CPA Audit Notes
Short Description
CPA Audit Notes...
Description
AUD - Notes Chapter 1 http://www.cpa-cfa.org
Audited F/S – The Basics Basics Company’s mgmt responsible to prepare the F/S Auditors responsible to express an opinion on the F/S and on mgmt’s assertion on internal controls (if public) The primary assertion is whether the statements are presented fairly! in accordance with "AA#
Professional Standards Standards "enerally Accepted Accounting Standards $ "AAS "enerally Accepted "o%ernment Auditing Standards $ "A"AS The #ublic Company Accounting &%ersight 'oard $ #CA&' #ublic accounting firms must register with #CA&' in order to audit public companies egistered firms are sub*ect to board inspection+ disciplinary proceedings+ and sanctions "AAS $ T,# #,- AC.& "eneral standards $ T,# T $ Training , $ ,ndependence (in fact and appearance) # $ #rofessional Care Standards of Field or0 $ #,# $ #lanning and super%ision , $ ,nternal control+ entity and en%ironment Strong controls imply the auditor will re1uire less e%idence ea0 controls imply the auditor will re1uire more e%idence (more wor0) An exam tric02 wea0 internal controls does not e1ual an ad%erse opinion - $ -%idence Standards of eporting $ AC.& A $ Accounting Accounting 3 "AA# -xplicit2 &pinion must state that the acctg used was "AA# C $ Consistency between periods ,mplicit2 Silence is o0ay cause its implied . $ .isclosure ,mplicit2 Silence is o0ay & $ -xpress &pinion -xplicit2 &pinion must state ,n our opinion4! 5eant to pre%ent misinterpretation of the degree of responsibility the auditor is assuming when his/her name is associated with the F/S The auditor may express different opinions of different sections ('/S+ ,/S) The auditor may express an opinion on 6 section and not the others as long as information has not been limited • •
• •
Reports on Audited Audited F/S The Auditors Standard eport (7n1ualified &pinion) Title Addressee ,ntroductory #aragraph $ 2 Statement that the F/S as identified in the report were audited Statement that the F/S are the responsibility of mgmt and the auditors responsibility is to express an opinion Scope #aragraph #aragrap h $ A#5-A52 A#5-A5 Statement that the audit was was conducted in accordance with 78S8 "AAS • •
•
1
AUD - Notes Chapter 1 http://www.cpa-cfa.org
Statement that the audit was planned and and performed to to obtain reasonable assurance that the F/S are free from material misstatement Statement that the audit included examining evidence on a test basis2 assessing the accounting principles used and significant estimates made by mgmt 2 and e%aluating the o%erall presentation Statement that the audit pro%ides a reasonable basis for an opinion &pinion #aragraph Statement referring to the F/S specifically identified in the introductory paragraph An opinion as to the fair presentation of the F/S (AC.&) Statement regarding conformity with 78S8 "AA# (AC.&) Firm 9ame eport .ate The eport should be dated on or after the date on which appropriate audit e%idence sufficient to support the opinion has been obtained Sample unqualified opinion – A1-14 •
•
•
• • •
•
"AAS in referenced to in the Scope paragraph "AA# is referenced to in the &pinion paragraph #CA&' Standards $ for publicly traded companies Audits of Issuers (public companies) $ #CA&' auditing standard 9o8 6 re1uires the auditor’s report to include 3a reference to the standards of the #CA&' Audits of nonissuers (private companies) $ An auditor may+ but is not re1uired to+ conduct the audit of a nonissuer in accordance with both "AAS and #CA&. auditing standards nqualified opinion $ clean2 F/S presented fairly in all material respects+ doesn’t mean good in%estment !odified nqualified opinion $ additional explanatory language "ualified opinion $ states except for!2 material "AA# or "ASS problem Adverse opinions $ %ery material "AA# problems #isclaimer of opinion $ significant "AAS problem $%art on A1-1& memori'e
7ncertainties $ impairments+ intangibles+ lawsuits+ warranties 5anagement’s responsibility -stimate the effect of future e%ents on the F/S and record and present this estimate+ or .etermine that a reasonable estimate cannot be made and ma0e the re1uired disclosures to that effect • •
emember under "AA# 'oth probable and reasonably estimatable record -ither probable or reasonably estimatable disclose ,f mgmt’s analysis is supported and properly reported or disclosed+ the auditor issues and un1ualified opinion with no reference to the uncertainty in the report 7n1ualified opinion: "AA# 3 o02 "AAS 3 o0 ,f the auditor is unable to obtain sufficient e%idential matter in%ol%ing an uncertainty and its presentation or disclosure+ the auditor should consider expressing a 1ualified ("AAS) opinion or to disclaim an opinion to scope limitation8 ;ualified or .isclaimer: "AA# 3 ed to ma0e *udgement calls • • • •
,f a specialist is used must e%aluate the competence and ob*ecti%ity of the specialist8 Treat li0e one of your staff8
Fraud and "lleal Acts .rrors $ unintentional raud $ intentional2 types 68 Fraudulent financial reporting (lying) $ designed to decei%e F/S users8 7sually in%ol%e manipulation+ misrepresentation+ intentional misapplication of accounting principles 8 5isappropriation of assets (stealing) $ theft of an entities assets
Fraud ris0 factors include: ,ncenti%es/pressures: a reason to commit fraud &pportunity: lac0 of effecti%e controls ationali>ation/attitude: an attempt to *ustify fraudulent beha%iour • • •
,ts mgmt’s responsibility to design and implement programs and controls to pre%ent and detect fraud The auditor has a responsibility to plan and perform (referred to as design) the audit to obtain reasonable assurance about whether the F/S are free from material misstatement+ whether caused by error or fraud8 5gmt o%erride of controls is a ma*or factor in fraud8 ,n1uire entire personnel regarding their %iews of fraud ris0 ,nconsistent responses indicate a need for additional e%idence Consider the results of analytical procedures (re1uired during the planning and final stage) 17
AUD - Notes Chapter 1 http://www.cpa-cfa.org
Attributes of ris0: Type of ris0: fraudulent F/S or misappropriation of assets Significance of ris0: can it lead to a material misstatement ?i0elihood of the ris0: how li0ely is this to happen #er%asi%eness of the ris0: does it affect the whole F/S or only specific accounts or transactions Areas of greatest fraud concern: 68 ,mproper re%enue recognition 8 5gmt o%erride controls • • • •
,tems are more susceptible to manipulation when they in%ol%e: 68 igh degree of mgmt *udgement and sub*ecti%ity 8 ighly complex accounting principles The auditor is re1uired to respond to the results of the ris0 assessment on three le%els 68 &%erall+ general response assigning personnel to the engagement determining the appropriate le%el of super%ision of engagement personnel e%aluating mgmt’s selection and application of accounting principles 8 esponse encompassing specific audit procedures change nature change extent change timing D8 esponse addressing ris0s related to mgmt o%erride examine *ournal entries and other ad*ustments re%iew accounting estimates for biases e%aluate the business purpose for significant unusual transactions Significant fraud ris0 $ may consider withdrawing from the engagement e%enue recognition perform substanti%e analytical procedures relating to re%enue confirm with customers contract terms and the absence of side agreements e%enue recognition criteria 68 must ha%e an arrangement (signed agreement) 8 must be a deli%ery D8 must be fixed or determinable price E8 collectability ,n%entory 1uantities concern that there may be a failure to reconcile boo0s to physical in%entory 5gmt estimates engage a specialist de%elop an independent estimate perform a retrospecti%e re%iew of prior period estimates (how good were last yr’s estimates) 5isstatements caused by fraud (e%en immaterial misstatements) may be indicati%e of an underlying problem with mgmt integrity8 The auditor may need to ree%aluate the assessment of fraud ris0+ the assessed effecti%eness of controls+ and the appropriateness of audit procedures applied8 ,nform the audit committee of any fraud8 #arties outside the entity that we may communicate with in certain circumstances: 18
AUD - Notes Chapter 1 http://www.cpa-cfa.org
to comply with certain legal and regulatory re1uirements to a successor auditor in response to a subpoena to a funding agency Complete documentation of the auditors ris0 assessment and response is re1uired ,f the auditor has not identified improper re%enue recognition as fraud ris0+ support for this conclusion ,llegal acts $ %iolation of law The auditors responsibility to detect illegal acts are the same for fraud and errors8 The auditor has no obligation to loo0 for illegal acts ha%ing an indirect effect on the F/S The auditor generally does not include procedures to specifically detect illegal acts -ffect of illegal acts on the auditors report .eparture from "AA# $ expect for! or ad%erse ,nsufficient e%idence $ except for! or disclaimer Clients refuses to modify report $ withdraw
Ris) Assessment T,# #,- AC.& (fieldwor0) Audit Steps ,5AC#A , $ ,nternal control+ understand 5 $ 5aterial misstatement+ assess A $ Assess ris0 control C $ Control testing # $ #erform substanti%e testing A $ Audit e%idence+ e%aluate appropriateness and sufficiency , ,nternal control $ obtain an understanding of the entity and its en%ironment is0 assessment procedures ,n1uires Analytical procedures (re1uired for planning and final stages) &bser%ation and inspection .iscussion among audit team &ther procedures The auditor may choose to perform substanti%e procedures or tests of controls+ if its efficient to do so Factors to understand ,ndustry+ regulatory+ and other external factors 9ature of the entity &b*ecti%es+ strategies and business ris0s 'usiness ris0s $ e%ents or circumstances that could ad%ersely affect the firm (ie competition) Financial performance ,nternal controls and accounting policies • • • • • •
• • •
• •
5 $ 5aterial misstatement+ assessing the ris0s Factors that my be indicati%e of significant ris0s 7nusual+ complex transactions 'usiness ris0s Fraud ris0 • • •
19
AUD - Notes Chapter 1 http://www.cpa-cfa.org
Significant related party transactions ighly sub*ecti%e accounting estimates and principles esponse to significant ris0s -%aluate the design of the entity’s related controls .etermine whether the controls ha%e been implemented -%aluate whether and how mgmt responds to such ris0s • •
• • •
Test of controls $ test strengths to be relied upon+ not wea0nesses Controls that are more directly related to an assertion are more effecti%e in pre%enting+ detecting and correcting a misstatement in that assertion+ than controls which only relate indirectly to an assertion8 .ocumentation re1uirements .iscussion among the audit team @ey elements of the understanding of the entity and its en%ironment The assessment of the ris0s of material misstatement The identified ris0s and related controls e%aluated by the auditor • • • •
.ocument 68 control factors that were used/helped to plan the audit engagement 8 control factors that helped ensure mgmt rules and directi%es were followed Forms of documentation may include any item the auditor can F,9. F $ Flowchart , $ ,nternal control 1uestionnaire or chec0lists 9 $ 9arrati%e . $ .ecision table Flowcharts $ symbolic diagram representing the se1uential flow of authority+ processes and documents8 .epicts the auditors understanding of the system An ade1uate flowchart shows the origin of each document in the system+ its subse1uent processing+ and its final disposition ,T flowcharts are initially created to document the logic and existing flow of a computer program •
•
,nternal control 1uestionnaires $ used for each item of mgmt assertions 9arrati%es $ a narrati%e is a written %ersion of a flow chart (hard to see! wea0nesses .ecision tables or trees $ graphic illustrations that depict the logic of an operation or a process A flowchart is se1uential while a decision table/tree is logical
"nternal Control T,# #,- AC.& -ntity ob*ecti%es 68 eliability of financial reporting (most rele%ant to the audit) 8 -ffecti%eness and efficiency of operations D8 Compliance with applicable laws and regulations
20
AUD - Notes Chapter 1 http://www.cpa-cfa.org
Controls that pertain to the first ob*ecti%e (reliability of financial reporting) are the most rele%ant to the audit+ and these are the controls that the auditor must consider and understand8 Fi%e components of internal controls $ C,5C $ Control en%ironment: o%erall tone of the organi>ation $ is0 assessment $ mgmt’s identification of ris0 , $ ,nformation and communication systems 5 $ 5onitoring: assessment of internal controls o%er time - $ -xisting control acti%ities: control policies and procedures ,t’s a C,5- not to ha%e strong internal controls Control testing 3 internal controls (C,5-) Substanti%e testing 3 M balances The auditor should obtain an understanding of C,5- as it pertains to financial reporting: 68 e%aluate the design of rele%ant controls and determine whether then ha%e been implemented 8 assess the ris0 of material misstatement D8 design the nature+ extent and timing of further audit procedures (C#A tests internal controls in order to ade1uately plan the 9-T audit) ?imitations of internal controls uman error Collusion 5gmt o%erride Segregation of duties may be difficult to achie%e in a smaller entity • • • •
,T system may ma0e it impossible to reduce detection ris0 through substanti%e testing alone (must do control testing as well) ,T benefits: Ability to process large %olumes of transactions accurately ,mpro%ed timeliness and a%ailability of information Facilitation of data analysis and performance monitoring eduction is the ris0 that controls will be circum%ented -nhanced segregation of duties through effecti%e security controls • • • • •
,T is0s: #otential reliance on inaccurate systems 7nauthori>ed access to data 7nauthori>ed changes to data+ systems and programs Failure to ma0e re1uired changes and updates to systems or programs • • • •
Auditor should document use of programs and perform tests more often during the yr &rgani>ational structure of the ,T department C $ Control group $ responsible for internal control within ,T dept8 & $ #rogram &perators $ input data # $ #rogrammers $ write and de%elop computer programs A $ System Analysts $ design the o%erall program+ while programmers do the detailed wor0 ? $ ?ibrarian $ maintains the storage of the data 21
AUD - Notes Chapter 1 http://www.cpa-cfa.org
Anyone doing for an 6 *ob or super%ising another area is a wea0ness C,5C $ Control -n%ironment $ has per%asi%e effect on the auditors ris0 of assessment and preliminary *udgements about its effecti%eness may influence 9-T of further audit procedures to be performed Sets the tone of an organi>ation+ influencing the control consciousness of its people Communication and enforcement of integrity and ethical %alues 5gmt’s philosophy and operating style &rgani>ational structure Assignment of authority+ responsibility and accountability uman resource policies and practices • • • • • •
$ is0 assessment C#A should obtain understanding and 0nowledge •
, $ ,nformation and communication C#A should obtain understanding and 0nowledge Accounting process (automated and manual)+ from initiation of a transaction to F/S Accounting records (electronic and manual) supporting information and specific accounts in%ol%ed in initiating+ authori>ing+ recording+ processing and reporting transactions The financial reporting process+ including the de%elopment of significant accounting estimates and the inclusion of appropriate disclosure • • •
•
5 $ 5onitoring C#A should obtain understanding and 0nowledge #rocess that assesses the 1uality of internal control performance o%er time -stablishing and maintaining internal control is a responsibility of mgmt • • •
- $ -xisting control acti%ities Control acti%ities in a strong internal control system ha%e #A,. T,#S # $ #renumbering of documents A $ Authori>ation of transactions , $ ,ndependent chec0s to maintain asset accountability . $ .ocumentation T $ Timely and appropriate performance re%iews , $ ,nformation processing controls $ ensure that transactions are %alid+ authrori>ed+ and accurate Application controls $ controls for processing of indi%iduals transactions "eneral controls $ apply to information processing throughout the company # $ #hysical controls for safeguarding assets $ simply security S $ Segregation of duties $ client should separate: A+$ Authori>ation ecord0eeping Custody of related assets The internal control en%ironment should be detected in the ordinary course of business by an employee+ not Collusion 5gmt o%errides For internal controls the auditor should &btain the necessary understanding of the user organi>ations internal control to plan the audit Assess the control ris0 at the user organi>ation+ and • •
22
AUD - Notes Chapter 1 http://www.cpa-cfa.org •
#erform substanti%e procedures
eport on controls placed in operation $ may aid the auditor in obtaining an understanding of controls+ howe%er+ it is pro%ided when tests of operating effecti%eness were not performed+ and therefore it does not pro%ide the user with a basis for reducing the assessment of control ris0
Respondin to Assessed Ris)s ,5AC#A Audit approach $ the auditors specific approach to identified ris0s at the rele%ant assertion le%el may consist of either a substanti%e or combined approach 7se substanti%e approach when: Controls are not strong for an assertion 9ot cost/benefit to test the effecti%eness of the controls • •
Combined approach $ both control testing and substanti%e procedures are used8 ,f controls are operating effecti%ely+ less assurance will be re1uired from substanti%e procedures8 Test of controls may be re1uired in highly electronic en%ironments+ substanti%e procedures alone may not be sufficient
Status of internal control 9one or wea0 Some Strong
Audit approach is0 le%el #erform control tests #erform substanti%e tests high 9o (because nothing to rely on) yesmaximum medium Kes low Kes minimal (but ne%er eliminate for material balances+ transaction classes+ or disclosures)
Test of Controls ,5AC#A Test of controls are performed when the auditors ris0 assessment is based on the assumption that controls are operating effecti%ely+ or when substanti%e procedures alone are insufficient8 (test control strengths+ not wea0nesses) &btaining an understanding of internal controls includes e%aluating the design of controls and determining whether they ha%e been implemented &nly controls that are suitably designed to pre%ent or detect material misstatements are sub*ect to tests of operating effecti%eness ,nspect client records documenting use and changes to ,T programs 9ature of tests of controls Tests of operating effecti%eness of controls include: in1uiries+ inspection+ obser%ation+ and reperfornance As the planned le%el of assurance (about operating effecti%eness) increases+ the auditor should obtain more reliable or more extensi%e audit e%idence • •
-%idence hierarchy: 68 #ersonal obser%ation and 0nowledge 8 -xternal e%idence 23
AUD - Notes Chapter 1 http://www.cpa-cfa.org
D8 ,nternal e%idence E8 &ral e%idence Timing of tests of controls hen tests of controls are performed at one particular time+ they pro%ide e%idence that controls operated effecti%ely only at that time8 Controls tested throughout the period pro%ide e%idence of operating effecti%eness during that period Controls that are tested only during an interim period should be supplemented by additional e%idence for the remaining period (roll forward) ,f controls ha%e changed since they were last tested+ operating effecti%eness must be retested in the current period -%en if controls ha%e not changed+ operating effecti%eness must be tested at least one e%ery third year #erform substanti%e testing $ ,5AC#A 7sed to detect material misstatements at the rele%ant assertion le%el Substanti%e procedures should be designed to be responsi%e to assessed ris0s+ howe%er+ regardless of the assessed ris0+ substanti%e procedures are re1uired for each material transaction class or account balance •
•
•
•
• •
types of substanti%e procedures 68 Test of details $ applied to transaction classes+ account balances and disclosures8 M balances+ ratios 8 Substanti%e analytical procedures $ used for large %olume predictable transactions .irectional testing To test existence or occurrence assertion $ Top down+ start from F/S8 ?oo0 for support 3 %ouching Test existence for o%erstatement of assets and re%enues To test completeness assertion $ 'ottom up+ start from item+ loo0 to see its included/co%ered in F/S 3 tracing Test completeness for understatement of liabilities and expenses ,f substanti%e procedures are performed at an interim date+ the auditor should perform further substanti%e procedures (maybe with test of controls) to pro%ide reasonable basis for extending audit conclusions to period end ,f ris0 of material misstatement is low+ performing substanti%e procedures at interim increases the ris0 that the auditor will not detect material misstatements in the F/S ,n certain situations+ such as those in which there is an identified fraud ris0+ the auditor may choose to perform substanti%e procedures at or near period end8 Audit e%idence+ e%aluate appropriateness and sufficiency $ ,5AC#A Audit e%idence obtained may cause the auditor to modify this or her initial ris0 assessment The auditor should not assume that an identified instance of fraud or error is an isolated occurrence hen there is a change in the assessed le%el of ris0+ the auditor should modify planned procedures accordingly The auditor uses *udgement to e%aluate the sufficiency and appropriateness of audit e%idence • • •
•
24
AUD - Notes Chapter 1 http://www.cpa-cfa.org
Transaction C$cles T,# #,- AC.& $ whole chapter E e%enue cycle $ includes sales re%enues+ recei%ables and cash receipts Sales (serially number documents are #A,. T,#) 68 #reparation of sales order $ a serially numbered sales order is prepared and sent to the credit department for appro%al 8 Credit appro%al $ %aluation assertion+ credit department determines (AC) D8 Shipment $ Shipping department prepares a serially numbered bill of lading (AC) E8 'illing $ 'illing dept8 prepares serially numbered sales in%oice8 Shipping documents+ sales orders+ and in%oices are compared to ensure that all shipments were based on customer orders and properly billed8 The in%oice is then sent to the customer and A/ dept8 (AC) H8 Accounting $ the sale is entered into the sales *ournal and a recei%able is recorded (AC) Accounts recei%able 68 Sales 8 Collection of cash receipts D8 7ncollectible recei%ables $ an aging schedule is prepared and sent to the credit department for use in carrying out its collection program8 Auditor obser%es the preparation of aging schedule to support assessing control ris0 below maximum E8 Sales returns $ a serially numbered recei%ing report may be used as a sales return slip8 &nce the return is appro%ed+ the related recei%able is eliminated Cash receipts 68 Collection $ incoming mail must be opened by a person who does not ha%e access to the A/ ledger8 &ne receipt copy should be sent to cashier (or treasury) for ban0 deposit8 Another copy sent to A/ dept8 for entry into the A/ subsidiary ledger8 A third copy should be sent to acctg dept8 for entry into the general ledger Testing controls for Sales ,n1uire about credit procedures for new customers (%aluation) (AC) Compare sales *ournal to subsidiary ledgers ,nspect a sample of prenumbered shipping documents and agree to sales order (existence) account for prenumbered (completeness) Bouch a sample of sales in%oices+ trace a sample of shipping documents ,nspect customer exception file and disposition (existence+ completeness+ rights and %aluation) Send confirmations $ follow up on error reports (rights and obligations) Test cutoff Test ade1uacy of uncollectible accounts • • •
• • • • •
-xpenditure cycle #urchases 68 #urchase re1uisition $ the dept8 needing an asset or ser%ices sends an appro%ed serially numbered re1uisition to the purchasing dept 8 #urchase orders $ obtain competiti%e bids from %arious suppliers to ma0e sure that the best price is obtained8 7se prenumbered purchase orders D8 eceipt of goods or ser%ices it is preferable that the copy not indicate the 1uantity ordered (blind copy)+ thus the recei%ing dept is forced to count the goods upon arri%al
25
AUD - Notes Chapter 1 http://www.cpa-cfa.org
Accounts payable 68 record the payable 8 appro%e the bill $ when the in%oice arri%es+ the accounting department appro%es it by matching the in%oice+ purchase order+ recei%ing report+ and (sometimes) the re1uisition Cash disbursements 68 best for internal controls to pay in%oices by chec0 8 best for internal control to segregate appro%ing payment and writing chec0s D8 Treasurer pays the bills The accounting department has three functions 68 to record the payable 8 to appro%e the in%oice for payment D8 to record the payment after its paid by the treasurer
The auditor should re%iew bills in =anuary to determine is they were incurred in 9o% or .ec (search for unrecorded liabilities8 Audit procedures related to cash ,nternal controls o%er the handling of cash is one the most critical areas of an audit2 proper segregation of duties The auditor should obtain cutoff ban0 statements used to test for lapping and 0iting Bouch postings to ledger accounts+ reconcile ban0 statements+ and %erify cash transactions •
• •
Simultaneously %erify internal and external e%idence ,nternal e%idence $ includes counting cash on hand and reconciling it with the *ournals -xternal e%idence $ includes confirming accounts on deposit with ban0s+ all securities on deposit and obtaining ban0 cutoff statements /apping $ theft of cash is often concealed by failing to account for cash receipts (today’s cash receipts co%er yesterday’s theft) • 'est way to guard against lapping is to use a loc0 box system8 ,nspect chec0s when deposited/cashed and compare to when accts recei%able was boo0ed
@iting $ when a chec0 drawn on one ban0 is deposited in another ban0 and no record is made (cash is recorded in places at once (.ec D6)) A ban0 transfer schedule compares the dates chec0s are drawn to the dates chec0s are deposited •
A standard ban0 confirmation should be sent to all ban0s that the client has done business with during the year+ regardless of whether there is a year end balance to confirm8 #otential misstatements ecording fictitious sales (existence assertion) olding open the sales *ournal to include next year’s sales (improper cutoff) Shipping unordered goods near year end which can be returned (bill and hold) Failure to record payments Sales ad*ustments may be used to conceal thefts of cash collections • • • • •
educe ris0 by AC 26
AUD - Notes Chapter 1 http://www.cpa-cfa.org
Audit *ocumentation Audit documentation (wor0papers) belong to the C#A (not the clients acctg records) and are meant to support the auditors opinion and record audit procedures performed and e%idence obtained Audit documentation should: ,ndicate that the accounting records support/reconcile to the F/S Contain enough detail so an auditor with no prior 0nowledge can understand the whole audit Support that the audit was conducted in accordance with "AAS • • •
eport release date $ date on which the auditor grants the client permission to use the report (usually date report is deli%ered to the client) For pri%ate companies+ auditing standards re1uire audit documentation be completed I days from report release date and held for H years from that date For pri%ate companies+ the #CA&' re1uires audit documentation be completed EH days from report release date and held for J years from that date The specific 1uantity+ type and content of audit documentation are based on the auditors *udgement ermanent (continuous) file $ audit documentation that has continuing interest from year to year contracts+ pension plans+ leases+ stoc0 options+ bylaws $urrent file $ all audit documentation applicable to the year under the audit
Audit documentation should include significant audit findings+ actions ta0en+ and conclusions reached+ such as: Selection and application of accounting principles #ossible material misstatements 9eed to re%ise the auditors pre%ious ris0 assessment Significant difficulty in applying necessary audit procedures 5odification to the auditors standard report • • • • •
Kou can pro%ide audit documentation to another party without the clients permission: ,f it’s subpoenaed in court To your defense team: lawyers+ insurance company+ expert witnesses A,C#A for an in%estigation or 1uality re%iew • • •
Audit Evidence Audit e%idence $ all the information an auditor uses to arri%e at the opinion The auditor should ha%e access to all pertinent accounting data and corroborating e%idential matter (otherwise it’s a scope limit) Types of audit e%idence 7nderlying accounting records $ test through analytical procedures and substanti%e tests+ such as retracing+ recalculation and reconciliation Corroborating e%idence $ pro%ides additional support for the acctg data2 obser%ation+ in1uiry and inspection •
•
27
AUD - Notes Chapter 1 http://www.cpa-cfa.org •
-lectronic e%idence $ consider the time during which information exists or is a%ailable in determining the nature+ extent and timing of audit procedures8
The third standard of fieldwor0 $ The auditor must obtain sufficient appropriate e%idence by performing audit procedures to afford a reasonable basis for an opinion regarding the F/S under audit! -%idential matter must persuade the auditor that the ending balance in the F/S are fairly presented (persuasi%e rather than conclusi%e) Cost/benefit relationship may be a %alid reason for performing only certain procedures+ cost alone or difficulty in obtaining e%idence is not a %alid basis for omitting a procedure -%idential matter should be %alid and rele%ant The greater the ris0 of material misstatement the more e%idence will be re1uired The higher the 1uality of audit e%idence the less audit e%idence needed -%idence must relate to the financial statement assertion under consideration The e%aluation of e%idential matter must ta0e into consideration the achie%ement of audit ob*ecti%es Substanti%e procedures are performed to e%aluate mgmt’s assertions which help detect material misstatement Substanti%e procedures consist of: 68 Test of details (applied to transactions balances and disclosures) 8 Substanti%e analytical procedures Analytical #rocedures Comparison of financial data $ re%iew current and prior year’s F/S and the current years budget+ industry norms+ and nonfinancial information 5ost effecti%e and efficient for assertions in which potential misstatements are not apparent from detailed e%idence or is not a%ailable •
•
The ,/S has more predictable relationships than the '/S Accts with mgmt discretion are less predictableN Analytical procedures for planning phase and final re%iew phase are re1uired8 owe%er analytical procedures used as substanti%e tests are not re1uired8 .ocumentation re1uirements+ expectation+ factors+ results+ additional audit procedures performed and results of those procedures ,n%estigate significant differences (if found): ma0e in1uires of mgmt+ in necessary expand audit procedures or alternati%e substanti%e procedures8 .ifferences do not necessarily indicate errors or fraud+ but simply indicate the need for further in%estigation Analytical procedures are applied during the o%erall re%iew stage of an audit to e%aluate the o%erall F/S presentation and assess the conclusions reached Test of .etails .irectional testing refers to testing either forward or bac0ward ,f a test starts with items in the accounting records+ the proper assertion is most li0ely existence 28
AUD - Notes Chapter 1 http://www.cpa-cfa.org
,f a test starts with source documents+ it is most li0ely related to the completeness assertion Standard auditing procedures $ F,B- CA&TS F $ Footing+ crossfooting+ recalculation $ %erify mathematical accuracy , $ ,n1uiry $ both internal and external B $ Bouching $ directional testing2 auditor examines support for existence and occurrence assertions - $ -xamination/,nspection $ pro%ides e%idence about the existence assertion C $ Confirmation $ Type of in1uiry obtained from third party A $ Analytical procedures $ e%aluate financial information through the study of data relationships $ eperformance $ auditor reperforms procedures or controls originally performed by the client $ econciliation $ substantiates the existence and %aluation of accounts & $ &bser%ation $ auditor loo0s at a process or procedure performed by others T $ Tracing $ directional testing2 examines support for the completeness assertions S $ Subse1uent e%ents re%iew $ perform certain procedures after balance sheet date &ther procedures Cutoff testing Test related account simultaneously e1uesting a comprehensi%e mgmt representation letter eading pertinent information • • • •
Evidential Procedures for Selected Accounts ,n%entory The obser%ation of beginning and ending in%entory is re1uired8 5ay use alternati%e procedures to *ustify an opinion (acceptable when its impractical or impossible to obser%e in%entory8 The client counts the in%entory and the auditor simply obser%es and test counts certain items Consigned in%entory on hand is excluded from in%entory count elated accounts $ in%entories+ purchases+ sales+ sales returns and allowances+ and C&"S The auditor should examine purchase in%oices and recei%ing report around yr end for cutoff testing The auditor should examine sales in%oices and compare them to shipping documents around yr end for cutoff .etermine whether in%entory adhere to lower of cost or mar0et principles and whether in%entory is pledged or sub*ect to liens -xamine %endor in%oices+ direct labor rates and test the computation of o%erhead rates Accounts recei%able confirmations #ositi%e confirmations $ re1uest response from the recipient (may be blan0) 'est type of confirmation for: large accounts+ expect errors and disputes+ wea0 internal controls A greater degree of assurance but may result in lower response rate 9onresponses should be: followed up+ the client may ha%e to inter%ene+ perform alternati%e procedures "enerally pro%ide e%idence regarding existence and rights and obligations • • • •
9egati%e confirmations $ recipient is as0ed to respond only if the amount stated in incorrect 9ot as good as positi%e confirmation •
29
AUD - Notes Chapter 1 http://www.cpa-cfa.org •
7se when there is low ris0+ small balances+ belief that the receipt would respond if there was a discrepancy
Accounts payable confirmation $ not re1uired Are positi%e confirmations and generally left blan0 &b*ecti%e is to determine whether A/# is understated Should be sent when internal control is wea0 Typically send to %endors with small or >ero balances would be selected for confirmation owe%er+ unrecorded liabilities generally surface e%entually when unpaid %endors stop deli%ering goods • • • •
#ayroll and #ersonnel There should be segregation of duties as follows Authori>ation to employ and pay $ function of to hire new employees Super%ision $ all pay base data (hours+ timeoff) should be appro%ed Time0eeping and costs accounting $ data on which pay is based+ hours wor0ed or *obs completed #ayroll chec0 preparation $ computes salary based on information recei%ed+ later signed by the treasurer • • • •
Control procedures $ #A,. T,#S ##Ac1uisition $ a special re1uisition form is needed8 Ac1uisitions are ties to the capital budget and the board of directors should also ha%e to appro%e the ac1uisition8 Subsidiary ledgers $ detailed information on each asset is 0ept in the subsidiary ledger #hysical security ritten policies $ on depreciation and capitali>ation .isposition $ retirement of assets should be documented and se1uentially numbered •
• • • •
Audit procedures Bouch additions e%iew retirements and recalculate any gains/losses e%iew repair and maintenance accounts in order to locate items that should ha%e been capitali>ed 'e alert for lien’s on assets (borrowed) Companies cannot/do not insure fixed assests they do not ha%e Companies do not pay real estate taxes on property they don’t own Tour plant and in1uire • • • •
?iabilities 9otes payable $ examine the note+ comparing terms and amounts to board appro%al8 ,nterest expense should be independently computed ?ong term debt $ ensure that interest expense is properly reported+ %aluation is fairly reported+ all debt has been recorded8 Compare interest expense with the bond payable amount for reasonableness Contingencies $ loo0 at guarantees+ purchase commitments+ leases+ tax returns+ clients legal counsel •
•
•
&wners -1uity Treasury stoc0 $ auditor should examine all shares of treasury stoc0 and reconcile the number of TS shares8 Compare to authori>ation in the minutes of the board meeting Stoc0 transactions $ %ouch to supporting documentation •
•
All issues relating to stoc0+ di%idends+ and TS must be authori>ed by the board of directors Articles of incorporation goes in the permanent audit file 30
AUD - Notes Chapter 1 http://www.cpa-cfa.org
,f the client uses a stoc0 transfer agent+ use third party confirmations ,f the client doesn’t use a stoc0 transfer agent+ chec0 the stoc0 certificate boo0 Consider whether any appropriations of retained earnings are necessary (due to loan co%enants)8 The auditor focuses on e%aluating the presentation and disclosure of the F/S (mgmt assertions 3 classification G understandability)
Audit Evidence+ ,iscellaneous "tems elated #arty Transactions Concerned about %aluation and accuracy A related party transaction is not considered to be an arms length transaction Should be ade1uately disclosed • • •
.etermining the existence of related party transactions -%aluate company’s procedures and policies for related party transactions ,n1uire mgmt and predecessor auditor e%iew entity’s filings with the S-C e%iew board minutes Compensating balance agreements ?oan agreements 7nusual+ nonrecurring transactions new year end • • • • • • •
Accounting -stimates Assess mgmt’s written policies and practices of acctg estimates Berify that all material estimates ha%e been de%eloped .etermine that the accounting estimates are reasonable -nsure that the accounting estimates are properly presented and disclosed in conformity with "AA# Test for reasonableness Are they using the same methods #ast trac0 record of estimates is good =ustify any changes in approach • • • • • • • •
Auditing Fair Balues -stimates and %aluation methods may be used when mar0et %alues are not a%ailable Changes in fair %alue measurements may be treated in different ways under "AA# (9, or &C,) -%aluate the sufficiency+ competency+ and consistency of e%idence obtained with respect to fair %alue measurements and disclosures8 .etermine whether mgmt’s significant assumptions pro%ide a reasonable basis for fair %alue measurement • • •
•
?itigation 5gmt is the primary source of information regarding litigation8 An external in1uiry of the entity’s attorney is simply a means to corroborate information pro%ided by mgmt8 e%iew minutes+ in%oices from lawyers+ and ,S correspondence ,ts mgmt’s responsibility to identify and account for litigation+ claims •
• •
?etter in1uiry to clients attorneys should be signed by the client but sent to the lawyer by the auditor 31
AUD - Notes Chapter 1 http://www.cpa-cfa.org
The lawyers response to the letter should include a professional opinion on the expected outcome of any lawsuit and the li0ely outcome of any liability+ including court costs ,f the lawyer refuses to respond scope limitation 1ualified or disclaimer opinion Client refuses to permit in1uiry disclaimer opinion
32
AUD - Notes Chapter 1 http://www.cpa-cfa.org
Audit Samplin -statistic samplin. Sampling ris $ reach the wrong conclusion based on the sample
Although statistical sampling aids the auditor in 1uantitati%e ways+ it is not a substitute for professional *udgement8 #rofessional *udgement is still needed/re1uired to set parameters and e%aluate the results8 main types of sampling 68 Attribute sampling (rate of occurrence) $ used for testing internal controls (yes/no 1uestions) 8 :ariable sampling (probability-proportional to si'e S or estimation sampling or numerical quantity) $ used in substanti%e testing of account balances (M %alues) Audit ris $ ris0 of getting the opinion wrong due to uncertainty in applying audit procedures (sampling and other) +is of assessing control ris too lo7 $ ris0 that the assessed le%el of control ris0 based on the sample is less than the true ris0 based on the actual operating effecti%eness of the control (i8e8 sample results indicate a lower de%iation rate than actually exists in the population) +is of assessing control ris too %ig% $ ris0 that the assessed le%el of control ris0 based on the sample is greater than the true ris0 based on the actual operating effecti%eness of the control8 sample results indicate a greater de%iation rate than actually exists in the population
There are two sorts of mista0es an auditor can ma0e with sampling: 68 The auditor may fail to identify an existing problem (incorrect acceptance and assessing control ris0 too low) 8 The auditor may falsely identify a problem where none exist (incorrect re*ection and assessing control ris0 too high) The ris0 of incorrect acceptance and the ris0 of assessing control ris0 too low relate to the effecti%eness of an audit in (possibly not) detecting an existing material misstatement8 Auditors usually accept a ris0 of HO (or 6O)8 ,n%erse to the ris0 is the confidence le%el (also called reliability)8 The auditor is PHO confident that the sample is representati%e of the population8 The ris0 of incorrect re*ection and the ris0 of assessing control ris0 too high relate to the efficiency of the audit (the auditor does more audit wor0 than is necessary) Attribute Sampling #lanning considerations elationship between the sample to the ob*ecti%e of the test of controls Tolerable de%iation rate $ maximum rate of de%iation from a prescribed procedure the auditor will tolerate without modifying planned reliance (or changing control ris0 assessment) on internal control8 ate set by the auditor Auditors allowable ris0 of assessing control ris0 too low Characteristics of the population • •
• •
.e%iation rate $ auditors best estimate of the de%iation rate in the population from which the sample was selected8 There is a direct relationship to sample si>e: the fewer the de%iations expected+ the smaller the sample si>e would be needed8 #opulation of 6 and sample 6 items and J de%iations identified within the sample JO sample de%iation rate -stimate J de%iations in the population (JO sample de%iation rate) 33
AUD - Notes Chapter 1 http://www.cpa-cfa.org
,f the estimated de%iation rate for the entire population is less than the tolerable rate for the population+ the auditor should consider the ris0 that such a result might be obtained e%en though the true de%iation rate for the population exceeds the tolerable rate for the population8 For example assume the tolerable rate for a population is HO and the sample consists of I items: ,f no de%iations are found in the sample of I+ the auditor may conclude that there is an acceptably low sampling ris0 that the true de%iation rate in the population exceeds the tolerable rate of HO (this is because the sample de%iation rate is much less than the tolerable rate) ,f the sample includes two or more de%iations ( in I 3 D8DDO)+ the auditor may conclude that there is an unacceptably high sampling ris0 that the rate of de%iations in the population exceeds the tolerable rate of HO (this is because the sample de%iation rate is close to the tolerable rate) The auditor applies professional *udgement in ma0ing such e%aluations •
•
•
#erform the following steps when conducting attribute sampling .efine the ob*ecti%e of the test .efine the population .efine the sampling unit .efine the attributes of interest .etermine the sample si>e including ris0 of assessing control ris0+ tolerable de%iation rate+ expected de%iation rate • • • • •
Sample de%iation rate Q allowance for sampling ris0 3 7pper de%iation rate Allowance for sampling ris0 3 what we found in the sample isn’t representati%e of the population ,f the upper de%iation rate is less than or e1ual to the auditors tolerable de%iation rate+ the auditor may rely on the control (assuming results of other audit tests do not contradict such results) ,f the upper de%iation rate exceeds the auditors tolerable de%iation rate+ the auditor would not rely on the control8 ,nstead the auditor would either: Select and test compliance with some other internal accounting control+ or 5odify the nature+ extent+ or timing of related substanti%e tests to reflect the reduced reliance • •
.isco%ery sampling $ used for detecting fraud Stoporgo sampling $ allows auditor to stop and audit test before completing all the steps (to a%oid o%er sampling) used when few error are expected in the population Bariable sampling (estimation sampling) Stratification $ items sub*ect to sampling are separated into relati%ely homogenous groups and treated as a separate population+ which usually results in a reduced sample si>e8 Commonly used when a population has highly %ariable recorded amounts igher the tolerable misstatement the lower the sample si>e The auditor pro*ects the misstatements found in the sample to the population using one of se%eral methods (5#7+ ratio+ difference+ etc)8 The pro*ected misstatement is applied to the recorded balance to obtain a point estimate! of the true balance8 The auditor must then add an allowance for the sampling ris0 (sometimes called a precision inter%al) to this estimate 34
AUD - Notes Chapter 1 http://www.cpa-cfa.org
,n deciding whether to accept the clients boo0 %alue+ the auditor determines whether the recorded boo0 %alue falls within the acceptable range (i8e8 point estimate Q/ the allowance for sampling ris0)8 ,f so+ the boo0 %alue is fairly stated #robability#roportional to si>e (##S) ##S $ sampling unit is defined as an indi%idual dollar in a population Ad%antages -mphasi>es larger items by stratifying the sample8 The chance of an item being selected is proportionate to its dollar amount ,f no errors are expected+ ##S sampling generally re1uires a smaller sample than other methods .isad%antages ,tems with >ero+ negati%e or understated balances re1uire special design considerations •
•
•
Sampling inter%al 3 tolerable misstatement R reliability factor Sample si>e 3 recorded amount of the population R sampling inter%al Tolerable misstatement the maximum dollar error that may exist in the account without causing the F/S to be materially misstated eliability factors correspond to the ris0 of incorrect acceptance and are generally obtained from a table
The Effect of "nformation Technolo$ on the Audit Test data (test dec0) $ techni1ue that uses the application program to process a set of test data+ the results of which are already 0nown8 (the clients system is used to process the auditors data+ offline+ and while under the auditors control ,ntegrated test facility (,TF) $ similar to test data approach except that the test data is commingled with li%e data (the clients system is used to process the auditors data+ online) Test data must be separated from the li%e data before the reports are created8 This is usually accomplished by processing the test data to dummy accounts (fictitious customer+ branch+ %endor) Client personnel are not informed that the test is being run •
•
#arallel simulation (reperformance test) $ auditor reprocesses some or all the clients li%e data (using auditor software) and then compares the results with the clients files (the auditors system is used to process client data) "enerali>ed audit software pac0ages ("AS#s) $ allows the auditor to ha%e little technical 0nowledge of the clients system (computeri>ed en%ironment)
"nternal Control Communication types of control deficiency $ deficiency in design and deficiency in operation Significant deficiency $ ad%ersely affects the fairness of the F/S #re%iously communicated significant deficiencies and material wea0nesses that ha%e not been corrected should be communicated again ,t is mgmt’s responsibility to e%aluate and address control deficiencies 35
AUD - Notes Chapter 1 http://www.cpa-cfa.org
eporting on an entity’s internal control o%er financial reporting (not an audit+ *ust hired to re%iew internal controls) The C#A may report on mgmt’s assertion or may report directly on the effecti%eness of the entity’s internal control &btain from mgmt a written assertion about the effecti%eness of the entity’s internal control8 The assertion may be presented in two ways: 68 a separate report that will accompany the accountants report 8 a representation letter to the accounts hen a material wea0ness exists+ the C#A should express an opinion directly on the effecti%eness of internal control+ and not on mgmt’s assertion ,n a F/S audit+ use of the report on the internal control is restricted+ while ,n a separate examination of internal control+ use of the report is generally not restricted S& re1uirements related to internal controls #CA&' standards re1uire: ,ssuers report (within the annual report) on mgmt’s assessment of the effecti%eness of the company’s internal control o%er financial reporting+ and Auditors attest to (audit) the accuracy of mgmt’s report •
•
The auditors report must disclose material wea0nesses in internal control+ but is not re1uired to disclose significant deficiencies that are not material wea0ness (different than the attestation standards) ,f an auditor conducts the audit (of a nonissuer) in accordance with both "AAS and #CA&'+ the auditor may indicate in the auditors report that the audit was conducted in accordance with both standards
overnment Auditin Auditors responsibilities &btaining reasonable assurance that the F/S are free of material misstatements resulting from %iolations of laws and regulations that ha%e direct and material effect on the F/S &btaining an understanding of the possible effects on F/S of laws and regulations Assessing whether mgmt has identified laws and regulations that ha%e direct and material effect Communicating to mgmt and the audit committee that an audit in accordance with "AA# may not be sufficient if+ during the audit+ the auditor becomes aware that the entity is sub*ect to additional audit re1uirements that may not be encompassed in the terms of the engagement •
• • •
Attestation engagements performed in conformity with "enerally Accepted "o%ernment Auditing Standards ("A"AS) (the yellow boo0) incorporate the A,C#A’s standards for examinations+ re%iews+ and agreed upon procedures by reference and include expanded re1uirements Audit re1uirements for federal financial assistance 68 -xpanded internal control documentation and testing re1uirements 8 -xpanded reporting to include formal written reports on the consideration of internal control and the assessment of control ris0 D8 -xpanded reporting to include whether the federal financial assistance has been administered in accordance with applicable laws and regulations (compliance re1uirements) E8 Application of single audit standards to federal financial assistance H8 Auditors pro%ide a copy of their peer re%iew to go%ernment audit clients 36
AUD - Notes Chapter 1 http://www.cpa-cfa.org
5gmt is responsible for the entity’s compliance with laws and regulations 5gmt has identified and disclosed in writing to the auditor all the laws and regulations that ha%e a direct and material effect on its F/S Audit reports should be distributed to the appropriate officials of the entity re1uiring or arranging for the audit (including external funding sources) "A"AS re1uires a written report on the auditors understanding of internal control and the assessment of control ris0 in all audits8 This is different from "AAS+ which re1uires written communication only when significant deficiencies are noted Single audits: &5' Circular A6DD The single audit act (&5' Circular A6DD) re1uires entities that expend total federal assistance e1ual to or in excess of MH+ in a fiscal year to ha%e an audit performed in accordance with the Act #rograms classified as ma*or are those that expend MD+ or more in federal financial assistance+ but smaller programs may be deemed ma*or is they are classified as high ris0 5ateriality e%aluation in a single audit includes a separate e%aluation of materiality for each ma*or program selected Single audits audits of an entire organi>ation that include additional audit procedures on specific programs and include a report on the F/S of the whole organi>ation and audit reports on the specific programs program-specific audits audits of specific programs and do not include reports on the F/S of the organi>ation ta0en as a whole •
•
•
•
Auditor communication re1uirements increase in go%ernment settings8 Auditors often ha%e the responsibility of reporting significant deficiencies to specific regulatory bodies or grantor agencies A;-4& c%art memori'e
Communication &ith the Audit Committee Audit committee $ committee of the board of directors+ composed of DH members of the board who are outside directors8 &utside directors are not employees of the firm and do not ha%e a material financial interest in the firm • main purpose is to enhance the internal control by creating a means of direct communication between the committee and the auditors8 An audit committee is considered to be part of the internal control structure • S& re1uires the audit committee to appro%e the engagement of an auditor+ and o%ersee the ser%ices • All material communications must be made to the audit committee before the auditors report is filed with the S-C • Communication may be oral or written8 ,f its oral the auditor should document the con%ersation • .o not communicate with the audit committee on how we (the auditor) plan to implement the audit
,anaement Representations &btained from mgmt at the conclusion of fieldwor0 and should address all F/S co%ered by the report e%en if current mgmt was not present during all such periods #urpose: 68 To confirm representations explicitly or implicitly gi%en to auditor 8 To indicate and document the continuing appropriateness of such representations D8 To reduce the possibility of misunderstanding concerning matter that are the sub*ect of the representations 37
View more...
Comments