Chapter 1

Introduction and Overview of

Audit and Assurance

Prepared by
Adrian Klamer
Macquarie University
Distinction between auditing and
accounting
Accounting Auditing

• Accounting involves the actual • determining whether recorded

recording, classifying and information, properly reflects the events
summarising of transactions in that occurred during the accounting
a logical manner period
 Auditing and Assurance defined
• An assurance engagement is defined as ‘an
engagement in which an assurance
practitioner expresses a conclusion designed
to enhance the degree of confidence of the
intended users other than the responsible
party about the outcome of the evaluation or
measurement of a subject matter against
criteria.’
Auditing and Assurance defined
• ‘intended users’ - the people for whom the
auditor/practitioner prepares their report.
Example: shareholders.
• ‘responsible party’ - the person or organisation
responsible for preparing the financial
statements. Example: company.
• ‘subject matter’ – that which the practitioner is
expressing a conclusion on. Example: financial
reports or environmental reports.
• ‘criteria’ – the rules or principles by which the
subject matter is being evaluated.
AUDIT ENGAGEMENT
An engagement performed by an auditor to
provide a reasonable level of assurance
that the “financial report” is true and fair.
Assurance, attestation and
non-assurance services
 Different assurance services
• The most common assurance services are:
1. Financial report audits
an engagement designed to express an opinion
about whether the report is prepared in all
material respects in accordance with a financial
reporting framework (ASA 200, para. 11; ISA 200,
para 11)
– How would you apply ‘financial reporting
framework’ in Australia?
Different assurance services cont’d
– Limitations of an audit:
• There is no guarantee that the financial report is free
from error or fraud.
• The nature of audit procedures and processes are
required to be performed within a reasonable period
and at a reasonable cost. (ASA 200, ISA 200)
• Judgement is required in the process of preparation
of the financial statements.
Different assurance services cont’d
2. Compliance audit
Involves gathering evidence to ascertain whether rules,
policies, procedures, laws and regulations have been
followed.
– A tax audit is an example of a compliance audit.
– Determine that bank requirements for loan continuation have been
met

3. Performance audit
Refers to the economy, efficiency and effectiveness of an
organisation’s activities.
– Usually done by internal auditors or can be outsourced to external
auditors.
– Evaluate computerized payroll system for efficiency and
effectiveness
Different assurance services cont’d
4. Comprehensive audit
Combines elements of financial report audit,
compliance audit and performance audit.
– Often occur in the public sector.
5. Internal audit
Provides assurance about various aspects of an
organisation’s activities.
– Often contain elements of performance audits,
compliance audits, internal control assessments and
reviews.
Different assurance services cont’d
6. Corporate Social Responsibility (CSR)
assurance
– Includes voluntary reporting about
environmental, employee and social subject
matter.
– Incorporates both financial and non-financial
information.
– Auditor must consider environmental issues on
their clients’ financial reports (AGS 1036) even if
reports do not include any disclosures.
 Different levels of assurance
• Auditors may provide varying levels of assurance
when conducting assurance engagements.
1. Reasonable assurance – gathering sufficient
evidence to form a positive expression of
opinion regarding truth and fairness of the
information being assured.
– A positive expression of opinion states that the
subject matter is in accordance with relevant law and
accounting standards.
– Refer Figure 1.1 p. 12 for example audit report
Different levels of assurance cont’d
2. Limited assurance – gathering sufficient
evidence to form a negative expression of
opinion regarding the reliability of the
information being assured.
– A negative expression of opinion states that there
is nothing that has come to the attention of the
auditor to lead them to believe the information
being assured is not true and fair.
– Is a lower level of assurance as being told ‘it is not
wrong’ is not as assuring as being told ‘it is right’.
– A review of a company’s half-year financial report
is an example of a limited assurance engagement
(ASRE 2410, ISRE 2410). Refer Figure 1.2 p. 14 for
example report.
Different levels of assurance cont’d
3. No assurance – auditor reports on factual
findings and does not express any opinion.
– Can include ‘agreed-upon procedures
engagement’ where the client determines the
nature, timing and extent of evidence gathered.
– Client must then draw their own conclusion based
on the outcomes of work performed by auditor.
– Refer Figure 1.4 p. 17 for example report.
– Which level of assurance should Cloud 9 accept?
 The Overall Audit Process
Planning and Risk Conclusion and Reporting
Strategy and Risk Assessment Execution
Identification
Consider Client Identify Significant Classes of
Understand Service Requirements, Determine Audit Scope and Establish the Team

Acceptance/ Transactions and Related Prepare

Continuance Results Applications Execute Tests of Summary of
Controls Audit Differences
Understand
Understand the Flows of
Business Transactions, Understand
and Perform Final
WCGWs and Execute Test of
Understand IT Evaluate the Overall Financial
Controls Journal Entries
Environment Complexity FSCP Statement

Wrap-Up the Engagement

Reassess Combined Risk Assessments
and Determine IT Perform and Other Review
Professional Walkthroughs Mandatory Fraud
Involvement Understand Procedures
Prepare
Team Planning Event

ITGCs
Assess Summary

Post-Interim Event
Select Design and Review
Internal
Engagement Team

Controls to Execute Tests

Update Update Memorandum
Control at the of ITGCs
Test
Discussion

Entity Level Tests of Tests of

Evaluate Controls ITGCs
ITGCs Complete
Identify Fraud Review and
Risks and Make Combined Risk
Approval
Determine Assessments
Perform Summary
Responses Substantive Audit
Design Tests of Controls
Procedures (Lead
Design Tests of Journal Sheets and Audit Prepare and
Determine PM, TE and Entries and Other Mandatory Plan) Deliver Client
SAD Nominal Amount Fraud Procedures Communications
Design
Design
Substantive
Identify Significant General Audit Perform General
Audit
Accounts and Procedures Audit Procedures Complete Documentation
Procedures
Disclosures and and Archive Engagement
Relevant Assertions Prepare Audit Strategies
Memorandum

* Copyright Ernst & Young

 The audit report
• Issued after the audit is completed
• ASA 700 and ASA 701 require:
– An expression of an opinion about the
overall financial report; or
– A specific statement that an overall opinion
is not possible, with reasons
• Wording is reasonably uniform
• The final step in audit process
Importance of the audit report
• It is the only information that is received
directly from the auditor (financial
statements and any attached annual
report comes from management)
• Standard wording helps the user identify
exceptions

Copyright © 2007 Pearson Education Canada

Components of the Auditor’s Report
(See hand out)
• Title
• Addressee
• Paragraphs:
– Introduction
– Scope
– Opinion
• Signature
• City
• Date
 Types of Audit reports
 Unqualified/
Unmodified
 Unqualified With  Others
Emphasis
of the matter

Qualified /Modified Disclaimer of Opinion Adverse Opinion

Opinion
Standard unqualified audit report
• Conditions for standard unqualified
report:
– The financial report is presented fairly, in all
material respects, in accordance with the
applicable financial reporting framework
– The financial information complies with relevant
statutory and other requirements
– The view presented by the financial report is
consistent with the auditor’s understanding of the
entity and its environment
Conditions requiring a departure
1. auditor has disagreement with
management:
– e.g. appropriateness of accounting policies, method
of application and adequacy of disclosure
2. conflict exists between applicable
financial reporting frameworks
3. There is a limitation on the scope of the
auditor’s examination:
– Imposed by client; or
– Beyond either client’s or auditor’s control
Qualified opinion(condition 1,2,3 )

– The auditor is satisfied that the overall

financial report is fairly stated ‘except for’ a
particular item
– May be issued where there is a:
• Disagreement with management
• Conflict between applicable financial reporting
frameworks
• Limitation on the scope of the audit
– Less severe than an adverse opinion or
disclaimer of opinion
Adverse (condition 1,2 )
- Used only when the auditor believes that
the overall financial report is so materially
misstated or misleading that it does not
present fairly the state of affairs, results of
operations or cash flows of the company
– Required where there is a:
• Disagreement with management; or
• Conflict between applicable financial reporting
frameworks
Disclaimer of opinion(condition 3)

– Issued whenever the auditor has been

unable to determine whether the overall
financial report is fairly presented

– Necessity may arise due to a severe scope

limitation
Unqualified audit report with an
emphasis of matter (fig 2.9)

• The auditor may want to emphasise

specific matters regarding the financial
report:
– even though the auditor intends to
express an unqualified opinion
 Additional disclosures
• Preparers of the financial report may be
of the opinion that application of a
particular accounting standard may
mislead the users of that report
• Additional disclosures can be included in
the notes:
– s. 299 of the Corporations Act
• Separate section in audit report:
– To draw attention to the additional
disclosures
 Significant uncertainties
1. Going concern issues – financial,
operational and other indicators
2. Recoverability of receivables,
deferred costs or inventory
3. Loss of major customers, occurrence
of uninsured catastrophes
4. Legal issues that might jeopardise
the entity’s ability to operate
Inconsistent other information
• If there is a material inconsistency:
– The client should be requested to change
the information
• If the client refuses:
– An emphasis of matter section should be
included in the audit report
 Revised financial report
• Where a financial report and the audit
report have already been issued and a
fact is discovered warranting the issue
of a revised financial report:
– The new audit report should include an
emphasis of matter section
 Different audit opinions
• Audit opinions are contained in audit reports
provided by the auditor.
• An unmodified audit report contains an
unqualified or ‘clean’ opinion. Refer Figure 1.1
p. 12.
• All other reports are modified opinions.
• A report can be an unqualified modified report
when an emphasis of matter is added.
• An emphasis of matter is used so that the
reader can pay appropriate attention to the
issue raised, but does not change the auditor’s
opinion (ASA 706, ISA 706)
Different audit opinions contd.
• Other modified reports are qualified (ASA 705). A
qualified opinion is given when there are reservations
about the ‘truth and fairness’ of the financial
statements.
• Can include a qualified or ‘except for’ opinion. This is
when issue(s) are material but not pervasive.
• Adverse opinion would arise when financial report is
misstated and is material and pervasive.
• Disclaimer of opinion would arise when there is an
inability to obtain sufficient appropriate audit
evidence and is material and pervasive.
 Preparers and auditors
• It is the responsibility of those charged with
governance to prepare the financial statements. The
information should include the following attributes:
– Relevant: has an impact on the decisions made by users
regarding the performance of the entity.
– Reliable: Information is free from material misstatements
(errors or fraud.)
– Comparable: information needs to be comparable
through time. Comparable against the same entity over
time and against other entities.
– Understandable: Users need to be able to interpret the
information presented in order to make decisions.
– True and fair: requires the consistent and faithful
application of an applicable framework when preparing
report.
 Preparers and auditors cont’d
• Auditor also has responsibilities relating to the
audit.
– Professional scepticism: maintaining independent
of the entity and having a questioning mind to
thoroughly investigate all evidence presented.
– Professional judgement: use of judgement based
on level of expertise, knowledge and training
obtained by the auditor.
– Due care: being diligent, applying standards and
documenting each stage of the audit process.
Preparers and auditors cont’d
• Assurance services are provided by
accounting and consulting firms.
• There are three tiers of assurance providers
in Australia.
– First tier comprises of the ‘Big 4’, which includes
Deloitte, Ernst & Young, KPMG and
PriceWaterhouseCoopers.
– Mid tier comprises of firms with significant
presence and most have international
affiliations.
– Next tier made up of regional and local
accounting firms.
Demand for audit and assurance
services
• The users of the financial statements are not
limited to the shareholders or owners of the
business.
• Other users can include:
– Investors: can include current or potential
investors. Decisions include to buy, hold or sell
stake in the organisation.
– Suppliers: may want to assess whether the entity
can pay them back for goods supplied.
– Customers: may look into going concern if it is to
rely on the entity for goods.
Demand for audit and assurance
services cont’d
• Lenders: to assess whether loan repayments can
be made as and when they fall due.
• Employees: to assess whether they can pay
entitlements, and stability may be assessed for
job security.
• Governments: whether the entity is complying
with regulations and paying appropriate taxes.
• General public: whether they should associate
with the entity (future employee, customer or
supplier,) what it does and plans to do in future.
 Sources of demand for audit &
assurance services
• Reasons why users demand audited financial
reports include:
– Remoteness: users do not have access to
information themselves.
– Complexity: users do not have knowledge to be
able to make disclosure choices.
– Competing incentives: users may find it difficult
to identify when the incentives of management
have been over-represented.
– Reliability: as decisions are being made based on
information presented, it is important that it be
reliable.
 Theoretical Frameworks
The demand for audit can be explained by the
following three theories:
• Agency theory: Due to the remoteness of the
owners from the entity, the owners have an
incentive to hire an auditor to assess
information provided by management.
• Information hypothesis: Due to the need for
reliable information, users will demand that
information be audited to aid in decision
making.
• Insurance hypothesis: Investors demand audited
financial statements to insure against potential
losses.
Demand in a voluntary setting
• It is becoming more common to voluntarily
disclose CSR information in various forms.
• This is as stakeholders are demanding
information regarding the entity’s impact on the
environment and actions taken to reduce their
impact.
• Entities are not required to have CSR disclosures
assured.
• These services are provided to meet user
demands for high-quality, reliable information
and to demonstrate a high level of corporate
social responsibility.
The role of regulators and regulations
• There are a number of regulators that impact
the audit process. They include:
• Financial Reporting Council (FRC)
– oversees the process used for setting accounting and
auditing standards. Also monitors and reports on
auditor independence.
• Auditing and Assurance Standards Board
(AUASB)
– Responsible for the formulation of auditing
standards.
– AUASB redesigned auditing standards to bring in line
with international standards.
– Responsible for issuing ASRE, ASAE and GS standards
and statements.
The role of regulators and regulations
cont’d
• International Auditing and Assurance Standards
Board
– Develop and issue International Standards on
Auditing (ISAs).
– Operates under the auspices of International
Federation of Accountants (IFAC).
• Accounting Professional and Ethical Standards
Board (APESB)
– Established as an independent body by CPA Australia
and ICAA to issue professional and ethical standards.
– APES standards are mandatory for all members of
CPA Australia, ICAA and NIA.
 The role of regulators and regulations
cont’d
• Australian Securities and Investments
Commission (ASIC)
– Government body that administers the ASIC Act and
much of Corporations Act.
– Plays a role in overseeing of the audit function.
• Australian Securities Exchange (ASX)
– Formed in 1987 after merging of six state based
exchanges.
– Provide additional obligations for entities wishing to
list on the exchange.
The role of regulators and regulations
cont’d
• Companies Auditors and Liquidators Disciplinary
Board (CALDB)
– Responds to ASIC and APRA regarding breaches of
Corporations Act or ASIC Act.
– Board may cancel or suspend auditor, may give
warning or ask for undertaking to improve conduct.
• Professional bodies (including CPA Australia,
Institute of Chartered Accountants in Australia
& National Institute of Accountants)
– Include professionals in public practice, industry,
academia and government.
– Requires further post-graduate study and minimum
work experience periods to join as members.
Regulation
 Regulation cont’d
• Corporations Act
– Provides guidance on conducting audit of financial
reports.
– This includes that certain accounts need to be
audited (s. 301,) the audit report stating whether
it is true and fair & in accordance with accounting
standards (s. 307,) standards must be applied (s.
307A,) retention of audit working papers (s. 307B,)
and independence declaration (s. 307C.)
 Regulation cont’d
• CLERP 9
– Significant changes brought about from 1 July
2004 including auditing standards having ‘force of
law.’
– Other changes include:
• Disclosure of non-audit services provided by auditor.
• Enhanced independence and employment
requirements.
• Auditor rotation based on not exceeding being auditor
for more than five out of the last seven years.
 Audit expectation gap
• Is the difference between the expectations of
assurance providers and financial report or
other users.
• Can be caused by unrealistic expectations
including:
– The auditor providing a complete assurance.
– The auditor guaranteeing future viability of entity.
– An unqualified opinion denotes complete
accuracy.
– The auditor will find all frauds.
• We know these cannot be met by the auditor.
 Audit expectation gap cont’d
• The expectation gap can be reduced by:
– Auditors performing their duties appropriately
– Undertaking peer reviews of work performed
– Reviewing and updating auditing standards.
– Educating the public.
– Enhanced reporting explaining audit processes
and levels of opinion auditors provide to the
entity.
– Greater attention to the risk of material fraud
occurring.