AT 01 – Overview of Assurance & Auditing Services

TOPIC OUTLINE

Services provided by
CPAs

Definition of
Assurance and
Assurance Services
PART 1: OVERVIEW OF
ASSURANCE SERVICES
Elements of Assurance
Engagements

Types of Assurance
Engagements

Definition of
Auditing

PART 2: OVERVIEW
OF AUDITING Types of Audits
SERVICES

Types of Auditors

LECTURE NOTES

OVERVIEW OF ASSURANCE ENGAGEMENTS

Assurance Services
SERVICES
PROVIDED BY CPAs
Non-assurance
Services

ASSURANCE

Assurance refers to the practitioner’s satisfaction as to the reliability of

assertions being made by one party to be used by another.
ASSURANCE SERVICES

These are services provided by a practitioner which enhances the credibility of

information about a subject matter by evaluating whether the subject matter
conforms with all material respects, with a suitable criterion and forming a
report to be communicated to intended users.

OVERVIEW OF ASSURANCE ENGAGEMENTS

ELEMENTS OF ASSURANCE ENGAGEMENTS

(CREST)

(1) THREE-PARTY RELATIONSHIP

(2) APPROPRIATE SUBJECT MATTER

(3) SUFFICIENT AND APPROPRIATE EVIDENCE

(4) SUITABLE CRITERIA

(5) WRITTEN REPORT

(1) THREE-PARTY RELATIONSHIP

PRACTITIONER
Evidence RESPONSIBLE
(Person performing PARTY
the engagement)
Subject Matter

Opinion INTENDED
(Report) USER

NOTE: The responsible party and intended user may be the same entity but not
all the times.

(2) APPROPRIATE SUBJECT MATTER

To be appropriate, the subject matter should be

(a) Identifiable

(b) Capable of consistent evaluation and measurement against suitable

criteria
 (c) In a form that can be subjected to procedure for gathering evidence to
support evaluation or measurement.

The subject matter may take many forms such as:

(a) Data (financial or non-financial)

(b) System and processes

(c) Behavior

(d) Physical characteristics

(3) SUFFICIENT AND APPROPRIATE EVIDENCE

Evidence are all information USED by a practitioner IN FORMING an OPINION.

Sufficiency refers to the quantity of the evidence gathered.

(↑Risk = ↑ Quantity)

Appropriateness refers to the quality or reliability of the evidence gathered.

(↑Quality = ↓ Quantity)

In assessing reliability of evidence, the following guidelines should be applied:

Audit evidence obtained from independent outside sources is more reliable

than that generated internally.

Audit evidence generated internally is more reliable when the related

accounting and internal control systems are effective.

Audit evidence obtained directly by the auditor is more reliable than that
obtained from the entity.

Audit evidence in the form of documents and written representations is

more reliable than oral representations.

(4) SUITABLE CRITERIA

Criteria are the STANDARDS or BENCHMARK used to EVALUATE or

MEASURE the subject matter of an assurance engagement.

Without the frame of reference provided by criteria, any conclusion is

open to individual interpretation and misunderstanding.

To be suitable, the criteria should have the following characteristics:

Relevance

Completeness

Reliability

Neutrality
Understandability

(ReComp ReNeU)

In addition, criteria could be FORMAL or INFORMAL.

(4) WRITTEN REPORT

The written assurance report contains the OPINION or CONCLUSION of

the practitioner whether the subject matter conforms, in all material respects,
with the criteria.

Direct Reporting
Assurance Engagements
Services Assertion-based
Engagements

SERVICES Agreed-upon
PROVIDED BY CPAs Procedures

Compilation
Non-assurance
Services
Tax Services

Consultancy
Engagement
NON-ASSURANCE ENGAGEMENTS

(1) AGREED-UPON PROCEDURES

Procedures were designed by the client and the practitioner.

Procedures are audit procedures in nature.

The distribution of the report of findings is restricted.

(3) COMPILATION

The practitioner uses accounting expertise rather than auditing expertise.

The goal is to assist the client in the preparation and presentation of their
financial statements. (collection, classification and summarization of financial
information)
 (4) TAX SERVICES
(5) CONSULTANCY

TYPES OF ASSURANCE ENGAGEMENTS

AS TO STRUCTURE

(1) Assertion-based Engagements (ATTESTATION SERVICES)

• The evaluation or measurement of the subject matter is performed by the
responsible party (ASSERTION) that is made available to the intended
users.
• It is the assertion about which the practitioner gathers sufficient and
appropriate evidence to provide a reasonable basis for expressing a
conclusion on the assurance report.
(2) Direct Reporting Engagements
• The practitioner either directly performs the evaluation or measurement of
the subject matter or obtains a representation from the responsible party
that has performed the evaluation that is not available to intended user.
• The subject matter information is made available to users in the
assurance report.

Direct Reporting
Assurance Engagements
SERVICES Services
Audit
Assertion-based
PROVIDED BY Engagements
CPAs Non-assurance
Services
Review

AS TO LEVEL OF ASSURANCE PROVIDED

(1) Reasonable Assurance Engagement

• The objective of a reasonable assurance engagement is a reduction in
assurance engagement risk to an acceptably low level in the
circumstances of the engagement as the basis for a positive form of
expression of the practitioner's conclusion.
Example is Audit Engagements

(2) Limited Assurance Engagement

• The objective of a limited assurance engagement is a reduction in
assurance engagement risk to a level that is acceptable in the
circumstances of the engagement, but where the risk is greater than for a
reasonable assurance engagement, as the basis for a negative form of
expression of the practitioner's conclusion.
Example is Review Engagements
 CPA Web Trust

Assurance Information
Services on IT System
Reliability
Service
Direct Business
Reporting Performance
Assurance Engagements Measurement
Services
SERVICES Services
PROVIDED Assurance
Assertion-based Services on
BY CPAs Non-assurance Engagements Other Types of
Healthcare
Services Information Performance
Measurement

Eldercare Plus

DIRECT REPORTING ENGAGEMENTS

(A) CPA Web Trust Service

Provides assurance to users of web sites in the Internet by affixing the

practitioners WEB TRUST SEAL.

(B) Information System Reliability Service

Provides assurance usually to top management and/or third parties that the
information system has been designed and operated t produce reliable data.

(C) Business Performance Measurement Service

Provide assurance about whether financial and non-financial information being

reported from the entity’s performance measurement system (e.g. balanced
scorecard) is reliable and are accurately leading the entity toward meeting its
strategic goals and objectives.

(D) Healthcare Performance Measurement

Provides assurance and evaluation of the quality of healthcare, medical services

and outcome.

(E) Eldercare Plus

Provides assurance and evaluation whether caregivers are providing services

that meet specified objectives or at an acceptable level.
WHAT IS AUDITING?

The term audit is derived from the Latin term “audire”, which means to hear.

According to American Accounting Association:

“Auditing is a systematic process where a competent and independent individual

objectively obtains and evaluates evidence regarding assertions about economic
actions and events to ascertain the degree of correspondence between those
assertions and established criteria and communicating the results to interested
users”.

Characteristics of Auditing

(a) Auditing is a systematic process.

(b) It is performed by an independent and competent individual.

(c) Audit is conducted objectively.

(d) Audit involves obtaining and evaluating evidence about assertions.

(e) Audit ascertain degree of correspondence between assertions and

established criteria.

Audit involves communication of results to various users.

TYPES OF AUDIT

Financial Statements
Audit

As to Objective Operational Audit

Compliance
Audit
Types of Audit
Independent FS
Audit

As to Scope Internal Audit

Government
Audit
As to objective

Financial Audit Compliance Operational

Audit Audit
Assertions made Fairness of Compliance with Efficiency and
by client or financial law and Effectiveness of
auditee statements regulations Operations

Criteria used for PFRS and other Existing laws and Objectives set by
evaluation GAAP (Formal) contracts (Formal) BOD (Informal)

Auditors who External Auditors Government Internal

usually perform Auditors Auditors

NOTE: Compliance and operation audits can be performed by other type

of auditors. But the performance of INDEPENDENT FS AUDIT is limited
to external auditors only.

As to scope

(A) Independent FS Audit

NATURE – Methodological review and examination of financial statements

prepared by the enterprise.

OBJECTIVE – To opine as to the fairness of the financial statements.

SCOPE – The auditor will conduct a critical and systematic examination of the
statements and of related documents and information.

(B) Internal Audit

NATURE – An independent activity designed to add value by improving the

entity’s operations.

OBJECTIVE – To assist management in the effective discharge of their

responsibilities.

SCOPE – This involves going beyond the accounting and financial records to
obtain full understanding of the operations under review which includes:

❖ Review and appraising of adequacy of accounting and financial records.

❖ Ascertaining degree of compliance with established policies and plans.

 ❖ Appraising the quality of performance in carrying out assigned
responsibilities.

❖ Verification of management reports.

❖ Recommending operating improvements.

(C) Government Audit

NATURE – Determination of whether government funds are properly handled

and whether the programs are conducted efficiently and economically.

OBJECTIVE – To properly evaluate the operations of government units in

relation to fund handling and disbursement and execution of programs.

SCOPE – Financial and compliance audit, economy and efficiency audit and
Program results.

TYPES OF AUDITORS

(A) External Auditors

(B) Internal Auditors

(C)Government Auditors

AT 02 – Introduction to Financial Statements Audit

TOPIC OUTLINE

❖ Definition and Objective of FS Audit

❖ Why There is a Need for FS Audit

❖ Assurance Provided by FS Audit

❖ Financial Statements and Management Responsibilities

❖ Theoretical Framework of FS Audit

❖ General Principles in FS Audit

❖ Risk-based Audit Process

LECTURE NOTES

DEFINITION & OBJECTIVE

Financial Statements Audit = Assurance Engagement and Attestation Service

Financial
Statements
INTENDED USER MANAGEMENT &
TCWG
Decision Making

Evidence
Audit Report AUDITOR

PFRS/GAAP

OBJECTIVE: To enable the auditor to express an opinion whether the financial

statements are prepared, in all material respect, in accordance with PFRS.

REASON FOR FS AUDIT

WHY THERE IS A NEED FOR FS AUDIT?

INFORMATION RISK

(Risk of Unreliable Information for Decision Making)

Resulting From: How to Reduce:

(1) Remoteness (1) Have the FS audited
(2) Conflict of Interest (2) Allow users to verify information
(3) Voluminous Data (3) Allow users share information risk
(4) Expertise

The level of assurance provided by Independent FS Audit is REASONABLE OR

HIGH ASSURANCE ONLY.
ASSURANCE PROVIDED

ABSOLUTE ASSURANCE IS IMPOSSIBLE due to the following limitations:

(1) The use of testing or sampling (sampling risk)

(2) Human error (non-sampling risk)

(3) Reliance on management representations

(4) Inherent limitations of internal control

(5) Nature of evidence

MANAGEMENT’S RESPONSIBILITIES

These responsibilities are within the oversight of Those Charged with

Governance (TCWG):

(1) Preparation and presentation of financial statements in accordance with

financial reporting framework (FRF).

(2) Design, implementation and maintenance of internal control.

(3) Provide auditor with:

(a) All information relevant to preparation and presentation of financial

statements.

(b) Any additional information required by auditor.

(c) Unrestricted access within the entity to obtain evidence.

THEORETICAL FRAMEWORK

Assumptions used by the auditor in the effective conduct of financial statements

audit.

(1) Data to be audited can be verified.

(2) The auditor should maintain independence at all times.

(3) There should be NO LONG-TERM conflict between the auditor and

management.

(4) Effective internal control reduced ROMM of the financial statements.

(5) Consistent application of GAAP results to fair presentation.

(6) What was held true in the past will continue to hold true in the future in
the absence of known conditions to the contrary.

(7) An audit benefits the public.

GENERAL PRINCIPLES

(1) ETHICAL REQUIREMENTS

(PICPO)

Professional competence and due care

Integrity

Confidentiality

Professional behavior

Objectivity

(2) PHILIPPINE STANDARDS ON AUDITING (PSA)

Standards are established to measure the quality of performance of practitioner.

(3) PROFESSIONAL SKEPTICISM

An attitude involving a questioning mind being alert to conditions that

may indicate contradictions or doubt on the reliability of information.

Under professional skepticism, the auditor neither assumes management

is honest or dishonest.

Professional skepticism reduces the risk of:

• Overlooking unusual circumstances.

• Overgeneralizing
• Using inappropriate assumptions in determining nature, timing and
extent of procedures.

(4) PROFESSIONAL JUDGMENT

Application of the relevant trainings, knowledge and experience within the

context of auditing in making informed decisions.

Professional judgment is the HALLMARK OF AUDITING.

Professional judgment is necessary in making decisions on the following:

• Materiality and audit risk

• Determining nature, timing and extent of audit procedures
• Accumulating SAAE
• Evaluating management decisions
• Drawing conclusions and forming opinion.
 (5) ASSERTIONS

Management representations embodied in the financial statements, explicitly or

otherwise.

These are guide by the auditor for evidence gathering (Directional

Testing)

These assertions may fall into the following categories:

Assertions about classes of transactions and events (Income Statement Items)

(COCAC)

• Occu rrence
• Completeness
• Accuracy
• Cut-off
• Classification

Assertions about account balances

(Balance Sheet Items)

(CREV)

Existence

Rights and Obligations

Completeness

Valuation and Allocation

Assertions about presentation and disclosure

(Notes to FS and other financial statements)

(COCA)

• Occurrence and Rights and Obligations

• Completeness
• Classification and Understandability
• Accuracy and Valuation

RISK-BASED AUDIT PROCESS

 STAGE 1: Preliminary Engagement Activities
To minimize risk of being associated to clients with questioned integrity.

STAGE 2: Audit Planning

Risk assessment procedures and determination of further procedures.

STAGE 3: Responses to Assessed Risks

✓ Consideration of internal control – test of controls
✓ Evidence gathering – ascertaining degree of correspondence

STAGE 4: Completing the Audit

Wrapping-up procedures and reviewing consistency of evidence

STAGE 5: Report
Communicating the results (forming an opinion)

STAGE 6: Post-audit Responsibilities

Evaluation of services rendered

AT 03 – Introduction to Financial Statements Audit

TOPIC OUTLINE

• Professional Standards (GAAS)

• Organization That Affects Public Accountancy
• Introduction to Organization of CPA Firms
• Quality Controls

LECTURE NOTES

PROFESSIONAL STANDARDS

GENERALLY ACCEPTED AUDITING STANDARDS (GAAS)

• GAAS represent measures of the quality of the auditor’s performance.

• Minimum standards of performance.
• The Board of Accountancy promulgated ten (10) GAAS and are
grouped as follows:

✓ General Standards

✓ Standards of Fieldwork

✓ Standards of Reporting
 Technical Training &
Proficiency
General Standards (TIP)
Independence

Professional Care

Planning

GENERALLY ACCEPTED Standards of Fieldwork Internal Control

AUDITING STANDARDS (PIE) Consideration
(GAAS)
Evidential Matter

GAAP

Inconsistency
Standards of
Reporting (GIDO)
Disclosure

Opinion

PHILIPPINE STANDARDS ON AUDITING (PSA)

• PSAs are issued by AASC to clarify the meaning of the ten GAAS.
• An auditor shall comply with ALL PSAs relevant to the audit
engagement.

NOTE: Failure to comply with these standards exposes the auditor to risks such
as loss of public respect and confidence and even face legal damages.

ORGANIZATIONS AFFECTING PUBLIC ACCOUNTANCY

REGULATORY GOVERNMENT AGENCIES

• Professional Regulations Commission (PRC)

• Board of Accountancy (BOA)

• Securities and Exchange Commission (SEC)

• Commission on Audit (COA)

• Bangko Sentral ng Pilipinas (BSP)

PROFESSIONAL ORGANIZATIONS

• Philippine Institute of Certified Public Accountants (PICPA)

• Sectoral Organizations

✓ Association of CPAs in Public Practice

(ACPAPP)
 ✓ Associations of CPAs in Commerce and Industry

6(ACPACI)

✓ National Association of CPAS in Education

(NACPAE)

✓ Government Association of Certified Public Accountants

(GACPA)

STANDARD SETTING BODIES

Financial Reporting Standards Council (FRSC)

• Accounting standard-setting body in the Philippines.

• Composed of a chairman with 14 representatives (total of 15 members).

• The chairman should be a senior practitioner in any scope.

• Pronouncements are PFRS, PAS and Philippine Interpretations.

Auditing and Assurance Standards Council (AASC)

• Auditing and assurance standard-setting body in the Philippines.

• Composed of a chairman with 14 representatives (total of 15 members).

• The chairman should be a senior practitioner in public practice.

Pronouncements are the following:

PSA
Audit Engagements
PAPS

PSRE
Review Engagements
PREPS

AASC PSAE
Pronouncements Other Assurance
Engagements
PAEPS

PSRS
Related Services
PRSPS

Quality Control PSQC

COMPOSITION OF FRSC & AASC

COMPOSITION FRSC AASC

Chairman 1 1
BOA 1 1
SEC 1 1
BSP 1 1
BIR 1 -
COA 1 1
Major Org. of FS prepares and users (FINEX) 1 -
ACPAPP - 1
PICPA (APO) 8 9
Public Practice 2 6
Commerce and Industry 2 1
Education 2 1
Government 2 1
Total 15 15
ORGANIZATION OF CPA FIRMS

NOTE: Organization of CPA Firms is limited only for sole proprietorship

and partnership forms of business.

Methods of Billing Clients

• Actual Time or Per Diem Basis

• Flat or Fixed Fee Basis
• Maximum Fee Basis
• Retainer Fee Basis

HIERARCHY PERSONNEL

PERSONNEL NATURE OF WORK

1. Associate Performs detailed work such as:
(0-3 years) • Checking footings and computations
• Checking short and long extensions
• Tracing posting to ledger
• Performing tracing and vouching procedures
• Preparing analyses and schedules of accounts
• Preparing reconciliations
• Observing physical count of inventories
• Confirmation procedures
• Effecting corrections made by seniors

2. Senior Performs more complex audit procedures:

Associate • Drafts and finalizes audit programs
Audit • Supervise associate and performs review
Supervisor procedures on work of associates
(3-6 • Address minor accounting and auditing issues
years) with clients and associates.
 3. Audit Performs audit procedures and engagement management
Manager • Prepare overall audit plan
(6-12 • Perform administrative work for several
years) concurrent engagements
• Settle major accounting or auditing issues
• Usually, draft report for review by partner

4. Audit Owner of the form and determines the operating policy of

Partner the firm
(12 years • Obtain and maintain client relationship
and more) • Discuss with client the objective and scope of the
audit
• Assume overall responsibility
• Have the final say on accounting and auditing
issues
• Sign the reports
• Approve billings

QUALITY CONTROL

These are policies and procedures adopted by CPA Firms to provide reasonable
assurance of conforming with professional standards in performing audit
and related services.

According to PSCQ 1 and PSA 220, a firm should establish a system of quality
control to provide reasonable assurance (NOT A GUARANTEE) that:

• The firm and its personnel comply with professional standards

and regulatory and legal requirements.
• The reports issued are appropriate in the circumstances.

ELEMENTS OF QUALITY CONTROL

(HEAL ME)

❖ Leadership Responsibilities

❖ Ethical Requirements

❖ Acceptance & Continuance of Client Relationships

❖ Human Resources

❖ Engagement Performance

❖ Monitoring

NOTE: The nature and extent of these policies and procedures depend
on factors such as (1) firms size, (2) operating characteristics, (3)
whether it is part of a network, (4) cost-benefit consideration
Leadership Responsibilities

• Tone at the top (Engagement Partner & Managing Partners)

• Support for quality work and quality-oriented control culture

Ethical Requirements

• Compliance with the fundamental principles stated in Code of Ethics

(PICPO)
• Independence is an additional ethical requirement for CPAs in public
practice
• Annual written independence confirmation

Acceptance and Continuance of Client Relationship

This element requires the firm to establish policies and procedures to provide
reasonable assurance that the firm will only undertake or continue relationships
and engagements where the firm:

• Has competence, capabilities, time and resources to perform the

engagement.
• Can comply with relevant ethical requirements
• Has considered the integrity of the client.

Human Resources

• Recruitment and retention to have sufficient personnel.

• CPD to achieve and maintain competence
• Assignment of engagement teams that delivers quality service
• Policies that discipline noncompliance and rewards compliance

Engagement Performance

• The engagement partner shall take overall responsibility on the overall

performance of the audit engagement.
• The following shall be observed in the performance of the audit
engagement:

✓ Direction

✓ Supervision

✓ Review

✓ Consultation

• The audit report shall NOT BE ISSUED:

✓ Until differences in opinions are resolved

✓ Until completion of engagement quality control review (EQCR)

Monitoring

• Monitoring is the process of constantly reviewing and evaluating the

firm’s system of quality control designed to provide reasonable
assurance that its system of quality control is operating effectively.
 • Part of the monitoring program, the firm shall INSPECT a selection of
individual engagements. The engagement is chosen WITHOUT PRIOR
NOTIFICATION to the engagement team.

• On a cyclical basis, inspection is being done of at least ONE completed

engagement for EACH engagement partner over an inspection cycle of
THREE YEARS.

AT 04 – Audit Evidence & Audit Documentation

TOPIC OUTLINE

Definition of Audit
Evidence

Types of Audit
Evidence
PART 1: AUDIT
EVIDENCE
Sources of Audit
Evidence

What Audit Evidence

to Gather?

Definition of Audit
Documentation

Purposes

PART 2: AUDIT
DOCUMENTATION
Types of Audit Files

Audit File Preparation

& Elements

Assembly and Retention of

Audit File

LECTURE NOTES

PART 1– AUDIT EVIDENCE

DEFINITION

Audit evidence is all information used by the auditor on which the audit
opinion is based.

OBJECTIVE: To gather evidence to draw reasonable conclusions as a basis of

opinion.

REMINDERS: (a) The process of evidence gathering and evaluation is a

CUMULATIVE and ITERATIVE PROCESS.

(b) Audit evidence could be oral or documentary, manual or electronic.

TYPES OF AUDIT EVIDENCE

(A) UNDERLYING ACCOUNTING RECORDS

The records of initial accounting entries and supporting records of the financial
statements prepared by management.

EXAMPLES:

• Checks and EFT records

• Invoices
• General and subsidiary ledgers
• Journal entries
• Supporting costs allocations and worksheets

(B) OTHER INFORMATION

All other information used by the auditor

EXAMPLES:

• Minutes of the meeting

• Confirmation from third parties
• Information obtained from audit procedures
NOTE: The auditor shall obtain both types of evidence that are
consistent and not doubtful as to reliability. Accounting records alone
cannot constitute SAAE.

SOURCES OF AUDIT EVIDENCE

1. Performance of Audit Procedures

(PRIMARY SOURCE)

1. Previous Audits

2. Firms Quality Control Procedures

3. Work of Management Experts

 4. Management representations

5. Other Sources Inside and Outside the Entity

TYPES OF AUDIT PROCEDURES

As to Purpose

• Risk Assessment Procedures (RAP) – performed to obtain an

understanding of the entity, its environment and its internal control to
IDENTIFY and ASSESS the ROMM at FS and assertion levels.

• Further Audit Procedures (FAP) (Risk Response)

❑ Test of Controls (TOC) – performed to evaluate the operating

effectiveness of internal controls.

❑ Substantive Procedures (SP) – performed to detect material

misstatements at the assertion level.

As to Type

• Inspection – the process of examining records or documents or physical

examination of assets.

• Observation – the process of looking at a process or procedure being

performed by others.

• External Confirmation – a direct written response to the auditor from a

third party.

• Recalculation – the process of checking the mathematical accuracy of

documents or records.

• Reperformance – the auditor’s independent execution of procedures or

controls that were originally performed as part of the entity’s internal
control.

• Analytical Procedures – the evaluation of financial information through

analysis of plausible relationship among both financial and non-financial
data and investigation of identified fluctuations or relationships that are
inconsistent with other information.

• Inquiry – the process of seeking information of knowledgeable persons.

The most extensively used audit procedures.

NOTE: Cost is considered in obtaining evidence but it is not a valid basis to omit
an audit procedure specially if there is no alternative.

The most costly audit procedure is external confirmation while the least costly is
inquiry.

Assertions addressed by each type of audit procedure:

• Inspection – All Assertions

 • Observation – Existence, Completeness and Valuation

• External Confirmation – Existence, Completeness, Rights and Obligations,

Cut-off and Valuation

• Recalculation –Valuation

• Reperformance – Existence

• Analytical Procedures – Valuation

• Inquiry – All Assertions

RAP TOC SP
Inspection ✓ ✓ ✓
Observation ✓ ✓ ✓
External Confirmation ✓
Recalculation ✓
Reperformance ✓
Analytical Procedures ✓ ✓
Inquiry ✓ ✓ ✓

WHAT AUDIT EVIDENCE TO GATHER

The auditor should obtain SUFFICIENT and APPROPRIATE audit evidence.

Professional Judgment & Professional Skepticism

Audit Evidence

Sufficiency Appropriateness
(Quantity) (Quality)

Risk Quality Relevance Reliability

(Directly (Inversely
Related) Related)

RELEVANCE

Relevance deals with the logical connection with or bearing upon:

(a) The purpose of audit procedure

(b) The assertion

The auditor shall obtain evidence about relevant assertions not all assertions.

An audit procedure is relevant to one assertion but irrelevant to others.

 (c) The direction of testing

• Vouching

• Tracing

WHAT AUDIT EVIDENCE TO GATHER

Vouching Tracing
Direction of Testing From Records to From Supporting Docs to
Supporting Docs Records
Involves Testing of Risk of Overstatements Risk of Understatements
Assertion Existence Completeness
Accounts Assets and Revenues of Liabilities and Expenses
Income

RELIABILITY

The audit evidence is generally more reliable when:

✓ Obtained from independent sources

✓ The related internal controls are effective

✓ Obtained directly than indirectly or by inference

✓ In documentary form than oral

✓ In original state than photocopies or facsimiles

PART 2– AUDIT DOCUMENTATION

DEFINITION

Audit Documentation (A.K.A Audit Working Papers) is the record of audit

procedures performed, relevant audit evidence obtained and conclusions the
auditor reached.

Audit documentation must be prepared TIMELY to

(a) Enhance the quality of audit

(b) Facilitate effective review

PURPOSE

PRIMARY PURPOSE
 (1) It serves as a basis for the auditor’s report.

(2) It is evidence that the audit was planned and performed in accordance
with PSAs and applicable legal and regulatory frameworks

OTHER PURPOSES

• Assist audit team plan and perform the audit.

• Assist supervision and review of audit work.

• Show accountability.

• Retaining a record of matters of continuing significance to future audits.

• Enable the conduct of quality control review and inspections.

• Enable the conduct of external inspections in accordance with applicable

legal or other regulatory requirements.

TYPES OF AUDIT FILES

Audit file refers to folders or other storage media, in physical or electronic form,
containing the records that comprise audit documentation.

The two main division of audit files are:

1. Permanent or Continuing Files – Contains data that are of continuing

significance or interest from year to year.

2. Current Files – Contains data that relate only to the current period’s audit.

Examples of Permanent Examples of Current Files

Files
• Debt agreements, pension • Reconciliation of accounting
contracts and lease agreements records to FS

• Articles of Incorporation • Working trial balance and lead

schedules

• Flowcharts of internal control • Audit program and

documentation of substantive
procedures

• Analyses of capital stock and • Attorney’s letters and

owner’s equity accounts management representation
letters
AUDIT FILE PREPARATION & ELEMENTS

How should the auditor prepare his or her documentation?

The auditor shall prepare audit documentation which is sufficient to an

experienced, having no previous connection with the audit, understand:

1) The nature, timing and extent of audit procedures performed.

2) The results of audit procedures, and the audit evidence obtained.

3) Sigificant audit matters, conclusions reached, and significant judgments

made.

4) The reasons of departure from a relevant PSA requirement and how

alternative audit procedures achieve the aim of the requirement.

ELEMENTS OF WORKING PAPERS

1) Heading

2) Indexing and cross-referencing

3) Audit objective

4) Audit procedures and results

5) Conclusions

6) Tickmarks and legends

7) Initials of preparer and reviewer

8) Preparation and review date

ASSEMBLY AND RETENTION OF AUDIT FILES

The final assembly of audit files takes place ordinarily NOT MORE THAN 60
DAYS after the auditor’s report date.

The retention period for audit engagements ordinarily is NOT SHORTER THAN 7
YEARS from the auditor’s report date.

AT 05 – Preliminary Engagement Activities

TOPIC OUTLINE

• Client Acceptance & Continuance

• Communication with Predecessor Auditor

• Agreeing the Basis of Engagement

• Acceptance of Change in Engagement

LECTURE NOTES

CLIENT ACCEPTANCE & CONTINUANCE

• Careful examination of clients in order for the auditor to manage

engagement risks.
• Engagement risks include loss of reputation (most important asset)
and financial loss.
• Ultimately, auditor’s judgment prevails whether to accept a client or
not.
 Guidelines in accepting clients:

✓ Auditor’s competence (preliminary knowledge)

✓ Ethical requirements

✓ Ability to serve client properly

✓ Integrity of management

In relation to client’s integrity, the following matters shall be considered:

❑ The identity and reputation of owners and officers

❑ Nature of client’s business

❑ Indications of client’s involvement in illegal activities

Sources of such information are the following:

✓ Communication with predecessor auditor

✓ Previous accounting services provider

✓ Inquiry of third parties such as banks and legal counsel

✓ Background searching

COMMUNICATING PREDECESSOR AUDITOR

What is the importance of communicating the predecessor auditor?

(1) Serve as a basis of client acceptance and continuance

(2) Matter of courtesy to the previous auditor

REQUISITE:

The successor auditor shall seek permission to communicate from BOTH the
predecessor auditor and client.

NOTE: If client will no permit communication, it will raise questions as

to acceptability of engagement.

Questions to be asked

If the client grants permission, the successor auditor inquiries of predecessor

auditor:

1. Integrity of client

2. Disagreements with management about audit procedures or accounting

principles
 3. Communication with audit committee about fraud, illegal acts or internal
control

4. Reason for change in auditor.

NOTE: If the predecessor auditor is prohibited by the client to disclose

information, again it raises a question as to the integrity of the client.

AGREEING THE BASIS OF ENGAGEMENT

Once an engagement is considered acceptable, the auditor now establishes the

basis of engagement through:

1. Preconditions of audit

2. Agreement on audit engagement terms (engagement letter)

AUDIT PRECONDITIONS

The auditor shall not accept the engagement without the following audit
preconditions

• Use of acceptable FRF available to FS users.

• Agreement with management and TCWG’s responsibility (see AT 02)

NOTE: If there is a scope limitation imposed prior acceptance of engagement,

the auditor shall NOT ACCEPT the engagement unless required by law or another
regulatory requirement to do so.

ENGAGEMENT LETTER

A written terms of an engagement in the form of a letter by the auditor to the

client.

Importance of engagement letter:

• Avoid misunderstanding with respect to the engagement.

• Document and confirms auditor’s acceptance of appointment.

NOTE: It is in the interest of both the client and auditor that the auditor sends
the engagement letter before the commencement of audit.

CONTENTS OF ENGAGEMENT LETTER

PRIMARY CONTENTS:

(FROM A)

(a) Identification of FRF for the preparation of FS.

(b) Reports and form and content of reports

(c) Objective and scope of audit

(d) Management responsibility

 (e) Auditor’s responsibility

CONTENTS OF ENGAGEMENT LETTER

OTHER CONTENTS:

(WE EPAL)

(a) Obligation to provide working papers

(b) Involvement of other auditor and experts

(c) Elaboration of scope of audit

(d) Planning and performance of audit

(e) Audit fees

(f) Audit and internal control limitation

AUDIT COMPONENTS

When the auditor of a parent entity is also the auditor of a component

(subsidiary, joint venture, associate or branch), the following factors are
considered whether to send a separate engagement letter to the
component:

✓ Who appoints the component auditor?

✓ Whether a separate auditor’s report is required to be issued

✓ Legal requirements

✓ Degree of ownership

✓ Degree of independence

RECURRING AUDITS

On recurring audits, the engagement terms may be confirmed without a new

letter. However, the following situations may require the auditor to send a new
letter to client:

➢ Misunderstanding of the objective and scope

➢ Any revised or special terms

➢ Change in client’s senior management

➢ Significant change in ownership, nature or size

➢ Change in legal or regulatory requirements

➢ Change in FRF

ACCEPTANCE OF CHANGE IN ENGAGEMENT

In prior to completing the audit, the auditor is requested to change the audit into
a lower level assurance engagement or other engagement, the auditor’s MAIN
CONSIDERATION is whether there is REASONABLE JUSTIFICATION to change
the engagement.

Circumstances that a client may request a change in engagement may include:

• A change in circumstances affecting the need for the service.

• A misunderstanding as to the nature of an audit originally

requested.

• A scope limitation imposed on the audit engagement.

AUDITOR’S RESPONSE FOR CHANGE IN ENGAGEMENT

REASONABLE JUSTIFICATION UNREASONABLE JUSTIFICATION

1. Stop performing the old 1. Continue performing the
engagement. original or old engagement.

2. Stop referring to the old 2. When prohibited to continue,

engagement, except for withdraw from the engagement
agreed-upon procedures.
3. Start performing the new 3. Determine reporting
engagement. responsibilities.

AT 06 – Audit Planning

TOPIC OUTLINE

BASIC CONCEPTS

Determining Materiality

AUDIT RISK AND ITS

COMPONENTS
Understanding the Entity
and Its Environment (RAP)
ACTIVITIES
PERFORMED DURING
AUDIT PLANNING
Understanding the Entity’s
Internal Control (RAP)

Outputs of Audit Planning

LECTURE NOTES

BASIC CONCEPTS
Why does an auditor plan an audit?

PURPOSE OF AUDIT PLANNING

(1) Efficient and effective conduct of audit.

(2) Consideration of timing of activities

(3) Reduction of audit risk to an acceptable level

NOTE: Audit planning is NOT a DISCRETE phase of an audit but rather a
CONTINUAL and ITERATIVE process.

BENEFITS OF AUDIT PLANNING (AMOI FAA)

(1) Appropriate attention to important audit areas.

(2) Manage and Organize audit so that it is performed effectively and

efficiently.

(3) Identify and resolve potential problems timely.

(4) Facilitate direction and supervision of team members and review of their
work.

(5) Assist proper selection of team members and assignment of work to

them.

(6) Assist in coordination of work done by auditors of components and

experts.

AUDIT RISK & ITS COMPONENTS

Risk – the possibility or likelihood that the financial statements contain material
misstatements.

AUDIT RISK

Is the possibility or likelihood that the financial statements contain material

misstatements and the auditor failed to detect it leading to the issuance of
inappropriate opinion.

AUDIT RISK COMPONENTS

Audit risk is a function of ROMM and detection risk.

Risk of Material Misstatement (ROMM) – refers to the likelihood that the FS

are materially misstated prior to the audit.

Detection Risk (DR) - is the risk that the auditor’s procedures will not detect
material misstatement that exists.

ROMM is divided into inherent risk and control risk.

Inherent Risk (IR) – the susceptibility of an assertion to a misstatement that

could be material assuming that there were no related controls.
Control Risk (CR) – is the likelihood that a material misstatement for an
assertion will not be prevented, detected or corrected on a timely basis by an
entity’s internal control.

AR = IR x CR x DR

NOTE: ROMM is inversely related to DR

Audit risk and its components can be assessed quantitatively or

qualitatively.

ACTIVITIES PERFORMED DURING AUDIT PLANNING

The nature and extent of the activities performed during audit planning will vary
according to:

(1) The size and complexity of the entity

(2) Auditor’s previous experience

(3) Changes in circumstances during the audit

DETERMINING MATERIALITY

Materiality is:

• The smallest aggregate level of misstatements to any of the financial

statements.

• The largest amount of tolerable misstatements.

NOTE: Materiality is not simply a function of specific amounts, an

auditor must understand who the potential users are and the type of
judgment made by them.
Application of Materiality

Materiality is used in the following:

• Identifying material classes of transactions, account balances and

disclosures in FS.

• Determining the nature, timing and extent if RAP.

• Identifying and assessing ROMM.

• Determine the nature, timing and extent of FAP (TOC and SP)

• Evaluate effect of misstatements on FS and form the opinion in auditor’s

report.

NOTE: Generally, materiality is used in planning, performing and

concluding phase.

Materiality Levels

PRELIMINARY MATERIALITY OR PLANNING MATERIALITY

This represents the maximum amount of misstatement per FS and still not cause
the auditor to believe that the decisions of the users will be affected.

Pre-tax profit from continuing operations is the usual benchmark in determining

materiality for profit-oriented entities. For non-profit oriented entities, the usual
benchmark is total expense.

The partner and other key members of audit team ordinarily choose the
benchmark and percentage in determining materiality. Though calculations may
be made by a more junior member of the team.

PERFOMANCE MATERIALITY or TOLERABLE MISSTATEMENTS

The amount of planning materiality allocated to an account balance or class of

transactions.

It is being determined in assessing ROMM and determining the nature, timing

and extent of audit procedures.

CLEARLY TRIVIAL MISSTATEMENTS

The amount below which would not be accumulated. If there is a doubt to a

misstatement, assume it is NOT clearly trivial.

Evaluating Misstatements

WHAT IS A MISSTATEMENT?

Misstatement is the difference between the amount, classification, presentation

or disclosure of a reported FS item and the amount, classification, presentation
or disclosure that is required by FRF.

TYPES OF MISSTATEMENTS

1) Factual misstatements
 2) Judgmental misstatements

3) Projected misstatements

4) Uncorrected misstatements

5)

RELATIONSHIP WITH AUDIT PROCEDURES AND AUDIT EVIDENCE

Materiality has an INVERSE relationship with audit procedures and evidence.

RELATIONSHIP WITH AUDIT RISK

Materiality has an INVERSE relationship with audit risk.

UNDERSTANDING THE ENTITY & ITS ENVIRONMENT

Risk Assessment Procedures

These are procedures performed to OBTAIN an UNDERSTANDING of the ENTITY

and ITS ENVIRONMENT, including the entity’s INTERNAL CONTROL,

They provide a basis for designing and implementing responses to the assessed
ROMM.

RAP includes

1) Inquiry

2) Analytical Procedures

3) Observation and Inspection

INQUIRY

ENTITY PERSONNEL INFO. OBTAINED

TCWG
Internal Audit Personnel
Employees Involved in
Unusual Transactions
Legal Counsel
Appropriateness of Accounting Policy
Marketing or Sales
Personnel
Environment of
FS Preparation
Internal Audit Procedures
Relevant to Internal
Controls
Litigation and Compliance
Sales trends and arrangements

ANALYTICAL PROCEDURES

Involves evaluations of plausible relationship of accounts.

STEPS IN ANALYTICAL PROCEDURES

STEP 1: Formulate expectations

STEP 2: Compare expected and recorded amounts

STEP 3: Investigate significant differences

TYPES OF ANALYTICAL PROCEDURES

(a) Trend Analysis

(b) Ratio Analysis

(c) Test of Reasonableness

ANALYTICAL PROCEDURES THROUGHOUT THREE AUDIT PHASES

OBSERVATION & INSPECTION

Sources of information for observation or inspection include:

• Entity’s operations, premises and plant facilities (tour)

• Documents, records and control manuals

• Management and TCWG reports

• Books, periodicals and other publications

OTHER SOURCES TO OBTAIN UNDERSTANDING

• Use of information obtained in prior period audits (Check relevance of the

information)

• Discussion among engagement team (brainstorming)

REQUIRED UNDERSTANDING

The auditor applies professional judgment in determining the extent of the

understanding which is ordinarily LESS THAN that of possessed by management.

To achieve such understanding, the scope of auditor’s understanding includes

the following six key elements:

REQUIRED UNDERSTANDING (NAME OB)

• Nature of Entity
 • Accounting Policy

• Measurement and Review of Financial Performance

• External Factors

• Entity Objectives and Strategies

• Business Risks

BUSINESS RISKS

• Business risk is a risk resulting from significant condition, events and etc.
that could affect entity’s objectives and strategies.

• All ROMM are business risks but NOT vice versa.

SUMMARY OF POTENTIAL BUSINESS RISKS

CIRCUMSTANCES BUSINESS RISK

Industry Developments Lack of Expertise
New Products and Services Increased Product Liability
Expansion of Business Inaccurate Demand
New Accounting Requirements Improper Implementation of
Regulatory Requirements the Standard
Use of IT Legal Exposure
Financing Requirements Incompatible Systems
Default Risk

UNDERSTANDING THE ENTITY’S INTERNAL CONTROL

INTERNAL CONTROL

Internal control is a process designed, implemented and maintained by

management, TCWG and other personnel to provide reasonable assurance in
addressing risks that are present between the entity and accomplishment of its
objectives.

CHARACTERISTICS OF INTERNAL CONTROL

• Internal control is a process

• Internal control is effected by people

 • Internal control can only be expected to provide reasonable assurance
NOT absolute assurance.

LIMITATIONS OF INTERNAL CONTROL

✓ Cost-benefit consideration

✓ Routinary nature

✓ Human errors

✓ Collusion and circumvention

✓ Management override

✓ Inadequacy of procedures

CHARACTERISTICS OF INTERNAL CONTROL

• Internal control is designed towards achievement of objectives such as:

✓ Financial Reporting (Preparation of reliable financial reporting)

✓ Operations (Effective and efficient operations

✓ Compliance (Compliance with applicable laws and regulations

COMPONENTS OF INTERNAL CONTROL

(CRIME)

• Control Environment

• Risk Assessment Process

• Information and Communication Systems

• Control Activities

• Monitoring

NOTE: These components are interrelated to one another to achieve

business objectives.

CONTROL ENVIRONMENT

• Tone at the top. Tone of management and TCWG towards internal control.
(Head and Brain of Internal Control)

• This is the foundation of internal control as it sets the tone of the

organization that influences the control consciousness.

Seven elements of control environment:

(CHAMPOI)

✓ Integrity and ethical values

✓ Commitment to competence
 ✓ Human Resource policies and practices

✓ Assignment of authority and responsibility

✓ Management’s philosophy and operating style

✓ Participation by TCWG

✓ Organization structure

RISK ASSESSMENT

• Process for identifying business risks relevant to financial reporting

objectives and deciding about actions to address those risks.

• Eyes and senses of internal control.

INFORMATION AND COMMUNICATION SYSTEMS

• The identification, capture and exchange of information that enables

individuals to carry out their responsibilities.

• The blood and veins of internal control.

CONTROL ACTIVITIES

• These are policies and procedures that help ensure that management
directives are carried out such as:

✓ Performance reviews

✓ Information processing

✓ Physical controls

✓ Segregation of duties

• Arms and legs of internal controls.

• Classification of control activities are as follow:

✓ Preventive Controls

✓ Detective Controls

✓ Compensating Controls

MONITORING

• It is the process of assessing effectiveness of internal control over time,

including taking necessary corrective actions.

Types of monitoring activities:

✓ Ongoing monitoring activities

✓ Separate evaluations

✓ A combination of the two.

NATURE & EXTENT OF AUDITOR’S UNDERSTANDING

Auditors consider internal control:

Primarily to plan the audit and secondarily to suggest improvements on the

internal control.

What to Understand?

The auditor is required to understand EACH COMPONENT’s DESIGN AND

IMPLEMENTATION.

How to obtain understanding?

The following procedures are performed to obtain understanding of the entity’s

internal control:

• Inquiry

• Observation

• Inspection

• Walkthrough Procedures

DOCUMENTATION OF UNDERSTANDING

NARRATIVES

ADVANTAGES DISADVANTAGES

• Tailor-made • Time consuming

documentation • Weaknesses are not
• Detailed analysis obvious
which requires
auditor to
understand a
control

FLOWCHART

ADVANTAGES DISADVANTAGES
• Graphical • Time consuming
representation • Weaknesses are not
• Unlikely to obvious
overlook controls • Knowledge about
• Easy to understand the symbols is a
must

Internal Control Questionnaire (ICQ)

ADVANTAGES DISADVANTAGES
• Easy completion • Inadequacy of
• Comprehensive list answering
of questions • Questions may be
• Weaknesses unfit to client
become obvious • Not process
DEFICIENCIES IN INTERNAL CONTROL

The three levels of severity of control deficiencies the auditor may identify are as
follows:

OUTPUTS OF AUDIT PLANNING

1. Overall Audit Strategy

It is an auditor-prepared document that compiles information about the entity,

its environment and its internal control, significant audit factors and areas of
interest to auditor.

It sets the scope, timing and direction of the audit and guides the development
of the audit plan.

Overall audit strategy is the GENERAL AUDIT STRATEGY

2. AUDIT CHECKLISTS or AUDIT PROGRAMS

It is a detailed approach for the expected nature, timing and extent of the audit.

In other words, audit program is a list of procedures to gather evidence. It

serves as a set of instructions to engagement team as a means of control and
record of procedures.