AUD Study Guide PDF 2024

Study Guide – AUD (2024) Mnemonics List A1 – Audit Reports M1: Professional Standards Audits Statements on Auditing Standards (SAS) ○ Used...

Study Guide – AUD (2024) Mnemonics List A1 – Audit Reports M1: Professional Standards Audits Statements on Auditing Standards (SAS) ○ Used for nonissuers (private companies) ○ Set by AICPA Auditing Standards Board (ASB) PCAOB Auditing Standards (AS) ○ Used for issuers (public companies) ○ Set by the Public Company Accounting Oversight Board (PCAOB) Generally Accepted Government Auditing Standards (GAGAS) ○ Used for government organizations ○ Set by Governmental Accountability Office (GAO) Other Engagements Statements on Standards for Attestation Engagements (SSAE) ○ Provide guidance for attestation engagements ○ Set by AICPA ○ Applies to examinations, reviews, or assertions on a third party subject matter Statements on Standards for Accounting and Review Services (SSARS) ○ Provide guidance for unaudited services and information for nonissuers (private companies) ○ Set by AICPA Accounting and Review Services Committee ○ Applies to preparation/review of financial statements or forecasts for private companies Guidelines Code of Professional Conduct ○ Provides guidelines to the members of the AICPA for behavior in the conduct of their business. ○ Also provides assurance to the public that the profession maintains high standards. Statements on Quality Control Standards (SQCS) ○ Provides guidance to CPA firms about policies and procedures designed to ensure the firm complies with professional standards and regulatory requirements. GAAS Hierarchy 1. AICPA SAS (nonissuers/private) and PCAOB AS (issuers/public) Most authoritative Auditor should use professional judgment Specific language is used to clarify the auditors level of responsibility: ○ “Must” or “Required” = Unconditional statement; auditor MUST do this. ○ “Should” = Presumptively mandatory requirement; must be able to justify departure and document in writing. ○ “May,” “might,” and “could” = Not an imposed requirement; only a recommendation 2. Interpretive Publications Page 1 of 302 Recommendations for how auditing standards should be applied, but not considered to be auditing standards. Auditing interpretations of SAS and PCAOB AS, collectively known as GAAS. AICPA Audit and Accounting Guides Auditing Statements of Position (SOP) 3. Other Auditing Publications Not authoritative, but may be helpful. Journal of Accountancy Professional Journals Textbooks CPE courses Notes from MCQs ○ Page 2 of 302 M2: Audit Engagements The Audit Process 1. Engagement Acceptance 2. Assess Risk and Plan Response 3. Perform Procedures and Obtain Evidence 4. Form Conclusions 5. Reporting Purpose of an Audit ○ To provide financial statement users with an opinion on whether the statements are presented fairly, in all material aspects, in accordance with the applicable reporting framework (such as GAAP). ○ Auditors reports give credibility to financial statements. Management Responsibilities ○ Preparing financial statements in accordance with their applicable framework. ○ Designing, implementation, and maintaining internal controls. Auditors Responsibilities ○ Expressing an opinion on the financial statements ○ Maintaining professional skepticism ○ Complying with ethical requirements ○ Exercising professional judgment ○ Obtaining sufficient and appropriate evidence ○ Complying with GAAS Maintaining Professional Skepticism ○ Professional skepticism is having a questioning mind. Trust, but verify. ○ Be alert for: Evidence that contradicts other evidence Information that calls into question the reliability of documents Possible fraud Need for additional audit procedures Evidence that may impact initial risk assessment ○ Professional skepticism may be hard to meet due to unconscious human bias, such as developing inappropriate levels of trust or confidence in management. Complying with Ethical Requirements ○ Auditors should meet ethical requirements, such as being independent in both fact and appearance. Exercising Professional Judgment ○ Audits often require interpretation of both ethics and GAAS, as well as other informed decisions. ○ Professional judgment may be necessary for materiality, risk, drawing conclusions, etc. Obtaining Sufficient and Appropriate Evidence ○ Reduces risk to an acceptable low level. ○ Enables the auditor to draw reasonable conclusions and form an opinion. Complying with GAAS ○ GAAS provides a set of guidelines and principles for planning, performing, and reporting on audit engagements. Page 3 of 302 ○ In certain audit engagements, auditors may conduct audits with both GAAS as well as some other form of standards. Reasonable Assurance and Inherent Limitations of an Audit ○ In order to express an opinion, auditors obtain reasonable assurance that financial statements are free from material misstatement, whether from error or fraud. ○ Reasonable assurance is a high, but not absolute, level of assurance. ○ In order to obtain reasonable assurance, the auditor must: 1. Plan the work and properly supervise any assistants 2. Determine and apply the appropriate level of materiality levels 3. Identify and assess risks of material misstatement, whether due to error or fraud; and 4. Obtain sufficient appropriate audit evidence ○ Absolute assurance is unable to be obtained due to limitations such as: The nature of reporting (subjective decisions, such as allowance for accounts receivable) The nature of audit procedures (management may not provide complete information) Timeliness of financial reporting and balance of cost and benefit. Nature and Scope of the Engagement ○ Auditors may be hired to perform an audit for a single period or multiple periods. ○ An audit may be on the complete financial statements, a single financial statement, or specific elements, accounts, or items on a financial statement. ○ Nonissuers have a choice of either: A financial statement audit only, OR An integrated audit (two opinions are rendered) Audit of both the financial statements, as well as the effectiveness of internal controls. ○ Issuers must have auditors perform integrated audits, where two opinions are rendered. Objectives of the Financial Statement Audit ○ To obtain reasonable assurance about whether the statements as a whole are free from material misstatement, whether from error or fraud, which enables auditors to express their opinions. ○ To report on the financial statements and communicate as required by GAAS based on their findings. Objectives of the Audit of Internal Controls over Financial Reporting ○ Required for issuers; optional for nonissuers. ○ To express an opinion on the effectiveness of the company’s internal controls over financial reporting. ○ To obtain reasonable assurance about whether material weaknesses exist as of the date specified in management's assessment. ○ If an audit of internal control is done, an audit over the financial statements must also be done. Objectives of the ERISA Plan Financial Statements Audit ○ Audits of Defined Benefit Plans (Employee Retirement Income Security Act of 1974) ○ To form an opinion on the ERISA plan financial statements based on evidence obtained. ○ To express a clear opinion on the plan through a written report. ○ To appropriately communicate to management and those charged with governance the auditors findings. Page 4 of 302 M3: Forming an Audit Opinion Considerations when Forming an Audit Opinion ○ Sufficient appropriate audit evidence was obtained as required by GAAS. Nonissuer - SAS Issuer - PCAOB AS ○ Financial statements are fairly presented, in all material respects, in accordance with the applicable framework, such as GAAP. ○ The selected framework provides guidance on how transactions and events should be recorded. For example, a building account should be reported at cost - accumulated depreciation if using GAAP. Appropriate disclosures and policies should also be present. Types of Opinions Unmodified (Nonissuers) and Unqualified (Issuers) ○ Best opinion possible ○ States that financial statements are presented fairly, in all material respects, in accordance with the applicable financial reporting framework. ○ Issued when sufficient appropriate audit evidence is obtained, no material misstatements are present, and the applicable framework is followed. Modified Opinions ○ Auditors are unable to obtain sufficient appropriate audit evidence to express opinions (audit issues), OR ○ Auditors conclude that financial statements are materially misstated (financial statement issues). For example, inaccurate numbers or missing disclosures. ○ Qualified Opinion (financial statement issues) Financial statements contain misstatements. Material, but NOT pervasive. Not the best, but not the worst opinion. For example, the client reports the building at fair value, and deny’s correcting the report. ○ Qualified Opinion (audit issues) Auditors are unable to gather sufficient appropriate audit evidence. Material, but NOT pervasive. Not the best, but not the worst opinion. ○ Disclaimer of Opinion Auditors are unable to gather sufficient appropriate audit evidence. Therefore, auditors deny offering an opinion. Material AND pervasive. Worst opinion (audit issues) ○ Adverse Opinion Financial statements contain misstatements. Material AND pervasive. Worst opinion (financial statement issues) Page 5 of 302 ○ ○ Pervasive ○ Have far-reaching effects across several accounts, or ○ If specific to only one account, it: Represents a significant portion of the financial statements, or Has issues with disclosures that are fundamental to the users’ understanding. Notes from MCQs ○ Emphasis-of-matter, other-matter, and explanatory paragraphs are used by auditors to add additional communications to the auditor’s report without changing the auditor’s opinion. Nonissuers = emphasis-of-matter and other-matter Issuers = explanatory M4: Unmodified (Unqualified) Opinion Nonissuers - Unmodified Unmodified opinions (nonissuers) Page 6 of 302 ○ Sufficient appropriate audit evidence has been obtained and ○ Financial statements are fairly presented with respect to the applicable framework. Required sections (“OBRA”) ○ Opinion (First section) ○ Basis for Opinion (Second section) ○ Responsibilities of Management for the Financial Statements (Anywhere after second section) ○ Auditor's Responsibilities for the Audit of the Financial Statements (Anywhere after second section) Opinion includes: ○ Name of client. ○ Statement that the financials have been audited. ○ Title of each financial statement and reference to the notes. ○ Dates or periods covered by the financials. ○ A statement that the financials are presented fairly in accordance with the applicable framework. ○ Identification of the applicable framework, and the country of origin (such as GAAP). Basis for opinion includes: ○ Statement that the audit was conducted with GAAS, and the country of origin (such as the US). ○ Reference to the auditor’s responsibilities section of the report. ○ Statement that the auditor is required to be independent and meet ethical standards. ○ Statement as to whether the auditor believes that the evidence obtained is sufficient and appropriate. Responsibilities of Management for the Financial Statements ○ Explanation that management is responsible for preparation of financial statements. ○ Statement that management is responsible for internal controls. ○ When required, evaluation of whether there are conditions that raise substantial doubt on going concern. ○ Reference the framework used (such as GAAP) Auditor's Responsibilities for the Audit of the Financial Statements ○ Statement that the objectives of the auditor are to gain reasonable assurance, issue a report and give an opinion. ○ Statement about what reasonable assurance is. ○ Statement that not detecting fraud is a higher risk than not detecting errors (collusion, forgery, etc.). ○ Statement on what considers a misstatement to be material. ○ Description of auditor’s responsibilities to: Exercise professional judgment Identify and assess risks Obtain an understanding of internal controls Evaluate appropriateness of policies used and overall presentation of financials Conclude whether there are conditions that raise substantial doubt as a going concern (GAAS requires) ○ Statement that the auditor is required to communicate findings with those charged with governance. ○ Examine on a test basis. ○ Reference the use of GAAS throughout. Other reporting structures: ○ Title - clearly indicate that it is an independent report (“Independent Auditor’s Report”) ○ Addressee - addressed to those charged with governance (typically NOT management) ○ Signature of the auditor’s firm Page 7 of 302 ○ City and State where the auditor’s report is issued ○ Date of the auditor’s report - the date the auditor had obtained sufficient appropriate audit evidence Audits in accordance with two sets of standards ○ For example, auditing a governmental entity will require the use of both GAAS and GAGAS. ○ Done if auditors are engaged by a client to do so. ○ Both auditing standards are referenced in the Basis for Opinion and Auditor’s Responsibilities sections. Audits in accordance with GAAS and PCAOB standards ○ If the auditor follows PCAOB standards when not required, the auditor must: Follow GAAS standards in addition to PCAOB Use the report required by the PCAOB Amend the PCAOB (issuer) report to state the audit was also done with GAAS Key Audit Matters (KAMs) Section ○ Optional section. ○ Added when the client requests auditors to do so. ○ Provides visibility into the more complex areas or areas that require judgment in the audit. ○ KAMs are selected from the matters communicated to those with governance. ○ When deciding KAMs, auditors consider: Areas with higher assess risk Areas requiring significant judgment Significant events or transactions ○ KAMs section can be added anywhere after the second section (Basis for Opinion). ○ Must include the heading “Key Audit Matters”. ○ Must include the definition of what key audit matters are. ○ Order of KAMs listed is a judgment decision. ○ KAMs should NOT include matters giving rise to: A qualified opinion (this will be referenced in the Basis for Opinion section). Substantial doubt existing about an entity's ability to continue as a going concern. ○ KAMs are PROHIBITED from being communicated for adverse and disclaimer opinions. Issuers - Unqualified Unqualified opinions (issuers) ○ Sufficient appropriate audit evidence has been obtained and ○ Financial statements are fairly presented with respect to the applicable framework. Required sections ○ Opinion on the Financial Statements (First section) ○ Basis for Opinion (Second section) ○ Critical Audit Matters (Anywhere after second section) Opinion on the financial statements includes: ○ Name of client ○ Statement identifying each financial and any related schedules ○ Dates or periods covered by financials ○ Statement indicating that an audit occurred Page 8 of 302 ○ Statement about if the financials are presented fairly and follow the applicable framework (opinion) ○ Reference GAAP Basis for Opinion includes: ○ Statement that financials are responsibility of management. ○ Statement that auditors responsibility is to express an opinion. ○ Statement that the auditor is registered with the PCAOB in the U.S. and is required to be independent. ○ Statement that audit was conducted with standards of PCAOB. ○ Statement that standards require reasonable assurance to be obtained. ○ Statement that the audit included: Assessing risk Examining, on a test basis, evidence regarding amounts and disclosures Evaluating accounting principles and significant estimates Evaluating overall presentation of financials ○ Statement that the auditor believes a reasonable basis for their opinion. Critical Audit Matters: ○ Appears when an unqualified or qualified opinion is rendered. ○ CAMs provide more visibility into the more challenging areas of the audit. ○ To be considered a critical audit matter, ALL three criteria must be met: 1. Matter that was communicated or required to be communicated to the audit committee. 2. Relate to accounts or disclosures material to the financial statements. 3. Involve challenging, subjective, or complex auditor judgment. ○ Identification of CAMs (“IPAD”) Identify each CAM in the report Describe the principal considerations that led to considering it a CAM Describe how the CAM was addressed Refer to the relevant financial statement accounts and disclosures ○ If no CAMs were identified, auditors should still give the definition of a CAM, and state that there were no CAMs determined. ○ CAMs are omitted when a disclaimer or adverse opinion is given. Other reporting structures: ○ Title - must include the title “Report on Independent Registered Public Accounting Firm” ○ Addressee - must be addressed to the shareholders and board of directors ○ Signature of the auditor’s firm ○ Tenure - statement containing the year in which the auditor began serving as the auditor ○ City and State from which the report was issued ○ Report date - on or after the date sufficient appropriate audit evidence has been obtained. Points to Remember ○ The auditor’s opinion appears before the basic financial statements and footnote disclosures. ○ Opinion section is the first section that appears in both nonissuer and issuer reports. ○ Nonissuers GAAP referenced in Opinion and Management Responsibilities sections Page 9 of 302 GAAS referenced in Basis for Opinion and Auditor’s Responsibilities sections ○ Issuers GAAP referenced in Opinion section GAAS referenced in Basis for Opinion section Reporting for smaller reporting companies vs larger companies ○ Unless indicated otherwise, issuers are generally large or accelerated filers. ○ Large accelerated and accelerated filers are required to have an integrated audit (two opinions). Fairness of financial statements Operating effectiveness of internal control ○ Smaller reporting companies (less than $100 million in annual revenue) are only required to have one opinion. Fairness of financial statements ○ Basis for Opinion section is updated to state: The company is not required to have nor was asked to perform an audit over its internal controls. The auditor is required to gain an understanding of internal controls, but is not stating an opinion on them. Form AP (Audit Participants) ○ The auditor of an issuer must file form AP with the PCAOB for each audit issued: By the 35th day after the audit report is filed with the SEC. If the audit report is included with a registration statement, this form must be filed within 10 days. ○ Include details such as: Name of firm Name of issuer Date of audit report End date of financial statements Name of engagement partner Participation of other audit firms ○ Optional inclusions: Engagement partner’s full name, and/or Statements that the auditor is responsible for the audits and did their work in accordance with PCAOB standards. In addition, the auditor should include total audit hours the other audit firm participated in. Notes from MCQs ○ Consistency is implicitly stated, and will be addressed in an emphasis-of-matter paragraph if there are inconsistency issues. Page 10 of 302 M5: Modified Opinions Due to Financial Statement Issues Modified opinion (financial statement issues) ○ The auditor is able to gather sufficient appropriate audit evidence, but finds a material misstatement. ○ Qualified = Material but NOT pervasive. ○ Adverse = Material AND pervasive. ○ Financial Statement Issues ○ Not following selected framework (such as GAAP) Ex) Client should have capitalized leases, but they didn’t. Exception - Client departs from GAAP, but the auditor agrees with the departure because the financials would have been misleading had GAAP been followed. An unmodified or unqualified opinion could be given here. (Rare occurrence) ○ Inappropriate accounting principles Ex) Client does not want to consolidate financials even though they control 50% of another entity. ○ Unreasonable estimates ○ Providing inadequate disclosures Ex) Client is not willing to include disclosures in financial statements. ○ Incorrect numbers Ex) Client purchased $10,000 of furniture on account, but only wants to recognize a $1,000 liability. ○ No reasonable justification for a change in accounting principle. Ex) Client changes from FIFO to LIFO without providing a valid reason. ○ Client presents its financial position and results but omits the statement of cash flows. This would result in a qualified opinion. Complete set of financial statements include: Balance sheet Statement of Income (or comprehensive income) Statement of changes in equity Cash flow statement Disclosures (aka footnotes) This would be acceptable IF the client asks for only one financial to be given an opinion on. Page 11 of 302 ○ Nonissuer report changes for Qualified opinions ○ Opinion → Qualified Opinion Opinion sentence adds the wording: “Except for… as described in the Basis for Qualified opinion section…” ○ Basis for Opinion → Basis for Qualified Opinion Add paragraph describing departure from framework and quantify effects (if possible) following the opinion section. Sufficient appropriate audit evidence for “qualified” opinion should be claimed. ○ All other elements are the same as unmodified. Nonissuer report changes for Adverse opinions ○ Opinion → Adverse Opinion “Because of the significance of the matter discussed in the Basis for Adverse Opinion section of the report….. do not present fairly….” ○ Basis for Opinion → Basis for Adverse Opinion Add paragraph describing departure from framework and quantify effects (if possible) following the opinion section. Sufficient appropriate audit evidence for “adverse” opinion should be claimed. ○ Key Audit Matters section is OMITTED. ○ All other elements are the same as unmodified. Issuer report changes for Qualified opinions ○ No heading changes for qualified opinions. Headings are consistent with unqualified opinions, Headings change for disclaimer opinions (audit issues). ○ Opinion on the Financial Statements section “Except for… as discussed in the following paragraph…” Add paragraph describing departure from framework and quantify effects (if possible). Page 12 of 302 ○ All other elements are the same as unqualified. Issuer report changes for Adverse opinions ○ No heading changes for qualified opinions. Headings are consistent with unqualified opinions, Headings change for disclaimer opinions (audit issues). ○ Opinion on the Financial Statements section “Because of… discussed in the following paragraph, the financial statements do not present fairly…” Add paragraph describing departure from framework and quantify effects (if possible). ○ Critical Audit Matters section is OMITTED. ○ All other elements are the same as unqualified. Notes from MCQs ○ Page 13 of 302 M6: Modified Opinions Due to Audit Issues Modified opinion (audit issues) ○ The auditor is unable to gather sufficient appropriate audit evidence. ○ Qualified = Material but NOT pervasive. ○ Disclaimer = Material AND pervasive. ○ Audit Issues (scope limitations) ○ Time constraints ○ Inability to obtain sufficient appropriate evidence such as: Observing inventory Confirm receivables Obtain audited financial statements of a consolidated investee Restrictions on the use of auditing procedures Inadequacy of accounting records ○ Refusal of clients attorney to respond to an inquiry Scenarios that result in a disclaimer of opinion: ○ Auditor is not independent ○ Unaudited financial statements ○ Refusal of management to take responsibility for the fair presentation of financials in conformity with GAAP (may also withdraw rather than disclaim opinion). Causes of Audit Issues (scope limitations) ○ Circumstances beyond the control of the entity relating to the nature or timing of the auditors work. Ex) a fire The auditor should determine whether it is possible to perform alternative procedures. ○ Management-imposed limitations Ex) management not giving evidence that was asked for, or not allowing auditors to speak to someone. Auditor should ask management to remove the limitation If management does not remove the limitation, communicate with those charged with governance to see if they can remove the limitation, or determine if there are alternative procedures to perform. If the possible effect from the scope limitation is both material and pervasive, either disclaim an opinion or withdraw from the engagement. Unaudited Financial Statements ○ Financial statement association occurs when an accountant either: Consents to the use of their name in connection with the financial statements, or Page 14 of 302 Has prepared the financial statements, even if the accountant's name is not used. ○ When the auditor is not independent but is required to report on the financial statements, the auditor should disclaim an opinion and should specifically state that they are not independent. All reasons for lack of independence should be stated, if chosen to provide those reasons. ○ Requirements for a disclaimer on unaudited financial statements: Accountant must read the financial statements for obvious errors. “Unaudited” should be clearly marked on each page of the financial statements. The disclaimer may accompany the unaudited financial statements, or it may be placed directly on them. Nonissuer report changes for Qualified opinions ○ Opinion → Qualified Opinion Opinion sentence adds the wording: “Except for the possible effects of the matter as described in the Basis for Qualified Opinion section…” Do NOT refer to the scope limitations in the opinion sentence, the limitations will be addressed in the basis section. ○ Basis for Opinion → Basis for Qualified Opinion Add in a paragraph explaining the reasons for inability to obtain evidence. Sufficient appropriate audit evidence for “qualified” opinion should be claimed. ○ All other elements are the same as unmodified. Nonissuer report changes for Disclaimer opinions ○ Opinion → Disclaimer of Opinion State that auditors were only “engaged to” audit X company (company was not audited). Opinion sentence is omitted as an opinion is NOT being given. “Do not express an opinion… because of significance of matters described in Basis for Disclaimer of Opinion section, not able to obtain sufficient appropriate audit evidence.” ○ Basis for Opinion → Basis for Disclaimer of Opinion Add in a paragraph explaining reasons for inability to obtain evidence. Removed from section: Referral to auditors responsibilities section. Sufficient appropriate audit evidence for opinion (cannot gather). ○ Auditor’s Responsibilities section Removed from section: Reasonable assurance claim Identify and assess risk of material misstatement claim Examine on a test basis claim Understand internal control claim Evaluating policies, estimates, overall presentation, and going concern claim(s) ○ If engaged to report on Key Audit Matters, KAMs section is OMITTED. Page 15 of 302 ○ Issuer report changes for Qualified opinions ○ No heading changes for qualified opinions. Headings are consistent with unqualified opinions, Headings change for disclaimer opinions (audit issues). ○ Opinion on the Financial Statements section “Except for the effects of the adjustments, if any, … as described below” Focus on potential adjustments in this sentence, do not focus on scope limitations. Add paragraph explaining reasons for inability to obtain evidence. Describe scope limitations here. ○ Basis for Opinion “Except as discussed above” Issuer report changes for Disclaimer opinions ○ Opinion on the Financial Statements → Disclaimer of Opinion on the Financial Statements State that auditors were only “engaged to” audit X company (company was not audited). Opinion sentence is altered/removed. “As described in the following paragraph, because… not able to obtain sufficient appropriate audit evidence… do not express an opinion.” Add paragraph explaining reasons for inability to obtain evidence. ○ Basis for Opinion → Basis for Disclaimer of Opinion Only included in section: Management is responsible for financial statements claim. Registered with PCAOB and independent claim(s). ○ Critical Audit Matters section is OMITTED. Page 16 of 302 ○ Summary of each report changes (nonissuer vs issuer; misstatement vs scope limitation) ○ Page 17 of 302 ○ ○ Page 18 of 302 ○ Notes from MCQs ○ M7: Emphasis-of-Matter, Other-Matter, and Explanatory Paragraphs Emphasis-of-Matter Paragraphs Definition ○ Used when referring to a matter that is appropriately presented or disclosed in the financial statements and is fundamental to the users’ understanding of the financials. ○ For a nonissuer (private company), this paragraph is included in the report when required by GAAS, or at the auditor’s discretion. Reporting Requirements ○ Use the heading “Emphasis-of-Matter” or other appropriate heading. Required to use “Emphasis-of-Matter” if KAMs are reported on. ○ Describe the matter being emphasized and the location of the relevant disclosures from the financials. Ex) As discussed in note 5…. there was a fire in ABC company… ○ Indicate that the auditor’s opinion is not modified with respect to the matter. Required Uses (“CAP”) ○ Consistency (Lack of) To describe a justified change in accounting principle with material effects. To describe a change in reporting entity that results in financial statements, in effect, that are of a different entity. ○ Audit opinion change Subsequently discovered facts lead to a change in an audit opinion. ○ Purpose - special purpose frameworks Page 19 of 302 The financial statements are prepared with a special purpose framework. Optional Uses ○ The extent to which the group engagement team is involved in the work of the component auditor. ○ The uncertainty related to the outcome of unusually important litigation or regulatory action. Typically, uncertainties that are properly accounted for are NOT added as paragraphs, however if the uncertainty is “unusually important,” then an emphasis-of-matter may be added. ○ A major catastrophe having significant effects on the financial position. ○ Significant related party transactions. ○ Unusually important subsequent events. ○ Conditions raising substantial doubt as a going concern exist but have been alleviated by plans and disclosed. Not appropriate for use to describe any matter already identified as a key audit matter. Other-Matter Paragraphs Definition ○ Used when referring to matters other than those that are presented or disclosed in the financials. ○ Matters are relevant to: Users’ understanding of the audit Auditor’s responsibilities Audit report ○ Included in the auditor’s report when required by GAAS or at the auditor’s discretion. Reporting Requirements ○ An “other-matter” or other appropriate heading is used. Required Uses ○ Restrict Use Alert in audit that restricts use for certain individuals. Ex) Report on compliance included in the auditor's report on the financial statements. Financial statements prepared using contractual or regulatory basis of accounting (except when intended for general use). ○ Subsequently discovered facts that lead to a change in opinion ○ Comparative financial statements and: Prior period financials were audited by another firm and the audit report is not reissued. Current period financials are presented in comparative form with prior period financials that were compiled or reviewed, or in comparative form with prior period financials that were not reviewed. Not appropriate for use to describe any matter already identified as a key audit matter. Page 20 of 302 Explanatory Paragraphs Definition ○ Used for Issuers (public companies). ○ Used to explain certain matters without modifying the opinion. ○ Included in the report when required by PCAOB auditing standards or at the auditor’s discretion. Reporting Requirements ○ Use an appropriate heading. ○ Describe the matter being emphasized and the location of relevant disclosures about the matter in the financial statements. ○ The location of the explanatory paragraph will generally follow the opinion paragraph in an unqualified report. Page 21 of 302 General Notes Lack of Consistency ○ Unless explicitly stated otherwise, the auditor’s report implies that the financial statements are comparable between periods (consistency). ○ Standard report does not explicitly state consistency, it’s implied. ○ Unless the auditor adds an emphasis-of-matter or explanatory paragraph, the user can assume consistency (no changes in accounting principles or adjustments to correct material misstatements from prior periods). ○ Examples: Use FIFO in Year 2 and Year 1 → Do not mention that years are consistent (it’s implied in the report). Adopt a new accounting principle in the current year → If justified, add emphasis-of-matter (nonissuer) or explanatory paragraph (issuer). Lack of Consistency (cont’d) ○ When evaluating the acceptability of an accounting change, auditors should consider: 1. The newly adopted principle is in accordance with the applicable reporting framework. 2. The method of accounting for the change is acceptable. 3. The disclosures related to the change are appropriate and adequate. 4. The entity has justified that the new principle is preferable. ○ Auditor is satisfied → Emphasis-of-matter (or explanatory) paragraph should be added. ○ Auditor is unsatisfied → If change results in material misstatement, opinion may need to be modified. Examples of Circumstances that Affect Consistency ○ The following situations require an emphasis-of-matter or explanatory paragraph. ○ A change in accounting estimate that is inseparable from a change in principle. Ex) A change in depreciation method. ○ Corrections of an error in accounting principle. Ex) Changing from cash method (non-GAAP) to the accrual method (GAAP). Page 22 of 302 ○ Correction of a material misstatement in previously issued financial statements. ○ A change in reporting entity that results in financial statements that are, in effect, those of a different reporting entity. ○ If an entity’s financial statements include a significant investment accounted for using the equity method, the auditor’s evaluation of consistency should include consideration of the investee. If the investee makes a change in accounting principle that is material to the investing entity, that change should be described in an emphasis-of-matter or explanatory paragraph. Effects of an Acceptable Change on the Auditor’s Report ○ Immaterial → No revision to the report is necessary. ○ Material → Add emphasis-of-matter or explanatory paragraph. ○ This paragraph should: Describe the change in principle and reference the entity’s disclosure. Be included in the auditor’s report in the period of change in principle and all subsequent periods until the new principle is applied to all periods presented. Notes from MCQs ○ M8: Reporting With Different Opinions and Other Auditors Comparative financial statements are financial statements that present more than one year. ○ Audit reports indicate when comparative financial statements are present. ○ “as of December 31, 20X1 and 20X0…” ○ Therefore, only this phrase as well as the date of the auditor's report can be changed from year to year. Reporting with different opinions ○ Auditors must let users know what happened in all financial statement years presented. ○ You cannot simply ignore a prior period if it's presented. ○ The auditor’s opinion may differ with respect to different periods. Ex) Prior year may be unmodified while current year is qualified. ○ Complete financial statements as well as individual financial statements may have differing opinions, even within the same year. 20X2 complete financial statements = Unmodified. 20X1 Balance sheet = Unmodified. 20X1 Income statement, changes in stockholders' equity, and cash flows = Disclaimer. ○ Example as to why a balance sheet may be unmodified while the other statements are disclaimers: Auditor was engaged after the beginning of the year and last year is unaudited. In essence, the auditor is facing a scope limitation as the beginning balances may not be discernible. For instance, if the auditor cannot count beginning inventory, then COGS may be unobtainable. This example would be relevant for “period of time” financials, such as those that got disclaimers. “Point in time” financials, such as the balance sheet, are up to date at that point in time. Updating (changing) prior opinions ○ If a modified opinion is given in Year 1, but changes are made to fix the issue in Year 2, the auditor should update their opinion to unmodified (unqualified) for Year 1 and Page 23 of 302 ○ Add an emphasis-of-matter or other-matter or explanatory paragraph to the audit report. Updating (changing) opinion format (only “DORCS” change their mind) (disclose these in paragraph) ○ Date of the auditor’s previous report ○ Opinion type previously issued ○ Reason for the prior opinion ○ Changes that have occurred ○ Statement that the ”opinion… is different” Reporting with Predecessor Auditors ○ When prior year financials were audited by another auditor, two situations can occur: 1. Prior auditor’s report is presented 2. Prior auditor’s report is not presented. ○ Report of predecessor auditor presented Prior year’s auditor’s report is reissued. In doing this, previous auditor should: Read the statements for the current period. Compare the audited statements with the current period statements. Obtain a letter from the current auditor asking if they had discovered any changes that would have material effects on the prior periods financial statements (Letter of Representation). Obtain a letter from management asking if there are any previous management representations that have changed or whether any subsequent events occurred that require disclosure for the prior period financial statements (Letter of Representation). After determining whether previous financial statements are still appropriate as issued, the predecessor auditor should date the report as appropriate: Unrevised → Use original report date when reissuing previous report. Revised → Dual date is used in the event that the predecessor auditor revises the report. ○ Report of predecessor auditor is NOT reissued When the current auditor does not present the predecessor auditors report, the current auditor should express an opinion on the current period financials only and indicate in an other-matter or explanatory paragraph: That the financial statements of the prior period were audited by the predecessor auditor. The type of opinion expressed by the predecessor auditor, and the reason for any modifications to the opinion, if applicable. The nature of any emphasis-of-matter, other-matter, or explanatory paragraph included in the predecessor’s report. The date of the predecessor auditor’s report. ○ Prior period financial statements reviewed or compiled When the current period financial statements were reviewed or compiled and the report of the prior period is not reissued, an other-matter or explanatory paragraph should be added and include: The service (review or compilation) performed in the prior period Page 24 of 302 The date of the prior period report A description of any material modifications described in the report A statement that the service was less in scope than an audit and does not provide the basis for expressing an opinion (review). A statement that no opinion or other form of assurance is expressed (compilation). Other reporting considerations ○ If the prior period financial statements were not audited, reviewed, or compiled, the auditor should include an other-matter or explanatory paragraph stating that the auditor did not audit, review, or compile the prior period statements and that the auditor assumes no responsibility for them. ○ When unaudited financial statements are presented with audited financial statements in comparative form, the unaudited financials should be clearly marked as “unaudited.” ○ If unaudited financials are presented in comparative form with audited financials in documents filed with the SEC, such statements should be marked “unaudited,” but should not be referred to in the auditor's report. Reporting on Audits of Group Financial Statements ○ Definitions Group Engagement Partner (AICPA) or Principal Auditor (PCAOB) → the partner or other person who is responsible for the engagement and auditor’s report. Group Financial Statements → financial statements from all components included (i.e. subsidiaries). Group Engagement Team → includes the engagement partner, other partners, and staff who establish audit strategy, communicate with component auditors, perform work, etc. Component → an entity of business activity that prepares financial information included in the group financial statements (such as a subsidiary) Component Auditor → an auditor who performs work on the financial information of a component that will be used as evidence in the group audit. An auditor may elect to audit the entire consolidated financial statements and choose NOT to hire another auditor to audit the components. Page 25 of 302 ○ Component Auditor Group engagement team must understand the following for each component auditor: Whether they are independent and will comply with all relevant ethical requirements; Their professional competence; and Their reputation If the component auditor is not independent or the group engagement team has serious concerns about any of the matters listed above, the group engagement team should NOT use the work on the component auditor or make reference to the component auditor in the auditor’s report. ○ The group engagement team will determine: The extent to which the engagement team will be involved in the work of the component auditor. Components that are significant or insignificant. Significant = will need to be audited. Insignificant = analytical procedures only. The group auditor mainly focuses on the components that can impact the consolidated financial statements, as that is where most of the auditor’s effort is spent. ○ When the group engagement team relies on the work on a component auditor, there are two options: 1. Group engagement team takes full responsibility for the audit of the component. Do not reference the component auditor. 2. Group engagement team and component audit divide responsibility. Reference the component auditor. ○ Option 1: Assume full responsibility No reference to the component auditor should be made in the auditor’s report. Treat component auditor like staff when assuming responsibility. In this case, group engagement team is responsible for: Determining the type of work to be performed on the financial information of the components. Reviewing component auditors work. ○ Option 2: Divide responsibility Reference the component auditor in the auditor’s report. In this situation, the group engagement team is not assuming responsibility for the component auditor’s work. The component auditor will provide their audit report to the group. Component auditor must follow GAAS, and PCAOB AS if required, report should be unrestricted. Group engagement partner will determine the appropriate opinion based on the group engagement audit and the audit report given by the component auditor. Even when responsibility is divided, component auditors' independence, ethics, and reputation should still be evaluated. ○ Referencing the component auditors Nonissuers → reference only occurs in the Opinion section. Issuers → reference occurs in both the Opinion and Basis for Opinion sections. Magnitude of the portion of the financial statements audited by the component auditor should be given in the opinion sections. Page 26 of 302 Ex) “...statements reflect total assets and revenues constituting 20 percent and 22 percent…” Typically, component auditors are only referred to as “other auditors” when they are referenced. Notes from MCQs ○ M9: Subsequent Events A subsequent event is an event or transaction that occurs after the balance sheet date but before the financial statements are issued or available to be issued. ○ Balance sheet date → December 31, 20X1 ○ Issued financial statements → February 15, 20X2 ○ Subsequent events are the events that occur between December 31 and February 15. Two categories of subsequent events: 1. Recognized subsequent event 2. Nonrecognized subsequent event ○ Management needs to figure out which category the event falls under. ○ This is based on when the underlying event occurred. Recognized subsequent event ○ Events that provide additional information about conditions that existed at the balance sheet date. ○ Underlying event existed at or before the balance sheet date. ○ Adjust records and disclosure required. ○ These events will often relate to estimated accounts. ○ Adjusting and disclosing these events ensures financial statements are best represented for the period. ○ Example scenario (litigation): The company is already facing litigation on or before December 31. The original amount recorded was $150,000 (probable and estimable loss). On February 5, the company settled the litigation for $200,000. Therefore, the litigation recorded will be adjusted and disclosed to show the true amount. The financial statements issued on February 15 will now reflect this event. ○ Example scenario (uncollectible receivables): A customer notifies your company that the customer is going bankrupt on January 15. Because the company already had receivables/uncollectibles recorded before December 15, this is a recognized subsequent event. The financials will be updated and the event will be disclosed for the February 15 issuance. Nonrecognized subsequent event ○ Events that provide information about conditions that occurred after the balance sheet date. ○ Underlying event occurred after the balance sheet date. ○ Disclosure only (NO adjustments). ○ Examples: Sale of capital stock Business combination Settlement of litigation that arose AFTER the balance sheet date Page 27 of 302 Natural disaster that resulted in loss of building or inventory ○ Example scenario: Balance sheet date → December 31, 20X1 Fire occurs → January 5, 20X2 This event occurred after the balance sheet date, so only disclosure should be considered for Feb. 15 issuance. Management's Responsibility for Subsequent Events ○ Subsequent events should be evaluated through either: The date the financial statements are issued or widely distributed (issuers). The date the financial statements are available to be issued or in a form and format that complies with GAAP and all approvals for issuance have been obtained (nonissuers). ○ When an entity reissues or revises financial statements, the entity generally should NOT recognize subsequent events that occurred between the date the financial statements were issued or available to be issued. Auditor’s Responsibility for Subsequent Events ○ Understand and evaluate subsequent events (“PRIME”) Post Balance Sheet Transactions Changes in stock or long-term debt after year end. Representation Letter → obtain a letter from management asking if any events occurred during the subsequent event period that requires adjustment or disclosure. Inquiry → inquire the client’s legal counsel and management about whether any subsequent events have occurred. Status of litigation, new commitments, unusual transactions, etc. Minutes → obtain and review the minutes of stockholders, directors, and other committee meetings during the subsequent period. Examine → examine the most recent interim financial statements and compare them with financials under audit. ○ The auditor has an active responsibility to evaluate subsequent events during the period between the date of the financial statements and the date of the auditor’s report. Balance sheet date → December 31, 20X1 Auditor’s report date → February 10, 20X2 Auditor is responsible for subsequent event evaluation from December 31 until February 10. PRIME procedures through this date. ○ Auditor responsibility AFTER the original auditor’s report date occurs if: Auditor’s report is included in an exempt offering document and the auditor is involved. Date extended through the distribution, circulation, or submission of the document. Auditor’s report is included in a registration statement. Date extended through the date of or shortly before the date of the registration statement. Auditor Action - After Report Issuance Page 28 of 302 ○ If more material information becomes available after an auditor report has been issued, the auditor will indeed to: Investigate if the information is reliable. If it existed at the report date and would have affected the auditor’s report. ○ Key terms to look for when an auditor needs to investigate after report date: “Information existed at the report date” or “New information that existed for the year under audit” ○ Auditor is not responsible for information that did not exist at the report date. Ex) litigation that settles after the report date. ○ If the auditor determines that this information is something the auditor should have known about when the report was issued, the auditor should: Determine if there are individuals relying on, or likely to rely on, the financial statements. Discuss the matter with management or those charged with governance. Advise the client to immediately disclose the new information and its impact on the financials. Disclosure can be done by: Advising the client to reissue revised financial statements along with a new audit report, and describe reasons for revision; Advising the client to make necessary disclosures and revision to any financials; or If effect cannot be determined on a timely basis, provide notification that the financials and auditor’s report should not be relied upon. ○ If adjustments or disclosures are made by the client after the original auditor’s report date, the auditor will need to perform additional procedures. As a result, the auditor may either: ○ If a client refuses to take action to address materially affected information, the auditor should notify each member of the board of directors. ○ If even the board of directors does not take action, perform the following (“DAR them to fix it”): Disassociate → notify the client that the auditor’s report must no longer be used for their financials. Alert agencies → notify any applicable regulatory agencies that the auditor’s report should no longer be relied on. Relying parties → notify persons known to or likely to be relying on the financials that the auditor’s report should no longer be relied upon. Notes from MCQs ○ Page 29 of 302 M10: Other Information and Supplementary Information Other Information Definition ○ Financial or nonfinancial information (other than the statements and the auditor’s report) included in the annual report. ○ Not required by a standard setter. Examples of other information include: ○ A report by management or those charged with governance ○ Financial summaries or highlights ○ Employment data ○ Financial raptors ○ Selected quarterly data Other information does NOT include: ○ Press releases or cover letters accompanying the document containing the audited financial statements and auditor’s report. ○ Information contained in analyst briefings. ○ Information contained on the entity's website. Auditor’s responsibilities for other information: ○ Read the other information. ○ Consider any material inconsistencies between the other information and the audited financial statements. If other information shows $20mill in revenue, but audited financials show $5mill, there are issues. In this scenario, determine if the financials or other information needs to be revised. Auditor should request management to correct the material inconsistency. Material inconsistencies: Auditor’s action ○ Upon identification of material inconsistencies between the audited financial statements and the other information, the auditors actions depends on what information requires revision: Audited financials need to be revised, but management refuses → auditor should modify opinion. Other information needs to be revised, but management refuses → communicate to those charged with governance and: Consider the implications for the auditor’s report; Withhold the use of the report; or Withdraw from the engagement and consult with legal counsel. Material misstatement of fact: Auditor’s action ○ Other information may include a misstatement that is unrelated to the financial statement data. Ex) Other information states a company introduced two new products, when this isn't true. ○ If the auditor becomes aware of a material misstatement of fact, do the following: Discuss the matter with management If management refuses to take corrective action, request that management consult with legal counsel. If after consultation with the third party, and the auditor still believes there is a misstatement, notify those charged with governance. ○ Because opinions relate to the fairness of the basic financial statements, companies may still get unmodified/unqualified opinions even if there are material misstatements of fact in other information. Reporting other information ○ Nonissuer → Report in a separate section (location not specified). Page 30 of 302 ○ Issuer → Required when issues with information reported (typically located after opinion paragraph). Not required to include an explanatory paragraph when other information is included in a document with the auditor’s report. However, the auditor may choose to include an explanatory paragraph within the auditor’s report disclaiming an opinion on the other information. ○ Heading should be “Other Information [Included in the Annual Report]” ○ Auditor’s responsibilities over other information should be stated in the paragraph. Supplementary Information Definition ○ Information presented outside of the basic financial statements that may be presented in a document containing the audited financial statements or separate from the financial statements. ○ An auditor may be engaged to provide an opinion on this type of information. ○ The auditor is not providing an opinion on information unrelated to the financial statements. ○ The auditor has two objectives: 1. To evaluate the presentation of the supplementary information as a whole. 2. To provide an opinion on whether the supplementary information is fairly stated in all material respects in relation to the financial statements. Audit procedures ○ The auditor should perform the following using the same materiality level used for financial audit: Inquire management regarding the purpose of supplementary information and its preparation. Obtain an understanding of the methods used and changes of methods. Inquire regarding any significant assumptions. Compare and reconcile the information to the audited financial statements and underlying accounting records. Evaluate completeness and appropriateness. Determine whether the form and content complies with applicable criteria. Obtain written representations from management regarding the information. Reporting for Nonissuers ○ May be presented in either a: Separate section in the auditor’s report with the heading “Supplementary Information” OR Separate report ○ Regardless of method of reporting, the supplementary information paragraph should include: Identify supplemental information; Describe procedures performed; and Provide the opinion. ○ If a material misstatement is present, and management refuses to revise the supplementary information: Modify the opinion on the information (qualified or adverse) and describe the misstatement. If a separate report is being issued, withhold the report. ○ Effects of Modifications to the Audit Report on the FInancial Statements: Page 31 of 302 Reporting for Issuers ○ Unless prescribed by regulatory requirements, supplementary information may be presented in either a: Explanatory paragraph in the auditor’s report on the financial statements, OR Separate report ○ Regardless of method of reporting, the supplementary information paragraph should include: Identify supplemental information; Describe procedures performed; and Provide the opinion. ○ If a material misstatement is present, the auditor should: Describe the misstatement in the auditor’s report on the supplemental information; and Express a qualified or adverse opinion on the supplemental information. ○ Effects of Modifications to the Audit Report on the FInancial Statements: Required Supplementary Information Definition ○ Information that a designated account standard setter (e.g., GASB, SEC) requires to accompany the basic financial statements. ○ Generally, the opinion on the basic financial statements does NOT cover the required supplementary information. ○ The auditor’s responsibility for required supplementary information is to perform limited procedures on the information. Nonissuers Page 32 of 302 ○ The auditor of a nonissuer should add a separate section to the auditor’s report with the heading “Required Supplementary Information” to explain the following, as applicable: No issues → The required supplementary information is included, and the auditor has applied the required procedures. Issues: All or some of the required supplementary information is omitted; Some required supplementary information is missing and some is presented; The auditor has identified material departures from the guidelines; The auditor is not able to complete the required procedures or there are unresolved doubts; The separate section should state that the required supplementary information is the responsibility of management, and the auditor does NOT express an opinion on such information. ○ For nonissuers, whenever required supplementary information is required to be presented, a separate section is added to the audit report, regardless of whether there are issues or not with the information. Issuers ○ PCAOB standards do not require the auditor to add an explanatory paragraph to the audited financial statements or refer to the required supplementary information unless one of the following is applicable: The required information is omitted; There are material departures from the guidelines; The auditor is unable to complete prescribed procedures; There are unresolved doubts about conformance of required supplementary information. ○ Essentially, there needs to be an issue with the required supplementary information. Multiple-Choice Tips Notes from MCQs ○ Page 33 of 302 M11: Special Purpose Frameworks Auditors evaluate financial statements based on the framework selected by management, such as GAAP. Nonissuers can prepare their financial statements using special purpose frameworks. Special purpose frameworks are financial reporting frameworks other than GAAP, such as the following: ○ Cash Basis → Used to record cash receipts and disbursements ○ Tax Basis → Used to file income tax returns ○ Regulatory Basis → Used to comply with the requirements of regulatory agencies in certain jurisdictions ○ Contractual Basis → Used to comply with an agreement between an entity and third party ○ Other Basis → Used to define a set of logical, reasonable criteria that is applied to material items ○ Description of purpose → goes in the management’s responsibilities section. Differences from standard auditor’s reports ○ Non-GAAP financial statement titles should be used for special purpose frameworks. Instead of “Balance Sheet” → “Balance Sheet-Cash Basis” Instead of “Income Statement” → “Statement of Income-Regulatory Basis” Etc… ○ When management has a choice of financial reporting framework, the management's responsibility section should make reference to its responsibility for determining the framework as acceptable. ○ If required, the report should include an emphasis-of-matter paragraph that: Indicates that the financial statements were prepared in accordance with the applicable framework. Refers to the note in the financial statements that describes the framework. States that the framework is a basis of accounting other than GAAP. States that the financial statements may not be suitable for any purpose other than the stated purpose (when the purpose is required to be described). ○ If required, the report should include an other-matter paragraph that restricts the use: Page 34 of 302 “Our report is intended solely for the use of the board of directors and management…” “... should not be used by anyone other than these specific parties…” ○ If the auditor is required by law or regulation to use a specific layout, form, or wording, the auditor’s report should only refer to GAAS if the report includes all the minimum report requirements of GAAS. If the layout, form, or wording is not acceptable, the auditor should reword the form or attach a correctly worded separate report. ○ Examples of all these differences are given in the lecture/textbook. Notes from MCQs ○ Special purpose frameworks may also be known as “other comprehensive basis of accounting (OCBOA)”. ○ Financial statements prepared under a special framework with unacceptable statement titles will require a qualified opinion with a basis for modification paragraph. A2 – Engagement Quality and Acceptance, Planning, and Internal Control M1: Engagement Acceptance and Terms Management ○ Represents the individual or group of individuals that are responsible for the conduct of the entity’s operations. Those Charged with Governance ○ Refers to those who bear responsibility to oversee the obligations and strategic direction of an entity, including the financial reporting process. ○ On the exam, this often refers to the “board of directors” or the “audit committee” ○ However it may also refer to: Members of the entity’s legal structure, such as company directors. External parties, such as government agencies. Purpose of the Audit Committee ○ Made up of three to five “outside directors” (not employees of the company) OR ○ Directors that are not employees and have no material financial interest in the company. ○ The use of an audit committee tends to strengthen the public’s trust in the independence of the auditor. Functions of the Audit Committee ○ The main function of the audit committee is to enhance internal control by creating direct communication between the “outside directors” (audit committee) and the auditor. ○ The audit committee typically: Selects and appoints the auditor and sets the audit fee. Assures the auditor is independent. Reviews the nature, details, and scope of the audit engagement. Page 35 of 302 Reviews the quality of the auditors work. Ensures recommendations made by the auditor are given attention. Maintains lines of communication between the auditors and the board of directors. Helps to resolve disputes between management and auditors in regards to accounting treatments. Evaluates the internal control environment, along with the auditor. Makes reports to the board and the stockholders, when necessary. Communication with the Audit Committee ○ Auditors should have appropriate access to the audit committee periodically. ○ Auditors should meet with the audit committee without management present at least once per year. Timing of Auditor Appointment ○ Although early appointment of an auditor allows the auditor to plan a more efficient auditor, an auditor is permitted to accept an engagement near or after year-end. ○ The auditors should consider whether late appointment will post limitations, such as: A qualified opinion or disclaimer of opinion; and Discussion of such concerns with the client. Client Acceptance and Continuance ○ Before acceptance, the auditor should assess the following: The firm’s ability to meet reporting deadlines The firm’s ability to staff the engagement with personnel The firm’s independence from the client The integrity of the client’s management Whether the group engagement team will be able to obtain sufficient appropriate audit evidence Preconditions for an Audit ○ Auditors should determine whether the financial reporting framework used is acceptable. ○ Auditor should obtain agreement from management regarding their responsibilities for: The preparation of the financial statements; and The design, implementation, and maintenance of internal controls. Providing the auditor with access to ALL information relevant to the financial statements and unrestricted access to all persons necessary to obtain evidence. ○ The auditor should not accept an engagement if management or those charged with governance impose a scope limitation. Ex) lack of accounting records. If the entity is required by law or regulation to have an audit, a disclaimer of opinion is acceptable, and the auditor is permitted to accept the engagement, but not required. If a management-imposed scope limitation will result in a qualified opinion, or if the limitation is beyond management's control (such as a fire destroyed documents), the auditor can accept the client. Engagement Letter (example given in lecture/textbook) ○ The auditor and those charged with governance should agree to the terms of the engagement in writing. ○ The letter should be signed and dated by the client and included in the auditor’s documentation. Page 36 of 302 ○ The letter should include the following elements: Addressee Objective and Scope of the Audit Responsibility of the Auditor Responsibility of Management Other relevant information (optional) Timing of the audit Arrangements with the prior auditor Expectations that management will provide the representation letter Agreement of management to make all relevant information available in a timely manner Use of specialists or internal auditors Reporting Signature ○ MCQ Tips Engagement letter may include some information related to overall audit strategy. Ex) Timing of testing or Involvement of specialist of testing Engagement letter does NOT typically include information about specific audit procedures. Ex) Performing analytical procedures or Sending out confirmations ERISA Plan Financial Statements Audit ○ Audits over items such as 401(k) plans, retirement plans, etc. ○ Apply all SAS, except those that don’t apply + SAS: Forming an Opinion and Reporting on Financial Statements of Employee Benefit Plans Subject to ERISA ERISA Audits - Management Responsibilities ○ Auditor should obtain the agreement from management that they are responsible for: Maintaining a current plan instrument, including all plan amendments. Administering the plan and determining that the plan’s transactions are in conformity with the plans provisions, including records with respect to each participant to determine benefits due/become due. ○ ERISA Section 103(a)(3)(C) audit, determine whether: This type of audit is permissible under the circumstances; The investment information is prepared and certified by a qualified institution; The certification meets the requirements of the Department of Labor’s rules and regulations; and The certified investment information is appropriately measured, presented, and disclosed in accordance with the applicable framework. ERISA Audits - Auditor Responsibilities ○ Auditor should obtain agreement with management or those with governance to: Provide the auditor, prior to the dating of the auditor’s report, a draft of Form 5500 that is substantially complete, including: The certification meets the requirements of the Department of Labor’s rules and regulations; and The forms and schedules that should have a material effect, both qualitative and quantitative, on the information in the financials and ERISA-required supplemental schedules. ○ When management elects to have an ERISA Section 103(a)(3)(C) audit, auditors should: Page 37 of 302 Inquire management about how management determined that the entity preparing and certifying the information is a qualified institution. ○ Previous audit standards required an auditor to issue a disclaimer when limited-scoped. ○ Under SAS 136, limited-scope audits will now be referred to as “ERISA Section 103(a)(3)(C)” and are no longer considered a scope limitation, but rather permits the auditor to issue a form of unmodified opinion. ○ When the auditor’s report on ERISA plan financial statements, whether management elects to have a Section 103(a)(3)(C) audit or not, and the opinion is adverse or disclaimer, the auditor cannot express an opinion on the supplemental schedules. When permitted by law or regulation, the auditor may withdraw from the engagement to report on the ERISA-required supplemental schedules. If the auditor does not withdraw, the audit report should be modified accordingly. (Reporting on ERISA audits is a less likely test area) Recurring Auditors ○ Issuers → Auditors must agree to the terms of the audit with the audit committee in an engagement letter. Letter should be provided annually. ○ Nonissuers → If no revision is necessary, auditors should remind management of the terms. If there are changes to the terms, the auditor should obtain a signed engagement letter. Initial Audits ○ An engagement in which the financial statements from the prior period were either unaudited or audited by another audit firm. ○ Before acceptance: Auditor must obtain the potential client’s permission to make inquiries with the predecessor auditor. If permission is not given, the auditor should consider why and whether to accept the engagement. ○ Questions to ask the predecessor auditor: (Exam favorite area, know these) Management integrity; Disagreements with management; Reasons for the change in auditor; Any fraud, noncompliance, and internal control matters related communications; and Nature of entity’s relationships and transactions with related parties and significant unusual transactions. Change in Engagement ○ Occurs when a client wants to change from an audit to a review or compilation. Review → require less procedures than an audit. Compilation → require less procedures than a review. ○ Auditor’s concern may be “is the client trying to hide something?” ○ Before agreeing to the change, auditor’s should consider: Effort required to complete the engagement (is the audit already almost complete?); The estimated additional cost to complete the engagement; and The reason for the request, especially when scope limitations are present. ○ Acceptable reasons for a change include: Changes in client requirements (the bank loaning to client no longer requires an audit); or Page 38 of 302 Misunderstanding as to the nature of the service to be rendered. ○ If the reason for change is justified, the auditor must comply with the standards for a compilation or review and issue the appropriate report. ○ The report should not refer to the original engagement, procedures performed, or any scope limitation. ○ Unacceptable reasons for change include: The engagement would uncover errors or fraud; or The client is attempting to create misleading or deceptive financial statements. The client refused to allow correspondence with legal counsel (scope-related) The client refuses to provide a signed representation letter (scope-related) Notes from MCQs ○ A review of the predecessor auditor’s working papers (audit documentation) is appropriate and customary to facilitate the auditor’s work (it can help navigate the current period). ○ Those charged with governance do not choose the procedures done in an audit, that is up to the auditors. ○ Inquiry of the predecessor auditor is a required pre-acceptance procedure (must get consent from client). ○ If a predecessor auditor refuses to give the new auditor access to documentation, the new auditor should review the risk assessment of the opening balances of the financial statements. Page 39 of 302 M2: Engagement Quality Statements on Quality Control Standards ○ AICPA Code of Professional Conduct requires firms providing audits, attestation, and reviews to adopt a system of quality control. ○ Statements on Quality Control Standards are issued by the Auditing Standards Board to provide guidance. ○ Adopting a system of quality helps ensure policies and procedures are designed and implemented to ensure: Firm complies with professional standards (such as GAAS). Firm complies with legal and regulatory requirements Any report issued is appropriate. Elements of Audit and Assurance Engagement Quality (“HELPME”) ○ Human Resources Recruitment and Hiring → ensure appropriate capabilities and competency Assign personnel to engagement → consider continuity and period rotation of personnel Professional development → on-the-job training and continuing education Performance evaluation, compensating, and advancement (promotions) ○ Engagement/Client Acceptance and Continuance Policies should be in place to provide the firm with reasonable assurance that: There is minimal likelihood of association with a client whose management lacks integrity. The firm can reasonably expect to finish the engagementment. The firm can comply with all legal and ethical requirements, such as independence. ○ Leadership Responsibilities Firm leadership bears the ultimate responsibility for the firm’s quality control system. Leadership should establish a tone at the top that emphasizes quality. ○ Performance of the Engagement Ensure proper supervision and work is appropriately reviewed. Maintain confidentiality, safe custody, accessibility, retrievability, retention of engagement documents. Allows consultation with experts. Provides a means to resolve differences in opinion. Firms may develop and use standard audit forms/checklists/questionnaires. ○ Monitoring Helps provide reasonable assurance that the quality system is relevant, adequate, operating effectively, and complied with in practice. Involves ongoing evaluation of the design and effectiveness of the quality control system. Should be performed by qualified individuals and a partner should bear ultimate responsibility. “Wrap-up” or a second partner review who is not involved in the audit can do this review. Issuer → Required Nonissuer → Not required Peer review conducted under AICPA Standards Required every 3 years ○ Ethical Requirements Helps maintain public confidence by providing reasonable assurance, such as independence: At least annually, all firm staff should confirm independence in writing (paper or electronic form) Page 40 of 302 Performance of professional responsibilities with integrity and objectivity. Quality Control Policies and Procedures ○ The nature and extent of a firm’s quality control policies and procedures depends on: Size of firm; Organization structure of firm; Nature and complexity of firm’s practices; Degree of operating autonomy allowed its personnel and its individual offices; and Cost-benefit consideration. ○ Quality Control Standards vs. GAAS Failed or inadequate quality control system does NOT = Lack of compliance with GAAS. Ex) you can fail to have a peer review (failed monitoring), but still meet GAAS standards. Reviewing the Work of Others ○ All work performed on the audit should be reviewed by members of the engagement team senior to those who performed the work. ○ A review consists of whether: The work has been formed in accordance with standards and laws/regulations. Significant findings require further consideration. Appropriate consultations have taken place and been documented. The nature, timing, and extent of work is appropriate. The work performed supports the conclusions and is appropriately documented. Evidence obtained is sufficient and appropriate to support conclusions. Objectives of the engagement have been achieved. ○ Audit documentation should include: Who performed the work and the date it was completed. Who reviewed the audit documentation and the date of the review. Engagement Partner Review ○ Engagement partner should review the following significant findings or issues on a timely basis: Critical areas of judgment Significant risks (e.g. revenue recognition or management override of controls) Other areas based on professional judgment of the partner Page 41 of 302 Engagement Quality: Specific Considerations for Nonissuers ○ The auditor’s objective of implementing quality control procedures at the engagement level includes providing reasonable assurance that: The audit complies with professional standards and laws/regulations. The auditor issues a report that is appropriate. Engagement Partner Responsibilities - Nonissuers ○ Engagement partners are responsible for the overall quality of the engagement. ○ Engagement partners should: Remain alert for noncompliance with ethical requirements by engagement members. Engagement team members are independent. Be satisfied with the procedures regarding client acceptance and continuance. Be satisfied that the engagement team and external specialists have competence and capabilities. Take responsibility for direction, supervision, and performance of the engagement. Take responsibility for reviews being performed in accordance with the firm's policies and procedures. Be satisfied that sufficient appropriate evidence has been obtained. Engagement Quality Control Review - Nonissuers ○ Provides an objective evaluation of significant judgments made and conclusions reached. ○ If a quality control review is performed, it should be done before the audit report is released. ○ Performed only when required by firm policies and procedures. ○ Can be performed by a partner or other qualified individual, none of whom is part of the audit. ○ The reviewer must have sufficient and appropriate experience and authority to do the review. ○ The reviewer’s evaluation should include: Discussion of significant findings with the engagement partner. Reading the financial statements and proposed auditor report. Review audit documentation related to judgments and conclusions. Evaluation of conclusions reached in formulating the auditor’s report. Engagement Quality: Specific Considerations for Issuers ○ PCAOB standards require an engagement quality review and approval of audit report issuance. ○ An engagement quality review is performed by a partner who is not associated with the audit. ○ The reviewer must be competent, independent, objective, and act with integrity. ○ The reviewer is required to: Hold discussions with the engagement partner and team; and Review audit documentation to evaluate judgments made and overall conclusions reached. Engagement Quality Review (the reviewer should…) ○ Evaluate significant judgments related to items such as prior experience with clients, risks, and materiality. ○ Evaluate the engagement team’s assessment of and responses to risks. ○ Evaluate significant judgments about materiality, misstatements, and control deficiencies. ○ Review evaluation of firm’s independence in relation to the engagement. ○ Review the engagement completion document. Page 42 of 302 ○ Review the financial statements, management's report of internal control, and the engagement report. ○ Read other information to be filed with the SEC and determine whether action has been taken. ○ Evaluate consultations, documentation, and conclusions related to those. ○ Evaluate communications with management, audit committee, and regulatory bodies. ○ Evaluate whether engagement documentation indicates the team responded to risks appropriately. ○ Evaluate the engagement team's determination, communication, and documentation of critical matters. Concurring Approval of Issuance - Issuers ○ PCAOB standards require a concurring approval of issuance from the reviewer before a firm can give a client permission to use the audit report. ○ Approval can be given if there are NO significant engagement deficiencies, such as: The engagement team failed to obtain sufficient appropriate evidence. The team reached an inappropriate overall conclusion. The engagement report is not appropriate for the circumstances. The firm is not independent of the client. Notes from MCQs ○ An understanding between the auditor and the client generally includes the auditor’s responsibilities. Ex) the auditor is responsible for reporting any significant deficiencies in internal control to the audit committee (or those charged with governance). M3: Documentation Audit Documentation ○ Also referred to as “working papers” or “workpapers” ○ Principal record of audit procedures performed, evidence obtained, and conclusions reached. ○ Audit documentation should provide: Evidence of the auditor’s report and the conclusion about objectives of the auditor. Evidence that the audit was in accordance with GAAS and any other regulatory requirements. ○ Audit workpapers support the audit opinion, NOT the client’s financial statements. Audit Documentation Should: ○ Assist the engagement team in planning, conducting, and supervising the audit. ○ Show that accounting records reconcile with the financial statements and disclosures. ○ Be prepared with enough detail so that an experienced auditor with no connection to the audit can understand: The nature, extent, and timing of procedures performed; The results of the procedures performed, and evidence obtained; The significant findings or issues arising during the audit; and The conclusions reached, and judgments made to those conclusions. ○ Show who performed the work as well as the date of the work. Page 43 of 302 ○ Show who reviewed the work as well as the date of the review. ○ Include abstracts or copies of significant contracts or agreements. ○ Document discussions of findings or issues with management, those with governance, and others. ○ When possible, documentation should provide evidence that professional skepticism was maintained: Ex) when evidence is obtained that both contradicts and corroborates a management assertion, the auditor should document: How the evidence was evaluated; and Any professional judgments made when concluding the impact to the audit. (Full example shown in lecture) Retention and Completion ○ Report release date Date where auditor grants client permission to use auditor’s report. Often, this is the same date as the auditor’s report date or the date the report is delivered to client. Auditor should document the report release date. ○ Document retention Nonissuers → Retain for at least 5 years (after report release date) Issuers → Retain for at least 7 years (after report release date) ○ Documentation completion date Auditor is granted a certain window allowing them to assemble the final audit documentation file. The end of this window is referred to as the “documentation completion date.” This window isn’t meant to perform more procedures, but more like an organization period. Nonissuers → assemble within 60 days (after report release date) Issuers → assemble within 45 days (after report release date) After this date, existing documentation must not be deleted, and additions to the audit documentation must be documented as such. Nature and Extent of Audit Documentation ○ May be in: Paper form; Electronic form; or Other media ○ The specific quantity, type, and content of documentation are based on the auditor's judgment. ○ To determine these, the auditor should consider: Size and complexity of client; Risk of material misstatement; Significance of the evidence obtained; and Nature and extent of any exceptions identified. ○ Generally, audit documentation will consist of: A permanent or continuous audit file. A current file Page 44 of 302 Permanent (Continuous) File ○ Includes audit documentation that has a continuing interest from year to year. ○ Examples:

AUD Study Guide PDF 2024

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue