CHAPTER ONE

INTRODUCTION
LEARNING OBJECTIVES

After studying the material in this chapter, you should be able to:
 Explain the general nature of the audit function;
 Distinguish between financial statement audits, compliance audits and operational
audits;
 Distinguish between external and internal audits;
 Distinguish between the different types of auditors;
 Identify the common attributes of assurance services;
 Identify the variety of services and levels of assurance in the universe of assurance
services;
 Describe how auditing differs from accounting;
 Explain why financial statement audits are necessary; and
 Describe the economic benefits and limitations of an audit.

1. WHAT IS AUDITING?

The term auditing is used to describe a broad range of activities in the modern society. In
order to understand what an audit is and how it its conducted in the modern context, a
definition is needed. A comprehensive definition of auditing with general application is as
follows:

“Auditing is a systematic process of objectively obtaining and evaluating evidence

regarding assertions about economic actions and events to ascertain the degree of
correspondence between those assertions and established criteria and
communicating the results to interested users.”

Several attributes of auditing contained in this definition merit special comment:

A systematic process connotes a logical, structured, and organized series of steps or

procedures. Thus auditing proceeds by means of an ordered and structured series of steps.

Objectively obtaining and evaluating evidence means examining the bases for the assertions
and judiciously evaluating the results without bias or prejudice either for or against the
individual (or entity) making the assertions.

Assertions about economic actions and events are the representations made by the entity or
individual. They comprise the subject matter of auditing. Assertions include information
contained in financial statements, internal operating reports, and tax returns.

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 1

Degree of correspondence refers to the closeness with which the assertions can be identified
with established criteria. The expression of correspondence may be quantified, such as the
amount of shortage in a petty cash fund, or it may be qualitative, such as the fairness of
financial statements.

Established criteria are the standards against which the assertions or representations are
judged. Criteria may be specific rules prescribed by a legislative body, budgets, and other
measures of performance set by management, or International Financial Reporting Standards
(IFRS) formerly called International Accounting Standards (IAS), which are set by, for
instance, the International Accounting Standards Board (IASB) and other authoritative
bodies.

Communicating the results is achieved through a written report that indicates the degree of
correspondence between the assertions and established criteria. The communication of results
either enhances or weakens the credibility of the representations made by another party. The
goal of the audit process is to add credibility to management’s representations so that
interested users can use the information with reasonable assurance that it is free of material
misstatement.

Interested users are individuals who use (rely on) the auditor’s findings. In a business
environment, they include stockholders, management, creditors, governmental agencies, and
the public.

These attributes provide a sound description of the auditor’s work. Many of these attributes
are common to all types of audits.

2. TYPES OF AUDIT

Audits may be classified in various ways. They may, for instance, be categorized according
to:
 The primary objective of the audit; or
 The primary beneficiaries of the audit.

2.1 Classification by Primary Audit Objective

Based on primary audit objective, four main categories of audits may be recognized, namely:
(i) Financial statement audits,
(ii) Operational Audit
(iii) Compliance audits,
(iv) Forensic audits

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 2

i) Financial Statement Audit

A financial statement audit involves obtaining and evaluating evidence about an entity’s
presentation of its financial position, results of operations, and cash flows for the purpose of
expressing an opinion on whether they are presented fairly in conformity with established
criteria-usually such as International Financial Reporting Standards (IFRS). In most cases
only Certified Accountants can perform financial statement audits, and the company whose
statements are being audited usually hires the external audit firm. The results of financial
statement audits are distributed to a wide spectrum of users such as stockholders, creditors,
regulatory agencies, and the general public through the auditor’s report on financial
statements. In addition, the external auditor also prepares a report to the audit committee of
the board of directors about the company’s accounting policies, internal controls, and other
audit findings.

Financial statement audits for major corporations are indispensable to the functioning of
securities markets. Many lenders and creditors also rely on financial statement audits to
obtain assurance about the reliability of information used to support lending decisions. High-
quality financial audits significantly reduce the risk that investors and creditors will use poor-
quality information when making a variety of investment decisions. In addition, the audit
logic developed for financial statement audits is the cornerstone on which auditors have
developed compliance audits, operational audits, and a wide array of attest and assurance
services. As a result, this course gives extensive consideration to the logic underlying the
audit of financial statements.

Companies taking advantage of the audit exemption, and also partnerships and sole traders
(which do not need to appoint an auditor), may still require financial statement audits for
specific purposes. For example, if one of these entities approaches a bank for a loan, the bank
may require audited financial statements as a basis for deciding whether or not to grant the
loan. Further, it is usual for clubs and societies to include in their constitution a requirement
for their annual financial statements to be audited.

ii) Compliance Audit

A compliance audit involves obtaining and evaluating evidence to determine whether certain
financial or operating activities of an entity conform to specified conditions, rules, or
regulations. The established criteria in this type of audit may come from a variety of sources.

For example, compliance audits may be based on criteria established by creditors. In this
case, a bond covenant may require the maintenance of a specified current ratio. Possibly the
widest application of compliance audits relates to criteria based on government regulations.
Corporations, for example, must comply with extensive income tax and other governmental
regulations that are subject to audit. Defence contractors must comply with the terms and
conditions of government contracts.

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 3

Some reports of independent auditors come in the form of an audit report on the adequacy of
internal control for general-purpose uses. Other reports on compliance audits may be directed
to the authority that established the criteria and may include either (1) a summary of findings
or (2) an expression of assurance as to the degree of compliance with those criteria.

iii) Operational Audit

An operational audit involves obtaining and evaluating evidence about the efficiency and
effectiveness of an entity’s operating activities in relation to specified objectives. This type of
audit is sometimes referred to as a performance audit or a management audit. Such audits are
usually initiated by the entity’s management and are conducted by competent, experienced
professionals (internal or external to the organization) who report their findings to
management. An operational audit may apply to the organization as a whole or to an
identified segment thereof, such as a subsidiary, division or department. The objectives of the
audit may be broad, for example, to improve the overall efficiency’ of the entity, or narrow
and designed, for example, to solve a specific problem such as excessive staff turnover.

In a business enterprise, the scope of the audit may encompass all the activities of (1) a
department, branch, or division, or (2) a function that may cross business unit lines such as
marketing or data processing. In the federal government, an operational audit might extend to
all the activities of (1) an agency, such as the Emergency Management Agency or (2) a
particular program, such as the distribution of food stamps. The criteria or objectives against
which efficiency and effectiveness are measured may be specified, for example, by
management or enabling legislation. In other cases, the operational auditor may assist in
specifying the criteria to be used.

Reports on such audits typically include not only an assessment of efficiency and
effectiveness, but also recommendations for improvement. When performed by audit firms,
such audits are likely to involve individuals from the consulting department, or individuals
with extensive industry expertise, such as the audit staff.

iv) Forensic Audits

A forensic audit’s purpose is the detection or deterrence of a wide variety of fraudulent

activities. The use of auditors to conduct forensic audits has grown significantly, especially
where the fraud involves financial issues. Some examples where forensic audit might be
conducted include
 Business or employee fraud,
 Criminal investigations,
 Shareholder and partnership disputes,
 Business economic losses,
 Matrimonial disputes.

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 4

For example, in a business fraud engagement, an audit might involve tracing funds or asset
identification and recovery. An employee fraud investigation might involve the existence,
nature, extent, and identification of the perpetrator of asset misappropriation. A forensic audit
can also be conducted to trace and locate assets in a divorce proceeding.

Figure 1.1: Compares some of the significant differences between various types of audits:
financial statements audits, compliance audits, audit reports on internal control, and
operational audits.
Type of Audit Financial Compliance Operational Audit Audit Report on
Statement Audit Audit Internal Control
Assertion about Presentation of Claims or data Operational or Adequacy of system
economic financial position, pertaining to performance data of internal control
actions and results of adherence to E,g. No. of payroll records over financial
events operations, and policies, laws, processed in a month, reporting
cash flows regulations, etc. costs of a department
Established IFRS/IAS Management’s Objectives set by Various criteria for
criteria policy or laws management/ Company evaluating internal
and regulations, standards for efficiency & controls
Loan agreement effectiveness
provisions
Communication Opinion of Summary of Summary of findings Opinion of
of results independent findings or regarding efficiency and independent auditor
auditor assurance effectiveness observed
regarding degree
of compliance
Interested users Investors, Management, Management and board of Investors, creditors
creditors and board of directors and others
others directors, and
others

2.2 Classification by Primary Beneficiaries of the Audit

Based on primary audit beneficiaries (that is, those for whom the audit is conducted), audits
may be classified as:
(i) External audit, or
(ii) Internal audit

i) External Audit

External audit is conducted by an independent external auditor. This type of audit is usually
conducted to fulfil the requirement of the provisions of law. The qualified chartered certified
accountants or certified public accountants who are not connected with the preparation of
accounts or management of the organisation can be appointed as external auditor.

The auditor who conducts such an audit is ‘independent’ of the enterprise under audit, i.e.,
he is an independent professional who does not have any such relationship with the enterprise
as might adversely affect his ability to form an objective judgment about the financial

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 5

statements. The various matters relating to the procedures of audit, rights, duties and
liabilities of the auditor, their appointment procedures and presentation of reports are
provided in the concerned statute.
Independent financial audit is undoubtedly the most common type of audit. It is generally
conducted to ascertain whether the balance sheet and profit and loss account give a true and
fair view of the financial position and financial performance respectively of the enterprise
under audit.

ii) Internal Audit

Internal audit is conducted by specially assigned staff within the organisation. It is an audit
through which a thorough examination of the accounting transactions as well as the system
according to which these transactions have been recorded is conducted. The internal audit is
undertaken to verify the accuracy and authenticity of the financial accounting and statistical
records presented to the management. The scope and objectives of internal audit vary widely
and are dependent upon the size and structure of the entity and the requirements of its
management.

The difference between independent financial audit and internal audit can be outlined in the
following ways:

Figure 1.2: Compares some of the significant differences between the two types of auditors
Points of Independent Financial Audit
Difference [External Audit] Internal Audit
1. Nature It is conducted for reporting on It is conducted with a view to
the reliability and fairness of the checking adherence to norms and
financial statements. established procedures and
protecting the assets of the
organisation.
2. Qualifications The external auditor must possess No specific qualification is required
specific qualification as to be possessed by the internal
prescribed by the respective auditor.
statute.
3. Scope of work This type of audit must be The scope of work of the internal
complete in all respects. Its scope audit is determined by the
cannot be curtailed in any way by management.
the management.
4. Purpose The objective of this type of audit The basic objective of internal audit
is to protect the interests of the is to improve performance,
owners and other parties related to efficiency and profitability of the
the enterprise. enterprise.
5. Appointment The external auditors are usually The internal auditor is appointed by
of Auditor appointed by the owners and in the management.

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 6

 some cases by the government.
6. Status The auditor is an outsider and
independent person. He is not
bound by any rules and
regulations of the organisation.
7. Continuity The external audit may be
periodical or continuous in nature.
8. Advice or Giving advice or recommendation
recommendation is not part of external auditor's
duty. He will only report on the
financial statement as prepared by
the management.
The internal auditor is an employee
of the organisation. He is bound by
the rules and regulations of the
organisation.
The internal audit is continuous in
nature. It is carried out throughout
the year.
The internal auditor may give
advice to the management for taking
some corrective measures against
irregularities in the organisation's
accounts.

3. TYPES OF AUDITORS

There are a number of different types of auditors; however, they can be classified under four
headings; external/independent auditors, internal auditors, government auditors, and forensic
auditors. One important requirement of each type of auditor is independence, in some manner
from the entity being audited.

i) Independent Auditors

Independent auditors are usually CPAs (or ACCAs) who are either individual practitioners
or members of public accounting firms who render professional auditing services to clients.
In general, licensing involves passing the uniform CPA (or ACCA) examination and
obtaining practical experience in auditing. By virtue of their education, training, and
experience, independent auditors are qualified to perform each type of audit described
previously. The clients of independent auditors may include profit making business
enterprises, not-for-profit organizations, and governmental agencies.

Like members of the medical and legal professions, independent auditors work on a fee basis.
There are similarities between the role of an independent auditor in a public accounting firm
and an attorney who is a member of a law firm. However, there is also a major difference:
The auditor is expected to be independent of the client in making an audit and in reporting the
results, whereas the attorney is expected to be an advocate for the client in rendering legal
services. Users rely on the auditor’s independence and derive value from the fact that the
auditor is unbiased with respect to the client under audit.

ii) Internal Auditors

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 7

Internal auditors are employees of the organizations they audit. This type of auditor is
involved in an independent evaluation of evidence, called internal auditing, within an
organization as a service to the organization. The objective of internal auditing is to assist the
management of the organization in the effective discharge of its responsibilities.

The scope of the internal audit function extends to all phases of an organization’s activities.
Internal auditors are primarily involved with compliance and operational audits. However,
the work of internal auditors may supplement the work of independent auditors in financial
statement audits.

iii) Government Auditors

Government auditors are employed by various local, state, and federal governmental
agencies. They conduct comprehensive audits which combine elements of financial report,
compliance and performance auditing. In Ethiopia, Auditor General Office performs audits of
governmental offices & public-sector entities, such as hospitals. These auditors perform
Value-for-Money audits as part of Comprehensive Auditing. Comprehensive Auditing has
three facets:
1. The traditional financial attest audit;
2. A Compliance Audit. In the private sector the auditor tests compliance with corporate
policies, including those on control procedures; in the public sector the auditor tests
compliance with government statutes;
3. The Value-for-Money or Operational Audit, which evaluates economy, efficiency and
effectiveness. Effectiveness refers to the accomplishment of objectives whereas
efficiency refers to the resources used to achieve those objectives. Economy means
that resources are acquired in appropriate quantities when needed at the right price.
The auditor will assess whether” …financial, human and physical resources are
managed with due regard to economy, efficiency and effectiveness…”

iv) Forensic Auditors

Forensic auditors are employed by corporations, government agencies, public accounting

firms, and consulting and investigative services firms. They are trained in detecting,
investigating, and deterring fraud and white-collar crime. Some examples of situations where
forensic auditors have been involved include
 Analysing financial transactions involving unauthorized transfers of cash between
companies,
 Reconstructing incomplete accounting records to settle an insurance claim over
inventory valuation,
 Proving money-laundering activities by reconstructing cash transactions,
 Investigating and documenting embezzlement, and negotiating insurance settlements.
4. AUDITING AND ACCOUNTING

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 8

The basic function of accounting is to record the economic events that have the effect in
changing the financial position of an organisation and to prepare the financial statements at
the end of a particular accounting period. On the other hand, auditors are appointed in the
organisation to check the authenticity and reliability of the books of accounts maintained by
the organisation and the relevant documents preserved to support the transactions. After
proper checking, the auditor is supposed to submit a report to the owners of the organisation
to state whether the books of accounts give a true and fair view of the state of the affairs of
the organisation as disclosed in the financial statements. If the books of accounts fail to give a
true and fair picture of the financial activities of that organisation, the auditors will report
accordingly.

In the light of these two concepts about the functions of accounting and auditing, it can be
said that auditing is a technique of accounting control. The accountants know that if there is
any irregularity in maintaining the books of accounts, the auditor will report against that
irregularity.

In general, it can be said that accounting is essentially a creative process which involves
identifying, organizing, summarizing and communicating information about economic
events. Auditing, on the other hand, is essentially a critical (or evaluative) process. It
involves gathering and evaluating audit evidence and communicating conclusions based on
this evidence about the fairness with which the communication resulting from the accounting
process (that is, the financial statements) reflects the underlying economic events.

5. QUALITIES OF AN AUDITOR

Besides the statutory requirement about the qualification of an auditor, he must possess the
following qualities:
 An auditor must possess the necessary technical ability and knowledge to audit
accounts.
 He must be conversant with the relevant provisions of the companies and other
regulations and with both best current accounting practices and current auditing
practices.
 He must be objective both in formulating his opinions and in expressing them without
bias.
 He must have integrity. Once he has formed his opinion, he must be prepared to
express it clearly without fear and favour.
 He must be methodical in his work. An auditor who leaves loose ends will find
himself open to allegations of negligence.
 He should have an inquiring mind. An auditor must recognise suspicious
circumstances, and once his suspicion has been aroused, he has a duty to probe
matters to the bottom.
 He also needs to be tactful and practical in his dealings with his clients.

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 9

  An auditor must be independent and must be careful not to compromise his
independence.

6. NEED FOR ASSURANCE

Why do you need assurance? More importantly, can we generalize from the reasons you
might need assurance to the broader market for assurance services? The need for assurance
services arises because of several factors:

• Potential bias in providing information, i.e., the providing party may want to convey
a better impression than real circumstances merit
• Remoteness between a user and the organization or trading partner
• Complexity of the transactions, information, or processing systems such that it is
difficult to determine their proper presentation without a review by an independent
expert
• Need to minimize financial surprises

i) Potential Bias: Management has a vested interest in providing information that will make
management look good. Management has inside information that they may or may not want
to share with users. For example, management’s compensation may be tied to company
profitability or stock price and they may want to “bend” IFRS to make their performance
look better. There must be an unbiased arbiter to ensure fairness to users. That is the audit
function.

ii) Remoteness of Users" The Internet has enabled us to become a global society. The
advantages are tremendous, but a significant disadvantage is that we no longer either know or
interact directly with many parties, including those in which we might own stock. Most users
cannot interview management, tour a company’s plant, or review its financial records
firsthand; instead, they must rely on the financial statements to communicate the results of
management’s performance.

iii) Complexity: Many business transactions are more complex than they were a decade ago.
Third-party users depend on managers and auditors to deal with complexities such as
financial instruments, derivatives, long-term contracts, and other complex transactions to
ensure that they are fairly presented and fully disclosed in financial statements.

iv) Avoid Surprises: Research shows that, for instance in USA, many financial statement
users such as pension funds, private investors, venture capitalists, and banks lost billions of
dollars because financial information and, in some instances, the audit function had become
unreliable. Financial statements were restated because misstatements were found subsequent
to the original issuance of the statements. The reasons for the restatements varied, but ranged
from (a) misapplication of Accounting Standards, (b) outright fraud, (c) aggressive
accounting—for example in developing estimates, and (d) recording sales transactions in the

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 10

wrong period. The surprises most often were negative restatements that showed decreases in
earnings and equity. Usually, the restatements were followed by precipitous drops in stock
prices—and in a number of cases—bankruptcy.

These four conditions collectively contribute to information risk, which is the risk that the
financial statements may be incorrect, incomplete, or biased. Investors, creditors, labour
organizations, government and private analysts, and others depend on reliable information to
formulate economic decisions. Even so, these parties do not expect all information to be
completely risk free. Auditors assume a social role of attesting to published financial
information, thereby offering users some assurance that the information risk is low. Thus, it
can be said that financial statement audits enhance the credibility of financial statement by
reducing information risk.

7. ASSURANCE ENGAGEMENTS

7.1 Assurance Engagements Defined:

'Assurance engagement means an engagement in which a practitioner

(professional accountant or auditor), expresses a conclusion (in report form) that is
designed to enhance the degree of confidence users have about the evaluation of a
subject matter against identified criteria.'

‘Assurance’ means confidence. In an assurance engagement, an ‘assurance firm’ is engaged

by one party to give an opinion on a piece of information that has been prepared by another
party. The opinion is an expression of assurance about the information that has been
reviewed. It gives assurance to the party that hired the assurance firm that the information can
be relied on.

An assurance engagement performed by a practitioner will consist of the following five

elements:

1. A three-party relationship:

 Practitioner – the individual providing professional services that will review

the subject matter and provide the assurance. E.g. the audit firm in a statutory
audit
 Responsible party – the person(s) responsible for the subject matter. E.g. the
Directors are responsible for preparing the financial statements to be audited
 Intended users – the person(s) or class of persons for whom the practitioner
prepares the assurance report. E.g. the shareholders in a statutory audit

2. Subject matter: This is the data such as the financial statements that have been
prepared by the responsible party for the practitioner to evaluate. Another example
might be a cash flow forecast to be reviewed by the practitioner.

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 11

 3. Suitable criteria: This can be thought of as ‘the rules’ against which the subject
matter is evaluated in order to reach an opinion. In a statutory audit this would be the
applicable reporting framework (e.g. IFRS and company law).

4. Evidence: Information used by the practitioner in arriving at the conclusion on which

their opinion is based. This must be sufficient (enough) and appropriate (relevant).

5. Assurance Report: The report (normally written) containing the practitioner’s

opinion. This is issued to the intended user following the collection of evidence.

 Examples of assurance engagements include:

 Annual external audit of financial statements (‘statutory’ assurance)
 Half-year review of results
 Going concern review
 Review of effectiveness of an entity's IT system
 Review of compliance with corporate governance requirements

 An assurance report provides the following benefits to the users of financial information:
 Independent opinion from an external source that enhances the credibility of the
information
 Management bias is reduced
 Modified opinion draws attention to risk
 The relevance of the inf

7.2 Levels of Assurance

The degree of assurance that can be provided about the reliability of the financial statements
of a company will depend on:

 the amount of work performed in carrying out the assurance process, and
 the results of that work.

The resulting assurance falls into one of two categories:

 Reasonable Assurance - A high (but not absolute) level of assurance provided by

the practitioner’s conclusion expressed in a positive form. E.g. “In our opinion the
accounts are true and fair”.

The objective of a statutory audit is to provide reasonable assurance.

 Limited Assurance - A moderate level of assurance provided by the practitioner’s

conclusion expressed in a negative form. E.g. “Based on our review, nothing has
come to our attention that causes us to believe that the accompanying financial
statements do not give a true and fair view”.

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 12

 The objective of a review engagement is often to provide limited assurance.

Reporting different levels of assurance- The assurance report of a reasonable assurance

engagements contains a positive expression of the conclusion whereas the assurance report of
a limited assurance engagements contains a negative form of expression of the conclusion.

Positive expression
Negative expression
No assurance expression
'In our opinion internal control is effective, in all material respects,
based on XYZ criteria.'
'Based on our work described in this report, nothing has come to
our attention that causes us to believe that internal control is not
effective, in all material respects, based on XYZ criteria.'
' We do not express our opinion....'

Reasonable assurance: The objective of a reasonable assurance engagement (audit) is a

reduction in assurance engagement risk to an acceptably low level, and this is associated with
a positively expressed assurance opinion (such as that the financial information is true and
fair).

No auditor can give 100% assurance. The highest level of assurance given, as in the case of
statutory audit, is described as 'reasonable assurance'.

'Reasonable assurance' is less than absolute assurance. Reducing assurance engagement risk
to zero is very rarely attainable or cost beneficial as a result of factors such as the following:

(a) The use of selective testing,

(b) The inherent limitations of internal control,
(c) The fact that much of the evidence available to the practitioner is persuasive rather than
conclusive,
(d) The use of judgement in gathering and evaluating evidence and forming conclusions
based on that evidence, and
(e) In some case, the characteristics of the subject matter when evaluated or measured
against the identified criteria.

Limited assurance: The objective of a limited assurance engagement (review) is a reduction

in assurance engagement risk to a level that is acceptable in the circumstances—but where
the remaining risk is greater than with a reasonable assurance engagement—and this is
associated with a negatively expressed assurance opinion (negative assurance), such as that
nothing has come to the auditor’s attention to persuade them that the information has been
materially misstated.

Differences between reasonable assurance engagements and limited assurance

engagements
Type of engagement Evidence-gathering procedures The assurance report
Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 13
Reasonable assurance Sufficient appropriate evidence is obtained Description of the
Engagement as part of a systematic engagement process engagement
that includes: circumstances, and a
eg statutory audit  Obtaining an understanding of the positive expression of
engagement circumstances the conclusion
 Assessing risks
 Responding to assessed risks (see table above)
 Performing further procedures using a
combination of inspection, observation,
confirmation, re-calculation,
reperformance, analytical procedures and
inquiry.
Limited assurance Sufficient appropriate evidence is obtained Description of the
Engagement as part of a systematic engagement process engagement
that includes obtaining an understanding of circumstances, and a
eg review of half-year the subject matter and other engagement negative form of
accounts circumstances, but in which procedures are expression of the
deliberately limited relative to a reasonable conclusion
assurance engagement.
(see table above)
The procedures may include only inquiry and
analytical procedures.

Assurance can be provided by:

 audit: this may be external audit, internal audit or a combination of the two
 review.
A statutory audit is one form of assurance. Without assurance from the auditors, the
shareholders may not accept that the information provided by the financial statements is
sufficiently accurate and reliable. The statutory audit provides assurance as to the quality of
the information.

The provision of this assurance should add credibility to the information in the financial
statements, making the information more reliable and therefore more useful to the user.

However, there are differing levels or degrees of assurance. Some assurances are more
reliable than others.

Assurance Provided by Audit

An audit provides a high, but not absolute, level of assurance that the audited information is
free from any material misstatement. This is often referred to as reasonable assurance.

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 14

The assurance of an audit may be provided by external auditors or internal auditors.

 An external audit is performed by an appropriately qualified auditor, appointed by

the shareholders and independent of the company.

 Internal audit is a function or department set up within an entity to provide an

appraisal or monitoring process, as a service to other functions or to senior
management within the entity. Typically, internal auditors are employees of the entity.
However, it is also common for entities to ‘outsource’ their internal audit function,
and internal audit work is sometimes carried out by firms of external auditors.
Many of the practical auditing procedures that will be described in later chapters are the same
for both internal and external audit work.

Assurance Provided by Review

A review is a ‘voluntary’ investigation. In contrast to ‘reasonable’ level of assurance

provided by an audit, a review into an aspect of the financial statements would provide only a
moderate level of assurance that the information under review is free of material
misstatement. The resulting opinion is usually (although not always) expressed in the form of
negative assurance.
Negative assurance is an opinion that nothing is obviously wrong: in other words, ‘nothing
has come to our attention to suggest that the information is misstated’.

A review does not provide the same amount of assurance as an audit. An external audit
provides positive assurance that, in the opinion of the auditors, the financial statements do
present fairly the financial position and performance of the company.

The higher level of assurance provided by an audit will enhance the credibility provided by
the assurance process, but the audit work is likely to be:

 more time-consuming than a review, and so

 more costly than a review.
Negative assurance is necessary in situations where the accountant/auditor cannot obtain
sufficient evidence to provide positive assurance. For example, the management of a client
entity may ask the audit firm to carry out a review of a cash flow forecast. A forecast relates
to the future and is based on many assumptions, and an auditor therefore cannot provide
positive assurance that the forecast is accurate. However, he may be able to provide
negative assurance that there is nothing he is aware of to suggest that the forecast contains
material errors.

Related Services Engagement

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 15

Another type of engagement, termed a related services engagement, which covers in
particular an agreed-upon procedures engagement. While this type of engagement involves
the use of assurance techniques such as evidence-collection procedures, it does not involve an
attempt to communicate a level of assurance. A significant difference of this type of
engagement from an assurance engagement is that the auditor does not have the discretion to
undertake evidence-collection procedures outside those that have been agreed upon. The
auditor therefore only issues a report of factual findings to the parties that have agreed to the
procedures being performed, in which no conclusion is communicated and which therefore
expresses no assurance. However, it provides the user with information to meet a particular
need, from which the user can draw conclusions and derive their own level of assurance as a
result of the auditor’s procedures.

7.3 Engagements to Review Financial Statements (ISRE 2400)

For a review of historical financial statements, management asserts that the statements are
fairly stated in accordance with accounting standards, the same as for audits. The auditor
provides a lower level of assurance for reviews of financial statements compared to a high
level for audits, therefore less evidence is needed.

A review is often adequate to meet financial statement users’ needs. It can be provided by the
audit firm at a much lower fee than an audit because less evidence is needed. Many non-
public companies use this attestation option to provide limited assurance on their financial
statements without incurring the cost of an audit.

A review may bring significant matters affecting the interim financial information to the
auditor’s attention, but it does not provide all of the evidence that would be required in an
audit. In a review, the auditor gathers evidence using inquiry, analytical procedures and
inspection on a limited basis.

The review report should contain a clear written expression of negative assurance. The
auditor should assess whether anything has come to the auditor’s attention based on the
review that causes the auditor to believe the financial statements do not give a true and fair
view (or ‘are not presented fairly, in all material respects,’) in accordance with the identified
financial reporting framework.

7.4 Assurance vs. Attestation vs. Audit

Sometimes the terms assurance, attestation, and audit are used interchangeably. However, in
the context of assurance services, they are related but differ on two fundamental dimensions:

o Existence of an outside third party that relies on the auditor’s opinion

o Nature of services provided
The broadest concept is that of assurance. Assurance services can be provided to management
or to external users. Assurance services include both attestation and audit services. Assurance
Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 16
services can be provided on financial information or on other information such as the quality
of business processes, the reliability of computer information systems, or the accuracy of
performance data. Attestation services are a subset of assurance services and always involve a
report that goes to a third party. For example, the auditor might provide a report to third
parties on the quality of a company’s internal control processes. The narrowest service is an
audit of a company’s financial statements. An audit is a crucial function that must be
performed reliably in order to have the financial statements work properly.

However, it should be noted that the audit is simply a subset of the other services that an
auditor can provide.

The processes used in performing audits of financial statements apply equally well to other
types of assurances. The difference is in the subject area knowledge and the specific evidence
that will need to be gathered to provide the assurance.

Examples of assurance engagements include:

 Annual external audit of financial statements (‘statutory’ assurance)
 Half-year review of results
 Going concern review
 Review of effectiveness of an entity's IT system
 Review of compliance with corporate governance requirements

8. ECONOMIC BENEFITS OF AUDIT

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 17

Among the economic benefits of financial statement audits are the following:
Access to Capital Markets: as noted previously, public companies must satisfy statutory
audit requirements under the federal securities acts of many countries in order to register
securities and have them traded on securities markets. In addition, stock markets may impose
their own requirements for listing securities. Without audits, companies would be denied
access to these capital markets and many private companies would be denied access to loans.

Lower Cost of Capital: Small companies often have financial statement audits to obtain
bank loans on more favourable borrowing terms. Because of the reduced information risk
associated with audited financial statements, creditors may offer loans with lower interest
rates.

Deterrent to Inefficiency and Fraud: Research has demonstrated that when employees
know that an independent audit is to be made, they take care to make fewer errors in
performing accounting functions and are less likely to misappropriate company assets. Thus,
that data in company records will be more reliable, and losses from embezzlements and the
like will be reduced. In addition, the fact that financial statement assertions are to be verified
reduces the likelihood that management will engage in fraudulent financial reporting.

Control and Operational Improvements: Based on observations made during a financial

statement audit, the independent auditor often makes suggestions to improve internal control,
to evaluate management’s assessments of business risks, to recommend improved
performance measures, and to make recommendations to achieve greater operational
efficiencies within the client’s organization. These benefits are especially valuable to small
and medium-sized companies.

A company’s management, including its board of directors, and shareholders find that the
significant benefits discussed above make the financial statement audit valuable.

9. LIMITATIONS OF AN AUDIT
A financial statement audit is subject to a number of inherent limitations. One constraint is
that the auditor works within fairly restrictive economic limits. Following are two important
economic limitations.

Reasonable Cost: a limitation on the cost of an audit results in selective testing, or sampling,
of the accounting records and supporting data. In addition, the auditor may choose to test
internal controls and may obtain assurance from a well-functioning system of internal
controls.

Reasonable Length of Time: the auditor’s report on many public companies is usually
issued three to five weeks after the balance sheet date. This time constraint may affect the
amount of evidence that can be obtained concerning events and transactions after the balance

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 18

sheet date that may have an effect on the financial statements. Moreover, there is a relatively
short time period available for resolving uncertainties existing at the statement date.

Another significant limitation is the established accounting framework for preparing financial
statements. Following are two important limitations associated with the established
accounting framework.

Alternative Accounting Principles: In some cases, alternative accounting

standards/principles are permitted under IFRS. Financial statement users must be
knowledgeable about a company’s accounting choices and their effect on financial
statements.

Accounting Estimates: Estimates are an inherent part of the accounting process, and no one,
including auditors, can foresee the outcome of uncertainties. Estimates range from the
allowance for doubtful accounts and an inventory obsolescence reserve to impairment tests
for fixed assets and goodwill. An audit cannot add exactness and certainty to financial
statements when these factors do not exist.

Despite these limitations, a financial statement audit adds credibility to the financial
statements.

REVIEW QUESTIONS

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 19

QUESTION ONE
After performing an audit, the auditor determines that
1) The financial statements of a corporation are presented fairly.
2) A company’s receiving department is inefficient.
3) A company’s tax return does not conform to the tax regulations.
4) A government supply depot is not meeting planned program objectives.
5) The financial statements of a physician are properly prepared on a cash basis.
6) A foreman is not carrying out his assigned responsibilities.
7) The Ministry of Culture is in violation of an established government employment
practice.
8) A company is meeting the terms of a government contract.
9) A municipality’s financial statements correctly show actual cash receipts and
disbursements.
10) The postal service in midtown is inefficient.
11) A company is meeting the terms of a bond contract.
12) A department is not meeting the company’s prescribed policies concerning overtime
work.
Required
i. Indicate the type of audit that is involved: (1) financial, (2) compliance, or
(3) operational.
ii. Identify the type of auditor that is involved: (1) independent, (2) internal,
(3) government-Auditor General Auditors, or (4) government -Tax Auditors.
iii. Identify the primary recipient(s) of the audit report: stockholders, management,
Parliament, and so on. Use the following format for your answers:

Type of Audit Type of Auditor(s) Primary Recipient(s)

QUESTION TWO
Offer your comment on the following statements—
1. Accounting is a necessity to business organisation but auditing is a luxury.
2. Accountancy begins where book keeping ends and where the work of an accountant
ends, the work of an auditor begins.
3. An auditor is not an insurer.
4. The relationship of auditing to accounting is close, yet their natures are different.
They are business associates, not parent and child.
5. Auditing does not mean ticking or checking totals.

QUESTION THREE

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 20

Match the engagement described to the (A) type of audit and (B) auditor that would perform
the engagement. Each engagement will have an answer from List-A and List-B. An answer
can be used once, more than once, or not at all.
List A - Type of Audit: List B - Type of Auditor:
A. Financial Statement B. Compliance D. Internal E. External
C. Operational F. Government G. ERCA

Engagement:
1. Evaluate a company's payroll processing for economy.
2. Evaluate/determine if bank covenants are being met.
3. Evaluate financial statements that are to be submitted to a bank.
4. Evaluate the promptness of materials inspection in a manufacturer's receiving
department.
5. Determine if Medicare reimbursements are in accordance with the Healthcare Financing
Administration (HCFA).
6. Determine if the tax return of a multinational corporation is in accordance with the tax
code.
7. Determine if a public school is properly applying their reimbursement for the payment-
in-kind program.
8. Determine the effectiveness of the department of defence starwars project.

QUESTION FOUR

1. In "auditing" financial accounting data, the primary concern is with:

A. determining whether recorded information properly reflects the economic events that
occurred during the accounting period.
B. determining if fraud has occurred.
C. determining if taxable income has been calculated correctly.
D. analysing the financial information to be sure that it complies with government
requirements.
2. Which of the following best describes the reason why independent auditors report on
financial statements?
A. A management fraud may exist and it is more likely to be detected by independent
auditors.
B. Different interests may exist between the company preparing the statements and the
persons using the statements.
C. A misstatement of account balances may exist and is generally corrected as the result of the
independent auditors' work.
D. Poorly designed internal control may be in existence.
3. An examination of part of an organization's procedures and methods for the purpose of
evaluating efficiency and effectiveness is what type of audit?
A. Operational audit.
B. Compliance audit.
C. Financial statement audit.
D. Production audit.
4. An audit to determine whether an entity is following specific procedures or rules set down
by some higher authority is classified as a(n):

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 21

A. audit of financial statements.
B. compliance audit.
C. operational audit.
D. production audit.
5. An operational audit differs in many ways from an audit of financial statements. Which of
the following is the best example of one of these differences?
A. The usual audit of financial statements covers the four basic statements, whereas the
operational audit is usually limited to either the balance sheet or the income statement.
B. The boundaries of an operational audit are often drawn from an organization chart and are
not limited to a single accounting period.
C. Operational audits do not ordinarily result in the preparation of a report.
D. The operational audit deals with pre-tax income.
6. The trait that distinguishes auditors from accountants is the:
A. auditor's ability to interpret IFRS
B. auditor's education beyond the Bachelor's degree.
C. auditor's ability to interpret ISAs.
D. auditor's accumulation and interpretation of evidence related to a company's financial
statements.
7. Financial statement users often receive unreliable financial information from companies.
Which of the following is not a common reason for this?
A. Complex exchange transactions.
B. Voluminous data.
C. Remoteness of information.
D. Each of these choices is a common reason for unreliable financial information.

QUESTION FIVE
Dani Lemma, an engineer, is the president of Dama Engineering. At a meeting of the board of
directors, Dani was asked to explain why audits of the company are made by (1) internal
auditors, (2) independent auditors, and (3) government auditors. One board member suggested
that the company’s total audit expense might be lower if all auditing was done by internal
auditors. Dani was unable to distinguish between the three types of auditors or to satisfactorily
respond to the board member’s suggestion.
Required
i. Explain the different kinds of audits made by each type of auditor.
ii. Comment on the board member’s suggestion to have all auditing done by internal
auditors.

QUESTION SIX

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 22

The following two statements are representative of attitudes and opinions sometimes
encountered by Certified Accountants in their professional practices:
1. Today’s audit consists of test checking. This is dangerous because test checking
depends on the auditor’s judgment, which may be defective. An audit can be relied on
only if every transaction is verified.
2. An audit by a Certified Accountant is essentially negative and contributes to neither
the gross national product nor the general well-being of society. The auditor does not
create; he merely checks what someone else has done.

Required: Evaluate each of the above statements and indicate:

a) Areas of agreement with the statement, if any.
b) Areas of misconception, incompleteness, or fallacious reasoning included in the
statement, if any.

QUESTION SEVEN

1. Which of the following are NOT an element of an assurance engagement?

A. The user of the information.
B. The Auditor.
C. A court of law.
D. The preparer of the information.
2. Which of the following would you associate with a Limited Assurance Engagement?
A. A report containing positive assurance from the Auditor.
B. A high level of assurance.
C. A report containing negative assurance from the Auditor.
D. A large amount of detailed testing and large sample sizes.
3. Why can the auditor not give absolute assurance?
A. Not 100% of the transactions in the year are tested.
B. The Auditor is not qualified enough to understand all of the transactions.
C. Management will always lie to the auditor and cover up errors.
D. Not all of the balances are tested during the audit.
4. Which of the following statements referring to review engagements are correct?
i) A bank or 3rd party requires some assurance over the financial statements.
ii)A review engagement is not as detailed as a statutory audit.
iii)A review engagement provides a very high level of assurance.
iv)The report in a review engagement will be in the form of positive assurance.
A. All of the above.
B. i) and ii) only.
C. i), ii) & iii) only.
D. i), ii) & iv) only.
5. In the Audit Report the auditor gives their opinion on which of the following:
i) The truth and fairness of the financial statements prepared by management.
ii)The risk management system within the organisation.
iii)The internal controls within the organisation.
iv)Whether the financial statements were prepared in accordance with the appropriate
framework.

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 23

A. i) & ii) only.
B. All of the above.
C. None of the above.
D. i) & iv) only.
6. Which of the following services provides the lowest level of assurance on a financial
statement?
A. A review.
B. An audit.
C. Neither service provides assurance on financial statements.
D. Each service provides the same level of assurance on financial statements.

QUESTION EIGHT
Jimmy & Co are the auditors of Metal Co.Ltd. Metal Co Ltd. have approached the bank to
extend their overdraft limit in order to finance a short-term project they intend to undertake.
The bank has asked that cash flow projections be provided for the project and that assurance
be provided over the projections by Jimmy & Co.

Required: Explain the type of assurance engagement that will be undertaken by Jimmy and
Co, the form of assurance that will be provided in their report and why this type of assurance
is appropriate for a cash flow projection.

QUESTION NINE
The list below indicates various audit, attestation, and assurance engagements involving
auditors.

No List of Engagements involving Audit Attestation Assurance

. auditors Engagement Engagement Engagement
1. A report on the examination of a
financial forecast.
2. An evaluation of risk of investment
securities
3. A review report that provides
moderate assurance about whether
financial statements are fairly stated in
accordance with IFRS.
4. An auditor’s report on whether the
financial statements are fairly
presented in accordance with IFRS.
5. An evaluation of the effectiveness of
key measures used to assess an
entity’s success in achieving specific

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 24

 targets linked to an entity’s strategic
plan and vision.
6. A report on compliance with a royalty
agreement.
7. Auditors report on financial
statements submitted to a bank loan
officer.
8. Auditor’s information systems
security review

Required: For each of the services listed above, indicate the type of service (use ) from the
list that follows.
1) The audit of historical financial statements.
2) An attestation service other than an audit service.
3) An assurance service that is not an attestation service.

Auditing Principles & Practices I/Ch1/Student Notes/AAU/Oct, 2023/ Page 25