AUD CPA Notes

Copyright belongs to Maggie’s CPA Notes

Please do not distribute illegal copies.

 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
Chapter 21 Standards and Related Topics

Chapter 22 Planning

Chapter 23 Internal Control

Chapter 24 Evidence and Procedures

Chapter 25 Audit Programs

Chapter 26 Statistical Sampling

Chapter 27 Audit IT System

Chapter 28 Reports on Audited Financial Statements

Chapter 29 Other Auditing Standards

Chapter 30 Other Types of Reports

Chapter 31 Other Services

1
 
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
Chapter 21 Standards and Related Topics

SUMMARY
***Memorize***

General Standards

Standards of Field Work

Standards of Reporting

Implicit

TIP

i. Independence – must put in writing to the audit committee

1) Audit: reasonable assurance, independence required
2) Review: limited assurance, independence required
3) Compilation: no assurance, do not require independence
ii. SOX
1) Rotate lead audit partner on audit every 5 years
2) Prohibit auditing if the auditor in the previous year becomes CEO, controller…
3) Require audit committees to be directly responsible for 1) hiring the auditor 2) compensate
auditor 3) oversee auditors’ work. Audit firm can perform tax service as well with AC’s approval.
 

QUALITY CONTROL

ƒ A Acceptance and Continuance of Clients and Engagements

ƒ I Independence, Integrity, and Objectivity
ƒ C Continuous Monitoring
ƒ P Personnel management
ƒ A Assurance regarding Engagement Performance

 
ƒ The nature and extent of a CPA firm’s quality control depend on 1) the firm’s size 2) the nature of the
firm’s practice 3) cost-benefit

 
2
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
***Memorize***

¾ Before accepting a new client, need to communicate with Predecessor Auditors

1. The integrity of management
2. Disagreements between the predecessor and management on accounting principles, auditing
procedures, or other significant matters
3. The predecessor’s understanding about why there was a change in auditors;
4. Predecessor communications to audit committees (or similar authorities) regarding internal control
related matters, illegal acts by clients, and fraud.

POINTS
ƒ SEE - Evidence – sufficient appropriate evidence
ƒ Quality control is not part of GAAS, GAAS is the measures of auditors’ performance
ƒ A successor auditor usually need/can review virtually all the predecessor’s WP

3  
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
Chapter 22 Planning (25%)

SUMMARY

FRAUD
i. Fraud risk factors
1. High turnover
2. Rapidly changing technology
3. Chang = risk
4. Aggressive earnings projections
5. Considerable competition
6. Negative cash flows
7. Off-shore holding companies

ii. Procedures to detect fraud

1. Unpredictable audit tests
2. Consider possibility & design Procedures to test management override of controls
3. Examine management estimates, year-end entries, unusual entries

iii. Auditor’s responsibilities:

Document the auditor’s response to any fraud risk factors found and evaluation in w/p

iv. Procedures after detecting fraud – always significant, despite of materiality

1. Inform BOD or AC (those charged with governance)
2. Serious breakdown in controls
3. Consult legal counsel

v. Communication of fraud/illegal action

1. Legal/Regulation requirement
2. Successor auditor
3. In response to a subpoena
4. Funding agency

ILLEGAL ACTS
i. Auditor’s responsibilities:
Evaluate risk factors and give reasonable assurance that there are no illegal acts that have a direct effect
on the f/s

ii. Procedures after detecting illegal acts

1. Inform AC (those charged with governance)
2. Consider impact on evaluation of management integrity
3. Consider impact on audit report
4. Consider withdrawal from engagement
5. Consult legal counsel

 
4
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
UNDERSTANDING WITH CLIENTS – ENGAGEMENT LETTER
***Read***

i. Objective of the engagement

ii. Management’s responsibilities:

(1) f/s as well as the selection and application of accounting policies;

(2) Establishing and maintaining effective IC;
(3) Identification and compliance with applicable laws and regulations;
(4) Making all financial records and related information available to the auditor,
(5) Adjusting the financial statements to correct material misstatements
(6) Provide the auditor with management rep letter

iii. Auditor’s responsibility

(1) Reasonable assurance

(2) Obtain understanding of IC

iv. Limitations of engagement

(1) Not designed to provide assurance on IC

(2) If fraud is discovered – report to AC

***Read***
INFORMATION COMMUNICATED WITH AC

1. Significant matters related to internal control.

2. Selection of or changes in significant accounting policies.
3. Management’s process in making accounting estimates.
4. Adjustments arising from the audit that could have a significant impact on the financial statements.
5. Any disagreements, whether or not resolved, with management about matters that, individually or in
the aggregate, could have a significant impact on the f/s
6. Any serious difficulties encountered in dealing with management related to the performance of the
audit.
7. Responsibility for other information in documents containing f/s.
8. Any consultations management had with other accountants about accounting and auditing
matters.
9. Any major issues discussed regarding initial or recurring retention of the auditor.
10. Uncorrected misstatements

POINTS
ƒ During the initial planning phase, auditors will discuss with mgt the NET of the audit work
ƒ If specific information comes to the auditor’s attention that provides evidence concerning the existence of
possible illegal acts that could have a material indirect effect on the financial statements, the auditor
should apply audit procedures specifically directed to ascertaining whether an illegal act has occurred.
ƒ Draft of audit program addressing NET is required

5  
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
Chapter 23 Internal Control (15%)

SUMMARY
i. Understanding Entity and its environment (SEE) affect the
9 Nature if IC is weak, CR high, use ↑ outside evidence
9 Extent of audit procedures if IC is weak, need to gather more evidence
9 Timing if IC is weak, testing will have to be done at
YE instead of interim (substantive tests vs. TOC)

***Memorize***

ii. Internal control components (CRIME)

ƒ Control Activities – policies and procedures- Paid Tips

1. Pre-numbering documents
2. Authorization of transaction
3. Independent checks
4. Documentation
5. Timely and appropriate performance review – budget variance
6. Information processing controls - ITGC
7. Physical controls
8. Segregation of duties (ARC)

9 Authorization
9 Record
9 Custody
ƒ Risk Assessment – risk facing the entity instead of auditor CR
ƒ Information and Communications – accounting system
ƒ Monitoring
ƒ Control Environment – tone of the org, e.g. management’s attitude

iii. SOD for IT

1. Control group
2. Operators
3. Programmer
4. Analyst
5. Librarian

iv. Documentation - required in WP to be retained for at least 7 years per SOX

1) Understanding of CRIME of IC
2) Sources of information
3) Risk assessment procedures performed

 
6
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
v. Changes of controls

ƒ Must be tested in current audit

ƒ It no change, must be tested at least every 3 years, more often if significant

***Memorize***
STEPS IN THE AUDIT – (MEMORIZE!!)
1) Establish understanding with client
9 Services to be performed
9 Objective of the audit
9 Limitations(reasonable assurance)
9 Space / Staffing requirement
9 Fees
9 Auditor / management’s responsibilities
2) Obtain understanding of entity and its environment, including its IC
ƒ NET
ƒ Risk assessment procedures
3) Assess risk of material misstatement in f/s assertions – IR, CR
4) Design and perform audit procedures to address the risk of material misstatement
9 Test of controls
9 Substantive tests
5) Evaluate audit evidence
6) Form opinion and issue report – public company, w/p reviewed by a 2nd partner
7) Understand IC Æ Control risk assessment Æ Perform Toc Æ Assess Results Æ Substantive
testing

***Memorize***
IC QUESTIONNAIRE – see P9 week 3

1. Bonding – insurance policy

Lower risk if bonding b/c 1) will recover, 2) investigated by insurance co.
2. Approval
3. Numeric checks – pre-numbered
4. Cross-checks
5. Internal audit function
6. Separation of duties
7. Mechanical devises – physical access
8. Other
9. Personnel policies - Rotate, mandatory vacation

7  
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
SIGNIFICANT DEFICIENCIES AND MATERIAL WEAKNESS
ƒ Auditors are not required to search for significant deficiencies / material weakness, but may report to
management / governance if find any (implicitly)
ƒ If mentioned in the report, should state that the auditor is not expressing an opinion on IC.
ƒ Need to report in each audit regardless of previous communication
ƒ Written communication should be no later than 60 days following report release date
ƒ Control deficiency Æreport: Significant deficiency Æ report: Material weakness (more and more serious)

TRANSACTION CYCLES
i. Purchase and AP

Factory User Prenumbered Stores Requisition

Storeroom Prenumbered Purchase Requisition (PR)

Purchasing Dept Prenumbered PO Vendor

Blind

Receiving Dept Receiving Report (RR)

#s Received
Filled in

Prenumbered, 3-copy voucher package AP Dept

9 Record transaction in AP sub-ledger

9 Approve Payments

General Accounting Treasury Dept Sign & Send Check

9 Cancel files voucher package

ƒ Vouch (work backwards) Æ Existence
ƒ Trace (work forwards) Æ Completeness
ii. Sales and AR

Department Documents
Sales Æ Prenumber Sales Order
Credit (Authorization) Credit Approval (Valuation) Æ
Shipping (Custody) Shipping Documents (BOL) Æ
Billing (Record) Prenumber Invoices Æ
Accounting (Record) Record transaction in Sales/AR sub-ledger

 
8
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 

9
 
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
POINTS
ƒ Immediately upon receiving checks from customers by mail, a responsible employee should prepare a
duplicate listing of checks received
ƒ Audit evidence concerning segregation of duties ordinarily is best obtained by observing the
employees as they apply control procedures
ƒ Debit Memo – AP; Credit memo – AR
ƒ The person who last signs the checks should keep control of them until they are mailed.
ƒ All receipts for goods, including returned goods or materials, should be handled by the receiving clerk.
ƒ Analytical procedures and confirmations are usually for substantive tests.
ƒ AP department do 3-way match

 
10  
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
Chapter 24 Evidence and Procedures (35%)

SUMMARY
***Memorize***
AUDIT PROCEDURES
i. Test of controls
1. Observation
2. Inquiry
3. Inspection
4. Re-perform procedures
ii. Substantive tests
1. Analytical procedures
2. Tests of details
3. Confirmation

EVIDENCE - (3rd Standard of field work SEE)

1. Sufficient
2. Appropriate
9 Relevant
9 Reliable
1. From outside
2. Client has a strong IC structure
3. Obtained directly by the auditor
4. Exists in documentary form
5. Original documents
Generated Circulated Example
Level 1 Externally Externally Bank confirmation Auditor’s direct knowledge
Level 2 Externally Internally Bank statement External evidence
Level 3 Internally Externally Cancelled checks Internal evidence
Level 4 Internally Internally PO, receiving reports Oval evidence

ƒ Audit evidence obtained directly by the auditor (e.g. observation, confirmation, calculation) is more
reliable than audit evidence obtained indirectly or by inference (outside)

INTERNAL AUDIT
ƒ Internal auditors cannot be used to make judgement/assessment (e.g. assess IR and CR )
ƒ In performing an audit, the auditor may request direct assistance from the internal auditors, in obtaining
an understanding of the internal control structure or in performing tests of controls or substantive tests.
ƒ Competence – educational background
ƒ Objectivity – level to report, scope

11  
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
***Memorize***

MANAGEMENT REPRESENTATIONS
1. FS fairly presented in conformity with GAAP
2. Availability of financial records and minutes
3. No Noncompliance or deficiencies in financial reporting practices
4. No material misstatement
5. No fraud
6. No plan/intention of affecting CV of asset/liability
7. No material misstatement of Related party, guarantee, uncertainties
8. Material Violation of laws, contingencies
9. Title of ownership of assets, any collateral
10. Compliance of contractual agreements
11. Management’s belief of no material misstatements, no unrecorded subsequent events
*dated the same date as the audit report
 
ANALYTICS

Analytics  Commonly used Required by GAAS 

Planning stage   X X
Substantive test  X ‐
Review stage  X X
Test of controls  ‐ ‐

ƒ Analytical procedures alone may provide the appropriate level of assurance for some assertions.
ƒ Analytical procedures used in planning an audit generally use data aggregated at a high level
ƒ Analytical procedures used in planning an audit should focus on enhancing the auditor's understanding of
the client's business

POINTS
ƒ CPA owns w/p, but needs client’s permission to show to a third party
ƒ Un-reconciled differences between control and subsidiary accounts causes an auditor to suspect that
material misstatements exist in a client's financial statements.
ƒ Specialist work: The auditor should obtain an understanding of the methods or assumptions used by
the specialist and evaluate whether the specialists findings support the related assertions in the financial
statements. The work of a specialist who has a contractual relationship with the client may be acceptable
under certain circumstances
ƒ Normally, the auditor should not refer to the work or findings of the specialist, specially for standard
qualified opinion.

1. Unqualified Opinion, Standard Report No reference to the specialist.

2. Unqualified Opinion, Explanatory Paragraph Added to Report Refer to specialist in explanatory paragraph only if
doing so will help clarify the reason for the explanatory paragraph.
3. Qualified or Disclaimer of Opinion Scope limitation, the auditor is unable to obtain sufficient, competent evidential
matter—No reference to the specialist.
4. Qualified or Adverse Opinion Auditor concludes there is a departure from GAAP—Refer to specialist in explanatory
paragraph only if doing so will help clarify the reason for the qualification or adverse opinion.

 
12  
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
Chapter 25 Audit Programs

SUMMARY

SUBSEQUENT EVENTS
1. Type 1
9 Conditions existed at balance sheet date
9 Require adjustment to f/s
9 Dual dating (if disclosed) is required in order to extend responsibility only to the subsequent
event
9 No change of dating is required if just adjust f/s numbers instead of disclose in notes
2. Type 2
9 Conditions did not exist at b/s date
9 May require disclosure, no adjustments
9 Dual dating is required for
- Casualty losses
- Purchasing a business or selling off a component of business
- Issuance of stock
- Issuance of debt

***Memorize***
How to look for subsequent events - MIRACL

1. Management representation letter (dated same date as auditor’s report)

2. Inquire – significant ∆ in c/s, LTD, contingent liability
3. Read - minutes, interim f/s
4. Any changes to assets or liability valuations
5. Proper Cut-offs
6. Obtain Legal letter

POINTS
ƒ Observation of inventory could be performed before b/s date
ƒ Positive confirmation is the best evidence for AR
ƒ Lapping - the theft of one customers payment and subsequently crediting the customer with payment
made by another customer. SOD is the best way to deter it.
ƒ Test of credit approval is for the assertion of Valuation or allocation (AFDA)
ƒ Auditors review the reconciliation of payroll tax form to identify potential liability for unpaid payroll taxes

13  
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
Chapter 26 Statistical Sampling

SUMMARY

TYPES OF SAMPLING
1) Attribute sampling
9 Test of control
9 Test for certain attribute or characteristic
2) Variable sampling
9 Substantive tests
9 Estimate the dollar value, how much vary from a stated amount
9 Variability ↑ uncertainty, ↑ sample sizes
9 Use Standard Deviation as a measure

NORMAL DISTRIBUTION
Mean 

50%  50% 

9 Every item has an equal chance of being selected

SAMPLING METHOD
1) Mean-per-unit Estimation

Population Total = Audited Sample total value / sample size * population size

2) Ratio Estimation
9 Ratio = Audited Sample total value/Book Sample value Point Estimate 
9 Population value = Ratio * Book Population value
3) Difference Estimation

[Difference b/w audit value & BV] / Size (S) * Size (P) + Book Value (P)

4) Projection:
9 68%/95% of population within 1/1.96 standard deviation of mean
9 SD = SE2

Population Value = Estimated Population Value ± # of SD* Standard Error*Population Size

 
14
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
SAMPLING STEPS
1) Define the population
2) Choose method
3) Determine sample size
4) Determine acceptable risk level

ƒ Select the random sample

ƒ Audit the random sample
ƒ Evaluate the results
ƒ Document the procedures

RISK - AR = IR*CR*DR
ƒ AR, DR, IR, CR + Sampling Risk

SAMPLING RISK

1) Alpha risk
9 Test of Control: Risk of under-reliance – too much substantive testing
9 Substantive Test: Risk of incorrect rejection – was correct, give qualified opinion
2) Beta risk
9 Test of Control: Risk of over-reliance – too little substantive testing
9 Substantive Test: Risk of incorrect acceptance – was incorrect, give unqualified opinion

Sample Size
Expected Deviation rate (Variability) / Direct (higher variability, larger size)
Expected amount of misstatement
Tolerable deviation Rate / Tolerable Inverse (lower %, larger size)
Misstatement Rate
Assess risk of assessing control risk Direct (higher assessed risk, larger size)
too low / Assess misstatement risk (1
less assessed risk = confidence level)
Allowable risk of assessing control Inverse (higher risk willing to assume,
risk too low / Allowable misstatement smaller size)
risk
Population size Almost no effect if >5,000

Achieved upper precision limit = Observed sample rate + Allowance for sampling risk
Increase planning CR if Achieved upper precision limit > Tolerable rate

15
 
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
PPS - Probability-proportional-to-size
PPS is a form of variables sampling that uses attribute sampling theory for substantive testing. The
sampling unit is the individual dollar in an account balance. PPS sampling has two unique properties.

1. Stratification - The audit population is stratified automatically by monetary value.

2. Overstatements - Larger dollar amounts have a higher probability of being selected. Therefore,
overstatements are more likely to be detected than understatements.
3. Not appropriate for liability account
***Memorize***
Example:
1) Determine Reliability factors of errors by check the table (risk of incorrect acceptance % & # of
misstatement allowed)
2) Sampling interval = Tolerable misstatement ($) / Reliability factor
3) Sample size = BV of population ($) / sampling interval
* Assume Expected misstatement rate = 0

***Memorize***

Projected misstatements - PPS

9 If Recorded Amount of mistaken sample < Sampling interval Æ

Projected misstatement = Error (∆ b/w record & actual audit) / Record Amount * Sampling Interval
9 If RV>Sampling interval Æ Actual Error

POINTS
ƒ Weakness of randomness: if the population has a pattern, may obtain misleading results
ƒ Stratified sampling – split a highly variable population into two populations to reduce variability
ƒ Discovery sampling – type of attribute sampling, a predetermined probability of discovering one
item, used with critical items when expected error rate is very low – used for fraud
Decide to increase the allowable risk of incorrect rejection (Alpha) – Less work to do, when
1) Decreased reliability from the sample is desired
2) Few differences (audit value minus recorded value) are expected.
3) Initial sample results support the planned level of control risk
4) The cost and effort of selecting additional sample items is low

 
16
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 

Chapter 27 Audit IT System

SUMMARY

TYPES OF CONTROL

i. General control
ii. Application control
1) Input
9 Properly Initiated, authorized, and approved
9 Check digits, valid character checks, self-checking, control totals, harsh totals, error log
2) Processing
9 Limit and reasonableness test (e.g. salary range of staff vs. management)
3) Output
9 Control totals, error log

TWO BASIC AUDIT APPROACHES

1) Around the computer (Black Box)

9 Look at source documents & output reports
9 Evaluate results by infer what the computer must be doing
9 Batch system only
2) Through the Computer (Electronic Trail)
9 Batch or online system
9 Build-in electronic trail

***Memorize***
ƒ Test deck (test data) – use auditor data on client computer (test invalid conditions)
ƒ Parallel simulation – use client data on auditor’s computer
ƒ Integrated test facility – test data is commingled with live data

GENERALIZED AUDIT SOFTWARE - STEVSIC

9 Select & print records
9 Test extensions & footings
9 Examine records
9 Verify math accuracy
9 Summarize information
9 Isolate duplicate records
9 Compare files or fields

17 
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
POINTS
9 Utility programs are used to perform tasks such as copying, sorting, merging, and printing. This
type of software is usually easily accessible and can lead to unauthorized changes if not properly
controlled.
9 A computer log provides evidence as to which employees used the computer system and the
operations performed by them. As a result, the computer log will protect against unauthorized use
of the IT system, and it will provide an audit trail.
9 When an auditor anticipates assessing control risk at a low level in a computerized environment,
generally, the auditor initially would focus on general control procedures
9 When a client processes financial data in electronic form without paper documentation, the auditor
may audit on a more continuous basis than a traditional system
ƒ Never combine
9 Computer operators (key in data) vs. computer programmer
9 Security administrators vs. computer operators and computer programmers
9 Internal control is considered ineffective when computer department personnel can: (1) originate
or correct transactions, (2) authorize transactions, (3) prepare the initial data, (4) maintain
custody or control over non-EDP assets, (5) authorize a change in controls, or (6) originate
master file changes.
9 Preventive controls are generally more important than detective controls in EDI systems because
of the speed with which goods and services are delivered.
9 The purpose of an audit trail would be to 1) monitor the system, 2) answer queries, and 3) deter
fraud.
9 A parity check is an extra bit attached to the end of a string of bits to detect errors resulting from
electronic interference when transmitting the string.
9 Embedded audit modules are coded into a clients application to collect data for the auditor.

 
18
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 

Chapter 28 Reports on Audited Financial Statements

SUMMARY

STANDARD UNQUALIFIED OPINION

***Memorize***

A. Title (“Independent” must be included) 
B. Addressee (report to the company, stockholders, BOD, not management) 
C. Introductory paragraph  
- A statement that f/s is audited 
- A statement that f/s are the Responsibility of the management and that the auditor’s Responsibility 
is to express an opinion 
D. Scope paragraph 
- A statement that the Audit was conducted in Accordance with US GAAS 
- A statement that the audit was Planned and Performed to obtain reasonable assurance that the f/s 
are free from Material Misstatement 
- Statements that the audit included Examining Evidence on a test basis; Assessing the Accounting 
principles used and significant estimates Made by Management; and evaluating the overall 
presentation; 
- A statement that the audit provides a reasonable basis for an opinion 

19
 
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
E. Opinion paragraph 
- A statement referring to the f/s identified in the introductory paragraph 
- An opinion as to the fair presentation of f/s (ACDE) 
- A statement regarding conformity with US GAAP (ACDO) 
F. Reporting Date ‐ The date of completion of fieldwork is used 

MODIFIED UNQUALIFIED OPINION

- Add explanatory paragraph after opinion paragraph
1. Emphasize a matter
2. Change in GAAP (Justified)
3. Change in reporting entity
4. Correction of an error
5. Change in principle inseparable from a change in estimate
6. Departure from GAAP (Justified)
7. Supplementary information problem
8. Uncertainty (if not material, standard unqualified, disclaimer if very material)
9. Going concern (if not material, standard unqualified, disclaimer if very material)
10. Change of estimates

OTHER OPINIONS

i. GAAP Problem
Opinion Situation Introductory Scope Explanatory Opinion
Qualified Material - - Before “Except
opinion for”
Adverse Very - - Before Modified
material opinion
***Memorize***
Qualified opinion paragraph
In our opinion, except for the effects of xxx as discussed in the preceding paragraph…
Adverse opinion paragraph
In our opinion, because of the effects of the matters discussed in the preceding paragraphs, the financial
statements referred to above do not present fairly, in conformity with U.S. generally accepted accounting
principles, the financial position of X Company as of xxx, or the results of its operations or its cash flows
for the years then ended.
ii. GAAS Problem
Opinion Situation Introductory Scope Explanatory Opinion
Qualified Material - “Except Before “Except
for” opinion for”
Disclaimer Very Modified Omitted Before Modified
material opinion
***Memorize***

™ Qualified
9 Scope paragraph
Except as discussed in the following paragraph, we conducted our audit
9 Opinion paragraph

 
20
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
In our opinion, except for the effects of xxx/omission of information as discussed in the preceding
paragraph…
™ Disclaimer
9 Introductory
We were engaged to audit …. Responsibility of the Company’s management (Omit audit’s
responsibility sentence)
9 Opinion
Since we were not able to apply other auditing procedures to satisfy ourselves as xxx, the scope of
our work was not sufficient to enable us to express, and we do not express, an opinion on these
financial statements.

EXPLANATORY LANGUAGE
i. Other auditors’ work
9 Always inquire the professional reputation and independence of the other auditor
1) Assume responsibility
9 Review WP and audit programs of the other auditor.
9 No mention / reference of other auditor in the auditor’s report
2) Divide responsibility
9 Usually happened when the principal CPA cannot review w/p of the other
9 Mention / reference the other auditor, but not the exact name of the auditor
9 All paragraph modified

21  
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
ii. Comparative statements
***Memorize***

1) Update last year’s qualified/adverse opinion when client has corrected them

Intro/Scope – No change
Add explanatory paragraph before opinion paragraph

ƒ Date of old opinion

ƒ What the old opinion was
ƒ Reason why we gave a qualified/adverse opinion
ƒ Changes made
ƒ New opinion
2) Prior year was audited by other auditors
a) Reissue predecessor auditor’s report w/ permission, predecessor has responsibility to:
9 Review financials to confirm #s have not changed
9 Letter from successor auditors to predecessor auditor stating: no events have occurred this year
that would affect the prior year’s #s

b) Modify introductory paragraph if not allowed to reissue

9 Prior year
9 Date of prior year opinion
9 Type of opinion
9 If qualified or adverse, give reason

GOING CONCERN
Factors to mitigating the GC – management plans:
***Memorize***

1) Dispose of assets
2) Borrow money or restructure debt
3) Reduce / delay expenditures
4) Increase ownership equity - issue shares

The accompanying financial statements have been prepared assuming that the Company will
continue as a going concern. As discussed in Note X to the financial statements, the Company has
suffered recurring losses from operations and has a net capital deficiency that raise substantial
doubt about its ability to continue as a going concern. Management’s plans in regard to these
matters are also described in Note X. The financial statements do not include any adjustments that
might result from the outcome of this uncertainty.

ƒ If substantial doubt about the GC existed at the date of prior period f/s that are presented on a
comparative basis, and that doubt has been removed in the current period, the explanatory
paragraph included with the auditor’s report should not be repeated

 
22
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
POINTS
ƒ Piece meal opinion (e.g. AR is misstated, but AP is ok) is not allowed, but different opinion for different
statement, or opinion on only 1 statement engagement is ok.
ƒ Confirming w/ third party the details of arrangements to maintain financial support may indicate
substantial doubt of GC
ƒ If lack of independent Æ Disclaimer
ƒ Very Material effects of GC & Uncertainty Æ Disclaimer, if GC not disclosed adequately Æ qualified /
adverse
ƒ If the auditor is engaged to audit the financial statements of a company that is not the auditors client, the
report should be addressed to the client (engage company) and not to the directors or stockholders of
the company being audited.
ƒ When there is a change in the accounting principles referred to the change in an explanatory paragraph,
identify the nature of the change, and refer the reader to the note in the financial statements that
discussed the change in detail.
ƒ When an auditor qualifies an opinion because of a scope limitation, the opinion paragraph should
indicate that the qualification pertains to the possible effects on the financial statements and not to
the scope limitation itself.
ƒ The predecessor auditor should, before reissuing a report, obtain a letter of representation from the
successor auditor & management.
ƒ Auditor is not required to audit supplementary information unless it’s omitted/material deficiency

23
 
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
Chapter 29 Other Auditing Standards

SUMMARY

PCAOB - Standards of the Public Company Accounting Oversight Board

ƒ Auditor must retain w/p for at least 7 years for public company vs. 5 years for other audit/review
ƒ Completion of audit file
9 Public: 45 days of audit report release date
9 Private: 60 days of audit report release date
ƒ If a material weakness continues to exist, it must state in the report, and communicated to AC (for both
material weakness and significant deficiencies, and distinguish them), ICOFR if no report is issued.
Also, an auditor cannot issue a qualified opinion. Can only be unqualified, adverse, or disclaimer.

GOVERNMENT AUDITING
ƒ GAO (Government Accountability Office) is responsible for promulgating GAS (Governmental Auditing
Standards)
ƒ CPA firm audits in accordance with GAS need external quality review at least once every 3 years

***Memorize***

ƒ GAS requires:
1. A statement of the views of the responsible officials concerning the auditor’s findings in the
auditor’s report if it discloses deficiencies in internal control, fraud, illegal acts, violations of
contracts or grant agreement provisions, or abuse.
2. A statement of indications of illegal acts discovered during the audit.
3. A written report
o The assertion that evaluating compliance with laws, rules, and regulations with a direct
and material effect on the f/s is part of developing an opinion on f/s
o The assertion that specific controls relating to financial reporting are considered
o An indication that either no weakness was found or reportable conditions were found, and
separately indicate material weaknesses from other significant deficiency.

 
24
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 

POINTS
ƒ An auditor’s procedures are not part of a company’s ICOFR.
ƒ It’s possible for an effective ICOFR and still has material weakness.

25
 
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
Chapter 30 Other Types of Reports

SUMMARY
***Memorize***
FIVE TYPES OF SPECIAL REPORTS

- Include reference to the note about the special basis

i. F/S that are in conformity with an Other Comprehensive Basis Of Accounting (OCBOA) –
General Use

ƒ Four types of OCBOA

1) Cash basis
2) Income tax basis
3) Price level basis
4) Regulatory basis

ƒ Auditor’s Report
Introductory
9 Balance sheet Æ replaced by “Statement of Assets & Liabilities”
9 Income statement Æ “Statement of Revenue collected & Expenses Paid”
9 No statement of cash flows
Scope: Same
Explanatory
9 Before opinion
9 Explain the basis of account (reference to note) & state “This is an OCBOA”
Opinion:
9 State if statements are in conformity with OCBOA

ii. Specified elements, accounts, or items within the F/S

Introductory
9 We have audited xxx (specific schedule instead of f/s)
Scope: Same except change name of what has been audited
Explanatory
9 Before opinion
Opinion:
9 Restricted use: “This report is intended solely for the information and use of xxx”

iii. Compliance with contractual or regulatory requirements

Introductory
9 Not mention auditor/management’s responsibility
Scope: Omitted

 
26
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
Opinion:
9 Negative assurance– independence required
“Nothing came to our attention that would cause us to believe the f/s were not in conformity
with GAAP”
9 “However, it should be noted that our audit was not directed primarily toward obtaining
knowledge of such noncompliance.”
9 Restricted use

iv. Incomplete Presentation

Introductory
9 We have audited xxx (specific schedule instead of f/s)
9 Mention auditor/management’s responsibility
Scope
9 Explain what auditor did
Explanatory
9 Before opinion
9 Intention of schedule
Opinion:
9 Conformity with GAAP / OCBOA
9 Restricted use

v. F/S presented in a prescribed form

9 Responsibility paragraph
9 A scope paragraph
9 An explanatory paragraph similar to an incomplete presentation otherwise in conformity with
GAAP
9 A paragraph that includes a description and the source of significant interpretations made by
management
9 An opinion paragraph
9 A paragraph restricting the distribution of the report

AUDITOR SERVICE FOR IC/OTHER SPECIAL PURPOSE REPORTS

9 Independence not required
9 The user auditor should make inquiries concerning the service auditor's professional reputation
9 The user auditor should not make reference to the service auditor's report as a basis for her/his
own opinion on the user organization's financial statements.

LETTERS TO UNDERWRITERS (COMFORT LETTERS)

9 In Conjunction with IPO
9 Not required by, nor filed with SEC; merely standard practice
9 Addressed to underwriter, signed by auditor
9 Negative assurance for unaudited interim information– independence required
“Nothing came to our attention that would cause us to believe the f/s were not in conformity
with GAAP”
9 Never repeat opinion on f/s in this letter

27  
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
Chapter 31 Other Services

SUMMARY

ƒ Compilation and Review follow SSARS (Statements on Standards for Accounting and Review Services)
instead of GAAS

COMPILATIONS

ƒ Limited to presenting f/s

ƒ Only for non-public entities
ƒ Independence not required, but lack of independence must be stated, but the reason should not be
stated
ƒ No management representation letter
ƒ If omission of required disclosure, then add buyer beware paragraph (do not express opinion)
“The financial statements are not designed for those uninformed about the omitted disclosures”
ƒ Each page is stamped, “see accountant’s compilation report”

***Memorize***

Sample report
We have complied the accompanying balance sheet of XYZ Company as of xxx, and the related
statements of income, retained earnings, and cash flows for the year then ended, in accordance with
Statements on Standards for Accounting and Review Services issued by the American Institute
of Certified Public Accountants

A compilation is limited to presenting, in the form of f/s, information that is the representation of
management (owners). We have not audited or reviewed the accompanying f/s and, accordingly, do
not express an opinion or any other form of assurance on them.

REVIEW
1. Procedures
ƒ Inquire
ƒ Analytical

2. Review of public company

ƒ Interim only
ƒ Follow GAAS instead of SSARS
ƒ Inquiries and analytical (inquiry of lawyer & GC not required, include minutes review)
ƒ Obtain management representation letter
ƒ Require sufficient understanding of client’s IC
ƒ Limited assurance – negative assurance
ƒ GAAP problem: add explanatory paragraph before opinion paragraph
ƒ GAAS problem does not require modification

 
28
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
3. Review of non-public company
ƒ Follow SSARS, not GAAS
ƒ Not required to obtain Understanding of IC
ƒ Perform inquiries and analytical
ƒ Obtain management letter
ƒ GAAP problem: add explanatory paragraph after opinion paragraph, withdraw if significant
ƒ GAAS problem does not require modification
ƒ Limited assurance after disclaimer
ƒ General use
ƒ Each page is stamped “See Accountant’s Review Report”

***Memorize***
Sample report
Independent Accountant’s Report

We have reviewed the accompanying balance sheet of X Company as of xxx, and the related
statements of income, retained earnings, and cash flows for the year then ended, in accordance with
Statement on Standards for Accounting and Review Services issued by the American Institute of
Certified Public Accountants. All information included in these financial statements is the
representation of the management of X Company.

A review consists principally of inquiries of company personnel and analytical procedures applied to
financial data. It is substantially less in scope than an audit in accordance with U.S. generally
accepted auditing standards, the objective of which is the expression of an opinion regarding the
financial statements taken as a whole. Accordingly, we do not express such an opinion.

Based on our review, we are not aware of any material modifications that should be made to the
accompanying financial statements in order for them to be in conformity with U.S. generally accepted
accounting principles.

CHANGE OF LEVEL OF SERVICE

1. Same or higher level of service
ƒ Add explanatory paragraph after the opinion paragraph (date/service/opinion)

2. Lower level of service

ƒ Add explanatory paragraph after the opinion paragraph (from audit to lower -> no audit
procedures have been performed thereafter), and
ƒ Reissue last year’s report

3. Other CPA performed Review/Compilation this year, have option to

1) Predecessor Re-issue prior’s report (not required) should read f/s, get rep letter from
management & successor auditor
2) Mention in intro – statements were examined by other auditors / date/type of opinion/reason
Add a paragraph reference to predecessor’s report
3) Perform compilation/review on prior year & issue own report

29
 
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 

 
30
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 

FORECASTS & PROJECTIONS

Forecasts Projections
General use Restricted use
Expected future financial position Given certain hypothetical assumptions

1. Levels of service
ƒ Examination (similar to audit) – opinion or disclaimer
ƒ Compilation – disclaimer of opinion
ƒ Agreed-upon procedures – present findings, restricted use

All three services

ƒ No updating responsibility
ƒ No negative assurance

2. SSAE (Statements on Standards for Attestation Engagements) defer from GAAS (TIP
SEE ACED)
ƒ E.g. compliance with law, IC, projection/pro forma
ƒ No “Understanding of entity and its environment, including IC required” (SEE)

***Memorize***

Reporting standards
ƒ Assertion identified
ƒ Conclusion
ƒ Reservations
ƒ Distributions (general or restricted use)

AGREED-UPON PROCEDURES
ƒ Written assertion relating to specified elements, accounts, or items
ƒ Describe agreed-upon materiality limits
ƒ State that an audit was not done and disclaimer of opinion
ƒ Similar to mgt responsibility – Client’s responsible for sufficiency of procedures
ƒ List procedures and findings
ƒ List any reservations
ƒ No negative assurance
ƒ Restricted use

REPORT ON INTERNAL CONTROL EFFECTIVENESS

ƒ Independent accountant’s report
Introductory
ƒ We have examined…based upon [identify criteria]
ƒ Management / our responsibility (express opinion on…)
Scope
ƒ In accordance with AICPA standards
ƒ Obtained understanding of IC, testing, and evaluating
ƒ We believe that our examination provides a reasonable basis for our opinion

31
 
 
 2007‐2008  [THANK YOU FOR USING MAGGIE’S CPA NOTES] 
 
***Memorize***
Inherent limitations paragraph

Because of inherent limitations in any internal control, misstatements due to error or fraud may
occur and not be detected. Also, projections of any evaluation of the internal controls over financial
reporting to future periods are subject to the risk that internal controls may become inadequate
because of changes in conditions, or that the degree of compliance with policies or procedures
may deteriorate.

Opinion
ƒ Management’s assertions fairly stated / xxx company maintain effectiveness of IC based on
[criteria]
ƒ Could be qualified / adverse if have material weakness
ƒ An engagement to express an opinion on an entity’s system of IC and a consideration of internal
control made as part of an audit differ in purpose and scope; however, the procedures are similar
in nature.

POINTS
ƒ Merely reproducing client-prepared financial statements without modification is merely making a
copy of the financial statements, not a compilation.
ƒ Internal Control is not considered in compilation.
ƒ Attesting doesn’t including advocacy for clients
ƒ Even for a compilation, accountant should not issue report for comparative f/s if there is inconsistency
in GAAP required disclosure.
ƒ When unaudited f/s are presented in comparative form with audited f/s in documents filed with the
SEC, such statements should be clearly marked as unaudited but not referred to in the auditor’s
report, and the unaudited report should be either:
ƒ Reissued, or
ƒ Include a separate paragraph describing the responsibility assumed for the unaudited f/s
ƒ The practitioners report on pro forma financial information should include ... reference to the financial
statements from which the historical financial information is derived
ƒ No requirement that a compilation report be printed on paper (including letterhead) or that it be signed
manually.

 
32