Chapter 1

Auditing
Rittenberg Johnstone Gramling

A Business Risk Approach

7e

Auditing: Integral to the Economy

Copyright 2010 South-Western/Cengage Learning

Audit Opinion Formulation Process

The Audit Function

Perform tests on an organizations records to determine that they are accurate. Interpret FASB, IASB, GASB, and other authoritative pronouncements to ensure that financial statements are fairly presented. Make judgments about the fairness of complex accounting processes and then test, the organizations system of internal control over financial reporting. Do all this in a totally objective, unbiased, and professionally skeptical manner.

LO 1: Auditing
A systematic process of objectively obtaining and evaluating evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between those assertions and established criteria and communicating the results to interested users.

What is Attestation?
Attestation involves gathering evidence about assertions, evaluating the evidence against objective criteria, and communicating the conclusion reached. Auditing is specific attestation service where the auditor gathers evidence to determine whether the financial statements are fairly presented in accordance with Generally Accepted Accounting Principles and issues an opinion to be used by third-party users, management, and the Board of Directors.

Auditing Process
Gathering evidence to attest to assertions. Evaluating those assertions against objective criteria. Communicating the audit conclusion to interested parties.

LO 2: Auditing: A Special Function

Auditing is both more and less than public accounting.
More because it includes internal and operational auditing, governmental auditing, and other services that evaluate and report on managerial performance. Less because public accounting firms provide a variety of other assurance and non-audit services.

Challenges of the Profession

Detect material fraud and assure that users of financial statements are free from fraud. Complex accounting transactions and organizational structures. Computer systems are complex. Many companies are global. Time pressure to get audit done. Need to generate sufficient audit fees.

Users of Audited Financial Statements

The Need for Assurance Services

Potential bias in providing information, that is, the providing party may want to convey a better impression than real circumstances merit. Remoteness between a user and the organization or trading partner. Complexity of the transactions, information, or processing systems such that it is difficult to determine their proper presentation without a review by an independent expert. Riskiness of Investments: Investors need to manage their risk and thereby minimize financial surprises.

LO 3: The Accounting Professions Decade of Unprecedented Turmoil and Change

The failure of one of the largest public accounting firms (Andersen). Four of the largest bankruptcies ever - each in companies where financial statement misrepresentation had taken place. Billions of investment and retirement dollars lost. Perception that auditors were not independent from their clients.

Changes in the Profession: Increased Demand for Accountability

The Sarbanes-Oxley Act of 2002 provided critical improvements related to auditing and the financial statements. The Act focused on:
Improved corporate governance. Required reporting on internal controls. Audit standard setting moved to a new quasi-public organization. Improved independence of the external audit function. Acknowledgment of greater public expectations of auditors.

Improved Corporate Governance

The lack of corporate governance was a major factor in business failures; most notably, a failure of Boards of Directors to oversee management, and effectively utilize the audit function. Sarbanes requires Boards of Directors be independent of the organization and exercise oversight over management and the audit function. Further, the Board of Directors, through its audit committee, is the "client" of the public accounting firm.

LO 4: Required Reporting on Internal Controls

In most cases of major fraud, companies had poor internal controls over financial reporting. Effective internal control system that produces reliable information should be established. Report deficiencies in public reports so that its impact can be assessed. Treadway Commissions report on Fraudulent Financial Reporting in 1987 advanced the need for public reporting on internal control.

Sarbanes requires the CEO and CFO of SEC registered companies to assess and publicly report on the quality of its internal controls over financial reporting.

Audit Standard Setting and Auditor Independence

The audit function must be independent and objective if assurances are to be trusted by third parties. Auditor independence has been strengthened by requiring:
1. The audit committee has the authority to hire and fire the external auditors. 2. Mandatory rotation of the audit engagement partner every five years. 3. Consulting work cannot be performed for audit clients. 4. Increased oversight of potential independence conflicts by the audit committee.

Non-public companies and smaller audit firms are not required to follow all these guidelines.

Audit Standard Setting Moved

The public lost confidence in the ability of the profession to serve the public interest. Sarbanes created the Public Company Accounting Oversight Board (PCAOB).
The PCAOB has authority to develop audit standards for audits of publicly traded companies. The PCAOB is also charged with performing peer review of all public accounting firms that perform audits of public companies. The PCAOB is comprised of five public members appointed by the SEC.
No more than two members can be CPAs.

LO 5: The AICPAs Definition of Assurance Services

The AICPA's Special Committee on Assurance Services defines assurance as: Independent professional services that improve the quality of information, or its context, for decision makers."

Assurance services involve three components:

Information or a process on which the assurance is provided. A user or group of users who derive value from the assurance provided. An assurance service provider.

What are the Attributes Needed to Perform Assurance Services?

1. Subject matter knowledge 2. Independence from parties requesting assurance

3. Agreed upon criteria to evaluate quality of presentation

4. Expertise in the process of gathering and evaluating evidence

What are the Levels of Assurance Provided?

1. Positive assurance (such as an audit opinion) 2. Limited or negative assurance (such as a review of financial statements) 3. No assurance (such as a compilation of financial statements)

The AICPA's Special Committee on Assurance Services has identified six areas of potential service:
1. Risk Assessment: Quality of processes implemented by an organization to identify, assess, and manage risks. 2. Business Performance Measurement: Processes to identify, measure, and communicate alternative measures of performance. 3. Information System Reliability: Quality of controls to ensure system security, reliability, timeliness, and accuracy. 4. Healthcare Performance Measurement: Provide information about the quality of services provided by healthcare providers. 5. Electronic Commerce: Provide assurance that systems and tools are designed and functioning with integrity and security. 6. Elder Care Plus: Provide assurance whether the needs of the elderly are being met by various caregivers.

What are Attest Services?

Attest services are a subset of assurance services. Attest services always involve evaluation of an assertion made by one party to a third party. Attest services always involve a report sent to a third party.

LO 6: Requirements to Enter the Public Accounting Profession

Accounting and Auditing Expertise: In addition to technical knowledge, auditor must have sound conceptual understanding of financial reporting and auditing. Internal Auditing Expertise: Auditor must be able to analyze the organizations internal controls to determine if there are weaknesses. Knowledge of Business and its Risks: Auditor must understand the basic structure of a business in order to identify significant risks affecting the client. Understanding Accounting System Complexity: Auditor must understand the challenges posed in a system in which traditional source documents do not exist.

Who Are the Providers of Assurance Services?

The Public Accounting Profession The Internal Audit Profession The Governmental Audit Profession

The Public Accounting Profession

More than 45,000 CPA firms in the United States, ranging sole-practitioners to large multinationals such as the Big 4. These firms provide a variety of services in the areas of assurance and financial statement services, tax planning and compliance, and consulting. The SEC has prohibited accounting firms from providing most consulting services to public companies that they audit. Such restriction on services has not been specified by the AICPA or regulatory authorities for public accounting firms that do not audit SEC registered clients.

Organization of CPA Firms

The organizational hierarchy of CPA firms has been described as a pyramidal structure.
Partners (or owners) are at the top and are responsible for the overall conduct of each audit. Next, managers review the detailed audit work performed by staff auditors. Seniors are responsible for overseeing much of the day-today activities on a specific audit. Staff auditors perform the basic, detailed audit work. Partners and managers may be involved in a number of audit engagements being conducted simultaneously; seniors and staff are usually assigned to only one audit at a time.

The Internal Audit Profession

Internal auditing is defined as:
An independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes."

Internal Auditors Add Value to an Organization

Internal auditors evaluate processes to identify and management risk, develop and implement effective internal controls. Internal auditors assure management and the Board of Directors on the company's compliance with policies or regulatory requirements, or the effectiveness of processes and operations. Internal auditors provide consulting services such as analyzing problems and identifying potential solutions. Internal auditors perform operational audits designed to evaluate the effectiveness, economy, and efficiency with which resources are employed.

Governmental Auditing Profession

Employed by various Federal, state, and local agencies. Governmental auditors perform all the types of audits that internal auditors perform including compliance, operational, and performance audits.

LO 8: Professional and Regulatory Organizations

The PCAOB established as part of the Sarbanes-Oxley Act of 2002 has authority to set auditing standards for audits of public companies and to perform quality reviews of all registered CPA firms. The SEC oversees the PCAOB and all companies publicly traded on the U.S. capital markets. It has the authority to establish GAAP for publicly traded companies, and to prosecute companies who violate SEC laws. The AICPA has long served as the primary governing organization of the public accounting profession. It provides a variety of continuing education programs and administers the Uniform CPA Examination. Membership in the AICPA is voluntary.

The Securities and Exchange Commission (SEC)

Established by Congress in 1934 to regulate the capital market system. Over site of PCAOB and all public companies required to register with it to gain access to the U.S. capital market. Has the authority to establish GAAP for publicly traded companies. Has prosecutorial authority.

The American Institute of Certified Public Accountants (AICPA)

Primary governing body of the public accounting profession Continues to develop standards for audits of non-public companies Administers the Uniform CPA Examination

Professional and Regulatory Organizations

The State Boards of Accountancy are responsible for certifying and licensing CPAs in their state. While all state boards require passage of the Uniform CPA Examination, education and experience requirements vary by state. The Institute of Internal Auditors issued internal auditing standards and administers the Certified Internal Auditor program. The U. S. General Accounting Office is the nonpartisan audit agency for Congress. The GAO develops auditing standards for governmental audits.