Audit and Assurance Services Textbook PDF

Summary

This textbook introduces the concepts of audit and assurance services. It covers topics such as auditing definitions, the nature of auditing, and the objective of conducting an audit of financial statements. Key topics include the gathering of evidence and evaluating the information, and the responsibilities of auditors.

Full Transcript

THE DEMAND
FOR
AUDIT AND
OTHER ASSURANCE
SERVICES
CHAPTER 1

1-1
 CHAPTER 1 LEARNING OBJECTIVES

1-1 Describe auditing.
1-2 Distinguish between auditing and accounting.
1-3 Explain the importance of auditing in reducing
information risk.
1-4 List the causes of information risk and explain how this
risk can be reduced.
1-5 Describe assurance services and distinguish audit
services from other assurance and non-assurance services
provided by CPAs.
1-6 Differentiate the three main types of audits.
1-7 Identify the primary types of auditors.
1-8 Describe the requirements for becoming a CPA.
1-2
 OBJECTIVE 1-1
Describe auditing.

1-3
NATURE OF AUDITING

Auditing is the accumulation and evaluation of
evidence about information to determine and
report on the degree of correspondence between
the information and established criteria (for ex.
GAAP or IFRS).
Auditing should be done by a competent
(knowledgeable and experienced), independent
person (the external auditor).

1-4
 OBJECTIVE OF CONDUCTING AN
AUDIT OF FINANCIAL
STATEMENTS

The objective of the ordinary audit of financial
statements by the independent (external) auditor
is:

“The expression of an opinion on the
fairness with which they present, in all
material respects, financial position, results
of operations, and cash flows in conformity
with Generally Accepted Accounting
principles (GAAP)”. 5
 THIS DEFINITION INCLUDES
SEVERAL KEY WORDS AND
PHRASES AS FOLLOWS:
1. Information and Established Criteria.
2. Accumulating and Evaluating
Evidence.
3. Competent Independent Person.
4. Reporting.

6
 1. INFORMATION AND ESTABLISHED CRITERIA

To do an audit, there must be information in a verifiable
form and some standards (criteria) by which the auditor
can evaluate the information.
Criteri
FASB a IASB
Information can and does take many forms which
are:
1. Quantifiable information, including companies’
financial statements and individuals’ federal income tax
returns.
2. Subjective information, such as the effectiveness of
computer systems and the efficiency of manufacturing
operations.
1-5
The criteria for evaluating information also vary
depending on the type information being audited as
follows:
 In the audit of historical financial statements by CPA firms, the
criteria may be U.S. Generally Accepted Accounting Principles
(GAAP) or International Financial Reporting Standards (IFRS).
 For the audit of tax returns by the Internal Revenue Service (IRS),
the criteria are found in the Internal Revenue Code.
 For an audit of Internal Control over Financial Reporting, the
criteria will be the Internal Control-Integrated Framework issued by
Committee of Sponsoring Organizations of the Treadway
Commission (widely known as “COSO”).

8
 2. ACCUMULATING AND EVALUATING EVIDENCE

Evidence is any information used by the auditor to
determine whether the information being audited is
stated in accordance with established criteria.

Evidence takes many different forms, including:

Written Oral Testimony
Communication (indication) of the
s with auditee (Client)
Electronic and Outsiders Observations
Documentary by the
Data about auditor
Transactions
1-9
 To satisfy the purpose of the audit,
auditors must obtain a sufficient quality
and volume of evidence.
 Auditors must determine the types and
amount of evidence necessary and
evaluate whether the information
corresponds to the established criteria.
 This is a critical part of every audit.

10
 3. COMPETENT, INDEPENDENT
PERSON
The auditor must be:
 Qualified to understand the criteria used and
must be Competent to know the types and
amount of evidence to accumulate to reach the
proper conclusion after examining the evidence.
 The auditor must also have an independent
mental attitude.
Auditors strive to maintain a high level of
independence to keep the confidence of users
relying on their reports.

Auditors reporting on company financial
statements are often called independent auditors.
11
Even, Internal auditors—those employed by
the companies they audit— usually report
directly to top management and the board of
directors, keeping the auditors independent
of the operating units they audit.

The competence of those performing the
audit is of little value if they are biased in
the accumulation and evaluation of evidence.

12
 Independenc
Competence
e

Evaluation of
Evidence

Proper
Conclusion

1-13
 4. REPORTING (AUDIT REPORT)
The final stage in the auditing process is preparing the
audit report, which communicates the auditor’s
findings to users.

It can be concluded that, an auditor′s ultimate
responsibility is to the users of the financial statements.

Reports differ in nature, but all must inform readers
of the degree of correspondence between the
information audited and established criteria.

1-14
 OBJECTIVE 1-2
Distinguish between
auditing and
accounting.

1-15
 DISTINCTION BETWEEN AUDITING
AND ACCOUNTING

Many financial statement users and the
general public confuse Auditing with
Accounting.
The confusion results because most auditing
is usually concerned with accounting
information, and many auditors have
considerable expertise in accounting matters.

1-16
 Accounting is the recording, classifying, and
summarizing of economic events in a logical manner for
the purpose of providing financial information for
decision making.
To provide relevant information, Accountants must have
a thorough understanding of the Accounting principles
and rules (Accounting standards) that provide the
basis for preparing the accounting information.
In addition, Accountants must develop a system to
make sure that the entity’s economic events are properly
recorded on a timely basis and at a reasonable cost.

1-17
 Auditors focus on determining whether recorded
information properly reflects the economic events
that occurred during the accounting period.
Auditors must understand Auditing Standards to
determine the proper audit procedures.
Because U.S. or international accounting standards
provide the criteria for evaluating whether the
accounting information is properly recorded, auditors
must thoroughly understand those Accounting
Standards.
Auditors must understand accounting standards to
determine the correspondence between recorded
information and established criteria (standards).

1-18
 Auditor is an expert in the accumulation and
interpretation of audit evidence. It is this
expertise that distinguishes auditors from
accountants.
Determining the proper audit procedures, deciding
the number and types of items to test, and
evaluating the results are unique to the auditor.
NOTICE: Auditor is an accountant. While
accountant is not an auditor.

1-19
 OBJECTIVE 1-3
Explain the
importance of
auditing in reducing
information risk.

1-20
 ECONOMIC DEMAND FOR AUDITING
Information risk reflects the possibility that
the information upon which a business decision
was made was inaccurate.
A likely cause of the information risk is the
possibility of inaccurate financial statements.
Auditing can have a significant effect on
information risk.
Auditing of financial information reduces
information risk to the users of financial
information.
1-21
 OBJECTIVE 1-4
List the causes of
information risk, and
explain how this risk can
be reduced.

1-22
 CAUSES OF INFORMATION RISK
Management asserts (declare) that the
statements are fairly stated in accordance with
applicable U.S. or international accounting
standards. Legally, management is responsible
for providing reliable information to users.
As society becomes more complex, decision
makers are more likely to receive unreliable
information (information risk). There are
several reasons for this:
 Remoteness of information.
 Biases and motives of the provider.
 Voluminous data.
 Complex exchange transactions. 1-23
 CAUSES OF INFORMATION RISK
Remoteness of information: In a global economy, it is
nearly impossible for a decision maker to have firsthand
(immediate) knowledge about the organization with which
they do business and must rely on information provided by
others. When information is obtained from others, the
likelihood of it being intentionally or unintentionally
misstated increases.
Biases and motives of the provider: If information is
provided by someone whose goals are inconsistent with
those of the decision maker, the information may be biased
in favor of the provider.
For example, when a borrower provides financial
statements to a lender, there is considerable likelihood
that the borrower will bias the statements to increase the
chance of obtaining a loan.

1-24
 CAUSES OF INFORMATION RISK
Voluminous data: Higher volumes of transactions
increase the likelihood of undetected errors. If many
minor misstatements remain undiscovered, the
combined total can be significant.
Complex exchange transactions: Transactions
between organizations have become increasingly
complex and therefore, more difficult to record
properly. Complex accounting standards are difficult to
interpret and apply.
For example, the correct accounting treatment of the
acquisition of one entity by another poses relatively
difficult accounting problems.
1-25
 REDUCING INFORMATION RISK
Audited financial statements are provided:
The most common way for users to obtain
reliable information is to have an independent
audit.

1-26
1-18
 OBJECTIVE 1-5
Describe assurance services
and distinguish audit services
from other assurance and non-
assurance services provided by
CPAs.

1-28
ASSURANCE SERVICES
An assurance service is an independent
professional service that improves the quality of
information for decision makers.
In general, Such services are valued because the
assurance provider is independent and perceived as
being unbiased with respect to the information
examined.
Individuals who are responsible for making business
decisions seek assurance services to help improve
the reliability and relevance of the information used
as the basis for their decisions. 1-29
 Assurance services can be provided by CPAs or other
professionals.
For example, Consumers Union, a nonprofit
organization, tests a wide variety of products used by
consumers and reports their evaluations of the
quality of the products tested in consumer reports.
CPAs have provided many assurance services,
particularly assurances about historical financial
statement information.
Section 404 of the Sarbanes-Oxley Act now
requires CPA firms to provide assurance on internal
control over financial reporting for larger public
companies.

1-30
Recently, CPAs have expanded the types of
assurance services they perform to include other
information of interest to investors, customers and
other interested parties such as reports on corporate
social responsibility and sustainability reports.
The demand for assurance services continues to
grow as shareholders and other stakeholders seek
assurance about financial and nonfinancial
information.

31
 ATTESTATION SERVICES
One category of assurance services provided by CPAs
is attestation (confirmation) services.
An attestation service is a type of assurance service
in which the CPA firm issues a report about the
reliability of an assertion that is made by another
party.
Primary categories of attestation services include:
1. Audits of historical financial statements (Auditing)
2. Audits of internal control over financial reporting
(Auditing)
3. Reviews of historical financial statements
4. Other attestation that may be applied to a broad
range of subject matter.
1-32
1. Audit of historical financial statements,
management asserts that the statements are fairly
stated in accordance with applicable U.S. Or
international accounting standards.
An audit of these statements is a form of attestation
service in which the auditor issues a written report
expressing an opinion about whether the financial
statements are fairly stated in accordance with the
applicable accounting standards.
These audits are the most common assurance service
provided by CPA firms.

33
have audits.

Many privately held companies also have their annual
financial statement audited to obtain financing from banks
and other financial institutions.

External users such as stockholders and lenders who rely on
those financial statements to make business decisions look to
the auditor's report as an indication of the statements'
reliability.

Audits are designed to provide reasonable assurance that
the financial statements are free of material misstatements.

Reasonable assurance is a high, but not absolute level of
assurance. This level of assurance is usually sufficient to
meet the information needs of financial statements users.
34
management asserts that internal controls have been
developed and implemented following well established
criteria.

Sarbanes–Oxley Act requires public companies to report
management’s assessment of the effectiveness of internal
control.

The Act also requires auditors to attest to the effectiveness of
internal control over financial reporting.

This evaluation, which is integrated with the audit of the
financial statements, increases user confidence about future
financial reporting, because effective internal controls reduce
the likelihood of future misstatements in the financial
statements.

35
3. Review of historical financial statements,
management asserts that the statements are fairly
stated in accordance with accounting standards, the
same as for audits.

The CPA provides a lower level of assurance compared
to high level for audits.

36
 What are the differences between audit
and review of financial statements?
Audit F.S Review F.S
The CPA provides a lower level
The CPA provides a of assurance
higher level of Less evidence is needed.
assurance. It can be provided by the CPA
More evidence is firm at a much lower fee than
needed. an audit.
Nonpublic companies use this
It can be provided by
attestation option to provide
the CPA firm at a limited assurance on their
much higher fee financial statements without
than a review.. incurring the cost of an audit.
37
4. Other Attestation Services.

CPAs provide numerous other attestation services.

Many of these services are natural extensions of the
audit of historical financial statements, as users seek
independent assurances about other types of
information.

For example, when a bank loans money to a
company, the loan agreement may require the
company to engage a CPA to provide assurance
about the company’s compliance with the financial
provisions of the loan.
38
Another type of attestation involves internal control
at service organizations.

Many companies use a third-party service provider
to process some of their accounting activities, such
as: payroll, offsite at a separate IT service center.

The service provider often engages an auditor to
provide an attestation report provides assurance to
companies that use the service provider that payroll
is accurately processed.

39
 OTHER ASSURANCE SERVICES

Most of the other assurance services that CPAs
provide do not meet the formal definition of
attestation services.

The CPA is not required to issue a written report.

The assurance does not have to be about the reliability
of another party’s assertion about compliance with
specified criteria.
Notice: Audits and some types of attestation services
are limited by regulation to licensed CPAs, but the
market for other forms of attestation and assurance is
open to non-CPA competitors. 1-40
1-41
 NON-ASSURANCE SERVICES PROVIDED BY CPA

Non-assurance services: CPA firms perform
numerous other services that generally fall outside the
scope of assurance services. Three specific examples
are:
1.Accounting and bookkeeping services
2.Tax services
3.Management consulting services
There is some common area of overlap between
consulting and assurance services. While the primary
purpose of an assurance service is to improve the quality
of information, the primary purpose of a management
consulting engagement is to generate a recommendation 1-42
 OBJECTIVE 1-6
Differentiate the three
main types of audits.

1-43
PRIMARY TYPES OF AUDITS PERFORMED BY
CPA FIRMS

1. Operational audit
2. Compliance audit
3. Financial statement audit

1-44
1. Operational audit—Evaluates the efficiency and
effectiveness of any part of an organization’s operating
procedures and methods.
At the completion of an operational audit, management
normally expects recommendations for improving
operations.
For example, auditors might evaluate the efficiency and
accuracy of processing payroll transactions in a newly
installed computer system.
In operational auditing, the reviews are not limited to
accounting. They can include the evaluation of organizational
structure, computer operations, production methods,
marketing, and any other area in which the auditor is
qualified.

1-45
2. Compliance audit—Determines whether the auditee
(company-client) is following specific procedures,
rules, or regulations set by some higher authority.
The following are examples of compliance audits
for a private business:
Review wage rates for compliance with minimum wage
laws.
Examine contractual agreements with bankers and other
lenders to be sure the company is complying with legal
requirements.
Many private and not-for-profit organizations have
prescribed policies, contractual agreements, and legal
requirements that may require compliance auditing.

1-46
Governmental units, such as school districts, are subject
to considerable compliance auditing because of extensive
government regulation.

Results of compliance audits are typically reported to
management, rather than outside users, because
management is the primary group concerned with the
extent of compliance with prescribed procedures and
regulations.

47
3. Financial statement audit—a form of attestation service
in which the auditor issues a written report expressing an
opinion about whether the financial statements are fairly
stated in accordance with the applicable accounting
standards.
Publicly traded companies in the US are required by law to
have financial statements audits.
A financial statement audit is conducted to determine whether
the financial statements (the information being verified) are
stated in accordance with specified criteria.
The criteria are normally U. S. GAAP or international
accounting standards.
The auditor gathers evidence to determine whether the
statements contain material errors or other misstatements.
1-48
 OBJECTIVE 1-7
Identify the primary
types of auditors.

1-49
IDENTIFY THE PRIMARY TYPES OF
AUDITORS

The primary types of auditors:
1. Certified public accounting firms
2. Government accountability office auditors
3. Internal revenue agents
4. Internal auditors

1-50
 1.CERTIFIED PUBLIC ACCOUNTING FIRMS (CPA
FIRMS)

Responsible for auditing the published historical
financial statements of all publicly traded companies,
most other large companies, many smaller companies,
and noncommercial organizations.

It is common to use the terms auditor and CPA firm.
The word “certified” reflects the fact that auditors who
express audit opinions must be licensed as Certified Public
Accountants—CPAs
CPA firms are often called external auditors or
independent auditors to distinguish them from internal
auditors. 1-51
2.GOVERNMENT ACCOUNTABILITY OFFICE
AUDITORS

An auditor working for the U. S. Government Accountability
Office (GAO).

The GAO report to and is responsible solely to Congress.

GAO audits much of the financial information prepared by
various federal government agencies before its submission to
Congress.

1-52
3. INTERNAL REVENUE AGENTS

The IRS is responsible for enforcing the federal tax
laws.

A major responsibility of the IRS is to audit taxpayers’
returns to determine whether they have complied with
the tax laws.

‘These audits are solely compliance audits.

The auditors who perform these examinations are
called internal revenue agents. 1-53
4. INTERNAL AUDITORS
Internal auditors are employed by all types of
organizations to audit for management with oversight
by the board of directors.

To maintain independence from other business
functions, the internal audit group typically reports
directly to the president (CEO), another high
executive officer, or the audit committee of the board
of directors.

However, internal auditors cannot be entirely
independent of the entity as long as an employer–
employee relationship exists.
1-54
Users from outside the entity are unlikely to want to rely
on information verified solely by internal auditors because
of their lack of independence.

This lack of independence is the major difference between
internal auditors and CPA firms (External Auditors).

Many internal auditors are involved in operational
auditing or have expertise in evaluating computer
systems.

1-55
Internal audit experience can be used to fulfill the
experience requirement for becoming a CPA.

Many internal auditors pursue certification as a
certified internal auditor (CIA), and some internal
auditors pursue both the CPA and CIA designations.

56
 OBJECTIVE 1-8
Describe the
requirements for
becoming a CPA.

1-57
REQUIREMENTS FOR BECOMING A CPA

 Becoming a CPA is regulated by state law through
the licensing boards of each state. Three general
requirements must be met, though the specifics
differ among states.
 The three requirements are:
1. Education
2. Uniform CPA examination
3. Experience

1-58
1-59