Summary

This document is a review of Module 1 and Module 2 concepts in ACC 372. It covers topics like assurance services, types of assurance, and the AICPA Code of Professional Conduct. The document explains the responsibilities of managers and auditors, and provides an overview of the different rules and principles of conduct.

Full Transcript

**[Module 1:]** [Assurance Services:] - **Why demanded/purpose:** - Owners of the company must hire managers (third parties) - Enhance reliability and assure accuracy - **Types (examples):** - ALL ATTESTATION SERVICES ARE ASSURANCE SERVICES - Other Assurance Servic...

**[Module 1:]** [Assurance Services:] - **Why demanded/purpose:** - Owners of the company must hire managers (third parties) - Enhance reliability and assure accuracy - **Types (examples):** - ALL ATTESTATION SERVICES ARE ASSURANCE SERVICES - Other Assurance Services \--\> no report required - Increases value for F/S users; makes sure that information is reliable - Examinations \--\> provides a high level of assurance - F/S Reviews \--\> (limited (negative/limited) assurance); "not aware" - F/S/ Audits \--\> (reasonable (positive) assurance); "are not i/c/w GAAP"; have limitations, not sure if all the information is given - How do you know which work to perform from the two options above? The amount of work that is done and the extent to which the work is done. Audits require more work. Reviews exist because they are cheaper and not every information user requires an audit. - What is the economic value of F/S audits? The economic value is the decrease in cost of capital. - Agreed-Upon Procedures - **Interrelationships** - **Independence** - \(1) no conflict of interest (not related to the information provider) - \(2) objective, unbiased, etc. - **Importance to the value of assurance services** - The financials are in conformity with GAAP [Financial Statement Services:] - **Management\'s responsibility for F/S:** - Prepare & present F/S are i/c/w GAAP - **Types/ Levels of assurance provided**: - F/S Reviews \--\> (limited (negative/limited) assurance); "not aware" - F/S/ Audits \--\> (reasonable (positive) assurance); "are not i/c/w GAAP"; have limitations, not sure if all the information is given - How do you know which work to perform from the two options above? The amount of work that is done and the extent to which the work is done. Audits require more work. Reviews exist because they are cheaper and not every information user requires an audit. - What is the economic value of F/S audits? The economic value is the decrease in cost of capital. - Is independence required for F/S Compilations? Why? No, because there is no assurance provided. - Generally, CPA helps client prepare the F/S - **Benefits of independent financial statement audits** - What is the independent auditor's responsibility? In conformity with GAAP - Perform audit procedures to acquire & evaluate evidence \--\> obtain reasonable assurance whether F/S i/c/w GAAP \--\> provide reasonable assurance via opinion in audit report on accompanying F/S - How do I decide what I'm going to audit? - Risk-based approach: - More risk, exert more effort - Materially (significant) misstated (something is not in conformity with GAAP) (MM) **[Module 2:]** [AICPA Code of Professional Conduct: ] - **Purpose** - Establishes a guideline for ethical behavior - Ensures to the public that CPAs are trustworthy - Code from auditing standards: benchmarks of quality for engagement - Professional Conduct: Profession behavior for all CPA's - **Applicability:** - Overarching ideals that establish the framework - **Rules** are enforceable - **Principles** are ideals - Interpretations of the rules in different contexts - Covered members: anyone that can influence the outcome of the engagement - Who are covered members: partners, family members - **Elements of the Code and differences among them** - **Rules of Conduct (in class & quiz)** - Independence - "in fact" & "in appearance" - In fact - "in mind" \-- intellectually honest, unbiased, uncompromised judgement - In appearance -- free from observable conflicts of interest - Integrity & Objectivity -- when performing any professional service, a member shall maintain objectivity & integrity, shall be free of conflicts of interest, and shall not knowingly misrepresent facts or subordinate judgement to others - General Standards - Professional Competence - Planning & Supervision - Due Professional Care (following standards) - Sufficient Relevant Data - Compliance with Standards -- comply with Engagement Standards for: Audits, Reviews & Compilations, Tax, Consulting, and other professional services - Confidential Client Information -- do not disclose confidential information without specific consent - Contingent Fees -- prohibited for F/S audits & reviews, tax, and other services - Advertising -- cannot be false, misleading, or deceptive to a reasonable person - Acts Discreditable - Discrimination/Harassment - Solicit/Disclose CPA Exam Q&As - Failure to Return Client Records - Negligence - **Behaviors required** - **Examples of violation of the Rules** [Independence:] - What is requited of the independence rule: "appearance" and "In fact" - Why do we both of these? We use what we observe to infer that we cannot - **Code of Professional Conduct Independence Rule** - Applies to covered members \--\> engagement team, other partners, CPA firm, immediate family members - Key: in position to influence engagement outcome - **Requirements of the SOX 2002 regarding maintaining auditor independence** - Prohibited services: - Bookkeeping - Financial Information System Design/Implementation - Tax Services -- unless pre-approved by audit committee - Five-year audit partner rotation - Ensuring independence - Prohibited consulting services - 5-year audit partner rotation - Audit committee must approve any other services - Audit Standard Setting? - Establish the PCAOB \--\> entity that sets the standards for public companies - Side note: AICPA establishes the standards for private companies - Monitoring Audit Quality - PCAOB \--\> Inspection process \--\> results are public \--\> greater than or equal to 100 public clients, then it's annually - AICPA \--\> Peer review \--\> results are private \--\> every 3 years - **AICPA Conceptual Framework** - Is a foundational document that guides CPAs in maintaining ethical behavior and professional integrity. It helps CPAs identify, evaluate, and address threats to compliance with the AICPA Code of Professional Conduct. The framework provides a structured approach for accountants and auditors to assess their independence. **[Module 3:]** [Responsibilities of Managers & Auditors:] - **Specific responsibilities for the financial statement** - Prepare & fairly present financial statements in conformity with GAAP - Ensure information quality via system of internal control over financial reporting - Provide auditor with information to perform audit - Overall management\'s assertion: free from MM (i/c/w GAAP) - Auditor is required to be independent, exercise due care (following the standards), and exercising professional judgement - i.e. everything in auditing is professional judgement, assess the risk of MM, have enough evidence to issue my opinion - Exercise professional skepticism - Recognize: fraud is possible (not everything could be fraud) - Attribute & task: questioning mind, critically evaluate evidence, follow up - **How auditors fulfill their responsibilities** - Provide reasonable assurance (highest level of assurance b/c you can't audit everything) whether F/S are presented fairly, in all material respects, in conformity with applicable financial reporting framework - Consider risks \[F/S are materially misstated (MM) or not i/c/w GAAP\] \--\> plan audit to detect MM \--\> acquire evidence \[determine whether F/S free from MM or i/c/w GAAP\] \--\> issue audit report and provide opinion whether F/S are i/c/w GAAP - Assertions about F/S Elements: Existence and Valuation - 2 risks of MM: inherent risk (MM before we consider internal control) and control risk (risk that internal control fails to detect MM) - Plan audit procedures \--\> obtain evidence (relate to AR model: this is how I manage detection risks) - **Management\'s overall assertion on F/S** - Design, implement, & maintain policies & procedures to ensure 3 objectives - Efficient & effective operations - Compliance with laws & regulation - Reliable financial reporting - Issue opinion on F/S: i/c/w GAAP and this is where audit risk falls [Misstatements:] - **Meaning** - not in conformity with GAAP - How management's assertions of Existence and Valuation can be misstated - **Causes of misstatements and differences among them** - MA: misappropriation of asset - FFR: fraudulent financial reporting \--\> this one involves accounting - Error: gathering & processing data, applying GAAP, misinterpreting facts - Fraud: misappropriation of assets (MA) & Fraudulent Financial Reporting (FFR) - **Types of fraud and examples of them** - Fraud Triangle - Incentives & pressures? - Compensate management (compensation related to financial performance) - Meeting EPS forecasts (meeting expectations of the market) - Avoiding debt covenant violations - Opportunities? - Presumed FFR (revenue recognition & management override of internal control) - Estimates - Complex accounting policies - **The three fraud risk factors** - Incentives & pressures - Opportunities - Attitudes & rationalization - **Important FFR risks** - Incentives and pressures - Compensation tied to financial performance - Meeting analysts EPS forecasts - Meeting debt covenants - Opportunities - Revenue recognition - Management override - estimates - **Identifying fraud risk factors in context** - Substantive procedures \--\> used to detect misstatements - Scope \--\> Nature, Extent, Timing [Materiality:] - **Defined, Importance, Types and meaning of each** - Substantial likelihood fact would\... - Change/influence judgement of reasonable F/S user - Alter "total mix" of information available to users - What makes a misstatement material? If that misstatement would influence the judgement of a F/S user - Quantitatively: amount (\$) - Qualitatively: nature of transaction and disclosures & effect of correcting identified misstatements - **Determining quantitative materiality thresholds** - Materiality for F/S as a whole - Particular classes of transactions., accounts, or disclosures - Performance materiality - Depends on certainty about \$\$\$ - **Identifying qualitative materiality considerations** - Depends on type of misstatement - **When materiality is considered and how materiality is used** - Planning \--\> determining SCOPE of work to be performed - Evaluating detected misstatements [Auditing Standards:] - Why auditing standards are important - Changes in auditing profession introduced by SOX 2002 - Responsibilities of the PCAOB - Common requirements of PCAOB auditing standards and AICPA GAAS - Differences between the sets of standards - Professional skepticism - How audit quality is monitored **[Module 4:]** [Audit Risk Model:] How are I/R and C/R related? No relationship, independent - A/R = Inherent risk \* control risk \* detection risk - A/R = set at acceptable level by the audit firm - I/R = risk MM before considering I/C - C/R = risk I/C fails to prevent or detect & correct MM - D/R = risk auditor fails to detect MM; managed by auditor to acceptable level - Audit risk - Risk auditors unknowingly fail to modify opinion on F/S that are MM - Set at acceptable level by the audit firm - Inherent risk - I/R: Nature of my client, nature of their industry, nature of their accounting policies & disclosures, and preliminary analytical procedures (numbers between last year to this year) - How does the auditor assess I/R? - Obtain understanding of client/environment/accounts/disclosures - Identify fraud risks - Reiew results from prior audits - Perform preliminary analytical procedures - Control risk - - How does the auditor assess C/R? - Step 1. understand design & implementation of I/C - Step 2. "further audit procedures" - C/R: risk I/C fails to prevent or detect & correct MM - understand client's system of internal control (design & implementation), if they fail = C/R is high & if it's working = C/R is low - How does the auditor assess C/R? - What are the components of a system of internal control? - Control environment - "tone at the top" - Risk assessment by management - Information & communication - Monitoring - Control activities - Detection risk - D/R: i can assess it, how? Standard procedures (to detect misstatements) - Risk auditor fails to detect MM - Risk of MM (I/R & C/R) increase - Detection Risk (D/R) decrease - Inverse relationship between MM and D/R [Relating Audit Risk Model to Audit Engagement Timeline:] - Planning - Tests of controls - Risk assessments - Managing detection risk via audit effort - How auditor changes the scope of substantive procedures in response to changes in risks of MM - The temporal order of an audit engagement [Internal Control:] - Defined - Process, established by the entity's board of directors, management, & personnel, that is designed to provide reasonable assurance regarding achievement of the entity's objectives - Objectives - Efficient & effective operations - Compliance with laws and regulations - Reliable financial reporting - Contextual factors related to components - Control environment - Risk assessment - Information & communication - Monitoring - Control activities

Use Quizgecko on...
Browser
Browser