Audit: Introduction and Process PDF
Document Details
Uploaded by PrivilegedAustin
Santo Tomas College of Agriculture, Sciences and Technology
Arielle Angelique B. Macaraeg
Tags
Related
- Post-Graduate Certificate in Advanced Professional Accounting PDF
- Post-Graduate Certificate in Advanced Professional Accounting - Auditing Fundamentals PDF
- Audit in Mining Industry PDF
- Auditing Standard No. (1) PDF
- Week 6 Unit 5 Audit Responsibilities and Objectives 14.10.2024 (3) PDF
- Reviewer Audit PDF
Summary
This document is a presentation on audit introduction and process. It covers topics like agendas, audit definitions, and Philippine Standards on Auditing. The presentation seems to be geared towards professionals in the accounting field.
Full Transcript
Audit: Introduction and Process Speaker: Arielle Angelique B. Macaraeg, CPA, CTT Agendas Financial Statement SCP methodology Audit Basic Information Criteria & Standards to follow FS Audit Process Skills Required Audit definition by American Accounting As...
Audit: Introduction and Process Speaker: Arielle Angelique B. Macaraeg, CPA, CTT Agendas Financial Statement SCP methodology Audit Basic Information Criteria & Standards to follow FS Audit Process Skills Required Audit definition by American Accounting Association A systematic process of objectively obtaining and evaluating evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between these assertions and established criteria and communicating the results to interested users. Philippine Standards on Auditing (Para A1) This Philippine Standard on Auditing (PSA) establishes the independent auditor’s overall responsibilities when conducting an audit of financial statements in accordance with PSAs. Specifically, it sets out the overall objectives of the independent auditor, and explains the nature and scope of an audit designed to enable the independent auditor to meet those objectives. It also explains the scope, authority and structure of the PSAs, and includes requirements establishing the general responsibilities of the independent auditor applicable in all audits, including the obligation to comply with the PSAs. The independent auditor is referred to as “the auditor” hereafter. https://aasc.org.ph/wp-content/uploads/2021/11/PSA220-Quality-Management-for-an-Audit-of-Financial-Statements.pdf What is the purpose of an audit? Who is the responsible for the preparation of the financial statements? Management Purpose of Audit The purpose of an audit is to enhance the degree of confidence of intended users in the financial statements. This is achieved by the expression of an opinion by the auditor on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework. In the case of most general purpose frameworks, that opinion is on whether the financial statements are presented fairly, in all material respects, in accordance with the framework. An audit conducted in accordance with PSAs and relevant ethical requirements enables the auditor to form that opinion. (PSA 200 para A3) https://aasc.org.ph/wp-content/uploads/2021/11/PSA220-Quality-Management-for-an-Audit-of-Financial-Statements.pdf Types of Audit Types of Auditor Internal Auditors External Auditors Government Auditors Forensic Auditors The Independent FS Audit Responsibility for the FS What is the responsibility of the auditor? Form and express and opinion on these financial statements based on his audit. The Independent FS Audit Responsibility for the FS Assurance provided by the auditor What type of assurance is provided by the FS auditor? Reasonable assurance, not absolute assurance that FS taken as a whole are free from material misstatements. The Independent FS Audit Responsibility for the FS Assurance provided by the auditor The use of testing/ Sampling Risk Error in application of judgment / Non Sampling risk Reliance on management’s representation Inherent limitations of the client’s accounting and internal control system Nature of evidence General principles governing the audit of FS Code of Professional Ethics for CPAs promulgated by BOA Philippine Standards on Auditing Professional skepticism Theoretical framework on Auditing Audit function The auditor should There should be no Effective internal operates on the always maintain long-term conflict control system assumption that all independence with between the auditor reduces the possibility financial data are respect to the FS and the client of errors and fraud verifiable under audit management effecting the FS Theoretical framework on Auditing What was held true In the Consistent application of past will continue to hold An audit benefits the GAAP or PFRS results in fair true in the future in the public presentations of FS absence of known conditions to the contrary Generally Accepted Auditing Standards General Have adequate technical training and proficiency Maintain independence in fact and appearance Standards Exercise due professional care Standards on Adequately plan the work of the audit Obtain a sufficient understanding of the entity, environment & its internal control Fieldwork Obtain sufficient appropriate audit evidence Standards on State FS are in conformity with GAAP Implicitly state the principles have been consistently applied Implicitly state that the entity has disclosed all information Reporting Express and opinion PSA Adopted International Standards International Standards on Auditing (ISAs) International Standards on Assurance Engagements (ISAEs) International Standards on Review Engagements (ISREs) International Standards on Related Services (ISRSs) International Standards on Quality Control (ISQCs) System of Quality Control Elements Ethical Requirements Integrity Objectivity Acceptance Leadership Professional competence and and Human responsibilities due care Engagement Independence continuance of resources and Monitoring for Quality on Confidentiality performance client assignment audits Professional behavior relationships Three Main Phases of the Audit II. III. I. AUDIT SUBSTANTIVE CONCLUDING PLANNING TESTING PROCEDURES Phase I AUDIT PLANNING Under a risk-based approach, audit planning takes the most time of the audit. Under audit planning, we do: A. Planning and Risk Identification B. Strategy and Risk Assessment A. Planning and Risk Identification Procedures Performed Under Planning and Risk Identification Phase Client acceptance and re-acceptance (CAR) Check for any independence conflict Engagement proposal Understand the client’s business and industry Understand entity-level controls CAR Procedures Understanding of the client’s business starts with the acceptance and continuance procedures. Accepting the right client is the key to avoid audit failure Evaluate the client’s background & the reason for the audit. Determine whether the auditor is able to meet the ethical requirements regarding the client. Determine need for other professionals. Communicate with predecessor auditor. Prepare client proposal. Select staff to perform the audit. Obtain an engagement letter. NB: This form should be prepared for all clients and approved by partners before the issuance of engagement letters. Accordingly, this should be prepared, if necessary, at the concluding phase of the current year audit and updated as necessary before sending the engagement proposal for the following year. Independence All members of the engagement team must be independent from the client all throughout the audit. Aside from the yearly independence conflict, we also document our independence from the client via the completion of Engagement Independence Confirmation document Understanding the Client’s Business and Industry Nature of the entity and its environment (Industry, market and operations Management owners Suppliers Accounting policies and information system Financial performance and reporting Compliance with laws and regulatory requirements Outstanding lawsuits and legal correspondence Related party relationships and transactions Status of management’s going concern assessment Role of IT in the entity When should we complete the “understanding the business” procedure? ANS: Understanding the business is done throughout the audit. Understanding the Entity-Level Controls Understanding of the entity and its environment in which it operates enables us to: Identify and assess risk of material misstatements at: ❖ the financial statement and: ❖ assertion levels Identify whether these risks could be due to fraud or error Note that the risks are considered in developing the audit strategy that respond to these risks Understand entity-level controls Entity level controls pertain to those aspects of internal controls that have pervasive impact on the Company’s controls Attitude, awareness, actions of Control environment management/owners (TCWG) How owners/management consider Risk assessment risks and take actions to address them Monitoring Anti-fraud controls; IT general controls Capture events that affect reporting; Communicating reporting roles and Information and communication responsibilities High-level activities that monitor Control activities controls/overall accountability Materiality Determine Materiality When determining the User expectations: Public entities often use a standard of 5% of income before taxes, while non-public entities may lean towards appropriate the lower end of this range if user perceptions are highly sensitive to reported earnings. measurement Previous year's materiality measures: Past assessments of materiality in similar conditions can provide valuable insights. percentage, Alternative measures: Industry standards like prevailing return on investment benchmarks can offer additional perspectives. engagement Entity's perspective: Input from the board or management teams should regarding materiality can inform the team's assessment. High-risk engagements: For clients posing greater risk, it's take into account advisable to opt for percentages at the lower ends of the ranges. several factors: Determine Materiality Two Levels: Planning Materiality (PM) At the overall level, as it relates to financial statements Tolerable error (TE) [previously called in SCP as Performance Materiality] At the individual account level Nominal amount (NA) Nominal amounts are determined in posting audit differences to the Summary of Audit Differences (SAD) Determine Materiality Remember: TE is used as a basis for determining testing threshholds, while SAD NA is used to establish a threshhold for clearly trivial misstatements. We are changing the term “performance materiality (PM) to tolerable error (TE) to easily distinguish planning materiality (PM) from performance materiality (PM) We are also changing the term “audit difference posting threshhold (ADPT) to a more understandable and easier to remember term of nominal amount (NA) Guidelines for Benchmark Selection Change in Normalized Total net assets EBIT EBIT Revenues Assets Equity or liabilities Public Entities X Commercial entities operating under normal circumstances X Entities with volatile earnings X Entities operating at breakeven levels X X X Entities reporting losses X X Very small and closely-held entities X X X Entities under buy/sell agreements X X Not-for-profit/governmental entities X X Employee benefit plans X X Materiality Benchmarks. Benchmark Measurement Percentage Earnings before taxes: Public entity 5% Non-public entity 5% to 10% Normalized earnings before taxes: Public entity 5% Non-public entity 5% to 10% Total revenues 0.5% to 2% Total assets 0.5% to 2% Equity 1% to 5% Change in net assets of benefit plans 3% to 8% Total assets of benefit plans ¼% to ½% Claims and insurance premiums of health 3% to 8% and welfare plans Uses of Tolerable Error (TE) Tolerable error is a concept that enables the auditor to apply planning materiality at the individual account balance level. The concept is used to: Determine which accounts or group of accounts are significant Develop expectations at the desired precision level when performing analytics Determine the extent of testing when using a representative sample or testing various key items Conclude on the fairness of the presentation Summary of Audit Differences (SAD) IMPORTANT REMINDER: The Summary of Audit Differences (SAD) should be evaluated at the end of the audit to determine the impact of the aggregated uncorrected misstatements to the fairness of the financial statements and/or the affected individual account. The SAD evaluation should include not only amounts but also completeness (or lack thereof) of required disclosures. WORKSHOP TIME MATERIALITY COMPUTATION Phase I RECAP: AUDIT PLANNING Under a risk-based approach, audit planning takes the most time of the audit. Under audit planning, we do: A. Planning and Risk Identification B. Strategy and Risk Assessment S: Strategy and Risk Assessment S: Understanding the Business Flow: We Risk factors identify We Risks of material misstatement determine We relate Risks to financial statements Procedures Performed under this Phase of the Planning 1. Identify COTs and SCOTS 2. Determine the FOT for the identified SCOTs (through inquiry, observation, etc) 3. Perform walkthroughs 4. Determine WCGWs ( or the FS Risks) 5. Determine the Assertions affected by the WCGWs 6. Perform tests of controls 7. Design and perform test of journal entries and other mandatory fraud procedures (this is done until concluding procedures phase) 8. Perform combined risk assessment 9. Customize audit program Definitions of COTs, SCOTs, FOT, WCGWs Class of Transactions (COT) Categories all transaction into different groups Significant Class of Transaction (SCOT) Are classes with high amounts Flow of Transactions (FOT) The way figures come into sub ledger and general ledger. Enables the auditor to identify where material misstatements could occur. What can go Wrong (WCGW) Refers to points where material misstatements due to error or fraud can occur in a flow of transactions We focus on those WCGWs that could have a material effect on the related relevant financial statement assertion(s). S1.1: Identify SCOTs, FOT and WCGWs Based on our understanding of the business, thus far, identify SCOTs such as the following: Cash disbursements Cash receipts Financial statement close Purchases and trade payables Sales and receivables Payroll Determine provisions and estimates Once SCOTs are identified, determine FOT and the WCGWs. S1.2 : Significant Class of Transaction (SCOT) vs. Flow of Transaction (FOT) Export Sales Not No Significant Procedures!!! 100 Sales 10,000 TE: 100 Domestic sales Audit 9,900 Significant Procedures FOT FOT: Record & Customer Receive Domestic Production Dispatch send order Money Sales Invoice S1.3 : Financial Statement vs. Flow of Transaction Balance sheet Assets Liabilities Equity Cash Accounts Payable Inventory / PP&E Flow of Receive GDN (Goods Receive & Transaction Order Order Delivery Record Play Invoice (FOT) Confirmation Note) Invoice S1.5 : Understanding FOTs IT Consideration Automated aspects Manual aspects Computer applications/infrastructure Critical Paths How the transactions is: Initiated Authorized Recorded Processed Segregation of Incompatible Duties Reported Custody of assets Authorized or approval Recording related transactions Document our understanding of the FOTs through Walkthroughs We perform walkthrough to confirm our understanding of the processes and to verify that the controls we have identified to address WCGWs have been placed in operation. The results of our walkthroughs allow us to evaluate whether or not the controls over the flow of transactions identified are likely to be effective in preventing and detecting material misstatements to the financial statements. Walkthrough procedures are conducted every year. Tests of Controls We design the nature, timing and extent of our tests of controls to obtain sufficient appropriate audit evidence that the controls selected for testing operate effectively as designed throughout the period of reliance to prevent or detect and correct material misstatement at the assertion level when: We plan to rely on the operating effectiveness of the controls in determining the nature, timing and extent our substantive procedures Substantive procedures alone cannot provide sufficient appropriate audit evidence at the assertion levels (e.g., for highly automated SCOTs) Risks and the Audit Formula The audit risk... The audit risk is the ultimate acceptable risk that material monetary errors are not detected. AUDIT RISK FORMULA Inherent Risk X Control Risk X Detection Risk = Audit Risk Combined Risk Assessment S4: Understanding the Business Flow: Step 6 Our Combined We Risk Assessment make (CRA) S4: FS Risks and Assertions 4 Broad Categories of Financial Statement Types of Assertions Risks accounting errors existence or occurrence financial reporting completeness errors cut-off fraud rights and obligations going concern valuation or allocation (gross and net) presentation and disclosure Combined Risk Assessment (CRA) Table CONTROL RISK NOT RELY ON RELY ON CONTROLS CONTROLS (not effective test of (effective tests of controls or controls controls) not tested) LOW HIGH INHERENT RISK LOWER LOW MODERATE HIGHER MODERATE HIGH Test of Journal Entries and Substantive Procedures We design the nature, timing and extent of our tests of journal entries and substantive procedures to reduce the audit risk to an acceptably low level and enable us to draw reasonable conclusions on which to base our opinion The appropriate mix of substantive procedures depends on factors such as the nature of the account balance and our CRA. Primary procedures are to be performed, however, regardless of the CRA Our CRA affects the timing and extent of our substantive procedures Journal Entry Testing PSA 240 Requires: (a) Test the appropriateness of journal entries recorded and other adjustments made in the preparation of the financial statements by doing the following: (i) Make inquiries of individuals involved in the financial reporting process about inappropriate or unusual activity relating to the processing of journal entries and other adjustments; (ii) Select and review journal entries and other adjustments made at the end of a reporting period; and (iii) Test journal entries and other adjustments throughout the period. Journal Entry Testing What to look for? Entries that are made: are made at year end; are made to unrelated, unusual, or seldom-used accounts; are posted/adjusted by an unauthorized personnel/ override; are recorded at the end of the period or as post-closing entries that have little or no explanation or description; are made either before or during the preparation of the financial statements that do not have account numbers; contain round numbers or consistent ending numbers; complex (e.g. contain significant estimates) or unusual in nature (e.g. not in the normal course of business); and are made subsequent to financial year-end but which affect the financial statements for the current year. showed reference code gaps Prepare Audit Planning Memorandum (APM) –Minimum Contents Planning Materiality Timetable and deliverables Understanding the entity Internal controls and risk assessment Significant Changes in Risk Assessments and Audit Strategies from prior year Significant Accounting and Auditing Matters Requiring Attention Preliminary Analytic Review Significant risks areas/accounts identified during planning stage and our planned responses to them ???? Who is responsible for preparing/performing the planning phase? Phase II EXECUTION: Testing and Evidence Reliability of Evidence Not all Audit Evidence is equally reliable. See below for the hierarchy of audit evidence. Least reliable Most reliable Source relative to entity Internal (from inside entity External (from outside entity) Source – person: Employee Employee of company External auditor or auditor Source – person: Employee Employee of company Third party of third party Source: Independence of Associated with company Not Associated with provider company Source: Qualifications of Little knowledge of subject Expert in subject provider Source: Operation of Not in operation Effective operations internal controls The Considerations for Determining Whether Audit Evidence is “Sufficient Appropriate Evidence Assuming good internal controls and the possibility to choose a method, these are the following techniques to be considered (ordered by their reliability): 1. Recalculation 2. Inspection 3. Reperformance 4. Observation 5. Confirmation 6. Analytical procedures 7. Inquiry Understand the Seven Evidence Gathering Techniques 1. Recalculation: ► Consist of examining records, documents, or tangible assets ► Example – checking the calculation of depreciation expense. 2. Inspection: ► Examining records, documents or tangible assets ► Example – Performing an inventory count. 3. Re-performance: ► Independent execution of procedures or controls that were originally performed as part of the entity’s internal control. ► Re-perform the aging of accounts receivable. 4. Observation: ► Observe a process or procedure being performed by another. ► Performing a site visit at the client’s facilities. Understand the Seven Evidence Gathering Techniques 5. Confirmation ► The auditor’s receipt of a written or oral confirmation from a independent third party verifying the accuracy or the information requested. ► Four Keys Characteristics. 1. Information is requested by auditor. 2. Request and response is in writing, sent to the auditor. 3. Response comes from an independent third party. 4. Positive confirmation involves a receipt of information. 6. Analytical Procedures ► Analysis of significant trends and ratios including the investigation of fluctuations and relationship that are inconsistent with other relevant information or that deviate from predictable amounts. 7. Inquiry ► Seeking information from knowledgeable persons inside or outside the entity. Perform Substantive Testing Procedures Audit programs should be customized and should be approved by the manager before they can be used by the engagement team. For high risk clients, the audit programs should be approved by both the manager and the partner Important: The Audit Programs should not be presented in 1 file only. Each account work papers should be accompanied by the relevant audit program. Analytical Review Procedures (ARPs) When an analytical procedure is used during substantive testing, as the principal substantive test for a risk, the audit team should document the following: the expectation and the factors considered in its development results of the comparison between the expectation and the entity’s recorded amount any additional auditing procedures performed in response to significant unexpected differences and the results of those procedures any corroborating evidence obtained to support any large or unusual variances between expectations Phase III Concluding and Reporting Concluding Procedures Review of: Compliance with laws and regulations Litigation and claims Minutes and contracts Consideration of going concern Related party transactions and relationships Evaluation of SAD Consolidation procedures Concluding Procedures Preparation of Engagement Completion Document Obtaining management representation letters Review of financial reports/tax returns/GFFS Final analytic review Management letter Final Analytic Review What is the purpose of the final analytic review? NB: Use the final/audited balances (CY) vs. audited balances (PY) General All clients should have duly approved (by partners) Client Acceptance and Continuance Forms Planning should be approved by partners. PM at the very least should be discussed with the partners for their concurrence. Do not perform procedures on accounts below our TE unless justified (fraud, unusual account, etc). An audit program should form part of the work papers of each account. That is, the Audit Program file of SCP should be separated into accounts. Always prepare APM SRM should accompany FS when given to partners for review Ensure that we obtain management representation (Mgt Rep) letter and ensure to customize the same. Note: Mgt Rep is different from Mgt Responsibility and/or Management Letter Cash Send confirmation to ALL bank accounts regardless of the balance For cash on hand, esp. for insignificant amounts (e.g., petty cash fund), certification by the cash custodian would be enough Send bank confirmation on or right after year-end Bank confirmation requests should be prepared by client but should be sent by us. Do not let the client send the confirmation themselves. Receivables Always send positive confirmation to sampled debtors/customers Client’s refusal to send confirmation requests can be a ground for a qualified opinion due to limitation, hence, should be clearly documented in the work papers, if applicable DO NOT WAIT for the confirmation replies. Once samples for testing have been selected, perform alternative procedures immediately. Perform subsequent collection testing and/or examination of source documents (e.g., sales invoice, delivery receipts, etc.). Examination should be 100%. Examining samples on samples is not acceptable. Always perform impairment testing for all types of significant receivables including those due from related parties. Always send confirmation to related parties Sales When a company has sales returns, perform a cutoff the debit/credit memo covering the sales returns (or any document used by the client for sales returns) If separate delivery receipts are issued by the client for its sales, perform cutoff procedures on delivery receipts also together with the sales invoices. Inventories Always observe physical count of inventories. Our failure to observe any count can be a ground for qualification as this is a primary procedure. Samples used for physical count observation should be selected floor to sheet and sheet to floor. The sample size should be computed using the sample calculator Liabilities Negative confirmations are sent for liabilities. Confirmation requests should be prepared by client but should be sent by us. Do not let the client send the confirmation themselves. Client’s refusal to send confirmation requests can be a ground for a qualified opinion due to limitation, hence, should be clearly documented in the work papers, if applicable Always send confirmation to related parties Matters that Do Affect the Auditor’s Opinion 2. Disagreement with Management regarding: -Acceptability of accounting policies 1. Scope Limitation -Method of application and adequacy of disclosures -Compliance of statements with relevant requirements Disclaimer of Qualified Opinion Opinion Qualified Opinion Adverse Opinion What auditors actually do in layman’s term? Skills Required Strong communication skills Emotional intelligence Critical thinking and business acumen Professional skepticism Interpersonal skills SCP Templates FS audit toolbox SOQM toolbox END