Overview of Auditing Profession PDF

23 JAN 2025 Auditing Standards and Quality Control Objectives To become familiar with the regulatory bodies and professional standards and other regulatory and legal requirements governing the profession, namely: 1. Philippine Accountancy Act of 2004 2. Code of Ethics for Professional Accountants in the Philippines Relevant Bodies and Organizations Mandated (RA 9298: Philippine Accountancy Act of 2004) Professional Regulatory Board of to supervise, control and regulate the practice of Accountancy (BOA) accountancy in the Philippines specifically, (1) standardize and regulate accounting education; (2) conduct examinations for registering CPAs, (3) supervise, control, and regulate the practice of accountancy in the Philippines. Authorized to establish and promulgate generally Auditing and Assurance Standards accepted auditing standards (GAAS); Adopts standards Council (AASC) and practice statements issued by the International Auditing and Assurance Standards Board (IAASB). An accredited professional organization of CPAs by the Philippine Institute of Certified Public PRC that aims to promote, uphold and maintain high Accountants (PICPA) standards in the accountancy profession and protecting public interest. Philippine Accountancy Act of 2004 Article I: Title, Declaration of Policy, Objective and Scope of Practice An act to regulate the practice of accountancy in the Philippines The practice of accountancy shall include, but not limited to the following: Practice of Public Accountancy Practice in Commerce and Industry Practice in Education/Academe Practice in the Government Philippine Accountancy Act of 2004 Article II: Professional Regulatory Board of Accountancy Establishes BOA and its composition (chairman and 6 members) Qualification of its members Term of office: 3-year term; limit of 2 consecutive terms Powers and function of the Board Grounds for suspension or removal from the board Submission of an annual report Philippine Accountancy Act of 2004 Article III: Examination, Registration and Licensure Qualifications of applicants Filipino citizen Good moral character Holder of a BS Accountancy degree Has not been convicted of any criminal offense involving moral turpitude Scope of the examination Financial accounting and reporting Advance financial accounting and reporting Management advisory services Auditing Taxation Regulatory Framework for Business Transactions Rating: general average of 75% with no grades lower than 65% in any subject Conditional credit for subjects above 65%: Obtains a rating of 75% in majority (at least 4) of the subjects; must retake failed and pass subjects within 2 years Philippine Accountancy Act of 2004 Article III: Examination, Registration and Licensure Take an oath of profession before any member of the Board or before any government official authorized by the Commission Issuance of certificate of registration (COR) and professional identification card (PIC) COR must bear the signature of the chairman of PRC and chairman and members of BOA and stamped with the official seal of PRC and BOA. A holder of the COR shall be issued a PIC subject to renewal every 3 years. It should bear a registration number, date of issuance, expiry date and signature of the PRC chairman. Philippine Accountancy Act of 2004 Article IV: Practice of Accountancy Single practitioners and partnerships for the practice of public accountancy must be CPAs and will be issued a certificate of accreditation after such registrant has acquired a minimum of 3 years meaningful experience. The accreditation is renewable every 3 years. Workings papers shall be treated confidential and privileged and remain the property of the CPA. Continuing Professional Education (CPE) program Renewal of certificate of accreditation – 120 units within the last 3 years prior to renewal. Philippine Accountancy Act of 2004 Article V: Penal and Final Provisions Violation of any provisions of the Act shall be punishable with a fine of no less than P50,000 or by imprisonment for a period not exceeding 2 years or both. Code of Ethics for Professional Accountants in the Philippines Establishes the fundamental principles of professional ethics for professional accountants and provides a conceptual framework that professional accountants shall apply to: Identify threats to compliance with the fundamental principles; Evaluate the threat identified; and Address the threats by eliminating or reducing them to an acceptable level Code of Ethics for Professional Accountants in the Philippines FUNDAMENTAL PRINCIPLES Integrity Objectivity Professional Competence and Due Care Confidentiality Professional Behavior Code of Ethics for Professional Accountants in the Philippines INTEGRITY To be straightforward and honest in all professional and business relationships A professional accountant should not knowingly be associated with information that: Contains materially false or misleading statements; Contains statements or information furnished recklessly; and Omits or obscures information required to be included where such omission or obscurity would be misleading. Code of Ethics for Professional Accountants in the Philippines OBJECTIVITY Should not compromise their professional or business judgment because of bias, conflict of interest or the undue influence of others. Code of Ethics for Professional Accountants in the Philippines PROFESSIONAL COMPETENCE AND DUE CARE To maintain professional knowledge and skill at the level required to ensure that clients or employers receive competent professional service To act diligently in accordance with applicable technical and professional standards when performing professional activities or providing professional services Code of Ethics for Professional Accountants in the Philippines CONFIDENTIALITY Respect the confidentiality of information acquired as a result of professional and business relationships Disclosure of confidential information is allowed when: It is permitted by law and is authorized by the client or the employing organization; It is required by law; and There is a professional duty or right to disclose, when not prohibited by law such as compliance with quality review of a professional body, to respond to an investigation by a regulatory body, to protect the interest of the professional accountant in legal proceedings, or to comply with technical and professional standards. Code of Ethics for Professional Accountants in the Philippines PROFESSIONAL BEHAVIOR Comply with relevant laws and regulations and avoid any actions that may discredit the profession. When marketing and promoting professional services, the professional accountant must be honest and truthful and not (1) make exaggerated claims and (2) make disparaging references or unsubstantiated comparisons to the work of others. Code of Ethics for Professional Accountants in the Philippines CONCEPTUAL FRAMEWORK APPROACH Used to identify, evaluate and address threats to compliance with the fundamental principles Identify Evaluate Threats Threats YES Identify Evaluate Significant? Safeguards Safeguards NO YES NO Do not proceed Proceed with Acceptable the engagement Level? with the engagement Code of Ethics for Professional Accountants in the Philippines THREATS 1. Self-interest threat – financial or other interest will inappropriately influence the professional accountant’s judgment or behavior 2. Self-review threat – the use of previously made judgment or activity performed by a professional accountant, or by another individual within the accountant’s organization, may not allow the professional accountant from making an appropriate evaluation 3. Advocacy threat – promote the client’s or employer’s position compromising objectivity 4. Familiarity threat – become too sympathetic to the client’s or employer’s interest or too accepting of their work 5. Intimidation threat – deterred from acting objectively because of actual or perceived pressure Code of Ethics for Professional Accountants in the Philippines ADDRESSING THREATS If the identified threats are not at an acceptable level, the accountant shall address the threats by eliminating them or reducing them to an acceptable level by: Eliminating the circumstances that are creating the threats; Applying safeguards to reduce the threats to an acceptable level; or Declining or ending the specific professional activity. Code of Ethics for Professional Accountants in the Philippines SAFEGUARDS Actions or measures that may eliminate threats or reduce them to an acceptable level. How to determine the acceptable level? Exercise professional judgment; and Take into account whether a reasonable and informed third party, weighing all specific facts and circumstances available to the professional accountant at the time, would be likely to conclude that the accountant complies with the fundamental principles. Code of Ethics for Professional Accountants in the Philippines SAFEGUARDS Safeguard created by the profession, legislation or regulation Safeguard in the work environment Firm-wide safeguards and engagement-specific safeguards Safeguard within the client’s systems and procedures Code of Ethics for Professional Accountants in the Philippines INDEPENDENCE Independence of Mind Independence in Appearance Code of Ethics for Professional Accountants in the Philippines APPLICATION OF CONCEPTUAL FRAMEWORK TO CERTAIN SITUATIONS 1. Professional appointment Client acceptance Engagement acceptance Changes in professional appointment 2. Conflict of interest If significant, inform client and ask client’s permission to put in place safeguards to reduce the conflict to an acceptable level and proceed with the engagement knowing the risk. 3. Second opinion Ask client’s permission to contact existing accountant or predecessor. 4. Fees and other remuneration Quotes fees that are deemed appropriate. Referral fees paid or received must be disclosed. Code of Ethics for Professional Accountants in the Philippines APPLICATION OF CONCEPTUAL FRAMEWORK TO CERTAIN SITUATIONS 5. Marketing professional services The professional accountant shall be honest and truthful, and not (1) make exaggerated claims; and (2) make disparaging references or unsubstantiated comparisons to work of another. 6. Gift and hospitality Existence and significance of threat depend on the nature, value and intent of the offer. 7. Custody of client asset Only if permitted by law and in compliance with legal duties 8. Responding to non-compliance with laws and regulations Discuss with the appropriate authorities and document properly. Auditing Standards and Quality Control (Part 2) Objective To become familiar with the different Auditing and Assurance Standards Council (AASC) issued Standards and Statements. AASC Standards and Statements Adopted by the AASC from standards and statements issued by the International Auditing and Assurance Standards Board (IAASB) IAASB was established by the International Federation of Accountants (IFAC) to develop and issue high quality standards on auditing, assurance and related services engagements, related practice statements and quality control standards for use around the world. AASC Standards and Statements 1. Engagement Standards 2. Philippine Standards on Quality Management (PSQM) 3. Philippine Auditing Practice Note (PAPN) AASC Standards and Statements 1. Engagement Standards a. Basic principles and essential procedures to be applied to audit and review of historical financial information, and other assurance and related services engagement. i. Philippine Standards on Auditing (PSAs) ii. Philippine Standards on Review Engagements (PSREs) iii. Philippine Standards on Assurance Engagements (PSAEs) iv. Philippine Standards on Related Services (PSRSs) AASC Standards and Statements 1. Engagement Standards b. Philippine Framework for Assurance Engagements Defines and describes the elements and objectives of an assurance engagement and identifies engagements to which PSAs, PSREs, and PSAEs apply. AASC Standards and Statements 1. Engagement Standards b. Philippine Framework for Assurance Engagements ASSURANCE ENGAGEMENT – an engagement in which practitioners expresses a conclusion designed to enhance the degree of confidence of the intended users other than the responsible party about the outcome of the evaluation or measurement of a subject matter against criteria. ELEMENTS OF AN ASSURANCE ENGAGEMENT 1. Three-party relationship 2. Appropriate subject matter 3. Suitable criteria 4. Sufficient appropriate evidence 5. Written assurance report AASC Standards and Statements 1. Engagement Standards b. Philippine Framework for Assurance Engagements TYPES OF ENGAGEMENTS REASONABLE ASSURANCE ENGAGEMENT LIMITED ASSURANCE ENGAGEMENT ASSURANCE ENGAGEMENT Reduce to an acceptably low level; less than Reduce to an acceptable level (moderate level) RISK* absolute assurance where risk is greater than for a reasonable assurance engagement FORM OF EXPRESSION OF Positive Negative THE PRACTITIONER’S CONCLUSION EXAMPLE In our opinion, internal control is effective, Based on our work described in this report, nothing in all material respects, based on XYZ has come to our attention that causes us to believe criteria. that internal control is not effective, in all material respects, based on XYZ criteria. * Risk that the practitioner expresses an inappropriate conclusion when the subject matter information is materially misstated. AASC Standards and Statements 1. Engagement Standards c. PSA 120: FRAMEWORK OF PHILIPPINE STANDARDS ON AUDITING AUDITING RELATED SERVICES Nature of Service Audit Review Agreed-upon Compilations procedures Level of Assurance High, but not Moderate (limited) None None absolute (reasonable) Report Positive assurance Negative assurance Factual findings of Identification of on assertion/s on assertion/s procedures information compiled Standards PSAs PSREs PSRS 4400 PSRS 4410 Assurance engagements other than audit or review of financial statements are covered by PSAEs and may provide reasonable or limited assurance. AASC Standards and Statements 2. Philippine Standards on Quality Management (PSQMs) a. Deals with a firm’s responsibilities to design, implement and operate a system of quality management for audits or reviews of financial statements, and other assurance and related services engagements b. The objective is to design, implement and operate a system of quality management for assurance engagements that provides the Firm with reasonable assurance that: The firm and its personnel fulfill their responsibilities in accordance with professional standards and applicable legal and regulatory requirements; and Engagement reports issued by the firm or engagement partners are appropriate in the circumstances. AASC Standards and Statements 2. Philippine Standards on Quality Management (PSQMs) c. Components of a system of quality management i. Risk assessment process ii. Governance and leadership iii. Relevant ethical requirements iv. Acceptance and continuance of client relationships and specific engagements v. Engagement performance vi. Resources vii. Information and communication viii. Monitoring and remediation process AASC Standards and Statements 2. Philippine Standards on Quality Management (PSQMs) c. Components of a system of quality management i. Risk assessment process The Firm shall design and implement a risk assessment process to establish quality objectives, identify and assess quality risks and design and implement responses to address the quality risks. The firm shall establish the quality objectives specified by PSQM on each of the components and any additional quality objectives considered necessary by the Firm to achieve the objectives of the system of quality management. AASC Standards and Statements 2. Philippine Standards on Quality Management (PSQMs) c. Components of a system of quality management ii. Governance and leadership The firm demonstrates a commitment to quality through culture that exists throughout the firm. Leadership is responsible and accountable for quality. Leadership demonstrates a commitment to quality through their actions and behaviors. The organization structure and assignment of roles, responsibilities and authority is appropriate to enable the design, implementation and operation of the firm’s system of quality management. Resource needs are planned for and resources obtained, allocated or assigned in a manner that is consistent with the firm’s commitment to quality. AASC Standards and Statements 2. Philippine Standards on Quality Management (PSQMs) c. Components of a system of quality management iii. Relevant ethical requirements The firm and its personnel: 1) understand the relevant ethical requirements to which the firm and the firm’s engagements are subject; and 2) fulfill their responsibilities in relation to the relevant ethical requirement to which the firm and its engagements are subject. Others, including the network (and personnel within the network), or service providers: 1) understand the relevant ethical requirements that apply to them; and 2) fulfill their responsibilities in relation to the relevant ethical requirements that apply to them. AASC Standards and Statements 2. Philippine Standards on Quality Management (PSQMs) c. Components of a system of quality management iv. Acceptance and continuance of client relationships and specific engagements Judgments by the firm about whether to accept or continue a client relationship or specific engagement are appropriate based on: Information obtained about the nature and circumstances of the engagement and the integrity and ethical values of the client that is sufficient to support such judgements; and The firm’s ability to perform the engagement in accordance with professional standards and applicable legal and regulatory requirements. The financial and operational priorities of the firm do not lead to inappropriate judgments about whether to accept or continue a client relationship or specific engagement. AASC Standards and Statements 2. Philippine Standards on Quality Management (PSQMs) c. Components of a system of quality management v. Engagement performance Engagement teams understand and fulfill their responsibilities in connection with the engagements. The direction and supervision of engagement teams and review of the work performed is appropriate. Engagement teams exercise appropriate professional judgment and professional skepticism. Consultation on difficult or contentious matters is undertaken and the conclusions agreed are implemented. Differences of opinion within the engagement team, or between the engagement team and other individuals performing activities within the system of quality management are brought to the attention of the firm and resolved. Engagement documentation is assembled on a timely basis and is appropriately maintained and retained. AASC Standards and Statements 2. Philippine Standards on Quality Management (PSQMs) c. Components of a system of quality management vi. Resources Human Resources Personnel are hired, developed and retained and have the competence and capabilities to consistently perform quality engagements and carry out responsibilities in relation to the firm’s system of quality management. Personnel demonstrate a commitment to quality, develop and maintain the appropriate competence to perform their roles, and are held accountable or recognized through timely evaluations, compensation, promotion or other incentives Individuals are obtained from external sources when the firm does not have sufficient or appropriate personnel AASC Standards and Statements 2. Philippine Standards on Quality Management (PSQMs) c. Components of a system of quality management vi. Resources Human Resources Engagement team members are assigned to each engagement who have appropriate competence and capabilities, including being given sufficient time, to constantly perform quality engagements. Individuals are assigned to perform activities within the system of quality management who have appropriate competence and capabilities, including sufficient time, to perform such activities. Appropriate technological resources are available to enable the operation of the firm’s system of quality management. Appropriate intellectual resources are available to enable the operation of the firm’s system of quality management. Human, technological or intellectual resources from service providers are appropriate for use in the firm’s system of quality management. AASC Standards and Statements 2. Philippine Standards on Quality Management (PSQMs) c. Components of a system of quality management vii. Information and communication The information system identifies, captures, processes, and maintains relevant and reliable information that supports the system of quality management. The culture of the firm recognizes and reinforces the responsibility of personnel to exchange relevant and reliable information with the firm and with one another. Relevant and reliable information is communicated to external parties, including to the firm’s network and service providers, and when it is required by law, regulation or professional standards. AASC Standards and Statements 2. Philippine Standards on Quality Management (PSQMs) c. Components of a system of quality management viii. Monitoring and remediation process Provide relevant, reliable and timely information about the design, implementation and operation of the system of quality management. Take appropriate actions to respond to identified deficiencies such that deficiencies are remediated on a timely basis. AASC Standards and Statements 3. Philippine Auditing Practice Note Provide interpretative guidance and practical assistance to professional accountants in implements standards and to promote good practice. a. Philippine Auditing Practice Statements (PAPSs) b. Philippine Review Engagement Practice Statements (PREPSs) c. Philippine Assurance Engagement Practice Statements (PAEPSs) d. Philippine Related Services Practice Statements(PRSPSs) Client Acceptance & Continuance Decision Objective To understand the standards governing the preliminary activities in an audit engagement including: acceptance and continuance of client relationships and engagements; agreement on terms; and, assignment of teams. Relevant Standards PSQM 1 – Quality Control for Firms that Perform Audits or Reviews of Financial Statements, or Other Assurance and Related Services Engagements (30, A67-A74) PSA 210 – Agreeing the Terms of Audit Engagements PSA 220 – Quality Control for an Audit of Financial Statements (12-14, A8-A12) PSA 300 – Planning an Audit of Financial Statements (5, 12, A6-A8, A21) Client Acceptance & Continuance (Possible Scenario) Client Acceptance & Continuance in PSQM 1 The following are the quality objectives that a firm needs to establish in relation to client acceptance and continuance: a. Judgment on whether to accept or continue a client relationship or engagement are appropriate based on: 1. Information obtained about the nature and circumstances of the engagement 2. Integrity of the client 3. Firm’s ability to perform the engagement b. The financial and operational priorities of the firm do not lead to inappropriate judgments about whether to accept or continue a client relationship or engagement. Client Acceptance & Continuance in PSQM 1 1. Information obtained about the nature and circumstances of the engagement may include: Industry Relevant regulatory factors Nature of the entity (e.g., operations, organizational structure, ownership and governance, its business model, how it is financed, etc.) Nature of the underlying subject matter (e.g., financial statements, etc.) Applicable criteria Client Acceptance & Continuance in PSQM 1 2. Information obtained about the integrity and ethical values of the client (e.g., entity, principal owners, key management and TCWG) may include these factors: Nature of the entity including complexity of ownership and management structure Nature of client’s operations Attitude regarding governance towards aggressive interpretation of accounting standards and internal control environment Aggressively concerned with maintaining low engagement fees Indications of client-imposed scope limitations Indications of involvement in money laundering or other criminal activities Reasons for a change in auditors Identify business reputation of related parties. Client Acceptance & Continuance in PSQM 1 2. Information obtained about the integrity and ethical values of the client (e.g., entity, principal owners, key management and TCWG) may be sourced from: Current or previous engagements Existing or previous providers of professional accountancy services to the client Discussion with other third parties, such as bankers, legal counsels and industry peers Background searches of relevant databases Client Acceptance & Continuance in PSQM 1 3. Firm’s ability to perform the engagement in accordance with professional standards and applicable legal and regulatory requirements are affected by: Availability of appropriate resources to perform the engagement; Access to information to perform the engagement; Whether the firm and the engagement team are able to fulfill their responsibilities in relation to the relevant ethical requirements Client Acceptance & Continuance in PSQM 1 3. Firm’s ability to perform the engagement in accordance with professional standards and applicable legal and regulatory requirements are affected by: Availability of appropriate resources to perform the engagement: o Circumstances of the engagement and the reporting deadline; o Availability of competent and capable individuals; o Availability of experts, if needed; o Availability of an engagement quality reviewer, if needed; o Access to technological resources; and, o Need for intellectual resources. Client Acceptance & Continuance in PSQM 1 3. Firm’s ability to perform the engagement in accordance with professional standards and applicable legal and regulatory requirements are affected by: Access to information to perform the engagement: o Subject matter o Criteria including the financial reporting framework and applicable legal and regulatory requirements o Other information necessary Client Acceptance & Continuance in PSQM 1 3. Firm’s ability to perform the engagement in accordance with professional standards and applicable legal and regulatory requirements are affected by: Whether the firm and the engagement team are able to fulfill their responsibilities in relation to the relevant ethical requirements: o Code of Ethics for Professional Accountants in the Philippines o PSA 220 paragraphs 9-11 o Other legal and regulatory requirements Client Acceptance & Continuance in PSQM 1 The following are the quality objectives that a firm needs to establish in relation to client acceptance and continuance: a. Judgment on whether to accept or continue a client relationship or engagement are appropriate based on: 1. Information obtained about the nature and circumstances of the engagement 2. Integrity of the client 3. Firm’s ability to perform the engagement b. The financial and operational priorities of the firm do not lead to inappropriate judgments about whether to accept or continue a client relationship or engagement. Preconditions of an Audit in PSA 210 1. Management uses an acceptable financial reporting framework in the preparation of the financial statements. 2. Management acknowledges and understands its responsibility in the audit, namely: a. Prepare the financial statements in accordance with the applicable financial reporting framework; b. Implement internal control policies and procedures; and c. Access to all relevant information and persons for the conduct of the audit. Preconditions of an Audit in PSA 210 If management imposes a limitation in the proposed scope of the auditor’s work that could lead to a disclaimer of opinion, the auditor shall not accept such a limited engagement as an audit engagement. Client Acceptance & Continuance in PSA 220 Premised on the basis that the firm is subject to PSQM 1 Identified the engagement partner as having the main responsibility for the audit and overall quality control. The engagement partner 1. Shall be satisfied that procedures regarding the acceptance and continuance of engagements have been followed; 2. Shall determine the decision to undertake or continue the engagement is appropriate; and 3. Shall communicate immediately to the firm when, after acceptance or continuance, circumstances come to light that would have caused the firm to decline the engagement. Agreement on Audit Engagements Terms in PSA 210 The auditor and management should agree on the terms of the engagement. It should be recorded in an audit engagement letter or other suitable form of written agreement. Agreement on Audit Engagements Terms in PSA 210 Content of the audit engagement letter: 1. Objective and scope of the audit 2. Responsibilities of the auditor 3. Responsibilities of management 4. Identification of the applicable financial reporting framework for the preparation of the financial statements 5. Reference to the expected form and content of the report and a statements that there may be circumstances in which the report may differ from expectation (including additional paragraphs to draw attention to additional disclosures). Agreement on Audit Engagements Terms in PSA 210 Acceptance of a change in the terms of the audit engagement Auditor should not accept changes in the terms of the audit engagement with no reasonable justification from client. If the auditor and management agree on new terms, it must be recorded in a new engagement letter. If the auditor is unable to agree to a change of the terms of the audit engagement and is no longer permitted by management to continue, the auditor shall withdraw with consideration on applicable laws, regulations, or any obligations that will arise. Client Acceptance & Continuance in PSA 220 Assignment of Engagement Team* Composed of the following (not specifically stated in the Standards): 1. Partner 2. Manager 3. Senior 4. Junior May also include auditor’s experts *Collectively have the appropriate competence and capabilities to: 1. Perform the audit engagement in accordance with professional standards; and 2. Enable an auditor’s report that is appropriate to be issued. Preliminary Engagement Activities in PSA 300 1. Perform procedures required in PSA 220 including acceptance and continuance of client relationships and audit requirements. 2. Evaluate compliance with ethical requirements, including independence, as required by PSA 220. 3. Establish an understanding of the terms of the engagement, as required by PSA 210. Performing Risk Assessment Objectives To understand: 1. Audit planning 2. Risk assessment procedures 3. Audit risk model Relevant Standards PSA 200 – Overall Objectives of the Independent Auditor and the Conduct of an Audit in accordance with PSAs PSA 300 – Planning an Audit of Financial Statements (4, 6- 12, A1-A5, A9-A20) PSA 315 – Identifying and Assessing the Risks of Material Misstatements through Understanding the Entity and its Environment PSA 320 – Materiality in Planning and Performing an Audit Audit of Financial Statements 1. What is the purpose of an audit? 2. How is this achieved? 3. What is the basis for the auditor’s opinion? 4. How do we obtain reasonable assurance? 5. Given this, what are the overall objectives of the auditor? Audit of Financial Statements What does the PSA require the auditor to do (PSA 200.7)? 1. Exercise professional judgement; 2. Maintain professional skepticism throughout the planning and performance of the audit; 3. Identify and assess risks of material misstatement based on the understanding of the entity and its environment, including internal controls; 4. Obtain sufficient appropriate audit evidence about whether material misstatements exists, through designing and implementing appropriate responses to the assessed risks; and 5. Form an opinion on the FS based on conclusions drawn from the audit evidence obtained. Audit Planning (PSA 300) - Establishing the overall audit strategy for the engagement and developing an audit plan. - Benefits: 1. Devote attention to important areas of the audit. 2. Identify and resolve potential problems on a timely basis. 3. Perform the audit effectively and efficiently. 4. Assign appropriate members of the audit team. 5. Facilitate direction and supervision of team members and the review of their work. Audit Planning (PSA 300) Overall Audit Strategy - Sets the scope, timing, and direction of the audit. - Guides the development of the audit plan. - Considerations: 1. Characteristics of the engagement that defines its scope. 2. Reporting objectives to plan the timing of the audit and the nature of the communications required. 3. Factors, based on professional judgment, are significant in directing the engagement team’s efforts 4. Results of preliminary engagement activities and whether knowledge gained from other engagements performed by the engagement partner for the entity is relevant. 5. Nature, extent and timing of resources necessary to perform the engagement. Audit Planning (PSA 300) Overall Audit Strategy - Considerations: 3. Factors, based on professional judgment, are significant in directing the engagement team’s efforts (examples below) Appropriate levels of materiality o For planning purposes o For communicating to auditors of components o For reconsideration of materiality throughout the course of the audit o For preliminary identification of material components and account balances Preliminary identification of areas where there may be higher risk of material misstatement Significant business developments affecting the entity Significant industry developments Significant changes in the financial reporting framework Audit Planning (PSA 300) Audit plan - More detailed than the overall audit strategy - Includes the nature, timing and extent of audit procedures to be performed by the engagement team members, specifically, 1. The nature, timing and extent of planned risk assessment procedures (PSA 315) 2. The nature, timing and extend of further audit procedures at the assertion level (PSA 330) 3. Other planned audit procedures that are required in compliance with PSAs. Audit Planning (PSA 300) Direction, supervision and review - Plan the nature, timing and extent of the direction and supervision of engagement team members and review of their work. This depends on many factors including: 1. Size and complexity of the entity 2. Area of the audit 3. Assessed risks of material misstatement 4. Capabilities and competence of members performing audit work Risk Assessment - Identify and assess risks of material misstatement based on the understanding of the entity and its environment, including internal controls Misstatement (PSA 200) - Difference between the amount, classification, presentation, or disclosure of a reported financial statement item versus what is required in accordance with the applicable financial reporting framework - Can arise from error or fraud. Materiality (PSA 320) The following definitions of materiality are considered in an audit: 1. Misstatements, including omissions, if individually or in the aggregate, could reasonably be expected to influence the economic decisions of users taken on the basis of the financial statements. 2. Judgments about materiality are made in the light of surrounding circumstances and are affected by the size or nature of a misstatement, or combination of both. 3. Judgment of matters that are material to users of the financial statements are based on a consideration of the common financial information needs of users as a group. Materiality (PSA 320) Materiality is applied in planning and performing the audit, and in evaluating the effect of identified misstatements and uncorrected misstatements, if any, on the financial statements and audit opinion. During planning, the auditor makes judgements about the size of misstatements that will be considered material. These judgments provide a basis for: a. Determining the nature, timing and extent of risk assessment procedures; b. Identifying and assessing the risk of material misstatement; and c. Determining the nature, timing and extent of further audit procedures. Materiality (PSA 320) In determining materiality, the auditor is using professional judgement, and it is affected by the auditor’s perception of the financial information needs of users of the FS. Because of this, the following are reasonable assumptions for auditors to use with regard to the users: a. Have reasonable knowledge and willing to study the financial information in the FS with reasonable diligence; b. Understand that FS are prepared, presented and audited to levels of materiality; c. Recognize the uncertainties based on the use of estimates, judgment and the consideration of future events; and, d. Make reasonable economic decisions on the basis of the FS. Materiality (PSA 320) Determination of Overall Materiality* - Percentage applied to a certain benchmark - Factors considered in choosing a benchmark: - Element of the FS (e.g., assets, liabilities, equity, revenue, expenses) - Items that users tend to focus on (e.g. net income, revenue, net assets) - Nature of the entity (e.g., start-up, NPO) - Ownership structure (e.g., solely financed by debt) - Relative volatility of the benchmark - Examples: profit before tax, total revenue, gross profit, total expenses, total equity/net asset value - May consider prior period’s financial results/positions, period-to-date financial results/positions, budgets/forecasts *materiality for the financial statement as a whole, materiality at the financial statement level, planning materiality Materiality (PSA 320) Entity Benchmark Percentage Adjustments Manufacturing Company Non-stock, Non-profit Start-up Company Service Company with volatile earnings Listed Educational Institution with one-time income from sale of land Owner-managed business with nominal profit Materiality Determination of Materiality Based on Quality - Nature of the item involved (e.g. degree of subjectivity of a financial statement item – estimates like depreciation versus items with little scope for judgment like cash balance; degree of risk of material misstatement of an account) - Impact of item involved - Matter of professional judgment - affected by the auditor’s perception of the financial information needs of the users of financial statements - Consider circumstances that give rise to possible misstatements Materiality (PSA 320) Performance materiality - Amount less than overall materiality to make sure that the aggregate of uncorrected or undetected immaterial misstatements does not exceed overall materiality - Not a simple mechanical computation and involves the exercise of professional judgment Materiality (PSA 320) Materiality Levels for Particular Classes of Transactions, Account Balances or Disclosures (COT+) - If there is one or more COT+ for which misstatements of lesser amounts than materiality for the FS as whole could reasonably be expected to influence the economic decisions of users, the auditor shall determine the materiality level or levels to be applied to those COT+ - Factors to consider: ØLaw, regulations or the applicable financial reporting framework affect users’ expectations regarding measurement or disclosures of certain items ØKey disclosures in relation to a specific industry ØAttention is focused on a particular aspect of the entity’s business Materiality (PSA 320) Documentation 1. Materiality for the financial statement as a whole 2. If applicable, materiality level or levels for COT+ 3. Performance materiality 4. Any revisions of 1-3 as the audit progress Risk Assessment Objectives (PSA 315) - to identify and assess risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels, - through: 1. Understanding the entity and its environment 2. Understanding the entity’s internal control - thereby providing a basis for designing and implementing responses to the assessed risks of material misstatement. Risk Assessment Procedures (PSA 315) Inquiries of management and others Analytical procedures Observation and inspection Risk Assessment Procedures (PSA 315) 1. Understanding the entity and its environment a. Relevant industry, regulatory, and other external factors b. Nature of the entity i. Operations ii. Ownership and governance structure iii. Types of investments iv. How the entity is structured and financed c. Selection and application of accounting policies d. Objectives and strategies and related business risks e. Measurement and review of financial performance Risk Assessment Procedures (PSA 315) 2. Understanding the entity’s internal control - particularly controls that are relevant to the audit INTERNAL CONTROL – designed, implemented and maintained to address identified business risks that threaten the achievement of any of the entity’s objectives: the reliability of financial reporting; the effectiveness and efficiency of its operations; and its compliance with applicable laws and regulations Risk Assessment Procedures (PSA 315) 2. Understanding the entity’s internal control INHERENT LIMITATIONS OF INTERNAL CONTROL a. Error b. Circumvention c. Management Override d. Changing conditions Risk Assessment Procedures (PSA 315) 2. Understanding the entity’s internal control MANUAL OR AUTOMATED ELEMENTS IN INTERNAL CONTROL a. Manual b. Automated NATURE AND EXTENT OF THE UNDERSTANDING OF RELEVANT CONTROLS - Evaluate the design of those controls and determine whether they have been implemented Risk Assessment Procedures (PSA 315) 2. Understanding the entity’s internal control COMPONENTS OF INTERNAL CONTROL (COSO FRAMEWORK) 1. Control environment 2. Risk assessment process 3. Control activities 4. Information and communication 5. Monitoring of controls Risk Assessment Procedures (PSA 315) 2. Understanding the entity’s internal control COMPONENTS OF INTERNAL CONTROL (COSO FRAMEWORK) 1. Control environment a. Communication and enforcement of integrity and ethical values b. Commitment to competence c. Participation of those charged with governance d. Management’s philosophy and operating style e. Organizational structure f. Assignment of authority and responsibility g. Human resource policies and procedures 2. Risk assessment process 3. Control activities 4. Information and communication 5. Monitoring of controls Risk Assessment Procedures (PSA 315) 2. Understanding the entity’s internal control COMPONENTS OF INTERNAL CONTROL (COSO FRAMEWORK) 1. Control environment 2. Risk assessment process – how the entity a. Identifies business risk b. Estimates the significance of the business risk c. Assesses the likelihood of occurrence of the business risk d. Acts to address the business risk 3. Control activities 4. Information and communication 5. Monitoring of controls Risk Assessment Procedures (PSA 315) 2. Understanding the entity’s internal control COMPONENTS OF INTERNAL CONTROL (COSO FRAMEWORK) 1. Control environment 2. Risk assessment process 3. Control activities a. Authorization b. Performance reviews c. Information processing (IT general and application controls) d. Physical controls e. Segregation of duties 4. Information and communication 5. Monitoring of controls Risk Assessment Procedures (PSA 315) 2. Understanding the entity’s internal control COMPONENTS OF INTERNAL CONTROL (COSO FRAMEWORK) 1. Control environment 2. Risk assessment process 3. Control activities 4. Information and communication a. Information system areas Classes of transactions The procedures from initiation to recording to FS Accounting records, supporting information and specific accounts in the FS How events and conditions are captured by the information system Financial reporting process used to prepare FS Controls over journal entries b. Communication Between management and TCWG External communications 5. Monitoring of controls Risk Assessment Procedures (PSA 315) 2. Understanding the entity’s internal control COMPONENTS OF INTERNAL CONTROL (COSO FRAMEWORK) 1. Control environment 2. Risk assessment process 3. Control activities 4. Information and communication 5. Monitoring of controls Risk Assessment Objectives (PSA 315) - to identify and assess risks of material misstatement, whether due to fraud or error, at the financial statement and assertion levels, - through: 1. Understanding the entity and its environment 2. Understanding the entity’s internal control - thereby providing a basis for designing and implementing responses to the assessed risks of material misstatement. Risk Assessment Procedures (315) FINANCIAL STATEMENT LEVEL - Risks that relate pervasively to the financial statements as a whole and potentially affect many assertions ASSERTION LEVEL - Risks that relate to specific assertions on COT+ Risk Assessment Procedures (PSA 315) SIGNIFICANT RISKS - Risks that require special audit consideration CONSIDERATIONS - Risk of fraud - Risk related to recent significant economic, accounting or other developments - Complexity of transactions - Involves significant transactions with related parties - Degree of subjectivity in the measurement - Significant transactions outside the normal course of business for the entity Audit Risk Model (PSA 200) RISK OF MATERIAL MISSTATEMENT AUDIT RISK = X DETECTION RISK Audit Risk Model (PSA 200) AUDIT RISK – the risk that the auditor expresses an inappropriate opinion when the financial statements are materially misstated. RISK OF MATERIAL MISSTATEMENT – the risk that the financial statements are misstated prior to the audit; there are two levels: 1. FS level, and 2. Assertion level; two components at the assertion level 1. Inherent risk – an assertion’s susceptibility to a misstatement that could be material before consideration of any related controls 2. Control risk – the risk that a misstatement will not be prevented or detected and corrected on a timely basis by the entity’s internal control DETECTION RISK – the risk that audit procedures will not detect the misstatements that exist and could be material. Audit Risk Model (PSA 200) INHERENT RISK X AUDIT RISK = CONTROL RISK X DETECTION RISK Audit Risk Model (PSA 200) For a given level of audit risk, the acceptable level of detection risk bears an inverse relationship to the assessed risk of material misstatement (inherent risk and control risk). Detection risk is reduced by the effectiveness of audit procedures. Audit procedures are enhanced by: - Adequate planning - Proper assignment of engagement team members - Application of professional skepticism; and - Supervision and review of audit work performed Audit Risk Model (PSA 200) Detection risk can only be reduced but not eliminated because of inherent limitations of an audit, namely: - The nature of financial reporting - The nature of audit procedures; and - The need for the audit to be conducted within a reasonable time and at a reasonable cost Audit Risk Model (PSA 200) 1. Set the desired level of Audit Risk 2. Assess the level of Inherent Risk and Control Risk at the financial statement level and the assertion level 3. Determine for the acceptable level of Detection Risk Determines the nature, timing and extent of further audit procedures

Overview of Auditing Profession PDF

Document Details

Tags

Related

Summary

Full Transcript