Manila * Cavite * Laguna * Cebu * Cagayan De Oro * Davao
Since 1977
AT.3403
Risk-based Financial Statements Audit
Process, Responsibilities and Objectives
LECTURE NOTES
The Risk-Based Audit Process
• In accordance with professional and ethical standards,
the auditor shall perform a quality audit. In achieving a
quality audit, the auditor shall conduct the audit with
the exercise professional judgment and maintain
professional skepticism throughout the planning and
performance of the audit and, among other things:
§ Identify and assess risks of material misstatement,
whether due to fraud or error, based on an
understanding of the entity and its environment,
including the entity’s internal control.
§ Obtain sufficient appropriate audit evidence about
whether material misstatements exist, through
designing and implementing appropriate responses
to the assessed risks.
§ Form an opinion on the financial statements based
on conclusions drawn from the audit evidence
obtained.
• The audit process, described above, is presented in the
following three audit phases:
1. Risk Assessment
2. Risk Response
3. Conclusion and Reporting
Phase 1—Risk Assessment
Client Acceptance and Continuance
• In this phase, the auditor makes a critical decision about
whether to accept an audit engagement of a new client
or to continue an audit of an existing client.
• In the case of initial audit, the auditor communicates
with the previous auditor to aid in making the said
decision. If the auditor determines that the client is
acceptable, the auditor agrees the terms of engagement
and documents the same in an Engagement Letter.
Planning and Assessing Risks
• To effectively (and efficiently) perform an audit, the
auditor should plan the audit. As part of this planning
process, the auditor obtains understanding of the entity
(client), its environment and its internal control. This
understanding serves as the very frame of reference
how the audit is conducted and upon which the auditor
exercises professional judgment and maintains
professional skepticism.
• The auditor also, in this phase, determines materiality
applicable to the financial statements, identifies
material accounts and disclosures in the financial
statements, and assesses the risks of material
misstatement at both the overall financial statements
level and assertion level.
• The auditor then uses the results of this phase as a basis
when designing and performing responses in the next
phase to obtain sufficient appropriate audit evidence.
Page 1 of 5 www.teamprtc.com.ph
SOLIMAN/UY/AGUILA
MAY 2023
Phase 2—Risk Response
• Once the risks of material misstatement of financial
statements have been identified and assessed, the
auditor then designs and implements appropriate
responses to those risks in order to obtain sufficient
appropriate audit evidence about the assessed risks of
material misstatement to reduce audit risk to an
acceptably low level.
• The auditor’s responses include overall responses and
further audit procedures to address risks at the financial
statement level and assertion level, respectively. This
phase is the main audit evidence gathering and
evaluation.
Phase 3—Conclusion and Reporting
• This phase of the audit demands careful and thorough
review of the auditor. The judgments made during this
phase of the audit are often crucial to the ultimate
outcome of the engagement. The procedures covered in
this stage of audit often bring to light matters that are
of major concern in forming an opinion on the financial
statements.
• After the planned audit procedures have been
performed, an evaluation of the results will take place.
The auditor shall:
1. Form an opinion on the financial statements based
on an evaluation of the conclusions drawn from the
audit evidence obtained; and
2. Express clearly that opinion through a written report
that also describes the basis for the opinion.
• The auditor’s report shall be in writing (hard copy
format or an electronic medium). That report contains
the following opinions depending on the outcome of
engagement:
a. Unmodified (Unqualified or Clean) opinion—The
opinion expressed when the financial statements
are prepared, in all material respects, in
accordance with the applicable financial reporting
framework.
b. Modified opinion—The three types of are:
1. Qualified opinion—The auditor is satisfied that
the financial statements are presented fairly,
except for a specific aspect of them.
2. Adverse opinion—The auditor does not
believe the financial statements are fairly
presented.
3. Disclaimer of opinion—The auditor does not
know if the financial statements are
presented fairly.
AT.3403
TEAM PRTC
Responsibilities of Management and Auditor
Responsibilities of Management
The management and those charge with governance of
entity of the company have the following responsibilities:
a. Preparation and presentation of financial statements in
accordance with the applicable financial reporting
framework.
b. Design, establishment and maintenance of internal
control relevant to the preparation of reliable financial
reports that are free from material misstatements
whether due to fraud or error.
In addition, the management of an entity is also responsible
to provide the auditor all information relevant to the conduct
of an audit of financial statements, as well as to provide
unrestricted access to persons within the entity from whom
the auditor intends to obtain sufficient and appropriate
evidence.
Responsibilities of the Auditor
The overall objectives of an auditor in an audit of financial
statements are
a. To obtain a reasonable assurance whether the financial
statements are free from material misstatements
whether due to fraud or error as a basis to express an
opinion as to fairness of the financial statements, in all
material respects, in accordance with the applicable
financial reporting framework; and
b. To report on the financial statements.
Objectives of an Audit of Financial Statements
The objectives of an auditor in an audit of financial
statements are reflected in the auditor’s responsibilities
above, that is, to obtain a reasonable assurance whether
the financial statements are free from material
misstatements whether due to fraud or error, and to report
on the financial statements.
The following basic concepts underlying an audit of financial
statements are important related to achieving these
objectives.
Gathering Audit Evidence and Documentation
• From the start to end of the audit, the auditor gathers
and accumulates audit evidence and documentation
that supports the opinion to be expressed.
Maintaining Audit Quality
• Quality audit means that the audit is performed in
accordance with relevant ethical, professional, legal,
and regulatory requirements.
Relevant Ethical Requirements
• Relevant ethical requirements ordinarily comprise Parts
A and B of the Code of Professional Ethics. The
fundamental principles, in accordance with the code of
ethics, applicable to audit of financial statements are:
1. Integrity
2. Objectivity
3. Professional competence and due care
4. Confidentiality
5. Professional behavior
Page 2 of 5 www.teamprtc.com.ph
• In addition to fundamental principles, the code also
requires professional accountants to be independent
when performing audits, both of mind and in
appearance.
Audit in Accordance with PSAs
• The auditor shall comply with all PSAs relevant to the
audit. A PSA is relevant to the audit when the PSA is in
effect and the circumstances addressed by the PSA
exist. The auditor shall not represent compliance with
PSAs in the auditor’s report unless the auditor has
complied with the requirements of this PSA and all other
PSAs relevant to the audit.
• If an objective in a relevant PSA cannot be achieved,
the auditor shall evaluate whether this prevents the
auditor from achieving the overall objectives of the
auditor and thereby requires the auditor, in accordance
with the PSAs, to modify the auditor’s opinion or
withdraw from the engagement. Failure to achieve an
objective represents a significant matter requiring
documentation.
Professional Judgment
• The ability of the auditor to exercise judgment that is
professionally made is often described as the hallmark
or trademark of auditing. Professional accountants are
engaged to audit of financial statements because of
their ability to exercise professional judgment.
• Professional judgment is the application of relevant
training, knowledge, and experience, within the context
provided by auditing, accounting and ethical standards,
in making informed decisions about the courses of
action that are appropriate in the circumstances of the
audit engagement.
• The auditor shall exercise professional judgment in
planning and performing an audit of financial
statements. It is essential to the proper conduct of an
audit because it enables the proper interpretation of:
§ Relevant ethical requirements
§ PSAs
§ Informed decisions
• Professional judgment is necessary in particular
regarding decisions about:
§ Materiality and audit risk
§ Nature, timing, and extent of audit procedures
§ Evaluating whether sufficient appropriate audit
evidence has been obtained
§ Evaluating management’s judgments in applying
the applicable financial reporting framework
§ Drawing of conclusions, for example, assessing the
reasonableness of the management’s estimates
Professional Skepticism
• It is believed that professional skepticism is the
auditor’s best method to detect fraud in the financial
statements.
• Professional skepticism is an attitude that includes a
questioning mind, being alert to conditions which may
indicate possible misstatement due to error or fraud,
and a critical assessment of audit evidence. The auditor
shall plan and perform an audit with professional
skepticism recognizing that circumstances may exist
that cause the financial statements to be materially
misstated.
AT.3403
TEAM PRTC
• Professional skepticism includes being alert to, for
example:
§ Audit evidence that contradicts other audit
evidence obtained
§ Information that brings into question the
reliability of documents and responses to
inquiries to be used as audit evidence
§ Conditions that may indicate possible fraud
§ Circumstances that suggest the need for audit
procedures in addition to requirements of PSAs
• Maintaining professional skepticism throughout the
audit is necessary if the auditor is, for example, to
reduce the risks of:
§ Overlooking unusual circumstances.
§ Over generalizing when drawing conclusions
from audit observations.
§ Using inappropriate assumptions in determining
the nature, timing, and extent of the audit
procedures and evaluating the results thereof.
Management Assertions and Development of Audit
Objectives
Management assertions are representations by
management, whether express or implied, about classes of
transactions, account balances, and the related disclosures
contained in the financial statements. Management
assertions are grouped according to the following categories
(Based on PSA 315, Revised 2019):
a. Classes of transactions and events and related
disclosures
1. Occurrence – Transactions and events that have
been recorded or disclosed have occurred and
pertain to the entity.
2. Completeness – All transactions and events that
should have been recorded have been recorded,
and all disclosures that should have been included
in the financial statements have been included.
3. Accuracy – Amounts and other data relating to
recorded transactions and events have been
recorded appropriately, and related disclosures
have been appropriately measured and described.
4. Classification – Transactions and events have been
recorded in the proper accounts.
5. Cutoff – Transactions and events have been
recorded in the correct accounting period.
DISCUSSION QUESTIONS
1. The purpose of an audit is to enhance the degree of
confidence of intended users in the financial statements.
The financial statements subject to audit are those of
the entity, prepared and presented by management of
the entity with oversight from those charged with
governance.
a. True, False
b. False, True
c. True, True
d. False, False
2. Which of the following procedures is not one of the
features of a risk-based audit process in accordance
with PSAs?
a. Identify and assess risks of material misstatement,
whether due to fraud or error, based on an
understanding of the entity and its environment,
including the entity’s internal control.
b. Obtain sufficient appropriate audit evidence about
whether material misstatements exist, through
Page 3 of 5 www.teamprtc.com.ph
6. Presentation – Transactions and events are
appropriately aggregated or disaggregated and
clearly described, and related disclosures are
relevant and understandable in the context of the
requirements of the applicable financial reporting
framework.
b. Account balances and related disclosures.
1. Existence – Assets, liabilities, and equity interests
exist.
2. Completeness – All assets, liabilities, and equity
interests that should have been recorded have been
recorded, and all related disclosures that should
have been included in the financial statements have
been included.
3. Accuracy, valuation, and allocation – Assets,
liabilities, and equity interests have been included
in the financial statements at appropriate amounts,
and any resulting valuation adjustments have been
appropriately recorded, and related disclosures
have been appropriately measured and described.
4. Classification – Assets, liabilities, and equity
interests have been recorded in the proper
accounts.
5. Rights and obligations – The entity holds or controls
the rights to assets, and the liabilities are the
obligation of the entity.
6. Presentation – Assets, liabilities, and equity
interests are appropriately aggregated or
disaggregated and clearly described, and related
disclosures are relevant and understandable in the
context of the requirements of the applicable
financial reporting framework.
Auditors may use different terms to describe the
management assertions so long as the aspects included
above are addressed. The auditor considers the relevance
of each assertion for each significant class of transactions
and account balance. Once relevant assertions are
identified, the auditor then develops audit objectives for
each category of assertions. From the audit objectives set,
the auditor decides on the nature, type and quantity of
evidence to satisfy such audit objectives. The objectives
remain the same from audit to audit, but the evidence could
vary depending on the circumstances of the engagement.
designing and implementing appropriate responses
to the assessed risks.
c. Form an opinion on the financial statements based
on conclusions drawn from the audit evidence
obtained.
d. Subject all available evidence related to entity’s
financial statements to testing to get reasonable
assurance that the financial statements are free
from material misstatements.
3. Which of the following is not a distinguishing feature of
risk-based auditing?
a. Identifying areas posing the highest risk of financial
statement errors.
b. Analysis of internal control.
c. Collecting and evaluating evidence.
d. Concentrating audit resources in those areas
presenting the highest risk of financial statement
errors.
AT.3403
TEAM PRTC
4. An audit is conducted on the premise that management
and, where appropriate, those charged with
governance, have acknowledged and understand that
they have responsibilities that are fundamental to the
conduct of an audit in accordance with PSAs. Which of
the following is not one of those responsibilities?
a. To provide the auditor unrestricted access to
persons within the entity from which the auditor
determines it necessary to obtain audit evidence.
b. The preparation and presentation of financial
statements in accordance with the pronouncements
issued by AASC.
c. The establishment and maintenance of internal
control relevant to the preparation and presentation
of financial statements that are free from material
misstatement, whether due to fraud or error.
d. To provide complete information to the auditor.
5. Which of the following statements is false?
a. In an audit of financial statements, being an
assurance engagement, the auditor is engaged for
purposes of expressing an opinion designed to
enhance the degree of confidence of intended users
in the financial statements.
b. The overall objective of the independent auditor is
to obtain reasonable assurance about whether the
financial statements as a whole are free from
material misstatement, whether due to fraud or
error, and to report on the financial statements in
accordance with the auditor’s findings.
c. In order to obtain reasonable assurance, the auditor
shall obtain sufficient appropriate audit evidence to
be able to draw reasonable conclusions on which to
base the audit opinion. Reasonable assurance is
obtained when the auditor has thereby reduced
audit risk to an acceptably high level.
d. The objective of an audit cannot be fulfilled unless
the auditor achieves the overall objective of the
auditor. In all cases when the overall objective of
the auditor cannot be achieved, the PSAs require
that the auditor modifies the auditor’s opinion
accordingly or withdraws from the engagement.
6. The concept of reasonable assurance indicates that the
auditor is:
a. not an insurer of the correctness of the financial
statements.
b. not responsible for the fairness of the financial
statements.
c. responsible only for issuing an opinion on the
financial statements.
d. responsible for finding all misstatements.
7. The auditor’s opinion
a. Guarantees the credibility of the financial
statements.
b. Is an assurance as to the future viability of the
entity.
c. Is not an assurance as to the efficiency with which
management has conducted the affairs of the
entity.
d. Certifies the correctness of the financial statements.
8. When an auditor issues a qualified opinion, the
implication is that the auditor
a. Does not know if the financial statements are
presented fairly.
b. Does not believe the financial statements are fairly
presented.
c. Is satisfied that the financial statements are
presented fairly except for a specific aspect of them.
Page 4 of 5 www.teamprtc.com.ph
d. Is satisfied that the financial statements are
presented fairly.
9. When an auditor issues an adverse opinion, the
implication is that the auditor
a. Does not know if the financial statements are
presented fairly.
b. Does not believe the financial statements are fairly
presented.
c. Is satisfied that the financial statements are
presented fairly except for a specific aspect of them.
d. Is satisfied that the financial statements are
presented fairly.
10. Which of the following is incorrect regarding the general
principles of an audit?
a. The auditor should comply with the “Code of Ethics
for Professional Accountants in the Philippines.”
b. The auditor should conduct an audit in accordance
with PSAs.
c. The auditor shall not represent compliance with
PSAs unless the auditor has complied with all of the
PSAs relevant to the audit.
d. The auditor would ordinarily expect to find evidence
to support management representations and
assume they are necessarily correct.
11. The following are the general principles governing an
audit of financial statements audit, except
a. Independence c. Confidentiality
b. Professionalism d. Professional behavior
12. The auditor shall plan and perform an audit with an
attitude of professional skepticism recognizing that
circumstances may exist that cause the financial
statements to be materially misstated.
The auditor shall exercise professional judgment in
planning and performing the audit in accordance with
PSAs.
a. True, True c. False, True
b. False, False d. True, False
13. Which of the following is least likely an application of
maintaining an attitude of professional skepticism?
a. The auditor does not consider representations from
management as substitute for obtaining sufficient
and appropriate audit evidence to be able to draw
reasonable conclusions on which to base the audit
opinion.
b. The auditor is alert to audit evidence that
contradicts or brings into question the reliability of
documents or management representations.
c. The auditor makes a critical assessment, with a
questioning mind, of the validity of audit evidence
d. In planning and performing an audit, the auditor
assumes that management is dishonest.
14. Financial reporting frameworks often discuss the
concept of materiality in the context of the preparation
and presentation of financial statements. Although
financial reporting frameworks may discuss materiality
in different terms, they generally explain that
a. Misstatements, including omissions, are considered
to be material if they, individually or in the
aggregate, could reasonably be expected to
influence the economic decisions of users taken on
the basis of the financial statements.
b. Judgments about materiality are made in the light
of surrounding circumstances and are affected by
the size or nature of a misstatement, or a
combination of both.
AT.3403
TEAM PRTC
c. Judgments about matters that are material to users
of the financial statements are based on a
consideration of the common financial information
needs of users as a group. The possible effect of
misstatements on specific individual users, whose
needs may vary widely, is not considered.
d. All of the above
15. Materiality is:
a. Expressed only in terms of pesos
b. Measured using guidelines established by PICPA
c. Not applicable to assurance engagements
d. Addressed within a practitioner’s audit and other
assurance reports
16. Two overriding considerations affect the many ways an
auditor can accumulate evidence:
I. Sufficient appropriate evidence must be
accumulated to meet the auditor’s professional
responsibility.
II. Cost of accumulating evidence should be minimized.
In evaluating these considerations:
a. the first is more important than the second.
b. the second is more important than the first.
c. they are equally important.
d. it is impossible to prioritize them.
17. The existence of audit risk is recognized by the
statement in the standard auditor’s report that the
a. The auditor is responsible for expressing an opinion
on the financial statements, which are the
responsibility of management.
b. Financial statements are presented fairly, in all
material respects, in conformity with GAAP.
c. Audit includes examining, on a test basis, evidence
supporting the amounts and disclosures in the
financial statements.
d. Auditor obtains reasonable assurance about
whether the financial statements are free of
material misstatement.
18. Risk of material misstatement is
a. The risk that the auditor might express an opinion
that the financial statements are materially
misstated when they are not.
b. The likelihood that the financial statements are
materiality misstated prior to the audit.
c. Both a and b.
d. Neither a nor b.
19. What are the two elements of the risk of material
misstatement at the assertion level?
a. Inherent risk and detection risk
b. Audit risk and detection risk
c. Inherent risk and control risk
d. Detection risk and control risk
20. Detection risk is
a. The risk that the auditor gives an inappropriate
audit opinion when the financial statements are
materially misstated.
b. The risk that a misstatement, that could occur in an
account balance or class of transactions and that
could be material individually or when aggregated
with misstatements in other balances or classes, will
not be prevented or detected and corrected on a
timely basis by the accounting and internal control
systems.
c. The risk that an auditor's substantive procedures
will not detect a misstatement that exists in an
account balance or class of transactions that could
Page 5 of 5 www.teamprtc.com.ph
be material, individually or when aggregated with
misstatements in other balances or classes.
d. The susceptibility of an account balance or class of
transactions to misstatement that could be
material, individually or when aggregated with
misstatements in other balances of classes,
assuming that there were no related internal
controls.
21. Inherent risk and control risk differ from detection risk
in that inherent risk and control risk
a. arise from the misapplication of auditing procedures
b. may be assessed in either quantitative or
nonquantitative terms
c. exist independently of the financial statement audit
d. can be changed at the auditor’s discretion
22. Which of the following is an incorrect statement?
a. Detection risk cannot be changed at the auditor’s
discretion
b. Detection risk bears an inverse relationship to
inherent and control risks
c. The greater the inherent and control risks the
auditor believes exists, the less detection risk that
can be accepted
d. The auditor might make separate or combined
assessments of inherent risk and control risk
23. In implementing the audit risk model, which of the
following is not a limitation of the model that makes its
implementation difficult?
a. Inherent risk is difficult to formally assess.
b. Audit risk is objectively determined.
c. The model treats each risk component as separate
and independent.
d. Audit technology is not precisely developed in
assessing each component.
24. Assertions about classes of transactions and events for
the period under audit least likely include
a. Transactions and events that have been recorded
have occurred and pertain to the entity.
b. All transactions and events that should have been
recorded have been recorded.
c. Transactions and events have been recorded in the
correct accounting period.
d. All assets, liabilities and equity interests that should
have been recorded have been recorded.
25. Relevant assertions have a meaningful bearing on
whether the account is fairly stated and are used to
assess the risk of material misstatement and design and
performance of audit procedures.
The auditor’s audit objectives follow and are closely
related to management assertions.
a. True, False
b. False, True
c. True, True
d. False, False
End of AT.3403
AT.3403