisition and implementation of off-the-shelf
packages
✓ Concentration of programs and data: Transaction and
master file data are often concentrated, usually in ✓ Request for changes to the existing systems
machine-readable form, either in one computer
installation located centrally or in a number of installations ✓ Acquisition, implementation, and maintenance of
distributed throughout the entity. system software
✓ Lack of visible audit trail: The transaction trail may be ✓ Internal external CIS audits
partly in machine-readable form and may exist only for a
limited period of time (e.g., audit logs may be set to CIS Application Controls – to establish specific control procedures
overwrite themselves after a period of time or when the over the application systems in order to provide reasonable
allocated disk space is consumed). assurance that all transactions are authorized, recorded and are
processed completely, accurately and on a timely basis. CIS
✓ Lack of visible output: Certain transactions or results of application controls include:
processing may not be printed or only summary data may
be printed. o Controls over Input – designed to provide reasonable
assurance that:
✓ Ease of access to data and computer programs: Data and ✓ Transactions are properly authorized before being
computer programs may be assessed and altered at the processed by the computer.
computer or through the use of computer equipment at
remote locations. Therefore, in the absence of ✓ Transactions are accurately converted into machine
appropriate controls, there is an increased potential for readable form and recorded in the computer data files.
unauthorized access to, and alteration of, data and
programs by persons inside or outside the entity. ✓ Transactions are not lost, added, duplicated or
improperly change.
Internal Controls in a CIS Environment
✓ Incorrect transactions are rejected, corrected and, if
o General CIS Controls – to establish a framework of overall necessary, resubmitted on a timely basis.
control over the CIS activities and to provide a reasonable level
of assurance that the overall objectives of internal control are o Controls over processing and computer data files – designed
achieved. to provide reasonable assurance that:
✓ Transactions, including system generated
o General CIS controls may include: transactions, re properly processed by the computer.
• Organization and management controls – designed to ✓ Transactions are not lost, added, duplicated or
define the strategic direction and establish an improperly changed.
organizational framework over CIS activities, including:
✓ Strategic information technology plan ✓ Processing errors (i.e., rejected data and incorrect
transactions) are identified and corrected on a timely
✓ CIS policies and procedures basis.
Page | 78
✓ Access to output is restricted to authorized personnel ▪ On-line/ real time processing - Individual transactions
on a timely basis. are entered at terminal devices, validated, and used to
update related computer files immediately.
✓ Output is provided to appropriate authorized
personnel on a timely basis. ▪ On-line/batch processing - Individual transactions are
entered at a terminal device, subjected to certain
Review of general CIS controls validation checks, and added to a transaction file that
o General CIS controls that relate to some or all applications are contains other transactions entered during the period.
typically interdependent controls in that their operation is Later, during a subsequent processing cycle, the
often essential to the effectiveness of CIS application controls. transaction file may be validated further and then used
Accordingly, it may be more efficient to review the design of to update relevant master file.
the general controls before reviewing the application controls.
NETWORK ENVIRONMENT
Review of CIS application controls o A network environment is a communication system that
o CIS application controls which the auditor may wish to test enables computer users to share computer equipment,
include: application software, data, and voice and video transmissions.
✓ Manual controls exercised by the user
o A file server is a computer with an operating system that allows
✓ Controls over system output multiple users in a network to access software applications and
data files.
✓ Programmed control procedures
o Basic types of networks
CIS ENVIRONMENTS – STAND-ALONE PERSONAL COMPUTERS ✓ Local area network (LAN)
o A personal computer (PC) can be used in various configurations.
These include: ✓ Wide area network (WAN)
✓ A stand-alone workstation operated by a single user or
a number of users at different times. ✓ metropolitan area network (MAN)
Page | 79
computer through an electronic communications network. In ✓ Ineffective if the client does not use the
electronic fund transfer (EFT) Systems, for example, electronic software teste.
transactions replace checks as a mean of payment.
▪ Integrated test facility (ITF)
o EDI controls include: ✓ A variation of test of data whereby simulated
data and actual data are run simultaneously
✓ Authentication – controls must exist over the origin, with the client’s program and computer
proper submission, and proper delivery of EDI results are compared with auditor’s
communications to ensure that the EDI messages are predetermined results.
accurately sent and received to and from authorized
customers and suppliers. ✓ It provides assurance that the software
tested is actually used to prepare financial
✓ Encryption – involves conversion of plain text data to reports.
cipher text data to make EDI messages unreadable to
unauthorized persons. ▪ Parallel simulation
▪ Test data
✓ A set of dummy transactions specifically
designed to test the control activities that
management claims to have incorporated
into the processing programs.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 80
CODE OF ETHICS Rules Applicable to all Professional Accountants
o Integrity and Objectivity
REFERENCE: ✓ Integrity implies not merely honesty but
fair dealing and truthfulness. The principle of
CODE OF ETHICS FOR PROFESSIONAL ACCOUNTANTS IN THE objectivity imposes the obligation on
PHILIPPINES (PARTS A, B, AND C) all professional accountants to be fair,
intellectually honest, and free of conflicts of
Code of Ethics for Professional Accountants in the Philippines interest.
o Based on the International Code of Ethics ✓ Professional accountants should neither accept
for professional accountants developed by the nor offer gifts or entertainment which might
International Federation of Accountants. reasonably be believed to have a significant and
improper influence on their professional
o Mandatory for all CPAs and is applicable to professional judgment or those with whom they deal.
services performed in the Philippines on or after January
1, 2004. o Professional Competence may be divided into two
separate phases, namely:
o Divided into three parts: ✓ Attainment of professional competence- requires
initially a high standard of general education
Part A - applies to all professional accountants unless oth followed by specific education, training,
erwise specified. and examination in professionally relevant
subjects and a period of work experience.
Part B - applies only to those professional accountants in
public practice. ✓ Maintenance of professional competence -
requires a continuing awareness of development
Part C - applies to employed professional accountants, a in the accountancy profession including relevant
nd may also apply, inappropriate circumstances, national and international pronouncements on
to accountants employed in public practice. accounting, auditing, and other relevant
regulations and statutory requirements.
Contents of the Code
o CONFIDENTIALITY
• Conceptual Framework ✓ Professional accountants have an obligation to
Approach to respect the confidentiality of information about a
Compliance client’s or employer’s affairs acquired in the
PART A – General course of professional services.
• Fundamental Principles
Application of the Code
• Threats and Safeguards
• Ethical Conflict ✓ The duty of confidentiality continues even after
Resolution the end of the relationship between the
professional accountant and the client or
• Professional
employer.
Appointment
• Conflicts of Interest
o TAX PRACTICE
• Second Opinions
✓ The professional accountant should ensure that
• Fees and Other Types of
the client or the employer are aware of the
Remuneration
limitations attaching to tax advice and services so
• Marketing Professional that they do not misinterpret an expression of
Services opinion as an assertion of fact.
PART B – Professional
• Gifts and Hospitality
Accountants in Public
• Custody of Clients ✓ A professional accountant should not be
Practice
• Objectivity – All associated with any return or communication in
Services which there is reason to believe that it:
• Independence – Audit
and Review • Contains a false or misleading statement;
Engagements
• Independence – Other • Contains statements or information
Assurance furnished recklessly or without any real
Engagements knowledge of whether they are true or
• Conflict of Interest false; or
• Preparation and
Reporting of • Omits or obscure information required to
PART C – Professional Information be submitted and such omission or
Accountants in Business • Acting with Sufficient obscurity would mislead the revenue
Expertise authorities.
• Financial Interest
• Inducements ✓ When a professional accountant learns of a
material error or omission in a tax return of a prior
Fundamental Principles that CPAs should observe: year, or the failure to file a required tax return,
he/she has a responsibility to:
✓ Integrity
• Promptly advise the client or employer
✓ Objectivity of the error or omission and recommend
that disclosure be made to the revenue
✓ Professional competence and due care authorities.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 84
▪ Should inform the client or the o Members of assurance teams, firms, and network firms
employer that it is possible to act should identify THREATS to independence, evaluate the
for them in connection with that significance of those threats, and, if the threats are other
return or other related information than clearly insignificant, identify and apply
submitted to the authorities; and SAFEGUARDS to eliminate the threats or reduce them to
acceptable level, such that independence of mind and
▪ Should consider whether independence in appearance are not compromised. In
continued association with the situations when no safeguards are available to reduce
client or employer in any capacity the threat to an acceptable level. The only
is consistent with professional possible actions are to:
responsibilities.
✓ Eliminate the activities or interest creating the
o Cross Border Activities threat; or
• When a professional accountant performs
services in a country other than the home ✓ Refuse to accept or continue the assurance
country and differences on specific matters exist engagement.
between ethical requirements of the two
countries, the following provisions should be Independence Requirements in Assurance Engagements
applied: o For assurance engagements provided to an audit
client, the member of the assurance team, the firm and
✓ When the ethical requirements of the network firms are required to be independent of the
country in which the services are being client.
performed are LESS STRICT than the
Philippine Code of Ethics, then our o For assurance engagements provided to clients that
code should be applied. are not audit clients, when the report is not expressly
restricted for use by identified users, the members of
✓ When the ethical requirements of the the assurance team and firm are required to be
country in which the services are being independent of the client.
performed are STRICTER than our code,
then the ethical requirements in o For assurance engagements provided to clients that
the country where services are being are not audit clients, when the assurance report is
performed should be applied. expressly restricted for use by identified users, the
members of the assurance team are required to be
✓ When the ethical requirements of the independent of the client. In addition, the firm should
Philippines are mandatory for services not have a material director indirect financial interest in
performed outside the Philippines and the client.
are stricter than that set out in (1)
and (2) above, then the ethical Network firm - an entity under common control, ownership or
requirements of the Philippines should management with the firm or any entity that a reasonable and
be applied. informed third party having knowledge of all relevant
o Publicity information would reasonably conclude as being part of the
• In the marketing and promotion of themselves firm nationally or internationally.
and their work, professional accountants should:
Financial interest - an interest in equity or other security,
✓ Not use means which brings the debenture, loan or other debt instrument of an entity
profession into disrepute. including rights and obligations to acquire such an interest and
derivatives directly related to such interest.
✓ Not make exaggerated claims for the
services they are able to offer, the Direct financial interest - a financial interest:
qualifications they possess, or o Owned directly by and under the control of an individual
experience they have gained; and or entity; or
✓ Not denigrate the work of other o Beneficially owned through a collective investment
accountants. vehicle, estate, trust, or other intermediary over which
the individual or entity has control.
Rules Applicable to Professional Accountants in Public
Practice Indirect financial interest - a financial interest beneficially
owned through a collective investment vehicle, estate, trust
Independence or other intermediary over which the individual or entity has
no control.
o Independence requires:
✓ Independence of mind - The state of mind that Threats to Compliance with Fundamental Principles
permits the provision of an opinion without o Self-Interest Threat – The threat that a financial or other
being affected by influences that compromise interest will inappropriately influence the accountant’s
professional judgment, allowing an individual judgement or behavior. Examples:
to act with integrity, and exercise objectivity ✓ A direct financial interest or material indirect
and professional skepticism. financial interest in an assurance client.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 85
✓ Concern about the possibility of losing the
engagement. ✓ Accepting gifts or preferential treatment from a
client, unless the value is trivial or
✓ Having a significant close business relationship inconsequential.
with an assurance client.
✓ Senior personnel having a long association with
✓ Participating in incentive compensation the assurance client.
arrangements offered by the employer.
✓ Being responsible for the employer’s financial
✓ Potential employment with an assurance client. reporting when an immediate or close family
member employed by the entity makes
✓ Contingent fees relating to assurance decisions that affect the entity’s financial
engagements. reporting.
Examples are:
✓ Promoting shares in an audit client.
Examples are:
✓ A member of the engagement team having a
close or immediate family member who is a
director, an officer, or an employee in a position
to exert significant influence over the subject
matter of the engagement of the client.
Page | 86
REPUBLIC ACT NO. 9298 – PHILIPPINE ACCOUNTANCY ACT OF professional knowledge in the science of accounting, or
2004 (AND ITS IMPLEMENTING RULES AND REGULATIONS) where a civil service eligibility as a CPA is a prerequisite.
Republic Act 9298: Philippine Accountancy Act of 2004 (Revised in o Single practitioners (individual CPAs) and Partnership of CPAs
2016) shall be registered CPAs in the Philippines.
o The SEC shall not register any corporation organized for the
Objectives of the Philippine Accountancy Act: practice of public accountancy. In other words, corporation
o The standardization and regulation of accounting education. form of CPA firm is not allowed.
o A certificate of accreditation issued only after showing that
o The examination for registration of CPAs. the registrant has acquired the minimum 3 years meaningful
experience in any of the areas of accountancy (whether in the
o The supervision, control, and regulation of the practice of public accountancy, commerce and industry,
accountancy in the Philippines. education/academe and government).
✓ When the CPA represents his employer before o Non-Filipino professional accountants/CPAs:
government agencies on tax and other matters
related to accounting. ✓ Are also not allowed to practice accountancy in the
Philippines, unless:
✓ When such employment or position requires that
the holder thereof must be a CPA. • Through foreign reciprocity.
• Practice in Education / Academe – Practice in education • With valid temporary/special permit duly issued by
or the academe shall constitute in a person in an the BOA and the PRC.
educational institution which involve teaching of
accounting, auditing, management advisory services, Professional Regulatory Board of Accountancy (BOA):
finance, business law, taxation, and other technically o The BOA is the official government agency empowered to
related subjects. enforce RA 9298.
✓ A CPA is considered to be engaged in the practice o BOA is under the supervision and administrative control of the
of accountancy in education / academe if he/she Professional Regulation Commission (PRC).
is employed in educational institutions as
teachers of accounting, auditing, MAS, • Composition of BOA:
(accounting aspects of) finance, business law, ✓ BOA shall be composed of a chairman and 6 members
taxation and other technically related subjects. (all of which are to be appointed by the President of
the Philippines).
✓ Members of the Integrated Bar of the Philippines
(IBP) may be allowed to teach law and taxation ✓ BOA shall elect a vice-chairman from among its
subjects. members for a term of 1 year.
✓ The position of either the Dean or department ✓ According to the IRR, the 4 sectors in the practice of
chairman (or its equivalent) that supervises the accountancy shall as much as possible be equitably
BSA program of an educational institution is represented in the BOA.
deemed to be in practice of accountancy in the
academic /education and therefore must be • Qualifications of BOA members: At the time of
occupied only by a duly registered CPA. appointment, he/she must be:
• Practice in Government – Practice in the government ✓ Natural-born citizen and a resident of the Philippines.
shall constitute in a person who holds, or is appointed
to, a position in an accounting professional group in ✓ Duly registered CPA with at least 10 years of work
government or in a government-owned and/or experience in ANY scope of practice of accountancy.
controlled corporation, including those performing
proprietary functions, where decision making requires ✓ Of good moral character and must not have been
convicted of crimes involving moral turpitude.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 92
CPA Examinations:
✓ Not have any pecuniary interest, directly or indirectly, o All applicants for registration for the practice of accountancy
in any school, college, university or institution shall be required to undergo a licensure examination to be
conferring an academic degree necessary for given by the BOA in such places and dates as the PRC may
admission to the practice of accountancy (those that designate subject to compliance with the requirements
offer BSA degree) or where review classes in prescribed by the PRC in accordance with Republic Act No.
preparation for the licensure examination are being 8981.
offered or conducted, nor shall he/she be a member
of the faculty or administration thereof at the time of • Qualifications of Applicants for CPA Examinations:
his/her appointment to the BOA. ✓ Must be a Filipino citizen.
✓ Not be a director/officer of the APO (PICPA) at the ✓ Must be of good moral character.
time of his/her appointment – this is an additional
requirement under the IRR. ✓ Must be a holder of the degree of BSA
conferred by a school, college, academy or
• Term of office of BOA members: institute duly recognized and/or accredited by
✓ The Chairman and the members of the BOA members the CHED or other authorized government
shall hold office for a term of 3 years. offices.
✓ Any vacancy during the term of a member shall be ✓ Has not been convicted of any criminal offense
filled up for the unexpired portion of the term only. involving moral turpitude.
Appointment to fill up an unexpired term is not to be
construed as a complete term. • Scope of Examinations:
✓ No person who has served 2 successive complete ▪ The CPA examination shall cover, but are not limited
terms shall be eligible for reappointment until the to, the following subjects:
lapse of 1 year.
✓ Financial Accounting and Reporting
✓ No person shall serve in the BOA for more than 12
years. ✓ Advanced Financial Accounting and Reporting
• Powers and Functions of the BOA: The BOA shall exercise ✓ Management Advisory Services
the following specific powers, functions and
responsibilities: ✓ Auditing
✓ To prescribe and adopt the rules and regulations
necessary for carrying out the provisions of this Act ✓ Regulatory Framework for Business
(RA 9298). Transactions
• Grounds for Suspension or Removal of BOA Members: ✓ If the candidate fails to obtain at least a general
✓ The President of the Philippines, upon the average of 75% and a rating of at least 65% in
recommendation of the PRC may suspend or remove each of the subjects reexamined, he/she shall
any BOA member on the following grounds: be considered as failed in the entire
examination.
▪ Neglect of duty or incompetence.
✓ The original exam and the removal exam are
▪ Violation or tolerance of any violation of RA 9298 counted as one exam only.
and its IRR or the CPA Code of Ethics and the
technical and professional standards of practice • Candidates required to take Refresher Course:
for CPAs. ✓ Any candidate who fails in 2 complete CPA
exams shall be disqualified from taking another
▪ Final judgment of crimes involving moral set of examinations unless he/she submits
turpitude. evidence to the satisfaction of the BOA that
he/she enrolled in and completed a refresher
▪ Manipulation or rigging of the CPA's licensure course with at least 24 units of subjects given
examination results, disclosure of secret and in the CPA exams.
confidential information in the examination
questions prior to the conduct of the said o The examination in which the candidate was conditioned
examination or tampering of grades. together with the removal examination on the subject in
which he/she failed shall be counted as one complete
examination.
This document is strictly private and confidential and should not be shared or distributed to a third party. Any violation gives Pinnacle the right to seek legal recourse.
Page | 93
o The IRR provides that the required refresher course (whether ✓ Guilty of immoral and dishonorable conduct.
regular or special refresher course) shall be offered only by an
educational institution granting a degree of BSA. ✓ Of unsound mind.
Page | 94
Philippines and his/her engagement is confined to affecting the practice of accountancy and adoption of such
teaching only. measures, including promulgation of accounting and
auditing standards, rules and regulations and best
✓ A foreign CPA who is an internationally recognized practices.
expert or with specialization in any branch of
accountancy and his/her service is essential for the Professional and Sectoral Organizations:
advancement of accountancy in the Philippines. o Philippine Institute of Certified Public Accountant (PICPA) –
the globally-recognized and integrated national professional
Penal Provisions: organization of CPAs in the Philippines accredited by the BOA
o Any person who shall violate any of the provisions of this Act and the PRC.
or any of its IRR shall, upon conviction, be punished by:
✓ Fine – not less than P 50,000.00, or ✓ PICPA is designated as the accredited professional
organization (APO) in the Philippines.
✓ Imprisonment – for a period not exceeding 2 years, or
both. ✓ The Mission of PICPA is to enhance the integrity of the
accountancy profession, serve the best interest of its
Standard-Setting Bodies: members and other stakeholders, and contribute to
the attainment of the country's national objectives.
o Local/Domestic:
✓ Financial Reporting Standards Council (FRSC) – o PICPA must renew its accreditation once every three years.
accounting standard-setting body/council created by
the BOA. o Sectoral Organizations
AASC Composition/Membership:
Chairman (had been or presently a senior 1
accounting practitioner in public accountancy)
BOA 1
SEC 1
BSP 1
COA 1
Association or organization of CPAs 1
in active public practice of accountancy
Accredited National Professional Organization
of CPAs - PICPA:
Public practice 6
Commerce and industry 1
Academe/Education 1
Government 1 9
Total members 15
Page | 95