11.28.2018 Updated FAM

Financial Audit Manual (FAM)
Commission on Audit
Project 47291-001:
Enhancing Roles of Supreme Audit Institutions in Selected
Association of Southeast Asian Nations (ASEAN)
through the
Regional Capacity Development Technical Assistance (R-CDTA)
of the ADB and JFPR
1
Table of Contents
Introduction ................................................................................................................ 8
A. Basis for Manual Preparation ...................................................................................................... 8
B. Project requirements and INTOSAI prerequisites......................................................................... 9
COA Audit Framework ............................................................................................... 10

Overview of the Financial Audit Manual .................................................................... 12
A. Objective of Financial Statements Audit .................................................................................... 12
B. The Financial Statements AuditProcess ..................................................................................... 12
C. Applying the INTOSAI Financial Audit Guidelines (ISSAI 1000-2999) ........................................... 13
Section 1 ................................................................................................................... 14
Preliminary Engagement Activities ............................................................................ 14
I. Ensuring Engagement Team’s Independence and Compliance with the Ethical Standards ......... 14
II. Defining the Terms of Audit Engagement .................................................................................. 16
A. Establishing the Terms of Audit Engagement .......................................................................... 16
Obtaining written representation .................................................................................................. 16
B. Communicating the Terms of Engagement ............................................................................. 17
Appendix 1-1. Auditor’s Declaration of Independence and Compliance with Ethical Standards .......... 18
Appendix 1-2. Engagement Letter ...................................................................................................... 19
Appendix 1-3. Management Representation Letter ............................................................................ 22
Section 2 ................................................................................................................... 25
Planning Phase .......................................................................................................... 25
I. Preparing the Overall Audit Strategy ......................................................................................... 25
II. Conducting Preliminary Risk Assessment................................................................................... 26
A. Defining risks.......................................................................................................................... 26
B. Understanding the Audit Entity .............................................................................................. 27
C. Summarizing the results of preliminary identification of risks ................................................. 36
III. Conducting Final Risk Assessment ............................................................................................. 38
A. Determining the Materiality thresholds .................................................................................. 38
B. Assessing risksand determining risk responses ....................................................................... 42
IV. Preparing the Audit Engagement Plan ....................................................................................... 46
A. Updating the Overall Audit Strategy ....................................................................................... 46
2
B. Preparing the Audit Program .................................................................................................. 46
C. Preparing the Engagement Planning Memorandum ............................................................... 46
Appendix 2-1. Overall Audit Strategy ................................................................................................. 48
Appendix 2-2. Understanding the Agency (Common Planning Activity) .............................................. 52
Appendix 2-2A. Financial Accountability LogFrame ............................................................................ 54
Appendix 2-3. Agency-Level Controls Checklist .................................................................................. 55
Appendix 2-4. General Accounting Plan ............................................................................................. 73
Appendix 2-5. Variance Analysis of Financial Statements ................................................................... 74
Appendix 2-6. Summary Report on the Preliminary Identification of Risks.......................................... 75
Appendix 2-7. Template on DeterminingMateriality Level .................................................................. 76
Appendix 2-8. Results of Risk Assessment at the Assertion Level ........................................................ 78
Appendix 2-8A. Illustration on Results of Risk Assessment at the Assertion Level ............................... 79
Appendix 2-9. Audit Program ............................................................................................................. 81
Appendix 2-10. Engagement Planning Memorandum......................................................................... 82
Section 3 ................................................................................................................... 83
Audit Execution Phase ............................................................................................... 83
I. Execute Audit Tests ................................................................................................................... 83
A. Determining the nature, timing and extent of audit procedures ............................................. 83
B. Performing audit procedures.................................................................................................. 84
C. Gathering audit documentation and evidence ........................................................................ 94
D. Addressing risk areas that need specific considerations .......................................................... 98
E. Summarizing proposed audit adjustments and evaluating effects in the audit opinion ......... 103
II. Summarizing Audit Observations and Recommendations and Communicate with Those
Charged with Governance ....................................................................................................... 104
A. Areas for consideration in summarizing audit observations .................................................. 104
B. Elements of Audit Observation ............................................................................................. 105
C. Performing review of overall audit work............................................................................... 107
D. Tracking status of past years’ recommendations .................................................................. 107
III. Conduct Exit Conference ......................................................................................................... 109
Appendix 3-1. Summary of Audit Observations and Recommendations ........................................... 110
Appendix 3-2. Affirmation of Audit Team’s Independence and Compliance with Ethical Standards .. 111
Appendix 3-3. Recommendations Tracking Sheet ............................................................................. 112
3
Section 4 ................................................................................................................. 113
Reporting Phase ...................................................................................................... 113
I. Write the Independent Auditor’s Report ................................................................................. 114
A. Forming an Audit Opinion .................................................................................................... 114
B. Forms of Independent Auditor’s Report ............................................................................... 121
II. Specific Elements of the Independent Auditor’s Report ........................................................... 126
A. Title...................................................................................................................................... 126
B. Addressee ............................................................................................................................ 126
C. Report on the Audit of Financial Statements ........................................................................ 126
D. Report on Other Legal and Regulatory Requirements ........................................................... 136
E. Name of the Engagement Partner ........................................................................................ 137
F. Signature of the Auditor ....................................................................................................... 137
G. Auditor’s Address ................................................................................................................. 137
H. Date of the Independent Auditor’s Report............................................................................ 137
III. Comparative Information ........................................................................................................ 137
A. Corresponding Figures and Comparative Financial Statements ............................................. 138
IV. Special Considerations - Audits of Financial Statements Prepared in Accordance with Special
Purpose Frameworks .............................................................................................................. 139
V. Types of Audit Report ............................................................................................................. 139
Section 5 ................................................................................................................. 141

Quality Control Review............................................................................................ 141
I. Quality Control versus Quality Assurance ................................................................................ 141
II. Responsibility for quality control system and quality control procedures ................................ 141
III. Quality Control Review Process in COA ................................................................................... 142
IV. Quality control documents ...................................................................................................... 142
V. Quality control review documents .......................................................................................... 143
Appendix 5-1. Completion Compliance Checklist.............................................................................. 145
Appendix 5-2. Auditee Feedback Sheet ............................................................................................ 151
Appendix 5-3. Director’s Evaluation Form ........................................................................................ 154
Appendix 5-4. Financial Management Performance Rating .............................................................. 155
Works Cited ............................................................................................................ 157
4
List of Exhibits
Exhibit 1. General principles of public sector auditing in the audit of financial statements .......................... 8
Exhibit 2. COA Audit Framework ............................................................................................................... 10
Exhibit 3. Audit activities by audit phase ................................................................................................... 13
Exhibit 4. Diagramming Tool ................................................................................................................... 107
Exhibit 5. Decision Tree in Preparing the Auditor's Report ...................................................................... 115
Exhibit 6. Summary of Reporting Phase activities .................................................................................... 121
Exhibit 7. Quality Control Documents ..................................................................................................... 144
List of Tables
Table 1. The link between general auditing principles and financial audit specific requirements ................. 9
Table 2. ISSAIs related to written representations .................................................................................... 16
Table 3. Sources of financial information .................................................................................................. 27
Table 4. Examples of conditions and events that may indicate risks of material misstatements ................ 36
Table 5. Assertions in considering misstatements ..................................................................................... 37
Table 6. Examples of Risks ........................................................................................................................ 42
Table 7. Risk Decision Table ...................................................................................................................... 45
Table 8. List of Current Audit File and Permanent Audit File...................................................................... 96
Table 9. Summary of Modifications of the Independent Auditor’s Report ............................................... 124
Table 10. Levels of Quality Control Review.............................................................................................. 142
List of Illustrations
Illustration 1. Working Paper on Preliminary data analysis ........................................................................ 28
Illustration 2. Walkthrough Analysis for Source Agency (SA) – Fund Transfer Account............................... 33
Illustration 3. Sample Financial Information .............................................................................................. 41
Illustration 4. Sample Materiality Computation Table ............................................................................... 41
Illustration 5. Working Paper – Test of Control ......................................................................................... 87
Illustration 6. Sample Trend Analysis ........................................................................................................ 92
Illustration 7. Sample Top Schedule and Audit Conclusion ........................................................................ 95
Illustration 8. Summary of Proposed Audit Adjustments ......................................................................... 103
Illustration 9. Sample - Elements of an Audit Observation....................................................................... 106
Illustration 10. Sample enhancements to recommendations................................................................... 108
Illustration 11. Summary of Uncorrected Misstatements ........................................................................ 119
5
List of Acronyms
Acronym Definition
AAPSI Agency Action Plan and Status of Implementation
AAR Annual Audit Report
ADB Asian Development Bank
AICF Agency's Internal Control Framework
ALCC Agency-Level Controls Checklist
AM Audit Memorandum
AOM Audit Observation Memorandum
AP Audit Program
APMT Action Plan Monitoring Tool
ASEAN Association of Southeast Asian Nations
ATL Audit Team Leader
ATM Audit Team Member
CAAR Consolidated Annual Audit Report
CAATs Computer assisted audit techniques
CAF Current Audit File
CD Cluster Director
CGS Corporate Government Sector
COA Commission on Audit
COE COA Order of Execution
CR Control Risk
DV Disbursement Voucher
EPM Engagement Planning Memorandum
EQCR Engagement Quality Control Reviewer
FOU Field Operating Units
FRF Financial Reporting Framework
FS Financial Statements
GAM Government Accounting Manual
GAP General Accounting Plan
GL General Ledger
ICPPP Internal Control Policy, Procedures and Practices
IDI INTOSAI Development Initiative
INTOSAI International Organization of Supreme Audit Institutions
IR Inherent Risk
ICSPPS Internal Control Standards for Philippine Public Sector
ISQC International Standard on Quality Control
ISSAI International Standards of Supreme Audit Institutions
JEV Journal Entry Voucher
KAM Key Audit Matters
LGS Local Government Sector
6
Acronym Definition
LGU Local Government Unit
ML Management Letter
MOA Memorandum of Agreement
MRL Management Representation Letter
MT Materiality Template
NC Notice of Charge
ND Notice of Disallowance
NFD Notice of Finality of Decision
NGO Non-government organization
NGS National Government Sector
NS Notice of Suspension
OAS Overall Audit Strategy
PAF Permanent Audit File
PDA Preliminary data analysis
PFRS Philippine Financial Reporting Standards
PPE Property, Plant and Equipment
PPSAS Philippine Public Sector Accounting Standards
R-CDTA Regional Capacity Development Technical Assistance
RBFAM Risk-Based Financial Audit Manual
RD Regional Director
RMM Risk of Material Misstatement
RRAAL Results of Risk Assessment at the Assertion Level
RSA Regional Supervising Auditor
RTS Recommendation Tracking Sheet
SA Supervising Auditor
SAI Supreme Audit Institution
SAOR Summary of Audit Observations and Recommendations
SCBAA Statement of Comparison of Budget and Actual Amounts
SCF Statement of Cash Flows
SFP Statement of Financial Position
SRPIR Summary Report on Preliminary Identification of Risks
UTA Understanding the Agency
WP Working Paper
7
Introduction
A. Basis for Manual Preparation
1. The Philippines entered into an agreement with the Asian Development Bank: Regional Capacity
Development Technical Assistance (R-CDTA) for Project 111: Enhancing the Roles of Supreme Audit
Institutions in Selected Association of Southeast Asian Nations (ASEAN).The agreement was signed in
2015, and the Project was jump started in early 2016.
2. The Project aims to increase compliance with international standards on public sector financial audits
of the participating Supreme Audit Institutions (SAIs) by at least 20%. This objective agrees with a
similar strategy of the INTOSAI Development Initiative (IDI) for the SAIs to adopt the INTOSAI audit
guidelines so that they can meet the expectations of their stakeholders through quality audits and
ultimately strengthen the accountability of government. The cause and effect relationship of the
INTOSAI principles vis-à-vis public sector accountability is demonstrated as follows:
Exhibit 1. General principles of public sector auditing in the audit of financial statements
Value added
Principles of •The Level 4 through the
financial audit Financial Audit financial audits
ISSAIs can be used
• ISSAI 100 lists •ISSAI 200 as authoritative • According to
8 general explains those standards in the
principles for ISSAI 20, SAIs
principles in the audit practice or
public sector used as an contribute to
context of the
auditing financial example for best
auditing and practice of strengthening
financial audits in of public
those are the public sector
General elaborated sector
principles of further on ISSAIs accountability
public sector at level 4 Financial audit
auditing practice
3. In effect, the COA-ADB Financial Audit Manual willput into practice the IDI plan :
“to promote implementation of the INTOSAI audit principlesby translating

these into audit procedures in the SAIs audit manuals and followed in the
actual financial audit practice of the SAI.The results for financial audits,
communicated through audit reports to the stakeholders; increase
confidence of the stakeholders towards public sector financial statements
and enable better control over the use of taxpayers’ money. Ultimately
each financial audit will directly contribute to the SAIs role to strengthen
accountability, integrity, and transparency of governments and public
sector entities.”
8
B. Project requirements and INTOSAI prerequisites
4. A briefer on the INTOSAI fundamental prerequisites, fundamental Principles and the International
Standards of Supreme Audit Institutions (ISSAI) financial audit guidelines is necessary to better explain
their being considered as benchmarks of this Financial Audit Manual.
5. The ISSAI Framework is structured in four levels: Level 1: Founding Principles; Level 2: Prerequisites for
the Functioning of SAIs; Level 3: Fundamental Auditing Principles; and, Level 4: Auditing Guidelines.
6. The eight Fundamental Auditing Principles of Level 3, which are listed below, are the key elements of
public sector auditing regardless of the mandate of the SAI or the type of audits to be conducted.
These Principles and the Level 4 Auditing Guidelines (which are based on the detailed guidelines of the
Principles) are guides in preparing the Financial Audit Manual. The link is illustrated in this IDI table
showing the Principles, ISSAI guidelines and COA’s existing policies and practices as well as the
application of the principles in this Manual.
Table 1. The link between general auditing principles and financial audit specific requirements
General Auditing COA’s existing policy and application of
Principle explanation in ISSAI 100
Principle the principles in this Manual
Ethics and Auditors should comply with relevant COA has adopted the Revised Code of
independence ethical requirements and be Conduct and Ethical Standards for COA
independent. Officials and Employees under
Professional Auditors should maintain an appropriate Resolution No. 2018-010 dated
judgment, due care professional behavior by applying February 1, 2018.
and skepticism professional skepticism, professional
judgment and due care throughout the
audit.
Quality control Auditors should perform the audit in The audit tools to assist and guide
accordance with professional standards Auditors in ensuring the quality of audit
on quality control. are prescribed in the Manual. The
Auditors’ compliance with the Manual
will be assessed using the compliance
checklist prescribed under Section 5 of
this Manual.
Audit team Auditors should possess or have access The training of Auditors is a continuous
management and to the necessary skills. activity. They will be trained in the use
skills of the Manual and of other issuances to
keep them updated on international
standards.
Audit risk Auditors should manage the risks of This issue is being addressed in this
providing an inappropriate report in the Manual.
circumstances of the audit.
Materiality Auditors should consider materiality The determination of materiality
throughout the audit process. threshold is discussed under Section 2
of this Manual.
Documentation Auditors should prepare audit The auditor shall be guided by the step
documentation in sufficient detail to by step procedures provided in this
provide a clear understanding of work Manual.
9
General Auditing COA’s existing policy and application of
Principle explanation in ISSAI 100
Principle the principles in this Manual
performed, evidence obtained and
conclusions reached.
Communication Auditors should establish effective The auditors maintain open
communication throughout the audit communication with the auditees which
process. is also defined in the Audit Terms of
Engagement proposed in the Manual.
7. The Plan of action towards full compliance with the ISSAI is based on the IDI recommended approach,
however subject to the SAI’s own development selection requirements.
8. Exhibit 2 of the Overview Section presents the COA Audit Framework for specific audit streams and
shows the flow from one audit phase to another (Planning, Execution and Reporting). The Manual
narrations were based on ISSAI financial audit guidelines in so far as financial audit is concerned.
COA Audit Framework
1. Below is a graphical presentation of the COA Audit Framework common to all audit streams –
Financial Audit, Compliance Audit and Performance Audit. The orange box displays the Strategic Audit
Planning and Risk Identification comprising the Preliminary Engagement, Planning, Execution and
Reporting. The second phase of the audit, which is Planning, includes common planning activities,
such as, Preparing the Overall Audit Strategy, Understanding the Agency and Understanding the
Agency’s Internal Control. In addition, there are planning activities that are specific for the three audit
streams. These specific planning activities under the FINANCIAL AUDIT include focusing on accounting
and financial transactions, determining levels of materiality, assessment of risks of material
misstatements that ultimately leads to the rendering of an opinion on the fairness of presentation of
the agency’s/unit’s/corporation’s financial statements.
2. The blue box displays the four stages of the audit giving important consideration on quality control
encompassing all four stages.
Exhibit 2. COA Audit Framework
Strategic Planning and Risk Identification

Preliminary Engagement
Quality Control
10
3. The template for Understanding the Agency (Appendix 2-1) may include the following:
a) A general overview of the entity’s organization and operations;

b) Program Expenditure Classification (PREXC) or the agency’s main activities and critical processes;
c) Projects/Programs/Activities;
d) The audit opinion/s rendered on the agency for the last three years and the reasons for
qualifications, if any;
e) The financial management rating of the auditor on the auditee;
f) Auditor’s notes on any component that may be significant to the conduct of all audit streams.
4. For other information relating to financial audit, please refer to the discussion on Understanding the
Audit Entity in Section 2 Planning Phase of this Manual.
11
Overview of the Financial Audit Manual
A. Objective of Financial Statements Audit
1. The objectives of a financial audit in the public sector are often broader than expressing an opinion
whether the financial statements have been prepared, in all material respects, in accordance with the
applicable financial reporting framework (i.e. the scope of the ISSAIs). The audit mandate, or
obligations for public sector entities, arising from legislation, regulation, ministerial directives,
government policy requirements, or resolutions of the legislature may result in additional objectives.
These additional objectives, which may be of equal importance to the opinion on the financial
statements, may include audit and reporting responsibilities, for example, relating to reporting
whether public sector auditors found any instances of non-compliance with authorities including
budgets and accountability frameworks, and/or reporting on the effectiveness of internal control.
However, even when there are no such additional objectives, there may be general public
expectations in regard to public sector auditors’ reporting of non-compliance with authorities or
reporting on effectiveness of internal control. Such additional responsibilities would be reported in a
separate section of the auditor’s report.
B. The Financial Statements Audit Process
2. The financial audit guidelines are explained with the aid of illustrations and suggested templates for
use as the case may be.
3. Guidelines are divided in five main sections excluding this Overview section:
Section 1: Preliminary Engagement Activities;

Section 2: Planning Phase;
Section 3: Audit Execution Phase;
Section 4: Reporting Phase; and
Section 5: Quality Control Review.
4. Exhibit 3 presented in the next page identifies the more important aspects discussed in each of the
sections and the applicable ISSAI.
12
Exhibit 3. Audit activities by audit phase
 Ensure engagement team’s independence and compliance with ethical standards
Preliminary (ISSAIs 1200; 1220)
Engagement  Define the terms of engagement (ISSAIs 1210; 1260)
 Prepare overall audit strategy (ISSAI 1300)
 Understand the audit entity (ISSAI 1240; 1250; 1265; 1300; 1315;1550; 1610)
 Summarize results of preliminary identification of risks (ISSAI 1315; 1610)
Planning
QUALITY CONTROL
 Determine materiality thresholds (ISSAI 1320)

 Assess risks and determine risk responses (ISSAIs 1315; 1330)
 Prepare Audit Engagement Plan (ISSAI 1300)
 Execute audit tests (ISSAIs 1260; 1230; 1500; 1501; 1520; 1530; 1540; 1560; 1600;
1450)
Execution  Summarize audit observations and recommendations (ISSAI 1230)
 Conduct exit conference (ISSAI 1230)
 Evaluate misstatement (ISSAI 1450)
Reporting  Affirm written representations (ISSAI 1580)
 Form an audit opinion (ISSAI 1700 series (Revised); 1800; 1805)

 Establish responsibility for quality control system and quality control procedures (ISSAI
Quality Control 1220)
Review  Quality Control Review Process (ISSAI 1220)
 Document Quality Control Review Process (ISSAI 1220)
C. Applying the INTOSAI Financial Audit Guidelines (ISSAI 1000-2999)
5. The ISSAI 1700 (Revised) notes that depending on the standards applied, the public sector auditors
may refer to relevant auditing standards in one of the following ways:
a) in accordance with national standards, which are based on [or consistent with] the Fundamental
Auditing Principles (ISSAIs 100-999) of the International Standards of Supreme Audit Institutions
(refer to ISSAI 200.12);
b) in accordance with international standards (ISSAIs 1000-2999) (refer to ISSAI 200.13a);
c) in accordance with ISAs (refer to ISSAI 200.13b)
COA has adopted the INTOSAI Financial Audit Guidelines under COA Resolution Nos. 2013-007, 2014-
011, and 2016-007.
13
Section 1
Preliminary Engagement Activities
1. Under Presidential Decree 1445 (PD 1445) or the Government Auditing Code of the Philippines, the
Commission on Audit (COA) operates under the audit residency approach where government auditors
and COA-assigned administrative staff have the legal right to hold office in COA resident audit offices
based in the audited agencies.
2. Residency audits are justified by the multifarious audit and non-audit functions performed on a year-
round basis by the COA Auditors. Aside from audits (financial, performance, compliance, initial fraud
reviews, post audit of transactions, cash examinations of all cash accountable officers), they perform
non-audit related functions required by law including the custody of vouchers and witnessing of asset
disposals; among others. Given the power of the Commission under PD 1445 to institute measures
designed to preserve and ensure the independence of its representatives, COA is moving its auditors
by phase from the premises of the Auditees to the Satellite Audit Offices, subject to availability of
facilities.
3. With the residency approach, and the mandate of COA under the Constitution and the PD 1445, there
are certain ISSAI requirements which can be done away with:
a) A review of the auditee’s professional and ethical practices as the results cannot be used as basis
for deciding whether to accept and/or continue with the engagement under ISSAI 1220. COA is
mandated under the Constitution and the PD 1445 to conduct audit of all government agencies
and instrumentalities. Unethical practices constitute “corrupt acts” under Republic Act 3019, Anti-
Graft and Corrupt Practices Act, and must be considered by the COA Auditor.
b) The need for the audited agency to signify conformity with the terms of engagement under ISSAI
1210. COA audits are mandated by law and the auditee has no discretion to refuse audit. The
engagement terms which are contained in a formal letter issued to the Agency (discussed in this
Section) must be explained during the entrance conference for understanding and compliance by
the agency.
4. As such, preliminary engagement activities will involve:

I. Ensuring Engagement Team’s Independence and Compliance with Ethical Standards; and
II. Defining the Terms of Audit Engagement.
I. Ensuring Engagement Team’s Independence and Compliance with the Ethical Standards
5. The purpose of a financial statements audit is to enhance the degree of confidence of intended users
in the financial statements. This is achieved by the expression of an opinion by the Auditor on whether
the financial statements are prepared, in all material respects, in accordance with an applicable
financial reporting framework. In the case of most general purpose frameworks, the opinion is on
whether the financial statements are presented fairly, in all material respects in accordance with the
framework. An audit conducted in accordance with the standards and relevant ethical requirements
enables the auditor to form that opinion, which is required under ISSAI 1200.
14
6. The audit team is also required under ISSAI 1220 to implement quality control procedures at the
engagement level to have a reasonable assurance that:
a) The audit complies with professional standards and applicable legal and regulatory requirements;
and
b) The auditor’s report issued is appropriate in the circumstances.
7. To ensure COA stakeholders that the audits conducted are in accordance with international standards,
the Supervising Auditor/Regional Supervising Auditor (SA/RSA), Audit Team Leader (ATL) and Audit
Team Members shall execute the Auditors’ Declaration of Independence and Compliance with Ethical
Standards, and confirmed by the Cluster/Regional Director (Appendix 1-1). This is also in line with the
adoption of the Revised Code of Conduct and Ethical Standards for COA Officials and Employees under
COA Resolution No. 2018-010 dated February 1, 2018.
8. Throughout the audit engagement, the Cluster/Regional Director (CD/RD) shall ensure that:
a) There are no threats to the independence of the audit engagement and that members of the
engagement team comply with relevant ethical standards. In instances that might compromise the
auditor’s ability to form an audit opinion without being affected by other influences, a written
notification must be made to update the Auditor’s Declaration of Independence and Compliance
with Ethical Standards. Threats to independence may take the form of:
i. Conflict of interest;
ii. Individual values system; or
iii. Familiarity with key management officials
b) The engagement team collectively possesses appropriate competence and capabilities to: (a)
perform the audit engagement in accordance with professional standards and applicable legal and
regulatory requirements; and (b) issue an auditor’s report that is appropriate in the
circumstances.
c) Due professional care is exercised. Due professional care requires the auditor to
exercise professional skepticism, an attitude that includes a questioning mind and a critical
assessment of audit evidence and to use the knowledge, skill, and ability called for by the
profession of public accounting to diligently:
i. Gather and objectively evaluate evidence;

ii. Gauge the experience and qualification level of an audit staff in relation to the audit area/s
where he/she is assigned. More experienced staff or those with special skills and expertise
are assigned to the riskier assertions and accounts. Technical audit staff such as civil
engineers should be requested when the audit requires an evaluation of infrastructure
projects;
iii. Exercise closer supervision over critical areas especially where fraud was uncovered; and
iv. Identify areas where additional elements of unpredictability should be incorporated in the
audit procedures that need to be performed.
15
II. Defining the Terms of Audit Engagement
9. The two sub-steps in undertaking this particular activity are: Establishing the terms of Audit
Engagement; and, Communicating the Terms of Audit Engagement with those charged with
governance
A. Establishing the Terms of Audit Engagement
10. The terms of the audit engagement required under ISSAI 1210 shall be established before the
commencement of the audit of a certain financial period. The audit engagement letter (Appendix 1-2)
or other suitable form of written engagement shall include: (a) the objective and scope of the audit of
the financial statements; (b) the responsibilities of the auditor; (c) the responsibilities of management;
(d) identification of the applicable financial reporting framework which is Philippine Public Sector
Accounting Standards (PPSAS)or Philippine Financial Reporting Standards (PFRS), for the preparation
of the financial statements; (e) reference to the expected form and content of any reports to be issued
by the auditor; and (f) a statement that there may be circumstances in which a report may differ from
its expected form and content.
11. This letter shall also specify the required disclosures for inclusion in the Notes to Financial Statements,
particularly, Related Parties, Claims and Litigations and Segment Accounting, if these exist; the
performance review to be done on the financial accounting and reporting practices of the auditee; the
deadline for the submission of a final Management representation letter and the requests for copies
of specific reports and appointments for interview.
12. For foreign assisted projects, the engagement letter will consider the requirements of the foreign
lending institution.
Obtaining written representation
13. Written representation is a written statement provided by management, and where appropriate,
those charged with governance to confirm certain matters or support other audit evidence. It also
contains management’s representation that:
a) It has fulfilled its responsibilities for the preparation and fair presentation of financial statements
in accordance with applicable financial reporting framework;
b) It has provided the auditors with all relevant information and access as required in the
Engagement Letter. The management’s responsibility as discussed in the Engagement Letter shall
be included in the written representation;
c) All transactions have been recorded and are reflected in the financial statements;
d) Other concerns such as propriety of selection and application of accounting policies, compliance
with applicable frameworks in terms of recognition, measurement and presentation of accounts
and disclosures, and specific assertions in the financial statements.
14. Written representations are particularly required under the following ISSAIs:
Table 2. ISSAIs related to written representations

ISSAI Subject
16
ISSAI Subject
1240 The Auditee’s Responsibility Relating to fraud in the Audit of Financial Statements (par. 39)
1250 Consideration of Laws and Regulations in the Audit of Financial Statements (par. 16)
1450 Evaluation of Misstatements Identified during the Audit (par. 14)
1501 Audit Evidence – Specific Considerations for Selected Items (paragraph 12)
1540 Auditing Accounting Estimates including Fair Value Accounting Estimates and Related
Disclosures (par. 22)
1550 Related Parties (par. 26)
1560 Subsequent Events (par. 9)
1570 Going Concern (par. 16e)
1710 Comparative Information, Corresponding Figures and Comparative Financial Statements
(par. 9)
15. The Management Representation Letter (Appendix 1-3) should be issued as near as practicable to, but
not after, the date of the auditor’s report on the financial statements. The written representations
shall be for all financial statements and period(s) referred to in the auditor’s report. (ISSAI 1580, par.
14)
16. If the auditor did not receive the requested written representation or doubts the competence,
integrity, ethical value or diligence of management, or its commitment to, or enforcement thereof, in
particular, if written representations are inconsistent with other audit evidence, and the matter
remained unresolved despite additional audit procedures performed, the auditor shall determine the
effect that such concerns or non-submission thereof, may have on the reliability of oral or written
representations and audit evidence in general.
B. Communicating the Terms of Engagement
17. The engagement letter shall be issued to management or to those charged with governance. After the
engagement letter is formally acknowledged as received, the Audit Team shall arrange for an entrance
conference taking into consideration the availability of management, to discuss the conditions cited in
the terms of engagement. There is no need to seek conformity by the auditees with the terms of
engagement because the COA is constitutionally and legally mandated to audit all government
agencies. However, the auditee’s cooperation and assistance should be sought specifically as to their
responsibilities under the terms of engagement, such as submission of required documents or
schedules, and availability in meetings or interviews on dates agreed upon during the meeting.
17
Appendix 1-1. Auditor’s Declaration of Independence and Compliance with
Ethical Standards
REPUBLIC OF THE PHILIPPINES

COMMISSION ON AUDIT
Commonwealth Avenue, Quezon City, Philippines
AUDITOR’S DECLARATION OF INDEPENDENCE AND COMPLIANCE

WITH OTHER ETHICAL STANDARDS
As (state designation; e.g. team member, team leader, supervising auditor/regional supervising auditor), I
acknowledge my assignment which requires me to be part of the audit team to conduct a financial audit of
the ____(Name of Agency)____ for the financial year ended _______.
I declare that to the best of my knowledge, I know of nothing that might impair my independence and
impartiality on the Audit that will contravene the independence requirements of any applicable code of
professional conduct in relation to the audit.
Responsibility to Update This Declaration
I understand that I am also responsible to make timely written notification in the event any other
circumstance arises during the course of this audit that might impair or appear to impair my independence
with respect to this audit.
__ (Signature over printed name) __ Date:

Designation (SA/RSA/ATL/ATM)
Cluster/Regional Director’s Certification:
I have assigned the above staff to work on the stated audit and I am not aware of anything that might
impair his/her independence and impartiality and the competence of the Audit Team.
__ (Signature over printed name)__ Date:

Cluster/Regional Director
18
Appendix 1-2. Engagement Letter

COMMISSION ON AUDIT
Date
AGENCY HEAD
Agency XYZ
Quezon City
Attention: Chief Accountant
Dear ______________;
Pursuant to the Philippine Constitution of 1987, Article IX-D, Section 2, the Commission on Audit (COA) shall
examine, audit, and settle all accounts pertaining to the revenue and receipts of, and expenditures or uses of funds
and property, owned or held in trust by, or pertaining to, the Government, or any of its subdivisions, agencies, or
instrumentalities. In this connection, the COA Audit Team will audit your Agency’s financial reports and financial
reporting processes for the year ended xxx.
A. Audit objectives
1. The objectives of this audit are as follows:
1.1 Express an opinion on whether your financial statements are fairly presented, in all material respects, in
accordance with Philippine Public Sector Accounting Standards (PPSAS)/Philippine Financial Reporting
Standards (PFRS).
1.2 Communicate whether the internal control, particularly those affecting accounting and financial
reporting systems, are operating effectively to provide reasonable assurance that misstatements,
losses, or non-compliance would be reported in a timely basis.
1.3 Communicate the results of tests of compliance with selected provisions of laws and regulations,
including budgets and accountability issues, and details of audit suspensions, charges and disallowances
identified during the audit.
B. Auditor’s responsibilities
2. We will conduct our audits in accordance with International Standards of Supreme Audit Institutions (ISSAIs)
issued by the International Organization of Supreme Audit Institutions (INTOSAI) to which the Commission is
a member. Those standards require that we comply with ethical requirements and plan and perform the
audit to obtain reasonable assurance about whether the financial statements are free from material
misstatement and comply with applicable laws and regulations.
3. We will perform procedures to obtain audit evidence about amounts and disclosures in the financial
statements. The procedures selected depend on the auditor’s judgment, including assessment of the risks of
material misstatement of the financial statements; whether due to fraud or error. In making those risk
assessments, we will limit internal control testing to those controls over financial reporting and compliance
issues which we consider critical based on our experienced professional judgment. However, we will not
19
test compliance with all laws and regulations applicable to the Agency. We caution that non-compliance
may occur and not be detected by these tests and that such testing may not be sufficient for other
purposes.
4. Our procedures will include internal control review; examination of documents/records/reports; analysis,
confirmation and inspection of selected accounts, transactions and projects, as necessary.
5. We will communicate in writing any significant deficiencies and material weaknesses that come to our
attention as a result of the audit. In addition, we will communicate suggestions to improve agency
operations and address control deficiencies identified during our audit.
C. Agency Financial Management Performance
6. As part of the audit, we will assess agency financial management performance. The results of such
assessment will be communicated to you in a separate report.
D. Audit Limitations
7. Although the audit is designed to provide reasonable assurance of detecting errors and irregularities that
are material to the financial statements, it is not designed and cannot be relied upon to disclose all fraud,
defalcations, or other irregularities. However, we will inform you of any material errors, and all irregularities
or illegal acts, unless they are clearly inconsequential, that come to our attention.
E. Agency’s responsibilities
8. Management is responsible for:
8.1 The preparation and fair presentation of the following financial statements in accordance with
PPSAS/PFRS and submission of the same on deadlines set by the Commission on Audit:
 Statement of Financial Position

 Statement of Financial Performance / Statement of Comprehensive Income /
Statement of Profit or Loss
 Statement of Cash Flows
 Statement of Changes in Net Assets/Equity / Statement of Changes in Equity
 Statement of Comparison of Budgets and Actual Amounts
 Notes to Financial Statements
8.2 Making all financial records and reports, and related information available to us and for adjusting the
financial statements to correct material misstatements, and other information as required under ISSAI
1720.
8.3 Issuing the Management Representation Letter as near as practicable to, but not after, the date of the
auditor’s report on the financial statements, in cases of events occurring up to the date of the auditor’s
report that may require adjustment to or disclosure in the financial statements, by the Chief
Accountant/Head of Finance Group and the Head of the Agency which will form part of the audit report
(format attached for your reference).
8.4 Submitting status of any pending claims and litigation involving the Agency, breakdown of related party
transactions and subsequent events which have to be adjusted and/or disclosed in the Notes to
Financial Statements.
20
9. Management is encouraged to confer with the Auditor as to the required formats of the financial
statements to facilitate compliance with the presentation requirements of the PPSAS/PFRS.
F. Assistance from Management
10. We will request assistance for the following, among others:
10.1 Assignment of focal person/s to facilitate meetings and requests relative to the audit
10.2 Preparing schedules or analyses and providing needed documents
10.3 Conferring with your officials and staff to facilitate understanding of the agency operation
10.4 Access to the work of internal auditors to facilitate review of internal control and risk assessment
related to audit of financial information
10.5 Workspace for the duration of the audit as required
10.6 Facilitating requirements of the audit team/s assigned to conduct field inspections and observations.
G. Use and reproduction of COA audit reports
11. The working papers for this engagement are the property of the Commission on Audit and constitute
confidential information. However, certain documents may be made available upon request subject to
pertinent COA issuances. The Annual Audit Report, once released, will be published in the COA website, for
information of the public.
H. Audit Timelines
12. Subject to availability of requirements contained in this Letter, we expect to complete our audit and
transmit the required audited financial statements and report to management on or before _____.
I. Auditee’s Feedback on Audit Team’s Performance
13. After completion of the audit, the COA Central Office will send a Feedback Sheet to assess the team’s
performance as a way of improving the quality of our audits and our service to our audit clients. Please send
the filled in sheet duly signed by your Designated Official to the Office of the [Cluster/Region], [Sector],
Commission on Audit, Quezon City.
We look forward to your full cooperation during the audit.
Sincerely,
__Signature over Printed Name__

Date Received by the Agency:

By: Name and Signature:____________________
Stamp date and signed received
21
Appendix 1-3. Management Representation Letter
Letterhead of the Audited Agency
Date (near but never after the date of the Auditor’s Report)
Management Representation Letter
Cluster/ Regional Director

Commission on Audit
Commonwealth Avenue
Quezon City
Subject: Name of Agency/Corporation/LGU Being Audited
This representation letter is provided in connection with your audit of the financial statements of the
Agency/Corporation/LGU for the year ended December 31, 20xx for the purpose of expressing opinions as to: (i)
whether the financial statements are presented fairly, in all material respects, in accordance with Philippine Public
Sector Accounting Standards (PPSAS)/Philippine Financial Reporting Standards (PFRS) and government accounting
standards and as to other terms required, if any,
Statement of Management's Responsibility for the Financial Statements
We affirm that the financial statements for the __(name of Agency/Corporation/LGU)__ are management's
responsibility; that these were prepared in accordance with the PPSAS/PFRS, that all relevant information was
provided the Commission on Audit Team, that access to relevant information and records were made available and
that all transactions were recorded and reflected in the financial statements; and that all instances of non-
compliance of which we are aware is disclosed to the COA.
Specific Affirmations pertaining to the Financial Statements Provided to the Commission on Audit
We affirm that to the best of our knowledge and belief, having made such inquiries as we considered necessary for
the purpose of appropriately informing ourselves:
A. Financial Statements
We have fulfilled our responsibilities, as set out in the terms of the audit engagement dated _____ , for the
preparation of the financial statements in accordance with the PPSAS/PFRS:
1. In particular the financial statements are fairly presented.

2. Significant assumptions used by us in making accounting estimates, including those measured at fair
value, are reasonable.
3. Related party relationships and transactions, if any, have been appropriately accounted for and
disclosed in accordance with the requirements of the PPSAS/PFRS.
4. All events subsequent to the date of the financial statements and for which PPSAS/PFRS require
adjustment or disclosure have been adjusted or disclosed.
5. All matters related to claims, litigations, assessments and dispute have been disclosed to COA by our
Legal Office and external legal counsel.
6. The financial statements are free from material misstatements including omissions and errors, and are
fairly presented.
7. The effects of uncorrected misstatements are immaterial, both individually and in the aggregate, to the
22
financial statements as a whole. A list of the uncorrected misstatements is attached to the
representation letter.
8. The selection and application of accounting policies are appropriate.
9. The following have been recognized, measured, presented or disclosed in accordance with the
PPSAS/PFRS:
a. Plans or intentions that may affect the carrying value or classification of assets and liabilities;
b. Liabilities, both actual and contingent;
c. Title to, or control over, assets, the liens or encumbrances on assets, and assets pledged as
collateral; and
d. Aspects of laws, regulations and contractual agreements that may affect the financial statements,
including non-compliance.
In preparing the financial statements, management is also responsible for assessing the
Agency/Corporation/LGU’s ability to continue as a going concern, disclosing, as applicable, matters related to
going concern and using the going concern basis of accounting unless management either intends to liquidate
the Agency/Corporation/LGU or to cease operations, or has no realistic alternative but to do so.
B. Internal Control
1. We have assessed the effectiveness of the [Agency/Corporation/LGU's] internal control in achieving the
following objectives:
a. Reliability of financial reporting
b. Compliance with applicable laws and regulations
c. Safeguarding of assets
d. Achievement of agency objectives
2. We have disclosed to you all significant deficiencies in the design or operation of internal control that
could adversely affect the entity's ability to meet the internal control objectives and identified those we
believe to be material weaknesses.
3. There have been no changes to internal control subsequent to [date of latest audited financial
statements], or other factors that might significantly affect it. [If there were changes, describe them,
including any corrective actions taken with regard to any significant deficiencies or material
weaknesses.]
C. Compliance
1. The activities and financial transactions are in compliance with the relevant government rules and
regulations.
2. We have provided you with interpretation of compliance requirements that may have varying
interpretations
3. All contracts, agreements and other correspondence have been made available
4. We have disclosed all contracts and agreements with service organizations, including any
communications with those organizations related to instances of non-compliance.
5. The Agency/Corporation/LGU has been operated effectively, throughout the period covered by the
audit.
D. Information Required
1. We have provided you with :

a. Access to all information of which we are aware that is relevant to the preparation of the financial
statements such as records, documentation and other matters
b. Additional information that you have requested from us for the purpose of the audit
c. Unrestricted access to persons within the entity from whom you determined if necessary to obtain
audit evidence
23
2. All transactions have been recorded in the accounting records and are reflected in the financial
statements
3. We have disclosed to you the specific results of our assessment of the risk indicating that the financial
statements may be materially misstated as a result of fraud
4. We have disclosed to you all information in relation to fraud or suspected fraud that we are aware of
and that affects the entity and involves: management; employees who have significant roles in internal
control; or others where the fraud could have a material effect on the financial statements.
5. We have disclosed to you all known instances of non-compliance or suspected non-compliance with
laws and regulations whose effects should be considered when preparing financial statements.
6. We have disclosed to you the identity of related parties and all the related party relationships and
transactions of which we are aware
Signed:
_____Signature over Printed Name____ _____Signature over Printed Name_____

Chief Accountant /Head of Finance Group Head of Agency/Authorized Representative
Date Date
24
Section 2
Planning Phase
1. Under ISSAI 1300, planning is not a discrete phase of an audit but rather a continual and iterative
process that often begins shortly after the completion of the previous audit and continues until the
completion of the current audit.
2. Planning activities involve the following steps:
I. Preparing the Overall Audit Strategy

II. Conducting Preliminary Risk Assessment
A. Defining risks
B. Understanding the Audit Entity
a. Updating information base for financial audit and conducting preliminary risk assessment
b. Assessing other matters for consideration
1. Understanding Fraud Risks
2. Understanding risks from non-compliance with laws, rules and regulations
C. Assessing related parties
D. Summarizing results of preliminary identification of risks
III. Conducting Final Risk Assessment

A. Determining the materiality threshold
B. Assessing risks and determining risk responses
a. Performing Risk assessment
b. Determining Risk responses
IV. Preparing Audit Engagement Plan

A. Updating overall audit strategy
B. Preparing the audit program
C. Preparing the engagement planning memorandum
I. Preparing the Overall Audit Strategy
3. Establishing the audit strategy involves setting the scope, timing and direction of the audit towards
the development of an Audit Engagement Plan. When developing the overall strategy, ISSAI 1300
identifies these concerns:
a) Identify the characteristics of the engagement that define its scope;

b) Ascertain the reporting objectives of the engagement to plan the timing of the audit and the
nature of the communications required;
c) Consider the factors that, in the auditor’s professional judgment, are significant in directing the
engagement team’s efforts;
d) Consider the results of preliminary engagement activities and, where applicable, whether
knowledge gained on other engagements performed by the engagement partner for the entity is
relevant; and
e) Ascertain the nature, timing and extent of resources necessary to perform the engagement.
25
4. The overall audit strategy is prepared by the ATL, reviewed by the SA/RSA and approved by the
CD/RD. The auditor may need to modify the overall audit strategy as the circumstances arise because
of unforeseen events, changes in conditions, or the audit evidence obtained from the results of audit
procedures which indicate significant changes in strategy. These changes, while allowable, must be
approved by the CD/RD upon the recommendation of the SA/RSA. Frequent changes should be
avoided as these indicate poor planning. The overall audit strategy template is attached as Appendix
2-1 of this Section.
II. Conducting Preliminary Risk Assessment
A. Defining risks
5. Based on paragraph 1.6.1 of RBFAM, risk is the probability of an act or event occurring that would
have an adverse effect in the achievement of an agency’s objectives.
6. Agency risk is defined as the threat that an event, action or inaction will adversely affect the agency’s
ability to successfully achieve its mandate and objectives and execute its strategies.
7. Audit risk is the risk that the auditor expresses an inappropriate opinion when the financial
statements are materially misstated. The three components of audit risks are:
a) Inherent risk is the susceptibility of an assertion, about a class of transaction, account balance or
disclosure to a misstatement that could be material, either individually or when aggregated with
other misstatements, before consideration of any related controls. (IRRBAM, par. 2.6.1 (b))
b) Control risk is the risk that a misstatement that could occur in an assertion about a class of
transaction, account balance or disclosure and that could be material, either individually or when
aggregated with other misstatements will not be prevented, or detected and corrected, on a
timely manner by the entity’s internal control. (IRRBAM, par. 2.6.1 (c))
c) Detection risk is the risk that the auditor’s procedures will not detect a misstatement that exists
in an assertion that could be material, individually or when aggregated with misstatements.
(RBFAM, par. 1.6.1)
8. The factors that may affect inherent risk assessment are:
a) Judgment – a high degree of judgment is involved in business transactions.

i. Degree of subjectivity
ii. Competence and experience of agency personnel
b) Estimates – significant estimates are included in transactions.
i. Susceptibility to material misstatement
ii. Variations from expected amounts
iii. Transactions not subjected to routine processing
c) Complexity – the transactions in which a business engages are highly complex, and so are more
likely to be completed or recorded incorrectly.
i. Size and composition
26
ii. Effects of external factors
iii. Completion of unusual/complex transactions at or near period-end
9. The preliminary assessment of control risk is based on the following:
a) Evaluation of the design of controls done in Understanding the Process activity;

b) Information obtained from prior periods’ engagements, if available; and
c) Information obtained from the results of walkthrough procedures in Understanding the Process
activity.
10. For a given level of audit risk, the acceptable level of detection risk bears an inverse relationship to
the assessed risks of material misstatement (inherent risk plus control risk) at the assertion level. For
example, the greater the risk of material misstatement the auditor believes exists, the less the
detection risk that can be accepted and, accordingly, the more persuasive the audit evidence required
by the auditor. (ISSAI 1200, par. A44)
11. Detection risk relates to the nature, timing and extent of the auditor’s procedures that are determined
by the auditor to reduce audit risk to an acceptably low level. It is therefore a function of the
effectiveness of a procedure and of its application by the auditor. Matters such as: (a) adequate
planning; (b) proper assignment of personnel to the engagement team; (c) the application of
professional skepticism; and (d) supervision and review of the audit work performed, assist to
enhance the effectiveness of an audit procedure and of its application and reduce the possibility that
an auditor might select an inappropriate audit procedure, misapply an appropriate audit procedure, or
misinterpret the audit results. (ISSAI 1200, par. A45)
B. Understanding the Audit Entity
12. COA performs, among others, financial, compliance, and performance audits through assigned
resident auditors who have been stationed in their respective agencies for at least three years. Thus,
auditors have practically broad knowledge of agency operations which should be summarized in the
Understanding the Agency (UTA) Template attached as Appendix 2-2.
13. To enhance Auditor’s understanding of the audit entity, the following steps shall be undertaken:
a. Updating information base for financial audit and conducting preliminary risk assessment;
b. Assessing other matters for consideration; and
c. Assessing Related Parties transactions
a. Updating information base for financial audit and conducting preliminary risk assessment
14. Given the extent and quality of information available to COA Auditors, the sources of financial
information to be used as basis for the preliminary risks assessment review are categorized as:
Table 3. Sources of financial information

Category Sources Information to be obtained
1. COA  Financial, compliance and performance audit  Possible causes of misstatements due to
information reports; cash examination reports; fraud audit errors, fraud;
27
Category Sources Information to be obtained
base reports; project audit reports;  Financial statements accounts which may
 Bank Statements and Bank Reconciliation be misstated;
Statements;  Inherent risks for specific accounts
 Property and personnel accountability audits particularly cash, PPE; expenditures;
 Notices of Suspensions, Charges and  Possible controls which need to be tested;
Disallowances, Notices of Finality of Decisions  Possible risk areas
(NFD), COA Order of Execution (COE);
 Evaluation/investigation reports/emerging
issues from newspaper accounts;
 Financial Reports such as Reports of Checks
Issued and Report of Collections and Deposit
 Disbursement Vouchers
 Recommendation Tracking Sheet (RTS)
2. Auditees and  Charter or mandate;  Adequacy of internal control over financial
other offices  Manual of operations; reporting;
 Internal audit reports;  Risks posed affecting specific financial
 Minutes of meetings and conferences with the statements accounts;
agency;  Agency’s primary functions;
 Official directives, new laws and regulations  Limits of authority
affecting the agency;  Operations flow in relation to internal
 Appropriations/annual budget and other control
financial and project reports
3. Generated  Internal Control Policy, Procedures and  Adequacy of internal control;
based on audit Practices (ICPPP) (or General Accounting  Risks posed affecting financial statements
analysis Plan (GAP) for national agencies); accounts;
performed  Financial Statement Analysis  Risks on assertions related to presentation
and disclosure
15. Analysis of information under categories 1 and 2 may assist the audit team in identifying accounts
with possible material misstatements. To illustrate, results of analysis based on categories 1 and 2
information follow:
Illustration 1. Working Paper on Preliminary data analysis
Income/Ex
Amount Real
pense Assertions
Sources Issues Involved Account
Account Affected
(in PhP) Affected
Affected
Category 1
1. Bank Unrecorded reconciling items, 500,000.00 Cash Interest Complete-
Reconciliation i.e. interest income Income ness
Statements
2. Notices of Two NDs considered final and 5,000,000.00 Receivable; Accuracy,
disallowance executor were issued NFD/COE. Retained Complete-
(ND) The disallowance was not yet Earnings ness
recorded in the books.
3. Result of Ten livelihood projects 4,500,000.00 Due from Accuracy/
Performance undertaken by partner NGOs in NGOs; Existence
audit 2016 are non-existent. Funds Cash
released to the NGOs cannot be
accounted for.
Five vehicles cannot be 1,758,000.00 PPE Deprecia- Accuracy
presented and remained tion Occurrence
28
Income/Ex
Amount Real
pense Assertions
Sources Issues Involved Account
Account Affected
(in PhP) Affected
Affected
unaccounted expense Existence
Valuation
4. Cash Results of cash examination 10,000,000.00 Cash; Existence
Examination revealed a shortage of Receivable Accuracy
Report ₱10,000,000.00 and not yet Valuation
restituted
5. Prior Year’s Property and equipment officially 59,000,000.00 Construction in Accuracy
audit turned over to LGUs were still Progress Existence
adjustments/ reported under Construction in PPE Valuation
Results of Progress account
Financial Audit
6. Recommen- Misstated accounts remained 500,000.00 Inventory ; Accuracy
dation Tracking unadjusted Supplies Valuation
Sheet Expense
200,000.00 PPE;
Depreciation
Expense
Category 2
1. Internal Audit Supply ledger cards were not Undetermined Inventory Supplies Accuracy
Reports regularly updated, and Valuation
preparation and submission of
reports on the issuance of
supplies to the Accounting
Office is delayed by three to six
months.
The procurement plan of the 500,000.00 Inventory Loss/ Accuracy
agency was not reflective of the spoilage Valuation
actual requirements. This
resulted in overstocking of slow
moving supplies, of which
significant amounts were
already expired and/or
damaged.
2. Project 10 projects were already 20,000,000.00 CIP Accuracy
Reports completed but not yet turned- PPE Valuation
over to implementing agency
Two projects were terminated 2,000,000.00 CIP Accuracy
PPE Valuation
16. The activities and information that can be gathered under Category 3 are discussed below.
a) Updating Agency’s Internal Control Framework (AICF) – For evaluation of Internal Control
Structure, the Agency-Level Controls Checklist (ALCC) template as Appendix 2-3 will be used.
(Culled from the Internal Control Standards for Philippine Public Sector 2017 (ICSPPS) under COA
Resolution No. 2018-007 dated February 1, 2018.
29
b) The preliminary assessment of the Internal Control Framework of the agency is based on the five
components of the internal control:
 Control Environment - These consists of the integrity and ethical values of an agency
established by management. It is the foundation for all other components of internal
control, providing discipline and structure.
 Risk Assessment - These consist of the assessment, identification and analysis of
relevant risks to the achievement of objectives, forming a basis for determining how
the risks should be managed.
 Control Activities – Theses relates to specific work of creating internal control policy
that enforce management’s directives to achieve the agency’s objectives and address
related risks.
 Information & Communication- Refers to the effective use of information systems to
produce reports on operational, financial and compliance-related issues.
 Monitoring – Refers to the observation and evaluation of internal controls. These
activities provide valuable input for management to use when determining whether
the system of internal control continues to be relevant and is able to address new risks
and ensure that the findings of audits and other reviews are promptly resolved
c) After accomplishing the ALCC, the preliminary understanding of the internal control framework
of the agency is summarized below the ALCC. The results of the preliminary evaluation will
identify which areas of internal control activities must be tested. To guide the auditor in
evaluating critical internal control processes, a checklist should be designed for such procedures.
An example of a checklist related to revenue is the handling of cash receipts. (Appendix 2-3A)
d) Test of Internal Control Design Effectiveness and Operating Effectiveness
In selecting controls to test, key controls must be considered. Important or key controls address
the risk of a material misstatement.
Testing internal control design determines whether the control is designed in a way that would
prevent or detect an error or fraud.
In testing internal control design, the auditor should only test those controls that are important
to the auditor’s conclusion about whether the controls of the Agency/Unit/Corporation
sufficiently address the assessed risk of misstatement to each relevant assertion.
There might be more than one control that addresses the assessed risk of misstatement to a
particular relevant assertion; conversely, one control might address the assessed risk of
misstatement to more than one relevant assertion. It is neither necessary to test all controls
related to a relevant assertion nor necessary to test redundant controls, unless redundancy is
itself a control objective.
The auditor should test the design effectiveness of controls by determining whether the
Agency/Unit/Corporation controls, if they are operated as prescribed by persons possessing the
necessary authority and competence to perform the control effectively, satisfy the
30
Agency/Unit/Corporation’s control objectives and can effectively prevent or detect errors or
fraud that could result in material misstatements in the financial statements.
An example of a control being designed well is journal entry recording and approval. If we set up
the rule that one person prepares a journal entry and then someone independent must review
and approve it. Whether the people actually follow that rule, is a different matter but control is
effectively designed.
The auditor should test the operating effectiveness of a control by determining whether the
control is operating as designed and whether the person performing the control possesses the
necessary authority and competence to perform the control effectively.
In the previous example of journal entry recording and approval, although there were two
individuals involved doing preparation, and review and approval, the design may not be
operating effectively, if the one who prepares does not understand what he/she is doing, and
the one who reviews does not have the necessary authority and competence to perform the
control effectively.
e) Two types of controls
i. Preventive Controls are designed to discourage errors or irregularities from occurring.

Examples of preventive controls:
o Segregation of Duties – Duties are segregated among different people to reduce the
risk of error or inappropriate action;
o Approvals, Authorizations, and Verifications– Management authorizes employees to
perform certain activities and to execute certain transactions within limited
parameters;
o Security of Assets (Preventive and Detective) – Access to equipment, inventories,
securities, cash and other assets is restricted; assets are periodically counted and
compared to amounts shown on control records.
ii. Detective Controls are designed to find errors or irregularities after they have occurred.
o Review of Performance – Management compares information about current

performance to budgets, forecasts, prior periods, or other benchmarks to measure the
extent to which goals and objectives are being achieved and to identify unexpected
results or unusual conditions that require follow-up;
o Reconciliations – An employee relates different sets of data to one another, identifies
and investigates differences, and takes corrective action, when necessary;
o Physical Inventories – Annual or Semi-annual;
o Audits – Internal or External
f) Procedures of Test of Control Design:
i. Inquire – ask appropriate people;

ii. Observe – watch them do the operation or do the particular steps;
31
iii. Inspect relevant documents – get a copy of the report, look through the pages or items and
the comments that the reviewer made.
17. ISSAI 1610 provides guidance on using the works of Internal Auditors, when the external auditors, in
this case, COA Auditors have determined that the internal audit function is likely to be relevant to the
audit, and in assessing the objectivity of the internal auditor.
18. Where the internal audit function is established by legislation or regulation, there is a strong
indication that the function may be presumed to be objective if the following criteria are met:
a) The internal auditor is accountable to top management and to those charged with governance;
b) The internal auditor reports the audit results both to top management and those charged with
governance;
c) The internal audit unit is located organizationally outside the staff and management function of
the unit under audit;
d) The internal auditor is sufficiently removed from political pressure to conduct audits and report
observations, opinions, and conclusions objectively without fear of political reprisal;
e) The top management permits internal auditors to audit operations for which they have previously
been responsible for to avoid any perceived conflict of interest; and
f) The internal auditor has access to those charged with governance.1
19. Irrespective of the degree of autonomy and objectivity of the internal audit function, such function is
not independent of the entity as required of the external auditor when expressing an opinion on
financial statements. The external auditor has sole responsibility for the audit opinion expressed, and
that responsibility is not reduced by the external auditor’s use of the work of the internal auditors.
a) Testing compliance with the General Accounting Plan (GAP) for national government agencies
The GAP shows the overall accounting system of the agency/unit including the standard source
documents, the flow of transactions and its accumulation in the books of accounts and finally the
conversion into financial information/data presented in the financial reports. The general flow of
transaction as well as the possible source documents, books of accounts and monitoring reports
generally required by affected accounts using the Government Accounting Manual (GAM) as
guide for national government agencies, is illustrated in Appendix 2-4.
The actual flow of transactions of a particular subsystem as well as the existence of the
documents and books of accounts can be established through a walkthrough analysis using
sample transactions pertaining to the subsystem being analyzed. The Auditors are advised to
prepare the GAP indicating only the specific source documents and reports by account applicable
to their respective agencies which should be used in the walkthrough analysis.
To illustrate, the fund transfer process is tested based on the standard documents flow identified
in the GAM using, five journal vouchers for fund transfers of various types. The results show the
need for the Chief Accountant to clarify why certain activities and forms were not used. There is
also a need to establish the officials authorized to approve the fund transfers, among others. The
walkthrough analysis of the fund transfers process is shown below:
1
(Nzechukwu, 2016, p. 546)
32
Illustration 2. Walkthrough Analysis for Source Agency (SA) – Fund Transfer Account
Type of Specific Walkthrough analysis performed
document/ document
JEV 01- JEV 01- JEV 01- JEV 01- JEV 01- Remarks
report examined
2016-01-24 2016-03-67 2016-06-250 2016-08- 2016-10-
359 450
Source Memorandum DV and DV and DV dtd. DV and DV and Three transactions were
Document of Agreement letter MOA dtd. Sept. 9, letter from MOA not covered by MOA,
(MOA), DV, requests Mar. 12, 2016 Senator Aug. 3, two were not reflected
Advice to dtd. Jan. 2016 Tralala 2016 in the SL, while two
Debit Account 23, 2016 dtd. Aug. others were misposted.
(ADA) 25, 2016 Aging schedule was not
Summarizing None none none none none none also prepared. There is
report a need to inquire why
transactions were
Basis of JEV JEV, JEV, JEV, JEV, JEV, authorized and
Recording approved approved approved by approved approved approved despite
by Chief by Fin. Chief by Dept. by Chief insufficient
accountant Officer accountant Head Accountant documentation and
Books of CkDJ, CkDJ dtd. CkDJ dtd. CkDJ dtd. CkDJ dtd. CkDJ dtd. approved by different
Original ADADJ Jan. 21-23, Mar. 31, Sept. 9, Aug. 25, Aug. 31, approving officers.
Entry 2016 2016 2016 2016 2016 There is also a need to
assess compliance with
Subsidiary By nature/IA Due from none none Other Due from existing rules and
Ledger NGOs receivables LGU regulations governing
fund transfer.
Book of General GL dtd. GL dtd. GL dtd. GL dtd. GL dtd.
Final Entry Ledger (GL) Jan. 31, Mar. 31, Sept. 30, Aug. 31, Aug. 31,
2016 2016 2016 2016 2016
Monitoring Aging none none none none none
Reports Schedules,
Unliquidated
Fund
Transfers
b) Financial statements analysis
i. The Auditor shall conduct an analysis using the latest set of financial statements and the
corresponding period of the preceding year's FS balances. The results of the analysis will
provide an initial indication about whether a risk of material misstatement exists. An example
is a variance analysis presented in Appendix 2-5.
ii. A tie-in analysis will show whether the figures presented and disclosed are reliable and
properly presented.
o Figures of accounts in the Statement of Financial Position (SFP) are compared against
those reported in other statements and in the Notes to Financial statements. For instance,
the Cash ending balance of the SFP should agree with the ending balance figure of the
Statement of Cash Flows (SCF) and Notes to FS. Differences indicate mathematical errors
or omissions.
o The amount reflected in the budget column in the Statement of Comparison of Budget
and Actual Amounts (SCBAA) should match the figures reflected in the various registries
33
maintained by the Budget Division/Unit. On the other hand, the data on Actual Amounts
should match those of the SCF.
o To be able to perform extensive tie-in-analysis of accounts within a specific financial

statements, and between and among financial statements, the Auditors should have a
good knowledge of the chart of accounts, account description, contra-accounts, accounts
that shall no longer be appearing in the year end SFP such as Cash-MDS, Regular, and
accounts that are for exclusive use of a particular agency or groups of agencies.
b. Assessing Other Matters for consideration
Understanding Fraud Risks
20. Misstatements in the financial statements can arise from either fraud or error. The distinguishing
factor between fraud and error is whether the underlying action that results in the misstatements of
the financial statements is intentional or unintentional.
21. Although fraud is a broad legal concept, the auditor is concerned with fraud that causes a material
misstatement in the financial statements. Two types of intentional misstatements are relevant to the
auditor; misstatements resulting from fraudulent financial reporting and misstatements resulting from
misappropriation of assets. Although the auditor may suspect or, in rare cases, identify the occurrence
of fraud, the auditor does not make legal determinations of whether fraud has actually occurred.
22. The Auditor, though, should obtain evidence on management processes of addressing fraud risks from
identification to responding and to monitoring compliance with management processes by those
charged with governance.
23. The following are examples of circumstances that may indicate the possibility that the financial
statements may contain a material misstatement resulting from fraud.
a) Discrepancies in the accounting records, including:
i. Transactions that are not recorded in a complete or timely manner or are improperly recorded
as to amount, accounting period, classification or entity policy;
ii. Unsupported or unauthorized balances or transactions;
iii. Last-minute adjustments that significantly affect financial results;
iv. Evidence of employees’ access to systems and records inconsistent with that necessary to
perform their authorized duties;
v. Tips or complaints to the auditor about alleged fraud.
b) Conflicting or missing evidence, including:
i. Missing documents;
ii. Documents that appear to have been altered;
iii. Unavailability of documents other than photocopied or electronically transmitted documents
when documents in original form are expected to exist;
iv. Significant unexplained items or reconciliations;
34
v. Unusual balance sheet changes, or changes in trends or important financial statement ratios
or relationships – for example, receivables growing faster than revenues;
vi. Inconsistent, vague, or implausible responses from management or employees arising from
inquiries or analytical procedures;
vii. Unusual discrepancies between the entity’s records and confirmation replies;
viii. Large number of credit entries and other adjustments made to accounts receivable records.
ix. Unexplained or inadequately explained differences between the accounts receivable sub-
ledger and the control account, or between the customer statements and the accounts
receivable sub-ledger;
x. Missing or non-existent cancelled checks in circumstances where cancelled checks are
ordinarily returned to the entity with the bank statement.
24. The Auditor should be guided with the requirements under ISSAI 1240 in relation to fraud in the audit
of financial statements.
Understanding risks from non-compliance with Laws, Rules and Regulations
25. Non-compliance by the entity with laws and regulations may result in a material misstatement of the
financial statements. Detection of non-compliance, regardless of materiality, may affect other aspects
of the audit including, for example, the auditor’s consideration of the integrity of management or
employees.
26. Transactions which are non-compliant with existing laws and regulations are considered illegal and
irregular and, thus, disallowed in audit as required under existing COA regulations. Notices of
Disallowance issued to entities for non-compliance with laws, rules and regulations are not yet taken
up in the books until a Notice of Finality of Decision has been issued in accordance with Rules and
Regulations on Settlement of Accounts. There is a financial error or misstatement in the event that the
management failed to record disallowances which are final and executory.
27. The Auditor should be guided with the requirements under ISSAI 1250 in their consideration of
compliance with laws and regulations. Furthermore, where there are specific statutory reporting
requirements, it may be necessary for the audit plan to include appropriate tests for compliance with
these provisions of the laws and regulations.
28. As discussed in ISSAI 1250, non-compliance shall be reported in the Auditor’s Report on the Financial
Statements in the following manner:
a) If the auditor concludes that the non-compliance has a material effect on the financial
statements, and has not been adequately reflected in the financial statements, the auditor shall,
in accordance with ISSAI 1705, express a qualified opinion or an adverse opinion on the financial
statements.
b) If the auditor is precluded by management or those charged with governance from obtaining
sufficient appropriate audit evidence to evaluate whether non-compliance that may be material
to the financial statements has or is likely to have occurred, the auditor shall express a qualified
opinion or disclaim an opinion on the financial statements on the basis of a limitation on the
scope of the audit in accordance with ISSAI 1705.
35
c) If the auditor is unable to determine whether non-compliance has occurred because of
limitations imposed by the circumstances rather than by management or those charged with
governance, the auditor shall evaluate the effect on the auditor’s opinion in accordance with
ISSAI 1705.
c. Assessing Related Parties
29. Related Parties pertain to (i) persons or other entities that have control or significant influence,
directly or indirectly through one or more intermediaries, over the reporting entity, (ii) entities over
which the reporting entity has control or significant influence, directly or indirectly through one or
more intermediaries (iii) other entities under common control with the reporting entity through
having common controlling ownership and common key management.
30. Entities that are under common control by a state, (that is, a national, regional or local government)
are not considered as related unless they engage in significant transactions or share resources to a
significant extent with one another. (paragraph 10, ISSAI 1550)
31. The objectives of assessing related parties is to obtain an understanding of related party relationships
and transactions sufficient to be able:
a) To recognize fraud risk factors, if any, arising from related party relationships and transactions
that are relevant to the identification and assessment of the risks of material misstatement due to
fraud; and
b) To conclude, based on the audit evidence obtained, whether the financial statements, insofar as
they are affected by those relationships and transactions:
i. Achieve fair presentation (for fair presentation frameworks); or

ii. Are not misleading (for compliance frameworks)
C. Summarizing the results of preliminary identification of risks
32. In summarizing the information gathered, focus is on conditions which will facilitate identification of
risk of misstatements due to errors or fraud on the financial statements as a whole or to specific
accounts at the assertion level during the risk assessment process.
33. Appendix 2 of ISSAI 1315 lists conditions and events that may indicate risks of material misstatements.
As emphasized below, these are only examples and should not be considered as a complete listing.
Information gathered at this point may relate to some of these conditions/events:
Table 4. Examples of conditions and events that may indicate risks of material misstatements
Conditions and Events that May Indicate Risks of Material Misstatement
The following are examples of conditions that may indicate the existence of risks of material misstatement in the financial
statements. The examples provided cover a broad range of conditions and events; however, not all conditions and events
are relevant to every audit engagement and the list of examples is not necessarily complete.
 Constraints on the availability of capital and credit.
 Changes in the supply chain.
 Expanding into new locations.
 Changes in the entity such as large acquisitions or reorganizations or other unusual events.
36
Conditions and Events that May Indicate Risks of Material Misstatement
 Existence of complex alliances and joint ventures.
 Use of off balance sheet finance, special-purpose entities, and other complex financing arrangements such as build-
operate-transfer, etc.
 Significant transactions with related parties.
 Lack of personnel with appropriate accounting and financial reporting skills.
 Changes in key personnel including departure of key executives.
 Deficiencies in internal control, especially those not addressed by management.
 Incentives for management and employees to engage in fraudulent financial reporting.
 Changes in the IT environment.
 Installation of significant new IT systems related to financial reporting.
 Congressional, investigative bodies or COA inquiries into the entity’s operations or financial results by regulatory or
government bodies.
 Past misstatements, history of errors or a significant amount of adjustments at period end.
 Significant amount of non-routine or non-systematic transactions including intercompany transactions and large
revenue transactions at period end.
 Transactions that are recorded based on management’s intent, for example, debt refinancing, assets to be sold and
classification of marketable securities.
 Application of new accounting pronouncements.
 Accounting measurements that involve complex processes.
 Omission, or obscuring, of significant information in disclosures.
 Pending litigation and contingent liabilities, for example, claims and lawsuits.
34. For ease in analysis, the potential misstatements may be grouped into three categories considering
the following assertions:
Table 5. Assertions in considering misstatements

Category Assertion Condition
Classes of Occurrence all recorded transactions and events actually took place
transactions Completeness all transactions and events that should be recorded have been
and events recorded
Accuracy all transactions and events were recorded without error
Cutoff all transactions and events were recorded within the correct
reporting period
Classification all transactions have been recorded in the proper accounts
Account Existence all account balances exists for assets, liabilities, and equity
balances Rights and the entity holds or controls the rights to assets, and liabilities are
obligations the obligations of the entity
Completeness all reported asset, liability, and equity balances have been fully
reported
Accuracy, valuation assets, liabilities, and equity interests have been included in the
and allocation financial statements at appropriate amounts and any resulting
valuation or allocation adjustments have been appropriately
recorded
Classification assets, liabilities and equity interests have been recorded in the
proper accounts
Presentation Presentation For account balances - assets, liabilities and equity interests are
and Other appropriately aggregated or disaggregated and clearly described,
disclosures and related disclosures are relevant and understandable in the
context of the requirements of the applicable financial reporting
framework
37
Category Assertion Condition
For transactions and events - are appropriately aggregated or
disaggregated and clearly described, and related disclosures are
relevant and understandable in the context of the requirements
of the applicable financial reporting framework
Understandability The information included in the financial statements has been
appropriately presented and is clearly understandable.
Accuracy All information disclosed is in the correct amounts, and which
reflect their proper values
Completeness All transactions that should be disclosed have been disclosed
Rights and Disclosed rights and obligations actually relate to the reporting
obligations entity
Occurrence Disclosed transactions have indeed occurred
35. The results of the preliminary assessment will be summarized to include the financial statements
account affected; inherent risk identified from the information gathered and the type of risk in terms
of assertion. Additional information required to firm up the assessments should also be indicated so
that the necessary documents or appointments for interviews with officials concerned are obtained. A
sample Summary Report on the Preliminary Identification of Risks and other matters is attached as
Appendix 2-6.
36. The Summary Report on the Preliminary Identification of Risks becomes the initial basis for conducting
further risk assessment and updating the overall audit strategy. Materiality considerations will be
discussed as part of the conduct of final risk assessment.
III. Conducting Final Risk Assessment
A. Determining the Materiality thresholds
37. Materiality threshold pertains to the amount of materiality set as benchmark to evaluate the
significance of misstatements or omissions noted during audit.
38. ISSAI 1320 explains that misstatements and omissions are considered to be material if they,
individually or in aggregate, could reasonably be expected to influence the economic decisions of
users of the financial statements. The users are considered as a group of users of financial statements
rather than as individual users.
39. The concept of materiality is applied both in planning and performing the audit, and also in evaluating
the effect of identified misstatement in the financial statements. It is also based on the concept that
items of little importance do not require to be audited since these will not affect the judgment or
action of a reasonable financial statement user. While materiality is primarily based on the auditor’s
professional judgment, such judgment should consider both qualitative and quantitative aspects to
reduce the risk of audit decisions which are either overly liberal or conservative.
40. Items of little importance are considered trivial. Clearly trivial as mentioned in ISSAI 1450, par. A2 does
not mean “not material.” Misstatements that are clearly trivial will be of wholly different (smaller)
order of magnitude, or of a wholly different nature than those that would be determined to be
38
material, and will be misstatements that are clearly inconsequential, whether taken individually or in
the aggregate and whether judged by any criteria of size, nature or circumstances.
41. ISSAI 1320 describes qualitative considerations specific to determining materiality levels in the public
sector: When determining whether a particular class of transactions, account balance, disclosure, or
other assertion which is part of the financial reporting framework, is material by virtue of its nature,
public sector auditors take into account qualitative aspects such as:
a) The context in which the matter appears; for example, if the matter is also subject to compliance
with authorities, legislation or regulations, or if law or regulation prohibits overspending of public
funds, regardless of the amounts involved;
b) The needs of the various stakeholders and how they use the financial statements;
c) The nature of the transactions that are considered sensitive to users of the financial statements;
d) Public expectations and public interest, including emphasis placed on the particular matter by
relevant committees in the legislature, such as a public accounts committee, including the
necessity of certain disclosures;
e) The need for legislative oversight and regulation in a particular area; and
f) The need for openness and transparency; for example, if there are particular disclosure
requirements for frauds or other losses.
42. Quantitative materiality thresholds or the maximum errors are established at three levels:
a) Overall materiality (for the financial statements as a whole) is an amount set to establish whether
or not the financial statements can be regarded as materially misstated. Misstated, individually or
in aggregate, above this threshold is considered significant enough to influence the decision of
users and thus, considered the financial statements materially misstated. This can be changed
during the audit depending on the information received by the Auditor. This is used to determine
the level of performance materiality and specific materiality.
b) Performance materiality is the amount set to reduce to an appropriately low level the probability
that the aggregate of uncorrected and undetected misstatements in the financial statements
exceeds materiality for the financial statements as a whole. Some known advantages of setting
performance materiality include:
i. Providing some assurance that the undetected and uncorrected misstatements will not
accumulate to reach an amount that would cause the financial statements to be materially
misstated;
ii. Serving as a guide to the Auditor to require adjustment in the financial statements,
aggregate errors reaching this amount;
iii. Assessing the risks of material misstatement and determining the nature, testing and
extent of further audit procedures; and
iv. Serving as the assertion testing level/threshold to identify high value items or as sampling
interval when selecting items for testing or calculating sample size. So, the audit has to
cover all items or transactions or accounts above the value set as performance materiality.
c) Specific materiality refers to the amount or amounts set at less than overall materiality for
particular classes of transactions, account balance or disclosures which may reasonably be
expected to influence the economic decisions of users taken on the basis of financial statements.
39
Specific Materiality could relate to sensitive areas such as particular note disclosures (that is,
management remuneration or entity key-specific data), compliance with legislation or certain
terms in a contract, or transactions upon which remunerations are based. It could also relate to
the nature of a potential misstatement such as an illegal act, non-compliance with loan covenants
and statutory/regulatory reporting requirements.
Some of the disclosures that would normally be subject to a Specific Materiality level are:
i. Related party transactions and balances;
ii. Significant management estimates or valuations;
iii. Head of Agency’s remuneration;
iv. Head of Agency’s expense accounts;
v. Significant accounting policies or changes in accounting policies; and
vi. Sensitive income and expense accounts such as management fees and research and
development costs.
43. Calculating materiality is established through these steps:
a) selecting an appropriate benchmark;

b) identifying appropriate financial data for the selected benchmark; and
c) calculating materiality based on established percentages.
Selecting an appropriate benchmark
44. Among the factors that may affect the identification of an appropriate benchmark include the
elements of the financial statements (for example, assets, liabilities, equity, revenue, expenses).
45. ISSAI 1320 (A9) notes that in an audit of public sector entity, the total cost or net cost (expenses less
revenues or expenditures less receipts) may be appropriate benchmarks for program activities. Where
a public sector has custody of public assets, these may be the appropriate benchmark. There are no
hard and fast rules for determining whether an agency is to be considered as asset or expenditure
driven. However, the following may facilitate in identifying where the agency is driven:
a) The agency mandate and even the targeted outputs will determine the appropriate benchmark.
For instance, if outputs are identified in terms of physical assets such as number of buildings,
kilometers of roads among others, then it must be asset driven. If outputs are in terms of number
of workshops, number of trainings, number of services rendered, then it must be expenditure
driven.
b) If the agency’s targets are both in terms of physical assets and expenditures, the auditor may
consider the mandate or major activity of the agency, whether assets acquisition or expenditures.
46. The SA/RSA shall determine which benchmark to use either in terms of total expenditures or total
assets or total revenues. This benchmark shall be consistent yearly unless the agency’s mandate is
changed.
Identifying appropriate financial data for the selected benchmark
40
47. The benchmark figures shall be based on the unaudited financial statements for the current year-end
unless the same is not available. In such case, the audited financial statements figures for the past
year-end is used to be adjusted upon availability of the current year-end unadjusted financial
statements.
48. If the base is asset, the total assets of the latest year-end Statement of Financial Position available is
used.
49. If the base is expenditure or revenue, the reported total expenditure or revenues of the latest year-
end Statement of Financial Performance is used.
Calculating materiality based on established percentages
50. The levels of materiality thresholds are set and applied in the following manner, unless a different
materiality benchmark/computation is required thru the issuance of a materiality circular or
guidelines:
a) The overall materiality shall be set at 1 percent of the total selected benchmark.
b) The performance materiality shall be set at 50 percent of the overall materiality. Testing
threshold for high value items shall be set at 25 percent of performance materiality.
c) The specific materiality shall be set at 0.20 percent for the chosen class of transactions, account
balances or disclosures.
51. The percentage set for overall materiality can be increased up to 2 percent upon the recommendation
of the SA/RSA and approval by the CD/RD. The decision to change the rate shall be based on
assessment that the entity has a strong internal control and has implemented audit recommendations
to address misstatements and ensure reliability of financial statements.
52. The performance materiality and specific materiality can be decreased upon the recommendation of
the SA/RSA and approval by the CD/RD.
53. To illustrate how these levels are computed, the following financial information based on the latest
financial statements are used as sample:
Illustration 3. Sample Financial Information

(Name of Agency)
Account Year ended December 31, 2017 (In billion ₱)
Asset 1.380
Liabilities 0.520
Equity 0.860
Revenue 0.001
Expenses 1.350
54. The materiality level set using the financial information is calculated as:
Illustration 4. Sample Materiality Computation Table

Materiality Computation Template
41
Materiality Computation Template
Agency (Name of Agency)
Objective Improved urban environment through capacity building and construction of
structure
Users of financial statements Agency; Legislative Bodies; Oversight Bodies; COA; Public
Asset or expenditure driven Expenditure driven
Financial data used Statement of Income for 2017
Overall materiality 1% of ₱1.350 billion = ₱13.500 million
Performance materiality 50 % of ₱13.500 million= ₱6.750 million
Specific materiality 0.20% of ₱1.350 million = ₱.0027 million (e.g. sensitive or irregular expenses)
Testing Threshold for HVI 25 % of ₱6.750 million= ₱1.687 million
55. The template for determining materiality level is attached as Appendix 2-7. The same Appendix should
be used in case of changes in the original calculation where the actual results using the final financial
statements are substantially different from the preliminary financial statements used as a basis for
original calculation.
B. Assessing risks and determining risk responses
56. The steps are broken into: (a) performing risk assessment; and (b) determining risk responses.
a. Performing Risk Assessment
57. Risk assessment involves the identification of sources of risk and assessment as to whether
information obtained could result in a material misstatement in the financial statements. Risk of
material misstatement at the assertion level (risk that the financial statements are materially
misstated prior to audit) consists of inherent risks and control risks which were discussed earlier.
(ISSAI 1003)
58. The following are examples of risks that the entity may encounter:
Table 6. Examples of Risks

Inherent risks Control Risks
 Inexperienced or not properly trained accounting  Non-preparation of bank reconciliation
staff  Use of funds for purposes other than the intended
 Officers not aware of their responsibilities purposes or for personal purposes
 Non-preparation of monitoring reports  Unreconciled accounts
 Non-existent bank accounts  Failure to recognize properties transferred to
 Undocumented or not sufficiently documented other agencies or work-in progress already
transactions and/or unliquidated fund transfers completed
 Delay in recording transactions such as liquidation
reports, issuances of supplies and failure to
recognize book reconciling items
59. The Auditors should, however, not limit their evaluation on the risks identified during Preliminary
Assessment as there could be intervening events or circumstances that may need equal attention. This
42
should include material items in the financial statements even if initially, they have no risk as these
should eventually be included in the audit plan.
60. The ISSAI Implementation Handbook – Financial Audit relative to ISSAI 1315 enumerates the steps
involved in a risk assessment as:
a) Inherent risk identification;

b) Inherent risk assessment;
c) Identification of significant risk;
d) Understanding internal control;
e) Evaluating internal control design and implementation of internal controls; and
f) Final risk assessment.
Inherent risk identification
61. There are two major classifications of inherent risk: agency risk and fraud risk. Agency risk results from
significant conditions, events, circumstances, actions that could adversely affect the entity’s ability to
achieve its objectives and exercise its strategies. Fraud risk is related to events or conditions that
indicate an incentive or pressure to commit fraud.
62. For identifying risks, the auditor considers: factors like the nature of the operation, accounting
policies, agency objectives and strategies and financial implications, review of financial performance,
internal controls relevant to the audit—processes and relevant controls to mitigate risks at the agency
and transactional levels and laws and rules applicable for the audited entity.
Inherent risk assessment
63. The Auditor needs to assess the identified risks and determine their importance for the audit of the
financial statements before considering any internal control that might mitigate such risks. Risk
assessment involves consideration of two attributes about inherent risks: (i) the likelihood of a
misstatement occurring as a result of the risk with the probability rated as high, moderate or low.; (ii)
the magnitude (monetary impact) if the risk would occur.
64. The auditor should gather information from the concerned management officials about their risk
assessment process and as to how risks are identified and managed. The Summary Report on the
Preliminary Identification of Risks (Appendix 2-6) may be updated as the need arises or when
additional information is obtained.
65. Significant risks or pervasive risks affecting the financial statements as a whole are segregated. These
risks will be considered in all the financial statements accounts. In the case of inherent risks on
financial statements accounts, these are sorted by financial statement account and summarized to
reflect the final conditions and assertions identified.
Identification of significant risks
66. A significant risk is where the assessed risk of material misstatement is so high that in the auditor’s
judgment, it will require special audit consideration. Significant risks include large non-routine
transactions, matters requiring judgment or management intervention or potential fraud.
43
67. For significant risks, the auditor should: evaluate internal control over these risks, such as control
activities and indirect (pervasive) internal controls; design an audit response to obtain audit evidence
with high reliability including tests of controls and substantive procedures. Substantive analytical
procedures alone are not sufficient and are not considered an appropriate response.
68. For COA audits, significant risks will include unqualified accounting staff; lack of values formations
training, accounting and procurement training of concerned staff; fraudulent project transactions;
non-routine large transactions; and non-compliance with laws and regulations. These risks are
considered in all of the accounts affected, usually all financial statements accounts.
Understanding internal control
69. Since not all control activities are relevant to the audit, an understanding of the controls related to the
risk of misstatement is necessary to ensure that the relevant control is identified. This is initially
undertaken during the preliminary risk identification. (Appendices 2-2 to2-6 for initial assessment)
70. Based on the understanding of control activities and the determination as to whether they are likely
to achieve the control objectives, the auditor reassesses control risk to decide whether to test
controls.
Evaluation of internal control design and implementation of internal controls
71. This means that significant risks are identified as whether they are pervasive or specific; controls are
identified to mitigate them; the functioning of these controls are tested, observed or inspected to
ensure that these are implemented. The testing on controls performed should be documented.
Significant risks are considered pervasive if these are not confined to specific elements, accounts or
items of the financial statements. If so confined, the affected account represents or could represent a
substantial proportion of the financial statements. The level of control risks is assessed as to high,
moderate or low based on the results of tests. (Appendices 2-2 to 2-6 for initial assessment)
Final risk assessment
72. The final step in the risk assessment phase of the audit is to review the results of the risk assessment
procedures performed, and assess the risks of material misstatements at the financial statement level
and the assertion level for classes of transactions and disclosures.
b. Determining Risk Responses
73. Responses to the results of the risk assessment are based on the decision model setting the nature of
audit procedure/s and extent of audit to be performed given the results of a risk assessment and
depending on the level of risk of material misstatement established for specific audit objectives,
accounts and assertions.
74. To summarize, the risk responses to be adopted may be:
44
a) When both inherent and control risks are low, the overall risk of material misstatement (RMM) is
also low. Hence, further testing of controls is performed to firm up the audit conclusion reached
together with a low level of substantive tests.
b) When the inherent risk is low but the control risk is moderate, a low overall RMM is established.
Hence, the extent of tests of controls is moderate with a low level of substantive tests.
c) When inherent risk is low but control risk is high, the RMM is moderate. As such, there is no need
to perform tests of controls as these cannot be relied on anyway. Since inherent risk is low, a
moderate level of substantive tests is required.
d) When inherent risk is moderate and control risk is low, the RMM is low. More tests of controls are
performed to firm up the audit conclusion, with a low level of substantive tests.
e) When both inherent and control risks are moderate, the RMM is also moderate. Hence, the levels
of tests of controls and substantive tests to be performed are also moderate.
f) When inherent risk is moderate and control risk is high, the RMM is high. Hence no reliance is
placed on controls meaning, no tests of controls are necessary. A high level of substantive tests is
however needed.
g) When inherent risk is high and control risk is low, the RMM is moderate. Hence a high reliance is
placed on tests of controls and a moderate level of substantive tests is required.
h) When inherent risk is high and control risk is moderate, RMM is high. No reliance is placed on
control hence no need to test controls but a high level of substantive tests is required.
i) When both inherent and control risks are high, RMM is high. No reliance is placed on control
hence no need to test controls but a high level of substantive tests is required.
Table 7. Risk Decision Table

RMM
IR CR Preliminary Audit Strategy
(IR + CR)
Low Low Low High reliance on controls and a low level of substantive tests.
Moderate Low Moderate reliance on controls and a low level of substantive tests.
High Moderate No reliance on controls and a moderate level of substantive tests.
Moderate Low Low High reliance on controls and a low level of substantive tests.
Moderate Moderate Moderate reliance on controls and a moderate level of substantive tests.
High High No reliance on controls and a high level of substantive tests.
High Low Moderate High reliance on controls and a moderate level of substantive tests.
Moderate High No reliance on controls and a high level of substantive tests.
High High No reliance on controls and a high level of substantive tests.
75. Following the risk decision table, tests of controls are performed when control risks are low to
moderate. No tests of controls are needed when control risk is high because there is no point testing
controls which are absent or cannot be relied upon.
76. The result of the test of controls will determine the nature, extent and timing (net) of the substantive
audit that will be performed.
77. The resulting test of assessed risks will form the foundation for the next audit phase which is to
determine how to respond to the assessed risks through the design of audit procedures. The results of
risk assessment at the assertion level is illustrated in Appendix 2-8. A duly filled out sample of
Appendix 2-8 is attached as Appendix 2-8A for guidance.
45
IV. Preparing the Audit Engagement Plan
78. The fundamental elements in preparing the audit engagement plan are: (a) updating the overall audit
strategy; (b) preparing the audit program; and (c) preparing the engagement planning memorandum.
A. Updating the Overall Audit Strategy
79. The overall audit strategy prepared during the preliminary risk assessment need to be updated to
consider the results of final risk assessments.
80. ISSAI 1450 requires the auditor to revise the overall audit strategy if:(a) the nature of identified
misstatements and the circumstances of their occurrence indicate that other misstatements may exist
that, when aggregated with misstatements accumulated during the audit, could be material; or (b) the
aggregate of misstatements accumulated during the audit approaches materiality determined in
accordance with ISSAI1320.
81. The overall audit strategy for COA purposes should consider the key activities from the Risk
Assessment Process to the Reporting Phase. Moreover, there are audit activities or requirements
which no longer form part of the risk assessment process but must be included in the Strategy. These
pertain to, among others:
a) Special considerations: Related Parties, Litigation and Claims; Segment Reporting and Subsequent
Events with procedures discussed in Section 3, Execution Phase;
b) In the case of nationwide audits, the Strategy should consider how timelines for group planning,
execution and reporting are synchronized; how materiality thresholds are set in a uniform
manner; how audit procedures are to be agreed upon; scheduling of audit inspections;
confirmations from external parties, among others.
B. Preparing the Audit Program
82. An audit program contains the audit procedures to be performed for a specific audit objective for the
financial account and the risks identified by assertion. In addition, the Program contains audit areas
not covered in the risks assessment process such as related parties, claims and litigation, and
subsequent events cut off procedures, among others, which are discussed in the Execution Phase.
83. The audit program saves time and labor; increases efficiency; helps to control the work performed;
helps to maintain uniformity; helps to make one responsible; helps to maintain continuity; and, helps
to present proof.
84. The auditor may use standard audit programs relevant to the risks identified or to the audit areas. An
audit program template is provided as Appendix 2-9.
C. Preparing the Engagement Planning Memorandum
85. The final activity of the Planning Phase is preparing the Engagement Planning Memorandum (EPM).
As a planning tool, EPM sets out the objectives of the audit and spells out how the auditor aims to
achieve these objectives. As a supervision and monitoring tool, it monitors the progress of the audit
and promotes high quality and professional audit work.
46
86. This Memorandum contains the following:
Part 1 – Audit Coverage, Objective and Methodology
a) Audit Scope/coverage- should be clearly described;

b) Audit objectives -should be clearly defined; and
c) Audit methodology- should be clearly determined through the creation of an audit program.
Part 2 - Significant changes in the Overall Audit Strategy
A brief narration of the major activities to be performed supported by the final overall audit strategy
with changes brought about by new conditions, unforeseen events, or audit evidence obtained from
the results of audit procedures which includes the following, among others:
a) Materiality thresholds;
b) The number of staff to conduct the audit;
c) The major timelines: entrance conference, exit conference, securing management representation
letter, audit report issuance;
d) Coordination activities relative to a nationwide audit;
e) Inspections to be conducted; and
f) External confirmations to be performed.
Part 3 – Summary of major accounts and assertions for audit considerations (Appendix 2-8)
a) Accounts and Assertions with high risks of material misstatements and significant risks identified
in the final risk assessment template.
b) Other Material Accounts (OMA)- which refer to financial statement accounts above or equal to the
overall performance materiality but were not considered as significant based on the results of the
Final Risk Assessment
c) Special Considerations: Related Parties, Litigation and Claims, Segment Reporting and Subsequent
Events
Part 4 – Audit Program (Appendix 2-9)
The EPM serves as the “blueprint” of the financial audit after the Planning Phase and contains the
detailed audit procedures to be performed in response to the results of the risk assessment and the
procedures for audit areas which no longer had to pass through a risk process but are required to be
performed. It must be prepared by the Audit Team Leader, reviewed by the SA/RSA and approved by
the CD/RD. Template of EPM (Appendix 2-10) and other related appendices are attached to elaborate
on certain facts as considered necessary.
47
Appendix 2-1. Overall Audit Strategy
(SECTOR) (CLUSTER) - Agency XYZ
OVERALL AUDIT STRATEGY
Audit Team/Address ________________________________________________________________________________________

Prepared by ___________________________________________________________ Date Prepared _____________________
Reviewed by __________________________________________________________ Date Reviewed _____________________
Approved by __________________________________________________________ Date Approved ____________________
A. Introduction
A.1. Background
State the COA Office Order on the creation and composition of the audit team.
B. Audit Scope and Period Covered
Audit Type Scope Period Covered

Financial CY 2017 Financial Statements January to December 2017
Performance National Greening Program January 2015 to December 2017
Compliance Procurement July 2016 to December 2017
C. Significant Milestones
I. Financial Audit
Target Date to Accomplish

WP Person
Phase Activities Expected Output 2017 2018
Ref. Responsible Remarks
M J J A S O N D J F M A
A. PLANNING
1 Conduct initial risk assessment based on available
data and additional documents requested from
management:
a. Initial variance and tie in analysis (latest Summary Report on
available TB of the Current Year) the Preliminary
b. Initial indication of Misstatements Assessment of Risks
c. Updated Internal Control Framework
d. Validation of implementation of prior year's
audit recommendations
2 Establish materiality threshold. Materiality template
48
WP Person
3 Update risk assessment based on the additional
information, data and reports. (Including testing
Results of Risk
of control for significant inherent risk and
Assessment at the
establishing the overall audit risk). Prepare
Assertion Level
summary of risk assessment by account and by
assertion.
4 Identify other audit activities not covered in the
risk assessment (Segment reporting, litigation
Summary of other
and claims, related parties, subsequent event,
audit activities
accounting estimates and analysis of accounts,
etc.)
5 Prepare Audit Engagement Planning
Memorandum including audit program by Approved
account/by assertion/ by special considerations Engagement
(ISSAI 1800) Planning
6 Approve Audit Engagement Planning Memorandum
Memorandum.
7 Issue Specific Audit Instructions to the audit team Specific Audit
for the execution of the audit plan. Instructions
B. EXECUTION
1 Conduct the audit based on the approved Audit Working Papers
Engagement Planning Memorandum (WP) by account
2 Issue AOM, ND, NS, NC, Audit Memorandum, if any AOM, NS, ND, NC,
AM
3 Perform final financial statements variance and WP on Financial
tie-in analysis. Analysis
4 Review financial statements and corresponding
Summary of notes
Notes to FS to ensure compliance to presentation
for review
and disclosure requirements by ISSAIs.
5 Prepare summary of unadjusted misstatements Summary of
unadjusted
misstatement
6 Prepare Summary of Audit Observations and Summary of Audit
Recommendations Observations and
Recommendations
7 Follow-up of the Agency Action Plan Agency Action Plan
8 Prepare the recommendation tracking sheet Recommendation
49
WP Person
indicating the control number and deadline for Tracking Sheet
implementation
9 Conduct exit conference Minutes of exit
conference
C. REPORTING
1 Secure Management Representation Letter which Management
is dated near the date of the audit report Representation
Letter
2 Draft the annual audit report including section on
Draft AAR
the results of internal control review
3 Submit draft report to the supervisor for review
Draft Report
4 Submit draft report to the Director for review
5 Finalize AAR and sign the IAR Final AAR and
signed AAR
6 Transmit the audit report to the management Duly received
Transmittal Letter
7 Wrap-up, organization and archiving of working
Working Papers
papers
D. Quality Control Review
1 Accomplish compliance completion checklist Compliance
supported by audit working papers completion
checklist
2 Send the Auditee Feedback Sheet to Agency for Auditee Feedback
accomplishment Sheet
3 Accomplish the Director’s Evaluation Form Director’s
Evaluation Form
4 Rate Management Performance Financial
Management
Performance Rating
Note: Highlight the date the activities are to be implemented.
50
II. Performance Audit

Person
Activities WP Ref. Expected Output 2017 2018 Remarks
Responsible
A. PLANNING
1 For specific activities, refer to Performance Audit Manual
2
B. EXECUTION
1
2
C. REPORTING
1
2
D. QUALITY CONTROL REVIEW
1
2
III. Compliance Audit

Person
Activities WP Ref. Expected Output 2017 2018 Remarks
Responsible
A. PLANNING
1 For specific activities, refer to Compliance Audit Manual
2
B. EXECUTION
1
2
C. REPORTING
1
2
D. QUALITY CONTROL REVIEW
1
2
51
Appendix 2-2. Understanding the Agency (Common Planning Activity)
UNDERSTANDING THE AGENCY
AGENCY PROFILE
A. MANDATE
State the relevant law, rule or regulation mandating the purpose of the establishment of the
agency.
B. OPERATIONS
The Agency’s main activities and critical processes.
C. STRUCTURE
Describe the Agency’s organizational structure and its relation to other key government
agencies. (Attach the Agency’s organizational structure, as necessary)
D. OBJECTIVES AND STRATEGIES
State the objectives and strategies of the Agency. Evaluate if these objectives and strategies
are aligned with the mandate of the Agency.
E. KEY STAKEHOLDERS
List stakeholders, or unified stakeholder groups, whose expectations or actions (or

inactions) can significantly influence management or affect the agency objectives
F. KEY ENVIRONMENTAL FACTORS
Briefly describe the environment of the agency and how the operations of the Agency are
affected/influenced by environmental factors.(e.g., Political Environment, Social
Environment, Legal and Regulatory Environment, Technological Environment)
PROGRAMS/ PROJECTS/ ACTIVITIES
Briefly describe the Agency’s major/significant programs/projects/activities for the year

using the Financial Accountability LogFrame attached as Appendix 2-2A.
52
KEY PERFORMANCE INDICATORS
The key results identified and monitored by management that must be achieved to conclude
that a strategy has been implemented successfully.
ACCOUNTING POLICIES
Brief description of key accounting policies applied, including financial reporting

standards/financial reporting framework (e.g. PPSAS, PFRS)
RESULTS OF PREVIOUS AUDIT
1) Significant audit findings from financial, compliance, and performance audits

2) Audit opinion/s rendered on the agency for the last three years and the reason for
qualifications, if any
3) Financial management rating of the auditor on the auditee
RECENT DEVELOPMENT/NEWS
RECENT IMPACT ON THE AGENCY

DEVELOPMENT/NEWS
 Source (e.g.  Subject to Congressional inquiry
Inquirer/date)  Subject to Ombudsman case
 Court/COA/CSC
Decisions

UTA Summary
UTA Reference Risk Assessment Impact on the Agency
Auditor’s notes on any component that may be significant to the conduct of :

 Financial Audit
 Performance Audit
 Compliance Audit
53
Appendix 2-2A. Financial Accountability LogFrame
Particulars 1 2 3
Accountable Planning, Monitoring and Knowledge Policy Development and Coordination Partnership Development Division
Operational Units Management Division Division
Program Monitoring and Evaluation Reports AFC Consultations for policy development Volunteer management, capacity
prepared through research studies development and social mobilization
Outputs expected  No. of M&E Reports 324  No. of policy agenda 17  No. of projects showcased 2
(efficiency targets)  No. of M&E Reports 6300  No. of consultations/workshops 833  No. of stakeholder 12
disseminated facilitated collaborations supported
 No. of M&E system 1  No. of consultations supported 1716  No. of partnership 6
maintained agreements facilitated
 No. of evaluative study 3  No. of policy briefs/reviews 12
conducted
 No. of website updated 1  No. of local issues resolved 147
 No. of website visits 20000  No. of plans/profiles 14
 No. of knowledge products 30244
disseminated (publications and
 No. of database system 3
developed/updated
Budget by object Consultancy services - 8,350,000 Inter-Agency Fund Transfer Accounts Traveling Expenses – Local - 8,617,000
of expenditures traveling expenses - 5,469,000 Traveling Expenses – Local - 4,661,000 Training Expenses - 3,946,000
Donations - 3,712,000 Consultancy Services - 8,000,000 Awards/Rewards Expenses - 1,560,000
Other MOOE - 5,518,000 Representation Expenses - 7,071,000 Other Professional Services - 10,083,000
Printing and Publication - 1,369,000 Donations - 13,281,000 Representation Expenses - 5,904,000
Traveling Expenses – Foreign - 1,694,000 Other MOOE - 1,443,000
Other MOOE - 5,518,000
Budget PS 6,005,000.00 8,115,000.00 8,083,000.00
allocated MOOE 29,833,000.00 41,052,000.00 41,265,000.00
Total 35,838,000.00 49,167,000.00 49,348,000.00
54
Appendix 2-3. Agency-Level Controls Checklist
AGENCY-LEVEL CONTROLS CHECKLIST
Agency : DEPARTMENT OF SOCIAL WELFARE AND DEVELOPMENT

Audit Period : January 1 to December 31, 2017
Internal Control Component Yes No NA Remarks
I. Control Environment
1. Management demonstrates personal and professional integrity and ethical values.
1.1 Management should establish and communicate the integrity and ethical values of the agency.
a) Management’s actions influence others to behave and
respond in ways that are deemed valuable and appropriate to
their agency’s outcomes.
b) Management promotes the primacy of public interest in the
performance of duties.
c) Management promotes the primacy of public interest in the
performance of duties.
d) Management develops, regularly reviews, and updates manual
that addresses expectations regarding agency’s practices and
ethical behaviors; disciplinary policies and procedures; and
methods of reporting fraud, other misconduct, etc.
e) Management’s commitment to integrity and ethical
behavior is communicated effectively throughout the
agency, both in words and deeds.
This may be achieved through oral communications
in meetings, via one-on-one discussions, and by example in day-
to-day activities.
f) Management and staff are familiar with the importance of high
ethics and controls.
g) Existing and new employees are provided with the code of
ethics/conduct.
h) There are appropriate policies regarding agency’s practices,
conflicts of interest, and code of conduct that are established
and communicated.
i) The agency conducts value development programs for its
officials and employees in order to strengthen their commitment
to the public.
j) The following subjects, among others, are included in the
agency’s programs and other parallel efforts on value
development:
 Ethical and moral values;
 Rights, duties, and responsibilities of public servants; and
 Socio-economic conditions prevailing in the country.
1.2 Management and staff should exhibit a supportive attitude toward internal control at all times throughout the agency.
a) The head of agency or the governing body shows
concern for integrity and ethical values.
b) The agency adopts innovative programs and continually
conducts experimentation/ research on measures to motivate
officials and employees in raising the level of observance of
55
public ethical standards.
c) There is a mechanism in place to regularly educate and
communicate to management and employees the importance
of internal controls, and to raise their level of understanding of
controls.
1.3 Every officer and employee in the agency should maintain and demonstrate personal and professional integrity and ethical
values, and has to comply with the applicable code of conduct at all times.
a) Management acts to remove or reduce incentives,
opportunities, or temptations that may prompt personnel to
engage in dishonest, illegal, or unethical acts.
b) Coverage of ethical dilemmas, ethical failures, and ethical
successes are included in the agency’s newsletter,
bulletin, or other printed forms.
c) All employees are aware that all forms of fraudulent acts
against the agency will result in administrative and criminal
investigations.
d) The agency conducts continuing refresher courses, seminars,
and/or workshops to promote high standards of ethics in the
public service.
e) There is a committee or officer designated to conduct
investigation over disciplinary matters.
f) The agency promulgates rules and regulations governing
expeditious, fair, and equitable adjudgment of employees’
complaints or grievances in accordance with the policies
enunciated by the Civil Service Commission (CSC).
g) The head of agency or the governing body ensures that
the policy on fiscal responsibility is faithfully adhered to in
all the financial affairs, transactions, and operations of the
agency.
2. Management sets the “tone at the top.”
2.1 The “tone at the top” should reflect management’s commitment, involvement, and support toward internal controls in the
agency.
a) Management creates an internal audit service as part of the
internal control system.
b) Management provides sufficient resources to carry out
internal controls.
c) Management leads by example with respect to good
governance, risk management, and internal controls.
d) Management sets a good example through its own actions
and its conduct, reflecting what is proper rather what is
acceptable or convenient.
e) Values of the agency and creation of roles and responsibilities
with respect to good governance, risk management, and
internal controls are communicated from the top as key values of
the agency.
f) Management commits to provide appropriate attention to
internal controls, including the effects of information systems
processing.
g) The head of agency or the governing body gives
adequate consideration to understanding management’s
processes for monitoring risks affecting the
agency.
h) The head of agency or the governing body
represents an informed, vigilant, and effective overseer of
56
the financial reporting process and the agency’s internal control,
including information systems processing and related
computer controls.
i) The agency implements the government-wide Quality
Management Program.
j) Management shows a positive and supportive attitude toward
the functions of accounting, information management systems,
personnel operations, monitoring, and internal and external
audits and evaluations.
2.2 The code of conduct, counselling, and performance appraisals should support the internal control objectives and, in
particular, the objective of “ethical operations.”
a) The head of agency ensures that officials and employees
attend value development programs and participate in parallel
value development efforts.
b) The head of agency or the governing body ensures adherence
to the principle that public office is a public trust.
c) A code of conduct/ethics can support and enable the
desired types of employee behavior and point out the
consequences of violating the principles of the code.
d) Management continually reinforces its principles in word
and deed, with training programs, model behavior, and by
taking appropriate actions in response to violations.
e) The agency establishes performance evaluation system.
2.3 Agency’s policies, procedures, and practices should promote orderly, ethical, economical, efficient, and effective conduct of
operations.
a) There are control features interwoven into, and making an
integral part of each system in the agency that management can
use to regulate and guide its operations.
b) The agency adopts and implements control policies and
measures on the following:
 delegation of authority and supervision;
 segregation of functions for processing, reviewing,
recording, custody, and approval;
 access to resources and records;
 completeness and integrity of transaction documents and
reports;
 verification of transactions; and
 reconciliation of records and data.
c) The agency takes appropriate measures to promote
transparency and accountability in the management of public
finances.
d) The design and implementation of an agency’s quality
management system are influenced by the following:
 organizational environment;
 changes in that environment and the risks associated
with that environment;
 varying needs;
 particular objectives;
 services it provide;
 processes it employ; and
 size and organizational structure.
e) Management’s development of accounting estimates tends
to be conservative and is consistent with objective and fair
57
reporting.
f) Manuals of procedures are in use.
g) The agency has written policies on, but not limited to, the
following:
 delegation or assumption of duties when an employee
is absent;
 annual vacations for all staff;
 obtaining background or reference for new staff;
 training programs for employees; and
 rotation of employees.
h) The agency requires designated official/s to regularly
monitor or review compliance with the requirements of loan
contracts, trust agreements, and similar contracts.
i) The agency complies with the policies, standards, and
guidelines promulgated by the CSC to promote
economical, efficient, and effective personnel administration in
the government.
2.4 Personnel should be reminded periodically of their obligations under an operative code of conduct issued by the
management.
a) All employees are provided with updated code of
ethics/conducts, at least yearly, and receive periodic
training on the application of the code.
b) All personnel are aware that the agency’s control environment
is within the framework of public service accountability, where
government, its partners, and agents assume fiduciary
responsibilities toward the public they serve.
2.5 Overall performance appraisals should be based on an assessment of many critical factors, including the employees’ role in
effecting internal control.
a) Management sets realisti c (i.e., not unduly aggressive)
financial targets and expectations for operating personnel.
b) The agency’s operating units are able to achieve the
expected results and contribute to the achievement of
its sectoral or societal goals.
c) The agency establishes its Performance Evaluation System
(PES) or other applicable tools based on an objectively
measured output and the performance of personnel and
units, such as the Performance Management System-Office
Performance Evaluation System developed by the CSC.
d) The head of agency or the governing body has
evaluated on a continuing basis the quantitative and
qualitative measures of its performance as reflected in the
units of work measurement and other indicators of
agency performance, including the standard and actual costs per
unit of work.
3. Management establishes an appropriate government organizational structure.
3.1 The organizational structure should clearly define key areas of authority and responsibility, and establish appropriate lines of
reporting.
a) The organizational structure is appropriately centralized or
decentralized given the nature of its operations, and
management has clearly articulated the considerations and
factors taken into account in balancing the degree of
centralization versus decentralization.
b) Key areas of authority and responsibility are defined
and communicated throughout the agency.
58
c) Reporting relationships have been established and have
effectively provided officers or personnel concerned with
the information they need to carry out their
responsibilities and perform their jobs.
d) Management periodically evaluates the organizational
structure and makes changes, as necessary, in response
to changing conditions.
e) Job descriptions and performance evaluations contain specific
references to internal control-related duties, responsibilities,
and accountability.
3.2 Management should develop and communicate policies to employees to ensure that they understand or are aware of the
following:
3.2.1 their duties and responsibilities;
3.2.2 how their individual actions interrelate and contribute to the agency’s objectives;
3.2.3 the authority they are delegated; and
3.2.4 how and for what they will be held accountable.
a) Authority and responsibility are clearly defined throughout
the agency and are clearly communicated to all employees.
b) There are written job descriptions, reference manuals, or other
forms of communication to inform personnel of their duties.
c) Job descriptions clearly indicate the degree of authority
and accountability delegated to each position and the
responsibilities assigned.
d) There are adequate policies and procedures for authorization
and approval of transactions at the appropriate level.
e) The head of agency or the governing body:
 promulgates administrative issuances necessary for the
efficient administration of the offices under them and for
the proper execution of the laws relative thereto;
 exercises disciplinary powers over officers and employees
under them in accordance with law;
 appoints all officers and employees of
the agency (except those whose appointments
are vested in the President or in some other appointing
authority); and
 delegates authority to officers and employees in accordance
with EO No. 292 or the law creating the agency.
f) The authority and responsibility for the agency’s operations, as
may be necessary to implement the plans and programs, are
adequately delegated by the head of agency or the governing
body to the bureau and regional directors, or their equivalent.
 the delegation is in writing;
 it has indicated to which officer or class of officers or
employees the delegation is made; and
 it has vested sufficient authority to enable the delegatee to
discharge his assigned responsibility.
g) Assignment of responsibilities is clear, including
responsibilities for information system processing and
program development.
h) There is an appropriate structure for assigning ownership of
data, including who is authorized to initiate and/or
change transactions. Ownership is assigned for
each application and database within the IT
infrastructure.
59
i) There is an appropriate segregation of
incompatible activities (i.e., separation of accounting for, and
access to assets).
3.3 Management should develop and maintain documentation of its internal control system to facilitate the establishment and
communication of the who, what, where, and why of internal control execution.
a) Job descriptions and performance evaluations contain specific
references to internal control-related duties, responsibilities,
and accountability.
b) Levels of authority and responsibility are
documented by way of written policy and, more generally,
through the agency’s organizational chart.
c) Employee job descriptions clearly document the authority level
of each employee.
4. Management exhibits commitment to competence.
4.1 Management should establish policies and procedures in hiring staff with the necessary skills and knowledge.
a) Existing policies and procedures have resulted in recruiting
and developing competent and trustworthy people, necessary to
support an effective internal control structure.
b) The agency establishes, administers, and maintains
qualification standards.
c) The establishment, administration, and maintenance of
qualification standards are with the assistance and approval of
the CSC.
d) The degree of qualifications of an officer or employee is
determined based on the qualification standards of a particular
position.
e) The qualification standards express the minimum
requirements for a position in terms of education, training and
experience, civil service eligibility, physical fitness, and other
qualities required for successful performance.
4.2 Management should establish policies and procedures that current staff receives adequate ongoing training, mentoring, and
supervision.
a) Personnel have sufficient competence and training
necessary for their assigned level of responsibility or the nature
and complexity of the agency’s mandate.
4.3 Management should establish policies and procedures in determining the level of knowledge and skill needed to help ensure
orderly, ethical, economical, efficient and effective performance, as well as a good understanding of individual
responsibilities with respect to internal control.
a) Job performance is periodically evaluated and reviewed with
each employee.
4.4 Management should have defined succession and contingency plans for key roles in the agency so it can continue to achieve
its objectives, whether there are sudden personnel changes or just the need for training personnel for the long-term
replacement of critical positions.
a) Management develops a manual that addresses continuity plan
for succession and contingencies.
b) Management establishes criteria for employee retention and
considers the effect to operations if a large number of employees
are expected to leave or retire in a given period.
c) Management develops contingency plans to ensure that
candidates for succession are trained for assuming the
target role so that internal controls will not lapse.
5. Management establishes human resource policies and practices.
5.1 Management should establish human resource policies and practices, incorporating the methods by which people are hired,
60
trained, evaluated, compensated, and promoted.
a) Policies and procedures are clear and these are issued,
updated, and revised on a timely basis. They are
effectively communicated to personnel at decentralized
and/or foreign locations.
b) The mission, goals, and objectives of the agency are clearly
communicated to all personnel.
c) Background checks are conducted on candidates for
employment.
5.2 Hiring and staffing decisions should exemplify assurance that individuals recruited have the integrity, proper education, and
experience required to carry out their jobs; and that the necessary formal, on-the-job, and ethics trainings are provided.
a) There are trainings/orientations for new employees, or current
employees when starting a new position, to discuss the nature
and scope of their duties and responsibilities. Such
trainings/ orientations include a discussion of specific internal
controls they are responsible for.
b) Management demonstrates commitment to provide personnel
with sufficient accounting and financial training, to keep
pace with the growth and/or complexity of the agency.
c) Employees receive guidance, review, and on-the-job
training from supervisors to help ensure proper workflow and
processing of transactions and events, reduce
misunderstandings, and discourage wrongful acts.
5.3 Management should enforce transparency in recruitment, performance appraisal, and promotion processes.
a) Openness of the selection processes should be secured, by
publishing both the recruitment rules and vacant positions, to
help realize ethical human resource management.
b) There are screening procedures for job applicants.
c) Management formulates and enforces a system of measuring
and evaluating periodically and objectively the performance of
the agency, and submits the same annually to the required
authority.
d) Management provides appropriate bases for compensation,
promotion, and fair incentives to help ensure integrity and
adherence to ethical values.
II. RISK ASSESSMENT
6. Management identifies and defines objectives and risk tolerance in specific and measurable terms.
6.1 Management defines objectives in specific and measurable terms.
a) Agency objectives are established, communicated, and
monitored.
b) The key elements of the agency’s strategic plan are
communicated throughout the agency.
c) All employees have a basic understanding of the
agency’s overall strategy, strategic plan, and objectives.
6.2 Management considers internal expectations and external requirements when defining objectives.
a) In establishing the internal context, the agency considers an
understanding of the following:
 capabilities of the agency in terms of resources and
knowledge;
 information flows and decision-making processes;
 internal stakeholders;
 objectives and the strategies that are in place to
achieve them;
 perceptions, values, and culture;
61
 policies and processes;
 standards and reference models adopted by the agency;
and
 structures.
6.3 Management considers the risk tolerances in the context of the agency’s applicable laws, regulations, and
standards.
a) Management considers how much risk it is willing to
accept when setting strategic direction and strives to maintain
risk within those levels.
b) Management has a risk assessment
framework in place.
c) The agency’s risk assessment is fully integrated into the
other components of risk management process, which includes
the following:
 communication and consultation;
 establishing the context;
 risk assessment (comprising risk identification, risk
analysis, and risk evaluation);
 risk treatment; and
 monitoring and review.
7. Management identifies, evaluates, and assesses agency’s risks.
7.1 Management identifies all risks that may occur (internal or external factors) at both the agency and activity levels.
a) Management identifies the causes and sources of the risk
(hazard in the context of physical harm), events,
situations, or circumstances which can have a material
impact upon objectives and the nature of that impact.
b) Management identifies the likelihood of the risks
happening and the impact or consequence when these happen.
c) Management reviews the risk assessment and considers
actions to mitigate the significant risks identified.
d) Management considers the presence (or absence) and
the effectiveness of any existing controls in determining
the risk’s consequences and probabilities.
e) In establishing the external context, Management considers
familiarization with the environment in which the agency and the
system operates, including the following:
 cultural, political, legal, regulatory,
financial, economic, and competitive environment
factors whether international, national, regional, or
local;
 key drivers and trends having impact on the objectives of
the agency; and
 perceptions and values of external stakeholders.
f) Internal audit service (or another group within the agency)
performs periodic (at least annual) risk assessment.
7.2 Management adopts appropriate tools for the analysis and assessment of risks.
a) Management develops an adequate mechanism for
identifying operations risks, including those resulting from
the following:
 entering new programs or lines of operation;
 offering new products and services;
 privacy and data protection compliance requirements; and
 other changes in the agency, economic, and regulatory
62
environment.
b) Management performs periodic review to anticipate and
identify routine events or activities that may affect the
agency’s ability to achieve its objectives and address them.
7.3 Management considers the potential risks related to fraud and corruption.
a) Management designs an overall risk response and specific
actions for responding to fraud risks.
b) Management includes fraud risk management programs as part
of the agency’s governance structure.
c) Management assesses fraud risk exposure periodically to
identify specific potential schemes and events that the
agency needs to mitigate.
d) Management establishes prevention mechanisms and
techniques to avoid potential key fraud risk events and, where
feasible, to mitigate possible impacts on the agency.
e) Management establishes detection techniques to uncover fraud
events when preventive measures fail or unmitigated risks are
realized.
f) Management establishes a reporting process to solicit input on
potential fraud, and a coordinated approach to investigation and
corrective action should be used to help ensure potential fraud
is addressed appropriately and timely.
g) There are processes to ensure that accounting department
is aware of significant transactions with related parties, so it
can determine if such transactions are appropriately accounted
for and disclosed.
8. Management determines appropriate response to the identified, evaluated, and assessed agency’s risks.
8.1 Management designs appropriate response to the relevant agency’s risks.
a) The head of agency or governing body oversees and monitors
the risk assessment process and takes action to
address the significant risks identified.
8.2 Management identifies, analyzes, and responds to significant changes that could impact the internal control system.
a) The accounting department has a process for identifying and
addressing changes in PPSAS/PFRS, as well as for approving
changes in accounting principles and policies.
b) There are groups or individuals who are responsible for
anticipating or identifying changes with possible significant effects
on the agency.
c) There are processes in place to inform appropriate levels of
management about changes with possible significant effects on
the agency.
d) Management reports to the head of agency or the governing
body on changes that may have a significant effect on the
agency.
e) There are processes to ensure that the accounting department is
aware of changes in the operating environment, so it can review the
changes and determine what, if any, effect the change may have on
the agency’s accounting practices.
f) There are channels of communication between the
accountingdepartment and/or individual(s) in charge of
monitoring regulatory rules, so the accounting department is
aware of regulatory changes that could affect the agency’s
accounting practices.
g) The head of agency or the governing body reviews
63
and approves significant changes in the agency’s accounting
practices.
h) Management works with the agency’s independent auditors or
other third party experts to determine if it is addressing complex
changes in PPSAS/ PFRS appropriately.
i) Budgets/forecasts are updated during the year to reflect changing
conditions.
III. CONTROL ACTIVITIES
9. Management designs control activities which are appropriate, consistently functioning according to plan throughout the
period, cost-effective, comprehensive, reasonable, and directly related to the control objectives.
9.1 Controls are in the right place and commensurate to the risk involved.
a) Management establishes policies and procedures to address
risks and to achieve the agency’s objectives.
b) Management identifies all relevant objectives and associated
risks for each significant activity, in conjunction with
conducting the risk assessment and analysis function.
c) Management identifies the actions and control activities
needed to address the risks and directs their implementation.
9.2 Controls are complete, practicable, and directly addressing the identified control objectives.
a) Management establishes control activities pertaining to top-level
management review, human resources management,
information systems management, physical asset management,
and performance measurement.
9.3 Controls are complied with by all employees involved and not bypassed in the absence of key personnel.
a) Management establishes policies to ensure that duties are
logically divided or segregated (whether manually or
through appropriate set up of information technology [IT]
applications) among different people to reduce the risk of fraud or
inappropriate actions.
b) The organizational charts and written job descriptions
adequately define the lines of authority, duties, and accountability
of all personnel.
c) The IT organizational chart clearly reflects areas of responsibility
and lines of reporting and communication.
9.4 The cost of implementing the control does not exceed the benefits derived.
a) Management sets clear objectives in terms of budget and
other financial and operating goals. These objectives are
clearly written and communicated throughout the agency, and
are actively monitored.
10. Management develops control activities which include a range of diverse policies and procedures.
10.1 Management develops and undertakes diverse range of policies and procedures needed to address risks in achieving
agency’s objectives.
a) Management develops policies, and procedures including the
following:
 top level reviews and performance;
 authorization and approval procedures;
 segregation of duties;
 control over access to resources and records;
 verifications;
 reconciliations;
 reviews of operations, processes and activities;
 management of human capital;
 establishments of controls for physical assets and
64
vulnerable assets; and
 documentations.
10.2 Management designs control activities at the appropriate level of agency’s organizational structure.
a) There is an appropriate segregation of incompatible activities
(e.g., separation of accounting functions from access to assets;
IT operation functions separate from systems and
programming; anddatabase administration function separate from
applications and systems programming).
b) Management designs its control activities at the agency
level, transaction level, or both, depending on the level of
precision needed to ensure achievement of objectives and
address risks in the operations.
c) Management designs a variety of transaction control activities
for operational processes which include verifications,
reconciliations, authorizations and approvals, physical control
activities, and supervisory control activities.
11. Management develops effective information technology control activities.
11.1 Management designs an effective information system and use of information technology.
a) Management designs appropriate general and application
controls to ensure proper operations of agency’s information
systems.
11.2 Management designs appropriate type of control activities to help ensure complete and accurate information processing.
a) Management creates a plan and establishes a structure that
clearly describes the agency’s security management program
and policies, and the procedures that support it, including
procedures for the secured storage and disposal of sensitive
information.
b) Management designs controls that limit or detect access to
computer resources (data, programs, equipment, and facilities) to
safeguard against loss, unauthorized modification, and
disclosure.
c) Management designs controls that prevent unauthorized
programs or modifications to existing programs.
d) Management designs controls that limit and monitor access to
the powerful programs and sensitive files that control the
computer hardware and secure applications supported by the
system.
e) Management establishes policies, procedures, and
organizational structure to prevent one individual from controlling
all key aspects of computer-related operations, and thereby
conducting unauthorized actions or gaining unauthorized
access to assets or records.
f) Management designs a service continuity plan to ensure that
when unexpected events occur, critical operations continue
without interruption; are promptly resumed; and critical and
sensitive data are protected.
g) Management designs application controls that ensure data
to be considered are authorized, converted to an
automated form, and entered into the application in an accurate,
complete, and timely manner.
h) Management designs application controls that ensure data
65
are properly processed by the computer, and files are updated
correctly.
i) Management designs controls that ensure files and reports
generated by the application reflect transactions or events that
actually occurred; reflect accurately the results of
processing; and the reports are controlled and distributed to the
authorized users.
IV. INFORMATION AND COMMUNICATION

12. Management develops and maintains reliable and relevant financial and non-financial information.
12.1 An array of pertinent, reliable, and relevant information should be identified.
a) Management obtains and identifies internally generated
information, critical to achieving the agency’s objectives,
including information relative to critical success factors.
b) Management obtains and communicates to all, any relevant
external information that may affect the achievement of its
missions, goals, and objectives.
c) Agency is able to prepare accurate and timely financial
reports, including interim reports.
12.2 Information should be captured and communicated in a form/content and timeframe that enable people to carry out their
internal control roles and other responsibilities.
a) Relevant information are identified, captured, and
communicated in a form/content and timeframe that enable
personnel to carry out internal controls and other responsibilities.
b) Management’s objectives in terms of budget and other financial
and operating goals are defined and measurable.
c) Management uses communication methods which may include
policy and procedure manuals, management directives,
memoranda, bulletin board notices, internet and intranet web
pages, videotaped messages, e-mails, and speeches.
d) Management obtains information that is summarized and
presented appropriately, and provides pertinent information while
permitting a closer inspection of details as needed.
e) Management develops a mechanism that ensures information will
be available on a timely basis to allow effective monitoring
of events, activities, and transactions and to allow prompt
reaction.
f) Actual results are measured against agency’s specifcobjectives.
12.3 Transactions and events must be promptly recorded, properly classified, and fully and clearly documented.
a) There is a clearly identifiable audit trail within the agency.
b) There is a sufficient level of coordination between the accounting
and information system processing functions/ departments.
12.4 Information systems deal not only with quantitative and qualitative forms of internally generated data, but also with
information about external events, activities, and conditions necessary for informed decision-making and reporting.
a) The agency’s financial management ensures and monitors
user involvement in the development of programs, including
the design of internal control checks and balances.
b) The agency’s officers and employees concerned receive
both operational and financial information to help them
determine whether they are meeting the strategic and annual
performance plans, and the agency’s goals for
66
accountability of resources.
13. Management communicates information throughout the agency.
13.1 Information can be communicated in a verbal, written, and/or electronic form.
a) There is a process to quickly disseminate critical
information throughout the agency, when necessary.
13.2 Communication occurs in all directions – flowing down, across, and up the agency – throughout all components and the
entire structure.
a) The lines of authority and responsibility
(including lines of reporting) within the agency are clearly
defined and communicated.
b) Policies and procedures are established for, and
communicated to personnel at decentralized locations (including
foreign operations).
c) Communication flows down, across, and up the
agency, throughout all components and the entire structure.
d) Employees believe they have adequate information to
complete their job responsibilities.
e) Employees’ specific duties are clearly communicated to
them, and they understand the relevant aspects of internal
control, how their roles fit into it, and how their work relate to the
work of others.
f) Employees are informed that when the unexpected occurs
in performing their duties, attention must be given not only to
the event but also to the underlying cause, so that potential
internal control weaknesses can be identified
and corrected before these can do further harm to the agency.
g) Acceptable behavior versus unacceptable behavior and
the consequences of improper conduct are clearly
communicated to all employees.
h) Personnel have a means of communicating information
upstream within the agency through someone other than a
direct supervisor, and there is a genuine willingness to listen
on the part of management.
i) Mechanisms exist to allow the easy flow of information
down, across, and up the agency; and easy communications
exist between/among functional activities such as
between procurement activities and production activities.
14. Management communicates information with external parties.
14.1 Management provides adequate means of communicating with, and obtaining information from external parties.
a) The agency provides a citizen’s charter showing procedures
or flow of documents.
b) The chart is posted in conspicuous places in the department,
office, or agency for the information and guidance of all
concerned.
c) All information are classified, summarized, and
disseminated on a regular basis.
d) The agency establishes mechanisms to gather feedback and
suggestions on the efficiency, effectiveness, and economy of
frontline services.
14.2 Management establishes separate reporting line, where it is necessary.
a) Confidential and sensitive information are restricted to those
individuals who need them.
b) Personnel understand that there will be no reprisals for
reporting adverse information, improper conduct, or
67
circumvention of internal control activities.
c) There is a process for employees to communicate
improprieties. The process is well communicated throughout the
agency.
d) The process allows for anonymity of individuals who report
possible improprieties.
e) There are processes for reporting improprieties and actions taken
to address them to senior management, the head of agency, or
the governing body.
14.3 Agency’s method of communication considers the audience to be reached, the nature and availability of the information, the
cost, and the legal or regulatory requirements.
a) Ownership is assigned to a member of management to
help ensure that agency responds appropriately, timely,
and accurately to communications with
customers, vendors, regulators, and other external
parties.
b) The agency institutes mechanisms by which clients may
adequately express their complaints, comments, or
suggestions such as in hotline numbers, short message
service, or information and communication technology.
c) The agency communicates frequently with its constituents or the
public it serves and stakeholders to ensure continual
understanding of their requirements, needs, and expectations.
d) The head of agency or the governing body
establishes measures and standards that will ensure
transparency of, and openness in public transactions; e.g.,
biddings, purchases, other internal transactions, including
contracts, status of projects, and other matters involving
public interest.
e) The head of agency or the governing body establishes
information system that will inform the public of the following:
 policies, rules, and procedures;
 work programs, projects and performance targets;
 performance reports; and
 all other documents classified as public information.
f) The Citizens’ Charter is posted at its office’s main entrance or at
the most conspicuous place, and in the agency’s Seal
of Transparency.
g) The Citizens’ Charter includes the following information:
 Vision and mission of the government office or agency;
 Identification of the frontline services offered and the clientele;
 The step-by-step procedure to obtain a particular service;
 The officer or employee responsible for each step;
 The maximum time to conclude the process;
 Document/s to be presented by the client with a clear
indication of the relevance of said document/s;
 The amount of fees, if necessary;
 The procedure for filing complaints in
relation to requests and applications, including the
names and contact details of the officials/ channels to
approach for redress;
 Allowable period for extension due to unusual circumstances
(i.e., unforeseen events beyond the control of
government office or agency concerned); and
68
 Feedback mechanisms, contact numbers to call, and/or
persons to approach for recommendations,
inquiries, suggestions, as well as complaints.
h) There is a process for tracking communications with
customers, vendors, regulators, and other external parties.
V. MONITORING ACTIVITIES
15. Management establishes and operates activities to monitor the internal control system, and evaluates the results.
15.1 Management establishes a baseline to monitor the internal control system.
a) The agency provides routine feedback and monitoring
of performance and control objectives strategies.
b) The agency has plans for periodic evaluations of control activities
in critical operational and support systems.
c) Procedures are in place to monitor if controls are
overridden and to determine if the override was appropriate.
d) Management reviews control processes to ensure that the
controls are being applied as expected.
e) Issues, information, and feedback concerning internal control
raised at trainings, seminars, planning sessions, and other
meetings are considered and used by management to
address problems or strengthen the internal control
structure.
15.2 Management considers ongoing monitoring activities, separate evaluations, or a combination of both, in the conduct of
assessment.
15.2.1 Ongoing activities
a) The agency establishes an internal audit service.
b) The internal audit function is independent (in terms of
authority and reporting relationships) of the activities it audits.
c) The internal audit unit regularly assesses the effectiveness of
the internal controls.
d) The monitoring of internal control occurs in the course of
the normal, recurring operations of the agency.
e) The scope of activities of internal audit service is appropriate,
given the nature, size, and structure of the agency.
f) The scope of planned activities of internal audit service is
reviewed in advance by the head of agency or the governing body.
g) The methodology used may include self-assessments
using checklists, questionnaires, or other similar devices/tools.
15.2.2 Separate evaluations
a) There has been a recent quality assurance review of the
internal audit function by an external party such as, but not
limited to, the Commission on Audit auditors.
b) The external party conducting the assessment gains sufficient
understanding of the agency’s missions, goals, objectives,
and its operations and activities.
c) The external party gains an understanding of how the
agency’s internal control is supposed to work and how it
actually works.
d) The external party analyzes the results of the evaluation/
assessment against established criteria.
16. Management takes appropriate actions on the findings and recommendations of audit and other reviews.
16.1 Deficiencies noted during ongoing monitoring or through separate evaluations are communicated to those positioned to take
necessary action.
a) Management is responsive to the findings and recommendations
of audits and other reviews aimed at strengthening internal control
69
b) Executives with the proper authority evaluate the findings and
recommendations, and decide upon the appropriate actions
to take to correct or improve control.
c) Policies/procedures are in place to assure that corrective action
is taken, on a timely basis, when control exceptions occur.
16.2 The findings and recommendations of audits and other reviews are adequately and promptly resolved.
a) All reported potential improprieties are reviewed, investigated,
and resolved on a timely manner.
b) Management is kept informed through periodic reports on
the status of audit and reviews resolution so that it can
ensure the quality and timeliness of individual resolution
decisions.
Note: Please provide documents for all “Yes” answers.
ALCC SUMMARY EVALUATION
AOM REF.
OBSERVATIONS RECOMMENDATIONS
NO./WP
Prepared by:
Date
Reviewed by:
Date
70
Appendix 2-3A. Control Activities -Cash Receipts checklist
CONTROL ACTIVITIES
YES NO REMARKS
CASH RECEIPTS
1) Does the organization structure provide a clear-out
separation of cashiering function from accounting
function?
2) Are the employees of the cashier’s office denied access to
accounting records? Is the collecting officer closely
supervised by a responsible officer of the agency?
3) Are all accountable officers given instructions regarding
their duties and responsibilities?
4) Do accountable officers keep a file of COA and other
circulars pertaining to their work?
5) Are the collecting officer and other employees handling
cash provided with safe?
6) If so, is the duplicate combination of the safe filed with an
authorized official?
7) Is the combination of the safe changed whenever there is
a change of custodian?
8) Is the cashier office amply protected against intrusion by
unauthorized persons?
9) Are all employees handling cash adequately bonded?
10) Are surprise cash counts frequently made by department
examiners?
11) Are official receipts booklets used? If so,
a)Are these pre-numbered?
b)Are the booklets issued in numerical sequence?
c) Is the form of payment indicated in the receipts?
d)Is the numerical sequence of issued officials receipts
and booklets checked by the accounting department?
e)Is a register of forms maintained? If so, is it kept up-
to-date?
f) Are unused booklets physically safeguarded?
12) Are official receipts issued for every receipt of payment?
13) Is it the practice of collecting officer not to accept
postdated checks payment of charges or fees?
14) Are collections deposited intact and as frequently as
required by regulations?
15) Is the person making deposit escorted by armed guards
and provided with transportation facilities?
16) Are items of deposit subsequently dishonored by the
Bank/Treasury promptly adjusted in the collecting officers’
records?
ACCOUNTING UNIT
71
CONTROL ACTIVITIES
YES NO REMARKS
CASH RECEIPTS
17) Are both the totals and details of bank authenticated
duplicate deposit slip matched by the accounting
department against the corresponding official receipts?
18) Are totals of bank-authenticated deposit slips compared
with the debit to respective bank accounts in the book of
original entry?
19) Are all cash funds and cash receipts compared with the
debit to respective bank accounts in the book of original
entry?
20) Are collection and deposits recorded daily in the cash
book?
21) Is the cash book balance compared daily with the cash on
hand?
22) Are collection reports submitted regularly to the accounting
division?
23) Is reconciliation made monthly of the collecting officer’s
book balance and the accounting subsidiary ledger
balance?
Name of Process/System
Results of Walkthrough
Source of the Gap

(Weakness - absence of
ICQ Ref. No. control; Breakdown - no
Description of the Gap Effect
evidence that the control was
applied)
Prepared by:
Date
Reviewed by:
Date
72
Appendix 2-4. General Accounting Plan
Subsidy from
Cash Pre- Intangible
FS Revenues National Expenses Receivables Fund Transfer Investments Inventory PPE Liabilities Equity
Advances payments Assets
Government
Source -OR, Stubs, Tickets, NCA, NTA, Authority, DV Billing MOA, DV, Investment DV, DR, Contacts, DV, DR, DV, DR, DV, DR, Reports and
Document Credit Memo, CDC, NCAA, DV, Statement ADA/ Documents IAR, RSMI MOA, IAR, IIRUP, IAR/Repo IAR, Billing documents
Deposit Slips, Deed RANCA/ liquidation liquidation such as Agency Report on rt of lost/ Statements,
of Donation, Directly Registry of documents/ documents bonds, Procurement Lost/Stolen damaged/ MOA,
deposited, Notice of Report of security Request equipment, destroyed Contracts
Consolidated Report Transfer disbursemen certificates (APR), DV, Police property/
of Daily Collections Allocation t etc. Report on Report/ Approved
(CRDC-from bank), (RANTA) utilization of Authority to authority
List of Deposited expired dispose
Collections, Deposit portion
Slips
Summari- -Report of collections RANCA/ RCI, RDAI Report of cash None RCI, RADAI None RSMI RCI, RADAI RCI, RCI, CkDJ Applicable
zing report and deposits (RCD) RANTA disbursements, RADAI RADAI reports
-Consolidated Report RCI, Report of such as
of Daily Collections ADA Issued RCD, RCI,
(CRDC-from bank) (RADAI) RADAI, etc.
Basis of JEV JEV JEV JEV JEV JEV JEV JEV JEV JEV JEV JEV JEV
Recording
Books of CRJ GJ CkDJ/ CDJ, CkDJ General SA-CkDJ, CkDJ, CkDJ, CkDJ, CkDJ, CkDJ, CkDJ, GJ
Original General Journal/ ADADJ, ADADJ ADADJ, GJ ADADJ, GJ ADADJ, GJ ADADJ, ADADJ, GJ
Entry Journal CRJ IA-CRJ, GJ GJ
Subsidiary By nature of By MDS By By By For SA: By By By By By specific By By specific By nature of
Ledger collections/revenue/r account Accountable nature/recipient debtors nature/IA nature/term nature/sup nature/credit account specific account/cre adjustment
eceipts Officer s For IA: By s/investee/i plies/accou or/debtor (e.g. account ditor
nature/SA nvestor nt Buildings)
Book of General Ledger (GL) GL GL GL GL GL GL GL GL GL GL GL GL
Final Entry
Monitoring FAR No. 5, BS, BRS RANCA, Report on FAR-1, 1a, 2, Aging Aging Fund RPCI, Lapsing LS, Schedules Aging, Schedul
Reports RANTA, BS, Unliquidated 2a, 3, 4, Schedules Schedules, Managers Inventory of schedules RPCPPE, LDDAP es by
BRS Cash BS, BRS Unliquidated Report, semi- (LS) IIRUP nature of
Advances/ Fund Transfers, schedules expendables adjustm
Aging RBUD-for IA ent
schedule
Note: Not all documents are applicable to all agencies.
73
Appendix 2-5. Variance Analysis of Financial Statements
(For illustration purposes, using selected accounts only)
Variance Possible
FS Account 20xy 20xx
Amount % risks
Cash Collecting 20,000,000.00 15,000,000.00 5,000,000.00 33.30

Officers
Cash in Bank 171,500,000.00 198,550,000.00 (27,050,000.00) 13.60 Possible
unadjusted
reconciling
items
PPE 720,000,000.00 600,000,000.00 120,000,000.00 20.00
Due from NGAs 400,000,000.00 380,000,000.00 20,000,000.00 5.30
Due from LGUs 90,000,000.00 85,010,000.00 4,990,000.00 6.00
Due from officers 20,000,000.00 19,800,000.00 200,000.00 1.00
and employees
Office Supplies 5,000,000.00 4,000,000.00 1,000,000,00 25.00 Possible
Inventory unrecorded
issuances
of supplies
Construction in 659,870,000.00 709,000,000.00 (49,130,000.00) 6.90
Progress
Vehicles/Motor 16,877,900.00 17,671,800.00 (793,900.00) 4.50
Vehicles
Loans Receivable- 79,506,420.00 75,453,010.00 4,053,410.00 5.40
Local Government
Units
Due from NGOs/POs 280,000,000.00 100,000,000.00 180,000,000.00 180.00 Additional
fund
transfers
with
unrecorded
liquidations
Subsidy Income 1,977,775,640.00 1,889,415,640.00 88,360,000.00 4.70
from National
Government
Travel expenses 98,566,489.00 85,422,489.00 13,144,000.00 15.40
Salaries and Wages 759,875,555.00 744,230,555.00 15,645,000.00 2.10
Consultancy 6,500,000.00 7,000,000.00 500,000.00 7.10
Services
74
Appendix 2-6. Summary Report on the Preliminary Identification of Risks
WP Conditions Amount Account Assertion
Information Source Possible risks
ref noted involved affected affected
1. Audit reports
a. Performance audit report
b. Cash examinations reports
c. Evaluation/ Investigation Reports on Emerging Issues/ Fraud Audit Reports
d. Property Audit
e. Personnel Audit
f. NSs/NDs/NCs
g. Unadjusted prior audit reflected in PY Financial Audit Reports
h. BRS
2. Internal Audit Office Reports
3. Recommendation Tracking Sheet
4. Internal control framework
a. Updated ICF
5. Financial Statement Analysis (Initial Analysis)
a. Variance Analysis
b. Tie-in Analysis
6. Internal Control Policies, Procedures and Practices (ICPPP or General
Accounting Plan (GAP)
7. Results of Fraud Risk Analysis
8. Results of evaluation of risks from non-compliance with laws, rules and
regulations
9. Results of assessment of related party transactions
Note: The Team should be guided by Illustrations 1 and 2 and Appendices 2-2 to 2-4 and relevant discussion in the Manual.
75
Appendix 2-7. Template on Determining Materiality Level
Agency:(Name of Agency)
Period Covered: CY 2017 ending December 31, 2017
Objective: To set overall materiality for the purpose of planning the engagement
Users of Financial Statements

Users Focus/Concerns
Public in General
Legislative Use of funds for the purpose intended; benefits delivered from the
Oversight Bodies project; compliance with rules and regulations;
COA
Qualitative Considerations
Public expectations and interest
Compliance with laws and regulations
Needs of legislative, executive and oversight bodies
Need for transparency
Financial Information (in million pesos)
Planning Date Latest Financial Data (In billion ₱)

Assets 1.380
Liabilities 0.520
Equity 0.860
Revenues 0.001
Expenses 1.350
Previous Materiality 0.011
Quantitative Materiality
Percentage (%)
Possible
Type of Entity Determined Materiality
Benchmark Prescribed Applied
Level (In million ₱)
Expenditure Assets
driven Liabilities
Equity
Revenue
Expenses 1 1 13.500
Considering the existing condition and professional judgment, the overall materiality for planning is set
at ₱13.500 million. There is no felt need to increase the percentage prescribed by the Commission
considering that some of the prior years’ adjustments were not effected and a number of prior years’
76
recommendations remained unimplemented.
Given the Overall Materiality Level of₱13.500 million, the performance materiality and specific
materiality are set as follows:
Base Percentage
Determined
Materiality
Types Materiality Level
(In million Prescribed Adopted
(In million ₱)
₱)
Performance Materiality
(Auditors should consider the results of

risk assessment, misstatements
13.500 50 50 6.750
identified in prior years, and relevant
qualitative factor in deciding to use
percentage lower than the prescribed
levels)
 Testing Threshold
6.750 25 25 1.687
(Auditors to determine high value
items to be included in the audit)
Specific Materiality
For
(Identify the classes of transactions,
Expenses of .20 .20 0.0027
account balance determined to be
1.350
subjected to specific materiality
considering the results of risk analysis.)
Name Position Date

Prepared by ATL
Reviewed by SA/RSA
Approved by CD/RD
77
Appendix 2-8. Results of Risk Assessment at the Assertion Level
STEP 1 STEP 2 STEP 3 STEP 4 STEP 5 STEP 6
Trial Balance, Inherent Risk of Material Risk Response
Inherent Risks Control Risks Overall
12/31/2016 Misstatement
Control Risk of
Control Control Reliance Type of
to Material
Final Conditions Level of Mitigate Design functioning Level of on Level of Substantive Test
Mis-
Acct Unaudited WP relative to Assertions Like- Overall Inherent adequate? ? Control statement controls Subs- Needed
Impact
Title Balance ref inherent risk Affected lihood Inherent Risk Based Risk (CR) (RMM = tantive
WP WP Analytical Test of
(in PHP) susceptibility Risk (IR) (Y/N) on (L/M/H) IR+CR) Test
Ref Ref Review Details
Test?
78
Appendix 2-8A. Illustration on Results of Risk Assessment at the Assertion Level
STEP 1 STEP 2 STEP 3 STEP 4 STEP 5 STEP 6

Overall
Risk of Relian
Material ce on
Trial Balance, Inherent Risk of Risk Response
Inherent Risks Control Risks Misstate- contro
12/31/2016 Material Misstatement
ment ls
(RMM=IR+
CR)
Level of Control Design Level of Type of Substantive
Final Conditions relative to Asser- Control functioning? Level of
Account Likeli- Overall Control to Mitigate adequate? Control Test Needed
Unaudited inherent risk tions Impact Substan-
Title hood Inherent Inherent Risk WP WP Risk (CR)
Balance (in P) susceptibility Affected Y/N Based on Test (L/M/H) tive Test Test of Analytical
Risk (IR) Ref Ref Details Review
Buildings 124,500,000.00 Variance analysis revealed Classifi- High High High GL and SL 1 Yes 2 GL and SL High High No High No Yes
and Other no changes during the cation reconciled. reconciled Relian
Structures year, but status report on With ce
completed construction in Accuracy Completed CIP quarterly CIP
progress showed two reported quarterly report
completed building and Building and
other structures Building and Other Other
amounting to Structures SL and Structures SL
P22,602,412. CIP SL reconciled and CIP SL
quarterly not
reconciled
Prompt recording Building and
of Certificate of Other
100% Completion Structures SL
and Certificate of and CIP SL
Acceptance not
reconciled
With
Unrecorded
Certificate of
100%
Completion
and
Certificate of
Acceptance
Performance Materiality: P18,000,000.00
79
W/P 1: Based on the results of assessment using Appendix 2-3 of FAM
- Results of evaluation of critical processes (e.g. Accounting Process on CIP)
W/P 2: Summary/Auditor’s Note
- GL and SL reconciled
- With quarterly reports, but Building and Other Structures SL and CIP SL not reconciled
- Unrecorded Certificate of 100% Completion and Certificate of Acceptance
80
Appendix 2-9. Audit Program
Account :
Risk Statement :
Assertions/Criteria :
Audit Objective :
WP
Audit Procedures Staff Responsible Mandays
Ref.
Prepared by: (ATL) Date:
Reviewed by: (SA/RSA) Date:
81
Appendix 2-10. Engagement Planning Memorandum
Engagement Planning Memorandum

For _________________________________
Audit coverage ________________________
Date
Prepared by:
Reviewed by:
Approved by:
Part 1 – Audit Coverage, Objective and Methodology
Part 2 – Significant changes in the Overall Audit Strategy
Part 3 – Summary of major accounts and assertions for audit considerations
Part 4 – Audit Program
82
Section 3
Audit Execution Phase
1. During this Phase, the audit activities contained in the approved EPM and the Audit Programs are
pursued to ensure that audit procedures are performed as planned and on time. The steps to be
taken follow:
I. Execute Audit Tests

A. Determining the nature, timing and extent of audit procedures
B. Performing audit procedures
C. Audit documentation and evidence gathering
D. Addressing risk areas that need specific considerations
E. Summarizing proposed audit adjustments and evaluating effects in the audit opinion
II. Summarize Audit Observation and Recommendation and Communicate with Those Charged
with Governance
A. Areas for consideration in summarizing audit observations
B. Elements of audit observation
C. Performing review of overall audit work
D. Tracking status of prior years’ recommendation
E. Conduct Exit Conference
I. Execute Audit Tests
A. Determining the nature, timing and extent of audit procedures
2. The nature, timing and extent of the audit procedures should be based on and be responsive to the
assessed risks of material misstatement at the assertion level.
3. The nature of an audit procedure refers to the purpose of the audit (test of controls or substantive
procedure) and the type of audit procedure (inspection, observation, inquiry, confirmation,
reperformance recalculation, and analytical procedure) to be performed. By type, the first four
procedures usually pertain to tests of controls and the last three to substantive procedures.
4. Timing of an audit procedure refers to when the audit procedure is performed, or the period or
date to which the audit evidence applies.
a) The auditor may perform audit procedures at an interim date or at period end.
b) The higher the risk of material misstatement, the more likely it is that the auditor may decide it
is more effective to perform substantive procedures nearer to, or at, the period end rather than
at an earlier date, or to perform audit procedures unannounced or at unpredictable times.
c) This is particularly relevant when considering the response to the risks of fraud. It may be better
to perform audit procedures before the period end so the auditor can identify significant
83
matters at an early stage of the audit, and consequently resolve them with the assistance of
management or by developing an effective audit approach to address such matters.
d) Certain audit procedures can be performed only at or after period end, for example:
i. Reconciling the financial statements with the accounting records;
ii. Examining adjustments made during the course of preparing the financial statements; and
iii. Performing procedures to respond to a risk that, at period end, the entity may have entered
into improper contracts or transactions that may not have been finalized.
5. Extent of an audit procedure refers to the quantity to be performed, such as, a sample size or the
number of observations of a control activity.
a) The extent of necessary audit procedures is determined after considering the materiality, the
assessed risk, and the degree of assurance the auditor plans to obtain.
b) In general, the extent of audit procedures increases as the risk of material misstatement
increases. To cite an example, in response to the assessed risk of material misstatement due to
fraud, increasing sample sizes or performing substantive analytical procedures at a more
detailed level may be appropriate.
c) However, increasing the extent of an audit procedure is effective only if the audit procedure
itself is relevant to the specific risk.
d) The use of computer-assisted audit techniques (CAATs) may enable more extensive testing of
electronic transactions and account files, which may be useful when the auditor decides to
modify the extent of testing, say, in responding to the risks of material misstatement due to
fraud. Such techniques can be used to select sample transactions from key electronic files, to
sort transactions with specific characteristics, or to test an entire population instead of a
sample.
B. Performing audit procedures
6. The following steps should be undertaken:
1) Determining the extent of tests to be performed;

2) Selecting the sample items;
3) Performing the planned procedures in the selected items; and
4) Evaluating the sample results and establishing conclusion.
Determining the extent of tests to be performed
7. Establishing extent of tests to be performed – non-sampling or sampling; in case of sampling, apply

either statistical or non-statistical sampling.
84
a) Non-sampling is applied when all the items in an audit population are to be audited. To
illustrate:
i. Audit objective: to determine the causes for material changes in financial statement account
balances as of end of the year under audit compared with the past year balances.
ii. Items covered: all financial statement accounts.
b) Audit sampling, as defined by ISSAI 1530, is the application of audit procedures to less than 100
percent of items within a population of audit relevance providing a reasonable basis on which
to draw conclusions about the entire population. When designing an audit sample, the
auditor’s consideration includes the specific purpose to be achieved and the combination of
audit procedures that is likely to best achieve that purpose. Consideration of the nature of the
audit evidence sought and possible deviation or misstatement conditions or other
characteristics relating to the audit evidence will assist the auditor in defining what constitutes
a deviation or misstatement and what population to use for sampling. Sampling as an approach
may either statistical sampling or non-statistical sampling.
i. Statistical sampling is an approach with two characteristics: random selection of the sample
items and the use of probability theory to evaluate sample results including measurement of
sampling risks (par. 5(g) of ISSAI1530). Statistical based formulas/tables are used to
determine sample size considering population, confidence level, precision; and expected
rate of error considered acceptable. Statistical sampling is used in the following instances:
 to determine the sample size especially in auditees with very large volume of
homogenous transactions; and
 when the sampling results are likely to be included in the audit report to support an
adjustment or qualification.
c) Statistical sampling following the procedures described in Appendix 1 of ISSAI 1530 provides
that:
 Audit efficiency may be improved if the auditor stratifies a population by dividing it into
discrete sub-populations which have an identifying characteristic. The objective of
stratification is to reduce the variability of items within each stratum and therefore allow
sample size to be reduced without increasing sampling risk.
 When performing tests of details, the population is often stratified by monetary value.
This allows greater audit effort to be directed to the larger value items, as these items
may contain the greatest potential misstatement in terms of overstatement. Similarly, a
population may be stratified according to a particular characteristic that indicates a
higher risk of misstatement, for example, when testing the allowance for doubtful
accounts in the valuation of accounts receivable, balances may be stratified by age.
 The results of audit procedures applied to a sample of items within a stratum can only be
projected to the items that make up that stratum. To draw a conclusion on the entire
population, the auditor will need to consider the risk of material misstatement in relation
85
to whatever other strata make up the entire population. For example, 20 percent of the
items in a population may make up 90 percent of the value of an account balance. The
auditor may decide to examine a sample of these items. The auditor evaluates the results
of this sample and reaches a conclusion on the 90 percent of value separately from the
remaining 10 percent (on which a further sample or other means of gathering audit
evidence will be used, or which may be considered immaterial).
 If a class of transactions or account balance has been divided into strata, the
misstatement is projected for each stratum separately. Projected misstatements for each
stratum are then combined when considering the possible effect of misstatements on the
total class of transactions or account balance.
ii. Non-statistical sampling is an approach where samples are not drawn randomly but rather
judgmentally and where probability is not applied. Samples are selected based on the
auditor’s informed assessment of how many samples will be required to yield a reasonably
reliable result. Samples may be carried out: (a) systematically (every nth item say beginning
with the number 3); (b) unsystematically (pulling files from a cabinet without any selection
criteria); or(c) according to the auditor’s judgment (picking large or unusual items from a
computer report). Non-statistical sampling is used when any of these conditions exist:
 the line item/account is not material;

 the risk of material misstatement is low;
 the analytical procedures are effective; and
 when the sample size needed is small so that the use of statistical sampling becomes very
costly.
Selecting the sample items
8. ISSAI 1530 recommends the following in selecting the sample items:
a) When designing an audit sample, the auditor shall consider the purpose of the audit procedure
and the characteristics of the population from which the sample will be drawn.
b) The auditor shall determine a sample size sufficient to reduce sampling risk to an acceptably
low level.
c) The auditor shall select items for the sample in such a way that each sampling unit in the
population has a chance of selection.
d) When designing a sample, the auditor uses the tolerable misstatement arrived at when
computing for the materiality thresholds discussed in the previous Section.
9. Examples of factors influencing sample size for tests for details are appended in the tables
presented in Appendix 2 of ISSAI 1530.
Performing the planned procedures on the selected items
10. For performing audit procedures on selected items, ISSAI 1530 provides that:
a) The auditor shall perform audit procedures, appropriate to the purpose, on each item selected.
86
b) If the audit procedure is not applicable to the selected item, the auditor shall perform the
procedure on a replacement item.
c) If the auditor is unable to apply the designed audit procedures, or suitable alternative
procedures, to a selected item, the auditor shall treat that item as a deviation from the
prescribed control, in the case of tests of controls, or a misstatement, in the case of tests of
details.
11. A sample of test of control working paper is illustrated in Illustration 5. The illustration shows the Commented [C1]: To be transferred to Execution Phase,
tests of internal controls on accounts payable for the audit of Agency XXX’s 20xx financial because of the number of transactions tested and testing is done at
account level not assertion level
statements. A sample size of 78 accounts payable voucher packets has been selected for the test of
internal controls on the accounts payable system. The sample size is designed to provide high level
of assurance (or confidence) that a control is operating effectively so long as one or fewer control
deviations is observed for each control activity tested (see WP 1). The first 74 voucher packets have
already been tested by other staff members and no errors have been found.
Illustration 5. Working Paper – Test of Control

AGENCY XXX
Controls Testing Evaluation Summary: Accounts Payable
December 31, 20xx
Test Results and Evaluation* WP 1
Number of Maximum Describe Any
Description of
Assertion Deviations Number of Accept/Reject Necessary Revisions
Control Activities
Observed Deviations to the Audit Plan
1 Procurement Occurrence 1 1 Accept
documents include all
attachments
appropriate for the
transaction.
2 The purchase Authorization 2 1 Reject Increase samples for
requisition is signed by substantive testing
the head of the
requisitioning office.
3 The purchase order is Authorization 0 1 Accept
signed by the property
officer.
4 Quantities on Accuracy 3 1 Reject Increase samples for
supplier's invoice substantive testing
agree with related
inspection &
acceptance report and
purchase order, and
invoice is
mathematically
correct.
5 All documents in Occurrence 0 1 Accept
voucher package have
been stamped "paid".
Note: * Controls Testing for the accounts payable process typically involve more control activities.
AGENCY XXX
Controls Testing Deviation Report: Accounts Payable
87
December 31, 20xx
Sample Testing Documentation WP 2

Control Activity
P.O. Number 1 2 3 4 5
164210     
185423     
190214     
195840     
74 additional items Effective Effective Effective Effective Effective
Total Number of Exceptions 1 2 0 3 0
Legend: - Effective
 - Deviation
Performing Substantive Procedures
Under the Audit Execution Phase, audit procedures listed in the Audit Program attached to the EPM
shall be pursued/conducted. To reduce audit risk to acceptable level, the auditor should conduct
substantive procedures in order to detect material misstatements in the assertion level. These
comprise of tests of details and analytical procedures.
Test of details
12. Tests of details are categorized into two types: (a) test of transactions; and (b) test of details of
account balances and disclosures.
Test of transactions
13. This requires substantive test of transactions to test errors or fraud in individual transactions and is
used to verify the monetary value of transactions and to obtain reasonable assurance that the
accounting records are accurate and reliable.
14. The auditor’s approach in substantive tests of transactions is to inspect underlying documents, to
trace the flow of transactions through the system and to recompute for mathematical accuracy. The
direction of the trace determines the objective to be satisfied. For example, tracing from a source
document to the accounting record provides evidence of completeness of the accounting records,
that is, it detects errors of understatement.
15. Tracing from the accounting record to the source document (commonly called vouching) provides
evidence of occurrence, that is, it detects errors of overstatement. Usually some tests are made in
both directions.
16. The extent of testing in a particular direction depends on the auditor’s judgment of the likelihood of
error. When an error is detected, the auditor needs to consider the cause of the error and
88
determine whether any change is called for in the planned nature and extent of testing. (Please
refer to Table 5 – Assertions in Considering Misstatements regarding transaction level assertions.)
Test of details of account balances and disclosures
17. This requires substantive testing of the ending balance of a general ledger to provide reasonable
assurance of the validity and propriety of transactions or balance or identify monetary
misstatements in it. (Please refer to Table 5– Assertions in Considering Misstatements regarding
account balance assertions.)
18. To complete the test of details, the following steps should be performed:
a) Determining the sample size
To select the items for testing, the auditor must consider what represents the population for
testing in the circumstances. It can be the entire population of an account balance, class of
transactions or disclosures; or specific items composed of high value or unusual items, or
selecting sample from the whole population.
b) Selecting the sample items

c) Performing the planned procedures in the selected items
d) Evaluating the sample results and establishing conclusion
19. External confirmation is one of the procedures adopted in substantive tests. This procedure is used
to address assertions associated with account balances and their elements and to confirm terms of
agreements, contracts, or transactions between an agency and other parties. In preparing
confirmation requests, the following factors should be considered, among others: (ISSAI 1505)
a) The specific risks and assertion/s being addressed
b) Layout and presentation of confirmation requests - The auditor may request the respondent
only to indicate whether he or she agrees with the information stated on the request. In other
positive forms, referred to as blank forms, the amount (or other information) is not stated on
the confirmation request, and instead, the recipient is requested to fill in the balance or furnish
other information.
c) Prior experience on the sending of confirmations in previous audits: response rates, knowledge
of misstatements identified during prior years' audits, and any knowledge of inaccurate
information on returned confirmations. For example, if the auditor has experienced poor
response rates to properly designed confirmation requests in prior audits, the auditor may
instead consider obtaining audit evidence from other sources.
d) Method of communications—by mail, email or personally
e) Management’s authorization or encouragement to the confirming parties to respond to the

auditor
89
f) The ability of the intended confirming party to confirm or provide the requested information.
When designing confirmation requests, the auditor should consider the types of information
respondents will be readily able to confirm, since the nature of the information being confirmed
may directly affect the competence of the evidence obtained as well as the response rate. For
example, certain respondents' accounting systems may facilitate the confirmation of single
transactions rather than of entire account balances. In addition, respondents may not be able to
confirm the balances of their installment loans, but they may be able to confirm whether their
payments are up-to-date, the amount of the payment, and the key terms of their loans.
20. In case no replies were received, the Auditor shall apply alternative procedures to the non-
responses to obtain the evidence necessary to reduce audit risk to an acceptably low level.
a) For accounts receivable, this may include examination of subsequent cash receipts (including
matching such receipts with the actual items being paid), shipping documents, or other client
documentation to provide evidence for the existence assertion.
b) For accounts payable, this may include examination of subsequent cash disbursements,
correspondence from third parties, or other records to provide evidence for the completeness
assertion.
21. The auditor should evaluate the combined audit evidence provided by the confirmations and the
alternative procedures to determine whether sufficient audit evidence has been obtained about all
the applicable financial statement assertions. In performing that evaluation, the auditor should
consider (a) the reliability of the confirmations and alternative procedures; (b) the nature of any
exceptions, including the implications, both quantitative and qualitative, of those exceptions; (c) the
audit evidence provided by other procedures; and (d) whether additional audit evidence is needed.
If the combined audit evidence provided by the confirmations, alternative procedures, and other
procedures is not sufficient, the auditor should request additional confirmations or extend other
tests, such as tests of details or analytical procedures.
22. Situations where external confirmation procedures may provide relevant audit evidence in
responding to assessed risks of material misstatement include:
a) Bank balances and other information relevant to banking relationships;

b) Accounts receivable balances and terms;
c) Inventories held by third parties at bonded warehouses for processing or on consignment;
d) Property title deeds held by financiers for safe custody or as security;
e) Investments purchased from stockbrokers but not delivered at the reporting date;
f) Amounts due to lenders, including relevant terms of repayment and restrictive covenants; and
g) Accounts payable balances and terms.
23. There are some assertions for which external confirmations provide less relevant audit evidence,
such as relating to the recoverability of accounts receivable balances, than they do for their
existence.
24. The auditor may determine that external confirmation procedures performed for one purpose
provide an opportunity to obtain audit evidence about other matters. For instance, confirmation
requests for bank balances often include requests for information relevant to other financial
90
statement assertions. Such considerations may influence the auditor’s decision about whether to
perform external confirmation procedures.
25. Factors that may assist the auditor in determining whether external confirmation procedures are to
be performed as substantive audit procedures include:
a) The confirming party’s knowledge of the subject matter;
b) The ability or willingness of the intended confirming party to respond:
i. May consider responding too costly or time consuming;

ii. May have concerns about the potential legal liability resulting from responding;
iii. May account for transactions in different currencies; or
iv. May operate in an environment where responding to confirmation requests is not a
significant aspect of day-to-day operations. In such situations, confirming parties may not
respond, may respond in a casual manner or may attempt to restrict the reliance placed on
the response.
c) The objectivity of the intended confirming party such that if the confirming party is a related
party of the entity, responses to confirmation requests may be less reliable.
Analytical Procedures
26. Analytical procedures as defined in the ISSAI 1520 means evaluation of financial information
through analysis of plausible relationships among both financial and non-financial data. Analytical
procedures also encompass such investigation necessary to identify fluctuations or relationships
that are inconsistent with other relevant information or that differ from expected values by a
significant amount.
27. These are used to obtain evidential matter about particular assertions related to account balances
or classes of transactions. In some cases, analytical procedures can be more effective or efficient
than tests of details for achieving particular substantive testing objectives.
28. Following are examples of sources of information for the conduct of analytical procedures:
a) Financial information for comparable prior period(s) giving consideration to known changes;
b) Anticipated results—for example, budgets, or forecasts including extrapolations from interim or
annual data;
c) Relationships among elements of financial information within the period;
d) Information regarding the industry in which the client operates—for example, gross margin
information;
e) Relationships of financial information with relevant non-financial information.
29. The most common types of analytical procedures conducted are:
a) Trend analysis is the analysis of changes in an account over time. To illustrate:
91
Illustration 6. Sample Trend Analysis
Horizontal
Maintenance and other operating expenses (in
Vertical Analysis Analysis (Rate
thousand pesos) Remarks
of increase)
2017 2016 2015 2017 2016 2015 2017 2016
Traveling 800 560 150 2% 1% 0% 433% 273%
Training 3,000 1,870 200 8% 4% 0% 1400% 835% Examine
cause of
Office supplies 1,000 200 100 3% 0% 0% 900% 100% increase
Rental expenses 5,000 5,000 10,000 14% 10% 21% -50% -50%
Examine
Light water and
500 250 25 1% 0% 0% 1900% 900% cause of
telephone increase
Consultancy services 5,000 17,000 17,000 14% 33% 35% -71% 0% Test of details
Repairs and
600 550 500 2% 1% 1% 20% 10%
maintenance
Examine
Printing 300 870 100 1% 2% 0% 200% 770% cause of
decrease
Representation 20,000 25,000 20,000 55% 49% 42% 0% 25% Test of details
Total 36,200 51,300 48,075 100% 100% 100%
b) Ratio analysis is the comparison across time or to a benchmark of relationships between

financial statements accounts and a non-financial data. Examples are contribution margin,
current ratio, days sales in inventory, accounts receivable turnover, debt ratio, debt to equity
ratio, inventory turn-over ratio, payable turn-over ratio, among others.
c) Reasonableness testing is the audit technique used to assess the reasonableness of accounting
transactions or events recorded in the financial statements by using two or more different
sources of data or information to predict accounting transactions or event. Examples are: i)
matching the estimated payroll costs based on the number of employees multiplied by fixed pay
rates with the actual payroll costs incurred; and, ii) comparing the balances of loans payable
with the related interest expenses for the period.
30. When designing and performing substantive analytical procedures, either independently or in
combination with tests of details, the auditor shall:
a) determine the suitability of particular substantive analytical procedures for given assertions,
taking account of the assessed risks of material misstatement and tests of details, if any, for
these assertions;
b) evaluate the reliability of data from which the auditor’s expectation of recorded amounts or
ratios is developed, taking account of source, comparability, and nature and relevance of
information available, and controls over preparation;
c) develop an expectation of recorded amounts or ratios and evaluate whether the expectation is
sufficiently precise to identify a misstatement that, individually or when aggregated with other
misstatements, may cause the financial statements to be materially misstated; and
92
d) determine the amount of any difference of recorded amounts from expected values that is
acceptable.
31. Substantive analytical procedures are conducted when the auditor considers the use of these
procedures as more effective and efficient than tests of details in reducing the risk of material
misstatements at the assertion level to an acceptably low level.
32. If analytical procedures performed identify fluctuations or relationships that are inconsistent with
other relevant information or that differ from expected values by a significant amount, the auditor
shall investigate such differences by: (a) inquiring from management and obtaining appropriate
audit evidence relevant to management’s responses; and (b) performing other audit procedures as
necessary in the circumstances.
Evaluating the sample results and establishing conclusion
33. As provided in ISSAI 1530, the auditor shall evaluate:
a) The results of the sample and consider that an unexpectedly high sample deviation rate may
lead to an increase in the assessed risk of material misstatement, unless further audit evidence
substantiating the initial assessment is obtained.
b) Whether the use of the audit sampling has provided a reasonable basis for conclusions about
the population that has been tested. If the auditor concludes that audit sampling has not
provided a reasonable basis for conclusions about the population that has been tested, the
auditor may:
i. Request management to investigate misstatements that have been identified and the
potential for further misstatements and to make any necessary adjustments; or
ii. Tailor the nature, timing and extent of those further audit procedures to best achieve the
required assurance. For example, the auditor might extend the sample size, test an
alternative control or modify related substantive procedures.
34. Relationship of the results of substantive analytical procedures with the conclusion of the audit
The auditor shall design and perform analytical procedures near the end of the audit as guide when
forming an overall conclusion as to whether the financial statements are consistent with the
auditor’s understanding of the entity.
a) The conclusion drawn from the results of analytical procedures designed and performed are
intended to corroborate conclusions formed during the audit of individual components or
elements of financial statements. This assists the auditor to draw reasonable conclusions on
which to base the auditor’s opinion. (ISSAI 1520, par. A17)
If evaluation of the result of substantive analytical procedures discloses significant variances

that may lead to material misstatements, the auditor’s reasonable conclusion may be affected
which necessitates rendering a modified opinion.
93
b) The results of such analytical procedures may identify a previously unrecognized risk of
material misstatement. In such circumstances, ISSAI 1315 (Revised) requires the auditor to
revise the auditor’s assessment of risks of material misstatement and modify the further
planned audit procedures accordingly. (ISSAI 1520, par. A18)
35. Relationship of test of controls with substantive tests
a) Tests of controls and substantive tests of details of transactions and balances are both tests
involving transactions; in many instances transactions selected for examination are tested for
compliance with controls as well as determining whether monetary errors have occurred, giving
rise to the concept of dual-purpose testing.
b) Tests of controls and substantive tests of transactions are both usually performed for major
classes of transactions that are repetitive and large in volume. Tests of controls detect
departures from prescribed controls but do not directly measure monetary error in accounting
records. Substantive tests must be performed to determine whether monetary errors have
occurred based on the result of tests of controls, determines the extent of substantive tests
considered necessary. In a true dual-purpose test, different procedures are performed to satisfy
different objectives, but they are performed using the same documents at approximately the
same time.
c) Substantive tests of transactions and substantive tests of balances - If the account balance is
affected by many relatively small transactions, the auditor designs substantive tests of balances
directed to selected items (e.g. individual customers, inventory items) which aggregate to create
the ending balance. This commonly occurs for the accounts receivable and inventory balances.
To illustrate: If the auditor verifies the PhP250,000.00 ending balance of a receivable due from a
debtor through confirmation procedures, this is a substantive test of balances. If the auditor
verifies the peso value of the individual transactions comprising the PhP250,000.00 (such as by
verifying sales invoices and remittance advices associated with cash receipts transactions), this
is a substantive test of transactions.
d) Substantive tests of balances of statement of financial position accounts are generally preferred
because there are fewer items in the ending balance than there are transactions that affect the
balance, and there is generally more persuasive evidence available to support the ending
balance.
e) Note also that the substantive tests of balances of statement of financial position accounts
indirectly test the statement of financial performance account balances (sales and expenditure).
For example, the testing of accounts receivable will verify the sales that gave rise to this asset.
36. In the extremely rare circumstances when the auditor considers a misstatement or deviation
discovered in a sample to be an anomaly, the auditor shall obtain a high degree of certainty that
such misstatement or deviation is not representative of the population. The auditor shall obtain this
degree of certainty by performing additional audit procedures to obtain sufficient appropriate audit
evidence that the misstatement or deviation does not affect the remainder of the population.
C. Gathering audit documentation and evidence
94
37. The SA/RSA and ATL ensure that all evidence is documented properly in audit working papers. Audit
evidence refers to information used by the auditor in arriving at the conclusions on which the
auditor’s opinion is based. It includes both information contained in the accounting records
underlying the financial statements and information obtained from other sources. (ISSAI 1500)
38. Working papers should be properly titled, referenced and cross-referenced to supporting evidence
and signed by the preparer and the reviewer. To prove that the audit responded to the assessed
risks of material misstatements, audit procedures actually performed are summarized on the main
audit working papers of each FS account. Deviations to the planned audit procedures in terms of the
nature, extent and timing of audit procedures must be fully explained with the SA/RSA
acknowledging acceptability of the changes done upon signing the working papers as reviewer.
39. Working papers should be complete and accurate, and must support observations, testing,
conclusions, and recommendations. It should also show the nature and scope of the work
performed. Working papers should also be clear and understandable without supplementary oral
explanations. The structure of the working paper should be in a logical format that clearly shows the
purpose/objective of the test (risk being tested), a description of the test, extent of testing
performed, results, conclusion arrived at i.e. any control weaknesses identified, and potential
process improvements, and positive change opportunities. Where working papers are hand written
they should be neat and legible. If working papers are not clear they may lose their worth as
documented evidence.
40. Each top schedule of the accounts presents the Audit Conclusion: whether the audit objective was
met or not and the reason thereof; whether the Main Account audited (e.g. Cash, Receivables,
Inventory, etc.) is considered as fairly stated and presented.
Illustration 7. Sample Top Schedule and Audit Conclusion

ABC Agency
Top Schedule – Cash & Cash Equivalents
December 31, 20x2
Amount
Account WP
Audit Adjustments Per Audit
Name ref Per Books
DR CR 20x2 (CY) 20x1 (PY)
CIB, A-1 10,000 500 9,500 20,000
LCCA
Audit conclusion on the audit of cash:

Based on the audit procedures performed for the Cash and Cash Equivalents, total adjustment of Pxxx representing
unrecorded bank charges was taken up in the books to effect the adjusted cash in bank balance per books. We
conclude that this account is fairly stated and presented in the financial statements.
Prepared by: Audit Team Member Date of audit completion
Reviewed by: Audit Team Leader Date of review
41. The auditor shall assemble the audit documentation in an audit file and complete the administrative
process of assembling the final audit file on a timely basis after the date of the auditor’s report.
(ISSAI 1230, par. 14). An audit file may be one or more folders or other storage media, in physical or
electronic form, containing the records that comprise the audit documentation for a specific
engagement.
95
42. An audit file may be classified into two types: current audit file and permanent audit file. Current
Audit File (CAF) contains working papers relating to a single audit engagement.2Permanent Audit
File (PAF) is a set of records that serves as an ongoing reference for successive audit. The
information in the PAF, which should be regularly updated, is intended to be accessed repeatedly to
assist the audit team in the conduct of their tasks.3
43. Listed below are the contents of CAF and PAF, among others:
Table 8. List of Current Audit File and Permanent Audit File

Current Audit File (CAF) Permanent Audit File (PAF)
a. Engagement Letter q. Working Papers (WPs) by a. Charter or mandate;
b. Auditor’s Declaration of account b. Manual of operations;
Independence and r. AOM, NS, ND, NC, AM c. Internal audit reports;
Compliance with Ethical s. WP on Financial Analysis d. Minutes of meetings and
Standards t. Summary of proposed audit conferences with the
c. Management Representation adjustments agency;
Letter u. Summary of Uncorrected e. Organizational
d. Overall Audit Strategy Misstatements Chart/Functional Chart;
e. Variance Analysis of FS v. Minutes of exit conference
f. Official directives, new laws
f. Tie-in Analysis w. Bank Statements and Bank
and regulations affecting
g. Summary Report on the Reconciliation Statements
the agency;
Preliminary Identification of x. Reports of Checks Issued and
g. Appropriations/annual
Risks Disbursement Vouchers
budget and other financial
h. Materiality Computation y. Agency Action Plan and Status
and project reports;
i. Results of Risk Assessment at of Implementation
the Assertion Level z. Action Plan Monitoring Tool h. Property and personnel
j. Audit Program aa. Recommendation Tracking accountability audits
k. Top Schedule and sub- Sheet i. Notices of Suspensions,
schedules bb. Final AAR and signed IAR Charges and Disallowances,
l. Engagement Planning cc. Management Letter Notices of Finality of
Memorandum dd. Summary of Audit Observations Decisions (NFD), COA Order
m. Summary of other audit and Recommendations of Execution (COE)
activities ee. Duly received Transmittal Letter j. Financial, compliance and
n. Specific Audit Instructions ff. Duly signed Financial performance audit reports;
o. Test of Internal Control Design Management Performance cash examination reports;
p. Internal Control Policies, Rating fraud audit reports; project
Procedures, and Practices gg. Completion Compliance audit reports;
(ICPPP) or General Accounting Checklist k. Evaluation/investigation
Plan (GAP for national hh. Auditee Feedback Survey reports/emerging issues
agencies) and Walkthrough ii. Director’s Evaluation Form from newspaper accounts
Analysis l. Financial Reports
44. The auditor can obtain evidence in many different ways, such as:
a) Inspection or observation evidenced by photographs, inspection reports; formal analysis

performed by expert/s, and even the object or a portion of the object itself such as substandard
materials.
2
(Current Audit File, 2018)
3
(Bragg, 2018)
96
b) Evaluation of records, reports and documents including disbursement vouchers to prove certain
facts noted in the course of the audit. For instance, proof of a cash shortage in a cash
examination report; one proof of noncompliance with specific terms would be the contract
itself; proof of payments made are the official receipts, and proofs that payments made are
valid are the delivery reports, sales invoices and purchase orders.
c) Interviews/inquiries evidenced by signed interview sheets or a recording of a conversation with

the interviewees; confirmation replies received from banks, debtors and creditors; emailed
replies to queries made from a client or another department. To strengthen evidence through
interviews; other forms of evidence are obtained, say an inspection performed to prove
interviewees’ contention that certain assets are missing.
d) Study, comparison, and evaluation of relationships among financial and non-financial data at a
point in time and the trend in those relationships over a period.
e) Questionnaires with a list of questions on a particular area or function may be developed to

obtain information relating to the audit objective. The questionnaire should be short and
answerable by “yes” or “no” only, to facilitate collation and analysis. For this to be considered as
audit evidence, the Auditor should request for copy of related documents, records or reports or
results of questionnaire used to conduct alternative procedures.
f) Flowcharts showing the flow of activities through a process. They help to visualize the process
and therefore facilitate an analysis of the operation and assist in identifying inefficiencies,
overlaps and duplications/missing procedures and control weaknesses. Flowcharts are valuable
when documenting a complicated flow of documents or process such as cash receipts, cash
disbursements, and procurement, among others. Completed flowcharts should be discussed
with the interviewee to ensure correctness.
g) Walkthroughs to document the audited entity’s processes. This activity involves following one or
two transactions or activities step-by-step through the process from beginning to end. A
walkthrough test helps to confirm the accuracy of the auditor’s documentation of the process
and ensure that it is understood. Walkthroughs are more effective in understanding the audited
entity’s processes than a general review of manuals and operating procedures, as they provide a
faster and more effective identification of weaknesses and potential problem areas.
h) Re-computation or verifying the mathematical accuracy of figures. The value of this procedure
as evidence is limited as the reliability of the evidence obtained depends on the validity of the
source documents.
i) Reperformance or Auditor’s independent execution of procedures or controls that were

originally performed as part of the entity’s internal control, either manually or through the use
of computer-assisted audit techniques (CAATs). For example, reperforming the aging of
accounts receivable or comparing the price on an invoice to that reflected in an approved
purchase order.
45. The audit documentation serves as sufficient and appropriate record of the auditor’s basis for a
conclusion about the achievement of the overall objectives of the auditor. It also functions as
97
evidence that the audit was planned and performed in accordance with ISSAIs and applicable legal
and regulatory requirements. Moreover, paragraph 3 of ISSAI 1230 also states that: ”Audit
documentation serves a number of additional purposes, including the following:
a) Assisting the engagement team to plan and perform the audit.

b) Assisting members of the engagement team responsible for supervision to direct and supervise
the audit work, and to discharge their review responsibilities in accordance with ISSAI 1220.
c) Enabling the engagement team to be accountable for its work.
d) Retaining a record of matters of continuing significance to future audits.
e) Enabling the conduct of quality control reviews and inspections in accordance with ISQC 1 or
national requirements that are at least as demanding.
f) Enabling the conduct of external inspections in accordance with applicable legal, regulatory or
other requirements.”
D. Addressing risk areas that need specific considerations
46. Audit evidence obtained for these areas/issues and requirements should consider the following:
a) Inventory in the public sector is often held for use rather than for resale. As such, COA property
audits go beyond the usual observations of physical inventories conducted during year-end and
cover year round activities. Violations to property related regulations especially those included
in the State Audit Code, are reported as part of the auditor’s observations and
recommendations.
b) Litigation and claims
i. These conditions need to be disclosed in the Notes to Financial Statements. In addition,

audit procedures may have to be performed to identify litigation and claims which may give
rise to the need to recognize a contingent asset or liability in the Financial Statements.
ii. Contingent liability refers to a possible obligation that arises from past events, and whose
existence will be confirmed only by the occurrence or non-occurrence of one or more
uncertain future events not wholly within the control of the entity; or a present obligation
that arises from past events, but is not recognized because: (i) it is not probable that an
outflow of resources embodying economic benefits or service potential will be required to
settle the obligation; or (ii) the amount of the obligation cannot be measured with sufficient
reliability.
iii. Contingent asset refers to a possible asset that arises from past events whose existence will
be confirmed only by the occurrence or non-occurrence of one or more uncertain future
events not wholly within the control of the entity.
iv. Audit procedures for these areas may include:
 Obtain from management and/or from its internal Legal Counsel a description and
evaluation of litigation, claims, and assessments that existed at the date of the balance
sheet being reported on, and during the period from the balance sheet date to the date
98
the information is furnished, including an identification of those matters referred to
legal counsel. The ISSAI recognizes that public sector auditors such as COA auditors
have the right to communicate directly with the agency’s external legal counsel without
need for management permission.
 Examine documents in the client's possession concerning litigation, claims, and

assessments, including correspondence and invoices from lawyers.
 Review of legal expense account if this exists and if management denies having any
litigation and claim related issues.
 Evaluate the likelihood of an unfavorable outcome and its estimate of the amount or
range of potential loss. Assess if the potential loss will affect the reliability of the FS and
require disclosure in the Notes to Financial Statements.
c) Segment information - presentation and disclosure of specific segment information discussed in

the ISSAI are not applicable in the Philippines except for certain public sector entities.
However, there may be information similar to segment information requiring disclosure.
i. This is in the case of foreign assisted projects funded by the World Bank; European Union;
USAID; United Nations Development Programme and the Asian Development Bank where
stand-alone audit reports are submitted to the funding organizations. This can be
presented in the following manner:
Note 10. Audit of Loans and Grants from the Asian Development Bank
A separate special purpose financial audit was performed on government and ADB
funds for Project 12345 “Project on Climate Change” included in this 20xx financial
statements for the Agency. The COA rendered an unmodified audit opinion on the
fairness in presentation of the financial statements and on the Project’s compliance
with ADB requirements particularly on SOE and imprest account procedures
prescribed in the Loans Disbursements Handbook; and on the use of the funds for
the purposes intended.
ii. The materiality of misstatements on the overall financial statements in separate audits will
have to be evaluated.
d) Related party transactions- persons or other entities that have control or significant influence,
directly or indirectly through one or more intermediaries, over the reporting entity; entities over
which the reporting entity has control or significant influence, directly or indirectly through one
or more intermediaries; or, other entities under common control with the reporting entity
through having common controlling ownership, owners who are close family members, and
common key management.The auditor is required to examine the documents (minutes of
meetings, bank and legal confirmations, such other documents provided) supporting the
transaction/s; establish whether these transactions are properly accounted for and identify
possible misstatements or errors due to fraud by the very nature of the transactions. In
addition, material transactions should be confirmed with related parties identified and
appropriate background research should be conducted as necessary.
99
i. The Notes to Financial Statements should disclose related party transactions, business
rationale and effects of the transactions on the financial statements. Key terms, conditions,
or other important elements of the transactions necessary for understanding them should
also be disclosed.
ii. Examples of transactions which may qualify as related party transactions in the Philippines
are:
 fund transfers to the agency for projects which are not related to the mandate or
objective of the agency;
 fund transfers to the agency and subsequent transfers of the same amounts to non-
government agencies;
 material cash advances, fund transfers or loans released by the agency to persons or
non-government agencies or parties;
 guarantees and guarantor relationships;
 agreements for the provision of services to certain parties under terms and conditions
outside the agency’s normal course of business;
 complex equity transactions such as corporate restructurings or acquisitions;
 transactions with offshore entities in jurisdictions with weak corporate laws;
 leasing of premises or the rendering of management services by the agency to another
party if no consideration is exchanged;
 sales transactions with unusually large discounts or returns;
 transactions with circular arrangements such as sales with commitment to repurchase;
and
 transactions under contracts whose terms are changed before expiry.
iii. Auditors should be guided by the requirements of ISSAI 1240 in case of intentional non-
disclosure by management of related party transactions. The auditor may also consider the
need to re-evaluate the reliability of management’s responses to audit inquiries and the
management’s representations to the auditor.
e) Accounting estimates are an approximation of monetary amount in the absence of a precise

means of measurement.
i. In the public sector these pertain to:
 Programs: social insurance; governmental employee pension; health care; veterans’

benefits, environmental liabilities; tax revenue and receivables and certain property and
equipment such as specialized military equipment and heritage assets.
 Activities with high estimation uncertainty: outcome of litigation; derivative financial

instruments not publicly traded; fair value accounting estimates for which a highly
specialized entity developed model is used such as employees benefit pension fund
which requires the estimation of an actuary.
100
 Situations where accounting estimates may be required: inventory obsolescence;
warranty obligations; depreciation method or asset useful life; share-based payments;
property or equipment held for disposal; goodwill or intangible assets; non-monetary
exchange of plant facilities.
ii. The nature and reliability of information to support the accounting estimates may affect the
risks of material misstatement of accounting estimates including the susceptibility to
unintentional or intentional management bias.
iii. For accounting estimates that give rise to significant risks, the auditor obtains appropriate
evidence of management’s decision to recognize or not to recognize accounting estimates in
the financial statements. The auditor then evaluates reasonableness of such estimates and
adequacy of disclosures.
iv. The disclosures should include the assumptions used, the method of estimation, including
any applicable model, the basis for selection of the method of estimation, the effect of any
changes to the method of estimation from prior period and the sources and implications of
estimation uncertainty.
f) Subsequent Events pertain to events which occur after the date of the financial statements but
which: i) provide evidence of conditions that existed at the date of the financial statements and
ii) those that provide evidence of conditions that arose after the date of the financial
statements.
i. Accruing expenses paid during the ensuing year but pertaining to transactions which should
have been recognized during the year under audit, under accrual accounting is an example
of adjustments made resulting from a subsequent events analysis.
ii. The auditor should inquire from management whether any subsequent events that might
affect the financial statements have occurred. Specific inquiries about the following matters
should be made about these transactions reported after the date of the financial
statements:
 New commitments, borrowings, or guarantees entered into

 Sales, acquisitions or assets
 Increases in capital or issuances of debt instruments such as issuance of new shares or
debentures or an agreement to merge or liquidate has been made or planned
 Assets appropriated by government or destroyed by fire or flood
 Developments regarding contingencies such as claims or litigations
 Unusual accounting adjustments made or contemplated
 Events have occurred or are likely to occur that will bring into question the
appropriateness of accounting policies used in the financial statements such as going
concern issues
 Events that have occurred relevant to the measurement of estimates or provisions
made in the financial statements
 Events that have occurred that are relevant to the recoverability of assets
101
iii. The terms of audit engagement should include the obligation of management to inform the
auditor of facts that may affect the financial statements of which management may become
aware during the period from the date the financial statements are approved for issuance to
the date of the auditor’s report. During this period, the auditor is responsible for matters
that may occur regardless of the lack of disclosure by management. The lack of disclosure by
management may be addressed by performing applicable audit procedures to obtain
sufficient appropriate audit evidence that all subsequent events have been identified. Such
subsequent matters, if material, may affect the audit opinion to be rendered.
iv. For example, way before the end of the reporting period, a debtor of the agency/unit/
corporation with a substantial account already displays inability to pay its obligation.
Management did not adjust the corresponding allowance for impairment on the account of
such debtor despite the circumstances. Two months after the approval of the issuance of the
year-end financial statements and before the issuance of the auditor’s report, the debtor-
client declared bankruptcy. This is an adjusting subsequent event. The auditor, having
knowledge of the situation, recommended for an adjustment for the increase of allowance
for impairment on the account of the bankrupt client. However, Management refused to
make the adjustment. In such a case, the auditor’s opinion is modified on the matter
depending on the materiality of the account’s amount.
v. The auditor is not responsible for subsequent matters that occur after the date of the
auditor’s report which management purposely did not divulge to him/her.
g) Audits of Group Financial Statements (including work of Component Auditors)
ISSAI 1600 provides the guidance for Group Financial Statements. In COA, Group Financial
Statements refer to consolidated financial statements prepared by the head office of a
department/agency.
i. The auditors assigned at the head office (group auditor) and field operating offices
(component auditor) conduct the audit of the financial statements of such offices and
prepare an ML or SAOR, whichever is applicable.
ii. The component auditor transmits the ML/SAOR to the respective managements, a copy of
the same will be furnished to the Cluster Director through the Regional Director.
iii. The group auditor prepares the Consolidated Annual Audit Report (CAAR) based on the
ML/SAOR issued by the component auditors, and reviews the Consolidated Financial
Statements.
iv. After review of the CAAR, the report is then transmitted to the department/agency.
v. For consistency of audit focus and area, the group auditor issues Specific Audit Instructions
for compliance by the component auditors down to the provincial/division level. The
component auditors are, however, not constrained to look into areas considered of
significant risks at their level. Commented [C2]: To include statement on materiality for
Group FS
102
vi. The group auditor is responsible for the group audit opinion. When the opinion is modified
because of inability to obtain sufficient appropriate audit evidence in relation to the
financial information of one or more components, the reasons for that inability shall be
discussed in the Basis for Modification paragraph in the Independent Auditor’s Report on
the group financial statements. The group auditor may refer the matter to the component
auditor as deemed necessary for an adequate explanation of the circumstances.
E. Summarizing proposed audit adjustments and evaluating effects in the audit opinion
47. Whenever necessary, proposed audit adjustments of the Audit Team are forwarded to the Chief
Accountant for action. Once the audit is completed, the Audit Team Leader prepares a list of all
audit adjustments indicating the actions taken by the Chief Accountant.
Illustration 8. Summary of Proposed Audit Adjustments

In Thousand Pesos Adjusted by
Current Prior Management
Accounts and WP Asset Liability
No. Period Period ?
Description ref
Non- Non- Revenue/ Revenue/ Y N
Current Current
Current Current Expense Expense
1 Other Expenses 60.00
 
Cash in bank (60.00)
To record bank

charges
2 Impairment Loss – 2,000.00
Loans &Receivables
Allowance for (2,000.00) 
Impairment – Loans
& Receivables
To set up Allowance
for Impairment
3 Operating expenses 23,000.00

Accrued expenses 23,000.00
To accrue expenses 
4 PPE 50,000.00
Accumulated (50,000.00) 
Surplus / Prior
Period Adjustments
To capitalize major
repairs of buildings
which were
previously charged
to expenses
48. All uncorrected audit adjustments are summarized. For agencies with field operating units (FOUs)
with complete sets of books, the FOU Team Leader submits to the RSA, the list of uncorrected audit
adjustments for consolidation and submission to the SA at the Head Office.
49. The auditor shall analyze and evaluate whether the uncorrected audit adjustment will affect the
audit opinion to be issued considering the final and/or revised overall and specific materiality
thresholds established, the size, nature and particular circumstance of misstatement, both in
relation to the particular classes of transaction, account balance, or disclosure, and to the financial
statements as a whole.
103
II. Summarizing Audit Observations and Recommendations and Communicate with Those
Charged with Governance
A. Areas for consideration in summarizing audit observations
50. Upon completion of the Execution Phase but before the conduct of an Exit conference, an audit
summary should be prepared to summarize the work done and conclusions reached (Appendix 3-1).
All uncorrected misstatements accumulated during the audit shall be included in the summary.
51. Misstatement pertains to a difference between the reported amount, classification, presentation, or
disclosure of a financial statement item and the amount, classification, presentation, or disclosure
that is required for the item to be in accordance with the applicable financial reporting framework.
52. A misstatement may not be an isolated occurrence. Evidence that other misstatements may exist
include, for example, where the auditor identifies that a misstatement arose from a breakdown in
internal control or from inappropriate assumptions or valuation methods that have been widely
applied by the entity. (Guidance on the determination of projected misstatements and evaluation
of the results is set out in ISSAI 1530.9 Consideration of Identified Misstatements as the Audit
Progresses)
53. The determination of whether a misstatement(s) in a qualitative disclosure is material, in the

context of the applicable financial reporting framework and the specific circumstances of the entity,
is a matter that involves the exercise of professional judgment. Examples where such misstatements
may be material include:
a) Inaccurate or incomplete descriptions of information about the objectives, policies and

processes for managing capital for entities with insurance and banking activities.
b) The omission of information about the events or circumstances that have led to an impairment
loss (e.g., a significant long-term decline in the demand for a metal or commodity) in an entity
with mining operations.
c) The incorrect description of an accounting policy relating to a significant item in the statement
of financial position, the statement of financial performance, the statement of changes in net
assets/equity, statement of comparison of budget and actual amounts, or the statement of cash
flows.
54. The circumstances related to some misstatements may cause the auditor to evaluate them as
material, individually or when considered together with other misstatements accumulated during
the audit, even if they are lower than materiality for the financial statements as a whole.
Circumstances that may affect the evaluation include the extent to which the misstatement:
a) Affects compliance with regulatory requirements;

b) Affects compliance with debt covenants or other contractual requirements;
c) Relates to the incorrect selection or application of an accounting policy that has an immaterial
effect on the current period’s financial statements but is likely to have a material effect on
future periods’ financial statements;
d) Masks a change in earnings or other trends, especially in the context of general economic and
industry conditions;
104
e) Affects ratios used to evaluate the entity’s financial position, results of operations or cash flows;
f) Affects segment information presented in the financial statements (for example, the significance
of the matter to a segment or other portion of the entity’s business that has been identified as
playing a significant role in the entity’s operations or profitability);
g) Has the effect of increasing management compensation, for example, by ensuring that the
requirements for the award of bonuses or other incentives are satisfied;
h) Is significant having regard to the auditor’s understanding of known previous communications to
users, for example, in relation to forecast earnings;
i) Relates to items involving particular parties (for example, whether external parties to the
transaction are related to members of the entity’s management);
j) Is an omission of information not specifically required by the applicable financial reporting
framework but which, in the judgment of the auditor, is important to the users’ understanding
of the financial position, financial performance or cash flows of the entity; or
k) Affects other information to be included in the entity’s annual report (for example, information
to be included in a “Management Discussion and Analysis” or an “Operating and Financial
Review”) that may reasonably be expected to influence the economic decisions of the users.
These circumstances are only examples; not all are likely to be present in all audits nor is the list
necessarily complete.
55. Significant related party matters arising during the audit shall be communicated to management
such as:
a) Non-disclosure of related parties or significant related party transactions by management

b) Significant related party transactions that have not been appropriately authorized and approved
giving rise to suspected fraud
c) Disagreement with management regarding the accounting for and disclosure of significant
related party transactions in accordance with the applicable financial reporting framework
d) Non-compliance with applicable law or regulations prohibiting or restricting specific types of
related party transactions
56. As discussed in ISSAI 1240 in relation to ISSAI 1450, the result of fraud will be considered in relation
to other aspects of the audit, even if the size of the misstatement is not material in relation to the
financial statements. Depending on the circumstances, misstatements in disclosures could also be
indicative of fraud, and, for example, may arise from:
a) Misleading disclosures that have resulted from bias in management’s judgments; or

b) Extensive duplicative or uninformative disclosures that are intended to obscure a proper
understanding of matters in the financial statements.
B. Elements of Audit Observation
57. The cumulative effect of immaterial uncorrected misstatements related to prior periods may have a
material effect on the current period’s financial statements and should also be reviewed.
58. The working paper supporting the summary should include the conclusions reached containing the
elements of audit observation. The required COA format for an audit summary should be followed.
105
59. The elements of audit observation are explained as follows:
a) criteria - pertains to the standard or the benchmark. This is usually a policy, circular, directive or
a law.
b) condition – explains whether the criteria were followed or not based on evidence gathered.
c) cause – the reason/s for the existing conditions and unmet criteria. This is considered important
as this should be the focus of the audit recommendation.
d) effect – adverse result of the failure to meet criteria which is expressed in terms of losses,
wastage, inability to perform ones tasks or meet client expectations among others.
Illustration 9. Sample - Elements of an Audit Observation

Inventory balance overstated by P1M due to non-recording of issuances in the books of accounts.
The non-recording of inventory issuances distributed to various offices rendered the inventory account overstated
by P1M and understating the corresponding inventory account by the same amount due to the non-preparation by
the Property Officer of the RSMI and its non-submission to the Accounting Office which is contrary to Paragraph 44
of PPSAS 12 on the recognition of expense.
Criteria: Paragraph 44 of PPSAS 12

Condition: Non-recording of inventory issuances
Cause: Non-preparation by the Property Officers of the RSMI
Effect: Overstatement of Inventory Balance; Understatement of expense
60. Recommendations should address the cause of the observation considering inputs from the
management on how to address the identified problems or cause for the existence of the
observation.
We recommend that the Property Officer prepare the required RSMI for submission to the Accountant as
basis for recording the issuances of inventory.
61. This is presented below in a diagram tool which provides a well-structured AOM that clearly
indicates the logical relationships between and among the elements constituting each audit
observations. With a logical relationship among the elements of an audit observation, an
appropriate audit recommendation can be drawn.
106
Exhibit 4. Diagramming Tool
Criteria
Cause Condition Effect
Recommendations Evidence Recommendations
C. Performing review of overall audit work
62. The auditor shall consider the following:
a. Affirmation of Audit Team’s independence
Before reporting, the SA/RSA shall affirm that the Team is still independent of the auditee.
(Appendix 3-2)
b. Consider subsequent events
Sufficient evidence should be gathered to ensure that all events occurring between the date of
the FS and the date of the Auditor’s Report that require adjustment or disclosure are identified.
Subsequent events are more relevant under accrual accounting.
c. Update lead schedule and perform final analytical review
Should there be any changes in the financial statements, the schedules shall be updated and
additional procedures documented.
d. Consider the adequacy of work performance
The audit team shall make conclusion on whether all planned audit works have been performed
or there are other activities to be undertaken before closing the audit or reporting.
D. Tracking status of past years’ recommendations
63. In addition to existing COA regulation requiring the submission of Agency Action Plan and Status of
Implementation (AAPSI) and Action Plan Monitoring Tool (APMT), the audit team shall prepare a
Recommendation Tracking Sheet (RTS).
64. Audit issues with unimplemented recommendations should be reiterated in the audit report if the
existing condition still exists that affects the audit opinion. However, the reasons for the failure of
the management to implement recommendation should be assessed to determine if there is a need
107
to revise or refocus the recommended action. In such case, the status of affected recommendation
in the RTS should be considered “closed for having been revised”.
65. If the audit issues intended to be addressed by the unimplemented recommendation are no longer
existing due to, among others, closing of the project, or adoption of new accounting system, or
implementation by management of control measures other than the Audit Team’s recommended
course of action, the status of such recommendation in the RTS can be considered closed.
66. All unimplemented recommendations considered closed shall be recommended by the SA/RSA to
the CD/RD for deletion from the RTS. Once approved by the CD/RD, the same shall be deleted from
the RTS for the year under audit.
67. If considered necessary, the Head of the audited agency should be formally informed of the
unimplemented recommendations and possible action to be taken by COA for continued inaction.
Non-implementation of recommendations for no valid reason and without any alternative action
taken to address the problem is a criterion for decreasing the performance rating of an agency as
discussed in Section 5 of this FAM.
68. The format of the RTS to be maintained by the concerned Audit Team Leader and the Office of the
Director for each agency is shown in Appendix 3-3.
69. There are factors preventing the Auditee to implement the agreed upon actions, such as competing
priorities; funding issues and lack of staff to implement the recommendations. One other reason for
non-implementation of recommendations is that the recommendation is not practical and doable.
Recommendations should be:
a) Specific – target a specific area for improvement.

b) Measurable – quantify or at least suggest an indicator of progress.
c) Assignable – specify who will do it.
d) Realistic – what results can realistically be achieved, given available resources.
e) Time-related – specify when the result(s) can be achieved.
70. In terms of presentation, the following enhancements to the Recommendations contained in the
audit report are:
a) The assignment of reference number which shall correspond to the recommendation number
per AAPSI and APMT; and
b) Setting deadlines for implementation as agreed upon with the auditee.
Illustration 10. Sample enhancements to recommendations

Enhancement
AAR 2016-315-001 Recommendation: Each recommendation has an assigned tracking number shown in the
audit report. For AAR 2016-001 means that the audit year audited is
2016; and this recommendation is number 1. This is to encourage clarity
and avoid lumping of too many sub recommendations into one main
recommendation leaving the Auditee confused as to what the auditor is
really recommending.
108
Enhancement
We recommend the review by the Finance Director with the monitoring of
the collectability of non-moving receivables aged 3 years and beyond
which amounted to P3.75 billion as of end of 2016.
Each recommendation should have an assigned deadline for

implementation in agreement with the Auditee – the deadline will have to
range from 3 months to one year and not beyond.
III. Conduct Exit Conference
71. The Audit Team Leader prepares the audit highlights as basis for an exit conference with
management subject to the approval of the SA/RSA. Points for discussion are:
a) The misstatements identified and the adjustments which the Chief Accountant failed to take up
b) The effect of failure to take up adjustments as far as the audit opinion is concerned
c) Additional disclosures or explanations for inclusion in the Notes to Financial Statements
d) Audit observations and tentative audit recommendations using the audit summaries as basis
e) Deadline for submission of management comments
f) Pending issues and requests such as related parties, litigation and claims, if remained
unsubmitted as of exit conference
g) Submission of the management representation letter, if remained unsubmitted as of exit
conference
h) Unimplemented audit recommendations and its impact on the financial statements
i) Other matters included in the Engagement Letter which have not been addressed
109
Appendix 3-1. Summary of Audit Observations and Recommendations
Agency _____________________ Prepared by: _______________ Date: __________

_____________________ Reviewed by: ______________ Date: __________
Period _____________________ Approved by: ______________ Date: __________
A. Matrix of Financial Audit Observations and Recommendations
No. AOM Observation Recommendation Management Auditor’s

No./Date Comment Rejoinder
B. Summary of Uncorrected Misstatements
In Thousand Pesos
Accounts Asset Liability Current Prior
WP Auditor’s
No. and Period Period
ref Non- Non- Evaluation
Description Current Current Revenue/ Revenue/
Current Current
Expense Expense
Total
110
Appendix 3-2. Affirmation of Audit Team’s Independence and Compliance with
Ethical Standards

COMMISSION ON AUDIT
AFFIRMATION OF AUDIT TEAM’S INDEPENDENCE AND COMPLIANCE

WITH ETHICAL STANDARDS
I affirm to the best of my knowledge that, I know of nothing that have impaired the Audit Team’s
independence and impartiality that contravened the requirements of any applicable code of
professional conduct.
__(Signature over printed name)__ Date:

Supervising Auditor/Regional
Supervising Auditor
Cluster/Regional Director’s Certification:
I certify that I am not aware of anything that impaired the independence and impartiality of the Audit
Team.
__(Signature over printed name)__ Date:

111
Appendix 3-3. Recommendations Tracking Sheet
Recommendations Tracking Sheet

As of _____________
Agency:
Audit Recommendation Auditor’s

AAR Audit Audit Reason for Non-
Ref. Restated/ Closed/ Further
Year Observation Recommendation Reiterated Implementation
Revised Implemented Action
Prepared by: Date: Approved by: Date:
__(Signature over printed name)__ __(Signature over printed name)__

Audit Team Leader Supervising Auditor/Regional Supervising Auditor
112
Section 4
Reporting Phase
1. After sufficient and appropriate audit evidence has been obtained, the auditor is now ready to
prepare the independent auditor’s report on the audit of the financial statements of the
Agency/Local Government Unit/Corporation. This phase comprises the following:
I. Write the independent auditor’s report

A. Forming an audit opinion
A.1. Evaluating audit evidence obtained
A.2. Considering materiality of uncorrected misstatements
A.3. Evaluating financial statements prepared using the appropriate financial reporting
framework
B. Forms of independent auditor’s report

B.1. Unmodified auditor’s report
B.2. Modified auditor’s report
B.2.1. Matters affecting the Auditor’s unmodified opinion
B.2.2. Matters not affecting the unmodified opinion
B.3. Auditor’s report on consolidated financial statements
B.4. Auditor’s report on comparative financial statements
II. Specific Elements of the Independent Auditor’s Report

A. Title
B. Addressee
C. Report on the audit of the financial statements
C.1. Opinion section
C.2. Basis for opinion
C.3. Key audit matters
C.4. Emphasis of matter
C.5. Other matter
C.6. Other information
C.7. Responsibilities of management for the financial statements
C.8. Auditor’s responsibilities for the audit of the financial statements
D. Report on other legal and regulatory requirements
E. Name of the engagement partner
F. Signature of the auditor
G. Auditor’s address
H. Date of the independent auditor’s report
III. Comparative information

A. Corresponding figures and Comparative Financial Statements
IV. Special Considerations – Audits of Financial Statements Prepared in Accordance with Special
Purpose Frameworks
V. Types of Audit Report
113
I. Write the Independent Auditor’s Report
2. Paragraph 17.1 of the Guide to Using International Standards on Auditing in the Audits of Small- and
Medium-sized Entities, Third Edition, Volume 2 – Practical Guidance, 2011 (Guide 2011) states that
the final step in the audit process is to evaluate the audit evidence obtained, consider the impact of
misstatements identified, form an audit opinion, and prepare an appropriately worded audit report.
3. In a similar way, Chapter 9, Audit Reporting of the Financial Audit ISSAI Implementation Handbook
(Handbook 2018) states that the audit report is the final product of the entire audit process, which is
prepared based on sufficient appropriate audit evidence gathered by auditors through performing
audit procedures. In this regard, according to ISSAI 1700, the objectives of the auditor are to form
an opinion on the financial statements, based on an evaluation of the conclusions drawn from the
audit evidence obtained; and to express clearly that opinion through a written report that also
describes the basis for that opinion.
A. Forming an Audit Opinion
4. ISSAI 1700 (Revised), paragraphs 10 to 13 provide that the auditor shall form an opinion on whether
the financial statements are prepared, in all material respects, in accordance with the applicable
financial reporting framework. In order to form that opinion, the auditor shall conclude as to:
a) whether sufficient appropriate audit evidence has been obtained;

b) whether uncorrected misstatements are material, individually or in aggregate; and
c) whether the financial statements are prepared in accordance with the requirements of the
applicable and appropriate financial reporting framework (FRF).
5. The applicable and appropriate FRF for National Agencies (COA Resolution No. 2014-003 dated
January 24, 2014), Local Government Units (COA Resolution No. 2014-003), and Non-Government
Business Enterprises under the Corporate Government Sector (CGS) (COA Circular No. 2015-003
dated April 16, 2015) is the Philippine Public Sector Accounting Standards, while that for
Government Business Enterprises, CGS is the Philippine Financial Reporting Standards (COA Circular
No. 2015-003 dated April 16, 2015).
A.1. Evaluating Audit Evidence Obtained
6. The relevant ISSAIs that serve as guide in evaluating the sufficiency and appropriateness of audit
evidence obtained in order to draw reasonable conclusions on which to base the audit opinion are:
a) ISSAI 1220 – Quality Control for an Audit of Financial Statements;

b) ISSAI 1330 – The Auditor’s Responses to Assessed Risks;
c) ISSAI 1450 – Evaluation of Misstatements Identified during the Audit;
d) ISSAI 1520 – Analytical Procedures; and
e) ISSAI 1540 – Auditing Accounting estimates, Including Fair Value Accounting Estimates, and
Related Disclosures. (Item 21, Guide 2011)
7. The objectives of evaluating audit evidence are “to decide, after considering all relevant data
obtained whether:
114
a) the assessment of the risks of material misstatement at the assertion level are appropriate; and
b) sufficient evidence have been obtained to reduce the risks of material misstatement (RMM) in
the financial statements to an acceptably low level.” (Guide 2011)
8. Further, to address such objectives, the important questions to ask and consider under evaluating
audit evidence are:
a) Has sufficient appropriate audit evidence been obtained?

b) Are the accounting estimates made by management reasonable?
c) Did the analytical procedures performed at or near the end of the audit corroborate conclusions
formed during the audit? (Paragraph 17.3 Forming the Opinion, Guide 2011)
9. The following exhibit shows in graphic form the decision that the auditor has to make in preparing
the auditor’s report.
Exhibit 5. Decision Tree in Preparing the Auditor's Report
Back to risk
assessment
ACTIVITY PURPOSE DOCUMENTATION
Evaluate the Determine what  New/revised risk factors

audit evidence additional work (if and audit procedures
obtained any) is required  Changes in materiality
 Communications on
audit findings
 Conclusions on audit
Is procedures performed
REPORTING
yes additional
work
required?
no
Form an audit  Significant decisions

Prepare the
opinion based on  Signed audit opinion
auditor’s report
audit findings
115
10. It is essential that the auditor has to determine that sufficient appropriate audit evidence has been
obtained, and no additional work is required. Otherwise, the auditor should undertake additional
risk assessment to address such matters as:
a) those that affect the original audit plan;

b) those that have material impact on the auditor’s report;
c) those changes that affect the overall materiality threshold arrived at in the planning phase; and
d) those which necessitates application of additional audit procedures.
11. Audit evidence represents information used by the auditor in arriving at the conclusions as basis for
the auditor’s opinion. Audit evidence includes both information contained in the accounting records
underlying the financial statements and information obtained from other sources (ISSAI 1500-Audit
Evidence, par 5(c)). Examples of the latter are confirmation replies from the Agency’s/
Unit’s/Corporation’s depository banks, debtors, or creditors. Information from third parties is
considered to be more reliable as they have the impartiality that documents obtained from
management lacks.
12. Sufficiency is the measure of quantity of audit evidence. The quantity of audit evidence needed is
affected by the auditor’s assessment of the risks of misstatement (the higher the assessed risks, the
more audit evidence is likely to be required) and also by the quality of such audit evidence (the
higher quality, the less may be required). Obtaining more audit evidence, however, may not
compensate for its poor quality. (ISSAI 1500, par A4.)
13. Audit evidence does not have to be copious. As long as the audit is well documented, and the
procedures manifested in such documents attained the audit objectives, the auditor may conclude
that sufficient evidence is obtained which can support the conclusions made. For example, a
working paper (top schedule and sub-schedules) showing how the cash balance is arrived at in the
statement of financial position, with corresponding tick marks to show the audit procedures
undertaken – vouching (accuracy and/or occurrence), verification of bank reconciliation statements
(completeness and/or accuracy), confirmation (existence, disclosure and/or valuation), cash
examination (existence and/or accuracy), workback of cash flow statement (accuracy) – to address
the risks identified supported with duly validated bank reconciliation statements, cash examination
reports and bank confirmation replies is sufficient enough audit evidence.
14. Appropriateness is the measure of the quality of audit evidence; that is its relevance and its
reliability in providing support for the conclusions on which the auditor’s opinion is based. The
reliability of evidence is influenced by its source and by its nature, and is dependent on the
individual circumstances under which it is obtained. (ISSAI 1500, par A5.)
15. The auditor must make sure that sources of audit evidence are reliable, those that can be trusted in
terms of authenticity and truthfulness. For example, contracts properly signed by contracting parties
duly witnessed and notarized by a notary public; bank statements obtained directly by management
from depository banks; official receipts with complete information.
16. The evaluation of audit evidence obtained would address the following matters (Section 21.1, Guide
2011):
116
a) Materiality
i. If the amounts established for overall and performance materiality are still appropriate in
the context of the entity’s actual financial results
ii. If a lower overall materiality (for the financial statements as a whole) than that initially
determined is appropriate, the auditor is required to determine:
 whether it is necessary to revise performance materiality; and
 whether the nature, timing and extent of the further audit procedures remain
appropriate.
b) Risk
In light of the audit observations, assessments of risks of material misstatement at the assertion
level are still appropriate. If not, the risk assessments would be revised, and further planned
audit procedures would be modified.
c) Misstatements
The effect on the audit of identified misstatements and uncorrected misstatements, and the
reason for misstatements/deviations has been considered. These may indicate an unidentified
risk or a significant deficiency in internal control.
Revision of the overall audit strategy and the audit engagement plan applies when:
i. the nature of identified misstatements and the circumstances of their occurrence indicate
that other misstatements may exist that, when aggregated with misstatements accumulated
during the audit, could be material; or
ii. the aggregate of misstatements accumulated during the audit approaches materiality.
Additional audit procedures have been performed to determine whether misstatements remain
(in classes of transactions, account balance, or disclosures) where management was asked to
correct misstatements.
A.2. Considering Materiality of Uncorrected Misstatements
17. Pertinent paragraphs of ISSAI 1450-Evaluation of Misstatements Identified During the Audit that
guides the evaluation of the effect of misstatements are:
a) Paragraph 3. The objective of the auditor is to evaluate:
i. The effect of identified misstatements on the audit; and

ii. The effect of uncorrected misstatements, if any, on the financial statements.
b) Paragraph 5. The auditor shall accumulate misstatements identified during the audit, other than
those that are clearly trivial.
c) Paragraph 6. The auditor shall determine whether the overall audit strategy and audit plan need
to be revised if:
117
i. The nature of identified misstatements and the circumstances of their occurrence indicate
that other misstatements may exist that, when aggregated with misstatement accumulated
during the audit, could be material;
ii. The aggregate of misstatements accumulated during the audit approaches materiality
determined in accordance with ISSAI 1320-Materiality in Planning and Performing an Audit.
d) Paragraph 10. Prior to evaluating the effect of uncorrected misstatements, the auditor shall
reassess materiality determined in accordance with ISSAI 1320 to confirm whether it remains
appropriate in the context of the entity’s actual financial results.
e) Paragraph A.21. Circumstances that may affect the evaluation include the extent to which the
misstatement:
i. Affects compliance with regulatory requirements;

ii. Affects compliance with debt covenants or other contractual requirements;
iii. Relates to the incorrect selection or application of an accounting policy that has an
immaterial effect on the current period’s financial statements but is likely to have a material
effect on future periods’ financial statements;
iv. Masks a change in earnings or other trends, especially in the context of general economic
and industry conditions;
v. Affects ratios used to evaluate the entity’s financial position, results of operations or cash
flows;
vi. Affects segment information presented in the financial statements (for example, the
significance of the matter to a segment or other portion of the entity’s business that has
been identified as playing a significant role in the entity’s operations or profitability);
vii. Has the effect of increasing management compensation, for example, by ensuring that the
requirements for the award of bonuses or other incentives are satisfied;
viii. Is significant having regard to the auditor’s understanding of known previous
communications to users, for example, in relation to forecast earnings;
ix. Relates to items involving particular parties (for example, whether external parties to the
transaction are related to members of the entity’s management);
x. Is an omission of information not specifically required by the applicable financial reporting
framework but which, in the judgment of the auditor, is important to the users’
understanding of the financial position, financial performance or cash flows of the entity; or
xi. Affects other information to be included in the entity’s annual report (for example,
information to be included in a “Management Discussion and Analysis” or an “Operating and
Financial Review”) that may reasonably be expected to influence the economic decisions of
the users of the financial statements. ISSAI1720 (Revised) 14 deals with the auditor’s
responsibilities relating to other information.
18. Before the auditor evaluates the results of performing procedures and any misstatements arising
therefrom, the first step is to reassess the amounts established for overall and performance
materiality. This is necessary because the initial determination of materiality will often be based on
estimates of the entity’s financial results, and the actual results may be different. Factors that would
lead to a change include:
118
a) Initial determination of materiality is no longer appropriate in the context of the entity’s actual
financial results;
b) New information becomes available (such as user expectations) that would have caused the
auditor to determine a different amount (or amounts) initially; and
c) Unexpected misstatements that may cause the materiality amount for that particular class of
transactions, account balance, or disclosure to be exceeded. (Item 21.2, par 1, Guide 2011)
19. Whenever revisions to materiality is necessary, the auditor is required to consider and document
the impact on the nature, timing and extent of further audit procedures required. (Item 21.2, par 2,
Guide 2011)
20. During the execution stage, Management may be unwilling to correct or adjust its accounting
records on misstatements determined by the Auditor that affect the fair presentation of its financial
statements for some reason or another. The Auditor summarizes these uncorrected misstatements
(Illustration 11), and evaluates whether such uncorrected misstatements are material, individually
or in aggregate and whether these will affect the opinion to be rendered.
Illustration 11. Summary of Uncorrected Misstatements

In Thousand Pesos
Asset Liability Current
WP Prior Period Auditor’s
No. Accounts and Description Period Total
ref Non- Non- Revenue/ Evaluation
Current Current Revenue/
Current Current Expense
Expense
1 Other Expenses 60 60
Cash in bank (60) Not
To record bank material*
charges
2 Operating expenses 23,000 23,000
Accrued expenses 23,000 Material*
To accrue expenses
3 PPE 50,000 50,000
Accumulated Surplus (50,000)
/ Prior Period
Adjustments
Material*
To capitalize major
repairs of buildings
which were previously
charged to expenses
Total 50,060 23,000 23,060 50,000 73,060 Material
to modify
auditor’s
opinion *
* Based on the overall materiality of P13.5 million
A.3. Evaluating Financial Statements Prepared Using the Applicable Financial Reporting
Framework
21. Before determining what appropriate opinion to render, the Auditor must also evaluate if:
a) Financial statements are prepared in accordance with the applicable financial reporting
framework, either PPSAS or PFRS. These accounting standards serve as guide in the preparation
of the financial statements:
119
i. the appropriate presentation and classification of individual and group of accounts – for
example, current and non-current distinction of accounts; real accounts are correctly
presented in the statement of financial position, nominal accounts in the statement of
financial performance;
ii. a complete set of financial statements that comprises: a statement of financial position, a
statement of financial performance/statement of comprehensive income, a statement of
changes in net assets/equity, a cash flow statement, a separate statement of comparison of
budget and actual amounts or a budget column in the financial statement (for PPSAS users
only), and notes, comprising a summary of significant accounting and other explanatory
notes (PPSAS 1-Presentation of Financial Statements, par. 21/PAS 1-Presentation of FS, par.
1.10);
iii. minimum required disclosure in the financial statements and/or in the notes to financial
statements – the standards require disclosures presented in the financial statements and/or
in the notes to financial statements information for each classification or sub-classification
of accounts. For example, minimum disclosure required for property, plant and equipment
includes the initial and subsequent measurements-either cost or revaluation models;
recognition criteria-probable future economic benefit and reliable measurement of either
cost or fair value; treatment of transfers; acquisitions and disposals.
b) Accounting policies are appropriate and are consistent with PPSAS/PFRS – for example, the
adopted accounting policy on measurement of inventory is the lower of cost and net realizable
value which is aligned with paragraph 15 of PPSAS 12/PAS 2-Inventories.
c) There are adequate disclosure of significant accounting policies – minimum disclosure of a

summary of significant accounting policies includes:
i. the measurement basis/bases used in preparing the financial statements;

ii. the extent to which the entity has applied any transitional provisions in any PPSAS (PFRS);
and
iii. other accounting policies used that are relevant to an understanding of the financial
statements (PPSAS 1, par 132).
d) There is reasonable use of accounting estimates – the assumptions underlying the accounting
estimates must be reasonable, or practical and rational. For example, the estimated useful life of
a motor vehicle of five to 15 years depending on the utility of the vehicle is considered
reasonable in computing for depreciation charges on such an asset.
e) There is relevant, reliable, comparable and understandable presentation of information – the

user must be able to compare the information in the financial statements with other
agencies/units/corporations within the industry or business it operates; the information in the
financial statements must be easily comprehensible to the user to avoid misconceptions and
misunderstanding; such information must also be dependable, pertinent and appropriate.
f) There is adequate disclosure of information conveyed in the financial statements – sufficient

disclosure for every account considered as significant is required to avoid misinterpretation and
to help the user arrive at an informed judgment/decision.
120
g) There is appropriate use of terminologies – terms and words in the financial statements and the
notes must be correct and proper to be more understandable to all kinds of users.
22. For National Government Agencies, a disclosure checklist is provided in the GAM. Further, the
auditors shall use as guide in the evaluation of Management’s disclosure in the Notes to Financial
Statements, the disclosure requirements of each of the PPSAS/PFRS.
23. This stage in the audit is summarized in the following figure (Section 20, Guide 2011):
Exhibit 6. Summary of Reporting Phase activities
Evaluate evidence obtained
Complete all Consider Resolve any Communicate

REPORTING
required file misstatements issues with audit findings

reviews identified management with TCWG*
Prepare the auditor’s report
Complete Document Issue the

audit significant Form an auditor’s
documentation decisions opinion opinion
*TCWG = those charged with governance
B. Forms of Independent Auditor’s Report
24. There are two forms of auditor’s report, unmodified and modified auditor’s report.
B.1. Unmodified Auditor’s Report
25. An unmodified auditor’s report is rendered when the auditor concludes that the financial
statements are free from material misstatements and are prepared in accordance with the
applicable and appropriate financial reporting framework (PPSAS or PFRS).
26. The contents of the opinion paragraph in an unmodified report are:
OPINION
We have audited the financial statements of (Agency/Unit/Corporation) which comprise the

statement of financial position as at December 31, 20X1 and 20X0, statement of financial
performance/profit or loss/comprehensive income, statement of cash flows, statement of
comparison of budget and actual amounts (for PPSAS users) for the years then ended, and notes to
the financial statements, including a summary of significant accounting policies.
121
In our opinion, the accompanying financial statements of (Agency/Unit/Corporation) are prepared in
all material respects, in accordance with Philippine Public Sector Accounting Standards or Philippine
Financial Reporting Standards.
B.2. Modified Auditor’s Report
27. A modified auditor’s report is rendered if the auditor: (a.1) concludes that the financial statements
are not free from material misstatements; or (a.2) is unable to obtain sufficient appropriate audit
evidence to conclude that the financial statements as a whole are free from material misstatement.
The auditor’s opinion in a modified auditor’s report is considered modified if he/she issued qualified
or adverse opinion or disclaim an opinion.
a) Qualified Opinion - The auditor shall express a qualified opinion when:
i. The auditor, having obtained sufficient appropriate audit evidence, concludes that
misstatements, individually or in the aggregate, are material, but not pervasive, to the
financial statements; or
ii. The auditor is unable to obtain sufficient appropriate audit evidence on which to base the
opinion, but the auditor concludes that the possible effects on the financial statements of
undetected misstatements, if any, could be material but not pervasive.
b) Adverse Opinion - The auditor shall express an adverse opinion when the auditor, having
obtained sufficient appropriate audit evidence, concludes that misstatements, individually or in
the aggregate, are both material and pervasive to the financial statements. Misstatements are
considered pervasive if in the auditor’s judgment: (a) they are not confined to specific elements,
accounts or items of the financial statements; (b) if so confined, they represent or could
represent a substantial proportion of the financial statements; or (c) in relation to disclosures,
they are fundamental to users’ understanding of the financial statements.
c) Disclaimer of Opinion - The auditor shall disclaim an opinion when the auditor is unable to obtain
sufficient appropriate audit evidence on which to base the opinion, and the auditor concludes
that the possible effects on the financial statements of undetected misstatements, if any, could
be both material and pervasive. A disclaimer is also rendered when, in extremely rare
circumstances involving multiple uncertainties, the auditor concludes that, notwithstanding
having obtained sufficient appropriate audit evidence regarding each of the individual
uncertainties; it is not possible to form an opinion on the financial statements due to the
potential interaction of the uncertainties and their possible cumulative effect on the financial
statements.
B.2.1. Matters AFFECTING the Auditor’s Unmodified Opinion
28. The auditor may disagree with Management about certain matters such as the acceptability of
accounting policies selected, the method of their application, or the adequacy of disclosures in the
financial statements resulting in the misstatement of the financial statements. If such disagreements
are significant to the financial statements, the auditor shall express a qualified or an adverse
opinion.
122
29. Examples of material misstatements due to disagreements with Management are:
a) Acceptability of accounting policies – for example, policy of using the cost model to recognize
property, plant and equipment, lower of cost and net realizable value to recognize inventory,
amortized cost for loans and receivables are acceptable. Deviation from such policy may result
in material misstatement;
b) Method of application – accounting policies must be used consistently from period to period to
attain comparability of financial statements. For example, if Management adopts in the current
year the cost model of recognizing property, plant and equipment, and presenting in the
financial statements, it shall apply the same model for the asset for the next year. Inconsistent
application of the policy may lead to a material misstatement;
c) Adequacy of disclosures – for example, Management discloses the initial and subsequent
measurements of transportation equipment, the year’s acquisitions and disposals, depreciation
charges, accumulated depreciation and allowance for impairment and other important matters
relating to the asset. Anything less would be inadequate, thus, may result in material
misstatement.
30. When the auditor is unable to perform necessary audit procedures or the auditor is unable to gather
sufficient appropriate evidence, limitations on the scope of the audit arise. Such limitations may be
imposed by the entity or imposed by circumstances. The inability to obtain sufficient appropriate
audit evidence will result to either a qualified or a disclaimer of an opinion.
31. Examples of limitations in scope imposed by circumstances are acts of God or fortuitous events that
affect the assets of the agency/unit/corporation – destroyed structures, such as buildings, roads and
bridges; damaged significant documents due to massive flooding; equipment gutted by fire. On the
other hand, scope limitation imposed by the entity takes the form of Management not providing
access to accounting records, not allowing or limiting the conduct of interview with key personnel,
sanctioning the undertaking of inspection of projects or deliveries.
32. Limitations to the scope of the audit should never arise from impositions by the auditor, as this
constitutes deviation from audit engagement protocol and demonstrates unprofessionalism.
33. Whenever the auditor expresses a modified opinion, a clear description of all the substantive
reasons should be included in the report and, unless impracticable, a quantification of the possible
effect(s) on the financial statements.
B.2.2. Matters NOT AFFECTING the unmodified opinion
34. There are matters that do not affect the auditor’s unmodified opinion. These are uncertainties,
going concern uncertainties, justifiable PPSAS/PFRS departure, and inconsistencies that are
adequately disclosed in the notes to the financial statements. These result in an unmodified opinion
with an addition of emphasis of matter paragraph. Lack of disclosure of such matters significant to
the financial statements would result in either a qualified or adverse opinion, not just the addition of
emphasis of matter paragraph.
123
35. An uncertainty is a matter whose outcome depends on future actions or events not under the direct
control of the entity but that may affect the financial statements. When there are significant
uncertainties that are adequately accounted for and disclosed in the notes to the financial
statements, the auditor should consider modifying the report by adding an explanatory paragraph
to the unmodified report to emphasize the material uncertainty.
36. The auditor should evaluate information gathered during the audit to determine whether there is
substantial doubt about the entity’s ability to continue as a going concern. If there is a significant
doubt about such an ability to continue as a going concern for a reasonable period of time, the
auditor should consider whether the going concern problems are adequately disclosed in the notes
to financial statements.
37. In extreme cases, such as situations involving multiple uncertainties that are significant to the
financial statements, the auditor may consider it appropriate to issue a disclaimer of opinion instead
of adding an emphasis of a matter paragraph.
38. Changes affecting accounting principles and estimates may result in inconsistency of financial
statement presentations. For example, in prior year, the agency/unit/corporation adopted the
straight line method of depreciating its assets. In the current year, because of some valid reasons, it
has changed its policy to declining balance method. When this arises, Management cannot present
depreciation using two different methods for prior and current years, as this is tantamount to
inconsistent financial statements. Management may either restate the prior year financial statement
to use the declining balance method for that year and for the current year to achieve consistency.
39. Management may judge it necessary to depart from financial reporting standards in order to come
up with a fair presentation of financial statements. If the reasons are adequately disclosed and the
auditor believes that such a departure is justified the auditor should express an unmodified opinion
and disclose the departure in a separate paragraph of the report.
40. Shown in Table 9 is the summary of modifications of the Independent Auditor’s Report:
Table 9. Summary of Modifications of the Independent Auditor’s Report

Matters that: Effect on the Financial Statements
A. Affect the Unmodified Opinion Material but not pervasive Material and Pervasive
1. Disagreement with Management
Qualified Adverse
(FS are materially misstated)
2. Scope Limitation Qualified Disclaimer
B. Do NOT affect the Unmodified Opinion
1. Uncertainties
2. Going Concern Uncertainties Unmodified opinion with
Emphasis of a Matter
3. Inconsistencies Paragraph
4. Justifiable departure from PPSAS/PFRS
124
B.3. Auditor’s Report on Consolidated Financial Statements
41. For consolidated financial statements where auditors are required to render an auditor’s report, the
wordings on the auditor’s report are the same except in the title and opinion paragraph where it is
specifically stated that the financial statements and the notes to financial statements are
consolidated.
42. Consolidated financial statements are the financial statements of a group presented as those of
single economic entity (PFRS 10-Consolidated Financial Statements). It is presented by the parent
corporation in which it consolidates its financial statements with its investments in subsidiaries in
accordance with PFRS 10.
43. Following is an example of the opinion paragraph of an unmodified auditor’s report for consolidated
financial statements:
Report on the Audit of the Consolidated Financial Statements
Qualified Opinion
We have audited the consolidated financial statements of the Agency/Unit/Corporation and its
subsidiaries (the Group), which comprise the consolidated statement of financial position as at
December 31, 20X1 and 20X0, and the consolidated statement of financial performance,
consolidated statement of changes in net assets/equity and consolidated statement of cash flows
for the years then ended, and notes to the consolidated financial statements, including a summary
of significant accounting policies.
In our opinion, except for the effects of the matter described in the Basis for Qualified Opinion
section of our report, the accompanying consolidated financial statements present fairly, in all
material respects, the consolidated financial position of the Group as at December 31, 20X1 and
20X0, and their consolidated financial performance and consolidated cash flows for the years
then ended, and notes to the consolidated financial statements, in accordance with Philippine
Public Sector Accounting Standards or Philippine Financial Reporting Standards/Philippine
Financial Reporting Standards.
B.4. Auditor’s Report on Comparative Financial Statements
44. The Auditor is required to render an auditor’s report on comparative financial statements. PPSAS 1,
par. 53 states that Management must disclose comparative information in respect of the previous
period for all amounts reported in the financial statements. Comparative information shall be
included for narrative and descriptive information when it is relevant to an understanding of the
current period’s financial statements.
45. More discussions on comparative financial statements are presented in Section III. Comparative
Information.
125
II. Specific Elements of the Independent Auditor’s Report
46. The Independent Auditor’s Report (IAR) prescribed in ISSAI 1700 (Revised) shall be adopted. The
elements are enumerated as follows:
A. Title
The auditor’s report shall have a title that clearly indicates that it is the report of an independent
auditor. (Ref: ISSAI 1700 (Revised) par. 21)
B. Addressee
The auditor’s report is normally addressed to those for whom the report is prepared, often either to
the shareholders or to those charged with governance of the entity whose financial statements are
being audited. (Ref: ISSAI 1700 (Revised) par. A21)
C. Report on the Audit of Financial Statements
The title, Report on the Audit of Financial Statements, is included to distinguish the following
sections form the other reports required to be contained in the IAR.
C.1. Opinion Section
The opinion section should also report:
a) The agency audited;

b) The financial statements audited, identify the title of each statements;
c) The notes to financial statements, including the summary of significant accounting policies;
d) The date of or period covered by each financial statement.
Opinion (unmodified)
We have audited the accompanying financial statements of the (Agency/Unit/Corporation),

which comprise the statements of financial position as at December 31, 20X1 and 20X0, and
the statements of financial performance/profit or loss/comprehensive income, statements of
changes in net assets/equity, statements of comparison of budget and actual amounts and
statements of cash flows for the year then ended, and notes to the financial statements,
including a summary of significant accounting policies and other explanatory information.
In our opinion, the accompanying financial statements present fairly, in all material respects,
the financial position of (Agency/Unit/Corporation) as at December 31, 20X1 and 20X0, and its
financial performance, cash flows, changes in net assets/equity, and comparison of budget
and actual amounts for the year then ended in accordance with Philippine Public Sector
Accounting Standards/Philippine Financial Reporting Standards.
126
C.2. Basis for Opinion
The auditor’s report shall include a section, directly following the opinion section the “Basis for
Opinion”.
This section shall:
a) States that the audit was conducted in accordance with ISSAI;

b) Refers to the section of the auditor’s report that describes the auditor’s responsibilities under
the auditing standards;
c) Includes a statement that the auditor is independent of the entity in accordance with the
relevant ethical requirements relating to the audit and has fulfilled the auditor’s other
responsibilities under those ethical requirements. The statement shall identify the jurisdiction of
origin of the relevant ethical requirements; and
d) States whether the auditor believes that the audit evidence the auditor has obtained is
sufficient and appropriate to provide a basis for the auditor’s opinion.
Basis for Opinion (unmodified)
We conducted our audits in accordance with International Standards of Supreme Audit

Institutions (ISSAI). Our responsibilities under those standards are described in the Auditor’s
Responsibilities for the Audit of the Financial Statements section of our report. We are
independent of the Company in accordance with the Revised Code of Conduct and Ethical
Standards for Commission on Audit Officials and Employees (Code of Ethics) together with the
ethical requirements that are relevant to our audit of the financial statements in the
Philippines, and we have fulfilled our other ethical responsibilities in accordance with these
requirements and the Code of Ethics. We believe that the audit evidence we have obtained is
sufficient and appropriate to provide a basis for our opinion.
In case of modified opinion, this section shall state the basis for modification as the first paragraph.
Basis for Qualified Opinion (for Qualified Opinion – same qualification for both years)
The Agency’s inventories are carried in the statement of financial position at Pxxx and Pxxx as
at December 31, 20X1 and 20X0, respectively. Management has not stated the inventories at
the lower of cost and net realizable value but has stated them solely at cost, which constitutes
a departure from PPSAS/PFRS. The Agency’s records indicate that, had management stated
the inventories at the lower of cost and net realizable value, an amount of Pxxx and Pxxx as at
December 31, 20X1 and 20X0, respectively, would have been required to write the inventories
down to their net realizable value. This resulted in the understatement as at December 31,
20X1 and 20X0, respectively, of cost of sales by Pxxx and Pxxx and overstatement of income
tax by Pxxx and Pxxx, net income by Pxxx and Pxxx, and stockholders’ equity by Pxxx and Pxxx.
We conducted our audits in accordance with International Standards of Supreme Audit

Institutions. Our responsibilities under those standards are described in the Auditor’s
Responsibilities for the Audit of the Financial Statements section of our report. We are
independent of the Agency in accordance with the Revised Code of Conduct and Ethical
Standards for Commission on Audit Officials and Employees (Code of Ethics) together with the
127
ethical requirements that are relevant to our audit of the financial statements, and we have
fulfilled our other ethical responsibilities in accordance with these requirements and the Code
of Ethics. We believe that the audit evidence we have obtained is sufficient and appropriate to
provide a basis for our qualified opinion.
C.3. Key Audit Matters
These are matters that, in the auditor’s professional judgment, are of most significant in the audit of
financial statements of the current period. These matters are addressed in the context of the audit
of the financial statements as a whole.
The purposes of reporting on KAM in the audit report are to:
a) Increase transparency about the audit that was performed. Communicating KAM provides
additional information to intended users of the financial statements to assist them in
understanding those matters that, in the auditor’s professional judgment, were of most
significance in the audit of the financial statement of the current period.
b) Focus users of the financial statements on areas in the financial statements that are subject to
significant management judgment and significant auditor attention, which may assist the users
in better understanding the entity and financial statements, and the outcome of the audit as
reflected in the auditor’s opinion.
c) Provide users a basis to further engage with management and those in charge of governance,
about certain matters related to the entity, the audited financial statements, or the audit that
was performed.
Communicating KAM in the auditor’s report is not:
a) A substitute for disclosure in the financial statements that the applicable financial reporting
framework requires Management to make, or that are otherwise necessary to achieve fair
presentation;
b) A substitute for the auditor expressing a modified opinion when required by the circumstances
of a specific audit engagement in accordance with ISSAI 1705 (Revised);
c) A substitute for reporting in accordance with ISSAI 1570 (Revised) when a material uncertainty
exists relating to event or condition that may cast significant doubt on an entity’s ability to
continue as a going concern; or
d) A separate opinion on individual matters.
When communicating KAM, auditors should consider laws and regulations that restrict the reporting
of such information by imposing confidentiality requirements. The need for confidentiality may be
based on the mandate of the SAI or legislation related to official secrets or privacy. Auditors should
identify such laws and regulations and should consider confidentiality requirements when
determining the KAM to communicate.
The Auditor is prohibited under ISSAI 1705 (Revised) from communicating KAM when the Auditor
disclaims an opinion on the financial statements, unless such reporting is required by law or
regulations.
Criteria for identifying audits for which KAM will be communicated follows:
128
a) Auditees with the highest impact on the budget;
b) Auditees with the largest impact on the consolidated financial statements (if any);
c) Auditees which will affect the market (national debt, etc).
The Auditor shall describe each KAM, using an appropriate subheading, in a separate section of the
Auditor’s Report under the heading “Key Audit Matters”. The introductory language shall state that:
a) KAMs are those matters that, in the auditor’s professional judgment, were of most significance
in the audit of the financial statement for the period; and
b) Those matters were addressed in the context of the audit of financial statements as a whole,
and in forming the auditor’s opinion thereon; the auditor does not provide a separate opinion
on those matters.
Key Audit Matters
(For unmodified opinion - 1st paragraph)
Key audit matters are those matters that, in our professional judgment, were of most
significance in our audit of the financial statements of the current period. These matters were
addressed in the context of our audit of the financial statements as a whole, and in forming
our opinion thereon, and we do not provide a separate opinion on these matters. For each
matter below, our description of how our audit addressed the matter is provided in that
context.
(For qualified opinion – 1st paragraph)
Key audit matters are those matters that, in our professional judgment, were of most
significance in our audit of the financial statements. These matters were addressed in the
context of our audit of the financial statements as a whole, and in forming our opinion
thereon, and we do not provide a separate opinion on these matters. In addition to the matter
described in the Basis for Qualified Opinion section, we have determined the matters described
below to be the key matters to be communicated in our report.
We have fulfilled the responsibilities described in the Auditor’s Responsibilities for the Audit of
the Consolidated Financial Statements section of our report, including in relation to these
matters. Accordingly, our audit included the performance of procedures designed to respond
to our assessment of the risks of material misstatement of the consolidated financial
statements. The results of our audit procedures, including the procedures performed to
address the matters below, provide the basis for our audit opinion on the accompanying
consolidated financial statements.
Specific Example: Existence and completeness of welfare goods inventory
As at December 31, 2016, the Agency/Unit/Corporation’s inventory amounted to P25,825.3

million, representing 12% and 3% of the Agency/Unit/Corporation’s total current assets and
total assets, respectively. These are disclosed in Note 23 of the consolidated financial
129
statements. The Agency/Unit/Corporation has several warehouses across the country. Since
the inventory are material to the consolidated financial statements and various warehouses
are geographically dispersed across the country, we consider this a key audit matter.
Audit response
We obtained an understanding of the Agency/Unit/Corporation’s inventory process and

performed test of controls for selected warehouses. We visited selected warehouses and
observed the physical inventory counts. We performed test counts and compared the results to
the Agency/Unit/Corporation’s inventory records to determine if the records reflect the results
of the inventory count. We reviewed the reconciliations performed by management and tested
the reconciling items. We performed testing on a sample basis the Agency/Unit/Corporation’s
rollforward or rollbackward procedures on inventory quantities from the date of physical
inventory count to the financial reporting date. We also reviewed the working papers of the
regional audit team on welfare goods inventory, specifically on the observation and testing of
physical inventory counts, testing of warehousing procedures and the reconciliation of the
physical inventory count to the general ledger and financial reports.
(No KAM to report but auditor is required to report or adverse opinion – 1st paragraph)
Except for the matter described in the Basis for Adverse Opinion section, we have determined
that there are no other matters to communicate in our report
C.4. Emphasis of Matter
These refer to matters appropriately presented or disclosed in the financial statements that, in the
auditor’s judgment, are of such importance that it is fundamental to users’ understanding of the
financial statements. (ISSAI 1706)
a) Examples are: an uncertainty relating to the future outcome of exceptional litigation or

regulatory action; early application (where permitted) of a new accounting standard, where
permitted, which has a pervasive effect on the financial statements in advance of its effective
date; a major catastrophe that has had or continues to have a significant effect on the agency’s
financial position.
b) Other circumstances, relevant to the public sector where an Emphasis of Matter paragraph is
relevant are: legislative actions on programs or the budget; contradictive laws, regulations or
directives with a significant effect on the agency; fraud, abuse or losses; significant transactions;
significant internal control deficiencies; questionable business practices; transactions entered
into without due regard for economy; prior period restatements; environmental issues; corporate
social responsibility issues; ethical issues (proper behavior by public officials) or ineffective and
uneconomical use of public assets.
c) The inclusion of an Emphasis of Matter paragraph does not affect the auditor’s opinion.
Emphasis of Matter
(For unmodified opinion)
130
We draw attention to Note X of the financial statements, which describes the effects of a fire
in the agency’s facilities. Our opinion is not modified in respect of this matter.
(For disclaimer of opinion)
We draw attention to Note X to the financial statements which describes the uncertainties
related to pending cases in several courts involving various claims against the Agency.
Because of the significance of the matters described in the Basis for Adverse Opinion
paragraph, it is appropriate to, and we do not, express an opinion on the information referred
to above.
(For adverse opinion)
(if opinion is adverse)
We draw attention to Note 30 to the Financial Statements which describes the contingent
liabilities for lawsuits or claims filed by third parties against (Agency/Unit/Corporation) which
are either pending in courts or under negotiation, and cases filed by (Agency/Unit/
Corporation) against the (concerned agencies) which are pending before the Supreme Court,
Court of Appeals and the Local Board of Assessments of the Local Government Unit. Our
opinion is not qualified in respect of these matters.
C.5. Other Matter
This refers to a matter other than those presented or disclosed in the financial statements that, in
the auditor’s judgment, is relevant to user’s understanding of the audit, the auditor’s responsibilities
or the auditor’s report (ISSAI 1706). Instances where this paragraph is included are:
a) the law, regulation or accepted practice require or permit elaboration on matters to explain the
auditors responsibilities in the audit;
b) where financial statements prepared for a specific purpose which is prepared in accordance
with a general purpose framework is intended for specific users such as the Asian Development
Bank. In the case of the latter, the auditor may consider inclusion of an Other Matter paragraph
stating that the auditor’s report is intended solely for the intended users, and should not be
distributed to or used by other parties.
c) In accordance with ISSAI 1720 (requirements, paragraph 10) “Material inconsistencies identified
in other information obtained prior to the date of the auditor’s report”: if the revision of other
information is necessary and Management refuses to make the revision, an Other Matter
paragraph describing the material inconsistency is included.
Other matter
In our report dated March 1, 20X1, we expressed an opinion that the 20X0 financial
statements did not fairly present the financial position, results of operations, and cash flows of
Agency/Unit/Corporation in accordance with the PPSAS or PFRS because of two departures
131
from such principles: (1) Agency/Unit/Corporation carried its property, plant, and equipment
at appraisal values, and provided for depreciation on the basis of such values, and (2)
Agency/Unit/Corporation did not provide for deferred income taxes with respect to differences
between income for financial reporting purposes and taxable income. As described in Note X,
the Agency/Unit/Corporation has changed its method of accounting for these items and
restated its 20X0 financial statements to conform with the PPSAS or PFRS. Accordingly, our
present opinion on the restated 20X0 financial statements, as presented herein, is different
from that expressed in our previous report.
C.6. Other Information Commented [C3]: To include par. 14 to 15, ISSAI 1720
ISSAI 1720 (Revised), The Auditor’s Responsibilities Relating to Other Information, requires reporting
on other information, financial or non-financial information included in an entity’s annual report.
A separate section in the auditor’s report is used to identify the other information, describe the
auditor’s responsibilities in relation thereto, and, if applicable, report on any material misstatement
of the other information.
Some examples of other information to be disclosed are listed below:
a) Liquidity and capital resource information, such as cash, cash equivalents and marketable
securities; dividends; debt and capital lease
b) Amounts involved in guarantees, contractual obligations, legal claims and other contingencies
c) Financial measures or ratios, such as gross margins, current ratio, debt ratio
d) Explanations of critical accounting estimates and related assumptions
e) Identification of related parties
f) Descriptions of guarantees, indemnifications, contractual obligations, litigation and other
contingencies
g) Management’s qualitative assessments of the impacts of new financial reporting standards that
have come into effect during the period or in the following period, on the entity’s financial
results, financial position and cash flows
Other Information
Management is responsible for the other information. The other information obtained at the
date of this auditor’s report is included in the Annual Report of the Agency/Unit/ Corporation,
but does not include the financial statements and our auditor’s report thereon.
Our opinion on the financial statements does not cover the other information and we do not
express any form of assurance conclusion thereon.
In connection with our audit of the financial statements, our responsibility is to read the other
information and, in doing so, consider whether the other information is materially inconsistent
with the financial statements or our knowledge obtained in the audit, or otherwise appears to
be materially misstated.
If, based on the work we have performed on the other information obtained prior to the date
132
of this auditor’s report, we conclude that there is a material misstatement of this other
information, we are required to report that fact. We have nothing to report in this regard.
In connection with our audits of the consolidated financial statements, our responsibility is to
read the other information identified above when it becomes available and, in doing so,
consider whether the other information is materially inconsistent with the consolidated
financial statements or our knowledge obtained in the audits, or otherwise appears to be
materially misstated.
C.7. Responsibilities of Management and Those Charged with Governance for the Financial
Statements
The auditor’s report shall include a section with a heading using the appropriate term to describe
those responsible for the preparation of the financial statements. This heading need not refer
specifically to “Management,” but may also refer to “Those Charged with Governance” or such term
that is appropriate in the context of the legal framework in the particular jurisdiction.
This section shall describe management’s responsibility for:
a) Preparing the financial statements in accordance with the applicable financial reporting
framework, and for such internal control as management determines is necessary to enable the
preparation of financial statements that are free from material misstatements whether due to
fraud or error; and
b) Assessing the entity’s ability to continue as a going concern and whether the use of the going
concern basis of accounting is appropriate as well as disclosing, if applicable, matters relating to
going concern. The explanation of management’s responsibility for this assessment shall include
a description of when the use of the going concern basis of accounting is appropriate.
Those responsible for the oversight of the financial reporting process, if different from those
responsible for preparing the financial statements shall also be identified in this section.
Responsibilities of Management and Those Charged with Governance for the Financial
Statements
Management is responsible for the preparation of the financial statements in accordance with the
Philippine Public Sector Accounting Standards or Philippine Financial Reporting Standards and for
such internal control as management determined is necessary to enable the preparation of
financial statements that are free from material misstatement, whether due to fraud or error.
In preparing the financial statements, management’s responsibility for assessing the agency’s
ability to continue as a going concern, disclosing as applicable, matters related to going concern
and using the going concern basis of accounting unless management either intend to liquidate the
agency or to cease operations, or has no alternative but to do so.
Those charged with governance are responsible for overseeing the agency’s financial reporting
process.
133
C.8. Auditor’s Responsibilities for the Audit of the Financial Statements
The auditor’s report shall state that:
a) The objectives of the audit are to: (i) Obtain reasonable assurance about whether the financial
statements as a whole are free from material misstatement, whether due to fraud or error; and
(ii) Issue an independent auditor’s report that includes an opinion.
b) Reasonable assurance is a high level of assurance, but is not a guarantee that an audit
conducted in accordance with ISSAIs will always detect a material misstatement when it exists;
c) Misstatements can arise from fraud or error and are considered material if, individually or in the
aggregate, they could reasonably be expected to influence the economic decisions of users
taken on the basis of these financial statements;
d) The auditor exercises professional judgment and maintains professional skepticism throughout
the audit;
e) The Auditor’s responsibilities are:
i. To identify and assess the risks of material misstatements of the financial statements,
whether due to fraud or error; to design and perform audit procedures responsive to those
risks; and to obtain audit evidence that is sufficient and appropriate to provide a basis for
his opinion. The risk of material misstatement resulting from fraud is higher than for one
resulting from error, as fraud may involve collusion, forgery, intentional omissions,
misrepresentations, or the override of internal control.
ii. To obtain an understanding of internal control relevant to the audit in order to design audit
procedures that are appropriate in the circumstances, but not for the purpose of expressing
an opinion on the effectiveness of the agency’s internal control.
iii. To evaluate the appropriateness of accounting policies used and the reasonableness of
accounting estimates and related disclosures made by management.
iv. To conclude on the appropriateness of management’s use of the going concern basis of
accounting and, based on the audit evidence obtained, whether a material uncertainty
exists related to events or conditions that may cast significant doubt on the agency’s ability
to continue as a going concern. If he concludes that a material uncertainty exists, he is
required to draw attention in the auditor’s report to the related disclosures in the financial
statements or, if such disclosures are inadequate, to modify his opinion. His conclusions are
based on the audit evidence obtained up to the date of the auditor’s report. However,
future events or conditions may cause the agency to cease to continue as a going concern.
v. To evaluate the overall presentation, structure and content of the financial statements,
including the disclosures, and whether the financial statements represent the underlying
transactions and events in a manner that achieves fair presentation.
134
f) The Auditor communicates with those charged with governance regarding, among other
matters, the planned scope and timing of the audit and significant audit observations, including
any significant deficiencies in internal control that he identifies during the audit.
g) The Auditor provides those charged with governance with a statement that he has complied
with relevant ethical requirements regarding independence, and communicate with them all
relationships and other matters that may reasonably be thought to bear on his independence,
and where applicable, related safeguards.
h) From the matters communicated with those charged with governance, the auditor determines
those matters that were of most significance in the audit of the financial statements of the
current period and are therefore the key audit matters.
i) In cases of group audits where ISSAI 1600, paragraph 14 applies, the auditor’s responsibilities in
group audit are: i.1) To obtain sufficient appropriate audit evidence regarding the financial
information of the entities and business activities within the group to express an opinion on the
group financial statements; i.2) For the direction, supervision and performance of the group
audit; and (i.3) To remain solely responsible for the auditor’s opinion.
Auditor’s Responsibilities for the Audit of Financial Statements
(For unmodified, qualified, and adverse opinion)
Our objectives are to obtain reasonable assurance about whether the financial statements as
a whole are free from material misstatement, whether due to fraud or error, and to issue an
auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance,
but is not a guarantee that an audit conducted in accordance with ISSAI will always detect a
material misstatement when it exists. Misstatements can arise from fraud or error and are
considered material if, individually or in the aggregate, they could reasonably be expected to
influence the economic decisions of users taken on the basis of these financial statements.
As part of an audit in accordance with ISSAIs, we exercise professional judgment and maintain
professional skepticism throughout the audit. We also:
 Identify and assess the risks of material misstatement of the financial statements,
whether due to fraud or error, design and perform audit procedures responsive to those
risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for
our opinion. The risk of not detecting a material misstatement resulting from fraud is
higher than for one resulting from error, as fraud may involve collusion, forgery,
intentional omissions, misrepresentations, or the override of internal control.
 Obtain an understanding of internal control relevant to the audit in order to design audit
procedures that are appropriate in the circumstances, but not for the purpose of
expressing an opinion on the effectiveness of the Agency/Unit/Corporation’s internal
control.
 Evaluate the appropriateness of accounting policies used and the reasonableness of

accounting estimates and related disclosures made by management.
135
 Conclude on the appropriateness of management’s use of the going concern basis of
accounting and, based on the audit evidence obtained, whether a material uncertainty
exists related to events or conditions that may cast significant doubt on the
Agency/Unit/Corporation’s ability to continue as a going concern. If we conclude that a
material uncertainty exists, we are required to draw attention in our auditor’s report to
the related disclosures in the financial statements or, if such disclosures are inadequate,
to modify our opinion. Our conclusions are based on the audit evidence obtained up to
the date of our auditor’s report. However, future events or conditions may cause the
Agency/Unit/Corporation to cease to continue as a going concern.
 Evaluate the overall presentation, structure and content of the financial statements,
including the disclosures, and whether the financial statements represent the underlying
transactions and events in a manner that achieves fair presentation.
We communicate with those charged with governance regarding, among other matters, the
planned scope and timing of the audit and significant audit observations, including any
significant deficiencies in internal control that we identify during our audit.
We also provide those charged with governance with a statement that we have complied with
relevant ethical requirements regarding independence, and to communicate with them all
relationships and other matters that may reasonably be thought to bear on our independence,
and where applicable, related safeguards.
From the matters communicated with those charged with governance, we determine those
matters that were of most significance in the audit of the financial statements of the current
period and are therefore the key audit matters. We describe these matters in our auditor’s
report unless law or regulation precludes public disclosure about the matter or when, in
extremely rare circumstances, we determine that a matter should not be communicated in our
report because the adverse consequences of doing so would reasonably be expected to
outweigh the public interest benefits of such communication.
(Disclaimer of Opinion)
Our responsibility is to conduct an audit of the Agency/Unit/Corporation’s financial statements

in accordance with ISSAI and to issue an auditor’s report. However, because of the matter
described in the Basis for Disclaimer of Opinion section of our report, we were not able to
obtain sufficient appropriate audit evidence to provide a basis for an audit opinion on these
consolidated financial statements.
We are independent of the Agency/Unit/Corporation in accordance with the ethical

requirements that are relevant to our audit of the financial statements in Code of Ethics, and
we have fulfilled our other ethical responsibilities in accordance with these requirements.
D. Report on Other Legal and Regulatory Requirements
136
This refers to other reporting responsibilities not addressed under the reporting responsibilities
required by the ISSAIs as part of the report. (ISSAI 1720)
The Auditor is required to report on other regulatory requirements, such as the entity’s inclusion in
the Notes to Financial Statements information on taxes, duties and license fees paid or accrued
during the taxable year. It may also include applicable requirements from other regulatory bodies.
Report on Other Legal and Regulatory Requirements

Our audit was conducted for the purpose of forming an opinion on the basic financial statements
taken as a whole. The supplementary information for the year ended December 31, 20xx required
by the Bureau of Internal Revenue as disclosed in Note XX to the financial statements is presented
for purposes of additional analysis and is not a required part of the basic financial statements
prepared in accordance with PPSASs or PFRSs. Such supplementary information is the
responsibility of the management. The supplementary information has been subjected to the
auditing procedures applied in our audit of the basic financial statements and, in our opinion, is
fairly stated, in all material respects, in relation to the basic financial statements taken as whole.
E. Name of the Engagement Partner
In COA, this represents the Director of the Cluster or Region.
F. Signature of the Auditor
The IAR shall be signed by the Supervising Auditor or duly authorized signatory.
G. Auditor’s Address
This represents the official address of the Auditor. It is usually a part of the letterhead, hence no
need to include this after the signature of the Auditor.
H. Date of the Independent Auditor’s Report
It shall be dated not earlier than the date when the auditor has obtained sufficient appropriate audit
evidence, usually after fieldwork or after the exit conference if there are still procedures to be
undertaken as a result of what has been discussed, as basis of the auditor’s opinion on the financial
statements.
III. Comparative Information
47. ISSAI 1710 – Comparative Information – Corresponding Figures and Comparative Financial
Statements deals with the auditor's responsibilities relating to comparative information in an audit
of financial statements. The nature of the comparative information that is presented in an entity's
financial statements depends on the requirements of the applicable financial reporting framework.
Comparative information refers to the amounts and disclosures included in the financial statements
in respect of one or more prior periods in accordance with the applicable financial reporting
framework.
137
A. Corresponding Figures and Comparative Financial Statements
48. There are two different broad approaches to the auditor's reporting responsibilities in respect of
such comparative information: corresponding figures and comparative financial statements. Under
the corresponding figures approach, the amounts and other disclosures for the prior period included
as an integral part of the current period financial statements, are intended to be read only in
relation to the amounts and other disclosures relating to the current period (referred to as “current
period figures”). The level of detail presented in the corresponding amounts and disclosures is
dictated primarily by its relevance to the current period figures.
49. Government entities adopt the PPSAS or PFRS as their financial reporting framework. These
standards require that comparative information shall be disclosed in respect of the previous period
for all amounts reported in the financial statements. Accordingly, the auditor's opinion should refer
to each period for which financial statements are presented (ISSAI 1710, paragraph 3 (b)).
50. If the financial statements of the prior period were audited by a predecessor auditor, such as in
cases of nationalization of private entities, in addition to expressing an opinion on the current
period’s financial statements, the auditor shall state in an Other Matter paragraph:
a) that the financial statements of the prior period were audited by a predecessor auditor;
b) the type of opinion expressed by the predecessor auditor and, if the opinion was modified, the
reasons therefore; and
c) the date of that report,
unless the predecessor auditor’s report on the prior period’s financial statements is reissued with
the financial statements. (ISSAI 1710, paragraph 17)
INDEPENDENT AUDITOR’S REPORT
To: [Appropriate Addressee]
Report on the Audit of the Financial Statements
Qualified Opinion
We have audited the financial statements of Agency/Unit/Corporation, which comprise the

statements of financial position as at December 31, 20X1 and 20X0, and the statements of financial
performance/profit or loss and other comprehensive income, statements of cash flows, statements
of changes in net assets/equity, and statements of comparison of budget and actual amounts for
the years ended, and notes to the financial statements, including a summary of significant
accounting policies.
In our opinion, except for the effects/possible effects of the matter/s described in the Basis for
Qualified Opinion section of our report, the accompanying financial statements presents fairly, in all
material respects, the financial position of the Agency/Unit/Corporation as at December 31, 20X1
and 20X0 and its financial performance, cash flows, changes in net assets/equity and comparison of
budget and actual amounts for the years ended, and notes to financial statements, including a
summary of significant accounting policies in accordance with Philippine Public Sector Accounting
138
Standards or Philippine Financial Reporting Standards.
Basis for Qualified Opinion
As discussed in Note X to the financial statements, no depreciation has been provided in the
financial statements, which constitutes a departure from PPSASs or PFRSs. Based on the straight-
line method of depreciation and annual rates of 5 % for the building and 20% for the equipment,
the loss for the year should be increased by xxx in 20X1 and xxx in 20X0, property, plant, and
equipment should be reduced by accumulated depreciation of xxx in 20X1 and xxx in 20X0, and the
accumulated loss should be increased by xxx in 20X1 and xxx in 20X0.
We conducted our audits in accordance with International Standards of Supreme Audit Institutions.
Our responsibilities under those standards are further described in the Auditor’s Responsibilities for
the Audit of the Financial Statements section of our report. We are independent of the
Agency/Unit/Corporation in accordance with the ethical requirements that are relevant to our audit
of the financial statements, and we have fulfilled our other ethical responsibilities in accordance
with these requirements. We believe that the audit evidence we have obtained is sufficient and
appropriate to provide a basis for our qualified audit opinion.
IV. Special Considerations - Audits of Financial Statements Prepared in Accordance with Special
Purpose Frameworks Commented [C4]: To add ISSAI 1805.8 on acceptability of
financial reporting framework
51. This refers to audited financial statements prepared for the use of the Asian Development Bank is
focused on projects funded by the ADB and the government. When forming an opinion and
reporting on special purpose financial statements, the auditor shall apply the requirements of ISSAI
1700 (Revised). The Auditor’s Report shall describe the purpose for which the financial statements
are prepared and if necessary, the intended users or refer to a note in the special purpose financial
statements that contains that information
52. If management has a choice of financial reporting frameworks in the preparation of such financial
statements, the explanation of management’s responsibility for the financial statements shall also
make reference to its responsibility for determining that the applicable financial reporting
framework is acceptable in the circumstances.
53. The auditor’s report shall include an Emphasis on Matter paragraph (ISSAI 1720) alerting users that
financial statements are prepared in accordance with a special purpose framework and that, as a
result, the financial statements may not be suitable for another purpose. The auditor shall include
this paragraph under an appropriate heading.
V. Types of Audit Report
54. The audit report considers the management’s comments during the exit conference which should be
reduced in writing and formed part of documentation. This may be in the form of:
a) Annual Audit Report (AAR) – a report prepared at year-end on the results of audit on the
accounts and operations of an Agency/Unit/Corporation. It is composed of the IAR and
discussion on observations with corresponding recommendations. In case the audited agency
139
failed to submit the financial statements for audit, no IAR can be issued. The auditor instead will
issue Management Letter containing only the observations with corresponding
recommendations. For an Agency/Corporation with regional/branch offices and field/operating
units, the AAR shall be the consolidated report on the results of audit of the head office, and the
regional/division/district/field offices of such Agency/Corporation. This report is transmitted to
the Agency Head by the CD/RD. In the case of GOCCs, the AAR is also transmitted to the
governing board.
b) Management Letter (ML) – an audit report on the results of audit of the regional/branch offices,
field/operating units, staff bureau and line office with complete set of books of accounts. This is
addressed to the Regional/Branch/Office Head and transmitted by the SA/RSA.
c) Summary of Audit Observations and Recommendations (SAOR) – a report/matrix that

summarizes the audit observations, recommendations, management comments and auditor's
rejoinder. This is the required year-end audit report for regional/field office agency with
incomplete set of books of accounts and national high schools with complete set of books of
accounts. This report is transmitted to the Agency Head by the SA/RSA. The SAOR shall be the
basis/input for the consolidation of ML/AAR.
55. The audit observations and recommendations are reviewed by the SA/RSA and CD/RD to ensure
that the same are based on the results of audit and duly documented, and all material issues and
concerns noted during the audit are included in the report and/or cleared by the CD/RD.
56. The guidelines on the preparation of audit report including the transmittal of reports and
requirements for the agency to submit the financial statements and documents are prescribed
under pertinent COA Issuances.
140
Section 5
Quality Control Review
1. Quality control provides reasonable assurance that the audit engagement is performed in
compliance with professional standards and applicable legal and regulatory requirements, and the
audit report is appropriate in the circumstances. (The definition and discussions are covered by ISSAI
1220).
I. Quality Control versus Quality Assurance
2. While Quality Control and Quality Assurance are used interchangeably, there is a clear difference.
Quality control involves policies and procedures through which a SAI ensures that the audit is
carried out in compliance with the SAI auditing standards, rules and procedures in line with the best
international practices while quality assurance is a process through which a SAI monitors and
ensures that quality control is working effectively.
II. Responsibility for quality control system and quality control procedures
3. The SAI has an obligation to establish and maintain a system of quality control to provide reasonable
assurance that: (a) The SAI and its personnel comply with professional standards and applicable
legal and regulatory requirements; and (b) Reports issued by the Auditors are appropriate in the
circumstances. Quality controls are established in all phases of the audit.
4. Within the context of the SAI’s system of quality control, the audit teams are responsible for
implementing quality control procedures that are applicable to the audit engagement and provide
the SAI with relevant information to ensure that quality controls relating to independence are
functional. The SA/RSA is responsible for the overall quality of each audit engagement.
5. The elements of quality control follows (ISQC 1):
a) Leadership responsibilities for quality – Engagement partner shall take responsibility for the
overall quality of audit
b) Relevant ethical requirements – Fundamental principles of professional ethics are integrity,
objectivity, professional competence and due care, confidentiality, and professional behavior.
c) Acceptance and continuance of client relationships and specific engagements – Information
affecting conclusion include integrity of those charged with governance, competence of the
engagement team, compliance with relevant ethical requirements, and significant matters that
have arisen during the current or previous audit engagements
d) Human resources – The audit team must have appropriate competence and capabilities such as
experience with audit engagements of a similar nature, understanding of professional standards
and applicable legal and regulatory requirements, technical expertise, and ability to apply
professional judgment
e) Engagement performance – Direction of the engagement team involves discussion with all
members of the team, appropriate teamwork and training, and supervision
f) Monitoring – Quality control policies and procedures are relevant, adequate, and operating
effectively
141
III. Quality Control Review Process in COA
6. The responsibility for the quality of an audit and resulting Audit Report rests with the CD/RD and
SA/RSA. Following the Revised Guidelines in the Implementation of the Unified Audit Approach,
there are three levels of quality control review implemented in all the phases of the audit, These are
summarized below:
Table 10. Levels of Quality Control Review

Outputs Prepared by Reviewed and Signed by
ATM ATL
ATL SA/RSA
SA/RSA CD/ RD
7. At the first level, ATLs are responsible for the initial review of the working papers prepared/obtained
by the ATMs, namely, results of evaluation and validation of controls over identified risks,
substantive work reducing residual audit risks to acceptable levels, supporting documents for the
audit report, draft audited financial statements; and other working papers.
8. At the level of SA/RSA, review should sufficiently satisfy the requirements, that the audit
documentation contains adequate evidence of the work done and conclusions reached and provide
a reasonable basis for an opinion.
9. The SA/RSA is responsible for:
a) Determining whether the overall presentation of the financial statements, including the related
disclosures, is in accordance with the applicable financial reporting framework. (This aspect was
discussed in Section 4)
b) Ensuring that all necessary audit procedures have been completed, reviewed, and sufficiently
and appropriately documented
c) Monitoring compliance by the audit team with auditing standards, laws, regulations and ethical
requirements
d) Reviewing audit conclusions, recommendations, and professional judgments made by the audit
team
e) Ensuring that all significant changes made to the audit strategy and audit plan are justified and
appropriately documented
f) Monitoring Management compliance with the requirements included in the Engagement Letter,
and action on deficiencies requiring corrections in the final Financial Statements
IV. Quality control documents
10. Auditor’s Declaration of Independence and Compliance with Ethical Standards- At the Preliminary
Engagement Phase, the Auditors’ Declaration of Independence and Compliance with Ethical
Standards signed by all members of the team, confirmed by the SA/RSA during the Execution Phase
and concurred by the CD/RD serves as an assurance that the audit is performed by a team
composed of competent and professional auditors.
142
11. Engagement Letter- COA formally informs the Auditee of its audit requirements well ahead of time
as a matter of professional courtesy and engagement direction.
12. Engagement Planning Memorandum is not only a planning tool but also serves as supervision and
monitoring tool for the SA/RSA and the CD/RD. The progress of work by the team members, the
audit procedures performed and the timing of audit activities can be kept track through the
Memorandum. Deviations to activities approved in the Plan need to be approved by the SA/RSA
before these are effected. Otherwise, the ATL will be required to formally explain why certain
procedures were skipped, why budgeted time for each objective was exceeded, among others. This
Plan will then serve as a gauge of how well each member in the team performed.
V. Quality control review documents
13. Completion Compliance Checklist (Appendix 5-1)- This Checklist enables the SA/RSA and the CD/RD
to check that all the required key, sign-off and quality control procedures from the Preliminary
Engagement Phase to the Reporting Phase were performed. The accomplished checklist serves as
basis for the CD/RD in rating the performance of the audit team along with the Auditee performance
rating on the audit team.
14. An Auditee Feedback Sheet (Appendix 5-2) is designed to assess audit team’s performance in the
field. It should be sent directly by the CD/RD to the Auditee. This serves as a tool to ensure COA’s
commitment to quality service through quality staff. This Sheet should be addressed to the Agency
Head who is requested to respond within a given timeframe. The feedback results especially for
audit teams receiving negative feedback should be acted upon by the CD/RD.
a) It is important to seek explanation of the audit team on negative feedback to make them aware
of actions considered unprofessional and/or unethical by the Auditee.
b) The CD/RD shall ensure that a report of all feedback results and actions taken by the CD/RD is
submitted to the Assistant Commissioner for his/her information after transmittal of all the
annual audit reports.
15. Director’s Evaluation Form (Appendix 5-3)
a) The Audit Team’s performance including that of the SA/RSA will be assessed based on the
Completion Compliance Checklist and the Auditee Feedback Sheet by the CD/RD with the
assessment evaluation to the Assistant Commissioner concerned.
b) This quality control review tool allows the CD/RD and the Assistant Commissioner to have a
reasonable basis for taking appropriate action to ensure the quality of financial audit performed
by the audit teams.
16. Financial Management Performance Rating (Appendix 5-4)
a) This quality control review tool assesses the quality of an Auditee’s financial management
performance using the results of the audit performed, including internal control review.
b) When necessary, the results may be provided to the Department of Budget and Management as
one of the bases for reviewing the Auditee’s performance.
143
Exhibit 7. Quality Control Documents
Engagement Letter, Auditors’ Declaration of Independence

Q Preliminary and Compliance with Ethical Standards
U Activities
A Overall Audit Strategy
L
I Planning Engagement Planning Memorandum
T PDA, SRPIR, RRAAL, MT, AP
Y Execution
AAPSI/APMT/RTS
C Reporting
AOM/Audit Report/Minutes of Exit Conference
O
N
Completion Compliance Checklist
T Quality
R Control Auditee Feedback Sheet
O Review Director’s Evaluation Form
L
Financial Management Performance Rating
144
Appendix 5-1. Completion Compliance Checklist
Name of Agency
Completion Compliance Checklist
Year end ____________
Overview
Audit completion checklist is prepared by the Audit Team Leader and reviewed by the Supervising
Auditor/Regional Supervising Auditor (SA/RSA).
I. Key Procedures
No. Description Document
Preliminary engagement
1. Auditees informed of the audit to be undertaken, their Engagement letter signed and
responsibilities under the audit and the audit delivered
requirements
2. Auditors are independent from the auditee and Auditor’s Declaration of
committed to be objective in the conduct of audit Independence and Compliance
with Ethical Standards
Planning
1. Established the Initial overall audit strategy indicating the Overall Audit Strategy
scope, timing and direction of the audit
2. Auditors gathered/updated and analyzed financial related
information as basis for Preliminary Risk Assessment
- Evaluated results of other audits conducted, cash Working Paper on Preliminary
examination, notices of suspension, disallowances and data analysis
charges issued, personnel/property accountability
audit, investigation of current/emerging issues
- Understanding of agency’s objectives, operations and UTA/Financial Accountability
outputs in relation to funds/appropriations LogFrame
- Assessed existence and design of internal controls Updated Agency Internal Control
related to financial statements Framework/ALCC
- Assessed compliance with the Internal Control Policies, Walkthrough Analysis
Procedures and Practices (or General Accounting Plan
for national agencies)
- Conducted preliminary analytical review of financial Tie in analysis worksheet/variance
statements analysis worksheet
3. Summarized information gathered and the results of Summary Report on Preliminary
preliminary risk assessment Identification of Risks
4. Determined Materiality level by identifying and selecting Materiality Template
appropriate benchmark and financial data
5. Conducted risk assessment process Results of Risk Assessment at the
Assertion Level
145
6. Established the audit engagement plan to execute the Approved Engagement Planning
audit Memorandum with Audit Program
Execution
1. Approved changes in assessed risks of material Approved Revised Risk
misstatements, either due to fraud or errors, reflected in Assessment Template
Engagement Planning Memorandum
2. Approved changes in the Overall Audit Strategy and Audit Approved Revised Overall Audit
Plan Strategy and Audit Plan
3. Sufficient documents gathered and fieldwork procedures Working Papers and audit
completed evidence duly indexed
4. Identified, evaluated, and documented related parties WPs/AOMs/NSs/NDs/NCs
and related party transactions; litigation and claims;
segment reporting; subsequent events; and account
balances and disclosures
5. Discussed all misstatements and errors identified during Minutes of the meeting
the audit with the entity’s management
6. Summarized all uncorrected misstatements and errors Summary of Uncorrected
Misstatements
7. Summarized audit observations and observations for Summary of Audit Observations
approval by the SA/RSA and discussion with the and Recommendations
management
8. Conducted exit meeting with the entity’s management or Minutes of exit conference
those charged with governance (if appropriate)
9. Tracked Status of Prior Years’ Recommendations Recommendation Tracking Sheet
Reporting
1. Presented Financial Statements and notes/disclosures Financial Statements
complete and in accordance with the prescribed reporting
framework
2. Audit observations based on the results of audit and duly
documented
3. All material issues and concerns noted during the audit
AOM with supporting documents
included in the report or cleared
4. AOMs well written with complete elements of an
observation
5. All critical matters cleared by the Audit Team Leader with Working Paper
the SA/RSA and Cluster/Regional Director as deemed
appropriate
6. Audit Report dated after and near the date of Management Representation
Management’s written representation certificate Letter
7. Audit Report issued was appropriate given the established Review Notes
materiality level and other qualitative factors deemed AAR/ML/SAOR
significant
146
8. Audit Report was completed, reviewed and AAR/ML/SAOR
transmitted/distributed on time
Quality assurance
1. All working papers and other documents in proper order, Audit documentation/Working
complete and signed off by preparer Papers
All top schedules contain the audit conclusion of the
auditor
2. All working papers and other documents properly
reviewed and signed off by reviewer
3. All working papers properly indexed and referenced
4. Report and file, as appropriate, for consistency of process
and deliverables
5. All requirements in the templates from Preliminary
engagement to Reporting completed and documented
6. Financial management performance of agency evaluated? Duly approved financial
management performance rating
7. Team’s performance evaluated Director’s Evaluation Form
Auditee Feedback Sheet
Plan for the next audit engagement
1. Actual hours completed and relative documentation
placed on file?
2. Team debriefing held?
3. Staff performance reviewed?
Prepared by:
__(Signature over printed name)__

ATL
Date:
Reviewed by:

SA/RSA
Date:
147
II. Engagement Sign-off
SA/RSA
No. Description sign-off
and date
1. SA/RSA sign-off
Based on my consideration of the matters set out below, supported by sufficient
review of relevant and significant audit documentation, I confirm that:
 The engagement has been appropriately executed in accordance with
the policies and procedures, sufficient appropriate evidence has been
obtained to support our opinion, and the audit report to be issued is
appropriate in the circumstances.  
 I have been sufficiently involved in the audit process, including in key
meetings with the entity and the team.  
 The extent and timing of my review of the items and matters referred to
below is sufficiently evidenced, either in the audit file or through
comments below and through this completion sign-off. Further, all
significant matters have been evidenced as reviewed. 
2. Financial statements
I have read the final financial statements [and other information as appropriate]
and am satisfiedthat the presentation and related disclosures are appropriate.
3. I have read the audit report and am satisfied that it was transmitted at an
appropriate time after the financial statements were authorized for issue by the
entity’s Management.
4. I have reviewed the Recommendation Tracking Sheet, and agree with the
disposition of the Audit Team (of restating and/or clearing ________ audit
observations and recommendations).
5. I have reviewed the rating given by the Audit Team on the financial
management performance of the Auditee and find this in order.
6. I checked and noted that the Auditee Feedback Sheet has been sent to the
Office of the Director, Cluster ___.
7. I have prepared the performance rating of the audit team
8. I have discussed the performance rating with the Team.
9. Consultation and significant matters
There has been appropriate consultation on complicated or contentious
matters, and conclusions from consultation have been agreed, documented and
implemented.
All significant matters identified, including matters that include information
inconsistent with the final conclusions, significant professional judgments,
matters included the Schedule of Uncorrected Misstatements and justified
departures have been resolved, communicated to management and
documented to my satisfaction.
10. Sufficient appropriate audit evidence about the assessed risks of material
misstatement due to fraud has been obtained through designing and
implementing the appropriate responses to those risks.
Identified or suspected fraud has been appropriately responded to.
148
11. Sufficient appropriate evidence has been obtained in relation to financial
statement assertions for each significant financial statement area, including
disclosures, allowing us to draw reasonable conclusions on which to base our
audit opinion.
12. Significant changes to the audit strategy and audit plan
All significant changes made to the audit strategy and audit plan since planning
sign-off have been appropriately documented and to my satisfaction.
13. The materiality values as assessed in the planning phase represent the final
materiality values and are considered appropriate.
I am not aware of any other information arising from the audit that requires
those materiality values to be revised further.
14. Entity representations have been obtained sufficient to support the audit
report.
15. I have been sufficiently involved in the completion process
16. I have reviewed the Auditee performance rating prepared by the Audit Team
and agree to the ratings given
17. Independence
Since planning sign-off, no other matters have arisen that affect my
independence or that of the Audit Team and/or of COA, or any such matters
arising have been satisfactorily dealt with.
18. Compliance with ethical requirements
Since planning sign-off, no other matters have arisen that affect compliance of
members of the engagement team with ethical requirements, or if any matters
have arisen, these have been satisfactorily dealt with.
19. Where procedures additional to the original audit strategy and plan were
deemed necessary to achieve the stated objectives, these have been included in
the audit file and documented to my satisfaction
20. All necessary audit procedures have been completed, reviewed, and sufficiently
and appropriately documented.
21. Where matters have arisen after the date of the audit report, which required
additional procedures to be performed or resulted in a change to previous
conclusions drawn, they have been satisfactorily dealt with.
Prepared by:

SA/RSA
Date:
149
III. Engagement Quality Control Reviewer (EQCR) Sign-off
Office of the Director _____________________________________________
Description EQCR sign-
off and
date
1. I have read and assessed at least the documents indicated below. I have included
additional comments, where necessary to refer to key meetings attended, any
further steps taken and/or any additional documentation reviewed by me.
 All significant matters  
 Documents reviewed on a selective basis to review work  performed in
significant areas (specify those documents or  indicate if none is selected)  
 The record in the completion sign-off of the engagement  team's involvement
in the audit  
 Records of internal consultations on significant matters  
 Records of important discussions with the entity (significant  matters)  
 Schedule of Uncorrected Misstatements   
 Others (specify)
2. I have sufficiently reviewed the draft financial statements and disclosures, and the
draft audit report before these were finalized and transmitted to the Auditee.
I have reviewed related documents for significant audit matters.
I have approved the dropping of unimplemented audit recommendation for the
Recommendation Tracking Sheet after evaluating the Audit Team report.
3. I have reviewed the Auditee Feedback Sheet and have discussed the contents with
the SA/RSA for feedback to the Team and for their formal response, if necessary
4. I have read the formal justifications of the Team to the negative feedback received
and taken the necessary action
5. I have reviewed the Performance rating given by the Team on the Agency and have
instructed the SA/RSA to take the necessary action.
6. I have given Performance rating of the Team.
I have discussed the performance rating with the Team.
7. I have transmitted a copy of the Audit Report to the Auditee.
I have sent the feedback sheet to the auditee.
Since the start of the audit, I am not aware of any matter that arose that may have
affected the independence, objectivity and competence of the audit team.
Prepared by:

CD/RD
Date:
150
Appendix 5-2. Auditee Feedback Sheet
(Heading)
Auditee Feedback Sheet
Addressee: Date
Dear _____________________,
With reference to the financial audit of the ________________________________________________

please accomplish the attached feedback survey by placing check () mark on the items that best
describe the statements 1-12. We consider our audit clients’ feedback on our audit service very valuable
as this will enable us to ensure and to continually improve the quality of our audits.
Please send the filled-out survey directly to the Office of the Cluster/Regional Director, (Cluster/Region),
(Audit Sector), (Address) within five days from receipt.
Thank you for your cooperation.
Very truly yours,

151
Agency Name: _______________________
Address: ____________________________
Date: _______________________________
Financial Audit Team to be rated

Calendar Year covered: _______________
Supervising Auditor/Regional Supervising Auditor: ____________________
Audit Team Leader: _______________________
Audit Team Members: _____________________
_____________________
_____________________
Remarks
Not (pls indicate
No Audit Quality Agree Disagree
Done reason if you
disagree)
1 Requirements contained in the Engagement Letter
were adequately explained by the Audit Team.
2 Entrance meeting was held and all
questions/comments were adequately addressed.
3 The objectives and scope of audit were discussed.
4 The audit was completed within the timeframe
communicated.
5 The audit was conducted in a professional and
courteous manner.
6 The audit was conducted with minimal disruption
to our business.
7 The Audit Team kept us informed of key issues
throughout the audit.
8 The exit conference provided us the opportunity to
discuss our comments on the observations and
recommendations.
9 All our key concerns were attended to by the Audit
Team.
10 The audit observations and recommendations
contained in the audit report were properly
communicated.
11 The audit report reflected our comments and/or
actions taken/to be taken.
12 The overall audit provided value to the
organization.
152
Suggestions to improve future financial audits (Please use separate page if necessary.)
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_______________________________
Accomplished by:
Signature: ________________________
Name: ___________________________
Position/Designation: ______________
I fully concur with the ratings given, and this form is approved for release to COA
Signature: ________________________
Name: ___________________________
Position/Designation: ______________
Date Approved: ___________________
153
Appendix 5-3. Director’s Evaluation Form
DIRECTOR’S EVALUATION FORM

Financial Audit
Agency __________________________________________________________________
Period Covered____________________________________________________________
Team Composition:
Name Position
Supervising Auditor/Regional Supervising Auditor
Audit Team Leader
Audit Team Members
Remarks for
Director's Evaluation Yes No "No" Answers
1. The financial audit was performed in accordance with the FAM based on the
results of the Completion Compliance Checklist
2. The audit team complied with the ethical and professional standards of COA
based on the feedback received from the agency and in case of negative
feedback, that the team's justification is acceptable. If no feedback was
received, indicate “Not applicable (NA)”.
3. The Audit Opinion rendered on the Financial Statements was the most
appropriate considering the results of the financial audit conducted. The
reason for the modified opinion is acceptable considering the reporting
materiality threshold and the qualitative conditions cited. (Include only if
applicable)
4. The required review process was performed and that critical issues have
been addressed or have been discussed with me for my proper action.
Considering my responses above, I am (satisfied or not satisfied) with the financial audit performed by
the Audit Team.
RATING
All ‘yes’ answers – Satisfactory
Below 4 ‘yes’ answers – Not satisfactory
__________________________________________
Rated by:
Signature: ________________________
Name: ___________________________
Position/Designation: Cluster/Regional Director
Date Approved:___________________
154
Appendix 5-4. Financial Management Performance Rating
Financial Management Performance Rating

based on the financial audit performed on:
Agency: _____________________
Period: _____________________
Reliability of Financial Information Score Remarks

1. Audit Opinion rendered (20 points unqualified, zero for other opinions) 20
Adequacy of Internal control
2. Internal control survey indicated adequate control environment (5 points 5
adequate)
3. Ethical awareness seminars are conducted and have been attended by 75% of 1
all staff surveyed. (1 point)
4. Risk assessment is being performed to identify risks and responses to these 7
risks. (7 points)
5. Control activities including forms and reports required in the Internal Control 10
Policies, Procedures and Practices are in place (10 points)
6. An internal audit unit exists. (1 point if yes) 1
7. The internal audit unit reviews the internal control of the agency based on 5
reports received. (5 points if yes)
Compliance with Management Representation in the Engagement Letter
8. The requirements in the engagement letter were complied with by the agency. 15
- Submission of complete FS within the deadline set (5 points)
- Audit queries and request for documents were addressed on time (5 points)
- Submission of written representations required on time and near the date
of audit report (5 points)
Adjustments required by the Auditor
9. All audit adjustments were considered by the agency and were taken up during 10
the audit period. (0-10 points)
Audit observations and recommendations
10. Observations and recommendations as a result of the audit were considered 2
and management has provided a time plan for implementing the
recommendations. (2 points)
11. Prior period recommendations were implemented during the current year. (0- 10
10 points)
Quality of financial statements furnished for audit
12. The Financial Statements were prepared in accordance with the prescribed 7
reporting framework.
13. The Accounting team that prepared the FS is composed of qualified accounting 2
staff.
14. Cooperation extended to the audit team 5
15. Total Score—perfect score 100
16. Indications of fraud and intentional errors (25)
155
90 to 100% of all applicable criteria Excellent
85 to 89% Very Satisfactory
75% to 84% of total applicable criteria Satisfactory
Below 75% Poor
Group Assessment of the Agency’s Financial Management Performance

We are giving a joint performance score of _______ %.
__(Signature over printed name)__ __(Signature over printed name)__

Supervising Auditor/Regional Supervising Auditor Cluster/Regional Director
Date: Date:
156
Works Cited
Current Audit File. (2018). Retrieved March 6, 2018, from AuditingHelp.com:
https://auditinghelp.com/current-audit-file-13747
Bragg, S. (2018). Permanent File. Retrieved March 6, 2018, from accountingtools.com:

https://www.accountingtools.com/articles/2017/5/17/permanent-file
Nzechukwu, P. O. (2016). Internal Audit Practice from A to Z (1st ed.). Boca Raton, Florida: CRC Press.
157

11.28.2018 Updated FAM

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

11.28.2018 Updated FAM

Загружено:

Авторское право:

Доступные форматы

Financial Audit Manual (FAM)

COA Audit Framework ............................................................................................... 10

Section 5 ................................................................................................................. 141

Works Cited ............................................................................................................ 157

A. Basis for Manual Preparation

“to promote implementation of the INTOSAI audit principlesby translating

COA Audit Framework

Exhibit 2. COA Audit Framework

Strategic Planning and Risk Identification

a) A general overview of the entity’s organization and operations;

A. Objective of Financial Statements Audit

B. The Financial Statements Audit Process

Section 1: Preliminary Engagement Activities;

 Determine materiality thresholds (ISSAI 1320)

C. Applying the INTOSAI Financial Audit Guidelines (ISSAI 1000-2999)

4. As such, preliminary engagement activities will involve:

i. Gather and objectively evaluate evidence;

A. Establishing the Terms of Audit Engagement

Obtaining written representation

Table 2. ISSAIs related to written representations

B. Communicating the Terms of Engagement

REPUBLIC OF THE PHILIPPINES

AUDITOR’S DECLARATION OF INDEPENDENCE AND COMPLIANCE

Responsibility to Update This Declaration

__ (Signature over printed name) __ Date:

Cluster/Regional Director’s Certification:

__ (Signature over printed name)__ Date:

REPUBLIC OF THE PHILIPPINES

Attention: Chief Accountant

1. The objectives of this audit are as follows:

C. Agency Financial Management Performance

8. Management is responsible for:

 Statement of Financial Position

F. Assistance from Management

10. We will request assistance for the following, among others:

G. Use and reproduction of COA audit reports

I. Auditee’s Feedback on Audit Team’s Performance

We look forward to your full cooperation during the audit.

__Signature over Printed Name__

Date Received by the Agency:

Letterhead of the Audited Agency

Management Representation Letter

Cluster/ Regional Director

Subject: Name of Agency/Corporation/LGU Being Audited

Statement of Management's Responsibility for the Financial Statements

1. In particular the financial statements are fairly presented.

1. We have provided you with :

_____Signature over Printed Name____ _____Signature over Printed Name_____

2. Planning activities involve the following steps:

I. Preparing the Overall Audit Strategy

III. Conducting Final Risk Assessment

IV. Preparing Audit Engagement Plan

I. Preparing the Overall Audit Strategy

a) Identify the characteristics of the engagement that define its scope;

II. Conducting Preliminary Risk Assessment

8. The factors that may affect inherent risk assessment are:

a) Judgment – a high degree of judgment is involved in business transactions.

9. The preliminary assessment of control risk is based on the following:

a) Evaluation of the design of controls done in Understanding the Process activity;

B. Understanding the Audit Entity

Table 3. Sources of financial information

d) Test of Internal Control Design Effectiveness and Operating Effectiveness

e) Two types of controls

i. Preventive Controls are designed to discourage errors or irregularities from occurring.

(Signature over printed name) Date:

(Signature over printed name) Date:

Signature over Printed Name

___Signature over Printed Name _Signature over Printed Name___