Академический Документы
Профессиональный Документы
Культура Документы
Auditing - accumulation & evaluation of evidence about information to determine & report on
the degree of correspondence between the information & established criteria
To do an audit - needs information in a verifiable form & some standards (criteria) by which the
auditor can evaluate the information
Auditing Accounting
Information risk
Causes:
● Remoteness of information
● Biases & motives of the provider
● Voluminous data
● Complex exchange transactions
Reducing information risk:
● User verifies information
● User shares information risk with management
● Audited financial statements are provided
Available Error reports, payroll Financial statements & Documents, records &
evidence records, & payroll calculations by auditor outside sources of
processing costs evidence
Types of Auditors
● Independent certified public accounting firms
● Governmental general accounting office auditors
● Internal Revenue agents
● Internal auditors
❏ Proprietorship
❏ General corporation
❏ Professional corporation
❏ General partnership
❏ Limited liability partnership
❏ Limited liability company
Sarbanes-Oxley Act
● Most important legislation affecting the auditing profession, the provisions of the Act
apply to publicly held companies & their audit firms
● Public Company Accounting Oversight Board (PCAOB) - applicable to US Public
Companies & other SEC registrants
Quality Control Standards (elements) - applicable to CPA firm to aid in satisfying GAAS
● Independence, integrity, & objectivity
● Personnel management
● Acceptance & continuation of clients & engagements
● Engagement performance
● Monitoring
CHAPTER 3: AUDIT REPORTS
Auditor agrees with departure - Departure may not require a qualified/ adverse
from promulgated accounting opinion
principles - Auditor must separately explain in the audit
report that adhering to the principle would have
produced a misleading result
- Circumstances are most unusual
Departures from an Unpopular Opinion - scope limitation, GAAP departure, auditor not
independent
Qualified opinion report can result from a limitation on the scope of the audit/ failure to follow
GAAP | Same introductory & scope paragraphs as the standard report with third paragraph
added and opinion paragraph - qualified
Adverse opinion - auditor believes the financial statements are not presented fairly in
conformity with GAAP | Same introductory & scope paragraphs as the standard report with third
paragraph added and opinion paragraph - adverse
Disclaimer of opinion - issued when auditor is unable to be satisfied that the overall financial
statements are fairly presented, can arise only from a lack of knowledge by auditor | Same
introductory paragraph with second paragraph added and opinion paragraph - disclaimer
Levels of Materiality
- Amounts are immaterial
- Amounts are material but do not overshadow the financial statements as a whole
- Amounts are so material/ so pervasive that overall fairness of the statements is in
question
Materiality level Significance in terms of reasonable Type of opinion
user’s decisions
Ethical Dilemmas - situation a person faces in which a decision must be made about
appropriate behavior, auditors face many ethical dilemmas in their business careers
Audit failure Occurs when the auditor issues an incorrect audit opinion because it
failed to comply with the requirements of auditing standards.
E.g. firm assigning unqualified assistants to perform certain audit tasks
where they failed to notice material misstatements in the client’s records
that a qualified auditor would have found
Audit risk - Represents the possibility that the auditor concludes after
conducting an adequate audit that the financial statements were
fairly stated when in fact they were material misstated
- Is unavoidable because auditors gather evidence only on a test
basis & because well-concealed frauds are extremely difficult to
detect
- Auditors may still fail to uncover a material misstatement due to
fraud to uncover a material misstatement due to fraud despite
fully comply with auditing standards
- An auditor is responsible for every aspect of their public accounting work - auditing,
taxes, management advisory services, accounting & bookkeeping services
- An auditor can be held liable for any penalties & interest if an auditor fails to correctly
prepare & file a client’s tax return
- Legal concepts pertinent to lawsuits involving auditors are:
Prudent person - An auditor is expected to conduct the
audit with due care (prudent person
concept) & is not expected to be
perfect
- Refer to Cooley on Torts, a legal
treatise (pg 108)
- An auditor should possess the degree
of skill commonly possessed by other
auditors & should exercise it with
reasonable care & diligence
- Auditors should be assigned to tasks &
supervised commensurate with their
level of knowledge, skill, & ability so
that they can evaluate the audit
evidence they are examining
- The auditor with final responsibility for
the engagement should know the
relevant professional accounting &
auditing standard
- They should be knowledgeable about
the client & is responsible for the
assignment of tasks
Liability for the acts of others - SSM has issued the Limited Liability
Partnership Act (LLP) 2012
- LLP is an alternative business vehicle
in Malaysia
- Under the LLP, the liability for one
owner’s action does not extend to
another owner’s personal assets
unless the other owner was directly
involved in the actions of the owner
causing the liability
- However, the firm's assets all subject
to the damage arise
- The partners may also be liable for the
work of others on whom they rely
under the laws of agency
- The partners are most likely to rely on
employees, other audit firms engaged
to do part of the work & specialist
called upon to provide technical
information
- The partner can be held liable if their
employee improperly performs in
doing an audit
Gross negligence Lack of even slight care, tantamount to reckless behavior that can
be expected of a person.
Some states do not distinguish between ordinary & gross
negligence.
Fraud Occurs when a misstatement is made & there is both the knowledge
of its falsify & the intent to deceive
Third-party Third party who does not have privity of contract but is known to the
beneficiary contracting parties & is intended to have certain rights & benefits
under the contract
Common law Law that have been developed through court decision rather than
government statutes
Statutory law Laws that have been passed by the Malaysian Government.
The securities Commission Act 1993 & Companies Act 1965
together with their amendments are important statutory laws
affecting auditors.
Joint & several The assessment against a defendant of the full loss suffered by a
liability plaintiff, regardless of the extent to which other parties shared in the
wrongdoing
Non-negligent performance - The audit firm claims that the audit was performed
in accordance with auditing standards
- The auditor is not responsible for undiscovered
misstatements if the audit was conducted properly
- Auditing standards clearly stated that an audit is
subject to limitations & not an absolute assurance
services
- The prudent person concept establishes in law that
the audit firm is not expected to be infallible
Contributory negligence - The auditor claims that the client’s own action
either resulted in the loss that is the basis for
damages/interfered with the conduct of the audit in
such a way that prevented the auditor from
discovering the cause of the loss
- If the audit firm had notified the client of a
deficiency in internal control that would have
prevented the theft but the management did not
correct it, the audit firm would have a defense of
contributory negligence
Absence of causal connection - The client must be able to show that there is a
close causal connection between the auditor’s
failure to follow auditing standards & the damages
suffered by the client
Liability to Third Parties Under Common Law
Ultramares doctrine - Established from case of Ultramares v Touche (1931)
- A primary beneficiary is one about whom the auditor was
informed before conducting the audit
- Ordinary negligence is insufficient for liability to third parties
because of the lack of privity of contract between the third
party & the auditor
- In a subsequent trial of the Ultramares case, the auditor could
be held liable to third parties who are not primary beneficiaries
if there been fraud/gross negligence on the part of the auditor
Foreseen users - The court have broadened the Ultramares doctrine to allow
recovery by third parties in more circumstances by introducing
the concept of foreseen users
- Are members of a limited class of users that the auditor knows
will rely on the financial statements
- Is treated the same as known third party
Management’s Responsibilities
- Preparing & presenting the financial statements (ISA 200)
- Adopting sound accounting policies
- Maintaining adequate internal control
- Making representations in the financial statements
- CEO & CEO of public companies to certify the quarterly & annual financial statements
submitted to the SEC (the Sarbanes-Oxley Act)
- Criminal penalties for falsification of financial statement’s offence (the Sarbanes-Oxley
Act)
Auditor’s Responsibilities
Material vs Immaterial Statements + Material if the combined uncorrected errors &
fraud in the financial statements would likely
have changed/influenced the decisions of a
reasonable person using the statements
+ Auditors are responsible for obtaining
reasonable assurance that the materiality
threshold is satisfied
+ Extreme cost for auditors to detect all
immaterial errors & fraud
An unintentional Intentional
misstatement of the misstatements of the
financial statements financial statements
Nature of Evidence
- Any information used by the auditor to determine whether the information being audited
is stated in accordance with the established criteria
- Includes persuasive information & less persuasive information
- Gathering evidence is a large part of auditor’s works - sufficient competent advice
Sample Size - Once an audit procedure is selected, auditors can vary the
sample size from one to all the items in the population being
tested
- The decision of how many items to test must be made by the
auditor for each audit procedures
- The sample size for any given procedure is likely to vary from
audit to audit
Items to Select The auditor must decide which items in the population to test
Timing - The timing of audit procedures vary from early in the accounting
period to long after it has ended
- It is influenced by when the auditor believes the audit evidence
will be most effective & when audit staff is available
Persuasiveness of Evidence - Two Determinants
Persuasiveness of evidence can be evaluated only after considering the combination of
appropriateness & sufficiency
1) Appropriateness
a) Measure of the quality of evidence, meaning its relevance & reliability in meeting
audit objectives for classes of transactions, account balances & related
disclosures
b) Relevance - evidence must pertain to/be relevant to the audit objective that the
auditor is testing before it can be appropriate
c) Reliability - the degree to which evidence can be believable/worthy of trust
Characteristics of Reliable Evidence
Independence of provider Evidence obtained from a source outside the
entity is more reliable than that obtained from
within
Effectiveness of client’s internal controls When the client’s internal controls are
effective, evidence obtained is more reliable
than when they are weak
To obtain sufficient appropriate evidence To minimize legal liability due to insufficient &
inappropriate evidence issue
To avoid misunderstanding with the client To maintain good reputation with the client
- Likely to accumulate more evidence for companies that are publicly held/have
extreme indebtedness/likely to be sold
- Informations are obtained from the previous audit management & discussions
with management
- Thus, helping the auditor to determine the likely uses of the statements
- An engagement letter states the objective & scope of an audit
CHAPTER 9 RISK & MATERIALITY
Obtain reasonable assurance - auditors do not guarantee/ensure the fair presentation of the
financial statements
Risk
- Auditors accept some level of risk in performing the audit
- Risk exists, are difficult to measure & require careful thought in response
- Proper risk response is critical to achieving a high-quality audit
- Auditors need to understand the client’s business & assess business risk
- The audit risk model helps identify the potential & likelihood of misstatements
- Planned detection risk = acceptable audit risk/(inherent risk x control risk)
Inherent Risk (IR) ● Measures the auditor’s assessment of the likelihood that there
are material misstatements due to error/fraud in a segment
before considering the effectiveness of internal control
● Assessment are based on discussion with management,
knowledge of the company & result in audit of previous years
● High likelihood of misstatements exists, high IR
● High IR, thorough review, experienced staff to be assigned
Planned Detection ● The risk that audit evidence for a segment will fail to detect
Risk (PDR) misstatements exceeding tolerable misstatements.
● It depends on the other 3 risk components (IR, CR and ARR).
● It will change only if the auditor changes one of the other 3 risk
components.
● Determines the amount of substantive evidence that the auditor
plans to accumulate, inversely with the size of PDR.
● Low PDR, high evidence required.
Engagement Risk - used to modify acceptable audit risk & closely relates to client business risk
Factors affecting AAR
● External users reliance on the statements
● The likelihood of financial difficulties
○ The auditor believe the chance of financial failure/loss is high & a corresponding
increase in engagement risk occurs, AAR should be reduced
● Management’s integrity
Factors affecting IR
- Nature of client’s business
- Likelihood of obsolete inventory
- Audit experience
- Likelihood of recurring misstatements which found in the previous audit
- Culture
- Set a high IR for a new client
- Related parties
- Greater likelihood of misstatement from related parties transaction = increase in
IR
- Non-routine transactions
- Transactions that are unusual for a client are more likely to incorrectly recorded
than routine transactions because the client often lacks experience recording
them
- Understanding the client’s business & reviewing minutes of meeting will trigger
non-routine transactions
- Judgement required to correctly record amount balances & transactions
- Factors related to fraudulent financial reporting & misappropriation of asset
- Management’s lacks of integrity that motivated to misstate financial statements
CHAPTER 10 AUDITS OF INTERNAL CONTROL & CONTROL RISK
Organizational Structure
•The structure defines the existing lines of
responsibility and authority.
•The auditor can learn the management and
functional elements of the business and perceive
how controls are implemented.