AT Module 1A - Fundamentals of Auditing and Assurance Services T1AY2425.pdf

Full Transcript

DE LA SALLE UNIVERSITY MANILA
RVR – COB DEPARTMENT OF ACCOUNTANCY
ACYAUDI Term 1 AY 24 - 25

Prof. F. H. Villamin
========================================================================

MODULE 1A
FUNDAMENTALS OF AUDITING AND ASSURANCE SERVICES

A. Preface to Philippine Standards on Quality Control, Auditing, Review, Other
Assurance and Related Services

1. Auditing and Assurance Standards Council (AASC) has its mission to promulgate the auditing standards,
practices and procedures which shall be generally accepted by the accounting profession in the
Philippines.

2. To facilitate the preparation by the AASC of its pronouncements and to attain uniformity of those
pronouncements with international accounting standards , the AASC has approved the adoption of the
International Standards on Auditing (ISAs), International Standards on Assurance Engagements
(ISAEs), International Standards on Review Engagements (ISREs) and International Standards on
Related Services (ISRSs) issued by International Auditing and Assurance Board (IAASB) created by the
International Federation of Accountants (IFAC).

3. Pronouncements of the AASC shall be in the form of:
Philippine Standards on Quality Management (PSQMs) formerly Philippine Standards on Quality
Control (PSQC 1)
Philippine Standards on Auditing (PSAs)
Philippine Standards on Review Engagements (PSREs)
Philippine Standards on Assurance Engagements (PSAEs)
Philippine Standards on Related Services (PSRSs)
Philippine Auditing Practice Statements (PAPSs)/Philippine Audit Practice Notes (PAPNs)
Philippine Review Engagement Practice Statements (PREPSs)
Philippine Assurance Engagement Practice Statements (PAEPSs)
Philippine Related Services Practice Statements (PRSPSs)

4. AASC was created by the Professional Regulation Commission upon the recommendation of the Board
of Accountancy (BOA) to assist the BOA in the establishment and promulgation of auditing standards
in the Philippines. The AASC replaced the Auditing Standards and Practices Council (ASPC) which was
established by the Philippine Institute of CPAs (PICPA) and the Association of CPAs in Public Practice
(ACPAPP) and previously set generally accepted auditing standards in the Philippines, also based on
International Standards and Practice Statements.
 Page 2 of 17

5. Authority attaching to the Philippine Standards issued by the AASC:

PSAs are to applied, as appropriate, in the audit of historical financial statements.
PSREs are to be applied in the review of historical financial information.
PSAEs are to be applied in assurance engagements dealing with subject matters other than
historical information.
PSRSs are to be applied to compilation engagements, engagements to apply agreed-upon
procedures to information and other related services engagements as specified by the AASC.
PSAs, PSREs, PSAEs, PSRSs are collectively referred to as the AASC’s Engagements Standards.
PSQMs are to be applied for all services falling under the AASC’s Engagement Standards.

The AASC’s engagement standards contain basic principles and essential procedures
(identified in bold type lettering) together with related guidance in the form of explanatory and
other material, including appendices. The basic principles and essential procedures are to be
understood and applied in the context of the explanatory and other materials that provide guidance
for their application. It is therefore necessary to consider the whole text of a Standard to
understand and apply the basic principles and essential procedures.

They also represent “pronouncements on generally accepted auditing standards, interpretations
and opinions issued by the AASC to apply whenever an independent examination of financial
statements of any entity, whether profit-oriented or not, for the purpose of expressing an
opinion thereon. They may have application, as appropriate, to other activities of the auditor.

6. The nature of the Philippine Standards issued by the AASC requires professional accountants to
exercise professional judgment in applying them. In exceptional circumstances, a professional
accountant may judge it to depart from a basic principle or essential procedure of an Engagement
Standard to achieve more effectively the objective of the engagement. When such a situation arises,
the professional accountant should be prepared to justify the departure.

7. Authority attaching to the Practice Statements issued by the AASC:
PAPS/PAPNs are issued to provide interpretative guidance and practical assistance to professional
accountants in implementing PSAs and to promote good practice.
PREPSs, PAEPSs and PRSPSs are issued to serve the same purpose for the implementation of
PSREs, PSAEs and PSRSs, respectively.

8. Professional accountants should be aware of and consider Practice Statements applicable to the
engagement. A professional accountant who does not consider and apply the guidance included in a
relevant Practice Statement should be prepared to explain how the basic principles and essential
procedures in the Engagement Standard(s) addressed by the Practice Statement have been complied
with.

9. Exposure period for the proposed Philippine Standard or Practice Statement is generally not shorter
than 90 days. Exposure draft is widely distributed to interested organizations and persons for
comment. The exposure draft shall also be published in the PICPA Accounting Times and ACPAPP
Bulletin to give it further exposure.

10. Issuance of exposure drafts requires approval by a majority of the members of the Council; issuance
of the Philippine Standards and Practice Statements, as well as interpretations, requires approval of at
least ten (10) members.
 Page 3 of 17

11. Each final Philippine Standard and Practice Statement, as well as interpretations, if deemed appropriate,
shall be submitted to the Professional Regulation Commission (PRC) through the Board of Accountancy
(BOA) for approval after which the pronouncements shall be published in the Official Gazette. After
publication, the AASC pronouncement becomes operative from the effective date stated therein.

12. Numbering of Philippine Standards and Practice Statements/Notes that are Philippine specific and are
not adopted from International pronouncements will be numbered consecutively with suffix “Ph” as
follows:
For Philippine Standards – starting from 100Ph
For Philippine Practice Statements – starting from 1000Ph

Philippine Standards and Practice Statements adopted from International pronouncements will use the
same numbers as their counterpart International pronouncements.

B. Philippine Framework for Assurance Engagements

1. “Assurance engagement” means an engagement in which a practitioner expresses a conclusion
designed to enhance the degree of confidence of the intended users other than the responsible party
about the outcome of the evaluation or measurement of a subject matter against criteria.

2. Objective of an Assurance Engagement

The objective of an assurance engagement is for a professional accountant to evaluate or measure a
subject matter that is the responsibility of another party against identified suitable criteria, and to
express about the subject matter. Assurance engagements performed by professional accountants are
intended to enhance the credibility of information about a subject matter by evaluating whether the
subject matter conforms in all material respects with suitable criteria, thereby improving the likelihood
that the information will meet the needs of an intended user. In this regard, the level of assurance
provided by the professional accountant’s conclusion conveys the degree of confidence that the
intended user may place in the credibility of the subject matter.

Assurance is a broad concept. Assurance services are designed to improve the quality of decision
making by improving confidence in the information on which decisions are made; the process by which
that information is developed, and the context in which the information is presented to users. The
field of assurance services is much broader than the traditional audits of financial statements.

3. Classification of Assurance Engagements

According to Level of Assurance

a. Reasonable assurance engagement
b. Limited assurance engagement

The objective of a reasonable assurance engagement is a reduction in assurance engagement risk
to an acceptably low level in the circumstances of the engagement as the basis for a positive form of
expression of the practitioner’s conclusion.

The objective of a limited assurance engagement is a reduction in assurance engagement risk to
a level that is acceptable in the circumstances of the engagement, but where that risk is greater than
for a reasonable assurance engagement, as the basis for a negative form of expression of the
practitioner’s conclusion.
 Page 4 of 17

According to Structure

a. Assertion-based Engagement (Attestation)
b. Direct Reporting Engagement

In assertion-based engagement, the evaluation or measurement of the subject matter is performed
by the responsible party, and the subject matter information is in the form of assertion by the
responsible party that is made available to the intended users.

Four requisites of assertion-based engagements

a. There must be written assertion being made by one party, the reliability of which is of interest to
another party.
b. There must be agreed-upon and objective criteria that can be utilized to assess the accuracy of the
assertion.
c. The assertion must be amenable to verification by independent party.
d. The practitioner or accountant should prepare a written conclusion about the reliability of the
assertion or assertions.

Examples of Assertion-based Engagements

a. An independent audit engagement provides a reasonable (but not absolute) level of assurance
that the subject matter (financial statements) is free of material misstatement.
b. A review engagement provides a moderate level of assurance that the information subject to
review is free from material misstatement; this is expressed in the form of negative assurance (i.e.
“nothing has come to the auditor’s attention”). For the purpose of expressing negative assurance
in the review report, the auditor should obtain sufficient appropriate evidence primarily through
inquiry and analytical procedures to be able to draw conclusions

In direct reporting engagement, the practitioner either directly performs the evaluation or
measurement of the subject matter, or obtains a representation from the responsible party that has
performed the evaluation or measurement that is not available to the intended users. The subject
matter information is provided to the intended users in the assurance report.

4. Elements of an Assurance Engagement

1. Three-party relationship involving
a. A practitioner (broader than the term “auditor”)
b. A responsible party (a private company, a government entity, etc)
1. In a direct reporting engagement, is responsible for the subject matter
2. In an assertion-based engagement, is responsible for the subject matter information (the
assertion), and may be responsible for the subject matter.
c. An intended user (often members of the public or investors or regulatory bodies)
- Are person, persons or class of persons for whom the practitioner prepares the assurance
report.
- Can be any one of the intended users, but not the only one.
 Page 5 of 17

2. An appropriate subject matter
a. Financial performance or conditions (e.g., historical or prospective financial position, financial
performance and cash flows) for which the subject matter information may be the recognition,
measurement, presentation and disclosure represented in the financial statements.
b. Non-financial performance or conditions (e.g. performance of an entity) for which the subject
matter information may be key indicators of efficiency and effectiveness.
c. Physical characteristics (e.g. capacity of a facility) for which the subject matter information
may be specifications document.
d. Systems and processes (e.g. an entity’s internal control or IT system) for which the subject
matter information may be an assertion about effectiveness.
e. Behavior (e.g. corporate governance, compliance with regulation, human resource practices)
for which the subject matter information maybe a statement of compliance or a statement of
effectiveness.

An appropriate subject matter is:
1. Identifiable, and capable of consistent evaluation or measurement against the identifiable
criteria, and
2. Such that the information about it can be subjected to procedures for gathering sufficient
appropriate evidence to support a reasonable assurance or limited assurance conclusion, as
appropriate.

3. Suitable criteria (PFRS – formal; Code of Conduct – less formal)
- are the benchmarks used to evaluate or measure the subject matter including, where relevant,
benchmarks for presentation and disclosure.
- are required for reasonably consistent evaluation or measurement of a subject matter within
the context of professional judgment.

Characteristics of suitable criteria:

a. Relevance – contribute to conclusions that assist decision-making by the intended users.
b. Completeness – no omissions of relevant factors that could affect the conclusions in the context
of the engagement circumstances.
c. Reliability – allow reasonably consistent evaluation or measurement of the subject matter
d. Neutrality – contribute to conclusions that are free from bias.
e. Understandability – contribute to conclusions that are clear, comprehensive, and not subject to
significantly different interpretations.

Criteria are made available to the intended users in one or more of the following ways:
a. Publicly
b. Through inclusion in a clear manner in the presentation of the subject matter information
c. Through inclusion in a clear manner in the assurance report
d. By general understanding, for example the criterion for measuring time in hours and minutes.

Criteria may also be available to specific intended users, for example, the terms of a contract, or
criteria issued by an industry association that are available only those in the industry. When identified
criteria are available only to specific intended users, or are relevant only to a specific purpose, use
of the assurance report is restricted to those users or for that purpose.
 Page 6 of 17

4. Sufficient appropriate evidence

Sufficiency is the measure of the quantity of evidence.
Appropriateness is the measure of quality of evidence, that is relevance and its reliability.

Generalizations about the reliability of evidence:
Evidence is more reliable when it is obtained from independent sources outside the entity.
Evidence that is generated internally is more reliable when the related controls are effective.
Evidence obtained directly by the practitioner (observation) is more reliable than evidence
obtained indirectly or by inference (inquiry).
Evidence is more reliable when it exists in documentary form.
Evidence provided by original documents is more reliable than evidence provided by photocopies
or facsimiles.

5. A written assurance report in the form appropriate to a reasonable assurance
engagement or a limited assurance engagement.

In a reasonable assurance engagement, the practitioner expresses the conclusion in the positive
form, for example: “In our opinion internal control is effective, in all material respects, based on XYZ
criteria.” This form of expression conveys “reasonable assurance”.

In a limited assurance engagement, the practitioner expresses the conclusion in the negative form,
for example: “Based on our work described in this report, nothing has come to our attention that
causes us to believe that the internal control is not effective, in all material respects, based on XYZ
criteria. This form of expression conveys a level of “limited assurance” that is proportional to the level
of the practitioner’s evidence –gathering procedures given the characteristics of the subject matter
and other engagement circumstances described in the assurance report

5. Limitations of Assurance Engagements

a. The use of selective testing or sampling risk.
b. The inherent limitations of internal control.
c. The nature of evidence. (persuasive rather conclusive)
d. The use of judgment in gathering and evaluating evidence and forming conclusions based on that
evidence or non-sampling risk.
e. The characteristics of the subject matter when evaluated or measured against the identified criteria.

6. Engagements Provided by Practitioners:

Assurance Engagements

1. Audits – high level of assurance that the financial statements are free of material misstatements

2. Reviews – limited investigation of much narrower scope than the audit and undertaken for the
purpose of providing limited (negative) assurance that the statements are presented in accordance
with identified Financial Reporting Standards. For example, a financial institution may require
debtors to engage CPAs to provide assurance about the debtor’s compliance with certain
covenant provisions stated in the loan agreement. It may also include providing assurance
about the effectiveness of a client’s internal controls over financial reporting, review of
investment performance statistics for organizations such as mutual funds and
computer software review.
 Page 7 of 17

3. Other Assurance Services

CPA Web Trust – provide assurance to users of web sites in the Internet. The CPA’s electronic
Web Trust Seal is affixed to the website. This seal assures the user that the website owner
has met established criteria related to business practices, transaction integrity and information
processes. Web Trust is an attestation service and Web Trust seal s a symbolic representation
of the CPA’s report on management assertions about its disclosure of electronic commerce
practices.

SysTrust – provide assurance on any defined electronic system. The system components
include its infrastructure, software, personnel, procedures and data, In a SysTrust engagement,
the CPA is engaged to examine only that a client maintained effective controls over the system
based on the Trust Services Principles and Criteria. The practitioner performs tests to
determine whether those controls were operating as effectively during the specified report.

Both WebTrust and SysTrust are designed to incorporate a seal management process by
which a seal (logo) may be included on a client’s Web site as an electronic representation of
the practitioner’s unqualified WebTrust report. If a client wishes to use the seal (logo), the
engagement must be updated at least annually. Also, the initial reporting period must include
at least two months.

Eldercare Plus – focuses on the needs of the elderly and whether caregivers are providing
services that meet the specified objectives or at an acceptable level.

Business Performance Measurement Services – provide assurance about whether financial
and non-financial information being reported from the entity’s performance measurement
system (e.g. balanced scorecard) is reliable and whether the performance measures being
used are accurately leading the entity toward meeting its strategic goals and objectives.

Corporate Sustainability Reporting – also known as triple-bottom line reporting involves
reporting of non-financial and financial information to a broader set of stakeholders than just
shareholders. The reports inform stakeholder groups of the reporting organization’s ability to
manage key risks.

Information Reliability Services – provide assurance that information system has been
designed and operated to produce reliable data including tests of the system to determine
whether the system protects against potential causes of data defects

Risk Assessment Services – involves the study of the link between risks and organization’s
vision, mission, objectives and strategies and development of new and relevant measures to
address these risks.

CPA Performance View. This service is intended to demonstrate that the public accountants
can aide client firms in developing an integrated set of financial and non-financial performance
and measures to employ in managing the client’s business. It also identifies and measures
key activities that are critical to the entity.

Health Care Performance Measurement – involves the evaluation of the quality of health
care, medical services and outcome.
 Page 8 of 17

Non Assurance Engagements

1. Agreed-upon procedures – an engagement in which the auditor is engaged to carry out those
procedures of an audit nature to which the auditor and the entity and any appropriate third parties
have agreed and to report on factual findings. The recipients of the report must form their own
conclusions from the report issued by the auditor. The report is restricted to those parties who
have agreed to the procedures to be performed since others, unaware of the results may
misinterpret the results.

2. Compilation of financial or other information – an engagement in which the accountant is
engaged to use his accounting expertise as opposed to auditing expertise to collect, classify and
summarize financial information. This ordinarily entails “presenting in the form of financial
statements that is the representation of management (owners) without undertaking to express any
assurance engagements.” The procedures employed are not designed and do not enable the
accountant to express any assurance on the financial information. Users of the compiled financial
information derive some benefit as a result of the accountant’s involvement because the service
has been performed with due professional skill and care.

3. Preparation of tax returns where no conclusion is expressed, and tax consulting.

4. Management consulting and other advisory services – professional services that employ the
practitioner’s technical skills, education, observation, experiences and knowledge of the analytical
approach and procedures used in consulting engagement. Those procedures may involve
determining client objectives, fact-finding definition of problems or opportunities, evaluation of
alternatives, formulation of proposed action, and communication of results, implementation and
follow-up.

Management consulting and other advisory services
Design and installation of accounting system
Computer risk management
Corporate finance
Tax services
E-businesses
Disaster recovery planning

6. Assurance Engagement Risk

Assurance engagement risk is the risk that the practitioner expresses an inappropriate conclusion
when the subject matter information is materially misstated.

In a reasonable assurance engagement, the practitioner reduces assurance engagement risk to an
acceptably low level in the circumstances of the engagement to obtain reasonable assurance as the
basis for a positive form of expression of the practitioner’s conclusion. The level of assurance
engagement risk is higher in a limited assurance engagement than in a reasonable assurance
engagement because of the different nature, timing or extent of evidence-gathering procedures.

However, in a limited assurance engagement, the combination of the nature, timing and extent of
evidence gathering procedure is at least sufficient for the practitioner to obtain a meaningful level of
assurance as the basis for a negative form of expression. To be meaningful, the level of assurance
obtained by the practitioner is likely to enhance the intended users’ confidence about the subject
matter information to a degree that is clearly more than inconsequential.
 Page 9 of 17

In general, assurance engagement risk can be represented by the following components, although
not all of these components will necessarily be present or significant for all assurance engagements:

a) The risk that the subject matter information is materially misstated, which in turn consists of:
i) Inherent risk: the susceptibility of the subject matter information to a material
misstatement, assuming that there are no related controls; and

ii) Control risk: the risk that a material misstatement that could occur will not be prevented,
or detected and corrected, on a timely basis by related internal controls. When control
risk is relevant to the subject matter; some control risk will always exist because of the
inherent limitations of the design and operation of internal control; and

b) Detection risk: the risk that the practitioner will not detect a material misstatement that exists.

The degree to which the practitioner considers each of these components is affected by the
engagement circumstances, in particular by the nature of the subject matter and whether a
reasonable assurance or a limited assurance engagement is being performed.

C. Introduction to Auditing

Auditing is a systematic process of objectively obtaining and evaluating evidence regarding
selected assertions about economic actions and events to ascertain the degree of
correspondence between those assertions and established criteria and communicating the
results to interested users.

Key elements:

1. Systematic process – audits are structured activities
2. Objectivity – freedom from bias
3. Obtaining and evaluating evidence – allows the auditor to determine the support for assertions or
representations. The auditor must gather evidence that the client’s processes are working correctly,
the financial data are recorded and presented correctly and the financial statements as a whole are
fairly presented. The requirement is that the auditor is systematic and objective in obtaining and
evaluating evidence.
4. Assertions about economic actions and events – describes the subject matter of the audit. An
assertion is a positive statement about an action, event, condition, or performance over a specified
period of time.
5. Degree of correspondence between those assertions and established criteria – the purpose of the audit
is to determine conformity with some specified criteria. To have unbiased and clear communication,
criteria must exist whereby independent observers can assess whether or not such assertions are
appropriate. When management prepares financial statements, they assert those statements are fairly
presented with GAAP. Generally accepted accounting principles become the criteria by which “fairness”
of a financial statement presentation is judged. Other criteria exist for other types of audits.
6. Communicating the results – the results must be communicated to interested parties. Communication
of audit results to management and interested third parties completes the audit process. To minimize
understandings, this communication generally follows a prescribed format by clearly outlining the
nature of the work performed and the conclusions reached. Most audits result in audit reports that do
not contain any reservations about the fairness of the organization’s presentation of its financial
statements. This is referred to as an unqualified audit report.
 Page 10 of 17

The audit adds value if the auditor:
a. Has expertise in both obtaining and evaluating evidence regarding the financial statements and the
economic assertions embodied in the financial statements.

b. Is independent of management and the third-parties, and can thus provide an objective opinion
on the fairness of financial statements.

Origin of Auditing
The word “auditor” was initially derived from the Latin word audire that is “to hear” and later acquired a
secondary meaning: “one who satisfies himself as to the truth of the accounting of another.”

D. Audit Process Model

Phase I: Client Acceptance

Objective: Determine both acceptance of a client ant acceptance by a client.
Decide on acquiring a new client or continuation of relationship with an existing one and
the type and amount of staff required.

Procedures: a. Evaluate the client’s background and reasons for the audit.
b. Determine whether the auditor is able to meet the ethical requirements regarding the
client.
c. Determine need for other professionals or experts.
d. Communicate with predecessor auditor.
e. Prepare client proposal.
f. Select staff to perform audit.
g. Obtain an engagement letter.

Phase II: Planning the Audit

Objective: Determine the amount and type of evidence required to give the auditor assurance
that there is no material misstatement of the financial statements.

Procedures: a. Perform audit procedures to understand the entity and its environment
including the entity’s internal control.
b. Assess the risks of material misstatements of the financial statements.
c. Determine materiality.
d. Prepare the planning memorandum and audit program containing auditor’s
response to the identified risks.

Phase III: Testing and Evidence

Objective: Test for evidence supporting internal controls and the fairness of the financial
statements.

Procedures: a. Tests of controls.
b. Substantive tests of transactions.
c. Analytical procedures.
d. Tests of details of balances.
e. Search for unrecorded liabilities.
 Page 11 of 17

Phase IV: Evaluation and Reporting

Objective: Complete the audit procedures and issue audit opinion.

Procedures: a. Evaluate governance evidence.
b. Perform procedures to identify subsequent events.
c. Review financial statements and other report material.
d. Perform wrap-up procedures.
e. Prepare Matters for Attention of Partners.
f. Report to the board of directors.
g. Prepare audit report.

E. Overview of Risk – Based Audit

1. Perform risk assessment procedures (PSA 315 “Understanding the Entity and Its
Environment and Assessing the Risks of Material Misstatement”)

Perform audit procedures to understand the entity and its environment:
Industry, regulatory and other external factors including applicable financial reporting
framework
Nature of entity.
Objectives, strategies and related business risks.
Measurement and review of the entity’s financial performance.
Internal control.
2. Assess the risks of material misstatement. (PSA 315 “Understanding the Entity and Its
Environment and Assessing the Risks of Material Misstatement”)

Assess the risks of material misstatement at the financial statement level and assertion level by:
Identifying risks through understanding the entity and its environment, including internal
control , classes of transactions, account balances disclosures.
Relating the identified risks to what can go wrong at the assertion level.
Considering the significant risks and likelihood of the risks.

3. Respond to assessed risks (PSA 330 “The Auditor’s Procedures in Response to Assessed
Risks”)

Respond to the risks at the financial statement level and assertion level by
Developing overall responses to the assessed risks at the financial statement level; and
Determining the nature, timing and extent of further audit procedures at the assertion level.

4. Perform further audit procedures. (PSA 330 “The Auditor’s Procedures in Response to
Assessed Risks”)

Perform further audit procedures that are clearly linked to risks at the assertion level by
Performing tests of the operating effectiveness of controls.
Performing substantive procedures.

5. Evaluate audit evidence obtained. (PSA 330 “The Auditor’s Procedures in Response to
Assessed Risks”)

Evaluate whether sufficient and appropriate evidence has been obtained.
 Page 12 of 17

F. PSA 200 Revised and Redrafted, “Overall Objectives of the Independent Auditor
and the Conduct of an Audit in Accordance with PSAs”

This sets out the overall objective of the independent auditor, and explains the nature and scope of an
audit designed to enable the independent auditor to meet those objectives.

The general purpose of an audit is to enhance the credibility of the financial statements, thus ensuring the
user of the financial statements can make reasonable, informed decisions about an entity. This is achieved
by the expression of an opinion by the auditor on whether the information contained within the financial
statements is presented fairly, in all material respects, in accordance with applicable financial reporting
framework. Auditors who follow the PSAs and the ethical guidelines will be able to form an opinion
provided evidence is available to support their opinion. If the evidence is lacking, the auditor will not able
to form an opinion and should modify their report accordingly.

Overall Objectives of the Auditor

In conducting an audit of financial statements, the overall objectives of the auditor are:

a. To obtain reasonable assurance about whether the financial statements as a whole are free from
material misstatement, whether due to fraud or error, thereby enabling the auditor to express an
opinion on whether the financial statements are prepared, in all material respects, in accordance with
an applicable financial reporting framework,
b. To report on the financial statements, and communicate as required by the PSAs, in accordance with
the auditor’s findings.

Applicable Financial Reporting Framework

- The financial reporting framework adopted by management and, where appropriate, those charged
with governance in the preparation and presentation of the financial statements that is acceptable in
view of the nature of the entity and the objective of the financial statements, or that is required by law
or regulation.

“Fair presentation framework” is used to refer to a financial reporting framework that requires
compliance with the requirements of the framework and
1. Acknowledges explicitly or implicitly that, to achieve fair presentation of the financial statements,
it may be necessary for management to provide disclosures beyond those specifically required by
the framework.
2. Acknowledges explicitly that it may be necessary for management to depart from a requirement of
the framework to achieve fair presentation of the financial statements. Such departures are
expected to be necessary only in extreme rare circumstances.

“Compliance framework” is used to refer to a financial reporting framework that requires
compliance with the requirements of the framework, but does not contain the acknowledgements in 1
or 2 above.

Scope of an Independent Audit

The term “scope of the audit” refers to the audit procedures deemed necessary in the circumstances to
achieve the objective of the audit. The procedures required to conduct an audit in accordance with PSAs
should be determined by the auditor having regard to the requirements of PSAs, relevant professional
bodies, legislation, regulations and where appropriate, the terms of the audit engagement and reporting
requirements.
 Page 13 of 17

G. Other Types of Audits

1. Government audit – determination of whether government funds are being handled properly and in
compliance with existing laws and whether the programs are being conducted efficiently and
economically.

Scope of Government Audit

▪ Financial and compliance audit – determines whether financial operations are properly conducted,
the financial reports of an audited entity are presented fairly, and the entity has complied with
applicable laws and regulations.
▪ Economy and efficiency audit – determines whether the entity is managing and utilizing its
resources economically and efficiently, the causes of inefficiencies or uneconomical practices and
whether the entity has complied with laws and regulations concerning matters of economy and
efficiency.
▪ Programs results – determines if the desired results and benefits are being achieved, if the
objectives established by the legislative or other authorizing body are being met and if the agency
has considered alternatives which might yield results at a lower cost.

The Commission on Audit is recognized as the Supreme Audit Institution in the Republic of the
Philippines.

Three Main Divisions of State Audit (based on 1984 Primer on Government and Auditing in
the Philippines)
a. Compliance Audit - examination, audit, and settlement in accordance with laws and regulations.
b. Financial Audit – audit of the accounting, and financial system and controls to ensure reliability of
recorded financial data. The objective of this audit is the expression of an opinion on the fairness
with which the financial condition and results of operation are presented
c. Performance audit – objective examination of the financial and operational performance of an
organization, program, activity or function and is oriented towards opportunities for greater
economy, efficiency and effectiveness.

Two forms of performance audit
1. Management audit (economy and efficiency audit) – appraisal of management performance from
a least cost point of view and the analysis of relationship between benefits attained and cost
incurred.
2. Program results audit (effectiveness audit) – evaluation of program results vis-à-vis management
goals and objectives.

2. Internal audit – an independent, objective assurance and consulting activity designed to add value
and improve an organization’s operations. It helps an organization to accomplish its objectives by
bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk
management, control and governance processes.

a. Management audit - future-oriented, independent, systematic evaluation of the activities of all
levels of management performed by internal auditor for the purpose of improving the organizational
profitability and increasing attainment of other organizational objectives.

b. Operational audit – future-oriented, independent, systematic evaluation performed by internal
auditor for management of the operational activities controlled by top, middle and lower-level
management for the purpose of improving organizational profitability and increasing attainment of
other organizational objectives.
 Page 14 of 17

c. Financial audit – historically oriented, independent evaluation performed by the internal auditor for
the purpose of ensuring the fairness, accuracy, and reliability of the financial data.

3. Comprehensive audit – usually includes the components of compliance, performance and financial
statements audit.

4. Integrated audit - covers financial statements audit and internal control audit.

5. Environmental audit – covers environmental issues which may have an impact on the financial
statements.

6. Compliance audit- is used to determine whether a person or entity has adhered to laws and
regulations. Results of compliance audits are generally reported to a specific user within the
organization.

7. Forensic audit (Fraud Audit) – refers to the examination of evidence regarding an assertion to
determine its correspondence to established criteria carried out in a manner suitable to the court.

H. Types of Auditors

1. External (independent) auditors – public accountants, both individuals and firms, who perform audit,
tax, consulting and other types of services for external clients.
2. Internal auditors – perform services for a single organization for which they are employed on a full-
time basis, typically reporting to the board of directors who are the primary users of their work.
3. Government auditors – are full-time employees of the government tasked to determine compliance
with laws, statutes, policies and procedures.
4. Forensic auditors – financial auditing specialists who focus on unearthing the truth and/or providing
evidence in a legal/financial disputes and/or irregularities (including fraud), as well as providing
preventive advice on the subject.

I. Limitations Of Audit

1. The use of testing or sampling risk
2. Error in application of judgment or non-sampling risk
3. Reliance on management’s representations
4. Inherent limitations of the client’s accounting and internal control systems.
5. Nature of evidence. (Audit evidence is generally persuasive rather than conclusive in nature).

J. General Principles Governing The Audit of Financial Statements

a. The auditor should comply with the “Code of Professional Ethics for Certified Public Accountants”
promulgated by the Board of Accountancy.
Part A of the Code sets out the fundamental ethical principles that all professional accountants are
required to observe, including:
1. Integrity;
2. Objectivity;
3. Professional competence and due care;
4. Confidentiality; and
5. Professional Behavior.
 Page 15 of 17

b. The auditor should conduct an audit in accordance with Philippine Standards on Auditing.

c. The auditor should plan and perform the audit with an attitude of professional skepticism
recognizing that circumstances may exist which may cause the financial statements to be materially
misstated.

K. Why Financial Statements Are Audited

1. There is a potential conflict between those who prepare information (management) and those who use
information (owners, creditors, investors and regulators). This potential conflict can result in biased
information.
2. Information can have substantial economic consequences for a decision maker. (Financial
Consequences)
3. Expertise is often required for preparing and verifying information.
4. Users of information frequently are prevented from directly assessing the quality of information.
(Remoteness)
5. Voluminous data.

L. How Information Risk May Be Reduced

1. Allow the users to verify information.
2. Users share information risk with management.
3. Have the financial statements audited.

M. Elements of the Theoretical Framework of Auditing

1. The data to be audited can be verified.
2. Short-term conflicts may exist between managers who prepare data and auditors who examine the
data.
3. Auditors must have independence and freedom from managerial constraint.
4. Effective internal control system reduces the possibility of errors and fraud affecting the financial
statements.
5. Consistent application of generally accepted accounting principles (GAAP) or financial reporting
standards results in fair presentation of financial statements.
6. What was held true in the past will continue to hold true in the future in the absence of known
conditions to the contrary.
7. An audit benefits the public.

N. The Philosophy of an Audit and Notion of Accountability, Stewardship and Agency

The philosophical theories that explain the demand for auditing and support the performance of an
independent audit are as follows: (a) stewardship or agency theory, (2) motivational theory, (3) information
theory, and (4) insurance theory.

1. Stewardship or Agency Theory – Stewardship or agency theory implies that the manager (as well
as the owners or investors) wants the credibility of an audit adds to the financial statement
assertions. The manager is the agent or steward of the owners or investors, but each party acts in
his or her own self-interest and the goals or objectives of each party are different.
2. Motivational Theory - Preparers of financial statements know that their assertions will be subjected
to an audit; thus, financial statements will be brought more in line with accounting standards.
3. Information Theory – An assurance service is a means of improving the quality of information.
4. Insurance Theory – The insurance theory states the demand for assurance occurs from those who
may suffer loss when things go wrong.
 Page 16 of 17

O. Characteristics Which Make Accounting And Auditing A Profession

1. Systematic body of theory
2. Professional authority
3. Community sanction
4. Regulative code
5. Culture

P. Ranks Within An Accounting Firm

1. Partner
- Concerned about the overall quality of each audit and ultimately responsible for the resolution of
technical matters, such as application of accounting principles or which auditing
procedures are to be performed. An audit partner signs the audit report and is generally
involved in maintaining client relationships, planning audits and evaluating the audit findings.

2. Manager/Supervisor
- Administers important aspects of audit engagements, scheduling the audit work to be done with
client personnel, assigning work to audit staff, supervising audit staff and reviewing staff work.

3. In Charge (Senior) Auditor
- Works under the direction of audit managers and assist in the administration of audit. He
participates in the audit planning and provide supervision to staff auditors.

4. Junior or staff assistant
- Performs various audit procedures that relate to a variety of aspects of a client’s activities and
gathers audit evidence to use as a basis for the audit reports

Q. Factors That Influence The Setting Of Audit Fees - (Fair Reflection Of The Value
Of Work)

1. Risks involved.
2. Complexity.
3. Time and volume involved.
4. Responsibility involved.
5. Conditions of accounting records and supporting documents.
6. Cooperation to be extended by the client’s staff.

R. Methods Of Setting-Up The Audit Fee

1. Per Diem or hourly rate basis.
- Billing is done on the basis of actual time spent by the staff multiplied by the hourly rates
agreed upon.

2. Flat fee basis (Lump-sum).
- Client is billed a flat but all-inclusive pre-arranged amount for the entire engagement.

3. Maximum fee basis
- Similar to per diem or hourly rate but a maximum limit is imposed by the agreement between the
client and the auditing firm).
 Page 17 of 17

4. Retainer fee basis
- Uniform monthly retainer fee and an additional amount as annual charge upon submission of the
audit report).

S. Organization of CPA Firms

1. Sole Proprietorships.
2. Partnerships.

Sycip, Gorres, Velayo & Co. Ernst & Young
Isla Lipana & Associates PriceWaterhouse Coopers
R. G. Manabat. KPMG
Punongbayan, Araullo & Co. Grant Thornton
Navarro Amper & Co. Deloitte Touche Tohmatsu
Roxas Cruz Tagle & Co. Moore
Reyes Tacandong & Co. RSM

T. Core Values

These are the essential and enduring beliefs that a CPA professional upholds over time. These enable the
CPAs to retain their unique character and value as they embrace the changing dynamics of the global
economy.

1. Integrity
2. Competence
3. Lifelong Learning
4. Objectivity
5. Commitment to Excellence
6. Relevance in the Global Marketplace

U. Core Competencies

These are the unique combination of human skills, knowledge and technology that provides value and
results to users.

1. Communication Skills
2. Leadership Skills
3. Critical Thinking and Problem – Solving Skills
4. Anticipating and Serving Evolving Needs
5. Synthesizing Intelligence to Insight
6. Integration and Collaboration

************