Auditing: Module 1overview of Auditing and Pre-Engagement Activities

AUDITING
Module 1Overview of Auditing and Pre-Engagement Activities
1.1. Overview of Auditing................................................................................................. 1
1.2. Preface to the Philippine Standards on Quality Control, Auditing,

Review, Other Assurance and Related Services..............................................4
1.3. Philippine Framework for Assurance Engagements....................................5
1.4. PSA 120 Framework of Philippine Standards on Auditing........................8
1.5. PSA 200 Overall Objectives of the Independent Auditor and the
Conduct of an Audit in Accordance with PSAs..............................................10
1.6. PSQC 1 Quality Control for Firms that Perform Audits and Reviews
of Financial Statements, and Other Assurance and Related Services
Engagements............................................................................................................... 13
1.7. PSA 220 Quality Control for an Audit of Financial Statements..............14
1.8. PSA 210 Agreeing the Terms of Audit Engagements.................................15

Summary of the Audit Process
Accept client and perform initial planning
Understand the client’s business and industry
Assess client business risk
Perform preliminary analytical procedures
Set materiality and assess acceptable audit risk

and inherent risk
Understand internal control and assess control risk
Gather information to assess fraud risks
Develop overall audit plan and audit program
Plan to reduce assessed level of control risk? NO
YES
Perform tests of controls
Perform substantive tests of transactions
Assess likelihood of misstatements in financial

statements
LowMediumHigh or Unknown
Perform analytical procedures
Perform tests of key items
Perform additional tests of details of balances
Perform additional tests for presentation and

disclosure
Accumulate final evidence
Evaluate results
Issue audit report
Communicate with audit committee and

management
PHASE I
Plan and design an audit approach
PHASE II
Perform tests of controls and substantive tests of transactions
PHASE III
Perform analytical procedures and tests of details of balances
PHASE IV
Complete the audit and issue an audit report
AUDMOD1.1 NATURE OF AUDITING
Auditingis the accumulation and evaluation of evidence about information to determine and report on the
degree of correspondence between the information and established criteria. Auditing should be done by a
competent, independent person.
Information and Established Criteria Accumulating and Evaluating Evidence
 To do an audit, there must be information  Evidence is any information used by the auditor to
in a verifiable formand some standards determine whether the information being audited is
(criteria) by which the auditor can evaluate stated in accordance with the established criteria.
the information. Evidence takes many different forms, including:
 Examples of quantifiable information: 1. Electronic and documentary data about transactions
1. companies’ financial statements 2. Written and electronic communication with outsiders
2. individuals’ federal income tax returns. 3. Observations by the auditor
 Examples of subjective information: 4. Oral testimony of the auditee (client)
1. effectiveness of computer systems  To satisfy the purpose of the audit, auditors must obtain
2. efficiency of manufacturing operations. a sufficient quality and volume of evidence. Auditors
 Examples of criteria: must determine the types and amount of evidence
1. IFRS necessary and evaluate whether the information
2. US GAAP corresponds to the established criteria.
3. COSO Internal Control – Integrated  The auditor must be qualified to understand the criteria
Framework used and must be competent to know the types and
4. Internal Revenue Code amount of evidence to accumulate to reach the proper
 For more subjective information, it is more conclusion after examining the evidence. The auditor
difficult to establish criteria. Typically, must also have an independent mental attitude. The
auditors and the entities being audited agree competence of those performing the audit is of little value
on the criteria well before the audit starts. if they are biased in the accumulation and evaluation of
evidence.
Distinction between Auditing and Accounting
 Accounting is the recording, classifying, and summarizing of economic events in a logical manner for the
purpose of providing financial information for decision making. To provide relevant information,
accountants must have a thorough understanding of the principles and rules that provide the basis for
preparing the accounting information. In addition, accountants must develop a system to make sure that
the entity’s economic events are properly recorded on a timely basis and at a reasonable cost.
 When auditing accounting data, auditors focus on determining whether recorded information properly
reflects the economic events that occurred during the accounting period. Because U.S. or international
accounting standards provide the criteria for evaluating whether the accounting information is properly
recorded, auditors must thoroughly understand those accounting standards.
 In addition to understanding accounting, the auditor must possess expertise in theaccumulation and
interpretation of audit evidence. It is this expertise that distinguishesauditors from accountants.
Determining the proper audit procedures, deciding the number and types of items to test and evaluating
the results are unique to the auditor.
Economic Demand for Auditing
 As society becomes more complex, decision makers are more likely to receive unreliable
information.Information risk reflects the possibility that the information upon which the business risk
decision was made was inaccurate. The following are the causes of information risk:
1. Remoteness of Information – When information is obtained from others, the likelihood of it being
intentionally or unintentionally misstated increases.
2. Biases and Motives of the Provider – If information is provided by someone whose goals are
inconsistent with those of the decision maker, the information may be biased in favor of the provider.
3. Voluminous Data – As organizations become larger, so does the volume of theirexchange transactions.
This increases the likelihood that improperly recorded information is included in the records—perhaps
buried in a large amount of other information.
4. Complex Exchange Transactions - In the past few decades, exchange transactions between
organizations have become increasingly complex and therefore more difficult to record properly.
 The following are the ways to reduce information risk:
1. User verifies information – The user may go to the business premises to examine records and obtain
information about the reliability of the statements. Normally, this is impractical because of cost.
2. User shares information risk with management – There is considerable legal precedent indicating
that management is responsible for providing reliableinformation to users. A difficulty with sharing
information risk with management is that users may not be able to collect on losses.
3. Audited financial statements are provided – The most common way for users to obtain reliable
information is to have an independent audit. Typically, management of a private company or the audit
committee for a public company engages the auditor to provide assurances to users that the financial
statements are reliable.Decision makers can then use the audited information on the assumption that it
is reasonably complete, accurate, and unbiased.They value the auditor’s assurance because of the
auditor’s independence from the client and knowledge of financial statement reporting matters.
AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES 1

Assurance Services
 An assurance service is an independent professional service that improves the quality of information for
decision makers. Such services are valued because the assurance provider is independent and perceived as
being unbiased with respect to the information examined.
 Individuals who are responsible for making business decisions seek assurance services to help improve the
reliability and relevance of the information used as the basis for their decisions.
 Assurance services can be done by CPAs or by a variety of other professionals. Examples are:
1. Consumers Union – a nonprofit organization that tests a wide variety of products used by consumers
and reports their evaluations of the quality of the products tested in Consumer Reports. The
organization provides the information to help consumers make intelligent decisions about the products
they buy. Many consumers consider the information in Consumer Reports more reliable than
information provided by the product manufacturers because Consumers Union is independent of the
manufacturers.
2. Better Business Bureau (BBB)– provides an online reliability program, the BBB Accredited Business
Seal, that allows Web shoppers to check BBB information about a company and be assured the company
will stand behind its service.
3. Nielsen television and Internet ratings and Arbitron radio ratings
Categories of Assurance Services
1. Attestation services– the CPA firm issues a report about the reliability of an assertion that is made by
another party. Attestation services fall into five categories:
a. Audit of historical financial statements – management asserts that the statements are fairly stated
in accordance withapplicable U.S. or international accounting standards.
b. Audit of internal control over financial reporting – management asserts that internal controls
have been developed and implemented following well established criteria.
c. Review of historical financial statements – management asserts that the statements are fairly
stated in accordance with accounting standards, the same as for audits but the CPA provides a lower
level of assurance for reviews of financial statements compared to a high level for audits, therefore
less evidence is needed.
d. Attestation services on information technology – management makes various assertions about
the reliability and security of electronic information.WebTrust and SysTrust are examples of
attestation services developed to address these assurance needs.
e. Other attestation services
2. Other assurance services – Most of the other assurance services that CPAs provide do not meet the
definition of attestation services, but the CPA must still be independent and must provide assurance
about information used by decision makers. These assurance services differ from attestation services in
that the CPA is not required to issue a written report, and the assurance does not have to be about the
reliability of another party’s assertion aboutcompliance with specified criteria. These other assurance
service engagements focus on improving the quality of information for decision makers, just like
attestation services. Examples are:
a. Controls over and risks related to investments,including policies related to derivatives–
Assess the processes in a company’s investment practices to identify risksand to determine the
effectiveness of those processes
b. Mystery shopping– Perform anonymous shopping to assess sales personnel dealings with
customers and procedures they follow
c. Assess risks of accumulation, distribution, and storage of digital information– Assess security
risks and related controls over electronic data, including the adequacy of backup and off-site storage
d. Fraud and illegal acts risk assessment– Develop fraud risk profiles, and assess the adequacy of
company systems and policies in preventing and detecting fraud and illegal acts
e. Compliance with trading policies and procedures – Examine transactions between trading
partners to ensure that transactions comply with agreements; identify risks in the agreements
f. Compliance with entertainment royalty agreements – Assess whether royalties paid to artists,
authors, and others comply with royalty agreements
g. ISO 9000 certifications– Certify a company’s compliance with ISO 9000 quality control standards,
which help ensure company products are of high quality
h. Corporate responsibility and sustainability– Report on whether the information in a company’s
corporate responsibility report is consistent with company information and established reporting
criteria
Non-assurance Services
 CPA firms perform numerous other services that generally fall outside the scope of assurance services.
Three specific examples are:
1. Accounting and bookkeeping services
2. Tax services
3. Managementconsulting services
2 AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES

Types of Audits
 CPAs perform three primary types of audits:
Operational audit Compliance audit Financial statement audit
 Evaluates the efficiency and  Conducted to determine  Conducted to determine
effectiveness of any part of an whether the auditee is whether the financial
organization’s operating following specific procedures, statements (the information
procedures and methods. rules, or regulations set by being verified) are stated in
 At the completion of an some higher authority. accordance with specified
operational audit, management Following are examples of criteria.
normally expects compliance audits for a private  Normally, the criteria are U.S. or
recommendations for improving business: international accounting
operations.  Results of compliance audits are standards, although auditors
 It is more difficult to objectively typically reported to may conduct audits of financial
evaluate whether the efficiency management, rather than statements prepared using the
and effectiveness of operations outside users, because cash basis or some other basis of
meets established criteria than management is the primary accounting appropriate for the
it is for compliance and financial group concerned with the extent organization.
statement audits. of compliance with prescribed  In determining whether
 Also, establishing criteria for procedures and regulations. financial statements are fairly
evaluating the information in an  A significant portion of work is stated in accordance with
operational audit is extremely often done by auditors accounting standards, the
subjective. employed by the organizational auditor gathersevidence to
units. determine whether the
statements contain material
errors or other misstatements.
Examples of the three types of audits:
Type of Example Information Established Available Evidence
audit Criteria
Operational Evaluate whether the Number of payroll Company Error reports,
audit computerized payroll records processed standards for payroll records and
processing for a Chinese in a month, costs of efficiency and payroll processing
subsidiary is operating the department and effectiveness in costs
efficiently and number of errors payroll department
effectively made
Compliance Determine whether Company records Loan agreement Financial statements
audit bank requirements for provisions and calculations by
loan continuation have the auditor
been met
Financial Annual audit of Boeing’s Boeing’s financial Generally accepted Documents, records
statement financial statements statements accounting and outside sources
audit principles of evidence
Types of Auditors
The most common types of auditors are the following:
1. Certified public accounting firms – responsible for auditing the published historical financial statements
of all publicly traded companies, most other reasonably large companies, and many smaller companies
and noncommercial organizations. They are often called external auditors or independent auditors to
distinguish them from internal auditors.
2. Government auditors
3. Internal auditors – employed by all types of organizations to audit for management.Internal auditors’
responsibilities vary considerably, depending on the employer.To maintain independence from other
business functions, the internal audit group typically reports directly to the president, another high
executive officer, or the auditcommittee of the board of directors. However, internal auditors cannot be
entirely independent of the entity as long as an employer–employee relationship exists. Users from
outside the entity are unlikely to want to rely on information verified solely by internal auditors because
of their lack of independence. This lack of independence is the major difference between internal auditors
and CPA firms.

No. of members
Independent auditing firms 7
AUDMOD1.2PREFACE
PICPA TO THE PHILIPPINE STANDARDS 5 ON QUALITY CONTROL,
ACPAPP AUDITING, REVIEW, OTHER ASSURANCE 2 AND RELATED SERVICES
Board of Accountancy 1
Securities and Exchange Commission
Introduction 1
Commission on Audit 1 Auditing, Other Assurance and Related Services is
 This Preface to Philippine Standards on Quality Control,
issued to facilitate understanding of the objectives and operating procedures of the Auditing
Standards and Practices Council (ASPC) and the scope and authority of the documents issued by the
Council.
 The mission of the ASPC is “the promulgation of auditing standards, practices and procedures which
shall be generally accepted by the accounting profession in the Philippines.”
 The pronouncements of the ASPC shall be in the form of:
1. Philippine Standards on Quality Control (PSQCs)
2. Philippine Standards on Auditing (PSAs)
3. Philippine Standards on Review Engagements (PSREs)
4. Philippine Standards on Assurance Engagements (PSAEs)
5. Philippine Standards on Related Services (PSRSs)
6. Philippine Auditing Practice Statements (PAPSs)
7. Philippine Review Engagement Practice Statements (PREPSs)
8. Philippine Assurance Engagement Practice Statements (PAEPSs)
9. Philippine Related Services Practice Statements (PRSPSs)
The Auditing Standards and Practices Council (ASPC)
 The ASPC was established by the Philippine Institute of CPAs (PICPA) and the Association of CPAs in Public
Practice (ACPAPP).
 The Council has 17 regular members coming from the following:
 Whenever there is a PICPA representative to the International Auditing and Assurance Standards Board
(the then International Auditing Practices Committee), such PICPA representative becomes an ex-officio
member of the Council.
 The Council members from PICPA represent the following sectors (one representative each):
 Academe
 Commerce and Industry
 Public Practice – one from Luzon, one from Visayas, one from Mindanao
The Authority Attaching to Philippine Standards Issued by the AASC
 Pronouncements on generally accepted auditing standards, interpretations, and opinions issued by the
AASC apply whenever an independent examination of financial statements of any entity, whether
profit-oriented or not, and irrespective of size or legal form, when such examination is conducted for the
purpose of expressing an opinion thereon. They may also have application, as appropriate, to other
related activities of auditors.
Standards Application
Philippine Standards on Auditing audit of historical financial information
Philippine Standards on Review review of historical financial information
Engagements (PSREs)
Philippine Standards on Assurance assurance engagements dealing with subject matters other
Engagements (PSAEs) than historical financial information
Philippine Standards on Related Services compilation engagements, engagements to apply agreed-
(PSRSs) upon procedures to information and other related services
engagements as specified by the AASC
 PSAs, PSREs, PSAEs and PSRSs are collectively referred to as the ASPC’s Engagement Standards.
 Philippine Standards on Quality Control (PSQCs) are to be applied for all services falling under the ASPC’s
Engagement Standards.
 Philippine Standards are to be applied as written to engagements in public sector, unless so stated that they
do not apply in a public sector environment or they are not appropriate in such an environment.
The Authority Attaching to Practice Statements Issued by the AASC
 Philippine Auditing Practice Statements (PAPSs) are issued to provide interpretive guidance and practical
assistance to professional accountants in implementing PSAs and to promote good practice.
 Philippine Review Engagement Practice Statements (PREPSs), Philippine Assurance Engagement Practice
Statements (PAEPSs), and Philippine Related Services Practice Statements (PRSPSs) are issued to serve the
same purpose for implementation of PSREs, PSAEs and PSRSs, respectively.

AUDMOD1.3 PHILIPPINE FRAMEWORK FOR ASSURANCE ENGAGEMENTS
Introduction
 This Framework defines and describes the elements and objectives of an assurance engagement, and
identifies engagements to which Philippine Standards on Auditing (PSAs), Philippine Standards on Review
Engagements (PSREs) and Philippine Standards on Assurance Engagements (PSAEs) apply.
 It provides a frame of reference for:
a. Professional accountants in public practice (“practitioners”) when performing assurance
engagements. Professional accountants in the public sector refer to the Public Sector Perspective at
the end of the Framework. Professional accountants who are neither in public practice nor in the
public sector are encouraged to consider the Framework when performing assurance
engagements;
b. Others involved with assurance engagements, including the intended users of an assurance
report and the responsible party; and
c. The International Auditing and Assurance Standards Board (IAASB) in its development of
ISAs, ISREs and ISAEs and, consequently, the Auditing and Assurance Standards Council (AASC)
in its adoption of said standards for application in the Philippines.
 This Framework does not itself establish standards or provide procedural requirements for the
performance of assurance engagements.
 In addition to this Framework and PSAs, PSREs and PSAEs, practitioners who perform assurance
engagements are governed by:
a. The Code of Ethics for Professional Accountants in the Philippines (the Philippine Code),
which is adopted from the IFAC Code of Ethics forProfessional Accountants, which establishes
fundamental ethical principles for professional accountants; and
b. Philippine Standards on Quality Control (PSQCs), which are adopted from the International
Standards on Quality Control, which establish standards and provide guidance on a firm’s system
of quality control.
 Part A of the Code sets out the fundamental ethical principles that all professional accountants are required
to observe, including:
a. Integrity;
b. Objectivity;
c. Professional competence and due care;
d. Confidentiality; and
e. Professional behavior
 Part B of the Code, which applies only to professional accountants in public practice (“practitioners”),
includes a conceptual approach to independence that takes into account, for each assurance engagement,
threats to independence, accepted safeguards and the public interest. It requires firms and members of
assurance teams to identify and evaluate circumstances and relationships that create threats to
independence and to take appropriate action to eliminate these threats or to reduce them to an acceptable
level by the application of safeguards.
Definition and Objective of an Assurance Engagement
 Assurance engagement means an engagement in which a practitioner expresses a conclusion designed to
enhance the degree of confidence of the intended users other than the responsible party about the outcome
of the evaluation or measurement of a subject matter against criteria.
 Subject matter information refers to the outcome of the evaluation or measurement of a subject
matterthat results from applying the criteria to the subject matter. For example:
 The recognition, measurement, presentation and disclosure represented in the financial statements
(outcome) result from applying a financial reporting framework for recognition, measurement,
presentation and disclosure, such asPhilippine Financial Reporting Standards, (criteria) to an entity’s
financial position, financial performance and cash flows (subject matter).
 An assertion about the effectiveness of internal control (outcome) results from applying a framework
for evaluating the effectiveness of internal control, such as COSO or CoCo (criteria) to internal control, a
process (subject matter).
 Subject matter information can fail to be properly expressed in the context of the subject matter and the
criteria, and can therefore be misstated, potentially to a material extent.
 Assertion-based engagements – the evaluation or measurement of the subject matter is performed by the
responsible party, and the subject matter information is in the form of an assertion by the responsible party
that is made available to the intended users.
 Direct reporting engagements – the practitioner either directly performs the evaluation or measurement
of the subject matter, or obtains a representation from the responsible party that has performed the
evaluation or measurement that is not available to the intended users. The subject matter information is
provided to the intended users in the assurance report.
Two types of assurance engagements
 Reasonable assurance engagement– objective is a reduction in assurance engagement risk to an
acceptably low level in the circumstances of the engagement as the basis for a positive form of expression of

the practitioner’s conclusion.
 Limited assurance engagement – objective is a reduction in assurance engagement risk to a level that is
acceptable in the circumstances of the engagement, but where that risk is greater than for a reasonable
assurance engagement, as the basis for a negative form of expression of the practitioner’s conclusion.
Scope of the Framework
 Not all engagements performed by practitioners are assurance engagements. Other frequently performed
engagements that do not meet the above definition (and therefore are not covered by this Framework)
include:
1. Engagements covered by PSRSs, such as agreed-upon procedures engagements and compilations
of financial or other information.
2. Preparation of tax returns where no conclusion conveying assurance is expressed.
3. Consulting (or advisory) engagements, such as management and tax consulting.
Reports on Non-assurance Engagements
 A practitioner reporting on an engagement that is not an assurance engagement within the scope of this
Framework, clearly distinguishes that report from an assurance report. So as not to confuse users, a
report that is not an assurance report avoids, for example:
 Implying compliance with this Framework, PSAs, PSREs or PSAEs.
 Inappropriately using the words “assurance,” “audit” or “review.”
 Including a statement that could reasonably be mistaken for a conclusion designed to enhance the
degree of confidence of intended users about the outcome of the evaluation or measurement of a
subject matter against criteria.
 The practitioner and the responsible party may agree to apply the principles of this Framework to an
engagement when there are no intended users other than the responsible party but where all other
requirements of the PSAs, PSREs or PSAEs are met. In such cases, the practitioner’s report includes a
statement restricting the use of the report to the responsible party.
Engagement Acceptance
 A practitioner accepts an assurance engagement only where the practitioner’s preliminary knowledge of
the engagement circumstances indicates that:
a. Relevant ethical requirements, such as independence and professional competence will be
satisfied, and
b. The engagement exhibits all of the following characteristics:
i. The subject matter is appropriate;
ii. The criteria to be used are suitable and are available to the intended users;
iii. The practitioner has access to sufficient appropriate evidence to support the practitioner’s
conclusion;
iv. The practitioner’s conclusion, in the form appropriate to either a reasonable assurance
engagement or a limited assurance engagement, is to be contained in a written report; and
v. The practitioner is satisfied that there is a rational purpose for the engagement. If there is a
significant limitation on the scope of the practitioner’s work (see paragraph 55), it may be
unlikely that the engagement has a rational purpose. Also, a practitioner may believe the
engaging party intends to associate the practitioner’s name with the subject matter in an
inappropriate manner (see paragraph 61). Specific PSAs, PSREs or PSAEs may include
additional requirements that need to be satisfied prior to accepting an engagement.
 When a potential engagement cannot be accepted as an assurance engagement because it does not exhibit
all the characteristics in the previous paragraph, the engaging party may be able to identify a different
engagement that will meet the needs of intended users. For example:
a. If the original criteria were not suitable, an assurance engagement may still be performed if:
i. The engaging party can identify an aspect of the original subject matter for which those criteria
are suitable, and the practitioner could perform an assurance engagement with respect to that
aspect as a subject matter in its own right. In such cases, the assurance report makes it clear
that it does not relate to the original subject matter in its entirety; or
ii. Alternative criteria suitable for the original subject matter can be selected or developed.
b. The engaging party may request an engagement that is not an assurance engagement, such as a
consulting or an agreed-upon procedures engagement.
 Having accepted an assurance engagement, a practitioner may not change that engagement to a non-
assurance engagement, or from a reasonable assurance engagement to a limited assurance engagement
without reasonable justification.
 A change in circumstances that affects the intended users’ requirements, or a misunderstanding concerning
the nature of the engagement, ordinarily will justify a request for a change in the engagement. If such a
change is made, the practitioner does not disregard evidence that was obtained prior to the change.
Elements of an Assurance Engagement
a. A three party relationship involving a practitioner, a responsible party, and intended users;
b. An appropriate subject matter;
c. Suitable criteria;
d. Sufficient appropriate evidence; and
e. A written assurance report in the form appropriate to a reasonable assurance engagement or a limited

assurance engagement.
Three-party relationship
 Assurance engagements involve three separate parties: a practitioner, a responsible party and intended
users.
 The responsible party and the intended users may be from different entities or the same entity.
 The term “practitioner” as used in this Framework is broader than the term “auditor” as used in PSAs and
PSREs, which relates only to practitioners performing audit or review engagements with respect to
historical financial information.
Subject matter
 Financial performance or conditions (for example, historical or prospective financial position, financial
performance and cash flows) for which the subject matter information may be the recognition,
measurement, presentation and disclosure represented in financial statements.
 Non-financial performance or conditions (for example, performance of an entity) for which the subject
matter information may be key indicators of efficiency and effectiveness.
 Physical characteristics (for example, capacity of a facility) for which the subject matter information may
be a specifications document.
 Systems and processes (for example, an entity’s internal control or IT system) for which the subject
matter information may be an assertion about effectiveness.
 Behavior (for example, corporate governance, compliance with regulation,human resource practices) for
which the subject matter information maybe a statement of compliance or a statement of effectiveness
 An appropriate subject matter is:
a. Identifiable, and capable of consistent evaluation or measurement against the identified criteria;
b. Such that the information about it can be subjected to procedures for gathering sufficient
appropriate evidence to support a reasonable assurance or limited assurance conclusion, as
appropriate.
Criteria
 Criteria are the benchmarks used to evaluate or measure the subject matter including, where relevant,
benchmarks for presentation and disclosure.
 Suitable criteria are required for reasonably consistent evaluation or measurement of a subject matter
within the context of professional judgment. Without the frame of reference provided by suitable criteria,
any conclusion is open to individual interpretation and misunderstanding. Suitable criteria exhibit the
following characteristics:
a. Relevance – contribute to conclusions that assist decision-making by the intended users.
b. Completeness – relevant factors that could affect the conclusions in the context of the engagement
circumstances are not omitted.
c. Reliability – allow reasonably consistent evaluation or measurement of the subject matter
including, where relevant, presentation and disclosure, when used in similar circumstances by
similarly qualified practitioners.
d. Neutrality – contribute to conclusions that are free from bias.
e. Understandability – contribute to conclusions that are clear, comprehensive, and not subject to
significantly different interpretations.
 Criteria can either be established or specifically developed. Established criteria are those embodied in
laws or regulations, or issued by authorized or recognized bodies of experts that follow a transparent due
process. Specifically developed criteria are those designed for the purpose of the engagement. Whether
criteria are established or specifically developed affects the work that the practitioner carries out to assess
their suitability for a particular engagement.
Sufficient and appropriate evidence
 The practitioner plans and performs an assurance engagement with an attitude of professional
skepticism to obtain sufficient appropriate evidence about whether the subject matter information is free
of material misstatement. An attitude of professional skepticism means the practitioner makes a critical
assessment, with a questioning mind, of the validity of evidence obtained and is alert to evidence
that contradicts or brings into question the reliability of documents or representations by the
responsible party.
 The practitioner considers materiality, assurance engagement risk, and the quantity and quality of available
evidence when planning and performing the engagement, in particular when determining the nature,
timing and extent of evidence-gathering procedures.
 Materiality is relevant when the practitioner determines the nature, timing and extent of
evidence-gathering procedures, and when assessing whether the subject matter information is free
of misstatement. When considering materiality, the practitioner understands and assesses what
factors might influence the decisions of the intended users.
 Assurance engagement risk is the risk that the practitioner expresses an inappropriate
conclusion when the subject matter information is materially misstated.
a. The risk that the subject matter information is materially misstated, which in turn consists of:
i. Inherent risk: the susceptibility of the subject matter information to a material
misstatement, assuming that there are no related controls; and
ii. Control risk: the risk that a material misstatement that could occur will not be prevented, or

detected and corrected, on a timely basis by related internal controls. When control risk is
relevant to the subject matter, some control risk will always exist because of the inherent
limitations of the design and operation of internal control; and
b. Detection risk: the risk that the practitioner will not detect a material misstatement that exists.
 The quantity or quality of available evidence is affected by:
a. The characteristics of the subject matter and subject matter information. For example, less
objective evidence might be expected when information about the subject matter is future
oriented rather than historical (see paragraph 32); and
b. Circumstances of the engagement other than the characteristics of the subject matter, when
evidence that could reasonably be expected to exist is not available because of, for example, the
timing of the practitioner’s appointment, an entity’s document retention policy, or a restriction
imposed by the responsible party.
 Sufficiency is the measure of the quantity of evidence. Appropriateness is the measure of the quality of
evidence; that is, its relevance and its reliability. The quantity of evidence needed is affected by the risk of
the subject matter information being materially misstated (the greater the risk, the more evidence is likely
to be required) and also by the quality of such evidence (the higher the quality, the less may be required).
Accordingly, the sufficiency and appropriateness of evidence are interrelated. However, merely obtaining
more evidence may not compensate for its poor quality.While recognizing that exceptions may exist, the
following generalizations about the reliability of evidence may be useful:
 Evidence is more reliable when it is obtained from independent sources outside the entity.
 Evidence that is generated internally is more reliable when the related controls are effective.
 Evidence obtained directly by the practitioner (for example, observation of the application of a
control) is more reliable than evidence obtained indirectly or by inference (for example, inquiry
about the application of a control).
 Evidence is more reliable when it exists in documentary form, whether paper, electronic, or other
media (for example, a contemporaneously written record of a meeting is more reliable than a
subsequent oral representation of what was discussed).
 Evidence provided by original documents is more reliable than evidence provided by photocopies
or facsimiles.
 The practitioner considers the relationship between the cost of obtaining evidence and the usefulness of
the information obtained. However, the matter of difficulty or expense involved is not in itself a valid basis
for omitting an evidence gathering procedure for which there is no alternative.
Assurance Report
 The practitioner provides a written report containing a conclusion that conveys the assurance obtained
about the subject matter information.
 In an assertion-based engagement, the practitioner’s conclusion can be worded either:
a. In terms of the responsible party’s assertion (“In our opinion the responsible party’s assertion that
internal control is effective, in all material respects, based on XYZ criteria, is fairly stated”); or
b. Directly in terms of the subject matter and the criteria (“In our opinion internal control is effective, in all
material respects, based on XYZ criteria”).
 In a direct reporting engagement, the practitioner’s conclusion is worded directly in terms of the subject
matter and the criteria.
 In a reasonable assurance engagement, the practitioner expresses the conclusion in the positive form (“In
our opinion internal control is effective, in all material respects, based on XYZ criteria”).
 In a limited assurance engagement, the practitioner expresses the conclusion in the negative form (“Based
on our work described in this report, nothing has come to our attention that causes us to believe that
internal control is not effective, in all material respects, based on XYZ criteria”).
AUDMOD1.4 PSA 120 FRAMEWORK OF PHILIPPINE STANDARDS ON AUDITING
Introduction
 The AASChas been authorized to issue Philippine Standards on Auditing (PSAs). The purpose of this
document is to describe the framework within which PSAs are issued in relation to the services which may
be performed by auditors.
 For ease of reference, except where indicated, the term “auditor” is used throughout the PSAs when
describing both auditing and related services which may be performed. Such reference is not intended to
imply that a person performing related services need be the auditor of the entity's financial statements..
Financial Reporting Framework
 Financial statements are ordinarily prepared and presented annually and are directed toward the common
information needs of a wide range of users. Many of those users rely on the financial statements as their
major source of information because they do not have the power to obtain additional information to meet
their specific information needs. Thus, financial statements need to be prepared in accordance with one, or
a combination of:
a. accounting standards generally accepted in the Philippines;
b. International Accounting Standards; and

c. another authoritative and comprehensive financial reporting framework which has been designed
for use in financial reporting and is identified in the financial statements.
Framework for Auditing and Related Services
 This Framework distinguishes audits from related services. Related services comprise reviews, agreed-
upon procedures and compilations. As illustrated in the diagram below, audits and reviews are designed to
enable the auditor to provide high and moderate levels of assurance respectively, such terms being used to
indicate their comparative ranking. Engagements to undertake agreed-upon procedures and compilations
are not intended to enable the auditor to express assurance.
AUDITING RELATED SERVICES
Nature of service Audit Review Agreed-upon Compilation
procedures
Comparative High, but not Moderate No assurance No assurance

level of assurance absolute, assurance
provided by the assurance
auditor
Report provided Positive assurance Negative Factual findings Identification of
on assertions assurance on of procedures information
(Audit Report) assertions compiled
(Review Report) (Compilation Report)
 The Framework does not apply to other services provided by auditors such as taxation, consultancy, and
financial and accounting advice.
Levels of assurance
 Assurance refers to the auditor's satisfaction as to the reliability of an assertion being made by one
party for use by another party. To provide such assurance, the auditor assesses the evidence collected as
a result of procedures conducted and expresses a conclusion. The degree of satisfaction achieved and,
therefore, the level of assurance, which may be provided, is determined by the procedures performed and
their results.
 In an audit engagement, the auditor provides a high, but not absolute, level of assurance that the
information subject to audit is free of material misstatement. This is expressed positively in the audit report
as reasonable assurance.
 In a review engagement, the auditor provides a moderate level of assurance that the information subject to
review is free of material misstatement. This is expressed in the form of negative assurance.
 For agreed-upon procedures, as the auditor simply provides a report of the factual findings, no assurance is
expressed. Instead, users of the report assess for themselves the procedures and findings reported by the
auditor and draw their own conclusions from the auditor's work.
 In a compilation engagement, although the users of the compiled information derivesomebenefitfromthe
accountant's involvement,noassuranceis expressed in the report.
Audit
 The objective of an audit of financial statements is to enable the auditor to express an opinion whether
the financial statements are prepared, in all material respects, in accordance with an identified
financial reporting framework. The phrase used to express the auditor's opinion is “present fairly, in all
material respects.” A similar objective applies to the audit of financial or other information prepared in
accordance with appropriate criteria.
 In forming the audit opinion, the auditor obtains sufficient appropriate audit evidence to be able to draw
conclusions on which to base that opinion.
 The auditor's opinion enhances the credibility of financial statements by providing a high, but not absolute,
level of assurance. Absolute assurance in auditing is not attainable as a result of such factors as the:
a. need for judgment
b. the use of testing
c. the inherent limitations of any accounting and internal control systems and
d. the fact that most of the evidence available to the auditor is persuasive, rather than conclusive, in
nature.
Related Services
Reviews
 The objective of a review of financial statements is to enable an auditor to state whether, on the basis of
procedures which do not provide all the evidence that would be required in an audit, anything has
come to the auditor's attention that causes the auditor to believe that the financial statements are
not prepared, in all material respects, in accordance with an identified financial reporting
framework. A similar objective applies to the review of financial or other information prepared in
accordance with appropriate criteria.
 A review comprises inquiry and analytical procedures which are designed to review the reliability of an
assertion that is the responsibility of one party for use by another party. While a review involves the
application of audit skills and techniques and the gathering of evidence, it does not ordinarily involve an
assessment of accounting and internal control systems, tests of records and of responses to inquiries by

obtaining corroborating evidence through inspection, observation, confirmation and computation, which
are procedures ordinarily performed during an audit.
Agreed-upon Procedures
 In an engagement to perform agreed-upon procedures, an auditor is engaged to carry out those
procedures of an audit nature to which the auditor and the entity and any appropriate third parties
have agreed and to report on factual findings. The recipients of the report must form their own
conclusions from the report by the auditor. The report is restricted to those parties that have agreed to the
procedures to be performed since others, unaware of the reasons for the procedures, may misinterpret the
results.
Compilations
 In a compilation engagement, the accountant is engaged to use accounting expertise as opposed to
auditing expertise to collect, classify and summarize financial information. This ordinarily entails
reducing detailed data to a manageable and understandable form without a requirement to test the
assertions underlying that information. The procedures employed are not designed and do not enable the
accountant to express any assurance on the financial information. However, users of the compiled financial
information derive some benefit as a result of the accountant's involvement because the service has been
performed with due professional skill and care.
AUDMOD1.5 PSA 200 OVERALL OBJECTIVES OF THE INDEPENDENT AUDITOR AND

THE CONDUCT OF AN AUDIT IN ACCORDANCE WITH PHILIPPINE
STANDARDS ON AUDITING
Introduction
Scope of this PSA
 This PSA deals with the independent auditor’s overall responsibilities when conducting an audit of financial
statements in accordance with PSAs. Specifically, it sets out the overall objectives of the independent
auditor, and explains the nature and scope of an audit designed to enable the independent auditor
to meet those objectives.
 It also explains the scope, authority and structure of the PSAs, and includes requirements establishing the
general responsibilities of the independent auditor applicable in all audits, including the obligation to
comply with the PSAs. The independent auditor is referred to as “the auditor” hereafter.
An audit of financial statements
 The purpose of an audit is to enhance the degree of confidence of intended users in the financial statements.
This is achieved by the expression of an opinion by the auditor on whether the financial statements are
prepared, in all material respects, in accordance with an applicable financial reporting framework.
 The financial statements subject to audit are those of the entity, prepared by management of the entity with
oversight from those charged with governance. PSAs do not impose responsibilities on management or
those charged with governance and do not override laws and regulations that govern their
responsibilities.
 However, an audit in accordance with PSAs is conducted on the premise that management and, where
appropriate, those charged with governance have acknowledged certain responsibilities that are
fundamental to the conduct of the audit. The audit of the financial statements does not relieve management
or those charged with governance of their responsibilities.
 As the basis for the auditor’s opinion, PSAs require the auditor to obtain reasonable assurance about
whether the financial statements as a whole are free from material misstatement, whether due to
fraud or error.
 Reasonable assurance is a high level of assurance. It is obtained when the auditor has obtained sufficient
appropriate audit evidence to reduce audit risk (that is, the risk that the auditor expresses an inappropriate
opinion when the financial statements are materially misstated) to an acceptably low level.
 The concept of materiality is applied by the auditor both in planning and performing the audit, and
in evaluating the effect of identified misstatements on the audit and of uncorrected misstatements,
if any, on the financial statements.
 In general, misstatements, including omissions, are considered to be material if, individually or in the
aggregate, they could reasonably be expected to influence the economic decisions of users taken on the
basis of the financial statements.
 Judgments about materiality are made in the light of surrounding circumstances, and are affected by the
auditor’s perception of the financial information needs of users of the financial statements, and by
the size or nature of a misstatement, or a combination of both. The auditor’s opinion deals with the
financial statements as a whole and therefore the auditor is not responsible for the detection of
misstatements that are not material to the financial statements as a whole.
 The PSAs require that the auditor exercise professional judgment and maintain professional
skepticism throughout the planning and performance of the audit and, among other things:
 Identify and assess risks of material misstatement, whether due to fraud or error, based on an
understanding of the entity and its environment, including the entity’s internal control.

 Obtain sufficient appropriate audit evidence about whether material misstatements exist,
through designing and implementing appropriate responses to the assessed risks.
 Form an opinionon the financial statements based on conclusions drawn from the audit
evidence obtained.
 The auditor may also have certain other communication and reporting responsibilities to users,
management, those charged with governance, or parties outside the entity, in relation to matters arising
from the audit. These may be established by the PSAs or by applicable law or regulation.
Overall Objectives of the Auditor
 In conducting an audit of financial statements, the overall objectives of the auditor are:
a. To obtain reasonable assurance about whether the financial statements as a whole are free from
material misstatement, whether due to fraud or error, thereby enabling the auditor to express an
opinion on whether the financial statements are prepared, in all material respects, in accordance
with an applicable financial reporting framework; and
b. To report on the financial statements, and communicate as required by the PSAs, in accordance
with the auditor’s findings.
 In all cases when reasonable assurance cannot be obtained and a qualified opinion in the auditor’s report is
insufficient in the circumstances for purposes of reporting to the intended users of the financial statements,
the PSAs require that the auditor disclaim an opinion or withdraw (or resign) from the engagement,
where withdrawal is possible under applicable law or regulation.
Requirements
Ethical requirements
 The auditor shall comply with relevant ethical requirements, including those pertaining to independence,
relating to financial statement audit engagements.
Professional skepticism
 The auditor shall plan and perform an audit with professional skepticism recognizing that circumstances
may exist that cause the financial statements to be materially misstated.
 Professional skepticism includes being alert to, for example:
 Audit evidence that contradicts other audit evidence obtained.
 Information that brings into question the reliability of documents andresponses to inquiries to be used
as audit evidence.
 Conditions that may indicate possible fraud.
 Circumstances that suggest the need for audit procedures in addition to those required by the PSAs.
 Maintaining professional skepticism throughout the audit is necessary if the auditor is, for example, to
reduce the risks of:
 Overlooking unusual circumstances.
 Over generalizing when drawing conclusions from audit observations.
 Using inappropriate assumptions in determining the nature, timing and extent of the audit procedures
and evaluating the results thereof.
 The auditor may accept records and documents as genuine unless the auditor has reason to believe the
contrary. Nevertheless, the auditor is required to consider the reliability of information to be used as audit
evidence.The auditor cannot be expected to disregard past experience of the honesty and integrity of the
entity’s management and those charged with governance. Nevertheless, a belief that management and
those charged with governance are honest and have integrity does not relieve the auditor of the need to
maintain professional skepticism or allow the auditor to be satisfied with less than persuasive audit
evidence when obtaining reasonable assurance.
Professional judgment
 The auditor shall exercise professional judgment in planning and performing an audit of financial
statements.Professional judgment is necessary in particular regarding decisions about:
 Materiality and audit risk.
 The nature, timing and extent of audit procedures used to meet the requirements of the PSAs and gather
audit evidence.
 Evaluating whether sufficient appropriate audit evidence has been obtained, and whether more needs to
be done to achieve the objectives of the PSAs and thereby, the overall objectives of the auditor.
 The evaluation of management’s judgments in applying the entity’s applicable financial reporting
framework.
 The drawing of conclusions based on the audit evidence obtained, for example, assessing the
reasonableness of the estimates made by management in preparing the financial statements.
 Professional judgment needs to be exercised throughout the audit. It also needs to be appropriately
documented. In this regard, the auditor is required to prepare audit documentation sufficient to enable an
experienced auditor, having no previous connection with the audit, to understand the significant
professional judgments made in reaching conclusions on significant matters arising during the audit.
 Professional judgment is not to be used as the justification for decisions that are not otherwise supported
by the facts and circumstances of the engagement or sufficient appropriate audit evidence.
Sufficient appropriate audit evidence
 To obtain reasonable assurance, the auditor shall obtain sufficient appropriate audit evidence to reduce
audit risk to an acceptably low level and thereby enable the auditor to draw reasonable conclusions on

which to base the auditor’s opinion.
 Audit evidence is necessary to support the auditor’s opinion and report. It is cumulative in nature and is
primarily obtained from audit procedures performed during the course of the audit. It may, however,
also include information obtained from other sources such as
a. previous audits (provided the auditor has determined whether changes have occurred since the
previous audit that may affect its relevance to the current audit)
b. a firm’s quality control procedures for client acceptance and continuance
c. the entity’s accounting records
d. information prepared by an expert employed or engaged by the entity
 Audit evidence comprises both information that supports and corroborates management’s assertions, and
any information that contradicts such assertions. In addition, in some cases, the absence of information (for
example, management’s refusal to provide a requested representation) is used by the auditor, and
therefore, also constitutes audit evidence. Most of the auditor’s work in forming the auditor’s opinion
consists of obtaining and evaluating audit evidence.
Audit risk
 Audit risk is a function of the risks of material misstatement and detection risk. The assessment of
risks is based on audit procedures to obtain information necessary for that purpose and evidence obtained
throughout the audit. The assessment of risks is a matter of professional judgment, rather than a matter
capable of precise measurement.
 The auditor is not expected to, and cannot, reduce audit risk to zero and cannot therefore obtain
absolute assurance that the financial statements are free from material misstatement due to fraud
or error. This is because there are inherent limitations of an audit, which result in most of the audit
evidence on which the auditor draws conclusions and bases the auditor’s opinion being persuasive rather
than conclusive. The inherent limitations of an audit arise from:
 The nature of financial reporting;
 The nature of audit procedures; and
 The need for the audit to be conducted within a reasonable period of time and at a reasonable cost.
 The risks of material misstatement may exist at two levels:
 The overall financial statement level – relate pervasively to the financial statements as a whole
and potentially affect many assertions
 The assertion level for classes of transactions, account balances, and disclosures – assessed
in order to determine the nature, timing and extent of further audit procedures necessary to obtain
sufficient appropriate audit evidence.
 The risks of material misstatement at the assertion level consist of two components: inherent risk and
control risk. Inherent risk and control risk are the entity’s risks; they exist independently of the audit of
the financial statements.
 Inherent risk is higher for some assertions and related classes of transactions, account balances, and
disclosures than for others. For example, it may be higher for complex calculations or for accounts
consisting of amounts derived from accounting estimates that are subject to significant estimation
uncertainty. External circumstances giving rise to business risks may also influence inherent risk. For
example, technological developments might make a particular product obsolete, thereby causing inventory
to be more susceptible to overstatement.
 Control risk is a function of the effectiveness of the design, implementation and maintenance of
internal control by management to address identified risks that threaten the achievement of the
entity’s objectives relevant to preparation of the entity’s financial statements. However, internal
control, no matter how well designed and operated, can only reduce, but not eliminate, risks of material
misstatement in the financial statements, because of the inherent limitations of internal control. These
include, for example, the possibility of human errors or mistakes, or of controls being circumvented by
collusion or inappropriate management override. Accordingly, some control risk will always exist.
 The assessment of the risks of material misstatement may be expressed in quantitative terms, such as in
percentages, or in non-quantitative terms. In any case, the need for the auditor to make appropriate risk
assessments is more important than the different approaches by which they may be made.
 For a given level of audit risk, the acceptable level of detection risk bears an inverse relationship to
the assessed risks of material misstatement at the assertion level. For example, the greater the risks of
material misstatement the auditor believes exists, the less the detection risk that can be accepted and,
accordingly, the more persuasive the audit evidence required by the auditor.Detection risk, however, can
only be reduced, not eliminated, because of the inherent limitations of an audit. Accordingly, some
detection risk will always exist.
Conduct of an audit in accordance with PSAs
 The auditor shall comply with all PSAs relevant to the audit. A PSA is relevant to the audit when the PSA is
in effect and the circumstances addressed by the PSA exist.
 If an objective in a relevant PSA cannot be achieved, the auditor shall evaluate whether this prevents the
auditor from achieving the overall objectives of the auditor and thereby requires the auditor, in accordance
with the PSAs, to modify the auditor’s opinion or withdraw from the engagement (where withdrawal
is possible under applicable law or regulation).
 Failure to achieve an objective represents a significant matter requiring documentation in accordance with

PSA 230.
AUDMOD1.6 PSQC 1QUALITY CONTROL FOR FIRMS THAT PERFORM AUDITS AND
REVIEWS OF FINANCIAL STATEMENTS, AND OTHER ASSURANCE AND
RELATED SERVICES ENGAGEMENTS
Introduction
Scope of this PSQC
 This PSQCdeals with a firm’s responsibilities for its system of quality control for audits and reviews
of financial statements, and other assurance and related services engagements. This PSQC is to be
read in conjunction with relevant ethical requirements.
 This PSQC applies to all firms of professional accountants in respect of audits and reviews of financial
statements, and other assurance and related services engagements. The nature and extent of the policies
and procedures developed by an individual firm to comply with this PSQC will depend on various factors
such as the size and operating characteristics of the firm, and whether it is part of a network.
Objective
 The objective of the firm is to establish and maintain a system of quality control to provide it with
reasonable assurance that:
a. The firm and its personnel comply with professional standards and applicable legal and regulatory
requirements; and
b. Reports issued by the firm or engagement partners are appropriate in the circumstances.
Elements of a System of Quality Control
 The firm shall establish and maintain a system of quality control that includes policies and procedures that
address each of the following elements:
a. Leadership responsibilities for quality within the firm
b. Relevant ethical requirements
c. Acceptance and continuance of client relationships and specific engagements
d. Human resources
e. Engagement performance
f. Monitoring
 The firm shall document its policies and procedures and communicate them to the firm’s personnel.
Leadership Responsibilities for Quality within the Firm
 The firm shall establish policies and procedures designed to promote an internal culture recognizing that
quality is essential in performing engagements. Such policies and procedures shall require the firm’s chief
executive officer (or equivalent) or, if appropriate, the firm’s managing board of partners (or equivalent) to
assume ultimate responsibility for the firm’s system of quality control.
Relevant ethical requirements
 The firm shall establish policies and procedures designed to provide it with reasonable assurance that the
firm and its personnel comply with relevant ethical requirements.
Acceptance and Continuance of Client Relationships and Specific Engagements
 The firm shall establish policies and procedures for the acceptance and continuance of client relationships
and specific engagements, designed to provide the firm with reasonable assurance that it will only
undertake or continue relationships and engagements where the firm:
 Is competent to perform the engagement and has the capabilities, including time and resources, to do so;
 Can comply with relevant ethical requirements; and
 Has considered the integrity of the client, and does not have information that would lead it to conclude
that the client lacks integrity.
Human Resources
 The firm shall establish policies and procedures designed to provide it with reasonable assurance that it
has sufficient personnel with the competence, capabilities, and commitment to ethical principles necessary
to:
a. Perform engagements in accordance with professional standards and applicable legal and
regulatory requirements; and
b. Enable the firm or engagement partners to issue reports that are appropriate in the circumstances.
Engagement Performance
 The firm shall establish policies and procedures designed to provide it with reasonable assurance that
engagements are performed in accordance with professional standards and applicable legal and regulatory
requirements, and that the firm or the engagement partner issue reports that are appropriate in the
circumstances. Such policies and procedures shall include:
a. Matters relevant to promoting consistency in the quality of engagement performance;
b. Supervision responsibilities; and
c. Review responsibilities.
 The firm’s review responsibility policies and procedures shall be determined on the basis that work of less
experienced team members is reviewed by more experienced engagement team members.
Monitoring
 The firm shall establish a monitoring process designed to provide it with reasonable assurance that the
policies and procedures relating to the system of quality control are relevant, adequate, and operating

effectively. This process shall:
a. Include an ongoing consideration and evaluation of the firm’s system of quality control including,
on a cyclical basis, inspection of at least one completed engagement for each engagement partner;
b. Require responsibility for the monitoring process to be assigned to a partner or partners or other
persons with sufficient and appropriate experience and authority in the firm to assume that
responsibility; and
c. Require that those performing the engagement or the engagement quality control review are not
involved in inspecting the engagement.
Documentation of the System of Quality Control
 The firm shall establish policies and procedures requiring appropriate documentation to provide evidence
of the operation of each element of its system of quality control.
 The firm shall establish policies and procedures that require retention of documentation for a period of
time sufficient to permit those performing monitoring procedures to evaluate the firm’s compliance with its
system of quality control, or for a longer period if required by law or regulation.
 The firm shall establish policies and procedures requiring documentation of complaints and allegations and
the responses to them.
AUDMOD1.7 PSA 220 QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS
Introduction
Scope of this PSA
 This PSAdeals with the specific responsibilities of the auditor regarding quality control procedures
for an audit of financial statements. It also addresses, where applicable, the responsibilities of the
engagement quality control reviewer. This PSA is to be read in conjunction with relevant ethical
requirements.
System of Quality Control and Role of Engagement Teams
 Quality control systems, policies and procedures are the responsibility of the audit firm. Under ISQC 1, the
firm has an obligation to establish and maintain a system of quality control to provide it with reasonable
assurance that:
a. The firm and its personnel comply with professional standards and applicable legal and regulatory
requirements; and
b. Reports issued by the firm or engagement partners are appropriate in the circumstances.
 Engagement teams are entitled to rely on the firm’s system of quality control, unless information provided
by the firm or other parties suggests otherwise.
Requirements
Leadership Responsibilities for Quality on Audits
 The engagement partner shall take responsibility for the overall quality on each audit engagement to which
that partner is assigned.
Relevant Ethical Requirements
 Throughout the audit engagement, the engagement partner shall remain alert, through observation and
making inquiries as necessary, for evidence of non-compliance with relevant ethical requirements by
members of the engagement team.
 If matters come to the engagement partner’s attention through the firm’s system of quality control or
otherwise that indicate that members of the engagement team have not complied with relevant ethical
requirements, the engagement partner, in consultation with others in the firm, shall determine the
appropriate action.
Acceptance and Continuance of Client Relationships and Audit Engagements
 The engagement partner shall be satisfied that appropriate procedures regarding the acceptance and
continuance of client relationships and audit engagements have been followed, and shall determine that
conclusions reached in this regard are appropriate.
 If the engagement partner obtains information that would have caused the firm to decline the audit
engagement had that information been available earlier, the engagement partner shall communicate that
information promptly to the firm, so that the firm and the engagement partner can take the necessary
action.
Human Resources
 The engagement partner shall be satisfied that the engagement team, and any auditor’s experts who are not
part of the engagement team, collectively have the appropriate competence and capabilities to:
a. Perform the audit engagement in accordance with professional standards and applicable legal and
regulatory requirements; and
b. Enable an auditor’s report that is appropriate in the circumstances to be issued.
Engagement Performance
 Direction, Supervision and Performance
 The engagement partner shall take responsibility for:
a. The direction, supervision and performance of the audit engagement in compliance with professional
standards and applicable legal and regulatory requirements; and

b. The auditor’s report being appropriate in the circumstances.
 Reviews
 The engagement partner shall take responsibility for reviews being performed in accordance with the
firm’s review policies and procedures.
 On or before the date of the auditor’s report, the engagement partner shall, through a review of the audit
documentation and discussion with the engagement team, be satisfied that sufficient appropriate audit
evidence has been obtained to support the conclusions reached and for the auditor’s report to be issued.
 Consultation
 The engagement partner shall:
a. Take responsibility for the engagement team undertaking appropriate consultation on difficult or
contentious matters;
b. Be satisfied that members of the engagement team have undertaken appropriate consultation during
the course of the engagement, both within the engagement team and between the engagement team
and others at the appropriate level within or outside the firm;
c. Be satisfied that the nature and scope of, and conclusions resulting from, such consultations are
agreed with the party consulted; and
d. Determine that conclusions resulting from such consultations have been implemented
 Engagement Quality Control Review
 For audits of financial statements of listed entities, and those other audit engagements, if any, for which
the firm has determined that an engagement quality control review is required, the engagement partner
shall:
a. Determine that an engagement quality control reviewer has been appointed;
b. Discuss significant matters arising during the audit engagement, including those identified during the
engagement quality control review, with the engagement quality control reviewer; and
c. Not date the auditor’s report until the completion of the engagement quality control review.
 If differences of opinion arise within the engagement team, with those consulted or, where applicable,
between the engagement partner and the engagement quality control reviewer, the engagement team shall
follow the firm’s policies and procedures for dealing with and resolving differences of opinion.
Monitoring
 An effective system of quality control includes a monitoring process designed to provide the firm with
reasonable assurance that its policies and procedures relating to the system of quality control are relevant,
adequate, and operating effectively. The engagement partner shall consider the results of the firm’s
monitoring process as evidenced in the latest information circulated by the firm and, if applicable, other
network firms and whether deficiencies noted in that information may affect the audit engagement.
Documentation
 The auditor shall include in the audit documentation:
a. Issues identified with respect to compliance with relevant ethical requirements and how they were
resolved.
b. Conclusions on compliance with independence requirements that apply to the audit engagement, and
any relevant discussions with the firm that support these conclusions.
c. Conclusions reached regarding the acceptance and continuance of client relationships and audit
engagements.
d. The nature and scope of, and conclusions resulting from, consultations undertaken during the course
of the audit engagement.
 The engagement quality control reviewer shall document, for the audit engagement reviewed, that:
a. The procedures required by the firm’s policies on engagement quality control review have been
performed;
b. The engagement quality control review has been completed on or before the date of the auditor’s
report; and
c. The reviewer is not aware of any unresolved matters that would cause the reviewer to believe that the
significant judgments the engagement team made and the conclusions it reached were not
appropriate.
AUDMOD1.8 PSA 210 AGREEING THE TERMS OF AUDIT ENGAGEMENTS
Introduction
Scope of this PSA
 This PSA deals with the auditor’s responsibilities in agreeing the terms of the audit engagement with
management and, where appropriate, those charged with governance. This includes establishing that
certain preconditions for an audit, responsibility for which rests with management and, where appropriate,
those charged with governance, are present. PSA 220 deals with those aspects of engagement acceptance
that are within the control of the auditor.
Objective
 The objective of the auditor is to accept or continue an audit engagement only when the basis upon
which it is to be performed has been agreed, through:

a. Establishing whether the preconditions for an audit are present; and
b. Confirming that there is a common understanding between the auditor and management and,
where appropriate, those charged with governance of the terms of the audit engagement.
Preconditions of an Audit
 In order to establish whether the preconditions for an audit are present, the auditor shall:
a. Determine whether the financial reporting framework to be applied in the preparation of the
financial statements is acceptable; and
b. Obtain the agreement of management that it acknowledges and understands its responsibility:
i. For the preparation of the financial statements in accordance with the applicable financial
reporting framework, including where relevant their fair presentation;
ii. For such internal control as management determines is necessary to enable the preparation of
financial statements that are free from material misstatement, whether due to fraud or error;
iii. To provide the auditor with:
 Access to all information of which management is aware that is relevant to the preparation of
the financial statements such as records, documentation and other matters;
 Additional information that the auditor may request from management for the purpose of the
audit; and
 Unrestricted access to persons within the entity from whom the auditor determines it
necessary to obtain audit evidence.
 If the preconditions for an audit are not present, the auditor shall discuss the matter with management.
Unless required by law or regulation to do so, the auditor shall not accept the proposed audit engagement:
a. If the auditor has determined that the financial reporting framework to be applied in the
preparation of the financial statements is unacceptable, except as provided in paragraph 19; or
b. If the agreement referred to in paragraph 6(b) has not been obtained.
Limitation on Scope prior to Audit Engagement Acceptance
 If management or those charged with governance impose a limitation on the scope of the auditor’s work in
the terms of a proposed audit engagement such that the auditor believes the limitation will result in the
auditor disclaiming an opinion on the financial statements, the auditor shall not accept such a limited
engagement as an audit engagement, unless required by law or regulation to do so.
Agreement on Audit Engagement Terms
 The auditor shall agree the terms of the audit engagement with management or those charged with
governance, as appropriate.
 The agreed terms of the audit engagement shall be recorded in an audit engagement letter or other
suitable form of written agreement and shall include:
a. The objective and scope of the audit of the financial statements;
b. The responsibilities of the auditor;
c. The responsibilities of management;
d. Identification of the applicable financial reporting framework for the preparation of the financial
statements; and
e. Reference to the expected form and content of any reports to be issued by the auditor and a
statement that there may be circumstances in which a report may differ from its expected form and
content.
Recurring audits
 On recurring audits, the auditor shall assess whether circumstances require the terms of the audit
engagement to be revised and whether there is a need to remind the entity of the existing terms of the audit
engagement.
Acceptance of a Change in the Terms of the Audit Engagement
 The auditor shall not agree to a change in the terms of the audit engagement where there is no
reasonable justification for doing so.
 A change in circumstances that affects the entity’s requirements or a misunderstanding concerning
the nature of the service originally requested may be considered a reasonable basis for requesting a
change in the audit engagement.
 In contrast, a change may not be considered reasonable if it appears that the change relates to
information that is incorrect, incomplete or otherwise unsatisfactory. An example might be where
the auditor is unable to obtain sufficient appropriate audit evidence regarding receivables and the
entity asks for the audit engagement to be changed to a review engagement to avoid a qualified
opinion or a disclaimer of opinion.
 If the auditor concludes that there is reasonable justification to change the audit engagement to a review or
a related service, the audit work performed to the date of change may be relevant to the changed
engagement; however, the work required to be performed and the report to be issued would be those
appropriate to the revised engagement.
 In order to avoid confusing the reader, the report on the related service would not include reference to:
a. The original audit engagement; or
b. Any procedures that may have been performed in the original audit engagement, except where the
audit engagement is changed to an engagement to undertake agreed-upon procedures and thus
reference to the procedures performed is a normal part of the report.

 If the terms of the audit engagement are changed, the auditor and management shall agree on and record
the new terms of the engagement in an engagement letter or other suitable form of written agreement.
 If the auditor is unable to agree to a change of the terms of the audit engagement and is not permitted by
management to continue the original audit engagement, the auditor shall:
a. Withdraw from the audit engagement where possible under applicable law or regulation; and
b. Determine whether there is any obligation, either contractual or otherwise, to report the
circumstances to other parties, such as those charged with governance, owners or regulators.
Example of an Audit Engagement Letter
To the appropriate representative of management or those charged with governance of ABC Company:
[The objective and scope of the audit]
You have requested that we audit the financial statements of ABC Company, which comprise the balance
sheet as at December 31, 20X1, and the income statement, statement of changes in equity and cash flow
statement for the year then ended, and a summary of significant accounting policies and other explanatory
information. We are pleased to confirm our acceptance and our understanding of this audit engagement by
means of this letter. Our audit will be conducted with the objective of our expressing an opinion on the
financial statements.
[The responsibilities of the auditor]
We will conduct our audit in accordance with Philippine Standards on Auditing (PSAs). Those standards
require that we comply with ethical requirements and plan and perform the audit to obtain reasonable
assurance about whether the financial statements are free from material misstatement. An audit involves
performing procedures to obtain audit evidence about the amounts and disclosures in the financial
statements. The procedures selected depend on the auditor’s judgment, including the assessment of the risks
of material misstatement of the financial statements, whether due to fraud or error. An audit also includes
evaluating the appropriateness of accounting policies used andthe reasonableness of accounting estimates
made by management, as well as evaluating the overall presentation of the financial statements.
Because of the inherent limitations of an audit, together with the inherent limitations of internal control,
there is an unavoidable risk that some material misstatements may not be detected, even though the audit is
properly planned and performed in accordance with PSAs.
In making our risk assessments, we consider internal control relevant to the entity’s preparation of the
financial statements in order to design audit procedures that are appropriate in the circumstances, but not for
the purpose of expressing an opinion on the effectiveness of the entity’s internal control. However, we will
communicate to you in writing concerning any significant deficiencies in internal control relevant to the audit
of the financial statements that we have identified during the audit.
[The responsibilities of management and identification of the applicable financial reporting framework]
Our audit will be conducted on the basis that [management and, where appropriate, those charged with
governance] acknowledge and understand that they have responsibility:
a. For the preparation and fair presentation of the financial statements in accordance with International
Financial Reporting Standards;
b. For such internal control as [management] determines is necessary to enable the preparation of financial
statements that are free from material misstatement, whether due to fraud or error; and
c. To provide us with:
i. Access to all information of which [management] is aware that is relevant to the preparation of the
financial statements such as records, documentation and other matters;
ii. Additional information that we may request from [management] for the purpose of the audit; and
iii. Unrestricted access to persons within the entity from whom we determine it necessary to obtain
audit evidence.
As part of our audit process, we will request from [management and, where appropriate, those charged with
governance], written confirmation concerning representations made to us in connection with the audit.
We look forward to full cooperation from your staff during our audit.
[Other relevant information]
[Insert other information, such as fee arrangements, billings and other specific terms, as appropriate.]
[Reporting]
[Insert appropriate reference to the expected form and content of the auditor’s report.]
The form and content of our report may need to be amended in the light of our audit findings.
Please sign and return the attached copy of this letter to indicate your acknowledgement of, and agreement
with, the arrangements for our audit of the financial statements including our respective responsibilities.
XYZ & Co.
Acknowledged and agreed on behalf of ABC Company by
(signed)
......................
Name and Title

Date

Auditing: Module 1overview of Auditing and Pre-Engagement Activities

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Auditing: Module 1overview of Auditing and Pre-Engagement Activities

Загружено:

Авторское право:

Доступные форматы

AUDITING

Module 1Overview of Auditing and Pre-Engagement Activities

1.1. Overview of Auditing................................................................................................. 1

1.2. Preface to the Philippine Standards on Quality Control, Auditing,

1.3. Philippine Framework for Assurance Engagements....................................5

1.4. PSA 120 Framework of Philippine Standards on Auditing........................8

1.7. PSA 220 Quality Control for an Audit of Financial Statements..............14

1.8. PSA 210 Agreeing the Terms of Audit Engagements.................................15

Understand the client’s business and industry

Assess client business risk

Perform preliminary analytical procedures

Set materiality and assess acceptable audit risk

Understand internal control and assess control risk

Gather information to assess fraud risks

Develop overall audit plan and audit program

Plan to reduce assessed level of control risk? NO

Perform substantive tests of transactions

Assess likelihood of misstatements in financial

Perform analytical procedures

Perform tests of key items

Perform additional tests of details of balances

Perform additional tests for presentation and

Accumulate final evidence

Issue audit report

Communicate with audit committee and

AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES 1

2 AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES

AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES 3

4 AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES

AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES 5

6 AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES

AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES 7

AUDMOD1.4 PSA 120 FRAMEWORK OF PHILIPPINE STANDARDS ON AUDITING

8 AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES

Comparative High, but not Moderate No assurance No assurance

AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES 9

AUDMOD1.5 PSA 200 OVERALL OBJECTIVES OF THE INDEPENDENT AUDITOR AND

10 AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES

AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES 11

12 AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES

AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES 13

AUDMOD1.7 PSA 220 QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS

14 AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES

AUDMOD1.8 PSA 210 AGREEING THE TERMS OF AUDIT ENGAGEMENTS

AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES 15

16 AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES

AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES 17

18 AUDMOD1 OVERVIEW OF AUDITING AND PRE-ENGAGEMENT ACTIVITIES

Вам также может понравиться