UNIVERSITY OF LA SALETTE

AUDITING AND ASSURANCE PRINCIPLES

ATTY. JIMMY I. PERU, JD, MBM, MICB, CPA

Module No. 4: PSA 200, 210, 240

PSA 200 – OVERALL OBJECTIVE OF THE INDEPENDENT AUDITOR AND THE

CONDUCT OF AN AUDIT IN ACCORDANCE WITH PSA
PSA 210- TERMS OF AUDIT ENGAGEMENTS
PSA 240: THE AUDITOR’S RESPONSIBILITIES RELATING TO FRAUD IN AN
AUDIT OF FINANCIAL STATEMENTS

PSA 200 – OVERALL OBJECTIVE OF THE INDEPENDENT AUDITOR AND THE CONDUCT
OF AN AUDIT IN ACCORDANCE WITH PSA

An Audit of Financial Statements

• Purpose of audit: To enhance the degree of confidence of intended users in the
financial statements. This is achieved by the expression of an opinion by the
auditor whether the financial statements are prepared, in all materials respects, in
accordance with an applicable financial reporting framework.

In my opinion, the financial statements present fairly, in all material respects, the
financial position of ABC Company, as of May 31, 2013 and of its financial
performance and its cash flows for the year then ended in accordance with
Philippine Financial Reporting Standards.

• The auditor’s opinion does not assure the future viability of the entity
• The auditor’s opinion does not assure the efficiency or effectiveness with which
management has conducted the affairs of the entity
• An audit is not intended to and cannot provide a guarantee or absolute assurance.

Overall Objectives of the Auditor

1. To obtain reasonable assurance about whether the financial statements as a whole
are free from material misstatement, whether due to fraud or error, thereby
enabling the auditor to express an opinion
2. To report on the financial statements and communicate as required by the PSAs, in
accordance with the auditor’s findings.

In all cases when reasonable assurance cannot be obtained and a qualified opinion in
the auditor’s report is insufficient, the PSAs require that the auditor disclaim an opinion
or withdraw from the engagement.

Preparation of the Financial Statements

An audit by an independent auditor is premised on the fact that the financial

statements subject to audit are those of the entity, prepared and presented by
management of the entity with oversight from those charged with governance, with
the auditor engaged for purposes of forming and expressing an opinion on them.
• The audit of the financial statements does not relieve management and those
charged with governance of their responsibilities.

Professional Skepticism

Professional skepticism is an attitude that includes a questioning mind and a critical

assessment of audit evidence.

Professional skepticism includes being alert to:

• Audit evidence that contradicts other audit evidence obtained
• Information that brings into question the reliability of documents and responses to
inquiries to be used as audit evidence
• Conditions that may indicate possible fraud
• Circumstances that suggest the need for audit procedures in addition to those
required by the PSAs

Professional Judgement

Professional Judgement is exercise by an auditor whose training, knowledge and

experience have assisted in
developing the necessary competencies to achieve reasonable judgements.
Sufficient Appropriate Audit Evidence
• Audit evidence is necessary to support the auditor’s opinion and report.
• Audit evidence comprises both information that supports and corroborates
management assertions
• Sufficiency is the measure of quantity of audit evidence
• Obtaining more audit evidence, may not compensate for its poor quality
• Appropriateness is the measure of the quality of audit evidence
• Appropriateness means both valid and relevant
• The higher the quality, the lesser quantity is required

Audit Risk

Audit risk is the risk that the auditor expresses an inappropriate audit opinion when the
FS are materially misstated. Audit risk is a function of the risks of material misstatement
and detection risk.

Components

1. Inherent risk: the susceptibility of the subject matter information to a material

misstatement, assuming that there are no related controls; and
2. Control risk: the risk that a material misstatement that could occur will not be
prevented, or detected and corrected, on a timely basis by related internal controls.
When control risk is relevant to the subject matter, some control risk will always
exist because of the inherent limitations of the design and operation of internal
control; and
3. Detection risk: the risk that the practitioner will not detect a material
misstatement that exists.

Risk of Material Misstatement (RMM)

Two levels
1. Overall FS level
2. Assertion level (classes of transaction, account balances, disclosures)

Components of RMM at the assertion level

1. Inherent risk
2. Control risk

Inherent Limitations of an audit

• The auditor is expected to and cannot reduce audit risk to zero
• The auditor cannot obtain absolute assurance that the FS are free from material
misstatement
• Fraud may involve sophisticated and carefully organized schemes designed to
conceal it
• The auditor is neither trained nor expected to be an expert in the authentication of
documents
• An audit is not an official investigation into alleged wrongdoing
• The subsequent discovery of a material misstatement of the FS resulting from fraud
or error does not by itself indicate a failure to conduct an audit in accordance with
PSAs

Benefit and Cost

• The matter of difficulty, time and cost involved is not in itself a valid basis for the
auditor to omit an audit procedure for which there is no alternative or to be
satisfied with audit evidence that is less than persuasive

PSA 210- TERMS OF AUDIT ENGAGEMENTS

The auditor and the client should agree on the terms of the engagement. The agreed
terms would need to be recorded in an audit engagement letter or other suitable
form of contract. It is the interest of both client and auditor that the auditor sends an
engagement letter, preferably before the commencement of the engagement, to help
in avoiding misunderstandings with respect to the engagement.

The engagement letter documents and confirms:

1. The auditor’s acceptance of the appointment
2. The objective and scope of the audit
3. The extent of the auditor’s responsibilities to the client
4. The form of any reports

Preconditions for an Audit

2|Page
In order to establish whether the preconditions for an audit are present, the auditor
shall:
a) Determine whether the financial reporting framework to be applied in the
preparation of the financial statements is acceptable
b) Obtain the agreement of management that it acknowledges and understands its
responsibility
(i) Financial statements
(ii) Internal control
(iii) To provide the auditor with
a. Access all information
b. Additional information
c. Unrestricted access to persons

Agreement on Audit Engagement Terms

Principal contents

The form and content of audit engagement letters may vary for each client, but they
would generally include:
FORAM
• The Objective and scope of the audit of financial statements.
• Management responsibilities
• Auditor responsibilities
• The Financial reporting framework for the preparation the financial statements
• The form and content of any Reports to be issued by the auditor and a statement
that there maybe circumstances in which a report may differ from its expected form
and content

The auditor may also wish to include in the letter:

• Elaboration of the scope of audit

• The form of any other communication of results of the audit engagement
• Unavoidable risk that some material misstatements may not be detected due to
inherent limitations of audit and internal control
• Arrangements regarding the planning and performance of the audit.
• Expectation that management will provide written representations
• Availability of draft financial statements given to auditor
• Basis on which fees are computed and any billing arrangements.
• Request for management to acknowledge receipt of the audit engagement letter
and to agree to the terms of the engagement outlined therein

When relevant, the following points could also be made:

• Arrangements concerning the involvement of other auditors and experts in some

aspects of the audit.
• Arrangements concerning the involvement of internal auditors and other client staff.
• Arrangements to be made with the predecessor auditor, if any, in the case of an
initial audit.
• Any restriction of the auditor’s liability when such possibility exists.
• A reference to any further agreements between the auditor and the entity.
• Any obligations to provide audit working papers to other parties

Audits of Components

When the auditor of a parent entity is also the auditor of its subsidiary, branch or
division (component), the factors that influence the decision whether to send a
separate engagement letter to the component include:
• Who appoints the auditor of the component
• Whether a separate audit report is to be issued on the component
• Legal requirements in relation to audit appointment
• Degree of ownership by parent.
• Degree of independence of the component’s management

Recurring Audits

On recurring audits, the auditor should consider whether circumstances require the
terms of the engagement to be revised and whether there is a need to remind the
client of the existing terms of the engagement.

The auditor may decide not to send a new engagement letter each period. However,
the following factors may make it appropriate to send a new letter.
3|Page
• Any indication that the entity misunderstands the objective and scope of the audit.
• Any revised or special terms of the audit engagement
• A recent change of senior management
• A significant change in ownership
• A significant change in nature of size of the entity’s business
• A change in legal and regulatory requirements.
• A change in the financial reporting framework adopted in the preparation the
financial statements
• A change in other reporting requirements

Acceptance of a Change in Engagement

A request from the client for the auditor to change the engagement may result from:
1. A change in circumstances affecting the need for the service;
2. A misunderstanding as to the nature of an audit as originally requested; or
3. A restriction on the scope of the audit engagement, whether imposed by
management or caused by circumstances.

If the auditor concludes that there is reasonable justification to change the audit
engagement to a review or a related service, in order to avoid confusing the
reader, the report would not include reference to:
a) The original audit engagement; or
b) Any procedures that may have been performed in the original audit engagement,
except where the engagement is changed to an engagement to undertake agree-
upon procedures and thus reference to the procedures performed is a normal part
of the report.

PSA 240: THE AUDITOR’S RESPONSIBILITIES RELATING TO FRAUD IN AN

AUDIT OF FINANCIAL STATEMENTS

Fraud
An intentional act by one or more individuals among management, those charged with
governance, employees or third parties, involving the use of deception to obtain unjust
or illegal advantage

Two types of Fraud or Misstatements

1. Fraudulent financial reporting
2. Misappropriation of assets

Fraudulent Financial Reporting

• Manipulation, falsification (including forgery) or alteration of accounting records or
supporting documentation from which the FS are prepared
• Misrepresentation in, or intentional omission from, the FS of events, transactions or
other significant information
• Intentional misapplication of accounting principles relating to amounts,
classification, manner of presentation, or disclosure

Fraudulent Financial Reporting involves Management override of controls using the

following techniques:
• Recording fictitious journal entries
• Inappropriately adjusting assumptions
• Omitting, advancing or delaying recognition in the FS of events and transactions
• Concealing or not disclosing facts
• Engaging in complex transactions structured to misrepresent
• Altering records and terms

Misappropriation of Assets
• Embezzling receipts
• Stealing physical assets
• Causing an entity to pay for goods not received
• Using an entity’s assets for personal use

Fraud Risk Factors

Events or conditions that indicate an incentive or pressure to commit fraud or provide

an opportunity to commit fraud

Classifications of Fraud Risk Factors

1. Incentives/pressures
2. Opportunities
3. Attitudes/rationalizations

4|Page
Evaluation of Fraud Risk Factors

Fraud risk factors may not necessarily indicate the existence of fraud, they have often
been present in circumstances where frauds have occurred and therefore may indicate
risks of material misstatement due to fraud

Audit Procedures to Address the Assessed Risks of Material Misstatements

Due to Fraud
• Visiting locations or performing tests on a surprise basis
• Requesting that inventories be counted at year-end
• Altering the audit approach in the current year
• Investigating the possibility of related parties
• Performing substantial analytical procedures using disaggregated data
• Conducting interviews
• Performing CAATs
• Testing the integrity of computer-produced records

Circumstances that Indicate the Possibility of Fraud

• Discrepancies in the accounting records
o Incomplete recording
o Unsupported or unauthorized transactions
o Last-minute adjustments
o Inconsistent access to systems and records
o Tips or complaints to auditors about alleged fraud
• Conflicting or Missing evidence
o Missing documents
o Altered documents
o Unavailability of original documents
o Significant unexplained items in reconciliations
• Problematic or unusual relationships between the auditor and management
o Denial of access to records
o Undue time pressure
o Complains by management about the conduct of audit
o Unusual delays of requested information
o Unwillingness to facilitate auditor
o Unwillingness to add or revised disclosures
o Unwillingness to address identified weaknesses in internal control

Responsibility for the Prevention and Detection of Fraud

The primary responsibility for the prevention and detection of fraud rests with both
those charged with governance of the entity and management.

Responsibilities of the Auditor

An auditor conducting an audit in accordance with PSAs is responsible for obtaining

reasonable assurance that the financial statements taken as a whole are free from
material misstatement, whether caused by fraud or error.

• The risk of not detecting a material misstatement resulting from fraud is higher
than the risk of not detecting one resulting from error
• The risk of the auditor not detecting a material misstatement resulting from
management fraud is greater than for employee fraud

Auditor Unable to Continue the Engagement

If, as a result of a misstatement resulting from fraud or suspected fraud, the auditor
encounters exceptional circumstances that bring into question the auditor’s ability to
continue performing the audit, the auditor shall:
a) Determine the professional and legal responsibilities applicable in the
circumstances, including whether there is a requirement for the auditor to report to
the person or persons who made the audit appointment or in some cases to
regulatory authorities
b) Consider whether it is appropriate to withdraw from the engagement, where
withdrawal from the engagement is legally permitted
c) If the auditor withdraws
i. Discuss with the appropriate level of management and those charged with
governance the auditor’s withdrawal from the engagement and the reasons for
the withdrawal
ii. Determine if there is a professional or legal requirement to report to the person
or persons who made the audit appointment or in some cases, to regulatory

5|Page
 authorities, the auditor’s withdrawal from the engagement and the reasons for
the withdraw

Risk Factors Relating to Misstatements Arising from Fraudulent Financial

Reporting

Incentive Financial stability or • High degree of competition or market saturation

s/ profitability • High vulnerability to rapid changes (technology, product obsolescence,
Pressures interest rates)
• Significant decline in customer demand and increasing business failures
• Operating losses (bankruptcy, foreclosure, hostile takeover)
• Recurring negative cash flows
• Rapid growth or unusual profitability
• New accounting, statutory or regulatory requirements
Excessive pressure • Profitability or trend level expectations
exists for mngment to • Need to obtain additional financing
meet the reqts or • Marginal ability to meet listing requirements
expectations of third • Perceived or real adverse effects of reporting poor financial results
parties
Opportun Nature of the entity • Significant related party transactions not in the ordinary course of
ities business not audited or audited by another firm
• Strong financial presence or ability to dominate a certain industry sector
• Assets, liabilities, revenues and expenses based on significant estimates
• Significant, unusual or complex transactions
• Significant operations located across international borders
• Significant bank accounts in tax-haven jurisdictions
Monitoring of mngnt • Domination of management by a single person
is not effective • Oversight is not effective
Complex or unstable • Difficulty in determining the organization or individuals that have
organizational controlling interest in the entity
structure • Overly complex org’l structure
• High turnover of senior management, legal counsel
Internal components • Inadequate monitoring of controls
control are deficient • High turnover rate or employment of accounting, internal audit or IT staff
• Accounting and information systems are not effective

Attitudes • Communication, implementation, support or enforcement of the entity’s

/ values or ethical standards are not effective
Rationali • Nonfinancial management’s excessive participation in with the selection
zations of accounting policies
• Excessive interest by management in maintaining or increasing the
entity’s stock price or earnings trend
• The practice by management of committing to analysts, creditors, and
other third parties to achieve aggressive or unrealistic forecasts
• Management failing to correct known material weaknesses in internal
control on a timely basis
• Low morale among senior management
• Dispute between shareholders in a closely held entity
• The relationship between management and the current or predecessor
auditor is strained

Risk Factors Relating to Misstatements Arising from Misappropriation of

Assets

Incentive Personal financial

s/ obligations
Pressures
Adverse relationships • Known or anticipated future employee layoffs
between entity and • Recent or anticipated changes to employee compensation or benefit plans
employees with • Promotions, compensation or other reward inconsistent with expectations
access to cash
Opportun Characteristics of • Large amounts of cash on hand
ities assets • Inventory items that are small in size, of high value, or in high demand
• Easily convertible assets, such as bearer bonds, diamonds or computer
chips
• Fixed assets which are small in size, marketable or lacking observable
identification of ownership

6|Page
 Inadequate internal • Inadequate segregation of duties
control • Inadequate management oversight
• Inadequate job applicant screening
• Inadequate record keeping
• Inadequate system of authorization and approval of transactions
• Inadequate physical safeguard over cash, investments, inventory or fixed
assets
• Lack of complete and timely reconciliation of assets
• Lack of timely and inappropriate documentation of transactions
• Lack of mandatory vacations for employees performing key control
functions
• Inadequate management understanding of IT
• Inadequate access control over automated records
Attitudes • Disregard for the need for monitoring
/ • Disregard for internal control over misappropriation of assets
Rationali • Behavior indicating displeasure or dissatisfaction with the entity
zations • Changes in behavior or lifestyle
• Tolerance to petty theft

7|Page