CHAPTER 1 - The Practitioner’s Engagement

1. Assurance engagement – express a conclusion in a written report to improve the quality of

information so that users of such information can make informed decisions. Ex – audit of F/S,
practitioner issues a report containing an opinion about whether the F/S are in accordance with
the generally accepted accounting principles that enhances user’s confidence on F/S.

The demand for assurance services arises from various reasons:

a. Potential bias of information provider – incentive to do so (assurance engagement – involve

independent, third-party evaluation)
b. Remoteness of information user from information provider – no access to verify the information
– assurance engagement provide an opportunity for the information to be verified.
c. Complexity of subject matter information
d. Expertise and independence of practitioners – practitioner – expert , act with integrity,
objectivity, and professional skepticism.
e. Risk management – assurance engagement enhance the credibility of information; this reduces
information risk.

Types of assurance engagement

I. Assurance level – engagement risk (practitioner expressed an inappropriate conclusion when the
subject matter information is materially misstated)

 Reasonable assurance engagement – high but less than absolute. Reduce assurance engagement
risk to an acceptably low level. Various procedures. Positive form of conclusion.
 Limited assurance engagement – low aka moderate. Limited procedures. Negative form of
conclusion.

Limitations of Assurance Engagement

 a. Use of selective testing
b. Use of judgement
c. Inherent limitations of internal control
d. Persuasive evidence rather than conclusive
e. Characteristics of the subject matter

II. Structure
a. Attestation – assertion based – with responsible party’s assertion and available to users
b. Direct reporting – practitioner – not available to users

 Engagement must have the ff elements to be an assurance engagement:

 Three party relationship – practitioner, responsible party, intended users
 Practitioner – broader than the term auditor, hence assurance engagements are
very broad, because they can be performed even by other professionals.
 Responsible party – direct reporting engagement (w/o assertion), attestation
engagement (the assertion)
 The responsible party may or may not be the party who engages the
practitioner
 Intended users
 Appropriate subject matter
 Suitable criteria – benchmarks/standards
 Sufficient appropriate evidence
 Written assurance report

2. Non-assurance engagement – ex are tax compliance and advisory services. If they lack one or
more of the five elements of an assurance engagement. Ex:
a. Agree-upon procedures engagement
b. Compilations engagement – two party relationships
c. Preparation of tax returns where no conclusion conveying assurance is expressed – two
party relationships.
d. Consulting (or advisory) engagements such as management and tax consulting –
practitioner makes recommendations.
e. Engagements to testify, maybe as an expert witness or otherwise, in legal proceedings
regarding accounting, auditing, taxation, or other matters.
f. Engagements that include professional opinions not intended to be an assurance report.
 Practitioner does not need to be independent of the responsible party.
 CHAPTER 2 - Auditing

"An audit is a systematic process of objectively obtaining and evaluating evidence regarding assertions
about economic actions and events to ascertain the degree of correspondence between these assertions
and established criteria, and communicating the results to interested users."

The following concepts of auditing can be deduced from the definition above:

1. An audit is a systematic process.

2. An audit is conducted objectively.
3. The auditor obtains and evaluates evidence.
4. The audit evidence concerns assertions about' economic actions and events.
5. The auditor ascertains the degree of correspondence between assertions and established
criteria.
6. The ultimate goal of audit is to communicate its the results to interested users.

 F/S audits and compliance audits are similar as they both involve determining whether the
subject matter conforms to certain criteria. Operational audits tend to be more subjective than
the other audits because the criteria for effectiveness and efficiency vary from entity to entity.

Audits According to Subject Matter

Audits as to subject matter are classified are as:

a. Financial reporting - preparation of reliable financial reports (FS)

b. Operations - effective and efficient use of the entity's resources
c. Compliance - entity's compliance with policies, laws, regulations, etc.

1) F/S Audits - This is conducted to determine whether F/S present fairly the financial position,
performance, and cash flows. The auditor's opinion, however, neither assures entity's future
viability nor management's efficiency or effectiveness. Is a reasonable assurance and attestation
(assertion-based) assurance engagement.

The three categories of assertions are:

a. Classes of transactions and events (refer primarily to income statement accounts)

b. Account balances (refer to balance sheet accounts)
c. Presentation and disclosure (refer to e ntire F/S)
 2) Operational (Performance) Audits - non-financial activities like monthly target, normally
receives auditor's recommendations for improvement of operations.

This is a study of an entity's specific unit for purposes of measuring whether that unit conducted its
operations efficiently and effectively. Effectiveness is a measure of whether an entity achieves its
goals and objectives. Efficiency shows how well an entity uses its resources to achieve its goals.
Operational audit may be divided into two:

 Economy and efficiency (management) audit-The appraisal of management performance

from the most efficient point of view, i.e., cost-benefit analysis.
 Effectiveness (program results) audit-The evaluation of programs and activities to determine
the extent of achievement of previously set goals and objectives.

3) Compliance Audits

Audits According to Auditor

a. External (Independent) Audits – performed by professional accountants in public practice – ex FS

b. Internal Audits - "an independent, objective assurance and consulting activity designed to add
value and improve an organization's operations." directly report to those charged with
governance (TCWG or the audit com1nlttee or board of directors). F/S audits may also be
performed but reports are for internal not external, use only.
c. Governmental Audits

Audit Risk and Reasonable Assurance

Audit risk occurs when the F/S are already materially misstated - even before the audit, and the auditor
fails to detect them leading to expression of an inappropriate opinion.

[AR = f(ROMM x DR)]

- Function of the risks of material misstatement and detection risk

- The auditor views DR and ROMM as inversely related.
- The higher the assessed level of ROMM, the lower the DR the auditor sets, and vice versa.
- Note that detection risk cannot be set at zero given that there is always ROMM.

THE RISK-BASED AUDIT PROCESS

Phase 1-Risk Assessment

In this phase, the auditor decides whether to accept an audit engagement. If the client is
acceptable, the auditor documents the terms of audit in an engagement letter. To effectively
 (and efficiently) perform an audit, the auditor plans the audit. This involves obtaining
understanding of the entity, its environment and its internal control that serves as a frame of
reference on

(1) how the audit is conducted,

(2) professional judgment and professional skepticism are exercised,

(3) materiality is determined, and

(4) ROMM are assessed both at F/5 and assertion levels.

Phase 2-Risk Response

The assessed ROMM serves as a basis for the auditor's responses to obtain sufficient appropriate
audit evidence. The auditor's two responses include overall responses to address risks ROMM at
F/5 level and further audit procedures at assertion level.

Phase 3-Conclusion and Reporting

a) Form an opinion on the F/S; and

b) Express clearly that opinion through a written report.

The following are the auditor's opinions depending on the outcome of engagement:

1. Unmodified (Unqualified or Clean) opinion

2. Modified opinion-The three types of are:

a. Qualified opinion-

b. Adverse opinion

c. Disclaimer of opinion

Professional Judgment

 The auditor's ability to exercise professional judgment is as the hallmark (trademark) of auditing

Professional Skepticism

 It is believed that Professional skepticism is the auditor's best ,method to detect fraud.
o (1) a questioning mind,
o (2) being alert to conditions which may indicate possible misstatement due to error or
fraud, and
o (3) a critical assessment of audit evidence.
Audit Quality means that the audit Is performed In accordance with relevant ethical, professional, legal,_
and regulatory requirements.

Relevant ethical requirements include the following fundamental principles of:

a. Integrity

b. Objectivity .

c. Professional competence and due care

d. Confidentiality

e. Professional behavior

 In addition, the Code of Ethics also requires professional accountants to be independent, both of
mind and in appearance, when performing audits.

Chapter 3 – Audit Evidence and Documentation

Audit evidence is all information (oral or documentary, electronic or manual) used by the auditor on
which the audit opinion is based. The two types of audit evidence are:

1. Underlying accounting records - Accounting records alone cannot constitute sufficient evidence.
2. Other information - inquiry, observation, and inspection.

 Audit Procedure according to Purpose

1. Risk assessment procedures (RAP - performed to obtain an understanding of the entity, its
environment, and its internal control to identify and assess the ROMM at the F/5 and assertion
levels.
2. Further audit procedures (FAP) comprise:
 ToC Test of Controls - performed to evaluate the operating effectiveness of controls in
preventing, or . detecting and correcting, material • misstatements at the assertion
level;, and
 SP Substantive Procedures - which include tests of details (TOD) and substantive
analytical procedures (SAP)-performed to detect material misstatements at the assertion
level
 Audit Procedure according to Type
1. Inspections
2. Observation
3. External Confirmation
4. Recalculation -
5. Reperformance - the -auditor's independent· execution of procedures or controls that were
originally performed as part of the entity's internal control.
6. Analytical Procedures - the eva1uations of financial information through analysis of plausible
relationships" among both financial and non-financial data as well as the investigation of
identified fluctuations or relationships that are inconsistent with other information or that differ
from expected values by a significant amount.
7. Inquiry - Inquiry is the most extensively used procedure although alone does not often provide
sufficient evidence.

 The procedures in order of cost are

- confirmation (most costly),
- inspection,
- recalculation,
- reperformance,
- observation,
- analytical procedures,
- and inquiry (least costly).

 The auditor performs RAP to identify ROMM and FAP to address detection risk to reduce audit
risk to an acceptably low level.
 The auditor obtains sufficient appropriate audit evidence on which to base the auditor’s opinion.
The sufficiency and appropriateness of evidence are interrelated.
 The auditor’s professional judgment11timately determines the sufficiency and appropriateness
of audit evidence. In gathering audit evidence, the auditor should also maintain professional
skepticism to avoid gathering inappropriate evidence.
  The quantity of evidence is affected by
( 1) the assessment of the risks of misstatement (the higher the assessed risks, the more audit
evidence is likely to be required) and
(2) the quality of audit evidence (the higher the quality, the less may be required). However,
simply obtaining more audit evidence may not compensate for its poor quality.

Direction of testing
1. Vouching – refers to testing recorded transactions to supporting documents; it is appropriate
when testing for overstatement to obtain evidence about exist e or occurrence assertion
typically for assets and income accounts.
2. Tracing - involves testing from supporting documents to records such as the journal and general
ledger; it is appropriate when testing for understatement to obtain evidence about
completeness assertion typically for liability and expense accounts.
Reliability

The audit evidence is general more reliable when:

a. Obtained from independent sources.

b. The related controls are effective.

c. Obtained directly than indirectly or by inference.

d. In documentary form than oral.

e. In original state than by photocopies or facsimiles.

Audit Documentation aka working papers

Audit files: Permanent and Current

 Audit documentation is the property of the auditor, must protect the confidential nature of
working papers.

Chapter 4 – Performing Preliminary Engagement Activities

When is an engagement acceptable?

1. Competence, Capabilities, Time, and Resources

2. Auditor's Compliance with Relevant Ethical Requirements
3. Integrity of Client

Once an engagement is considered acceptable, the auditor establishes the basis of engagement through:

1. Audit preconditions
2. Terms of engagement

Management and TCWG's Responsibility-The Audit Premise

Management refers to person(s) with- executive responsibility for the conduct of the entity's operations.

TCWG are the person(s) or organization(s) with responsibility for overseeing the strategic direction of the
entity and accountability of the entity, for example, governance board.

1. For the F/5, including internal control relevant to preparation of F/5;

2. To provide the auditor with:
a. All information relevant to F/S
b. Any additional information the auditor may request
c. Unrestricted access to those within the entity to obtain audit evidence
Limitation on Scope Prior to Audit Engagement Acceptance

The auditor shall not accept an engagement if management or TCWG limits the scope of work that will
result in a disclaimer of opinion, unless required by law or regulation. This includes unrealistic deadlines,
not accepting audit staff to perform the work, and denial of access to a facility, key personnel, or relevant
documents.

The agreed terms are documented in an engagement letter or other written – to avoid
misunderstanding.