Академический Документы
Профессиональный Документы
Культура Документы
AUDIT – AN OVERVIEW 1. Audit function operates on the assumption that all financial data are
TYPES OF AUDITS verifiable
2. Auditor should always maintain independence with respect to the fs
1. Financial Statement audit under audit
2. Compliance audit 3. There should be no long term conflict between the auditor and the
3. Operational audit client management
4. Effective internal control system reduces the possibility of errors
CHARACTERISTIC IN COMMON
and fraud affecting fs
1. Systematic examination and evaluation of evidence 5. Consistent application of GAAP or PFRS results in fair presentation
2. Communication of the results of the examination of FS
6. What was held true in the past will continue to hold true un the
TYPES OF AUDITOR future in the absence of known conditions to the contrary
7. An audit benefits the public
1. External Auditor
2. Internal auditor ASSURANCE ENGAGEMENTS
3. Government auditors
- Are intended to enhance the credibility of information about a
Inherent limitations subject matter by evaluating whether the subject matter conforms
in all material respects with a suitable criteria
1. Sampling risk
2. Non sampling risk ELEMENTS OF AE
3. Reliance on Management Presentation
4. Inherent limitations of the client’s accounting and internal control 1. Three party relationship
systems 2. Appropriate subject matter
5. Nature of evidence 3. Suitable/established criteria
4. Sufficient appropriate evidence
GENERAL PRINCIPLES GOVERNING THE AUDIT OF FS 5. A written assurance report
AASC – has been given the task to promulgate auditing standards, practices o To establish a control environment and to implement
and procedures control policies and procedures designed to ensure, among
others, the detection and prevention of fraud and error.
- Approved adoption of: (issued by IAASB created by IFAC)
o ISAs RESPONSIBILITY OF INDIVIDUALS CHARGED WITH GOVERNANCE
o ISAEs o To ensure the integrity of an entity’s accounting and
o ISREs financial reporting systems and that appropriate controls
o ISRS are in place.
ELEMENTS OF A SYSTEM OF QUALITY CONTROL PLANNING PHASE
1. Leadership Responsibilities for quality on audits o Make inquiries
2. Ethical requirements o Assess the risk *fraud risk factors
a. Integrity
b. Objectivity TESTING PHASE
c. Professional competence and due care o Perform procedures necessary to determine whether material
d. Confidentiality misstatements exist
e. Professional behavior o Consider whether misstatement resulted from fraud or error
Page |3
Preliminary planning activities: The auditor does not normally send new engagement letter every year,
but these following factors may have caused the auditor to send a new
Performing procedures regarding the continuance of the client engagement letter:
relationship and the specific audit engagement
Evaluating compliance with ethical requirements, including Any indication that the client misunderstands the objective and
independence scope of the audit
Establishing an understanding of the terms of the engagement Any revised or special terms of the engagement
A recent change of senior management, board of directors or
This task would also involve ownership
A significant change in the nature or size of the client’s business
1. Making inquiries of appropriate parties in the business community
2. Communicating with the predecessor auditor Legal requirements and other government agencies
pronouncements
Incoming auditor’s inquiry from predecessor would include:
o The predecessor auditor’s understanding as to the reasons for the
AUDIT PLANNING
change of auditors
o Any disagreement between the predecessor auditor and client
Audit planning involves developing a general audit strategy and a detailed
o Any facts that might have a bearing on the integrity of the approach for the expected conduct of the audit.
prospective client’s management
Auditor’s main objective: to determine the scope of audit procedures to be
ENGAGEMENT LETTER performed
The auditor should obtain a sufficient level of knowledge and DEVELOP AN OVERALL AUDIT STRATEGY
understanding of the entity’s business, which can be gathered from the
following sources: An audit plan should be made regarding
Information obtained could be used to assist the auditor in: “Information is material if its omission or misstatement could influence the
economic decision of users taken on the basis of the fs.”
Assessing risks and identifying potential problems
Planning and performing the audit effectively and efficiently In designing an audit plan, the auditor should make a preliminary estimate
Evaluating audit evidence as well as the reasonableness of client’s of materiality for use during the examination.
representations and estimates
Providing better service to the client Materiality may be viewed as:
With regards to understanding, for continuing engagements, the auditor The largest amount of misstatement that the auditor could tolerate
should update and re-evaluate information gathered previously, including in the fs, or
information in the prior year’s working papers. The smallest aggregate amount that could misstate the fs
However, for first time audit, PSA 510 requires the auditor to obtain Materiality is a matter of professional judgment and necessarily involves
sufficient appropriate audit evidence that: quantitative factors and qualitative factors.
The opening balances do not contain misstatements that materially Importance of Materiality in Planning an Audit
effect the current year’s fs
There is an inverse relationship between materiality and evidence.
The prior period’s closing balances have been correctly brought
This means, the higher the peso amount of materiality, the lower
forward to the current period or, when appropriate, have been
the needed evidence and the lower the peso amount of materiality,
restated; and
the higher the needed evidence.
Appropriate accounting policies are consistently applied or changes
in accounting policies have been properly accounted for and Based on PSA320, materiality should be considered by the auditor:
adequately disclosed
In the planning stage, to determine the scope of audit procedures;
It requires more work than a repeat engagement because of the problem and
associated with the verification of the opening balances of the balance In the completion phase of the audit, to evaluate the effects of
sheet accounts, misstatements on the fs
Page |7
Using Materiality Levels are inconsistent with other relevant information or deviate from predicted
amounts
Determine the overall materiality – FS level
Determine the tolerable misstatement – Account Balance level STEPS IN APPLYING ANALYTICAL PROCEDURES
Compare the aggregate amount of uncorrected misstatement with
the overall materiality PSA 520 requires the auditor to use analytical procedures in the planning
and overall review stages of the audit.
AUDIT RISK MODEL
STEP 1: Develop expectations regarding fs using:
Audit risk = Inherent risk x Control risk x Detection risk
Prior year’s fs
Steps in Using the Audit risk Model Anticipated results such as budgets or forecasts
Industry averages
Set the desired level of audit risk Non-financial information
Assess the level of inherent risk Typical relationships among fs account balances
Assess the level of control risk
Determine the acceptable level of detection risk STEP 2: Compare the expectations with the fs under audit
Design substantive test
STEP 3: Investigate significant unexpected differences (unusual
Effect of materiality on audit risk and planned audit procedures fluctuations) to determine whether fs contain material misstatements.
- There is an inverse relationship between materiality and the level THE USE OF ANALYTICAL PROCEDURES
of audit risk, that is, the higher the materiality level, the lower the
audit risk and vice versa. Planning
DOCUMENTING THE AUDIT PLAN Based on the definition stated by PSA 315:
The auditor should develop and document an audit program setting Internal control is geared towards the achievement of the entity’s objectives
out the nature, timing and extent of planned audit procedures in the following categories:
required to implement the overall audit plan. In effect, audit Effectiveness and efficiency of operations
program executes the audit strategy. The audit program serves as a
Compliance with laws and regulations
set of instructions to assistants involved in the audit and as a means
Reliability of financial reporting
to control and record the proper execution of the work
The form and content of the audit program may vary for each COMPONENTS OF INTERNAL CONTROL
particular engagement but it should always include a detailed list of
audit procedures that the auditor believes are necessary to 1. Control Environment
accomplish the audit objectives
It includes the attitudes, awareness, and actions of management and those
Time budget charged with governance concerning the entity’s internal control and its
importance in the entity. It is the foundation for effective internal control,
A time budget is an estimate of the time that will be spent in providing discipline and structure.
executing the audit procedures listed in the audit program. This
provides a basis for estimating audit fees and assists the auditor in Factors reflected in the Control Environment include:
assessing the efficiency of the assistants.
Integrity and ethical values
Mgt philosophy and operating style
Active participation of those charged with governance
CONSIDERATION OF INTERNAL CONTROL Commitment to competence
INTERNAL CONTROL Personnel policies and procedures
Assignment of responsibility and authority/ organizational structure
Based on PSA 315, it is the process designed and effected by those
charged with governance, management, and other personnel to
2. Risk Assessment
provide reasonable assurance about the achievement the entity’s
objective with regard to reliability of financial reporting Management should adopt policies and procedures that are designed to
effectiveness and efficiency of operations and compliance with identify and analyze the risk affecting the entity’s business and to take
applicable laws regulations the appropriate action to manage these risks
FOUR ESSENTIAL CONCEPTS OF INTERNAL CONTROL Business risk is the risk that the entity’s business objective will not
be attained as a result of internal and external factors such as
Page |9
technological developments, changes in customers demand and other Observing of entity’s activities and operations
economic changes.
After obtaining sufficient knowledge about the design of the systems, the
3. Information and Communication Systems auditor should determine whether these controls have been implemented
by performing “walk-through test”. Walk-through test also confirms the
The information system relevant to financial reporting objectives, which auditor’s understanding of how the accounting systems and control
includes the financial reporting system, consist of procedures and procedures functions.
records established to initiate, record, process and report entity
transactions and to maintain accountability for the related assets, The auditor uses the understanding of internal control to
liabilities and equity.
Identify types of potential misstatements that can occur
4. Control Activities Consider factors that affect the risk of material misstatements
Design the nature, timing, and extent audit procedures to be
Control activities are the policies and procedures that help ensure that
performed
management directives are carried out. Specific control procedures that
are relevant to fs audit would include:
2. Document the understanding of accounting and internal control
Performance reviews systems
Information processing After obtaining sufficient knowledge about the design of internal control
Physical controls system and verifying that the policies and procedures are implemented, the
Segregation of duties auditor needs to document his understanding of accounting the internal
control systems using some of these commonly used forms of
5. Monitoring documentation
It is the process of assessing the quality of internal control performance Narrative description
over time. It involves assessing the design and operation of controls on Flowchart
a timely basis and taking necessary corrective actions. Monitoring is Internal control questionnaire
done to ensure that controls continue to operate effectively.
3. Assess the level of control risk
CONSIDERATION OF INTERNAL CONTROL The auditor should make a preliminary assessment of control risk, at the
assertion level, for each material account balance or class transactions. The
Consideration of the entity’s internal control system involves the following auditor’s preliminary assessment of control risk may be at a high level (not
steps: effective) or less than high level (effective/more efficient to rely on)
1. Obtain understanding of the internal control If assessed at a high level (100% / not effective) no need to perform test of
controls.
This will involve evaluating the design of the entity’s internal control by:
If assessed at less than high level (effective/more efficient to rely on) the
Making inquiries of appropriate individuals auditor should
Inspecting documents and records; and
P a g e | 10
Identify specific internal control policies or procedures that are (together with the assessed level of inherent risk) to determine the
likely to prevent or detect and correct material misstatement acceptable level of detection risk. In this regard, the auditor may consider
relevant to fs assertion, and modifying:
Perform test of controls to determine the effectiveness of such
policies or procedures The nature of substantive test from less effective to more effective
procedures
4. Perform test of controls The timing of substantive test by performing them at year-end
rather than at interim
If preliminarily assessed at a less than high level, the auditor must test these The extent of substantive test from smaller to larger sample size
controls to obtain evidence that they are working effectively as the
preliminary assessment suggests 5. Document the assessed level of control risk
Test of controls are performed to obtain evidence about effectiveness of If assessed at a high level, the auditor should document his conclusion that
the design and operation of the internal controls. control risk is at a high level
Test of controls generally consist of one (or a combination) of the following If assessed at less than high level, the auditor should document his
evidence gathering techniques – inquiry, observation, inspection, and re- conclusion that control risk is less than high and the basis for the
performance. assessment which is actually the results of test of control. The auditor
cannot assess control risk at less than high level without performing test of
Timing of test of controls control
Auditors usually perform test of controls during an interim visit in advance AUDIT OBJECTIVES, PROCEDURES, EVIDENCE AND DOCUMENTATION
of period end. In determining whether or not to test the remaining period, Substantive tests are audit procedures designed to substantiate the
the following factors must be considered: account balances or to detect material misstatements in the fs.
The result of the interim test There are two types of substantive tests:
The length of the remaining period
Whether changes have occurred in the accounting and internal 1. Analytical procedures
control systems during the remaining period.
When intending to perform analytical procedures as substantive tests, the
auditor should focus on those accounts that are predictable. The following
generalizations may be helpful in assessing the predictability of the
Extent of test of control accounts.
The auditor cannot possibly examine all transactions related to certain IS are more predictable compared to BS account.
control procedures. In an audit, the auditor should determine the size of Accounts that are not subject to management discretion are
sample sufficient to support the assessed level of control risk. generally predictable
Using the result of test of control Relationships in a stable environment are more predictable than
those in a dynamic or unstable environment
As a result of this evaluation, the conclusion reached is called the assessed
level of control risk. The auditor uses the assessed level of control risk
P a g e | 11
2. Test of details The following factors may be considered in evaluating the sufficiency of
evidence:
Test of details involves examining the actual detail making up the various
account balances. This approach may take the form of test of details of The competence of evidence
balances or test of details of transactions. The materiality of the item being examined
The risk involved in a particular account
Test of details of balances involves direct testing of ending balance Experience gained during previous audit may indicate the amount
of an account of evidence taken before and whether such evidence was enough
Test of details of transactions involves testing the transactions
which give rise to the ending balance of an account Appropriateness is the measure of quality of audit evidence and its
relevance to a particular assertion and its reliability.
Effectiveness of substantive tests
Relevance relates the timeliness of evidence and its ability to satisfy
The potential effectiveness of the auditor’s substantive test is affected by its the audit objective
nature, timing and extent
Reliability relates to the objectivity of evidence and is influenced by
Nature – high or low quality of evidence to be gathered its source and by its nature
Timing – substantive tests may be performed at interim date or at While reliability of audit evidence is dependent on individual circumstance,
year end the following generalizations could help the auditor in assessing the
reliability of audit evidence:
Extent – more or less extensive
Generated from outside sources over internally generated
AUDIT EVIDENCE If related accounting and internal control systems are effective,
sources generated internally are more reliable
Evidence refers to the information obtained by the auditor in arriving at the Obtained directly by the auditor over obtained by the entity
conclusions on which the audit opinion is based Documents and written representations form over oral
representations
Underlying accounting data refers to the accounting records
underlying the fs. These include books of accounts, related AUDIT DOCUMENTATION / WORKING PAPERS
accounting manuals, worksheet supporting cost allocations and
reconciliations prepared by the client personnel Working papers are records kept by the auditor that documents the audit
Corroborating information supporting the underlying accounting procedures applied, information obtained and conclusions reached. PSA 30
data obtained from client and other sources. This includes requires the auditor to document matters that are important to support an
documents such as invoices, bank statements, purchase orders, opinion on fs, and evidence that the audit was conducted in accordance
contracts, checks and other information obtained or developed by with PSA.
the auditor through confirmation, recalculation, observation, and
reconciliation. Primary functions of the working papers
Secondary functions of the working papers Retention – 5 years (for SEC – 7 years)
Planning future audits Preparation – the auditor can use the following techniques:
Providing information useful in rendering other services
Providing adequate defense in case of litigation a. Heading
b. Indexing
Form, Content and Extent of Audit Documentation c. Cross-indexing / cross-referencing
d. Tick marks
In deciding on the form, content and extent of audit documentation, the
auditor should consider what would enable and experienced auditor, having AUDIT SAMPLING AND COMPLETING THE AUDIT AND POST AUDIT
no previous connection with the audit, to understand: RESPONSIBILITIES
AUDIT SAMPLING
The nature, timing, and extent, of the audit procedures performed
to comply with PSAs and applicable legal and regulatory PSA 530 defines audit sampling as
requirements.
The results of the audit procedures and the audit evidence “The application of audit procedures to less than 100 % of the items within
obtained; and an account balance or class of transactions such that all sampling units have
a chance of selection”
Significant matters arising during the audit and the conclusion
reached thereon Risks in Sampling
Classification of working papers 1. Sampling risk – the risk that the sample selected for testing may not
be truly representative of a population
In a continuing engagement, working papers are typically classified into
a. Alpha risk – is the risk the auditor will conclude:
permanent file or current working paper file:
i. In the case of test of control, that internal control is
1. Permanent file – contains information of continuing significance to not reliable when in fact that it is effective and can
the auditor in performing recurring audits. be relied upon (risk of under reliance); or
2. Current file – contains evidence gathered and conclusions reached ii. In the case of substantive test, that material
relevant to the audit of a particular year. misstatements exists in an account balance or
transaction class when in fact such misstatement
Important guidelines on working papers does not exist (risk of incorrect rejection)
Owner – auditor b. Beta risk – is the risk the auditor will conclude,
i. In the case of test of control, that internal control is
Confidentiality – the auditor cannot disclose confidential information to
reliable when in fact it is not effective and cannot
third parties unless under the following circumstances:
be relied upon (risk of over reliance)
a. When disclosure is required by law or when the working papers are ii. In the case of substantive test, that material
subpoenaed by a court misstatement does not exist when in fact material
b. When there is a professional right to disclose information such as misstatement does exist (risk of incorrect
when the auditor uses his working papers to defend himself when acceptance)
sued by the client for negligence
P a g e | 13
2. Non – sampling risk – the risk that the auditor may draw incorrect a. Attribute sampling
conclusions because of human errors such as, application of A sampling plan used to estimate the frequency of occurrence of
inappropriate audit procedures, failure to recognize errors in the certain characteristics in a population (occurrence rate)
sample tested, and misinterpretation of evidence obtained. This Generally used when performing tests of controls to estimate the
includes all aspects of audit risk that are not due to sampling rate of deviations from prescribed internal control policies or
procedures
Minimizing risk in sampling
The only way to eliminate sampling risk is to examine the entire population b. Variable sampling
but time and cost constraints will prohibit the auditor in doing so, instead, A sampling plan used to estimate a numerical measurement of a
auditors control sampling risk by population such as peso value
Generally used in performing substantive tests to estimate the
Increasing the sample size; and amount of misstatements in the fs
Using an appropriate sample selection method
Basic steps in auditing
Non-sampling risk, cannot be eliminated even if the auditor examines the
entire population. The risk, however, can be minimized by Audit procedures carried out by means of sampling techniques require
consideration of at least the following basic steps:
Proper planning; and
1. Define the objective of the test
Adequate direction, review and supervision of the audit team
2. Determine the audit procedure to be performed
General Approaches to audit sampling 3. Determine the sample size
4. Select the sample
There are two sampling approaches that can be used by the auditor to 5. Apply the procedures
gather sufficient appropriate evidence: 6. Evaluate the sample results
PSA 530 has identified tree principal methods of selecting samples: If it does not exceed, assess control risk at a
low level, rely on internal control and
1. Random number selection perform less extensive substantive tests.
2. Systematic selection
3. Haphazard selection Sampling for Substantive Tests
Other sampling applications for test of controls: Factors in Determining the Sample Size
1. Sequential sampling (stop-or-go sampling) 1. Acceptable sampling risk – for practical purposes, auditor use the
2. Discovery sampling acceptable level of detection risk as the acceptable sampling after
giving adequate consideration to the risk that analytical procedures
Evaluation of results may fail to detect material misstatement in account balance. It has
an inverse relationship with the sample size.
1. Determine the sample deviation rate
2. Tolerable misstatement – the maximum amount of misstatement
2. Compare the deviation rate vs tolerable deviation rate and draw an
that the auditor will permit in the population and still be willing to
overall conclusion about the population.
conclude that the account balance is fairly stated. It has an inverse
a. If sample deviation rate > the tolerable rate, assess control
relationship with the sample size.
risk at a high level and perform more extensive substantive
3. Expected misstatement – the amount of misstatement that the
tests.
auditor believes exists in the population. It has a direct relationship
b. If sample deviation rate < the tolerable rate, consider
with the sample size.
allowance for sampling risk:
4. Variation in the population – In most cases, the peso amount,
1. If the sampling deviation rate is considerably lower than
included in the population, tend to vary significantly. When using
the tolerable deviation rate, assess control risk at a low
statistical sampling, this variability is measured by the standard
level, rely on internal control and perform less extensive
deviation. It has a direct relationship with the sample size. The
substantive tests.
auditor can estimate the variation based on the prior year’s tests
2. If the sampling deviation rate is barely lower than the
results or pilot sample.
tolerable deviation rate:
a. When using non-statistical sampling, assess Sample Selection Methods
control risk at a high level and perform more
extensive substantive tests. When selecting a sample for substantive test, the auditor may use anyone
b. When using statistical sampling the auditor of the sample selection methods mentioned in earlier. In addition, he may
determines the maximum population deviation use:
rate by using a sampling table or statistical
formula then compares vs. the tolerable rate to 1. Stratified sampling – the auditor may divide or stratified the
evaluate the sample results. population into meaningful groups in order to decrease the effect of
If the maximum deviation rate exceeds the the variance within the population and allows the auditor to give
tolerable rate, the auditor will assess more emphasis to those items with higher monetary value.
control risk at a high level and perform 2. Value weighted selection – the probability of an item to be selected
more extensive substantive tests. in this method of selection is directly proportional to the monetary
value of such item.
P a g e | 15
Anomalous errors – errors or misstatements arise from an isolated event Litigations, claims, and assessment
that has not recurred other than specifically identifiable occasions and are
therefore not representative of errors in the population. Such errors should - PSA 501 requires the auditor to carry out procedures in order to
be excluded when projecting sample errors to the population. However, become aware of any litigation and claims
the effect of such errors must be considered together with the projected - Management is the primary source of information about litigation,
errors in order to determine the combined effect of the errors on the claims, and assessment.
account balance or transaction class. - Auditor shall corroborate the information obtained from
management by asking the client to send letters of audit inquiry to
COMPLETING THE AUDIT & POST AUDIT RESPONSIBILITIES lawyers
- A qualified or disclaimer of opinion shall be issued if management
PROCEDURES refuses to give the auditor permission to communicate with the
lawyer or if the lawyer refuses to reply
1. Identify subsequent events that may affect the fs under audit
- An unmodified opinion with emphasis if a matter paragraph shall be
2. Identify contingencies such as litigation, claims and assessment
issued if the lawyer is unable to estimate the likelihood of an
3. Obtain written management representation
unfavorable outcome including the amount of or range of potential
4. Perform wrap-up procedures
loss
P a g e | 16
Management representation audit report issued in connection with the fs may be inappropriate, he must
take steps to prevent future reliance on such report
Form and Content of Written Representation
Auditing in CIS Environment
Form – representation letter Characteristics of CIS
Content Lack of visible transaction trails
1. A representation that management has fulfilled its responsibility for Consistency of performance
the preparation and presentation of the fs as set out in the terms of Ease of access to Data and Computer programs
the engagement Concentration of duties
2. A representation that the fs are prepared and presented in Systems generated transactions
accordance with the applicable reporting framework Vulnerability of data and program storage media
3. A representation that management provided that auditor with all Minimizing Risk in sampling
relevant information agreed in the terms of the engagement, and
that all transactions have been recorded and reflected in the fs Internal Control in a CIS Environment
4. A representation that describes management’s responsibilities as Control procedures used in manual processing are also applied in a CIS
described in the terms of the engagement environment. When computer processing is used in significant accounting
5. Other representation required by other PSAs applications, internal control procedures can be classified into two types:
Basic Elements of a Written Management Representation 1. General controls – are those controls policies and procedures that
1. Should be addressed to the auditor relate to the overall computer information system
2. Date of written representations shall be as near as practicable to, 2. Application controls – are those policies and procedures that relate
but not after, the date of the auditor’s report to specific use of the system. These are designed to provide
3. Should be signed by the appropriate level of management who has reasonable assurance that all transactions are authorized, and that
the primary responsibility for the fs they are processed completely, accurately and on a timely basis.
Procedures done at the end of the audit, that generally cannot be General controls include:
performed before the other audit work is complete. These include: 1. Organizational controls
1. Final analytical procedures In a CIS environment, the plan of the organization for an entity’s
2. Evaluation of the entity’s ability to continue as a going concern computer system should include:
3. Evaluating audit findings and obtaining client’s approval for the
proposed adjusting entries a. Segregation between the CIS department and user departments
b. Segregation of duties within the CIS department
Post audit responsibilities
This is also known as “block box approach” because it does not permit direct performing or verifying calculations, summarizing and totaling
assessment of actual processing of transaction. files, and reporting in a format specified by the auditor.
It is used when computer accounting systems perform tasks for These are designed to perform audit tasks in specific
which no visible evidence is available, it may be impracticable for circumstances. These programs may be developed by the
the auditor to test manually. auditor, the entity being audited or an outside programmer
CAATs are computer programs and data which the auditor uses as hired by the auditor.
part of the audit procedures to process data of audit significance
contained in an entity’s information systems. CAATS for Advanced Computer Systems
This is also known as “white box approach” because the auditor will have to 1. Snapshots
audit directly the client’s computer program using CAATs. Some of the It involves taking a picture of transaction as it flows through the
commonly used CAATs include: computer systems. Audit software routines are embedded at different
1. TEST DATA points in the processing logic to capture the images of the transaction as
it progresses through the various stages of processing. Such a
The test data technique is primarily designed to test the effectiveness of technique permits an auditor to track data and evaluate the computer
the internal control procedures which are incorporated in the client’s processes applied to the data.
computer program. The objective of the test data technique is to
determine whether the client’s computer programs can correctly handle 2. Systems control audit review files (SCARF)
valid and invalid conditions as they arise. This involves embedding audit software modules within an application
2. INTEGRATED TEST FACILITY (ITF) system to provide continuous monitoring of the systems transaction.
The information is collected into a special computer file that the auditor
By using the method of processing test data simultaneously with client’s can examine.
data, ITF provides assurance that the program tested by the auditor is
the same program used by the client in processing transactions. THE AUDITOR’S REPORT ON THE FS
General purpose fs – FS prepared in accordance with a general purpose
3. PARALLEL SIMULATION framework.
The simulated program is used to reprocess transactions that were General purpose framework – A financial reporting framework designed to
previously processed by the client’s program. The auditor compares the meet the common financial information needs of a wide range of users. The
results obtained from the simulation with the client’s output to be able financial reporting framework may be a fair presentation framework or a
to make inference about the reliability of the client’s program. Parallel compliance framework.
simulation can be accomplished using:
Unmodified report (unqualified)
a. Generalized audit software
The most common type of audit report contains a clear opinion or an
Consist of generally available computer packages which have unmodified opinion. The unmodified opinion may be issued only when the
been designed to perform common audit tasks such as following conditions have been met:
P a g e | 19
The fs are fairly stated in accordance with applicable Financial 1. Circumstances beyond the control of the entity such as inadequacy
Reporting Framework. of accounting records
The audit was performed in accordance with PSA. 2. Circumstances relating to the nature or timing of the auditor’s work
like when the auditor is engaged only after client’s fiscal year ends.
BASIC ELEMENTS OF UNMODIFIED REPORT 3. Limitations imposed by management like when management
prevents the auditor from requiring external confirmation of
1. Title
specific accounts
2. Addressee
3. Auditor’s opinion MATERIALITY AND PERVASIVENESS CONSIDERATION
4. Basis for opinion
5. Material uncertainty related to going concern If the magnitude of misstatements is material enough to affect the readers
6. Key audit matters (if listed entity) of the fs, but not enough to overshadow the fair presentation taken as a
7. Responsibilities for the fs whole, the auditor would most likely express a qualified opinion. On the
8. Auditor’s responsibilities for the audit of the fs other hand, if the auditor believes that the effect of the misstatements is
9. Report on other legal and regulatory requirements (if listed entity) highly material and pervasive as to render the overall fs misleading, the
10. Name of the engagement partner auditor would most likely express an adverse opinion.
11. Signature of the auditor
12. Auditor’s Address BASIS FOR MODIFICATION OF PARAGRAPH
13. Date of the Auditor’s Report This paragraph should be placed immediately before the opinion paragraph
MODIFICATION TO THE OPINION with appropriate heading such as “Basis for qualified opinion” “Basis for
Adverse opinion” or “Basis for Disclaimer of opinion”
1. Material Misstatements
a. Material but not pervasive – qualified 1. Material misstatement
b. Material and pervasive - adverse a. Description of the nature of the misstatement or an
2. Scope Limitations explanation of how the disclosure is misstated
a. Material but not pervasive – qualified b. Quantification of the financial effects of the misstatements
b. Material and pervasive – disclaimer of opinion or a disclosure of omitted information, if practicable.
2. Scope limitation
MATERIAL MISSTATEMENT If the modification results from an inability to obtain sufficient
appropriate audit evidence, the basis of the modification paragraph
A material misstatement of the fs may arise from: shall only explain the reason for inability
1. Inappropriate accounting policy selected EMPHASIS OF A MATTER
2. Misapplication of selected accounting policy; or
3. Inappropriate or inadequate disclosure An emphasis of a matter paragraph is included in the report to draw the
reader’s attention to a matter presented or disclosed in the fs that, in the
SCOPE LIMITATION auditor’s judgment, is of such importance that it is fundamental to the
reader’s understanding, the auditor.
A limitation on the scope of the auditor’s work may be imposed by the
client or imposed by circumstances:
P a g e | 20
It is necessary to include an Emphasis of a matter paragraph on the A tax basis of accounting for a set of fs that accompany an entity’s
following circumstances: tax return
The cash receipts and disbursements basis of accounting for cash
a. Uncertainty relating to the future outcome of exceptional litigation flow information that an entity may be requested to prepare for
or regulatory action creditors
b. Early application of new accounting standard in advance of its The financial reporting provisions established by a regulator to meet
effective date the requirements of that regulator; or
c. Major catastrophe that has a significant effect on the entity’s fs
The financial reporting provisions of a contract, such as a bond
d. A subsequent discovery of facts affecting the previously issued
indenture, a loan agreement, or a project grant
opinion
e. Fs prepared using a special purpose framework When accepting the special purpose audit engagement the auditor should:
OTHER MATTER PARAGRAPH In an audit of special purpose fs, the auditor shall obtain an understanding
of:
There are instances when the auditor considers it necessary to
communicate a matter other than those that are presented or disclosed in a. The purpose for which the fs are prepared
the fs that, in the auditor’s judgment, is relevant to users’ understanding of b. The intended users; and
the audit, the auditor’s responsibilities or the auditor’s report. c. The steps taken by management to determine that the applicable
financial reporting framework is acceptable in the circumstances.
It is required to include another matter paragraph on the following
circumstances: When Planning and performing the special purpose audit engagement
a. Reporting on comparative information 1. The auditor shall determine whether application of the PSAs
b. Material inconsistency between the fs and other information requires special consideration in the circumstances of the
c. Fs are prepared using more than one financial framework engagement
d. Limiting the use of auditor’s report 2. The auditor should obtain an understanding of the entity’s selection
e. Subsequent discovery of facts and application of accounting policies. In the case of fs prepared in
accordance with the provisions of a contract, the auditor shall
OTHER ASSURANCE AND NON-ASSURANCE SERVICES obtain an understanding of any significant interpretations of the
SPECIAL PURPOSE AUDIT ENGAGEMENS contract that management made in the preparation of those fs. An
Special purpose fs – fs prepared in accordance with a special purpose interpretation is significant when adoption of another reasonable
framework interpretation would have produced a material difference in the
information presented in the fs
Special purpose framework – a financial reporting framework designed to
meet the financial information needs of specific users. The financial Special Purpose Audit Engagement Report
reporting framework may be a fair presentation framework or a compliance The auditor’s report on special purpose fs shall include an emphasis of a
framework. matter paragraph alerting the users of the auditor’s report that the fs are
Examples are: prepared in accordance with a special purpose framework and that, as a
result, the fs may not be suitable for another purpose.
P a g e | 21
A. Non- Audit Engagements: Procedures and Reports Examination of Prospective Financial Information
B. Non-assurance engagements The financial information compiled by the accountant should contain a
reference such as “Unaudited”, “Compiled without Audit or Review” or
Agreed-upon procedures “Refer to Compilation Report” on each page of the financial information or
on the front of the complete set of financial statements
Objective: To carry out audit procedures agreed on with the client and any
appropriate third parties identified in the report In case of:
Level of assurance provided by the CPA: No assurance 1. Material misstatement
a. The accountant should disclose the nature of the
Type of report issued: Description of procedures performed and factual
misstatement in a separate paragraph of the report,
findings
although their effects do not have to be qualified
Basic Procedures performed: Procedures will be performed as agreed b. If the accountant feels that the modification of the report is
not sufficient to describe the significant PFRS departures
Independence required? Yes / No: No. and the client is not willing to correct these deficiencies, the
accountant, may withdraw from, the engagement
This type of engagement may be accepted provided: 2. Scope limitation
- Scope limitation will normally cause the accountant to withdraw
The client takes full responsibility for the adequacy of the
from the engagement
procedures to be performed; and
The distribution of the report is limited only to those parties who SPECIAL AND OTHER RELATED TOPICS
have agreed about the procedures to be performed AUDITING ACCOUNTING ESTIMATES
The report is restricted to those parties that have agreed to the procedures Based on PSA 540, “Accounting estimate” means an approximation
to be performed of the amounts of an item in the absence of a precise means of
measurement
The auditors should ensure with representatives of the entity and,
ordinarily, other specified parties who will receive copies of the report of The auditor must be specifically careful in considering accounts that
factual findings, that there is a clear understanding regarding the agreed are affected by accounting estimates because the risk of material
procedures and the conditions of the engagement misstatement is greater when accounting estimates are involved
Management is responsible for making accounting estimates
Compilation included in the fs
Level of assurance provided by the CPA: No assurance The auditor’s responsibility is to obtain sufficient appropriate evidence as to
whether:
Type of Report issued: Identification of financial information compiled
(Compilation Report) Accounting estimate is properly accounted for and disclosed
Accounting estimate is reasonable in the circumstances
Basic procedures performed: Prepare / Assemble Financial Statements
based on client’s data The auditor may use one or a combination of the following approaches
when evaluating the reasonableness of accounting estimates:
Independence required? Yes/no: No
P a g e | 23
Review and test the process used by the management to develop regarding the identification of related parties and the adequacy of related
the estimate party disclosures in the fs
Make an adequate estimate
Review subsequent events which confirm the estimate made USING THE WORK OF AN EXPERT
RELATED PARTIES An expert is a person or firm possessing special skill, knowledge and
experience in a particular field other than accounting and auditing.
“Related party” refers to persons or entities that may have dealings with
one another in which one party has the ability to exercise significant An expert may be:
influence or control over the other party in making financial and operating Engaged by the entity
decisions. These would include entity’s associates, principal owners,
Engaged by the auditor
directors, officers including their immediate families.
Employed by the entity; or
The auditor needs to be aware of them because: Employed by the auditor
PFRS requires disclosures in the fs of certain related party When determining the need to use the work of an expert, the auditor would
relationships and transactions consider:
A related party transaction may be motivated by other than
The materiality of the fs item being considered
ordinary business considerations such as profit sharing or even
The risk of misstatement based on the nature and complexity of the
fraud.
matter being considered; and
The existence of related parties or related party transactions may
The quality and quantity of other audit evidence available
affect the financial statements and the reliability of audit evidence
When the auditor concludes that the work of the expert is needed to
Management’s Responsibility
support an assertion, the auditor should:
Management is responsible for the identification and disclosure of related
1. Assessing the expert’s competence and objectivity
parties and transactions with such parties which requires management to
a. The following factors must be considered when assessing
implement adequate accounting and internal control systems to ensure that
the competence of the expert:
transactions with related parties are appropriately identified in the
i. Professional certification or licensing by, or
accounting records and disclosed in the fs
membership in, an appropriate professional body
Auditor’s Responsibility ii. Experience and reputation in the field in which the
auditor is seeking audit evidence
The auditor should obtain and review information provided by the directors b. The objectivity of the expert may be impaired if the expert
and management identifying the names of all known related parties and is
related party transactions i. Employed by the entity
ii. Related in some other manner to the entity
When related party transactions are identified, the auditor should obtain 2. Evaluating the scope of the expert’s work
sufficient appropriate evidence that these are properly accounted for and PSA 620 requires the auditor to obtain sufficient appropriate
disclosed in the fs. The auditor should also obtain a written representation evidence that the scope of the auditor’s work is adequate for the
from management concerning the completeness of information provided purpose of the audit. This understanding should cover:
P a g e | 24
The objectives and scope of the expert’s work in performing routine or mechanical audit procedures. This is an
Methods and assumptions to be used by the expert acceptable practice provided the external auditor supervises and review
The intended use by the auditor of the expert’s work the work performed by the internal auditors
Form and content of the expert’s report
Audit – an overview
Expert’s relationship to the client
Professional standards
3. Assessing the work of the expert Auditor’s responsibilities
The auditor should assess the appropriateness of the expert’s work Audit process
as audit evidence regarding the financial statement assertion being Accepting an engagement
considered Audit planning
If the results of the expert’s work do not provide sufficient Consideration of internal control
appropriate evidence or the results are not consistent with other Audit objectives, procedures, evidence and documentation
evidence, the auditor should resolve the matter by discussing it with Audit sampling & Completing the audit and post-audit
the client and the expert or performing additional procedures, responsibilities
including possibly engaging the services of another expert Auditing in CIS environment
Other assurance and non-assurance services
CONSIDERING THE WORK OF INTERNAL AUDITING Special and other related topics
Code of Ethics (pdf)
Internal auditing is an appraisal activity established within an entity as a
RA 9298 (pdf)
service to the entity. Considering the work of internal auditor involves two
important phases:
For this purpose, the external auditor should consider the internal
auditor’s:
Competence
Objectivity
Due professional care
Scope of function
Aside from using the work performed by the internal auditors, the
external auditor may also request the assistance of the internal auditors