Notes From Sir Red Sirug Handouts On Auditing Theory

AUDITING THEORY REVIEW NOTES
FUNDAMENTALS OF ASSURANCE ENGAGEMENTS1 • Reasonable assurance is achieved if assurance engagement risk is reduced to an acceptably low
level (close to zero).
• For assurance engagements regarding historical financial information in particular, reasonable
Assurance Services/Engagements: assurance engagements are called audit engagements. An audit engagement is an assurance
• Assurance services – independent professional services in which a practitioner issues a written engagement to provide a high level of assurance that the financial statements are free of material
communication that expresses a conclusion designed to enhance the degree of confidence of the misstatement. This high level of assurance is expressed positively in the audit report as “reasonable
intended users other than the responsible party about the outcome of the evaluation or assurance”.
measurement of a subject matter against criteria • Absolute assurance is not attainable:
• Assurance engagement – an engagement in which a practitioner expresses a conclusion In assurance engagements, absolute assurance is generally not attainable because of such
designed to enhance the degree of confidence of the intended users other than the responsible factors as:
party about the outcome of the evaluation or measurement of a subject matter against criteria  Use of judgment
 Use of testing
• Assurance services improve the quality of information for decision-making.  Inherent limitations of internal control
• Assurance refers to the practitioner’s satisfaction as to the reliability of an assertion being made  Most evidence available to the practitioner is persuasive rather than conclusive
by one party for use by another party; it is the degree of certainty the practitioner has attained  In some cases, the characteristics of the subject matter
and wishes to convey to intended users
• Independence is required whenever a professional accountant performs assurance services. 2. Limited assurance engagements – engagements that provide only a “moderate” or “limited”
level of assurance
Objective of an Assurance Engagement, In General: • The objective of a limited assurance engagement is a reduction in assurance engagement risk to
Assurance engagements performed by professional accountants are intended to enhance the an acceptable level as the basis for a negative form of expression of the practitioner’s conclusion.
credibility of information about the outcome of the evaluation or measurement of a subject Thus, the risk in limited assurance engagement is greater than for a reasonable assurance
matter against criteria, thereby improving the likelihood that the information will meet the engagement.
needs of an intended user. Assurance engagements enhance the degree of confidence of the
intended user because the quality of information for decision making is improved. • Moderate assurance is achieved if assurance engagement risk is reduced to an acceptable level.
• For assurance engagements regarding historical financial information in particular, limited
Objective of Assurance Engagements: assurance engagements are called review engagements.
According to the Philippine Framework for Assurance Engagements, an assurance engagement
is conducted: Assurance Engagement Risk:
a. To provide a high level of assurance that the subject matter conforms in all material respects with • Assurance engagement risk is the risk that the practitioner expresses an inappropriate
identified suitable criteria; or conclusion when the subject matter information is materially misstated.
b. To provide a moderate level of assurance that the subject matter is plausible in the circumstances. • Components of assurance engagement risk:
1. Risk of material misstatement – the risk that the subject matter is materially misstated
Types of Assurance Engagements and their Objectives: a. Inherent risk – the susceptibility of the subject matter information to a material misstatement,
1. Reasonable assurance engagements – engagements that provide high, but not absolute, level of assuming that there are no related controls
assurance b. Control risk – the risk that a material misstatement that could occur will not be prevented, or
• Also called high-level engagements detected and corrected, on a timely basis by related internal controls
• The objective of a reasonable assurance engagement is a reduction in assurance engagement risk 2. Detection risk – the risk that the practitioner will not detect a material misstatement that exists
to an acceptably low level as the basis for a positive form of expression of the practitioner’s
conclusion. Assertion-based and Direct Reporting Engagements:
1
NOTES FROM SIR RED SIRUG HANDOUTS ON AUDITING THEORY
1. Assertion based engagements – evaluation or measurement of the subject matter is performed by Requirements before a practitioner can accept an assurance engagement:
the responsible party, and the subject matter information is in the form of an assertion by the Only where the practitioner’s knowledge of the engagement circumstances indicates that:
responsible party that is made available to the interested users 1. Relevant ethical requirements, such as independence and professional competence will be
• Assertion-based engagements are also known as attestation engagements satisfied; and
• Examples of assertion-based engagements: 2. The assurance engagement exhibits all of the following characteristics:
a. Audit engagements a. The subject matter is appropriate
b. Review engagements b. The criteria to be used are suitable and are available to the intended users
c. The practitioner has access to sufficient appropriate evidence to support the practitioner’s
In an assertion-based engagement, the practitioner’s conclusion can be worded in terms of the conclusion;
responsible party’s assertion. For example: d. The practitioner’s conclusion, in the form appropriate to either a reasonable assurance
“In our opinion the responsible party’s assertion that internal control is effective, in all engagement or a limited assurance engagement, is to be contained in a written report, and
material respects, based on XYZ criteria, is fairly stated” e. The practitioner is satisfied that there is a rational purpose for the engagement.
2. Direct reporting engagements – the practitioner either directly performs the evaluation or Elements of Assurance Engagements:
measurement of the subject matter, or obtains a representation from the responsible party that Not all engagements performed by practitioners are assurance engagements. An assurance
has performed the evaluation or measurement that is not available to the intended users engagement must have the following elements:
1. Three party relationship (involving a practitioner, a responsible party and intended users)
In a direct reporting engagement, the practitioner’s conclusion is worded directly in terms of the 2. Appropriate subject matter
subject matter and the criteria. For example: 3. Suitable criteria
“In our opinion internal control is effective, in all material respects, based on XYZ criteria” 4. Sufficient appropriate evidence
5. Written assurance report in the form appropriate to a reasonable assurance engagement or a
limited assurance engagement
Range of Assurance Engagements:
a. Engagements to report on a broad range of subject matters covering financial and non-financial Three Party Relationship:
information a. Practitioner – CPA in public practice who performs the assurance engagement
b. Attest and direct reporting engagements
c. Engagements to report internally and externally, and The term practitioner is broader than the term “auditor” as used in professional standards,
d. Engagements in the private and public sector which only refers to practitioner performing audit or review engagements with respect to
historical financial information.
Examples of Assurance Engagements:
1. Audits of financial statements b. Responsible party – person/s who is responsible for the subject matter or the assertion (subject
2. Examination of prospective financial statements matter information)
3. Reporting on compliance with laws, rules and regulations
4. Other assurance services: For example, an entity’s management is responsible for the preparation and presentation of
a. CPA risk advisory financial statements or the establishment and implementation of internal control.
b. Business performance measurement services
c. Health care performance measurement services c. Intended user/s – person, persons or class of persons for whom the practitioner prepares the
d. Elder Care Plus assurance report; they are the users to whom the practitioner usually addresses the report
e. Risk Assessment Services
f. CPA Web Trust Service Responsible party and intended user:
g. Information Systems Reliability • The responsible party and the intended users may be from different entities or the same entity.
• The practitioner may be engaged by the responsible party or the intended user.
• The responsible party can be one of the intended users, but not the only one. Criteria refer to the standard or benchmark used to evaluate or measure the subject matter
• Whenever practical, the assurance report is addressed to all the intended users, but in some of an assurance engagement, including, where relevant, benchmarks for presentation and
cases there may be other intended users. In cases where the CPA may not be able to identify all disclosure. Without frame of reference provided by suitable criteria, any conclusion is open to
intended users, intended users may be limited to major stockholders with significant and individual interpretation and misunderstanding.
common interests.
• In some circumstances, the intended user may be established by law. Five characteristics of suitable criteria:
• The responsible party may also be one of the intended users. a. Relevance – relevant criteria contribute to conclusions that assist decision-making by the
• The intended user may be established by agreement between the practitioner and responsible intended users
party or those engaging or employing the practitioner. b. Completeness – criteria are sufficiently complete when relevant factors that could affect the
conclusions in the context of the engagement circumstances are not omitted. Complete criteria
Appropriate Subject Matter: include, where relevant, benchmarks for presentation and disclosure.
Subject matter refers to the information to be evaluated or measured against the criteria. c. Reliability – reliable criteria allow reasonably consistent evaluation or measurement of the
Subject matter information means the outcome of the evaluation or measurement of a subject subject matter when used in similar circumstances by similarly qualified practitioners
matter. d. Neutrality – neutral criteria contribute to conclusions that are free from bias
e. Understandability – understandable criteria contribute to conclusions that are clear,
Subject matter in an audit of financial statements: comprehensive, and not subject to significantly different interpretations
• Subject matter includes the financial position, financial performance and cash flows of the entity
• Subject matter information is the set of financial statements Two types of criteria:
• Responsible party is the client/entity management 1. Established criteria – are those criteria that are embodied in laws or regulations or issued by
authorized or recognized bodies of experts that follow a transparent due process Examples:
Requirements for subject matter to be considered appropriate: 2. Specifically developed criteria – those criteria specifically designed for the purpose of the
a. Identifiable engagement
b. Capable of consistent evaluation and measurement against suitable criteria
c. In the form that can be subjected to procedures for gathering evidence to support that Whether criteria are established or specifically developed affects the work that the practitioner
evaluation or measurement carries out to assess their suitability for a particular engagement.
Forms of subject matter of an assurance engagement: Examples of suitable criteria:

1. Financial performance or conditions (for example, historical or prospective financial position, • Applicable financial reporting framework which is the Philippine Financial Reporting Standards
financial performance and cash flows) for which the subject matter information may be the (PFRS) – in case of audit of financial statements
recognition, measurement, presentation and disclosure represented in the financial statements • Applicable law or regulation or contract – in case of compliance audit
2. Non-financial performance or conditions (for example, performance indicators of an entity) for • Established internal control framework or stated internal control criteria – in case of report on
which the subject matter information may be key indicators of efficiency and effectiveness internal control
3. Physical characteristics (for example, capacity of a facility) for which the subject matter
information may be a specifications document Availability of criteria to intended users:
4. Systems and processes (for example, entity’s internal control or IT system) for which the subject Criteria need to be made available to the intended users in one or more of the following ways:
matter information may be an assertion about effectiveness a. Publicly
5. Behavior (for example, corporate governance, compliance with regulation, human resource b. Through inclusion in a clear manner in the presentation of the subject matter information
practices) for which the subject matter information may be a statement of compliance or a c. Through inclusion in a clear manner in the assurance report
statement of effectiveness d. By general understanding, for example, the criterion for measuring time in hours and minutes
Suitable Criteria:
Sufficient Appropriate Evidence: The subject matter of attestation services include:
The practitioner shall plan and perform the engagement with an attitude of professional • Financial and non-financial in nature
skepticism to obtain sufficient appropriate evidence that the assertions are free of material • Future-oriented financial information (such as the examination of prospective financial
misstatements. information)
• Management's discussion and analysis
• Professional skepticism – an attitude that includes a questioning mind, being alert to conditions • Effectiveness of internal control
which may indicate possible misstatement due to error or fraud, and a critical assessment of • Compliance with statutory, regulatory, and contractual obligations
evidence
• Evidence – refers to the information obtained by the practitioner in arriving at the conclusions Relationships among Auditing, Attestation, and Assurance Services:
on which the conclusion is based a. Similarity: These services are often used interchangeably because they encompass the same
• Sufficiency – refers to the measure of the quantity of evidence decision-process
• Appropriateness – refers to the measure of the quality of evidence, that is, its relevance and its b. Main difference/distinction: Scope of services
reliability • “Assurance services” is broader in scope and in concept than either auditing or attestation. It
encompasses both audit and attestation services. Otherwise stated, attestation and audit
Written Assurance Report: services are subsets of assurance services.
A written assurance report should be in the form appropriate to a reasonable assurance • “Attestation services” is broader than audit because attest function is beyond historical FS.
engagement or a limited assurance engagement. Attestation services cover even non-GAAP FS.
• Auditing, particularly FS audit, is a type of assurance and attestation service that involves
The practitioner should provide a written report containing a conclusion that conveys the examination of historical FS prepared in accordance with GAAP.
assurance obtained about the subject matter information. In addition, the practitioner considers
other reporting responsibilities, including communicating with those charged with governance Non-assurance Engagements:
when it is appropriate to do so. Not all engagements are assurance engagements. Other engagements performed by
practitioners that do not meet the definition of assurance engagement are classified as non-
Levels of assurance provided in the written report: assurance engagements or services. Non-assurance engagements are those that do not result
in the practitioner’s expression of a conclusion that provides a level of assurance, whether
Type or level of Form of conclusions Example negative assurance or other form of assurance. The practitioner does not convey to the
assurance intended users any assurance as to the reliability of an assertion.
Reasonable Positive form of “In our opinion internal control is effective,
assurance expression of the in all material respects, based on XYZ criteria.” The practitioner’s primary purpose for performing non-assurance services is to provide
practitioner’s conclusion advice and technical assistance that will enable a client to conduct its business more effectively.
Limited Negative form of “Based on our work described in this
assurance expression of the report, nothing has come to our attention that
practitioner’s conclusion causes us to believe that internal control is not Examples of non-assurance engagements:
effective, in all material respects, based on XYZ 1. Related services, such as:
criteria.” a. Agreed-upon procedures engagements, and
b. Compilations of financial or other information engagements
Attestation Services: 2. Tax services (such as the preparation of tax returns where no conclusion conveying assurance is
An attestation service is a type of assurance service in which a practitioner is engaged to expressed)
issue a written communication that expresses a conclusion about the reliability of a written 3. Consulting (or advisory) engagements, such as management and tax consulting
assertion that is the responsibility of another party. Attestation generally refers to an expert's
written communication of a conclusion about the reliability of someone else's assertions. Agreed-upon Procedures Engagements:
• Objective of agreed-upon procedures engagements: For the auditor to carry out procedures of A pervasive characteristic of a CPA’s role in a consulting services engagement is that of being
an audit nature as agreed by the auditor and the entity and any appropriate third parties and to an objective advisor on the use of information.
report on factual findings
• No assurance is expressed in the report: The users/recipients of the report assess for Assurance Services vs. Consulting Services:
themselves the procedures and findings reported by the auditor and form their own conclusions Although assurance services and consulting services have basic similarities in terms of
from the report by the auditor. knowledge employed and exercise of skills, they can be distinguished as follows:
• Distribution of report is restricted: The report on agreed upon procedures engagement is
restricted to those parties that have agreed to the procedures to be performed since others who Points of distinction Assurance services Consulting services
are unaware of the reasons for the procedures may misinterpret the results. Primary purpose To improve quality or context To recommend uses for
• According to PSRS 4400, the report on an agreed-upon procedures engagement needs to describe of information by enhancing information for better outcomes
the purpose and the agreed-upon procedures of the engagement in sufficient detail to enable the its credibility
users of the report to understand the nature and extent of the work performed. Number of parties 3 parties 2 parties: the CPA and the client
Focus Decision makers and
Compilation of Financial or Other Information Engagements: information they used for Outcomes
• Objective of compilation engagements: For the accountants to use accounting expertise, as optimum decisions
opposed to auditing expertise, to collect, classify and summarize financial information. Output’s objective Intended to improve decision Designed to improve client’s
Compilation engagements ordinarily include preparation of financial statements. maker’s condition only condition directly through
• No test of assertions: A compilation engagement ordinarily entails reducing detailed data to a indirectly through the use of findings, conclusions and
manageable and understandable form without a requirement to test the assertions underlying high-quality information recommendations
that information. Competing interests May exist between No competing interests
• No assurance is expressed in the report: The procedures employed are not designed to enable management and users of
the accountant to express any assurance on the financial information. financial statements
• Benefit to users: Users of the compiled financial information derive some benefit as a result of Form of communication Written report Either written or oral
the accountant's involvement because the service has been performed with professional with the client communication
competence and due care.
Comparative Examples of Assurance and Non-Assurance Services:
Tax Services:
1. Tax compliance – includes the preparation of tax returns (for individuals, corporations, estates and Categories of Services / Engagements
trusts, and other entities) and acting as client’s representative to tax authorities or in tax litigations Assurance Services Non-Assurance Services
2. Tax planning – includes the determination of the tax consequences of planned or potential Audit Review Other assurance
transactions (legally minimizing client’s tax liability) followed by making suggestions on the most 1. Audit of FS 1. Review of FS 1. Examination of 1. Agreed-upon procedures
desirable course of action prospective FS 2. Compilation of financial or other
2. Audit of internal 2. Review of interim information
Management Consulting: control over financial 2. CPA risk advisory 3. Preparation of tax returns when
Management advisory (consulting) services – refers to the function of providing professional financial information no conclusion is expressed
advisory (consulting) services, the primary purpose of which is to improve client’s use of its reporting 4. Consulting or advisory services:
capabilities and resources to achieve the objectives of the organization. Advisory (consulting) • Tax consulting
services are professional services that provide advice and assistance to clients by improving thei r • Management consulting
condition directly. Advice or assistance to clients may cover the entity’s organization, • Other advisory services
operations, risk management, systems design and implementation, process personnel, corporate
finances, or other activities.
Levels of Assurance for Audit, Review, Agreed-upon Procedures and Compilation financial audit conclusions from used
The basic distinction between audit, review and related services is the level of assurance statements the report • Users derive some
provided by the auditor in the engagement. • Report is benefit because the
restricted to service has been
Assurance refers to the practitioner’s satisfaction as to the reliability of an assertion being contracting performed with
made by one party for use by another party. The level of assurance is the degree of the parties due professional
practitioner’s satisfaction or degree of certainty the practitioner has attained and wishes to skill and care
convey to intended users. Such level or degree of assurance depends on the procedures
performed and the evidence collected by the practitioner. Evidence Risk Limited to: Reading of the FS
gathering assessment, • Inquiry; and As agreed for obvious
Engagements and level of assurance: procedures Tests of • Analytical misstatements
1. Audit: The auditor provides a reasonable (high, but not absolute) level of assurance that the controls and procedures
information subject to audit is free of material misstatement. This is expressed positively in the Substantive (The auditor
audit report as reasonable assurance. tests obtains an
2. Reviews: The auditor provides a moderate/limited level of assurance that the information understanding of
subject to review is free of material misstatement. This is expressed in the form of negative the entity and its
assurance. environment,
3. Agreed-upon procedures: No assurance is expressed. The auditor simply provides a report of including internal
the factual findings. Users of the report assess for themselves the procedures and findings control, but no
reported by the auditor and draw their own conclusions from the auditor's work. evaluation of
4. Compilation: Although the users of the compiled information derive some benefit from the internal control is
accountant's involvement, no assurance is expressed in the report. conducted.)
Level of Reasonable
Distinctions between Typical Assurance and Non-Assurance Services: assurance assurance Moderate No assurance No assurance
provided by (High, but not (limited)
Non-Assurance Services the CPA absolute, assurance
Point of Assurance Services (Related Services) assurance)
distinction Audit Review Agreed-upon Compilation Report Audit Report Review Report Factual findings Compilation Report
procedures provided containing containing of procedures which identify
Objective To express To report whether To perform audit To assist the client positive negative information
opinion on anything has come procedures in financial assurance on assurance on compiled
fairness of to the auditor’s agreed on with statements assertion assertion
financial attention that the client and preparation by Skills used by Audit skills Audit skills Audit skills Accounting skills
statement causes him to any appropriate using accounting the auditor
believe that the third parties expertise as
financial identified in the opposed to Pronouncements on Assurance Engagements:
statements are report auditing expertise The following are the forms of pronouncements of the Auditing and Assurance Standards
not fair Council (AASC):
Characteristics Audit opinion Substantially less• •
Recipients of the Accounting AASC Engagement Standards Applications Related Practice
enhances the in scope of report must expertise, rather Statements
credibility of procedures than form their own than auditing, is a. Philippine Standards on Auditing FS audit engagements Philippine Auditing
(PSAs) Practice Statements
(PAPSs) • The Philippine Standards on Quality Control (PSQCs)
b. Philippine Standards on Review Review engagements Philippine Review
Engagements (PSREs) Engagement Practice The Framework does not itself establish standards or provide procedural requirements for the
Statements (PREPSs) performance of assurance engagements.
c. Philippine Standards on Assurance Other assurance Philippine Assurance
Engagements (PSAEs) engagements dealing Engagement Practice Reports on Non-Assurance Engagements:
with subject matters Statements (PAEPSs) a. Should not use the words “assurance”, “audit” or “review”
other than historical b. Should not imply compliance with assurance engagement standards (PSAs, PSREs or PSAEs)
financial information c. Should not include a statement that may be misinterpreted as assurance engagements
d. Philippine Standards on Related Related services Philippine Related
Services (PSRSs) Services Practice Practitioner’s association with the subject matter: A practitioner is associated with financial
Statements (PRSPSs) information when:
a. The practitioner reports on information about that subject matter, that is, the practitioner
Other pronouncements: attaches a report to that financial information; or
e. Philippine Standards on Quality Control (PSQCs) – to be applied for all services that fall under the b. The practitioner consents to the use of the his name in a professional connection with that
AASC’s engagement standards, namely, audit, review, other assurance, and related services subject matter
f. Philippine Framework for Assurance Engagements – to be applied for assurance engagements
If the practitioner is not associated in this manner, third parties can assume no responsibility of
PSAs, PSREs, PSAEs, and PSRSs are collectively referred to as the AASC's Engagement Standards. the practitioner.
The AASC issues Practice Statements to provide interpretive guidance and practical assistance to Remedies in case of inappropriate use of the practitioner’s name by other party:
practitioners in implementing the Engagement Standards and to promote good practice. If the practitioner learns that a party is inappropriately using the practitioner’s name in
association with a subject matter, the practitioner should:
Philippine Framework for Assurance Engagements: • Require the other party (i.e., management) to cease associating the practitioner with the subject
The Framework: matter
• Defines and describes the elements and objectives of an assurance engagement. • Consider what other steps may be needed, such as informing any known third party users of the
• Identifies engagements to which assurance engagement standards (PSAs, PSREs, and PSAEs) apply inappropriate use of the practitioner’s name
• Provides frame of reference for: • Seek legal advice
a. Practitioners who perform assurance engagements (such as audit and review engagements)
b. Others involved with assurance engagements (such as the intended users and the responsible INTRODUCTION TO AUDITING
party), and Auditing, Defined:
c. The International Auditing and Assurance Standards Board (IAASB) in its development of assurance
engagement standards which will be adopted by the AASC for application in the Philippines. Auditing is “a systematic process of objectively obtaining and evaluating evidence regarding
• Distinguishes assurance engagements and non-assurance engagements (non-assurance assertions about economic actions and events to ascertain the degree of correspondence
engagements are not covered by the Framework). between those assertions and established criteria and communicating the results to the
• Sets out characteristics that must be exhibited before a practitioner can accept an assurance interested users.”
engagement.
Two processes of auditing:
In addition to the Framework and PSAs, PSREs and PSAEs, practitioners who perform assurance a. Investigative process – involves the systematic gathering and evaluation of evidence as a basis
engagements are governed by: for determining whether assertions made by responsible person correspond with the establi shed
• The Code of Ethics for Professional Accountants in the Philippines criteria
b. Reporting process – involves communicating the audit opinion to interested users
FS audit is an Assurance Engagement:
Important Concepts: Financial statements audit engagement is an assurance engagement because it provides a
1. Systematic process – auditing involves structured/logical series of sequential steps or reasonable (high but not absolute) level of assurance that the subject matter conforms in all
procedures known as the audit process material respects with identified suitable criteria. It has the elements of an assurance engagement
as follows:
2. Objectively obtaining and evaluating evidence – auditing involves gathering and evaluating 1. Three Party Relationship:
sufficient appropriate audit evidence that will support the auditor’s opinion a. Practitioner: Independent or External auditor
• Objectivity refers to the combination of impartiality, intellectual honesty and freedom from b. Responsible party: Client’s management
conflicts of interest. c. Intended users: Users of financial statements
• Audi evidence is the information obtained by the auditor in arriving at the conclusions on which 2. Subject matter: Assertions/Financial statements of the client company
the audit opinion is based. 3. Criteria: Applicable financial reporting framework / GAAP in the Philippines (PFRS)
4. Sufficient appropriate evidence: Auditor obtains sufficient appropriate audit evidence as a basis
3. Assertions about economic actions and events – assertions are the subject matter of auditing for audit conclusion/opinion
• In the context of audit of financial statements, assertions are representations of management, 5. Written Assurance Report: Independent auditor’s report contains the audit conclusion/opinion
explicit or otherwise, that are embodied in the financial statements. Assertions include the
accounts, balances/amounts and disclosures appearing on the face of the financial stateme nts Need for Independent Audit of Financial Statements:
(and in the notes to financial statements) and which the management claims to be free of The primary economic reason for an audit of financial statements is the demand by external
misstatements. users for reliable or fairly stated financial statements that they will use in making economic
• Audit evidence gathered and evaluated by the auditor may support or contradict the assertions decisions. Thus, the market for auditing services is driven by demand by external financial
of management. statements users.
4. Established criteria – the standards or benchmarks that are needed to judge the validity of the An audit can help reduce information risk, that is, the risk that the financial statements that
assertions on the financial statements will be used for decision-making are materially misleading, unreliable or inaccurate.
• In the context of audit of financial statements, the established criteria are the applicable
financial reporting framework (for example, the PFRS). Four conditions/reasons that gave rise to a demand for independent audit of financial
statements:
5. Ascertain the degree of correspondence between assertions and established criteria – The a. Potential conflict of interest between users and preparers of the financial information can
auditor’s objective is to determine whether the assertions conform with established criteria, that result in biased information – Client management may not be objective in financial reporting. It
is, whether the financial statements are prepared, in all material respects, in accordance with the may provide impressive but biased, unrealistic, or misleading financial statements to obtain
applicable financial reporting framework (such as the PFRS). benefits that it seeks. On the other hand, financial statement users need unbiased, realistic, or
reliable financial statements.
6. Communicating the results to the interested users – The ultimate objective of audit is the b. Remoteness of users – Users do not have access to entity’s records to personally verify the
communication of audit findings/opinion on the fairness of the financial statemen ts to interested reliability of the financial information.
users. c. Complexity of subject matter requires expertise – Expertise is often required for information
• Communicating results is achieved through issuance of a written audit report which contains the preparation and verification. Users of financial statements are not equipped with the necessary
audit opinion (or disclaimer of opinion). skills, competence, and knowledge of complexities of accounting and auditing to determine
• Interested users are the wide variety of financial statements users who rely on the auditor’s whether the financial statements are reliable.
opinion such as the stockholders, creditors, potential investors and creditors, management, d. Consequence for decision making – Financial statements are used for important decisions that
government agencies, and the public (in general). involve significant amount of money. If a decision is based on misleading financial information, it
could have substantial financial or economic consequences on decision makers.
Another condition that gave rise to demand for audit of financial statements is the
stewardship or agency theory which means that management wants the credibility an ➢ Annual FS by a corporation with securities listed on a stock exchange or traded over the counter
audit adds to the financial statement to enhance stewardship of the financial statement • Sale of a business (such as merger) requires due diligence audit
and to lessen the owner’s mistrust of the management. • Termination of a partnership
• Preparation of income tax returns
Elements of Theoretical Framework of Auditing: • Establishing losses from fire, theft and burglary
• Bankruptcy and insolvency cases
Auditing concepts and standards are based on the following postulates and assumptions
which form part of the elements of theoretical framework of auditing: Audit of Financial Statements:
Audit of financial statements is the objective examination of financial statements to enable
1. An audit benefits the public. – the primary beneficiary of reliable financial statements are the the auditor to express an opinion on whether the financial statements are prepared, in all material
wide variety of users (intended users) respects, in accordance with an applicable financial reporting framework.
2. Financial data and statements to be audited are verifiable. – if financial statements are not
verifiable, there can be no audit Synonyms:
• Financial statements or data are verifiable if two or more qualified individuals, working Audit of financial statements is sometimes called:
independently, each reach essentially similar conclusions. • Independent audit because in an audit of financial statements the auditor is independent of the
3. The auditor should always maintain independence with respect to the client whose financial client subject to audit.
statements are subject to audit. – audit opinion and the audit report would be of little or no • External audit because it is performed by an external auditor who is not an employee of the
value if auditor is not independent client subject to audit.
4. Effective internal control system reduces the possibility of errors and fraud affecting the • Financial audit
financial statements. – Internal control affects the reliability of the financial statements. The
stronger the internal control is, the lesser the possibility of errors and fraud, and consequently, Various descriptions:
the more reliance on internal control can be placed or assurance that it can generate reliable Independent auditing has been described in a variety of ways, as follows:
accounting data and financial statements. • It involves objective examination of and reporting on financial statements prepared by
5. There should be no long-term conflict between the auditor and the client management. – management
Short-term conflicts may exist between the management who prepare the data and auditors who • It is a discipline which attests to the results of accounting and other functional operations and
examine the data but such conflicts must be resolve since both must be interested in fairness of data.
the financial statements. • It lends credibility to the financial statements.
6. Consistent application of GAAP results in fair presentation of FS. – The criterion in financial • It provides increased assurance to users as to the fairness of the financial statements.
statement audit is an identified or applicable financial reporting framework, which is usual ly the • Its essence is to determine whether the client’s financial statements are fairly stated.
PFRS.
• It enhances the degree of confidence of interested users in the financial statements.
7. What was held true in the past will continue to hold true in the future in the absence of known
• It provides reasonable assurance that the financial statements fairly reflect the economic substance
conditions to the contrary. – Experience and knowledge accumulated from auditing a client in
of the transactions and events reflected in those statements.
prior years can be used to determine the appropriate audit procedures that need to be
performed.
Purpose of an Audit of Financial Statements:
The purpose of an audit is to enhance the degree of confidence of intended users in the
Examples of Instances Requiring Independent Financial Statements Audit:
financial statements. Such purpose is achieved by the expression of an opinion by the auditor on
• Application for a bank loan
whether the financial statements are prepared, in all material respects, in accordance with an
• Establishing credit worthiness for purchase of merchandise, equipment, or other assets
applicable financial reporting framework.
• Reporting financial position, operating results, and cash flows to absentee owners (stockholders or
partners) Overall Objectives of the Independent Auditor:
• SEC requirements:
➢ Issuance of securities by a corporation
a. To obtain reasonable assurance about whether the financial statements as a whole are free from • It provides increased assurance (reasonable assurance) to users as to the fairness of the FS.
material misstatement, whether due to fraud or error.
An FS audit is:
• Reasonable assurance means high, but not absolute, level of assurance • NOT a certification or guarantee as to accuracy or fairness of the FS.
• Reasonable assurance is the basis for the auditor’s opinion. Reasonable assurance is achieved when • NOT an assurance as to future viability of the entity.
the auditor has obtained sufficient appropriate audit evidence to reduce audit risk to an acceptably • NOT an assurance as to efficiency or effectiveness of the client’s business operations.
low level. • NOT attestation as to the financial strength of an entity, the wisdom of its management
decisions, or the risk of doing business with it.
b. To report on the financial statements and to communicate such report in accordance with the
auditor’s findings. Scope of an Audit of Financial Statements:
• The auditor’s opinion on the financial statements deals with whether the financial statements are
Auditor’s opinion and reasonable assurance: prepared, in all material respects, in accordance with the applicable financial reporting framework.
The auditor's opinion, as expressed in the auditor’s report, enhances the credibility of the • The auditor’s opinion or the audit of financial statements is:
financial statements by providing a reasonable assurance that the financial statements are fairly  NOT an assurance as to future viability of the entity.
presented or free from material misstatement.  NOT an assurance as to efficiency or effectiveness with which client’s management has conducted
the affairs of the entity.
Audit opinion is based on whether reasonable assurance is obtained:  NOT attestation as to the financial strength of an entity, the wisdom of its management
1. When reasonable assurance is obtained: Auditor shall express an unqualified opinion decisions, or the risk of doing business with it.
2. When reasonable assurance cannot be obtained: The auditor is required to:  NOT a certification or guarantee as to accuracy or fairness of the financial statements.
a. Express a qualified opinion in the auditor’s report • When an applicable law or regulation requires an auditor to provide opinions on other specific
b. If qualified opinion is insufficient in the circumstances: matters (such as the effectiveness of internal control, or the consistency of a separate management
• Disclaim an opinion or report with the financial statements) the auditor would be required to undertake further work if he
• Withdraw from the engagement, where withdrawal is legally permitted had additional responsibilities to provide such opinions.
Audit Opinion and Audit Report: Financial Statements:

Audit opinion: • Financial statements are a structured representation of historical financial information (including
related notes which comprise a summary of significant accounting policies and other explanatory
• In a financial statement audit, the auditor obtains sufficient appropriate audit evidence to be able information), intended to communicate an entity’s economic resources or obligations at a point in
to draw conclusions on which to base that opinion. The auditor’s opinion is on the fairness of the time or the changes therein for a period of time in accordance with a financial reporting
audited financial statements. framework.
• The auditor's opinion helps establish the credibility of the financial statements. • The term “financial statements” ordinarily refers to a complete set of financial statements, but can
also refer to a single financial statement.
Auditor’s report:
• the primary product of an audit engagement End Products of Audit Engagement:
• the end product of the audit process a. Independent auditor’s report – the primary product of audit engagement
• a written report that contains auditor’s opinion about the fairness of the FS b. Certain other communication and reports – other communication and reporting responsibilities
• the medium through which the auditor communicates the results of his or her work to users, management, those charged with governance, or parties outside the entity, in relation
to matters arising from the audit (as may be required by the PSAs or by applicable laws or
Example of Standard Independent Auditor’s Report (pls. refer to PSA 700; pls. memorize) regulations)
Examples:
Importance of audit opinion/audit report: • Communication with those charged with governance
• It lends credibility to the FS.
• Auditor’s responsibilities relating to fraud in an audit of financial statements the financial statements that is acceptable in view of the nature of the entity and the objective of
the financial statements, or that is required by law or regulation.
Management Responsibility for the Financial Statements:
An audit in accordance with PSAs is conducted on the premise that management and, where The applicable financial reporting framework often encompasses financial reporting standards
appropriate, those charged with governance have acknowledged and understand that they have established by:
responsibility over the financial statements. • An authorized or recognized standards setting organization (such as PFRSC)
• Legislative or regulatory requirements
Management responsibility over the financial statements includes:
1. Responsibility for the preparation and presentation of the financial statements in accordance with Other sources of applicable financial reporting framework:
the applicable financial reporting framework which includes: • The legal and ethical environment (including statutes, regulations, court decisions, and professional
a. Identification of applicable financial reporting framework, in the context of any relevant laws or ethical obligations in relation to accounting matters)
regulations • Published accounting interpretations of varying authority issued by standards setting, professional
b. Preparing the financial statements in accordance with that framework or regulatory organizations
c. Adequate description of that framework in the financial statements • Published views of varying authority on emerging accounting issues issued by standards setting,
d. Making reasonable accounting estimates professional or regulatory organizations
e. Selecting and applying appropriate accounting policies • General and industry practices widely recognized and prevalent; and
2. Responsibility for designing, implementing and maintaining internal control that is relevant or • Accounting literature
necessary to enable the preparation of financial statements that are free from material
misstatement, whether due to fraud or error, and Where conflicts exist between the financial reporting framework and the sources from which
3. Responsibility to provide the auditor with: direction on its application may be obtained, or among the sources that encompass the financial
a. All information (such as records, documentation and other matters) that are relevant to the reporting framework, the source with the highest authority prevails.
preparation and presentation of the financial statements
b. Any additional information that the auditor may request from management for the purpose of the Financial reporting frameworks encompass primarily the financial reporting standards established
audit; and by an organization that is authorized or recognized to promulgate standards to be used by entities
c. Unrestricted access to persons within the entity from whom the auditor determines it necessary to for preparing general purpose financial statements are often designed to achieve fair presentation,
obtain audit evidence. for example, International Financial Reporting Standards (PFRSs).
Auditor’s responsibility vs. client management’s responsibility: Basic Distinction between Auditing and Accounting:
• The client management, with oversight from those charged with governance, has the responsibility
for the preparation and presentation of the financial statements in accordance with the applicable • Auditing involves verification of FS and its fairness of presentation while accounting involves
financial reporting framework. In other words, the management is primarily responsible for the preparation and presentation of FS
fairness of the financial statements. • Accounting precedes auditing because without FS there could be no FS audit.
• The auditor’s responsibility for the financial statements is confined to the expression of opinion on • Auditing begins when accounting ends.
them. The audit of the financial statements does not relieve management or those charged with • The end product of the accounting process is a set of FS while the end product of the audit
governance of their responsibilities over the financial statements because the auditor merely process is an auditor’s report.
audits the financial statements.
• An auditor must be proficient/expert in accounting (since the auditor will use GAAP in evaluating
• However, an auditor may make suggestions on the form and content of financial statements or the fairness of the FS) as well as in auditing (specifically in accumulation and interpretation of
may draft statement. audit evidence); an accountant need not be proficient in auditing
Applicable Financial Reporting Framework: • Separate disciplines: Auditing is a separate discipline or field of study
• With different frameworks/foundations:
Applicable financial reporting framework means the financial reporting framework adopted
➢ Accounting – Framework for Preparation of FS
by management (and, where appropriate, those charged with governance) in the preparation of
➢ Auditing – a) Philippine Framework for Assurance Engagements, and b) Framework of Philippine
Standards on Auditing 2. Professional scepticism – The auditor shall plan and perform an audit with professional scepticism
• Auditing – governed by GAAS; Accounting – governed by GAAP/PFRS recognizing that circumstances may exist that cause the financial statements to be materially
• Dissimilar bodies of knowledge (accounting – GAAP; auditing – GAAS) misstated.
Requirements Relating to an Audit of Financial Statements: Professional skepticism is an attitude that includes a questioning mind, a critical assessment
of validity of audit evidence, and being alert to conditions which may indicate possible
1. Relevant ethical requirements – The auditor shall comply with relevant ethical requirements, misstatement due to error or fraud.
including those pertaining to independence, relating to financial statement audit engagements.
Professional skepticism is necessary to the critical assessment of audit evidence.
Relevant ethical requirements ordinarily comprise: This includes:
a. Code of Ethics for Professional Accountants in the Philippines (the Code of Ethics) promulgated a. Questioning contradictory audit evidence
by the Board of Accountancy b. Considering the reliability of documents and responses to inquiries and other information obtained
from management and those charged with governance
Compliance with the Code of Ethics is necessary in order to ensure the highest quality of c. Considering the sufficiency and appropriateness of audit evidence obtained in the light of the
performance and to maintain public confidence in the profession and in the context of audit of circumstances (for example, in the case where fraud risk factors exist and a single document, of a
financial statements, maintain public confidence in the auditor’s work. nature that is susceptible to fraud, is the sole supporting evidence for a material financial
statement amount)
(1) Part A of the Code of Ethics – establishes the fundamental principles of professional ethics relevant
to the auditor when conducting an audit of financial statements and provides a conceptual Professional skepticism includes being alert to:
framework for applying those principles • Audit evidence that contradicts other audit evidence obtained.
The fundamental principles of professional ethics are: • Information that brings into question the reliability of documents and responses to inquiries to be
a) Integrity used as audit evidence.
b) Objectivity • Conditions that may indicate possible fraud.
c) Professional competence and due care • Circumstances that suggest the need for audit procedures in addition to those required by the
d) Confidentiality, and PSAs.
e) Professional behavior
(2) Part B of the Code of Ethics – illustrates how the conceptual framework is to be applied in specific The auditor may accept records and documents as genuine unless the auditor has reason to believe
situations the contrary. In cases of doubt about the reliability of information or indications of possible fraud,
(3) Independence the PSAs require that the auditor investigate further and determine what modifications or
• It is in the public interest that the auditor be independent of the entity subject to the audit. additions to audit procedures are necessary to resolve the matter.
• The auditor’s independence from the entity safeguards the auditor’s ability to form an audit
opinion without being affected by influences that might compromise that opinion. Maintaining professional skepticism throughout the audit is necessary to reduce the risks of:
• Independence enhances the auditor’s ability to act with integrity, to be objective and to maintain • Overlooking unusual circumstances.
an attitude of professional skepticism. • Over generalizing when drawing conclusions from audit observations.
Independence requirements comprise of both: • Using inappropriate assumptions in determining the nature, timing and extent of the audit
a) Independence of mind procedures and evaluating the results thereof.
b) Independence in appearance
b. National requirements that are more restrictive The auditor cannot be expected to disregard past experience of the honesty and integrity of the
c. Philippine Standard on Quality Control (PSQC) – require the CPA firm to establish and maintain its entity’s management and those charged with governance. Nevertheless, a belief that they are
system of quality control designed to provide it with reasonable assurance that the firm and its honest and have integrity does not relieve the auditor of the need to maintain professional
personnel comply with relevant ethical requirements, including those pertaining to independence skepticism in conducting the audit.
4. Sufficiency and appropriateness of audit evidence and audit risk – To obtain reasonable
3. Professional judgement – The auditor shall exercise professional judgment in planning and assurance, the auditor shall obtain sufficient appropriate audit evidence to reduce audit risk to an
performing an audit of financial statements. acceptably low level and thereby enable the auditor to draw reasonable conclusions on which to
base the auditor’s opinion.
Professional judgment is essential to the proper conduct of an audit. This is because interpretation
of relevant ethical requirements and the PSAs and the informed decisions required throughout the a. Sufficiency and appropriateness of audit evidence
audit cannot be made without the application of relevant knowledge and experience to the facts
and circumstances. Audit evidence includes information used by the auditor in arriving at the conclusions on which
Professional judgment is necessary on decisions about: the auditor’s opinion is based. Audit evidence includes both:
• Materiality • Information contained in the accounting records underlying the financial statements and
• Audit risk • Other information
• Nature, timing and extent of audit procedures used to meet the requirements of the PSAs and
gather audit evidence Sufficiency is the measure of the quantity of audit evidence. Sufficiency is influenced or
• Evaluating whether sufficient appropriate audit evidence has been obtained affected by:
• Evaluation of management’s judgments in applying the entity’s applicable financial reporting (1) The auditor’s assessment of the risks of misstatement (the higher the assessed risks, the more
framework. audit evidence is likely to be required) and
• Drawing of conclusions based on the audit evidence obtained (for example, assessing the (2) The quality of such audit evidence (the higher the quality, the less may be required)
reasonableness of the estimates made by management in preparing the financial statements)
Appropriateness is the measure of the quality of audit evidence; that is, its relevance and its
The distinguishing feature of the professional judgment expected of an auditor is that it is exercised reliability in providing support for the conclusions on which the auditor’s opinion is based. The
by an auditor whose training, knowledge and experience have assisted in developing the necessary reliability of evidence is influenced by its source and by its nature, and is dependent on the
competencies to achieve reasonable judgments. individual circumstances under which it is obtained.
The exercise of professional judgment in any particular case is based on the facts and Whether sufficient appropriate audit evidence has been obtained to reduce audit risk to an
circumstances that are known by the auditor. Consultation on difficult or contentious matters acceptably low level, and thereby enable the auditor to draw reasonable conclusions on which to
during the course of the audit, both within the engagement team and between the engagement base the auditor’s opinion, is a matter of professional judgment.
team and others at the appropriate level within or outside the firm assist the auditor in making
informed and reasonable judgments. Note:
Professional judgment can be evaluated based on whether the judgment reached reflects a • Audit evidence is necessary to support the auditor’s opinion and report.
competent application of auditing and accounting principles and is appropriate in the light of, and • It is cumulative in nature and is primarily obtained from audit procedures performed during the
consistent with, the facts and circumstances that were known to the auditor up to the date of the course of the audit.
auditor’s report. • Audit evidence comprises both information that supports and corroborates management’s
assertions, and any information that contradicts such assertions.
Professional judgment needs to be exercised throughout the audit. It also needs to be • Most of the auditor’s work in forming the auditor’s opinion consists of obtaining and evaluating
appropriately documented. In this regard, the auditor is required to prepare audit documentation audit evidence.
sufficient to enable an experienced auditor, having no previous connection with the audit, to • The sufficiency and appropriateness of audit evidence are interrelated.
understand the significant professional judgments made in reaching conclusions on significant • Obtaining more audit evidence, however, may not compensate for its poor quality.
matters arising during the audit. Professional judgment is not to be used as the justification for
decisions that are not otherwise supported by the facts and circumstances of the engagement or Sources of audit evidence:
sufficient appropriate audit evidence. a. Primarily obtained from audit procedures performed during the course of the audit
b. May be obtained from other sources such as:
• Previous audits (provided the auditor has determined whether changes have occurred since the
previous audit that may affect its relevance to the current audit) or order to determine the nature, timing and extent of further audit procedures necessary to obtain
• A firm’s quality control procedures for client acceptance and continuance sufficient appropriate audit evidence. This evidence enables the auditor to express an opinion on
• The entity’s accounting records the financial statements at an acceptably low level of audit risk. The assessment of risks is a matter
• An expert employed or engaged by the entity of professional judgment, rather than a matter capable of precise measurement.
• In some cases, the absence of information (for example, management’s refusal to provide a
requested representation) is used by the auditor, and therefore, also constitutes audit evidence. Detection risk is the risk that the procedures performed by the auditor to reduce audit risk to an
acceptably low level will not detect a misstatement that exists and that could be material, either
b. Audit risk individually or when aggregated with other misstatements.
Audit risk is the risk that the auditor expresses an inappropriate opinion when the financial Detection risk relates to the nature, timing and extent of the auditor’s procedures
statements are materially misstated. Audit risk is a function of the risks of material misstatement that are determined by the auditor to reduce audit risk to an acceptably low level. It is therefore a
and detection risk. function of the effectiveness of an audit procedure and of its application by the auditor.
Audit risk does not include the risk that the auditor might express an opinion that the financial
statements are materially misstated when they are not. Audit risk is a technical term related to the For a given level of audit risk, the acceptable level of detection risk bears an inverse relationship to
process of auditing; it does not refer to the auditor’s business risks such as loss from litigation, the assessed risks of material misstatement at the assertion level. For example, the greater the
adverse publicity, or other events arising in connection with the audit of financial statements. risks of material misstatement the auditor believes exists, the less the detection risk that can be
accepted and, accordingly, the more persuasive the audit evidence required by the auditor.
Risk of material misstatements is the risk that the financial statements are materially misstated
prior to audit. Risk of material misstatement may exist at two levels: The following matters assist to enhance the effectiveness of an audit procedure and of its
1. Overall financial statement level – refer to risks of material misstatement that relate pervasively to application and reduce the possibility that an auditor might select an inappropriate audit
the financial statements as a whole and potentially affect many assertions procedure, misapply an appropriate audit procedure, or misinterpret the audit results:
2. Assertion level – refer to risks of material misstatement that relate to classes of transactions, • Adequate planning
account balances, and disclosures • Proper assignment of personnel to the engagement team
• The application of professional scepticism, and
Risk of material misstatement at the assertion level has two components: • Supervision and review of the audit work performed
(a) Inherent risk – the susceptibility of an assertion about a class of transaction, account balance or
disclosure to a misstatement that could be material, either individually or when aggregated with Detection risk, however, can only be reduced, not eliminated, because of the inherent limitations
other misstatements, before consideration of any related controls of an audit. Accordingly, some detection risk will always exist.
(b) Control risk – the risk that a misstatement that could occur in an assertion about a class of
transaction, account balance or disclosure and that could be material, either individually or when 5. The auditor shall conduct an audit in accordance with PSAs
aggregated with other misstatements, will not be prevented, or detected and corrected, on a • PSAs contain basic audit principles and essential procedures together with related guidance in
timely basis by the entity’s internal control the form of explanatory and other material which the auditor should follow
Control risk is a function of the effectiveness of the design, implementation and maintenance of An audit in accordance with PSAs includes:
internal control by management to address identified risks that threaten the achievement of the a. Compliance with PSAs relevant to the audit
entity’s objectives relevant to preparation of the entity’s financial statements. However, internal 1) Compliance with all PSAs relevant to the audit (a PSA is relevant to the audit when the PSA is in
control, no matter how well designed and operated, can only reduce, but not eliminate, risks of effect and the circumstances addressed by the PSA exist)
material misstatement in the financial statements, because of the inherent limitations of internal
control. Accordingly, some control risk will always exist. Complying with relevant requirements means the auditor shall comply with each requirement of a
PSA unless, in the circumstances of the audit:
Risks of material misstatement at assertion level (inherent risk and control risk) are the entity’s a. The entire PSA is not relevant (for example, if an entity does not have an internal audit function,
risks; they exist independently of the audit of the financial statements. Such risks are assessed in nothing in PSA 610 is relevant)
b. The requirement is not relevant because it is conditional (implicit or explicit) and the condition does c. Related guidance in the form of application and other explanatory material that are designed to
not exist. support the auditor in obtaining reasonable assurance
Examples of conditional requirements:
• The requirement to modify the auditor’s opinion if there is a limitation of scope represents an Application and other explanatory material:
explicit conditional requirement. • It provides further explanation of the requirements of a PSA and guidance for carrying them out
• The requirement to communicate significant deficiencies in internal control identified during the • It may explain more precisely what a requirement means or is intended to cover
audit to those charged with governance, which depends on the existence of such identified • It may include examples of procedures that may be appropriate in the circumstances.
significant deficiencies; and • While such guidance does not in itself impose a requirement, it is relevant to the proper application
• The requirement to obtain sufficient appropriate audit evidence regarding the presentation and of the requirements of an PSA.
disclosure of segment information in accordance with the applicable financial reporting framework, • It may also provide background information on matters addressed in a PSA.
which depends on that framework requiring or permitting • It may include appendices which form part of the application and other explanatory material.
• When appropriate, it may include additional considerations specific to audits of smaller entities and
2) Having an understanding of the entire text of a PSA (including its application and other explanatory public sector entities.
material) to understand its objectives and to apply its requirements properly
3) Prohibition from the auditor from representing compliance with PSAs in the auditor’s report when PSAs may also contain:
he has not complied with the requirements of PSAs relevant to the audit • Introductory material – provides context relevant to a proper understanding of the PSA
b. The use of the objectives stated in relevant PSAs in planning and performing the audit to achieve Introductory material may include, as needed, such matters as explanation of:
the overall objectives of the auditor. a. The purpose and scope of the PSA (including how the PSA relates to other PSAs)
• In using the objectives, the auditor is required to have regard to the interrelationships among the b. The subject matter of the PSA
PSAs. This is because the PSAs deal in some cases with general responsibilities and in others with c. The respective responsibilities of the auditor and others in relation to the subject matter of the PSA
the application of those responsibilities to specific topics. d. The context in which the PSA is set
• Definitions – a description of the meanings attributed to certain terms for purposes of the PSAs
The auditor is required to use the objectives to evaluate whether sufficient appropriate audit  Assist in the consistent application and interpretation of the PSAs
evidence has been obtained in the context of the overall objectives of the auditor. If as a result the  Not intended to override definitions that may be established for other purposes, whether in law,
auditor concludes that the audit evidence is not sufficient and appropriate, then the auditor may regulation or otherwise
follow one or more of the following approaches:
• Evaluate whether further relevant audit evidence has been, or will be, obtained as a result of The Glossary of Terms relating to PSAs contains a complete listing of terms defined in the PSAs. It
complying with other PSAs; also includes descriptions of other terms found in PSAs to assist in common and consistent
• Extend the work performed in applying one or more requirements; or interpretation and translation.
• Perform other procedures judged by the auditor to be necessary in the circumstances.
Nature of the PSAs
c. In addition, the auditor should also consider Philippine Auditing Practice Statements (PAPSs). The PSAs, taken together, provide the standards for the auditor’s work in fulfilling the overall
PAPSs provide interpretative guidance and practical assistance to auditors in implementing the objectives of the auditor. The PSAs deal with the general responsibilities of the auditor, as well as
PSAs and to promote good practice in the accountancy profession. the auditor’s further considerations relevant to the application of those responsibilities to specific
topics.
Contents/Structure of the PSAs
a. Objectives – each PSA contains one or more objectives which provide a link between the The scope, effective date and any specific limitation of the applicability of a specific PSA is made
requirements and the overall objectives of the auditor clear in the PSA. Unless otherwise stated in the PSA, the auditor is permitted to apply a PSA before
The objectives in individual PSAs serve to focus the auditor on the desired outcome of the PSA. the effective date specified therein.
b. Requirements (requirements are expressed in the PSAs using “shall”) – the requirements of the
PSAs are designed to enable the auditor to achieve the objectives specified in the PSAs, and In performing an audit, the auditor may be required to comply with legal or regulatory
thereby the overall objectives of the auditor requirements in addition to the PSAs. The PSAs do not override law or regulation that governs an
audit of financial statements. In the event that such law or regulation differs from the PSAs, an General Principles of Financial Statement Audit
audit conducted only in accordance with law or regulation will not automatically comply with PSAs.
1. The auditor should plan and perform the audit with an attitude of professional skepticism
Departure from a relevant requirement in a PSA: recognizing that circumstances may exist that may cause the FS to be materially misstated.
In exceptional circumstances wherein the auditor may judge it necessary to depart from a
relevant requirement in a PSA, the auditor shall perform alternative audit procedures to achieve Because of the possibility that the FS may be materially misstated, the auditor should
the aim of that requirement. conduct the audit with an attitude of professional skepticism. For example, the auditor would
ordinarily expect to find evidence to support management representations and not assume they
The need for the auditor to depart from a relevant requirement is expected to arise only where are necessarily correct.
the requirement is for a specific procedure to be performed and, in the specific circumstances of
the audit, that procedure would be ineffective in achieving the aim of the requirement. Attitude of professional skepticism: means the practitioner makes a critical assessment, with a
questioning mind, of the validity of evidence obtained and is alert to evidence that contradicts or
The PSAs do not call for compliance with a requirement that is not relevant in the brings into question the reliability of documents or representations by the responsible party. In
circumstances of the audit. planning and performing the audit, the auditor neither assumes that the management is honest
b. As the basis for the auditor’s opinion, PSAs require the auditor to obtain reasonable assurance nor assumes unquestioned honesty.
about whether the financial statements as a whole are free from material misstatement, whether
due to fraud or error. To obtain reasonable assurance, the auditor shall obtain sufficient Concept of Reasonable Assurance:
appropriate audit evidence to reduce audit risk to an acceptably low level and thereby enable the
auditor to draw reasonable conclusions on which to base the auditor’s opinion. Although an independent FS audit in accordance with PSAs lends credibility to the FS, such
audit is designed to provide only reasonable assurance, rather than absolute assurance, that the
Considerations Specific to Smaller Entities FS taken as a whole are free from material misstatement, whether due to fraud or error. In other
words, the level of assurance provided by an audit of detecting a material misstatement is
For purposes of specifying additional considerations to audits of smaller entities, a “smaller entity” referred to as reasonable assurance. Reasonable assurance means high, but not absolute,
refers to an entity which typically possesses qualitative characteristics such as: assurance.
1. Concentration of ownership and management in a small number of individuals (often a single Reasonable assurance refers to the gathering of the audit evidence necessary for the
individual – either a natural person or another enterprise that owns the entity provided the owner auditor to conclude that there are no material misstatements in the FS, taken as a whole. This
exhibits the relevant qualitative characteristics); and concept recognizes the existence of audit risk.
2. One or more of the following:
a. Straightforward or uncomplicated transactions; Notes on reasonable assurance:
b. Simple record-keeping; • Reasonable assurance relates to the conclusion of the auditor that there are no material
c. Few lines of business and few products within business lines; misstatements in the FS taken as a whole.
d. Few internal controls; • Reasonable assurance is achieved when the auditor has reduced audit risk to an acceptably low
e. Few levels of management with responsibility for a broad range of controls; or level by designing and performing audit procedures to obtain sufficient appropriate audit
f. Few personnel, many having a wide range of duties. evidence to be able to draw reasonable conclusions on which to base an audit opinion.
• Reasonable assurance relates to the whole audit process.
These qualitative characteristics are not exhaustive, they are not exclusive to smaller entities, and • Absolute assurance in audit of FS is not attainable. Accordingly, the audit opinion is not a
smaller entities do not necessarily display all of these characteristics. guarantee or certification that the financial statements are free from material misstatements.
The PSAs refer to the proprietor of a smaller entity who is involved in running the entity on a day- When reasonable assurance cannot be obtained and a qualified opinion cannot be expressed,
to-day basis as the “owner-manager.” the auditor should:
• Disclaim an opinion, or
• Withdraw from the engagement (if legally permitted)
• An audit is not an official investigation into alleged wrongdoing. Accordingly, the auditor is not
As the basis for the auditor’s opinion, PSAs require the auditor to obtain reasonable assurance given specific legal powers, such as the power of search, which may be necessary for such an
about whether the financial statements as a whole are free from material misstatement, whether investigation.
• The need for the audit to be conducted within a reasonable period of time and at a reasonable
The level of assurance provided by an audit of detecting a material misstatement is referred to as cost.
Reasonable assurance.
Timeliness of Financial Reporting and the Balance between Benefit and Cost
Inherent Limitations of an Audit
A45. The auditor is not expected to, and cannot, reduce audit risk to zero and cannot therefore A48. The matter of difficulty, time, or cost involved is not in itself a valid basis for the auditor to
obtain absolute assurance that the financial statements are free from material misstatement due omit an audit procedure for which there is no alternative or to be satisfied with audit evidence that
to fraud or error. This is because there are inherent limitations of an audit, which result in most of is less than persuasive. Appropriate planning assists in making sufficient time and resources
the audit evidence on which the auditor draws conclusions and bases the auditor’s opinion being available for the conduct of the audit. Notwithstanding this, the relevance of information, and
persuasive rather than conclusive. The inherent limitations of an audit arise from: thereby its value, tends to diminish over time, and there is a balance to be struck between the
a. The nature of financial reporting – reliability of information and its cost. This is recognized in certain financial reporting frameworks
• The preparation of financial statements involves judgment by management in applying the (see, for example, the IASB’s “Framework for the Preparation and Presentation of Financial
requirements of the entity’s applicable financial reporting framework to the facts and Statements”). Therefore, there is an expectation by users of financial statements that the auditor
circumstances of the entity. will form an opinion on the financial statements within a reasonable period of time and at a
• Many financial statement items involve subjective decisions or assessments or a degree of reasonable cost, recognizing that it is impracticable to address all information that may exist or to
uncertainty, and there may be a range of acceptable interpretations or judgments that may be pursue every matter exhaustively on the assumption that information is in error or fraudulent until
made proved otherwise.
• Consequently, some financial statement items are subject to an inherent level of variability which
cannot be eliminated by the application of additional auditing procedures. For example, this is A49. Consequently, it is necessary for the auditor to:
often the case with respect to certain accounting estimates. Nevertheless, the PSAs require the • Plan the audit so that it will be performed in an effective manner;
auditor to give specific consideration to whether accounting estimates are reasonable in the • Direct audit effort to areas most expected to contain risks of material misstatement, whether due
context of the applicable financial reporting framework and related disclosures, and to the to fraud or error, with correspondingly less effort directed at other areas; and
qualitative aspects of the entity’s accounting practices, including indicators of possible bias in • Use testing and other means of examining populations for misstatements.
management’s judgments.
A50. In light of the approaches described in paragraph A49, the ISAs contain requirements for the
b. The nature of audit procedures – there are practical and legal limitations on the auditor’s ability to planning and performance of the audit and require the auditor, among other things, to:
obtain audit evidence AUDITING
For example: • Have a basis for the identification and assessment of risks of material misstatement at the financial
• There is the possibility that management or others may not provide, intentionally or statement and assertion levels by performing risk assessment procedures and related activities;21
unintentionally, the complete information that is relevant to the preparation of the financial and
statements or that has been requested by the auditor. Accordingly, the auditor cannot be certain of • Use testing and other means of examining populations in a manner that provides a reasonable
the completeness of information, even though the auditor has performed audit procedures to basis for the auditor to draw conclusions about the population.
obtain assurance that all relevant information has been obtained.
• Fraud may involve sophisticated and carefully organized schemes designed to conceal it. Therefore, Other Matters that Affect the Inherent Limitations of an Audit
audit procedures used to gather audit evidence may be ineffective for detecting an intentional
misstatement that involves, for example, collusion to falsify documentation which may cause the A51. In the case of certain assertions or subject matters, the potential effects of the inherent
auditor to believe that audit evidence is valid when it is not. The auditor is neither trained as nor limitations on the auditor’s ability to detect material misstatements are particularly significant.
expected to be an expert in the authentication of documents. Such assertions or subject matters include:
• Fraud, particularly fraud involving senior management or collusion. See ISA 240 for further • Forming an opinion (the phrase “in our opinion” in the auditor’s report is intended to inform that
discussion. auditors based their conclusions on professional judgment)
• The existence and completeness of related party relationships and transactions. See ISA 55023 for
further discussion. 2. Use of testing / sampling risk – An audit is conducted on a test basis or by examining only sample
• The occurrence of non-compliance with laws and regulations. See ISA 250.24 for further discussion. of less than 100% of a population. This may introduce some risk that a misstatement will not be
• Future events or conditions that may cause an entity to cease to continue as a going concern. See detected.
ISA 570.25 for further discussion.
3. Reliance on management representation – Some audit evidence must be obtained by obtaining
Relevant ISAs identify specific audit procedures to assist in mitigating the effect of the inherent oral or written representations from management because many FS assertions cannot be
limitations. audited.
A52. Because of the inherent limitations of an audit, there is an unavoidable risk that some 4. Inherent limitations of accounting and internal control – Although the auditor performs audit
material misstatements of the financial statements may not be detected, even though the audit is procedures to detect material misstatements, such procedures may not be effective in detecting
properly planned and performed in accordance with ISAs. Accordingly, the subsequent discovery of misstatements resulting from the possibility of:
a material misstatement of the financial statements resulting from fraud or error does not by itself • management override of controls
indicate a failure to conduct an audit in accordance with ISAs. However, the inherent limitations of • circumvention of internal control
an audit are not a justification for the auditor to be satisfied with less than persuasive audit • collusion among employees
evidence. Whether the auditor has performed an audit in accordance with ISAs is determined by
the audit procedures performed in the circumstances, the sufficiency and appropriateness of the 5. Nature of audit evidence available – This is the fact that most of the evidence available to the
audit evidence obtained as a result thereof and the suitability of the auditor’s report based on an auditor is persuasive, rather than conclusive, in nature.
evaluation of that evidence in light of the overall objectives of the auditor.
6. Undetected fraud – Fraud is specifically designed not to be detected. Thus, there is always the
Limitations of Financial Statements Audit: (Reasons why absolute assurance in auditing is not possibility that fraud will not be detected.
attainable or why reducing audit risk to zero is not attainable)
7. Availability of audit evidence – Insufficient support may be available for drawing absolute
Absolute assurance in auditing is not attainable because of inherent limitations in an audit conclusions on specific assertions such as fair value estimates.
that affect the auditor’s ability to detect material misstatements. These limitations result from
factors such as: 8. Other limitations may affect the persuasiveness of audit evidence available to draw conclusions
on particular assertions (for example, transactions between related parties).
1. Need for auditor’s judgment
Not a limitation of audit: Physical limitations of auditors due to fatigue and stress.
The auditor’s work requires exercise of professional judgment such in the following matters:
• Identifying and addressing risk factors Concept of Materiality and Audit Risk
• Deciding what evidence to gather
• Making decisions about materiality and audit risk 1. Materiality: the magnitude of misstatement or omission; the ability to influence the economic
• Gathering and evaluating audit evidence (for example, in deciding the nature, timing and extent of decision of reasonable FS user
audit procedures)
• Evaluating management’s judgments in applying the entity’s applicable financial reporting The auditor obtains and evaluates audit evidence to obtain reasonable assurance about whether
framework. the FS are fair or are presented fairly, in all material respects, in accordance with the applicable
• Assessing the sufficiency and appropriateness of audit evidence financial reporting framework.
• Drawing of conclusions based on the evidence gathered
When is a misstatement or omission material? It is material if it could influence the economic • Example: Evaluation of a company’s computerized accounting system
decision of FS users. If it is probable that the judgment of a reasonable person would have been • Usually performed by internal auditors
changed or influenced by the omission or misstatement of information, then that information is • Efficiency relates to use of its resources, while effectiveness relates to accomplishing objectives.
material.
Internal auditor's responsibilities in operational audits:
Meaning of the term "present fairly, in all material respects": The auditor considers only those In operational audits, the company's management is responsible for setting operating
matters that are significant to the FS users; the phrase refers to the auditors expression of opinion standards. The internal auditor's responsibilities are to determine that:
a. Management has established such standards.
2. Audit Risk: the risk that audit opinion is inappropriate b. The standards are being met.
• specifically, it is the risk that the auditor expresses an inappropriate (unqualified) audit opinion c. Deviations from established standards are being identified and corrected.
when the FS are materially misstated d. Corrective action has been taken.
• concept of reasonable assurance acknowledges the existence of audit risk
Objective of operational auditing:
General Types of Audit: a. To assess performance in terms of efficiency and effectiveness of operations
1. According to objectives or nature of assertion (1) Effectiveness – To verify fulfillments of plans and sound business requirements
(2) Efficiency – To determine whether the entity is managing or utilizing its resources economically
a. Financial statement audit – an audit conducted to determine whether the financial statements and efficiently
of an entity are fairly presented in accordance with an identified financial reporting framework b. To identify areas for improvement
(or PFRS) c. To develop recommendations to improve performance (example of such as introduction of
controls to reduce waste)
• An of financial statements is the type of audit most frequently performed by CPAs (due to the
widespread use of audited financial statements) on a fee basis and for more than one client. Operational audit includes:
• Financial audit is also called: • Program or effectiveness audit: an audit to determine whether the entity has been effective in
➢ External audit – because it is performed by external auditors, whether individual CPAs or CPA achieving the desired results or benefits of the program or activity
firms, who are not employees of the client • Economy audit: an audit to determine whether company objectives or goals are met at a cost
➢ Independent audit – because the auditor is independent of the client subject to audit commensurate with the task
➢ Financial audit • Efficiency audit: whether company objectives or goals are met at the least or minimal costs
b. Compliance audit: a review of an entity’s degree of compliance with applicable laws and Major differences between financial and operational auditing:
rules/regulations or contracts; usually performed by government auditors • The financial audit is oriented to the past whereas an operational audit concerns performance
Examples: Examination conducted by: for the future.
i) BIR examiners: compliance of taxpayers with tax law, rules or regulations • The financial audit report is distributed to many readers whereas the operational audit report
ii) BSP examiners: compliance of banks with banking laws, rules or regulations goes to a few managers.
iii) COA auditors: compliance of government transactions/expenditures with the requirements of • Financial audits are limited to matters that directly affect the financial statements whereas
applicable laws, rules or regulations operational audits cover any aspect of efficiency and effectiveness.
c. Operational audit involves a systematic review and evaluation of the specific operating units (or 2. According to types of auditor or their affiliation with the entity being examined:
procedures, methods or activities) of an organization in relation to specified objectives for the
purpose of measuring/assessing its performance in terms of efficiency and effectiveness of a. External / Independent audit: performed by practitioners or independent CPAs who offer their
operations, identifying opportunities for improvement and making recommendations to improve professional services for a fee to various clients on a contractual basis
performance (such as introduction of controls to reduce waste). • Independent or external auditors are not employees of the client
• Also called performance audit or management audit
• External audit complements internal audit systematic disciplined approach to evaluate and improve the effectiveness of risk management,
control, and governance processes.
b. Internal audit: audit performed by entity’s own employees known as internal auditors; internal
auditors investigate and apprise the effectiveness and efficiency of operations and internal ii) Overall objective of internal auditing: to assist the members of the organization, particularly
controls of the firm management and board of directors, in the effective discharge of their responsibilities; in short,
to provide assistance to management or board of directors (it serves the needs of management).
Internal auditing is defined as "an independent, objective assurance and consulting activity
designed to add value and improve an organization's operations. It helps an organization accomplish • Internal auditors usually perform operational audits
its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness • Internal auditors usually focus on improving the efficiency and effectiveness of their employer,
of risk management, control, and governance processes." unlike external auditors (public accounting firms) whose focus is the fairness of the FS of their
clients.
Internal auditing includes the audit of:
• Financial and operating information; c. Government auditing: audit performed by government employees whose main concern is to
• Compliance with policies, plans, procedures, laws, regulations, and contracts; determine whether persons or entities comply with government laws, rules and regulations
• The means of safeguarding assets and verifying their existence;
• The economy and efficiency with which resources are employed; and Scope of government audit: may extend beyond FS audit to include:
• Operations or programs to ascertain whether results are consistent with established objectives i) FS audit
and goals and whether they are being carried out as prescribed. ii) Performance audit (includes (a) program results (effectiveness) audit and (b) economy and
efficiency audit)
iii) Compliance audit
Internal auditing is an appraisal control that measures and evaluates other controls. The increased
complexity and sophistication of business operations have required management to rely on this A governmental audit is typically designed to determine whether the auditee has complied with
appraisal control. applicable laws and regulations.
Internal auditors review the adequacy of the company's internal control system primarily The types of audits conducted by the Commission on Audit (COA) are financial audit and performance
to ascertain whether the system provides reasonable assurance that the company's objectives audit. Performance audits include economy, efficiency, and program audits. Included in the scope
and goals will be achieved efficiently and economically. Efficient performance implies the use of financial and performance audits is determining whether the entity has complied with applicable
of minimal resources to meet the company's objectives and goals. Economical performance laws and regulations.
is the accomplishment of objectives and goals at a cost commensurate with the task.
Government auditors are required to prepare a written report on the entity's internal control and
Internal auditors assist in the prevention of fraud by examining and evaluating the system of assessment of control risk made as part of a financial statement audit. The auditor's report
internal control. should include the following:
Internal auditors are required to review the means employed by the company to safeguard its 1. The scope of the auditor's work in obtaining an understanding of the entity's internal control and
assets from various types of losses such as those resulting from fire, theft, unscrupulous or illegal in his/her assessment of control risk.
activities, and exposure to the elements.
2. The entity's significant controls including those that are established to ensure compliance with
i) Internal auditing: An independent appraisal function or control or activity established within an laws and regulations that have a material impact on the financial
entity to examine and evaluate its activities or other controls as a service to the entity. It is an statements.
independent, objective assurance and consulting activity designed to add value and improve an
organization’s operations. It helps an organization to accomplish its objectives by bringing a
3. The conditions, including the identification of material weaknesses, identified as a result of the • Select the external auditors.
auditor's work. • Review the external auditor's overall audit plan.
• Evaluate the results of external and internal audits.
• Review the internal auditing work schedule, budget, etc.
The Government Auditing Standards require auditors to prepare a written report on the entity's • Meet regularly with the internal auditing director.
internal control. This report should include the conditions, including the identification of material • The above functions should increase public confidence on the fair presentation of the company's
weaknesses, discovered as a result of the auditor's work. However, the report should not give any financial statements.
form of assurance on the design and effectiveness of the entity's internal control.
Acceptability of the Financial Reporting Framework
Government auditors are required to obtain an understanding of the possible financial statement
effects of laws and regulations having direct and material effects on amounts reported. Also, they The auditor should determine whether the financial reporting framework adopted by
are required to make an assessment whether management has identified such laws that might management in preparing the FS is acceptable. An acceptable financial reporting framework is
have such effects. what is referred to as the “applicable financial reporting framework.” The auditor determines
whether the financial reporting framework adopted by management is acceptable in view of the
The audit of a government program involves obtaining information about the costs, outputs, nature of the entity (for example, whether it is a business enterprise, a public sector entity or a not
benefits, and effects of the program. Auditors attempt to measure the accomplish ments and for profit organization) and the objective of the FS.
relative success of the program based on the actual intent of the legislation that established the
program. In FS audit, financial reporting frameworks that are acceptable as valid criteria include:
1. Philippine Financial Reporting Standards (PFRSs)
Types of Auditors: 2. Philippine Accounting Standards (PASs)
1. Independent auditors or external auditors – are CPA firms and individual practitioners who 3. International Accounting Standards (IASs)
perform audit services on contractual basis for more than one client 4. Other authoritative basis
• Independent auditor – because the auditor is independent with respect to the client whose FS are
being audited; External auditor – the auditor is an outsider (not an employee of the client) Financial statements need to be prepared in accordance with one, or a combination of the
• Practitioners perform operational audits and compliance audits as part of consultancy services above-cited financial reporting framework.
2. Internal auditors – they are employed by the entity thus they are not independent. However, to
operate effectively, an internal auditor must be independent of the line functions of the entity. Distinction: Types of audit according to objectives or nature of assertion/data
Internal auditors perform operational and compliance audits.
3. Government auditors – employed in government agencies Point of distinction FS Audit Compliance audit Operational audit
• BIR examiners perform compliance audits Primary objective To enable the auditor to To determine To assess entity’s
• BSP examiners perform compliance and operational audits express an opinion on the degree of performance (in terms
• COA auditors perform compliance and operational audits fairness of the FS compliance of efficiency and
effectiveness)
The relationship between an external auditor and an internal auditor is that both of them use Subject matter Assertion that the FS are Assertion that the Assertion that the
basically an identical approach; however, there are differences in the application of auditing (Assertion) presented in accordance with organization has organization’s
techniques. identified financial reporting complied with activities/operations
framework (GAAP) laws, regulations are conducted
The audit committee is composed of outside directors who are independent of management. and specific effectively and
The primary purpose is to assure that the directors are exercising due care and external and procedures efficiently in relation
internal auditors are independent of management. to specified objectives
Established criteria GAAP – Identified financial Applicable laws, Objectives (as set by
The following are some of the audit committee's functions: reporting framework (as by regulations and the board of directors)
standard setting bodies) specific c. A distinguishing mark of the accountancy profession is its acceptance of the responsibility to act in
procedures (as public interest. Therefore, a professional accountant’s responsibility is not exclusively to satisfy the
set by needs of an individual client or employer.
authoritative
bodies) The Code of Ethics for CPAs in the Philippines – the document that contains the norms and
Sufficient Audit findings whether the FS Findings on Findings on principles governing the practice of the accountancy profession in the highest standards of
appropriate are in accordance with degree of assessment of ethical conduct
evidence / Identified financial reporting compliance performance /
outcome framework (GAAP) operations Objectives of the Accountancy Profession:
Communication of Auditor’s report containing an Reports on the Recommendations or 1. To work to the highest standards of professionalism
results to intended opinion whether the FS are degree of suggestions on how to 2. To attain the highest levels of performance, and
users fairly presented in accordance compliance with improve operations 3. To meet the public interest requirement
with identified financial applicable laws,
reporting framework (GAAP) regulations or Public interest – the collective well-being of the public the CPA serves
specific • Public interest imposes responsibility on the accountancy profession and on its members
procedures • Public – community of people and institutions who rely on the objectivity and integrity of
Users of audit Different groups for different Authoritative Management of the CPAs; consists of clients, credit grantors, governments, employers, employees, investors,
report purposes; wide variety of bodies that sets entity the business and financial community, and others who make such reliance
users (both internal and down the
external users) regulations, rules Important Role of CPAs in Society: The public rely on CPAs for:
and procedures a. Sound financial accounting and reporting
Type of auditor Independent / external Government Internal auditors b. Effective financial management and
performing the auditors – practitioners auditors c. Competent advice on a variety of business and taxation matters
audit
CPA – a person who holds a valid Certificate of Registration and a Professional Identification card
issued by the PRC/BOA to those who satisfactorily complied with all the legal and procedural
PUBLIC ACCOUNTING PROFESSION requirements for such issuance, including in appropriate cases, having passed the CPA licensure
examination
• Also referred to as professional accountant
Characteristics/Attributes of a Profession: • A member of the accountancy profession in the Philippines
a. Mastery of a particular intellectual skill, acquired by training and education;
b. Adherence by its members to a common code of values and conduct established by its Regulation of the Accounting Profession:
administering body, including maintaining an outlook which is essentially objective; and 1. Public Regulation – RA 9298 otherwise known as “The Philippine Accountancy Act of 2004”
c. Acceptance of a duty to society as a whole (usually in return for restrictions in use of a title or in (including its Implementing Rules and Regulations)
the granting of a qualification) 2. Regulation by the Profession – through the implementation of the Code of Ethics for professional
accountants / CPAs in the Philippines
Accountancy meets all characteristics of a profession as follows: 3. Regulation within the Firm – through implementation of a system of quality control
a. To be a member of the accounting profession, one must first obtain a BSA degree, pass a difficult
CPA board exam and continue learning through meaningful working experience and continuing Organizations that Affect Public Accounting:
professional education.
b. In acting in the public interest a professional accountants observe and comply with the ethical 1. Regulatory Government Agencies:
requirements of the Code of Ethics for professional accountants in the Philippines.
a. Professional Regulation Commission (PRC) – the government agency that administers, implements c. Securities and Exchange Commission (SEC) – the government agency that regulates the
and enforces the regulatory policies of the Philippine Government with respect to the regulation registration and operations of corporations (whether stock or non-stock), partnerships and other
and licensing of the various professions (such as the accountancy profession) under its jurisdiction forms of associations in the Philippines
• the professional regulation commission of the Philippines created under RA No. 8981
Laws governing the registration:
• The PRC derives its authority from the PRC Modernization Act of 2000. • Civil Code of the Phils. – for partnerships
• Corporation Code of the Phils. – for corporations
• The PRC is the government agency that has overall jurisdiction over the regulatory boards (such as • Securities Regulation Code
the Board of Accountancy) in the Philippines.
Overall objective of the SEC:
b. Professional Regulatory Board of Accountancy (BOA) – the government agency empowered to • The overall objective of the SEC is to assist in providing investors with reliable information upon
administer/enforce the Philippine Accountancy Act of 2004 (RA 9298) which to make investment decisions.
• BOA is under the administrative supervision of the PRC
SEC reportorial requirements:
Objectives of RA 9298: • The SEC prescribes financial reporting requirements.
• The standardization and regulation of accounting education; • SEC requires companies that plan to issue new securities to the public to submit a registration
• The examination for registration of CPAs; and statement to the SEC for approval.
• The supervision, control, and regulation of the practice of accountancy in the Philippines. • The financial statements to be filed with the SEC shall be accompanied by a Statement of
Management’s Responsibility for Financial Statements.
Councils/committee formed to assist BOA:
1. Financial Reporting Standards Council (FRSC) – assists BOA in the establishment and promulgation Composition of SEC: a chairperson and four (4) commissioners appointed by the President of the
of GAAP in the Philippines Philippines for a term of 7 years
2. Auditing and Assurance Standards Council (AASC) – created to assist BOA in the establishment and
promulgation of GAAS in the Philippines d. Bangko Sentral ng Pilipinas (BSP) – regulates and supervises the banking industry
3. Education Technical Council (ETC) – assists BOA in continuously upgrading accounting education in • The primary objective of the BSP is to maintain price stability conducive to a balanced and
the Philippines sustainable economic growth. It also aims to promote and preserve monetary stability and the
4. Quality Review Committee (QRC) – conducts an oversight into the quality of audits of financial convertibility of the peso.
statements through a review of the quality control measures instituted by an Individual CPAs, Firm
or Partnership of CPAs engaged in the practice of public accountancy to ascertain his/her/its Monetary Board – the policy-making body of the BSP
compliance with prescribe professional, ethical and technical standards of public practice
Functions of the QRC: Composition of Monetary Board: composed of 7 members appointed by the President of the
a. Conduct quality review on applicants for registration to practice accountancy and render a report Philippines for a term of 6 years, as follows:
which shall be attached to the application for registration. • BSP Governor
b. Recommend to the BOA the revocation of the Certificate of Registration and the Professional • A member of the Cabinet to be designated by the President of the Philippines
Identification Card of CPAs who has not observed the quality control measures and who has not • Five (5) members from private sector
complied with the standards of quality prescribed for the practice of public accountancy
c. In the event that the QRC cannot accomplish the aforesaid functions for any reason whatsoever, e. Commission on Audit (COA) – the government agency examines whether government units handle
the BOA or its duly authorized representatives may conduct the required quality review. their funds in compliance with existing laws and regulations and whether their programs are being
5. PRC CPE Council – assists BOA in implementing its CPE program conducted effectively, efficiently and economically
Principal duties of the COA:

a. Examine, audit and settle all accounts pertaining to the revenue or receipts and expenditures or
uses of government funds and property.
b. Act as central accounting office of the government (Keep the general accounts pertaining thereof 2. Standard-Setting Bodies:
and preserve the vouchers pertaining thereof), a. Local/Domestic:
c. Define the scope of its audit and examination. (1) Financial Reporting Standards Council (FRSC) – accounting standard-setting body/council created
d. Promulgate accounting and auditing rules and regulations including those for the by the BOA
prevention of irregular, unnecessary, excessive or extravagant expenditures or uses of funds and
property. FRSC Composition/Membership:
e. Submit to the President, at the time fixed by law, an annual financial report of the Chairman (had been or presently a senior practitioner in any of the
government, its subdivisions, agencies and instrumentalities, including GOCCs, and recommend scope of accounting practice) 1
measures necessary to improve their efficiency and effectiveness. BOA 1
f. Perform such other duties and functions as may be prescribed by law. SEC 1
BSP 1
• The COA is the highest and final authority in state auditing. Its jurisdiction and responsibility is BIR 1
defined by the Philippine Constitution (under Article IX – D). COA 1
A major organization composed of preparers and users of FS 1
• The COA acts as the sole external auditor of all government departments and agencies, including Accredited National Professional Organization of CPAs (APO) – PICPA:
government-owned or controlled corporations. Public practice 2
Commerce and industry 2
• Commission proper – governing body of COA Academe/Education 2
Government 2 8
• Composition: The COA is composed of a Chairman and two (2) Commissioners to be appointed by Total members 15
the President of the Philippines with the consent of the Commission of Appointments for a term of
7 years without reappointment (2) Auditing and Assurance Standards Council (AASC) – auditing standard-setting body/council
created by the BOA
• Qualifications of COA members:
1. Natural-born citizens of the Philippines AASC Composition/Membership:
2. At least thirty-five years of age at the time of their appointment Chairman (had been or presently a senior accounting practitioner in 1
3. CPAs with not less than 10 years of auditing experience or members of the Philippine Bar who public accountancy)
have been engaged in the practice of law for at least 10 years, and BOA 1
4. Not have been candidates for any elective position in the elections immediately preceding their SEC 1
appointment BSP 1
COA 1
• COA Audit: The COA conducts a comprehensive audit that includes financial, compliance, and Association or organization of CPAs 1
management audits. in active public practice of accountancy
Accredited National Professional Organization of CPAs - PICPA:
• At no time shall all Members of the COA belong to the same profession. Public practice 6
Commerce and industry 1
f. Insurance Commission (IC) – government agency regulates and supervises the insurance industry
Academe/Education 1
for the promotion of national interest
Government 1 9
Total members 15
g. Bureau of Internal Revenue (BIR) – government agency that enforce tax laws; the BIR is
empowered to collect taxes to raise revenues for the use and support of the government
• BIR representation. The BIR, although represented in the FRSC, is not represented in the AASC. 3. Professional and Sectoral Organizations:
• Appointment. The Chairman and members of the FRSC and AASC shall be appointed by the PRC a. Philippine Institute of Certified Public Accountant (PICPA) – the globally-recognized and
upon the recommendation of the BOA in connection with the APO (PICPA). integrated national professional organization of CPAs in the Philippines accredited by the BOA and
the PRC
• Term of office. The Chairman and members of both the FRSC and AASC shall have a term of 3
years renewable for another term. • PICPA is designated as the accredited professional organization (APO) in the Philippines.
• Main function of FRSC and AASC: To assist BOA in carrying out its powers and functions on • The Mission of PICPA is to enhance the integrity of the accountancy profession, serve the best
monitoring the conditions affecting the practice of accountancy and adoption of such measures, interest of its members and other stakeholders, and contribute to the attainment of the
including promulgation of accounting and auditing standards, rules and regulations and best country's national objectives.
practices
• As the APO, PICPA is tasked to meet the following requirements:
b. Foreign/International: a. It is established for the benefit and welfare of the CPAs, the advancement of their profession,
(1) International Federation of Accountants (IFAC) – the recognized global/worldwide organization for and the attainment of other professional ends;
the accountancy profession b. Its membership is open to all registered CPAs without discrimination;
c. It's membership shall include CPAs in all sectors;
The International Federation of Accountants (IFAC) is the worldwide organization for the d. It shall have a creditable plan to enlist into active membership within three (3) years, at
accountancy profession. Founded in 1977, its mission is “to serve the public interest, IFAC will least a majority of the CPAs in the practice of accountancy.
continue to strengthen the worldwide accountancy profession and contribute to the development e. It shall have adequate chapters/regions in major areas in the Philippines to effectively attend
of strong international economies by establishing and promoting adherence to high-quality to the needs of its members. Its national directors shall be elected in accordance with the
professional standards, furthering the international convergence of such standards and speaking provisions of the Corporation Code.
out on public interest issues where the profession’s expertise is most relevant.” f. It shall be judicious and prudent in the management of its financial resources.
g. It shall have a full-time career Executive Director who shall implement the policies promulgated
IFAC is comprised of 158 members and associates in 123 countries worldwide, representing by the PICPA Board of Directors and shall have direct supervision over the PICPA Secretariat.
approximately 2.5 million accountants in public practice, industry and commerce, the public sector, h. It is duly registered as a non-stock corporation or association by the SEC.
and education. No other accountancy body in the world and few other professional organizations i. It has paid the prescribed accreditation fee.
have the broad-based international support that characterizes IFAC.
• PICPA must renew its accreditation once every three years.
(2) International Accounting Standards Board (IASB) – the international accounting standard-setting
body b. Sectoral Organizations
• Foreign counterpart of the FRSC • Serve the needs of CPAs in different scopes of practice
• Its issuances are called IFRS • Provide seminars, programs and workshops that specifically serve the interests of the CPAs in their
• It replaced the International Accounting Standards Committee (IASC) respective sectors
• Each sector has its own organization as follows:
(3) International Auditing and Assurance Standards Board (IAASB) – international auditing standard- (1) Public Practice – Association of CPAs in Public Practice (ACPAPP)
setting body (2) Commerce and Industry – Association of CPAs in Commerce and Industry (ACPACI)
• Foreign counterpart of the AASC (3) Education/Academe – Association of CPAs in Education (ACPAE)
• It replaced the International Auditing Practices Committee (IAPC) (4) Government – Government Association of CPAs (GACPA)
Both the IASB and IAASB are under the IFAC.

ESTABLISHMENT, ORGANIZATION AND MANAGEMENT
OF A PUBLIC ACCOUNTING FIRM a. Application for registration (accomplished in a form prescribed by the BOA, in triplicate, and duly
signed by the applicant CPA)
b. Submission of registration documents such as:
Allowed Forms of Organization for the Practice of Public Accountancy: ➢ Certificate of registration issued by the SEC together with the certified copy of the current Articles
a. Single practitioners (individual CPAs) or sole proprietorship, and of Partnership for registered partnerships, or
b. Partnership of CPAs (general partnerships and limited liability partnerships) ➢ Certified copy of the Articles of partnership for unregistered partnership, or
➢ Certified copy of the certificate of registration of Firm name with the DTI and other proper
Corporation form of CPA/Audit firm is not allowed in the Philippines. government agencies.
c. A minimum of three (3) years meaningful experience in any of the areas of practice of accountancy
Allowed Names for the Practice of Accountancy: d. Compliance with the quality review (this is a required condition prior to registration or renewal any
1. Individual CPA: Shall use his/her registered name (the name registered with the BOA and the PRC thereof
and as printed on his/her CPA certificate)
For example: Jessie Garcia, CPA The BOA created Quality Review Committee (QRC) to conduct quality review on applicants for
2. Firms: Shall use the duly registered and authorized firm name appearing in the registration registration to practice accountancy and render a report which shall be attached to the application
documents issued by the DTI or any other proper government office/s and such firm name shall for registration.
include the real name of the sole proprietor as printed in his/her CPA certificate
For example: Denver Roncal and Associates • Validity of registration for accreditation is for a period of 3 years (renewable after 3 years on or
3. Partnerships: before September 30 on the year of expiry). The registration of applicants approved during any
• In case of registered partnership – shall use the partnership name as indicated in the Articles of month of the year shall expire on December 31 on the third year following its approval.
Partnership and certificate of registration issued by the SEC
• In case of unregistered partnership – shall use the partnership name indicated in the Articles of Example: If the application for registration of a CPA firm is approved on July 31, 2004, the
Partnership registration shall expire on December 31, 2006 and therefore it shall file for renewal on or before
For example: Sycip, Gorres, Velayo & Company September 30, 2006 for the three year period beginning January 1, 2007. The next renewal will be
on or before September 30, 2009.
In case of death or withdrawal of all partners, the surviving partner may continue to practice under
the partnership name for a period of not more than 2 years after becoming a sole proprietor. Tax and other Legal Requirements:
a. Payment of privilege tax as a CPA on occupations with the city or municipality where they practice
Prohibition on Use of Name: CPAs shall practice only under a name allowed by law and: public accountancy
• Shall NOT include any fictitious name b. Business permits (from local and national government)
• Shall NOT indicate specialization (such as tax specialist or expert) c. Accreditation with other government agencies:
• Shall NOT misleading as to the type of organization a. SEC – also accredits external auditors
• An external auditor should file with the SEC a representation letter for audit clients whenever his
Registration for Accreditation with the BOA and PRC: audit client files its financial statements with the SEC
• Registration for accreditation with the BOA and PRC is required for CPAs (individuals, firms and b. BSP – Rendering/offering of independent audits to banks and other financial institutions under BSP
partnerships, including its partners and staff members) before they can engage in public supervision requires BSP accreditation
accountancy. c. BIR – also accredits external auditors
• They shall not commence public practice until a valid Certificate of Registration to practice public Foreign CPAs:
accountancy has been issued to such CPA(s). The Certificate of Accreditation attests that the • The practice of accountancy in the Philippines is limited to Filipino CPAs.
applicant is duly accredited to practice public accountancy in the Philippines. • A foreign CPA is not allowed to be as owner, sole proprietor, partner or any staff thereof, unless
he/she is qualified to practice accountancy in the Philippines (unless the foreign CPA qualifies to
• Basic requirements for registration: practice under Sections 34 and 35 of RA 9298.)
• Under no circumstances shall the correspondent relationship, membership, or business dealings
with foreign CPAs be a scheme for the foreign CPAs to engage in the practice of public accountancy Professional Fees:
in the Philippines which under the present laws is limited to Filipino CPAs 1. Amount of fees to be charged to clients: Fees charged should be a fair reflection of the value of
the professional services, taking into account the following:
Hierarchy/ Ranks/Levels within a CPA Firm: a. The skill and knowledge required
1. Partners – owners of the CPA/Auditing firm 2. Senior or Senior-in-charge b. The level of training and experience of the persons necessarily engaged on the work
Duties and responsibilities: Duties and responsibilities: c. The time necessarily occupied by each person engaged on the work, and
• Determine operating policies of the firm • Directly responsible to the manager or the d. The degree of responsibility and urgency that the work entails
• Select and hire audit staff partner
• Obtain clients • Take charge of field work • A fee lower than previous fee is acceptable if calculated using the above factors.
• Establish contracts with clients (sign • Prepares audit program for a specific • Other factors to be considered are those influenced by legal, social and economic conditions in the
engagement letter) engagement (subject to review by superiors) Philippines.
• Approve billings to clients • Assigns particular phases of audit to staff
• Assume overall responsibility for each auditors No standard amount of fee: A CPA in public practice may determine or quote whatever fee
engagement • Directly supervises staff auditors deemed appropriate. He may quote a fee lower than another but not too low (or significantly
• Plan and review all phases of the audit • Perform more important audit procedures lower) nor excessive. If fees that are too low:
• Approve and sign the report and firm • Reviews non-financial records such as articles of • It is considered unethical
correspondence (such as audit report and other incorporation and by-laws • There would be a risk of a perception that the quality of work could be impaired
documents • Discusses with clients or with the partner or
manager problems or questions that arise in the 2. Methods of billing clients (billing arrangements): The methods of determining professional fees
course of the audit are:
• Assemble audit working papers a. Per diem basis – the charges are based on the actual time spent at a rate depending on the
• Prepare income tax returns experience and expertise of the members of the engagement team
• Prepares the original draft of audit report and • Also known as actual time charges basis
audited financial statements (subject to review • It is computed as actual time spent x rate per hour as agreed upon
and approval by the partner or b. Fixed fee or Flat fee basis – lump-sum fee for the entire engagement. The charges for out-of-
manager/supervisor) pocket expenses are separate from the audit fee and are to be billed separately
3. Managers / Supervisors 4. Junior or staff auditor/assistant c. Maximum fee basis – a combination of fixed fee and per diem basis. The billing is similar to per
Duties and responsibilities: Duties and responsibilities: diem basis subject to a maximum limit as agreed between the practitioner and the client
• Act as liaison between partners and other team • Prepare analyses, schedules, reconciliations and d. Retainer fee basis – the client pays a uniform/fixed monthly charge, plus additional fee annually,
members reports of findings payable upon submission of the audit report
• Prepare the overall audit plan • Verify footings, extensions and postings on
• Discuss with clients items of material accounting records Out-of-pocket expenses – reimbursable expenses, in addition to the professional fees, that are
importance (such as problems that may arise in • Trace evidence such as examination of vouchers chargeable to the client, such as:
course of the audit) supporting a disbursement • Traveling expenses
• Directly supervise senior auditors • Observe client’s physical count of inventories • Supplies
• Review working papers • Performs other tasks as may be assigned Billing arrangements should be clearly defined, preferably in writing, before the start of the
• Draft the report engagement to help in avoiding misunderstanding with respect to fees.
• Discuss reports and results to clients and settle
accounting problems with the client 3. Prohibition against contingent fee: An assurance engagement should not be performed for a fee
that is contingent on the result of the assurance work or on items that are the subject matter of the
• Take charge of training programs
assurance engagement.
• Solicitation – the approach to a potential client for the purpose of offering professional services
Contingent fee – a fee calculated on a predetermined basis relating to the outcome or result of a • Advertising – the communication to the public of information as to the services or skills provided
transaction or the result of the work performed by professional accountants in public practice with a view to procuring professional business
• Contingent fee is unacceptable billing arrangement because it impairs independence and
objectivity. Rules on Solicitation, Advertising and Referrals:
a. Solicitation of clients – prohibited by the Code of Ethics
Examples of contingent fees: b. Advertising (or other form of marketing) – not allowed
a. Fee based on % of audited net income • Advertising is a form of solicitation
b. Fee based upon % of the acquisition price of another company c. Payment or receipt of commission – not allowed
c. Fee based on amount of taxes saved d. Referral – allowed
d. Tax preparation where the fee will be based on whether the CPA signs the tax return prepared e. Payment or receipt of referral fee – not allowed
e. Fee based on amount of insurance settlement
f. Fee is charged if bank loan is obtained/approved Sources of Clients:
g. No fee will be charged unless specific finding or result is obtained a. Referrals from businessmen, clients (present or previous), financial and government institutions,
other CPAs, and legal and other professional firms
Not considered contingent fees: b. Walk-in clients
a. If fixed by a court or other public authority
b. If determined based on the results of judicial or government agency proceedings Death or disability of an Individual CPA, and Dissolution or Liquidation of a Firm or Partnership of
c. If authorized by statute CPAs:
d. If approved by a member body as generally accepted practice for certain professional services • Such must be reported to the BOA by any designated staff member of the Individual CPA, or by the
sole practitioner of a firm (or his/her designated staff member if the proprietor is unavailable), or
Some reasons why the above are not considered contingent fees: by the managing partner (or any designated partner in case the managing partner in case the
• Fees fixed by courts and other public authority, although may be uncertain in nature at that managing partner is unavailable) not later than 30 days from the date of such death, dissolution, or
moment, are not known and cannot be influenced by the auditor and the client. liquidation
• Fees based on determination by taxing authorities are a matter of judicial proceedings which do • The report must be:
not involve third parties. a. In affidavit form – in case of Individual CPA or a Firm
b. A certified copy of dissolution or liquidation papers filed with the SEC – in case of a partnership
Marketing Professional Services: • Failure to notify the BOA shall subject the designated individual to penalty.
A professional accountant in public practice should not bring the profession into disrepute
when marketing professional services. The professional accountant in public practice should be Fees and Penalties:
honest and truthful and should NOT: • Fee – Fee for initial registration, renewal, or request for reinstatement: P1,000 or to such an
a. NOT make exaggerated claims for services offered, qualifications possessed or experience gained; amount as the PRC may prescribe
or • Penalties:
b. NOT make disparaging references to unsubstantiated comparisons to the work of another. ➢ Suspension of CPA certificate, certificate of registration (to practice), and professional identification
card. If the violator is criminally liable, such party responsible shall be proceeded against
If the professional accountant in public practice is in doubt whether a proposed form of advertising criminally, independent of any action therein provided.
or marketing is appropriate, the professional accountant in public practice should consult with the ➢ Subject to the approval of the PRC, the BOA may, for justifiable reasons, lift the sanctions imposed
relevant professional body. on violators.
Publicity, Solicitation and Advertising: Examples of Violations of the IRR:

• Publicity – the communication to the public of facts about a professional accountant which are not a. Engaging in public accounting practice without first registering with the BOA and the PRC
designed for the deliberate promotion of that professional accountant b. Continuing to engage in public accounting practice after the expiration of registration
c. Continuing to engage in public accounting practice after suspension, revocation or withdrawal of
registration GENERAL STANDARDS – standards/criteria which present guidance in the personal qualifications
d. Giving any false information, data, statistics, reports or other statement which tend to mislead, an auditor must possess to undertake the audit engagement
obstruct, or obscure the registration of an Individual CPA, Firm or Partnership of CPAs under the
IRR 1. Adequate technical training and proficiency: This standard refers to professional competence
e. Giving any misrepresentation to the effect that registration was secured when in truth and in fact, • Professional competence of the auditor is primarily met by having professional
it was not secured education/training and practical experience in auditing
f. Failure or refusal to undergo quality review • Competence can also be acquired by the auditor through the following:
g. Failure to comply with the requirements on accomplishment of the application for registration, ➢ Continuing professional development
including submission of required documents ➢ Consulting others if additional technical information is needed
➢ Coaching by more experienced staff
➢ Research to obtain knowledge of client business and industry
GENERALLY ACCEPTED AUDITING STANDARDS • Competence does not include warranting the infallibility of the work performed.
2. Independence: This standard requires that the auditor must be impartial when dealing with the
Auditing Standards: client or without bias with respect to the client entity. The auditor must be independent in fact
• Popularly known as the Generally Accepted Auditing Standards (GAAS) and in appearance.
• The general guidelines that the auditors must follow in conducting the audit. a. Independence of mind – The state of mind that permits the expression of a conclusion without
• The minimum standards of auditor’s performance that must be achieved on each audit being affected by influences that compromise professional judgment, allowing an individual to act
engagement with integrity, and exercise objectivity and professional skepticism; this is also known as
• The guidance for measuring the quality of the auditor’s performance “independence in fact” or “independence in mental attitude.”
b. Independence in appearance – The avoidance of facts and circumstances or situations that are so
GAAP vs. GAAS: significant that would lead a reasonable and informed third party or the public to believe or
• GAAP: the principles for the preparation and presentation of financial statements that are conclude that the auditor is not independent. In other words, independence in appearance
used by the auditor as criteria in determining the overall fairness of the financial requires that activities or relationships that even suggest or imply a possible lack of independence
statements; foundation of accounting must be avoided by the auditor.
• GAAS: standards/measures/guidance that the auditors must follow when conducting an
audit; foundation of auditing • Independence is often called the cornerstone of the profession since it is necessary to add
credibility to the auditor’s work.
Auditing Standards vs. Auditing Procedures: • Auditor strives to achieve independence in appearance in order to: maintain public confidence
a. Definition: in the profession or to achieve public confidence. The audit opinion and the audit report would
• Auditing standards: the measures of the quality or minimum standard of auditor’s be of little or no value if auditor is not independent because of absence of public confidence.
performance • The auditor ultimately decides whether or not he/she is independent.
• Auditing procedures: the means used (or the acts to be performed) by the auditor to attain • Independence in mental attitude cannot be regulated.
the quality or minimum standard of auditor’s performance • However, to encourage independence in fact and to maintain the appearance of independence, the
b. Basic difference: "auditing procedures" relate to acts to be performed, whereas "auditing auditor can have no direct financial interest in the client. “Direct” includes the auditor and
standards" deal with measures of audit quality and the objectives to be achieved in an audit. members of immediate family. “Financial interest” is ownership of equity shares, other client
c. Relationship: Every independent audit engagement involves both auditing standards and financial instruments, or any other potential financial benefit.
auditing procedures. From one engagement to another engagement, auditing standards are • In addition, there can be no material indirect financial interest such as ownership through a mutual
applied uniformly but auditing procedures may vary. fund.
• To ensure independence, auditor cannot render an opinion on statements of one year until all fees
THE 10 GENERALLY ACCEPTED AUDITING STANDARDS (GAAS): from the prior year audit have been paid.
• To emphasize independence from management, auditor is usually appointed by audit committee • The auditor should obtain sufficient appropriate audit evidence by performing audit procedures to
of the board of directors. be able to draw reasonable conclusions on which to base the opinion regarding the financial
• Independence may be impaired by performing consulting services, especially those that involve statements under audit.
making management decisions.
• Evidence gathering is sometimes called substantive testing. Any testing that confirms the ending
3. Due professional care: This standard requires that an auditor, in fulfilling his duties, should act balance of an account is known as a test of a balance. Evidence gathered to support an account by
diligently and carefully, exercise reasonable prudence, and apply judgment in a conscientious looking at the various transactions that have affected it during the period is called a test of details.
manner, carefully weighing the relevant factors before reaching a decision. • All specific audit work is performed in order to gather evidence.
• The quantity and quality of evidence to be gathered depends on the judgment of the auditor.
• Due professional care is often called the "average auditor" concept. The auditor should do what • The decision as to how much evidence to be accumulated requires professional judgment; not
the average auditor would do and never less, including review of work performed by assistants and provided in the PSAs; the rule is, evidence must be sufficient to afford a reasonable basis for
maintaining an attitude of professional skepticism. opinion
• Due professional care does not mean/imply infallibility or exercise of error-free judgment. The
auditor is not and cannot be held responsible for losses because of errors of pure judgment. STANDARDS OF REPORTING – standards on auditor’s expression of audit opinion through a
• Exercise of due professional care in the performance of the audit requires: medium known as the auditor’s report
a. Observance of the standards of field work and reporting
b. Critical review of the audit work performed at every level of supervision 1. Whether the financial statements are in accordance with GAAP/PFRS: Conformity with
c. Degree of skill commonly possessed by others in the profession GAAP/PFRS is explicit in the auditor’s report
d. Exercise of the same components of professional care as a reasonable auditor would exercise • Explicit statement means that the auditor should state whether or not the financial statements
e. Exercise of professional skepticism subject to audit are prepared in accordance with GAAP/PFRS.
• When an overall opinion cannot be expressed, as where the auditor disclaims an opinion, the
STANDARDS OF FIELD WORK – the standards / criteria for planning and evidence-gathering reasons therefore should be stated.
1. Adequate planning and proper supervision: 2. Consistent application of GAAP/PFRS: Consistency is implicit in the auditor’s report
• Planning involves establishing the overall audit strategy for the engagement and developing an • If there is no material consistency as to application of GAAP/PFRS, no statement as to
audit plan. The auditor should also supervise the work of assistants. Supervision is critical because consistency is required in the auditor’s report. However, if a material inconsistency exists,
of assistants’ lack of experience. auditor shall identify such inconsistency in the auditor’s report.
• Audit programs are designed to enumerate appropriate action, and all work of staff auditors should
be reviewed by a qualified auditor. Audit program is developed before substantive testing to In short:
ensure that adequate planning has occurred. • If GAAP/PFRS is consistently applied: no express statement as to consistency is necessary
because consistency is implicit in the auditor’s report
2. Sufficient understanding of the entity and its environment, including internal control: • If GAAP/PFRS is not consistently applied: auditor shall identify in the auditor’s report such
• As part of the planning activities, the auditor is required to obtain sufficient understanding of the inconsistency
entity and its environment. This means that the auditor should obtain a more detailed knowledge
of the client's business and the environment/industry in which the entity operates. 3. Adequacy of informative disclosures: Adequacy of disclosure is implicit in the auditor’s report.
• A sufficient understanding of internal control is to be obtained to plan the audit. Appropriate If informative disclosure is adequate, no statement as to adequacy of disclosure is requ ired in
internal controls provide the auditor with confidence that material misstatements will be the auditor’s report. However, if informative disclosure is inadequate, auditor must state such
prevented or detected on a timely basis. inadequacy in the auditor’s report.
➢ Strong internal control implies that the auditor will require less evidence. • If disclosure is adequate: no statement as to adequacy of disclosure is necessary because
➢ Weak internal control implies that the auditor will require more evidence. adequacy of disclosure is implicit in the auditor’s report
• If disclosure is inadequate: auditor must state in the audit report such inadequacy
3. Sufficient appropriate audit evidence:
assurance that all audits are conducted in accordance with PSAs and that audit reports issued are
4. Opinion regarding the financial statements taken as a whole: expression of audit opinion is appropriate in the circumstances
explicit in the auditor’s report
QC policies vs. QC procedures:
Objective of 4th standard of reporting: a. Quality control policies – are the objectives and goals to be achieved
• To indicate the character of the engagement and the degree of responsibility assumed by the b. Quality control procedures – are steps/procedures to be taken to:
auditor. This would prevent FINANCIAL STATEMENTS users from misinterpreting the degree of • accomplish the policies adopted, or
responsibility the auditor is assuming/taking. • implement and monitor compliance with those policies
• Reference to the expression "taken as a whole" in the fourth generally accepted auditing standard
of reporting means that the audit opinion applies equally to a complete set of financial statements Mandatory requirement for CPA firms to establish SQC: Under Philippine Standard on Quality
and to each individual financial statement. Control 1 (PSQC 1) CPA firms are required to establish and implement a system of quality control.
Philippine Standards on Auditing (PSAs): Nature and Extent of a System of Quality Control: The nature and extent of the SQC developed by
• The PSAs are interpretations of GAAS, meaning, they are intended to clarify the meaning of CPA firms vary from firm to firm due to various factors such as:
"generally accepted auditing standards." a. Size of the CPA firm
• The PSAs contains basic audit principles and essential procedures together with related guidance b. Nature of its practice
in the form of explanatory and other material which the auditor should follow when conducting c. Operating characteristics
financial statements audit. d. Its organization
• Application of PSAs: PSAs apply to independent examination of (historical) financial statements e. Geographical dispersion
of any entity conducted for the purpose of expressing an opinion. f. Cost-benefit consideration
• Compliance with PSA: The auditor should conduct an audit in accordance with PSA. Compliance g. Whether it is part of a network
with PSAs means application of basic audit principles and performance of essential audit
procedures. Compliance with relevant PSAs is mandatory. Only in exceptional instances where Elements of System of Quality Control: Although the nature and extent of the system of quality
departure from relevant PSA is allowed such as when the auditor believes that the: control developed by CPA firms vary from one firm to another, a system of quality control must
➢ Amount involved is insignificant; or have the following elements:
➢ Requirement of the PSA is impractical to perform; or 1. Leadership responsibilities for quality within the firm – The CPA firm should establish policies and
➢ Requirement of the PSA is impossible to perform. procedures that:
• Promote an internal culture based on recognition that quality is essential in the performance of the
NATURE OF SYSTEM OF QUALITY CONTROL: engagements
• Require CPA firm’s leader (CEO/ managing board of partners or its equivalent), to assume ultimate
responsibility for the firm’s system of quality control.
One of the recognized objectives of the accountancy profession is to attain the highest levels of 2. Ethical requirements, including independence –
performance. To achieve this objective, there is a need for assurance that all professional services • The CPA firm should establish policies and procedures to provide reasonable assurance that the
provided by CPAs are carried out to the highest quality or standards of performance. Reasonable firm and its personnel comply with relevant ethical requirements (including independence):
assurance of meeting such need is provided through a system of quality control. 3. Acceptance and continuance of client relationships and specific engagements – The CPA firm
should establish policies and procedures to provide reasonable assurance that the CPA firm will
A system of quality control refers to quality control policies and procedures adopted by CPA only undertake or continue relationships and engagements where it:
firms that are designed to provide reasonable assurance that the firm and its personnel comply a. Has considered the client’s integrity
with professional standards and regulatory and legal requirements and that reports issued by the b. Is competent to perform the engagement and has the capabilities, time and resources to do so; and
firm or engagement partners are appropriate in the circumstances. c. Can comply with ethical requirements
System of Quality Control in an Audit Engagement: Policies and procedures to provide reasonable
4. Human resources – The CPA firm should establish policies and procedures to provide reasonable • The BOA has created a Quality Review Committee (QRC) which shall conduct a quality review on
assurance that it has sufficient personnel with the capabilities, competence, and commitment to applicants for registration to practice public accountancy.
ethical principles necessary to perform the engagement.
5. Engagement performance – The CPA firm should establish policies and procedures to provide Functions of the Quality Review Committee:
reasonable assurance that engagements are performed in accordance with professional • Conducts quality review on applicants for registration, or renewal thereof, to practice public
standards and regulatory and legal requirements, and that the firm or engagement partner accountancy
issue reports that are appropriate in the circumstances. • Render a report on such quality review, which shall be attached to the application for registration
6. Monitoring – The CPA firm should establish policies and procedures to provide reasonable • Recommend to BOA revocation of registration and professional ID cards of CPAs for not observing
assurance that quality control are relevant, adequate and operating effectively and complied with the SQC requirements
in practice and should include an ongoing consideration and evaluation of the firm’s system of
quality control, including a periodic inspection of a selection of completed engagements. Quality review – an oversight into (or study or appraisal of) the quality of audit of FS through a
review of quality control measures established by CPA firms and individual CPAs in public practice
The purpose of monitoring compliance with quality control policies and procedures is to to ensure compliance with accounting and auditing standards and practices
provide an evaluation of:
a. Adherence to professional standards and regulatory and legal requirements;
b. Whether the quality control system has been appropriately designed and effectively implemented; Republic Act No. 9298 – PHILIPPINE ACCOUNTANCY ACT OF 2004
and (and its Implementing Rules and Regulations)
c. Whether the firm’s quality control policies and procedures have been appropriately applied, so that
reports that are issued by the firm or engagement partners are appropriate in the circumstances.
The following shall also be included in the CPA firm’s SQC: Objectives of the Philippine Accountancy Act:
1. Complaints and Allegations: The firm should establish policies and procedures designed to provide a. The standardization and regulation of accounting education;
it with reasonable assurance that it deals appropriately with: b. The examination for registration of CPAs; and
a. Complaints and allegations that the work performed by the firm fails to comply with professional c. The supervision, control, and regulation of the practice of accountancy in the Philippines.
standards and regulatory and legal requirements; and
b. Allegations of non-compliance with the firm’s system of quality control. Scope of Practice of Accountancy:
2. Documentation: The firm should establish policies and procedures requiring appropriate Practice of accountancy shall include, both not limited to the following:
documentation to provide evidence of the operation of each element of its system of quality
control. 1. Practice of Public Accountancy – Practice of public accountancy shall constitute in a person, be it
his/her individual capacity, or as a partner or as a staff member in an accounting or auditing firm,
Distinction between GAAS/PSA and SQC: GAAS/PSAs relate to each individual audit engagement, holding out himself/herself as one skilled in the knowledge, science and practice of accounting, and
whereas SQC relates to all professional activities/services of the firms practice as a whole. as a qualified person to render professional services as a certified public accountant; or offering or
rendering, or both, to more than one client on a fee basis or otherwise, services such as:
QUALITY REVIEW COMMITTEE: a. The audit or verification of financial transaction and accounting records
• To ensure that CPAs work to the highest standards, the government thru the Professional b. The preparation, signing, or certification for clients of reports of audit, balance sheet, and other
Regulatory Board of Accountancy (BOA) has required all CPA firms and individual CPAs in public financial, accounting and related schedules, exhibits, statements or reports which are to be used
practice to obtain a certificate of accreditation to practice public accountancy. Such certificate is for publication or for credit purposes, or to be filed with a court or government agency, or to be
valid for three (3) years and can be renewed after complying with the requirements of the BOA. used for any other purpose
• As a condition to the renewal of the certificate of accreditation to practice public accountancy, the c. The design, installation, and revision of accounting system
BOA requires individual CPAs and CPA firms to undergo a quality control review to ensure that d. The preparation of income tax returns when related to accounting procedures
these CPAs comply with accounting and auditing standards and practices. e. The representation of clients before government agencies on tax and other matters related to
accounting
f. Renders professional assistance in matters relating to accounting procedures and the recording and • The SEC shall not register any corporation organized for the practice of public accountancy. In other
presentation of financial facts or data words, corporation form of CPA firm is not allowed.
• A certificate of accreditation issued only after showing that the registrant has acquired the
2. Practice in Commerce and Industry – Practice in commerce and industry shall constitute in a minimum 3 years meaningful experience in any of the areas of accountancy (whether in the public
person: accountancy, commerce and industry, education/academe and government)
a. Involved in decision making requiring professional knowledge in the science of accounting, (as well
as the accounting aspects of finance and taxation); or Certificate of Accreditation – a certificate under seal, issued by the PRC upon the recommendation
b. When the CPA represents his employer before government agencies on tax and other matters by the BOA, attesting that Individual CPAs, including the staff members thereof, firms including the
related to accounting sole proprietors and the staff members thereof and partnerships of CPAs including the partners
c. When such employment or position requires that the holder thereof must be a CPA. and the staff members thereof, are duly accredited to practice public accountancy in the
Philippines.
The IRR provides that business or company in the private sector should employ a duly registered
CPA if: Definition of Meaningful Experience:
a. Paid-up capital is at least P5.0 million; and/or In Public practice Shall include:
b. Annual revenue is at least P10.0 million • At least 1 year as audit assistant and
• At least 2 years as auditor-in-charge of audit engagements covering full
3. Practice in Education / Academe – Practice in education or the academe shall constitute in a audit functions of significant clients
person in an educational institution which involve teaching of accounting, auditing, management In Commerce and Includes significant involvement in:
advisory services, finance, business law, taxation, and other technically related subjects. Industry • General accounting, budgeting and tax administration
• Internal auditing and liaison officer
• A CPA is considered to be engaged in the practice of accountancy in education / academe if he/she • Representing his/her employer before government agencies on tax and
is employed in educational institutions as teachers of accounting, auditing, MAS, (accounting matters related to accounting or any other related functions
aspects of) finance, business law, taxation and other technically related subjects. In the Academe or Shall include:
• Members of the Integrated Bar of the Philippines (IBP) may be allowed to teach business law and Education • Teaching for at least 3 trimesters or 2 semesters subjects in either
taxation subjects. financial accounting, business law and tax, auditing problems, auditing
• The position of either the Dean or department chairman (or its equivalent) that supervises the BSA theory, financial management and management services
program of an educational institution is deemed to be in practice of accountancy in the academic • Provided, that the accumulated teaching experience on these subjects
/education and therefore must be occupied only by a duly registered CPA. shall not be less than 3 school years
In Government Includes significant involvement in:
4. Practice in Government – Practice in the government shall constitute in a person who holds, or is • General accounting
appointed to, a position in an accounting professional group in government or in a government-
• Budgeting
owned and/or controlled corporation, including those performing proprietary functions, where
• Tax administration
decision making requires professional knowledge in the science of accounting, or where a civil
• Internal auditing
service eligibility as a CPA is a prerequisite.
• Liaison with the COA
• Any other related functions
Sector – is the area of practice of accountancy namely public accountancy, commerce and industry,
academe/education and government
Prohibition in the Practice of Accountancy:
Non-CPAs:
Limitations of the Practice of Public Accountancy:
• Are not allowed to practice accountancy in the Philippines
• Single practitioners (individual CPAs) and Partnership of CPAs shall be registered CPAs in the
Philippines. • Cannot use the title “Certified Public Accountant” or “CPA”
• Should not indicate (thru display or use any title, sign, card, advertisement, or other device) that he a. To prescribe and adopt the rules and regulations necessary for carrying out the provisions of this
practices or offers to practice accountancy or that he is a CPA Act (RA 9298)
Non-Filipino professional accountants/CPAs: b. To supervise the registration, licensure and practice of accountancy in the Philippines;
• Are also not allowed to practice accountancy in the Philippines, unless: c. To administer oaths
a. Through foreign reciprocity d. To issue, suspend, revoke, or reinstate the Certificate of Registration for the practice of the
b. With valid temporary/special permit duly issued by the BOA and the PRC accountancy profession
e. To adopt its own official seal
Professional Regulatory Board of Accountancy (BOA): f. To prescribe and/or adopt a Code of Ethics for the practice of accountancy
• The BOA is the official government agency empowered to enforce RA 9298. g. To monitor the conditions affecting the practice of accountancy and adopt such measures,
• BOA is under the supervision and administrative control of the Professional Regulation Commission including promulgation of accounting and auditing standards, rules and regulations and best
(PRC) practices as may be deemed proper for the enhancement and maintenance of high professional,
1. Composition of BOA: ethical, accounting and auditing standards
• BOA shall be composed of a chairman and 6 members (all of which are to be appointed by the h. To conduct an oversight into the quality of audits of financial statements through a review of the
President of the Philippines) quality control measures
• BOA shall elect a vice-chairman from among its members for a term of 1 year. i. To investigate violations of this Act as IRR, to issue summons, subpoena and subpoena ad
testificandum and subpoena duces tecum to violators or witness thereof and compel their
According to the IRR, the 4 sectors in the practice of accountancy shall as much as possible be attendance to such investigation or hearings and the production of documents in connection
equitably represented in the BOA. therewith
j. The Board may, motu propio in its discretion, make such investigations as it deems necessary to
2. Qualifications of BOA members: At the time of appointment, he/she must be: determine whether any person has violated any provisions of this law, any accounting or auditing
a. Natural-born citizen and a resident of the Philippines; standard or rules duly promulgated by the BOA as part of the rules governing the practice of
b. Duly registered CPA with at least 10 years of work experience in any scope of practice of accountancy
accountancy k. To issue a cease or desist order to any person, association, partnership or corporation engaged in
c. Of good moral character and must not have been convicted of crimes involving moral turpitude violation of any provision of this Act, any accounting or auditing standards or rules duly
d. Not have any pecuniary interest, directly or indirectly, in any school, college, university or promulgated by the BOA as part of the rules governing the practice of accountancy in the
institution conferring an academic degree necessary for admission to the practice of accountancy Philippines
(those that offer BSA degree) or where review classes in preparation for the licensure examination l. To punish for contempt of the BOA, both direct and indirect, in accordance with the pertinent
are being offered or conducted (such as RESA, PRTC and CPAR), nor shall he/she be a member of provisions of and penalties prescribed by the Rules of Court
the faculty or administration thereof at the time of his/her appointment to the BOA, and m. To prepare, adopt, issue or amend the syllabi of the subjects for examinations in consultation
e. Not be a director/officer of the APO (PICPA) at the time of his/her appointment – this is an with the academe, determine and prepare questions for the licensure examination which shall
additional requirement under the IRR strictly be within the scope of the syllabi of the subjects for examinations as well as administer,
correct and release the results of the licensure examinations
3. Term of office of BOA members: n. To ensure, in coordination with the Commission on Higher Education (CHED) or other authorized
• The Chairman and the members of the BOA members shall hold office for a term of 3 years. government offices that all higher educational instruction and offering of accountancy comply
with the policies, standards and requirements of the course prescribed by CHED or other
• Any vacancy during the term of a member shall be filled up for the unexpired portion of the term
authorized government offices in the areas of curriculum, faculty, library and facilities; and
only. Appointment to fill up an unexpired term is not to be construed as a complete term.
o. To exercise such other powers as may be provided by law as well as those which may be implied
• No person who has served 2 successive complete terms shall be eligible for reappointment until
from, or which are necessary or incidental to the carrying out of, the express powers granted to
the lapse of 1 year.
the BOA to achieve the objectives and purposes of this Act.
• No person shall serve in the BOA for more than 12 years. (addition under the IRR)
5. Grounds for Suspension or Removal of BOA Members:
4. Powers and Functions of the BOA: The BOA shall exercise the following specific powers,
functions and responsibilities:
The President of the Philippines, upon the recommendation of the PRC may suspend
or remove any BOA member on the following grounds: • Appointment. The Chairman and members of the ETC shall be appointed by the PRC upon the
a. Neglect of duly or incompetence recommendation of the BOA in connection with the APO (PICPA).
b. Violation or tolerance of any violation of RA 9298 and its IRR or the CPA Code of Ethics and the • Term of office. The Chairman and the members of the ETC shall have a term of 3 years renewable
technical and professional standards of practice for CPAs for another term.
c. Final judgment of crimes involving moral turpitude
d. Manipulation or rigging of the CPA's licensure examination results, disclosure of secret and CPA Examinations:
confidential information in the examination questions prior to the conduct of the said examination All applicants for registration for the practice of accountancy shall be required to undergo a
or tampering of grades. licensure examination to be given by the BOA in such places and dates as the PRC may designate
subject to compliance with the requirements prescribed by the PRC in accordance with Republic
• The President’s power to appoint carries with it the power to suspend or removed a BOA member Act No. 8981.
based on the abovementioned grounds.
1. Qualifications of Applicants for CPA Examinations:
• When a member of the BOA has been sued of crimes involving moral turpitude, it is not a valid a. Must be a Filipino citizen
ground for suspension or removal of BOA members. b. Must be of good moral character
c. Must be a holder of the degree of BSA conferred by a school, college, academy or institute duly
FRSC and AASC: (Refer to notes on public accounting profession) recognized and/or accredited by the CHED or other authorized government offices, and
d. Has not been convicted of any criminal offense involving moral turpitude
Education Technical Council (ETC):
• Assists BOA in continuously upgrading accounting education in the Philippines 2. Scope of Examinations:
The CPA examination shall cover, but are not limited to, the following subjects:
1. Functions of the ETC: 1. Theory of Accounts (80 – 100 items)
• Determine a minimum standard curriculum for the study of accountancy to be implemented in all 2. Business Law and Taxation (50 – 70 items)
schools offering accountancy as an undergraduate degree. 3. Management Services (50 – 70 items)
• Established teaching standards, including the qualifications of members of the faculty of schools 4. Auditing Theory (80 – 100 items)
and colleges of accountancy. 5. Auditing Problems (40 – 50 items)
• Monitor the progress of the program on the study of accountancy and undertaking measures for 6. Practical Accounting I (40 – 50 items)
the attainment of a high quality of accountancy education in the country. 7. Practical Accounting II (40 – 50 items)
• Evaluate periodically the performance of educational institution offering accountancy education.
• Each subject has a corresponding syllabus.
2. ETC Composition/Membership: • The BOA, subject to the approval of the PRC, may revise or exclude any of the subjects and their
Chairman (had been or presently a senior accounting practitioner in the 1 syllabi, and add new ones as the need arises.
academe/education)
BOA 1 3. Rating in the CPA Examinations:
Accredited National Professional Organization of CPAs - PICPA: • To pass the CPA exams – 75%; 65%: A candidate must obtain at least a general average of 75%,
Public practice 1 with no grades lower than 65% in any given subject.
Commerce and industry 1 • Conditional status: If a candidate obtains a rating of 75% and above in at least a majority of the
Academe/Education 2* subjects tested, he/she will be given conditional credits for the subjects passed.
Government 1 5
Total 7 4. Removal Examination:
*1 private school and 1 public school offering Bachelor of Science in Accountancy • The candidates with conditional status shall take an examination in the remaining subjects within 2
years from the preceding examination.
• If the candidate fails to obtain at least a general average of 75% and a rating of at least 65% in each
of the subjects reexamined, he/she shall be considered as failed in the entire examination. Grounds for Refusal to Issue Certificate of Registration and Professional ID:
• The original exam and the removal exam are counted as one exam only. The BOA shall not register and issue a certificate of registration and professional identification
card to any successful examinee due to the following grounds:
5. Candidates required to take Refresher Course: a. Convicted by a court of competent jurisdiction of a criminal offense involving moral turpitude or
• Any candidate who fails in 2 complete CPA exams shall be disqualified from taking another set of b. Guilty of immoral and dishonorable conduct or
examinations unless he/she submits evidence to the satisfaction of the BOA that he/she enrolled in c. Of unsound mind
and completed a refresher course with at least 24 units of subjects given in the CPA exams.
• The BOA shall not register either, any person who has falsely sworn, or misrepresented
• The examination in which the candidate was conditioned together with the removal himself/herself in his/her application for examination.
examination on the subject in which he/she failed shall be counted as one complete
examination. • Registration shall not be refused and a name shall not be removed from the roster of CPAs on
• The IRR provides that the required refresher course (whether regular or special refresher conviction for a political offense (or for an offense, in the opinion of the BOA, that does not
course) shall be offered only by an educational institution granting a degree of BSA. disqualify a person from practicing accountancy)
Oath: Suspension and Revocation of Certificates of Registration and Professional Identification Card
All successful candidates in the CPA examination, prior to entering upon the practice of the and Cancellation of Special Permit:
profession, shall be required to take an oath of profession before: The BOA shall have the power, upon due notice and hearing, to:
a. Any member of the BOA; or a. Suspend or revoke the practitioner’s certificate of registration and professional identification card
b. Any government official authorized by the PRC; or b. Suspend him/her from the practice of his/her profession
c. Any person authorized by law to administer oaths c. Cancel his/her special permit
Issuance of Certificates of Registration and Professional Identification Card: Causes or Grounds for Suspension/Revocation/Cancellation:
• Certificate of Registration – a certificate under seal bearing a registration number, issued to an a. Convicted by a court of competent jurisdiction of a criminal offense involving moral turpitude or
individual, by the PRC, upon recommendation by the BOA, signifying that the individual has b. Guilty of immoral and dishonorable conduct or
complied with all the legal and procedural requirements for such issuance including, in appropriate c. Of unsound mind
cases, having successfully passed the CPA licensure examination d. Any unprofessional or unethical conduct
➢ A certificate of registration shall be issued to examinees who pass the CPA licensure examination e. Malpractice
subject to payment of fees prescribed by the PRC. f. Violation of any of the provisions of this Act and its IRR
➢ The Certificate of Registration shall bear the signature of the chairperson of the PRC and the g. Violation of the CPA‘s Code of Ethics and the technical and professional standards of practice for
chairman and members of the BOA, stamped with the official seal of the PRC and of the BOA, CPAs
indicating that the person named therein is entitled to the practice of the profession with all the
privileges appurtenant thereto. The said certificate shall remain in full force and effect until Reinstatement, Reissuance and Replacement of Revoked or Lost Certificates:
withdrawn, suspended or revoked. The BOA may, after the expiration of 2 years from the date of revocation of a certificate of
• Professional Identification Card – a card with validity of 3 years bearing the registration number, registration and upon application and for reasons deemed proper and sufficient, reinstate the
date of issuance with an expiry date, due for periodic renewal, duly signed by the Chairperson of validity of a revoked certificate of registration and in so doing, may, in its discretion, exempt the
the PRC issued by the PRC to a registered CPA upon payment of the annual registration fees for 3 applicant from taking another examination.
years
Ownership of Working Papers:
• Certificate of Registration – has no expiry; shall remain in full force until/unless withdrawn, All working papers, schedules and memoranda made by a CPA and his staff in the course of an
suspended or revoked examination, including those prepared and submitted by the client, incident to or in the course of
• Professional Identification Card – subject to expiry; renewable every 3 years an examination, by such CPA, except reports submitted by a CPA to a client shall be treated
confidential and privileged and remain the property of such CPA in the absence of a written voluntarily maintaining and improving the professional standards and ethics of the profession
agreement between the CPA and the client, to the contrary, unless such documents are required to
be produced through subpoena issued by any court, tribunal, or government regulatory or • All CPAs shall comply with the rules and regulations on CPE.
administrative body.
PRC CPE Council:
• Working papers – owned/property of the CPA/Practitioner • The PRC CPE Council was created to assist BOA in implementing the CPE program.
• Practitioner must observe the rule on confidentiality (subject to certain exceptions such as
production of documents through subpoena issued by any court, tribunal, or government 1. Composition of PRC CPE Council:
regulatory or administrative body). a. 1 Chairperson (the chairperson shall be chosen from among the members of BOA by the BOA
members themselves) and
b. 2 members
(1) First member – the president or, in his absence or incapacity, any officer chosen by the Board of
Accredited Professional Organization (APO) – PICPA: Directors of PICPA
All registered CPAs whose names appear in the roster of CPAs shall be united and integrated (2) Second member – the president, or in his absence or incapacity, any officer of the organization of
through their membership in a one and only registered and accredited national professional deans or department heads of schools, colleges or universities, offering the degree requiring
organization of registered and licensed CPAs, which shall be registered with the SEC as a nonprofit licensure examination (BSA); or shall be appointed by the PRC from 3 recommendees of the BOA
corporation and recognized by the BOA, subject to the approval by the PRC. concerned. Such recommendees shall be well-known academicians.
The members in the said integrated and accredited national professional organization shall 2. Term of office of CPE Council members:
receive benefits and privileges appurtenant thereto upon payment of required fees and dues. a. Chairperson – co-terminus with his/her incumbency in the PRC
Membership in the integrated organization shall not be a bar to membership in any other b. First member – co-terminus with his/her incumbency as officer of the PICPA
association of CPA. c. Second member – co-terminus with his/her incumbency as officer of the organization of deans or
department heads of colleges or universities offering BSA degree
Continuing Professional Education (CPE) Program:
• Rationale: Voluntary compliance with the CPE program is an effective and credible means of CPE Program:
ensuring competence, integrity and global competitiveness of professional in order to allow them • Program activities and sources of accreditation:
to continue the practice of their profession. a. Seminars
b. Conventions
• CPE Objective: c. Masteral degree and doctoral degree
a. To provide and ensure the continuous education of a registered professional with the latest trends d. Authorship
in the profession brought about by modernization and scientific and technological advancements; e. Self-directed learning package
b. To raise and maintain the professional's capability for delivering professional services; f. Post-graduate/in-house training
c. To attain and maintain the highest standards and quality in the practice of his profession; g. Resource speaker
d. To make the profession globally competitive; and h. Peer reviewer
e. To promote the general welfare of the public. i. CPE provider
j. CPE program, activities or sources
• Continuing Professional Education (CPE) – refers to the inculcation assimilation and acquisition of
knowledge, skills, proficiency and ethical and moral values, after the initial registration of a • CPE credit units:
professional that raise and enhance the professional's technical skills and competence ➢ 60 credit units for 3 years
➢ Minimum of 15 credit units shall be earned in each year.
• CPE program – consists of properly planned and structured activities, the implementation of which
requires the participation of a determinant group of professionals to meet the requirements of • Exemption from CPE requirement:
1. Permanent exemption: Upon reaching the age of 65 years old PRELIMINARY ENGA GEMENT ACTIVITIES
2. Temporary exemption: If the following conditions are met: (PRE-PLANNING ACTIVITIES)
a. During their stay abroad for at least 2 years immediately prior to the date of renewal; and
b. Working or practicing his/her profession or furthering his/her studies abroad
Purpose of Preliminary Engagement Activities:
Seal and Use of Seal: Preliminary engagement activities assist the auditor in identifying and evaluating events or
• All licensed CPAs shall obtain and use a seal of a design prescribed by the BOA bearing the circumstances that may adversely affect the auditor’s ability to plan and perform the audit
registrant’s name, registration number and title. engagement. Such activities help ensure that:
• The auditor’s reports shall be stamped with said seal, indicating therein his/her current a. There are no issues with client management’s integrity that may affect the willingness to continue
Professional Tax Receipt (PTR) number, date/place of payment when filed with government the engagement
authorities or when used professionally. b. The auditor maintains the necessary independence and ability to perform the engagement
c. There is no misunderstanding with the client as to the terms of the engagement
Foreign Reciprocity:
A person not a citizen of the Philippines may be allowed to practice accountancy in the Preliminary Engagement Activities:
Philippines:
• Where there is foreign reciprocity (in accordance with provisions of existing laws, international 1. Perform procedures regarding acceptance or continuance of the client relationship
treaty obligations including mutual recognition agreements entered into by the Philippine
government with other countries) Acceptance or selection procedures – in case of initial audit (prospective/new client)
• Upon presentation of proof that his country admits citizens of the Philippines to the practice of
accountancy without restriction a. Evaluate integrity of the client’s management
Evaluation of management integrity is necessary to avoid association with clients whose
management lacks integrity.
Coverage of Temporary or Special Permits: Most of litigations involving CPAs are due to lack of integrity of client’s management.
Special / temporary permit may be issued by the BOA subject to the approval of the PRC and Lack of management integrity usually results to high audit risk.
payment of the fees the latter has prescribed and charged thereof to the following Foreign CPAs: Factors to consider in evaluating client’s integrity:
a. A foreign CPA called for consultation or for a specific purpose which, in the judgment of the BOA, is Identity, attitude and business reputation of the client (such as its principal owners, key
essential for the development of the country: Provided, That his/her practice shall be limited only management or those charge with corporate governance, and related parties, if any)
for the particular work that he/she is being engaged: Provided, further, That there is no Filipino Nature of the client’s operations
CPA qualified for such consultation or specific purposes; Indications of an inappropriate limitation in the scope of work
b. A foreign CPA engaged as professor, lecturer or critic in fields essential to accountancy education in Involvement in money laundering or other criminal activities
the Philippines and his/her engagement is confined to teaching only; and The reasons for the proposed appointment of the CPA firm or auditor and non-reappointment
c. A foreign CPA who is an internationally recognized expert or with specialization in any branch of of the previous CPA firm or auditor
accountancy and his/her service is essential for the advancement of accountancy in the Philippines.
(1) Investigate/research the client’s background
Penal Provisions: Internet searches
Any person who shall violate any of the provisions of this Act or any of its IRR shall, upon Review the entity’s financial statements
conviction, be punished by: Consider engaging professionals/investigators to evaluate the principals associated with the
• Fine – not less than P 50,000.00, or prospective client
• Imprisonment – for a period not exceeding 2 years, or Obtain credit ratings and reports, if necessary
• Both
(2) Inquiring from other firm personnel or third parties (such as bankers, legal counsel/advisors, a. Independence – The CPA firm or auditor shall identify, evaluate and respond to any threat to
industry peers and others in the financial or business community who may have knowledge independence
regarding the client) The CPA firm or auditor must be independent of the client whose financial statements are
subject to audit.
(3) Communicate with prospective client’s predecessor auditor: Matters to be inquired of or Audit opinion is not credible or of little or no value if the auditor is not independent.
discussed with the predecessor (previous/former) auditor by the
incoming/successor auditor:
a) Facts/information that might bear on the integrity of the prospective client b. Professional competence – determine if the CPA firm or auditor has the necessary skills and
b) Predecessor auditor’s understanding as to the reasons for the change of auditors competence
c) Any disagreement between the predecessor auditor and the client regarding accounting principles Professional accountants should not portray themselves as having the required expertise
or auditing procedures or other similarly significant matters which they do not possess.
d) Communication to management, the audit committee, and those charged with governance The auditor should obtain preliminary understanding of prospective client’s business
regarding fraud, illegal acts by the client, and matters relating to internal control. and industry to determine whether the auditor has the required degree of competence.
If the auditor does not possess the industry expertise, he should obtain knowledge of matters
Under the Code of Ethics for CPAs, the successor auditor has the responsibility to initiate that relate to the nature of the entity’s business and industry.
communication with the predecessor auditor. However, the communication requires prior client’s
permission/consent (preferably in writing) to avoid violation of confidentiality principle. c. Ability to serve the client properly – the CPA firm or auditor must have capability, time and
resources to perform the audit
If the client is unwilling to agree to such communication (communication is not permitted by
the client or the client limits the responses of the predecessor auditor), the successor auditor Examples:
should: Availability of appropriately qualified staff when the work is required
Consider the implications of such refusal/limitation, and The firm is able to complete the engagement within the reporting deadline (proximity of the
Decide whether or not to accept the engagement. deadline)
Consider the need for expert’s assistance and any conflicts of interest
b. Other Considerations: Firm personnel have knowledge of relevant industries
The firm has sufficient personnel with the necessary capabilities and competence.
Auditability of client’s financial statements – determine whether the auditor will be able to
accumulate sufficient appropriate audit evidence to render an opinion on the financial statements
3. Establish an understanding of the terms of the engagement
by considering:
a. The adequacy of accounting records The CPA firm or auditor shall accept or continue an audit engagement only when:
b. Quality of internal control a. The preconditions for an audit are present:
(1) Management has used acceptable financial reporting framework (or suitable criteria or appropriate
High level of public scrutiny and media interest
basis for) in the preparation of the financial statements
The financial health of the client
Ability to pay audit fees Factors to consider in determining the acceptability of the financial reporting framework:
a. The nature of the entity (for example, whether it is a business enterprise, a public sector entity
Continuance or retention procedures – in case of recurring audit (or existing client) or a not-for-profit organization);
To ensure the audit firm’s continuing compliance with acceptance and continuance b. The purpose of the financial statements (for example, whether they are prepared to meet the
procedures, existing clients should be evaluated once a year or upon occurrence of the following: common financial information needs of a wide range of users or the financial information
needs of specific users);
Changes in management, directors or ownership
Nature of client’s business • Financial statements prepared in accordance with a financial reporting framework designed to
meet the common financial information needs of a wide range of users are referred to as
2. Evaluate compliance with ethical requirements, including independence general purpose financial
stateme nts. An estimate of the fee to be charged for the engagement
• Financial statements prepared in accordance with a financial reporting framework designed to
meet the financial information needs of specific users are referred to as special purpose Engagement letter – an agreement between the CPA firm or auditor and the client for the
financial statements. conduct of the audit. It is a letter from the auditor to the client management, and when signed by
c. The nature of the financial statements (for example, whether the financial statements are a the client it serves as a formal written contract between them.
complete set of financial statements or a single financial statement); and
d. Whether law or regulation prescribes the applicable financial reporting framework. Engagement letter documents and confirms the:
a. Auditor’s acceptance of the appointment
Examples of financial reporting frameworks: b. Client’s acceptance of the terms of the audit engagement
IFRSs c. Responsibilities of both the client management and the auditor
PFRSs d. Arrangements or agreed terms of the engagement (such as the objectives and scope of the
IPSASs – International Public Sector Accounting Standards audit, the form of any reports, etc.)
(2) Management agrees to the premise that it has acknowledged and understood its responsibilities Importance (primary reason) of an engagement letter: It clarifies the
If the preconditions for an audit are not present, the auditor shall not accept the proposed nature of the engagement and the responsibilities of management and those of the auditor.
audit engagement, unless acceptance is required by law or regulation. Preconditions for an This will help in avoiding or minimizing or resolving future misunderstandings disagreement
audit are within the control of the entity. between the auditor and the client with respect to the engagement.
b. There is a common understanding between the auditor and management (and, where appropriate, Engagement letter should be sent to the client preferably before the start of the engagement.
those charged with governance) of the terms of the audit engagement.
An engagement letter is normally addressed to whoever hired the CPA.
Agreement on audit engagement terms:
The auditor shall agree on the terms of the audit engagement with management or those Form and Contents of the Engagement Letter:
charged with governance, as appropriate. Such agreed terms shall be recorded in an audit The form and content of engagement letters may vary for each client. Engagement letters
engagement letter or other suitable form of written engagement. should be adapted according to individual requirements and circumstances of the engagement.
Generally, engagement letters should include reference to:
Preliminary conference: A preliminary conference with the client is scheduled after the CPA has 1. Principal Contents:
determined that: a. Objective and scope of the audit of the financial statements
The firm is independent b. Responsibilities of the auditor
The firm is competent to perform the audit c. Responsibilities of management
The firm can serve the client properly, and d. Identification of financial reporting framework for the preparation of the financial statements
The client’s reputation is one of integrity e. Reference to any form and content of any reports to be issued by the auditor and a
statement that there may be circumstances in which a report may differ from its expected
The terms of engagement are usually agreed with the client during a preliminary conference with form and content
the client, and formalized through a signed engagement letter. During the preliminary conference,
the auditor and client agree on the following issues: 2. In addition, and audit engagement letter may make reference to, for example:
The specific services to be rendered Elaboration of the scope of the audit, including reference to applicable legislation,
The cooperation and work expected to be performed by the client’s personnel regulations, PSAs, and ethical and other pronouncements of professional bodies to which the
Expected start and completion dates of the engagement auditor adheres.
The possibility that the completion date may be changed if unforeseen a udit problems arise if The form of any other communication of results of the audit engagement
unforeseen audit problems arise if adequate cooperation from client’s personnel is not received
The nature and limitations of the audit engagement
The fact that because of the inherent limitations of an audit, together with the inherent A recent change of senior management or those charged with governance
limitations of internal control, there is an unavoidable risk that some material misstatement A significant change in ownership
may not be detected, even though the audit was properly planned and performed in A significant change in nature or size of the client’s business
accordance with the PSAs A change in legal or regulatory requirements
Arrangements regarding the planning and performance of the audit, including the A change in the financial reporting framework adopted in the preparation the financial statements
composition of the audit team A change in other reporting requirements
Expectation that management will provide written representations b. Reminder to the client of the existing terms of the engagement
The agreement of management to make available to the auditor draft financial statements Any indication that the client misunderstands the objective and scope of the audit.
and any accompanying other information in time to allow the auditor to complete the audit
in accordance with the proposed timetable
The agreement of management to inform the auditor of facts that may affect the financial Audit procedures when the client requests for a change in engagement:
statements, of which management may become aware during the period from the date of the 1. Consider the appropriateness of reasons for the engagement
auditor’s report to the date the financial statements are issued. 2. If there is a reasonable justification for the change – stop the original engagement and agree on
Basis on which fees are computed and any billing arrangements the new terms of engagement. And then proceed with the new engagement
A request for management to acknowledge receipt of the engagement letter and to agree to To avoid confusing the users of the new report, do not mention the following in the new report:
the terms of the engagement outlined therein a. The original engagement
b. Any procedures that may have been performed in the original engagement (except where
3. Other arrangements, when relevant, such as: the engagement is changed to an engagement to undertake agreed- upon procedures and thus the
Involvement of other auditors and experts in some aspects of the audit reference to the procedures performed is a normal part of the report)
Involvement of internal auditors and other staff of the entity 3. If there is no reasonable justification – refuse the client’s request, and continue to perform the
Arrangements to be made with the predecessor auditor, if any, in the case of an initial audit original engagement and issue the original report
Any restriction of the auditor’s liability when such possibility exists If the auditor is not permitted to continue the original engagement, the auditor should withdraw
A reference to any further agreements between the auditor and the client from the engagement and consider reportorial responsibilities to the BOD or shareholders of the
Any obligations to provide audit working papers to other parties client.
Audits of Components: Whether or not to accept a change in engagement:

Factors to consider whether to send a separate engagement letter to the component when Change in the terms of the audit engagement: The auditor shall not agree where there is no
the auditor of the parent company is also the auditor of its component (subsidiary, branch or justification/basis for the change in the terms of the audit engagement.
division):
1. Who appoints the auditor of the component Reasonable basis includes:
2. Whether a separate auditor’s report is to be issued on the component a. A change in circumstances affecting the entity’s requirements
3. Legal requirements in relation to audit appointments For example, the client's bank required an audit before committing to a loan, but the client
4. The extent of any work performed by other auditors subsequently acquired alternative financing.
5. Degree of ownership by parent, and b. A misunderstanding as to the nature of the service originally requested
6. Degree of independence of the component’s management from the parent entity Not a reasonable basis:
Change that relates to information that is incorrect, incomplete or otherwise unsatisfactory. For
Audit Engagement in Recurring Audits: example, the entity asks for the audit engagement to be changed to a review engagement to
1. The auditor may decide not to send a new engagement letter or other written agreement each avoid a qualified opinion or disclaimer of opinion.
period.
2. The following factors may make it appropriate to send a new engagement letter: Change to a lower level assurance engagement: The auditor shall not agree where there is no
a. Revision of the terms of audit engagement because: justification/basis for the change to a lower level assurance engagement.
Any revised or special terms of the engagement 1. The auditor should agree if there is reasonable basis, such as:
a. A change in circumstances affecting the entity’s requirements or need for the service
For example, the client's bank required an audit before committing to a loan, but the client Nature of Planning:
subsequently acquired alternative financing. Planning is not a discrete phase of an audit, but rather a continual and iterative process that
b. A misunderstanding as to the nature of an audit or related service originally requested often begins shortly after (or in connection with) the completion of the previous audit and
c. A restriction on the scope of the engagement, whether imposed by management or caused by continues until the completion of the current audit engagement. In other words, planning is a
circumstances continuous function that last throughout the audit.
If there is a reasonable change, no reference of the same shall be included in the report.
Factors that affect the nature and extent of audit planning:
2. Not agree if there is no reasonable justification – if the change relates to incorrect, incomplete or The nature and extent of planning activities will vary according to the following factors:
otherwise unsatisfactory information. a. The size and complexity of the entity – big companies and companies with more complex
operations require more audit planning time
For example, in an audit engagement, the auditor is unable to obtain sufficient appropriate b. Changes in circumstances that occur during the audit engagement – for example, expansion of
audit evidence regarding receivables and the client asks for the engagement to be changed to a operation because of diversification
review engagement to avoid a qualified audit opinion or a disclaimer of opinion. c. The auditor’s previous experience with and understanding of the entity – more work is required
to obtain information regarding a new client than for an existing client
Withdraw from the engagement – if the auditor is unable to agree to the change and is not • Initial audit requires more audit time because the auditor has no previous knowledge or is
permitted/allowed to continue the original engagement because of his disagreement unfamiliar with the client’s business, industry and internal control which need to be carefully
AUDIT PLANNING studied.
• Recurring audit requires lesser audit time because of auditor’s previous knowledge of the entity
and its industry
Audit Planning: Whether the audit is initial or recurring, the purpose and objective of audit planning are the same.
Audit planning involves establishing the overall audit strategy for the engagement and It is the nature and extent of audit planning that varies. For example, in case of initial audit the
developing an audit plan, in order to reduce audit risk to an acceptably low level auditor may need to expand the planning activities because he does not ordinarily have the
previous experience with the entity that is considered when planning recurring audit engagements.
Objective of the auditor in planning the audit: So that the audit will be performed in an effective Additional considerations in initial audit engagements are necessary such as the need for the
manner auditor to review the predecessor’s working papers and to perform audit procedures regarding
Who are involved in planning the audit: Engagement partner and other key members of the opening balances.
engagement team (because of their experience and insight to enhance the effectiveness and d. The composition and size of the audit team
efficiency of the planning process)
Planning stage of audit – the time before fieldwork starts, when the auditor is gathering
Benefits/Importance of adequate audit planning: information about the client and its environment and designing overall audit strategy and audit
• Appropriate attention is devoted to important areas of the audit plan
• Potential problems are identified and resolved on a timely basis
• The audit is performed in an effective and efficient manner Effect of timing of appointment of auditor on audit planning:
• The audit engagement is properly organized, staffed and managed • The earlier the auditor is appointed, the more efficient the audit plan and performance can be.
• The audit is completed expeditiously Thus, early appointment of the auditor allows the auditor to plan a more efficient audit.
• Assists in the selection of engagement team members with appropriate levels of capabilities and • It is acceptable for an auditor to accept an audit engagement near or after year-end. However, the
competence to respond to anticipated risks auditor should consider whether late appointment will pose limitations on the audit that may lead
• Assists in the proper assignment of work or proper utilization of assistants to a qualified opinion or a disclaimer of opinion, and should discuss such concerns with the client.
• Facilitates the direction and supervision and the review of work
• Assists in coordination of work done by auditors of components and experts
• Proper utilization of experience gained from previous years’ engagements and other assignments PLANNING ACTIVITIES FOR THE AUDIT ENGAGEMENT:
a. Considering the work of an expert – An expert is a person or firm possessing special skill,
In order to reduce audit risk to an acceptably low level (Note 3), the auditor shall: knowledge and experience in a particular field or discipline other than accounting and auditing.
1. Establish an overall audit strategy that sets the scope, timing and direction for the audit, and that Examples of work of experts include:
guides the development of the more detailed audit plan (Note 1) ➢ Valuation of certain assets (such as precious stones, works of arts, real estate, plant and machinery)
2. Develop an audit plan that addresses the various matters identified in the overall audit strategy ➢ Valuation of financial instruments
Audit plan includes a description of: ➢ Actuarial valuation
a. The nature, timing and extent of planned risk assessment procedures (Note 2) ➢ Determination of quantities or physical condition of assets such as minerals stored in stockpiles,
b. The nature, timing and extent of planned further audit procedures (at the assertion level) – to be underground mineral and petroleum reserves, and the remaining useful life of plant and machinery
performed during testing stage ➢ Measurement of % of completion on contracts in progress
Further audit procedures include: ➢ Legal opinions concerning interpretations of statute and regulations and contracts such as legal
(1) Tests of controls – tests of the operating effectiveness of internal control documents or legal title to property
(2) Substantive tests/procedures – include tests of details and analytical procedures When determining the need for an expert, the auditor would consider:
c. Other planned audit procedures (that are required to be carried out to comply with PSAs) a. The materiality of the financial statement item being considered
b. The risk of misstatement
AUDIT PLANNING ALSO INVOLVES: c. The quality and quantity of other audit evidence available
b. Considering the work of other independent auditors – applicable when a component of the entity
1. Modifying (updating) the overall audit strategy and the audit plan as necessary during the course is to be audited by other independent auditor
of the audit • Discussing planned audit procedures with client management:
Revision is necessary because of: ➢ Discussion is allowed to facilitate the conduct and management of the audit engagement (for
• Unexpected events example, to coordinate some of the planned audit procedures with the work of the client’s
• Changes in conditions personnel)
• Audit evidence obtained from the results of audit procedures ➢ Discussion should not compromise the effectiveness of the audit (audit procedures should not be
too predictable)
The establishment of the overall audit strategy and the detailed audit plan are not necessarily • Audit engagement team discussions :
discrete and or sequential processes, but are closely inter-related since changes in one may result ➢ The members of the engagement team should discuss the susceptibility of the entity’s financial
in consequential changes to the other. statements to material misstatements.
➢ Communication between audit team members is necessary at all stages of the engagement to
2. Planning the nature, timing and extent of direction, supervision of the engagement team ensure all matters are appropriately considered.
members and the review of their work ➢ The objective of audit team discussions is to:
The nature, timing and extent of direction, supervision of audit engagement team members and  Share insights based on their knowledge of the entity;
review of their work depend on the following factors:  Exchange information about business risks;
a. Size and complexity of the entity – Audits of small entities requires lesser (or even no) direction,  Gain a better understanding of the potential for material misstatements (especially for the audit
supervision, and review of the work of assistants areas assigned to them);
b. Area of audit – Difficult aspects of audit demand increased direction, supervision, and a more  Consider the susceptibility of the entity’s financial statements to material misstatement due to
detailed review of work of assistants. fraud;
c. Risks of material misstatement – As the assessed risk of material misstatement increases, a given  Consider application of the applicable financial reporting framework to the entity’s facts and
area of the audit, the auditor ordinarily increases the extent and timeliness of direction, circumstances; and
supervision and review  Understand how the results of the audit procedures performed may affect other aspects of the
d. Capabilities and competence of personnel performing the audit work. audit including the decisions about the nature, timing, and extent of further audit procedures.
➢ Members of the engagement team have an ongoing responsibility to discuss:
3. Other planning considerations:  Their understanding of the entity to be audited;
• The auditor should consider the work of experts and other independent auditors  The business risks to which the entity is subject;
 Application of the applicable financial reporting framework; and
 The susceptibility of the financial statements to material misstatements, including fraud. Establishing the overall audit strategy involves:
4. Developing the audit program: a. Identifying the characteristics of the engagement that define its scope
The auditor should prepare an audit program. Examples:
• An audit program is a listing of audit procedures (tests of controls and/or substantive tests) that • Financial reporting framework (Ex. PFRS)
the auditor will perform to gather sufficient appropriate evidence. • Industry specific reporting requirements (Reports required by industry regulators)
• It sets out in detail the nature, timing and extent of planned audit procedures required to • Expected coverage of the audit (Ex. Locations and number of components of the entity to be
implement the overall audit plan. included in the audit)
• It is a set of instructions to assistants involved in the audit and as a means to control and record the • Nature of the control relationships between a parent and its components (this affects how the
proper execution of work group is to consolidated)
• It provides a proof that the audit was adequately planned • Extent to which components are audited by other auditors
• It is a basic tool used by the auditor to control the audit work and review the progress of the audit. • Nature of business segments to be audited (this may require the need for specialized knowledge)
• The form and content of audit program may vary for each particular engagement. • Reporting currency to be used (may involve foreign currency translation)
• The auditor may use standard audit programs or audit completion checklists but should • The need for a statutory audit of standalone financial statements in addition to an audit for
appropriately tailor to suit the circumstances on particular engagement. consolidation purposes
• An audit program at the beginning of the audit process is temporary because a complete audit • Availability of the work of internal auditors and the extent of the auditor’s reliance on such work
program for an engagement generally should be developed after evaluation of internal control. (Note 1.1)
Time budget – an estimate of time that will be spent in executing audit procedures listed in the • The entity’s use of service organizations
audit program that provides a basis for estimating audit fees and assists the auditor in assessing the • Expected use of audit evidence obtained in previous audits (in case of recurring audit), for example,
efficiency of the assistants audit evidence related to risk assessment procedures and tests of controls
• The effect of information technology (IT) on the audit procedures
5. The auditor should document the planning activities: • Coordination of audit work with reviews of interim financial information
Documentation of the following serves as a record/evidence of the proper planning and • Availability of client personnel and data
performance of the audit procedures: b. Ascertaining the reporting objectives of the engagement to plan the timing of the audit and the
a. The overall audit strategy – documentation or record of the key decisions nature of the communications required
b. The audit plan (including the audit program) – documentation of the planned nature, timing and Examples:
extent of audit procedures • Deadlines or timetable for interim and final reporting
c. Record of: • Organization of meeting with the management to discuss the nature, timing and extent of the audit
• Any significant changes made to the overall audit strategy and the audit plan during the audit work
• Resulting changes to the planned nature, timing and extent of audit procedures • Discussion with management regarding the expected type and timing of reports to be issued and
• Final overall audit strategy and audit plan other communications, both oral and written, including the auditor’s report, management letter
• Appropriate response to the significant changes occurring during the audit and communications to those charged with governance
• Discussion with management regarding the expected communication and status of audit work
The following shall also be documented: throughout the engagement
a. Discussion among the engagement team • Communication with auditors of components
b. Key elements of the understanding of the entity, its environment, including internal control • Expected nature and timing of communications among engagement tem members
c. The identified and assessed risks of material misstatements • Any other expected communications with third parties
d. The risks identified, and related controls about which the auditor has obtained an understanding
c. Considering the factors that are significant in directing the engagement team’s efforts
Note 1: Examples:
• Determining the appropriate materiality levels (Note 1.2) b. The amount of resources to allocate to specific audit areas
• Preliminary identification of areas where there may be higher risks of material misstatement (Note For example:
1.3) • Number of team members assigned to observe the inventory count at material locations
• The impact of assessed risk of material misstatement at the overall financial statement level on • Extent of review of other auditors’ work in the case of group audits
direction, supervision and review • Audit budget in hours to allocate to high risk areas
• The manner in which professional skepticism is emphasized to engagement team members c. When these resources are to be deployed
• Management commitment to a sound internal control • Is it at an interim audit stage or at key cut-off dates?
• Volume of transactions, which may determine whether it is more efficient for the auditor to rely on d. How such resources are managed, directed and supervised
internal control • When to hold team briefing and debriefing meetings
• Importance attached to internal control throughout the entity to the successful operation of the • How engagement partner and manager reviews are expected to take place (for example, on-site or
business off-site)
• Significant business developments affecting the entity (such as changes in information technology, • Whether to complete engagement quality control reviews
changes in key management, acquisitions, mergers and divestments)
• Significant industry developments (such as changes in industry regulations and new reporting Note 1.1 – Considering the work of internal auditing/ auditors
requirements) • The external auditor should consider the work of internal auditing in order to minimize audit costs.
• Significant changes in financial reporting framework (such as changes in accounting standards) • The auditor should obtain a sufficient understanding of the internal audit function because the
• Other significant relevant developments (such as changes in the legal environment affecting the work performed by internal auditors may be a factor in determining the nature, timing, and extent
entity) of external auditor’s procedures.
d. Considering the results of preliminary engagement activities and, where applicable, whether • Internal auditing can affect the scope of the external auditor’s audit of financial statements by
knowledge gained on other engagements performed by the engagement partner for the entity is decreasing the auditor’s need to perform detailed tests.
relevant, and • The tasks that could be delegated to the internal audit staff include preparation of schedules. The
Examples: auditor has sole responsibility for the audit opinion expressed, and that responsibility is not
• Results of previous audit regarding evaluation of internal control, identified weaknesses and action reduced by any use made of internal auditing.
taken to address them
• The discussion of matters that may affect the audit with firm personnel responsible for performing Considering the work of internal auditing involves two important phases:
other services to the entity 1. Making a preliminary assessment of internal auditing – important criteria in assessment of internal
auditor’s:
e. Ascertaining the nature, timing and extent of resources necessary to perform the engagement. a. Technical competence – personal qualifications and experience as internal auditors
Examples: b. Objectivity / organizational status – organizational level to which the internal auditor report the
• Selection of the engagement team results of his work
• Assignment of audit work to team members (experienced team members are assigned to areas c. Due professional care – proper planning, supervision and documentation of internal auditor’s work
where there may be higher risks of material misstatement d. Scope of function – nature and extent of internal auditing assignments performed
• Engagement budgeting (more audit time is set aside for areas where there may be higher risks of 2. Evaluating and testing the work of internal auditing
material misstatement)
Note 1.2 – Determining the appropriate materiality levels
Benefits of developing the overall audit strategy: The auditor shall determine materiality and performance materiality when planning the audit.
Establishing the overall audit strategy assists the auditor in determining the following:
a. The resources to deploy for specific audit areas Concept of materiality:
For example: • Materiality is the amount (threshold or cut-off point) at which judgment of informed decision
• Use of experienced team members for high risk areas makers based on the financial statement may be altered (changed or influenced).
• Involvement of experts on complex matters • An item or information is material if its omission or misstatement could influence the economic
decisions of users taken on the basis of the financial statements. • Also known as materiality threshold or planning materiality or overall materiality
• In determining appropriate level of materiality, the auditor uses professional judgment using his • Overall materiality is usually expressed as a % of a chosen benchmark (such as profit before tax,
perception of the needs of reasonable users of the financial statements. total revenues, gross profit, total expenses, total equity or net asset value).
• Profit from continuing operations is often used for profit-oriented entities except when the profit
Uses of materiality in planning the audit: from continuing operations is volatile.
a. To determine the nature, timing and extent of risk assessment procedures • Relevant financial data as source of benchmarks:
b. To identify and assess risk of material misstatement, and ➢ Prior periods’ financial statements
c. To determine the nature, timing and extent of further audit procedures ➢ Annualized interim financial statements
➢ Period-to-date financial statements
Considering materiality throughout the audit: ➢ Budgeted financial statements of the current year
1. Planning stage
a. To identify and assess risks of material misstatements b. Materiality at assertion level – materiality level for individual or particular class of transactions,
b. To determine the nature, timing and extent of further audit procedures account balance, or disclosure where appropriate; this is also known as tolerable misstatement
2. Testing stage (materiality levels set during audit planning are simply updated/revised if necessary) • Tolerable misstatement refers to allocated materiality to affected accounts (usually statement of
3. Completion stage financial position accounts because they are fewer)
c. To evaluate the effect of uncorrected misstatements, if any, on the financial statements and in • Account balance – an individual line item in the financial statements, such as cash and cash
forming the opinion in the auditor’s report equivalents, loans and receivable, etc.
• Class of transactions – type of transaction processed by the client’s accounting system, such as
Documentation on materiality: Documentation should include the amounts and the factors sales transactions and purchasing transactions
considered in their determination: • Allocation may be done judgmentally or using formal quantitative approaches.
a. Materiality level for the financial statements as a whole
• Materiality at this level are lesser than the overall materiality level but could reasonably be
b. Materiality level or levels for a particular classes of transactions, account balances or disclosures, if
expected to influence the economic decisions of financial statement users.
applicable
c. Performance materiality
c. Performance materiality – amount or amounts set by the auditor:
d. Any revision of materiality levels (a to c) as the audit progresses
• At less than materiality for the financial statements as a whole
• At less than materiality level or levels for particular classes of transactions, account balances or
Qualitative and quantitative considerations:
disclosures
Materiality should address qualitative and quantitative considerations. In some cases,
misstatements of relatively small amounts could have a material effect on the financial statements. Purpose of performance materiality: It provides margin to reduce the possibility of undetected
For example, an illegal payment of an otherwise immaterial amount or failure to comply with a misstatements because:
regulatory requirement may be material if there is a reasonable possibility of such payment or a. It reduces to an appropriately low level the probability that the aggregate of uncorrected and
failure leading to a material contingent liability, a material loss of assets, or a material loss of undetected misstatements in the financial statements exceeds the materiality level for the financial
revenue. statements as a whole
b. It reduces to an appropriately low level the probability that the aggregate of uncorrected and
Inverse relationship between materiality and audit procedures/evidence: undetected misstatements in the particular class of transactions, account balance or disclosure
exceeds the materiality level for that particular class of transactions, account balance or disclosure
• More evidence will be required for a low peso amount of materiality than for a high peso amount.
• The lower the tolerable misstatement, the more extensive the required audit procedures.
Note 1.3 – Preliminary identification of areas where there may be higher risks of material
misstatement
Materiality levels:
a. Risks of material misstatements may be greater for significant non-routine transactions which
a. Materiality at financial statement as a whole – it is the smallest aggregate level that could
involves:
misstate/distort any of the financial statements
• Greater management intervention to specify the accounting treatment
• Greater manual intervention for data collection and processing a. Relevant industry’s factors – the industry in which the entity operates may give rise to specific risks
• Complex calculations or accounting principles of material misstatements arising from the nature of the business or the degree of regulation
b. Risk of material misstatements may be greater for significant judgmental matters such as: Examples of industry factors:
• Accounting estimates • Industry conditions such as the competitive environment, supplier and customer relationships and
• Revenue recognition may be subject to differing interpretation technological developments
• Required judgment may be subjective or complex or require assumptions about the effects of Specific examples of industry factors:
future events (for example, judgment about fair value) • Market and competition (including demand, capacity, and price competition)
c. Significant risk of relating to risk of material misstatement due to fraud • Cyclical or seasonal activity
d. There are areas where special audit consideration may be necessary, for example: • Product technology relating to the entity’s products
• Existence of related parties and related party transactions • Energy supply and cost
Related party transaction – a transfer of resources, services or obligations between related parties, b. Regulatory factors – include the regulatory environment
regardless of whether a price is charged • Accounting principles and industry specific practices
• Regulatory framework for a regulated industry
The auditor shall inquire of management regarding: • Laws/legislations or regulations that significantly affect the entity’s operations, including direct
a. The identity of the entity’s related parties (relationships and transactions), including changes from supervisory activities
the prior period; • Taxation
b. The nature of the relationships between the entity and these related parties; and • Legal and political environment
c. Whether the entity entered into any transactions with these related parties during the period and, • Government policies currently affecting the conduct of the entity’s business
if so, the type and purpose of the transactions. • Environmental requirements affecting the industry and the entity
• Management’s use of going concern assumption (financial statements are prepared based on going c. Applicable financial reporting framework
concern assumption but there is a significant doubt as to the continued existence of the entity) – d. Other external factors affecting the entity – such as general economic conditions, interest rates
the auditor shall assess the appropriateness of management’s use of going concern assumption and availability of financing, and inflation or currency revaluation
2. Entity – internal factors:
Note 2: a. Nature of the entity: An understanding of the nature of an entity enables the auditor to
understand the classes of transactions, account balances, and disclosures to be expected in the
Risk assessment procedures – are audit procedures whose purposes include: financial statements. Factors to consider include:
a. To obtain understanding of the entity and its environment, including the entity’s internal control • Entity’s operations
(Note 2.1) • Ownership and governance structures
b. To identify risks of material misstatements, whether due to fraud or error, at the financial • Types of investments that the entity is making and plans to make
statement and assertion levels (Note 2.2) • Entity structure (locations, subsidiaries, etc.) – complex structures may give rise to risks of material
c. To assess risks of material misstatement (Note 2.3) misstatement
d. To provide a basis for the identification and assessment of risks of material misstatements • How the entity is financed
e. To provide a basis for designing and implementing responses to the assessed risks of material • How related party transactions are identified and accounted for
misstatement b. Entity’s selection and application of accounting policies – consider whether accounting policies
are:
Risk assessment procedures include (Note 2.4): • Appropriate for the entity’s business
1. Inquiry of management and other firm personnel • Consistent with the applicable financial reporting framework, and
2. Analytical procedures • Used in the relevant industry
3. Observation and inquiry
c. Entity’s objectives and strategies, and those related business risks that may result in risks of
material misstatement of the financial statements
Note 2.1 – Required understanding of the entity and its environment, including internal control: 1. Objectives – relate to entity’s mission, vision or values statement
1. Understanding of the environment – external factors:
2. Strategies – pertain to operational approaches by which management intends to achieve its • Cash is more susceptible to theft than an inventory of coal
objectives • Complex calculations are more likely to be misstated than simple calculations
3. Business risks – risks of inability to achieve the objectives • Estimation transactions, especially if they involve accounting estimates that are subject to
• The term “business risk” is broader than the risks of material misstatement in the financial significant measurement uncertainty
statements. Not all business risks give rise to risk of material misstatement. • High value inventory (could be easily stolen, thus, there would be an inherent risk relating to the
• An understanding of business risks increases the likelihood of identifying the risks of material existence assertion)
misstatement. However, the auditor does not have a responsibility to identify or assess all business
risks. 2. Control risk – the risk that a material misstatement, either individually or when aggregated with
d. Measurement and review of the entity’s financial performance other misstatements, that could occur will not be prevented or detected and corrected on a
Performance measures, whether external or internal, create pressures on the entity that may timely basis by the entity’s internal control
motivate management to take action to improve the business performance or to • Control risk is a function of the effectiveness of the entity’s internal control.
manipulate/misstate the financial statements. • Control risk is the type of risk that the management has the most control over in the short
e. Internal control – The auditor shall obtain an understanding of internal control relevant to the term.
audit. • Some control risk will always exist because of the inherent limitations of any internal control
Internal control is designed, implemented and maintained to address identified business risks system.
that threaten the achievement of any of the entity’s objectives that concern:
1. The reliability of the entity’s financial reporting; Risk of material misstatement (inherent risk and control risk) cannot be eliminated or
2. The effectiveness and efficiency of its operations; and controlled by the auditor because these are entity’s risks that exist independently of the audit
3. Its compliance with applicable laws and regulations. of financial statements.
An understanding of internal control assists the auditor in identifying types of potential
misstatements and factors that affect the risks of material misstatement, and in designing the Causes of misstatements of the financial statements:
nature, timing, and extent of further audit procedures. 1. Errors – refer to mistakes or unintentional misstatements or omissions of amounts or disclosures in
the financial statements. Examples:
Note 2.2 – Identify the risks of material misstatement: • Mistakes in gathering or processing data from which FS are prepared
• Identify risks of material misstatement (inherent risk and control risk) based on understanding the • Incorrect accounting estimate arising from oversight or misinterpretation of facts
entity and its environment, including the entity’s relevant internal control. The auditor shall • Mistake in applying accounting principles
provide reasonable assurance of detecting material misstatements, whether arising from errors or
fraud. 2. Fraud – intentional misstatements or omissions of amounts or disclosures in the financial
statements
Risk of material misstatement (RMM) – the risk that the financial statements contain a material The term “fraud” refers to an intentional act by one or more individuals among management,
misstatement. those charged with governance, employees or third parties, involving the use of deception to
obtain an unjust or illegal advantage.
Components of RMM:
The risks of material misstatement are a combination of inherent risk and control risk: The factor that distinguishes fraud from error is whether the underlying action is
1. Inherent risk – the susceptibility of an assertion to a misstatement that could be material, either intentional or unintentional.
individually or when aggregated with other misstatements, assuming there are no related
controls to mitigate such risks Two types of Fraud:
Inherent risk may also be described as follows: a. Fraudulent financial reporting (or management fraud) – intentional misstatements committed by
• The concept of inherent risk recognizes that the risk of misstatement is greater for some members of management or those charged with governance or oversight to render financial
assertions than for others. statements misleading to deceive users of the financial statements
• Inherent risk is the risk that financial statements are likely to be materially misstat ed.
Examples of inherent risk: The most serious types of fraud usually involve management. This results from the fact that
management is primarily responsible for the design and implementation of internal control in the Examples:
first place. • Management is under pressure to reduce earnings to minimize taxes
• Management is under pressure to inflate earnings to secure bank financing
Fraudulent financial reporting may be accomplished by: • Meeting analyst’s or bank’s expectations for profit
• Manipulation, falsification, or alteration of accounting records or related supporting documents • Inflating the purchase price of the business
• Misrepresentation in, or intentional omission from, the FS of events/transactions or other • Meeting the threshold for a performance bonus
significant information • Having significant personal debts or poor credit
• Intentional misapplication of accounting principles • Trying to cover financial losses
• Being greedy or involved in gambling, drugs, and/or affairs
Examples of techniques used by management are: • Being under undue peer or family pressure to succeed
• Recording fictitious journal entries • Living beyond one’s means
• Using inappropriate assumptions in accounting estimate
• Untimely recognition in the FS of events and transactions Other situations or characteristics, not necessarily financial in nature, include:
• Concealing, or not disclosing, facts that could affect the amounts recorded in the FS • Enjoying the challenge of beating the system
• Fearing personal loss of pride, position or status such as when a company is doing poorly
Manipulation of financial statements occurs when a higher or lower level of earnings is • Being dissatisfied with a job or wanting revenge against an employer
reported than that which actually occurred. It could also take the form of omissions (failure to • Being emotionally unstable
disclose certain matters) or false statements in the notes and/or other disclosures. The motive
may be to raise finances, reach a bonus threshold, inflate the value of the business or simply Some of these pressures can easily be identified (such as performance incentive plans).
minimize taxes. Others are more difficult to identify (such as family or peer pressure, living beyond one’s means or
having a gambling problem).
b. Misappropriation of assets (employee fraud or defalcation) – theft of assets and is often
perpetrated by non-management employees. Examples: 2. Opportunity (whether perceived or real) – Opportunity pertains to an individual’s perception that
• Misappropriating collections on accounts receivable he can commit fraud and that it will not be detected. Potential perpetrators who think they might
• Stealing inventory be detected and charged with a criminal offense would not likely to commit fraud. A poor
• Colluding with a competitor by disclosing technological data in return for payment corporate culture and a lack of adequate internal control procedures can often create the
• Payments to fictitious employees or vendors confidence that a fraud could go undetected.
• Using the entity’s assets as collateral for a personal loan Opportunity often emanates from:
• Poor corporate culture
The most popular ways to manipulate financial statements involves journal entries and • Where a person feels they can take advantage of the trust placed in him or her
accounting estimates because if manipulation is discovered management can easily deny • Knowledge of specific control weakness
involvement. A bias in estimates can be attributed to excessive conservatism or optimism. An
unsupported journal entry, if discovered, can be characterized as a simple mistake. This differs 3. Attitudes/rationalizations – fraud involves some rationalization to commit fraud or the belief that
from strategies such as falsified records that, if discovered by the auditor, would be quite difficult a crime has not been committed. For example:
for management to deny. • Some individuals possess an attitude or character to knowingly and intentionally commit a
dishonest act
Fraud Risk Factors: • Being dissatisfied with pay
Fraud risk factors – conditions that could heighten an auditor’s concern about risk of material • Feeling underappreciated (such as not getting an expected promotion)
misstatements because they provide clues or red flags to the existence of fraud
1. Incentives/pressures – reasons to commit fraud. A pressure is often generated by immediate Degree of assurance between detection of material fraud and material errors:
needs (such as having significant personal debts or meeting an analyst’s or bank’s expectations for 1. Fraud is harder to detect than errors: Reasons:
profit) that are difficult to share with others.
a. Fraud may involve sophisticated and carefully organized schemes designed to conceal it. transactions and large revenue transactions at period end.
b. Fraud may be accompanied by collusion. • Transactions that are recorded based on management’s intent, for example, debt refinancing,
assets to be sold and classification of marketable securities.
2. Management fraud vs. employee fraud – the risk of not detecting a material misstatement • Application of new accounting pronouncements.
resulting from management fraud is greater than for employee fraud • Accounting measurements that involve complex processes.
Reasons: • Events or transactions that involve significant measurement uncertainty, including accounting
• Management has the most opportunity to commit fraud, while employees need to exploit estimates.
weakness in internal control in order to commit fraud. • Pending litigation and contingent liabilities, for example, sales warranties, financial guarantees and
• Management has the ability to override or bypass an existing effective internal control. environmental remediation
• Management can influence the preparation and presentation of financial statements.
Considering compliance with laws and regulations:
Conditions and events that may indicate risks of material misstatement: • Non-compliance refers to acts of omission or commission by the entity being audited, either
The following are examples of conditions and events that may indicate the existence of risks of intentional or unintentional, which are contrary to the prevailing laws or regulations.
material misstatement. The examples provided cover a broad range of conditions and events; • The auditor should consider compliance with laws and regulations since noncompliance by the
however, not all conditions and events are relevant to every audit engagement and the list of entity with laws and regulations may materially affect the financial statements. However, an audit
examples is not necessarily complete. cannot be expected to detect noncompliance with all laws and regulations.
• Operations in regions that are economically unstable, for example, countries with significant • Noncompliance is sometimes described as violations of law or regulations or illegal acts.
currency devaluation or highly inflationary economies. • Common examples of non-compliance:
• Operations exposed to volatile markets, for example, futures trading. ➢ Violation of tax laws and environmental laws
• Operations that are subject to high degree of complex regulation. ➢ Occupational safety and health
• Going concern and liquidity issues including loss of significant customers. ➢ Inside trading of securities
• Constraints on the availability of capital and credit. • Result of non-compliance with laws and regulations:
• Changes in the industry in which the entity operates. ➢ Fines/penalties
• Changes in the supply chain. ➢ Damages
• Developing or offering new products or services, or moving into new lines of business. ➢ Threat of expropriation of assets
• Expanding into new locations. ➢ Enforced discontinuation of operations
• Changes in the entity such as large acquisitions or reorganizations or other unusual events. ➢ Litigation
• Entities or business segments likely to be sold. • Auditor’s responsibility in detecting non-compliance is limited to material direct-effect
• Existence of complex alliances and joint ventures. noncompliance or illegal act. (Reason: Generally, the further removed non-compliance is from the
• Use of off-balance-sheet finance, special-purpose entities, and other complex financing events and transactions that are ordinarily reflected in financial statements, the less likely the
arrangements. auditor is to become aware of or to recognize non-compliance.
• Significant transactions with related parties. • Responsibility for the compliance with laws and regulations rests with management. This
• Lack of personnel with appropriate accounting and financial reporting skills. responsibility includes prevention and detection (and correction) of noncompliance with laws and
• Changes in key personnel including departure of key executives. regulations.
• Weaknesses in internal control, especially those not addressed by management.
• Inconsistencies between the entity’s IT strategy and its business strategies. Indications that noncompliance may have occurred:
• Changes in the IT environment. • The entity is under investigation by government departments
• Installation of significant new IT systems related to financial reporting. • Payment of fines or penalties.
• Inquiries into the entity’s operations or financial results by regulatory or government bodies. • Payments for unspecified services or loans to consultants, related parties, employees or
government employees.
• Past misstatements, history of errors or a significant amount of adjustments at period end.
• Sales commissions or agent's fees that appear excessive in relation to those ordinarily paid by the
• Significant amount of non-routine or non-systematic transactions including intercompany
entity or in its industry or to the services actually received. • Analytical procedures – evaluations of financial information made by a study of plausible
• Purchasing at prices significantly above or below market price. relationships among both financial and nonfinancial data
• Unusual payments in cash, purchases in the form of cashiers' checks payable to bearer or transfers
to numbered bank accounts. • Purpose of preliminary analytical procedures:
• Unusual transactions with companies registered in tax havens. a. To identify areas that may represent specific risks such as the existence of unusual transactions or
• Payments for goods or services made other than to the country from which the goods or services events, and amounts, ratios, and trends that may assist the auditor in identifying risks of material
originated. misstatements that the auditor may need to investigate further
• Payments without proper exchange control documentation. b. To enhance the auditor’s understanding of the entity’s business and transactions to help plan the
• Existence of an accounting system with inadequate audit trail or sufficient evidence. nature, timing, and extent of substantive auditing procedures that will be used to gather audit
• Unauthorized transactions or improperly recorded transactions evidence
• Media comment • Analytical procedures performed during audit planning is known as preliminary analytical
procedures
Note 2.3 – Assess the identified risks of material misstatement: • Analytical procedures involve:
Factors to consider whether a risk is significant: a. Analysis of significant ratios and trends or the study of plausible relationships among both financial
• Whether the risk is a risk of fraud and non-financial data
• Whether the risk is related to recent significant economic accounting or other developments and, b. Investigation of fluctuations and relationships that are inconsistent with other relevant information
therefore, requires specific attention or deviate significantly from predicted amounts by:
• Complexity of transactions • Inquiries of management
• Whether the risk involves significant transactions with related parties • Corroboration of management responses, and
• The degree of subjectivity in the measurement of financial information related to the risk, • Applying other appropriate audit procedures
especially those involving uncertainty
• Whether the risk involves significant transactions that are outside the normal course of business Basic premise underlying the use of analytical procedures:
for the entity, or that otherwise appear to be unusual The basic premise underlying the use of analytical procedures is that plausible relationships
among data may reasonably expected to exist and continue (predictable) in the absence of known
Significant risk – an identified and assessed risk of material misstatement that, in the auditor’s conditions to the contrary. The relationship among data should be both:
judgment, requires special audit consideration a. Plausible – there is a clear cause and effect relationship among data
b. Predictable – reasonably expected to exist and continue in the absence of known conditions to the
Significant risks often relate to: contrary
a. Non-routine transactions – unusual (in size or nature) and infrequent transactions
b. Judgmental matters – such as those involving accounting estimates for which there is significant Generalizations in assessing the predictability of the accounts:
measurement uncertainty ➢ Income statements accounts are more predictable than balance sheet accounts.
➢ Accounts that are not subject to management discretion are generally predictable.
Note 2.4 – Risk assessment procedures include: ➢ Relationships in a stable environment are more predictable that those in a dynamic or unstable
environment.
1. Inquires of management and others within the entity that is likely to assist the auditor in
identifying risk of material misstatement due to fraud or error Main purpose of analytical procedures: To assess the overall reasonableness of account balances
For example, inquiries of management, audit committee, board of directors, internal auditors, and transactions
in-house legal counsel, and other client personnel
Specific purpose/focus/objective of analytical procedures in the three stages of audit:
2. Analytical procedures 1. In the planning stage – performed as risk assessment procedures (required/mandatory) to obtain
an understanding of the entity and its environment
Objective/purpose/focus during planning stage:
• To enhance the auditor’s understanding of the entity’s business and transactions to help plan the • Inherent risk – the susceptibility of an assertion to a misstatement that could be material, either
nature, timing, and extent of substantive auditing procedures that will be used to gather audit individually or when aggregated with other misstatements, assuming there are no related
evidence. controls to mitigate such risks
• To identify areas that may represent specific risks (such as unusual transactions and events or • Sources of assessment include knowledge of entity and its environment and preliminary
abnormal/significant fluctuations in amounts, ratios, or trends) that the auditor may need to analytical procedures.
investigate further
2. In testing stage – as substantive procedures when their application is, based on the auditors 3. Assess the level of Control Risk (such as low, medium, or high) – for example, low control risk if
judgment, more effective and efficient than test of details (not required) internal control is effective, or high control risk if internal control is not effective
Objective/purpose/focus during testing stage: • Control risk – the risk that a material misstatement, either individually or when aggregated with
• To obtain audit evidence to confirm individual account balances other misstatements, that could occur will not be prevented or detected and corrected on a
3. In the overall review or completion stage – As an overall review of the financial statements timely basis by the entity’s internal control
(required) • Sources of assessment include knowledge of internal control and observation and inspection
Objective/purpose/focus:
• To identify a previously unrecognized risk of material misstatement (unusual fluctuations that were Combined assessment:
not identified in the planning and testing phases of the audit) The auditor usually makes combined assessment of inherent and control risks. If the combined
• To confirm conclusions reached with respect to the fairness of the financial statements assessment of inherent risk and control risk is high, the auditor should:
• Place more emphasis on obtaining external evidence
3. Observation and inspection – these include: • Reduce reliance on internal evidence
• Observation of entity activities and operations • Design more effective substantive procedures
• Inspection of documents (such as business plans and strategies, records, and internal control
manuals) 4. Determine the acceptable level of detection risk: The acceptable level of detection risk
• Inspection of reports prepared by management (such as quarterly management reports) and those depends on the assessed level of inherent and control risk (inverse relationship)
charged with governance (such as minutes of board of directors’ meetings) • Detection risk – the risk that the auditor will not detect such a material misstatement that
• Visit or tour of entity’s premise/facilities exists/occurs in an assertion
Note 3 – Reducing audit risk to an acceptably low level • Detection risk is a function of the effectiveness of an auditing procedure and its application by
To reduce audit risk to acceptably low level the auditor shall: the auditor
a. Assess the risks of material misstatement (inherent and control risk); and • Detection risk is significantly affected by the nature, timing, and extent of the auditor’s substantive
b. Limit detection risk. This may be achieved by performing procedures that respond to the assessed procedures
risks of material misstatement at the financial statements, class of transactions, account balance • Detection risk is a complement of assurance provided by substantive tests (for example, a 10%
and assertion levels. detection risk means a 90% assurance of detecting material misstatement)
• Detection risk can be increased or decreased by the auditor by performing substantive tests
Steps in assessing Audit Risk: but can never be reduced to zero because of the inherent limitations in the procedures carried out,
1. Set the desired level of Audit Risk the human judgments required, and the nature of the evidence examined.
Audit risk – the risk that the auditor gives an inappropriate audit opinion when the financial • The auditor uses the Audit Risk Model:
statements are materially misstated; it is the risk that the auditor may unknowingly fail to modify Audit Risk = Inherent risk x Control risk x Detection risk
appropriately the opinion on financial statements that are materially misstated
Acceptable level of Audit risk
2. Assess the level of Inherent Risk (such as low, medium, or high) – for example, low level if Detection risk = Inherent risk x
likelihood of misstatement is low Control risk
5. Design audit substantive tests
• Auditor’s reaction to level of detection risk: b. Detection risk – can be directly controlled (increased or decreased) by the auditor because
a. Lower acceptable level of detection risk – higher assurance are to be provided by substantive detection risk relates to the auditor’s procedures and can be altered by adjusting the nature,
tests by changing any or combination of the following: timing, and extent of substantive procedures
✓ Nature – performing more effective substantive procedures
✓ Timing – performing substantive procedures at year-end rather than at interim dates The relationship between materiality and audit risk:
(decreases detection risk by reducing the risk for the period subsequent to the performance of • There is an inverse relationship between materiality and the level of audit risk – ↑ materiality
those tests) level, ↓ audit risk and vice versa.
✓ Extent – increasing the extent of substantive tests by using larger sample size • Materiality is directly related to the acceptable level of detection risk.
b. Higher acceptable level of detection risk – low assurance are to be provided by substantive • It would lead to most audit work if both audit risk and materiality levels are low.
tests by changing any or combination of the following:
✓ Nature – performing less effective substantive procedures CONSIDERATION OF INTERNAL CONTROL
✓ Timing – performing substantive procedures at interim dates
✓ Extent – decreasing the extent of substantive tests using smaller sample size BASIC CONCEPTS AND ELEMENTS OF INTERNAL CONTROL
In summary, the auditor performs audit procedures to assess the risks of material misstatement Internal control (IC) – the process designed, implemented and maintained by those charged with
and seeks to limit detection risk by performing further audit procedures based on that assessment. governance, management and other personnel to provide reasonable assurance about the
achievement of an entity’s objectives.
Summary of relationships among audit risk components: Essential concepts of internal control:
• The acceptable level of detection risk for a given level of audit risk bears an inverse relationship to
the risks of material misstatement at the assertion level. Therefore: a. Internal control is a process. Internal control is not an end in itself but a means of achieving the
↑ Risk of material misstatement (inherent risk and control risk), ↓ detection risk that can be entity's objectives.
accepted, and vice versa. b. Internal control is effected by those charged with governance, management and other personnel.
• Audit risk and detection risk move in the same direction: ↑ Audit risk, ↑ detection risk, and Internal control is accomplished by people at every level of organization.
vice versa Responsibilities:
• The relationship between the risks can also be expressed mathematically in the following formula: • Management: to design, implement and maintain internal control to assist in achieving the entity's
Audit Risk = RMM (Inherent Risk x Control Risk) x Detection Risk objectives
Inherent risk and control risk are independent variables while detection risk is a dependent • Those charged with governance: to ensure the integrity of accounting and financial reporting
variable. systems through oversight of management
• All the components of audit risk cannot be eliminated by the auditor due to the following • Staff personnel: to perform their respective functions in order to accomplish the objectives of the
reasons: entity
a. Inherent risk – some accounts are susceptible to a material misstatement or the risk of such
misstatement is greater for some accounts than for others c. Primary purpose/reason for establishing internal control is to provide reasonable assurance
b. Control risk – due to inherent limitations of internal control system about the achievement of an entity’s objectives.
c. Detection risk –
➢ Use of testing/sampling d. Internal control can be expected to provide reasonable assurance of achieving the entity's
➢ Use of auditor’s judgment objectives – this is due to inherent limitations of any system of internal control; although internal
➢ Even when the auditor conducts 100% examination because audit evidence is persuasive rather control is designed to prevent, detect and correct problems, an effective internal control can only
than conclusive in nature minimize but not eliminate material misstatements, whether due to fraud or error.
• The components of audit risk that can or cannot be controlled by the auditor:
a. Inherent risk and control risk – cannot be controlled because these are entity’s risk and exist Inherent limitations of internal control:
independently of the audit 1. Management overriding the internal control.
2. Circumvention of internal controls through the collusion among employees. • Preparing bank reconciliation
3. The cost-benefit relationship is a primary criterion in designing internal control, that is, the cost of a • Preparing monthly trial balance
control should not exceed its expected benefits. This is known as the concept of reasonable c. Corrective controls – to remedy problems discovered with detective controls
assurance. Example:
4. Most internal controls tend to be directed at routine transactions rather than non-routine • Maintaining backup copies of transactions and master files
transactions.
5. The potential for human error due to carelessness, distraction, mistakes of judgment and the Benefits of strong internal control:
misunderstanding of instructions. Human error may include errors in the design or use of • Reduced cost of an external audit
automated controls. • Availability of reliable data for decision-making purposes
6. The possibility that procedures may become inadequate due to changes in conditions, and • Protection of important documents and records
compliance with procedures may deteriorate. • Assurance of compliance with applicable laws and regulations
7. Segregation of duties may be difficult to achieve in a smaller entity.
Internal control objective relevant to the audit: not all entity’s objectives and internal control are
e. Internal control is designed to help achieve the entity's objectives. Internal control is geared relevant to the auditor’s risk assessment
towards the achievement of the entity's objectives.
1. Relevant to the auditor – financial reporting objective
Entity’s objectives: what an entity strives to achieve Reasons:
Categories of entity's objectives: • It is relevant to the financial statement assertions
1. Financial reporting objective – this objective relates to reliability of financial reporting • Pertain to the management of risk that may give rise to material misstatement to financial
2. Operational effectiveness objective – this objective is intended to enhance effectiveness and statements
efficiency of operations
3. Compliance objective – this objective relates to entity’s compliance with applicable laws and 2. May be relevant to the auditor – operational and compliance objectives are not usually relevant to
regulations the audit but may relevant to the auditor only if they relate to data the auditor evaluates to
determine the reliability of some financial statement assertions
Classification of internal control:
Examples of operational controls that are not normally be relevant to the audit production and
1. According to objectives: staff scheduling, quality control, and employee compliance with health and safety requirements.
a. Financial reporting controls – controls to achieve reliability of financial reporting objective However, these may be relevant to the auditor if:
b. Operational effectiveness controls – controls to achieve operational effectiveness objective
c. Compliance controls – controls to achieve compliance objective a. The information produced is used to develop an analytical procedure.
For example:
There is a direct relationship between the entity’s objectives and the internal control it implements • Controls pertaining to non-financial data that the auditor uses in analytical procedures, such as
to provide reasonable assurance about their achievement. Both the entity’s objectives and production statistics
controls relate to financial reporting, operations and compliance. • Controls pertaining to detecting non-compliance with laws and regulations that may have a direct
and material effect on the financial statements, such as controls over compliance with income tax
2. According to functions: laws and regulations used to determine the income tax provision
a. Preventive controls – to deter problems before they arise
Examples: b. The information is required for disclosure in the financial statements.
• Segregation of employee duties Example,
• Control physical access to assets, facilities and information • Controls to ensure the accuracy of such data to produce statistics that were used as a basis for an
b. Detective controls – to discover problems as they arise analytical procedure
Examples:
• Controls for detecting and reporting on non-compliance with certain laws and regulations that has the knowledge and skills necessary to accomplish tasks that define the individual’s job.
a direct and material effect on the financial statements 6. Personnel or Human resource policies and procedures – The entity must implement appropriate
policies for recruitment/hiring, orientation, training, evaluating, counseling, promoting,
Controls related to the safeguarding of assets often relate to both operations and financial compensating, and remedial actions because the competence of the entity's employees will bear
reporting and objectives. The auditor would generally consider only those controls related to directly on the effectiveness of the entity's internal control.
financial reporting, such as controls that limit access to the programs used to process cash 7. Organizational structure – The framework within which an entity’s activities for achieving its
disbursements. objectives are planned, executed, controlled and reviewed. Establishing a relevant organizational
structure includes considering key areas of authority and responsibility and appropriate lines of
Components of Internal Control: the interrelated components of internal control represent means reporting. The appropriateness of an entity’s organizational structure depends, in part, on its size
used by an entity to help it achieve its objectives (CRIME) and the nature of its activities.
Five interrelated and essential components or aspects of internal control: Component 2 – Risk Assessment: An entity’s risk assessment for financial reporting purposes is its
1. Control environment – the overall tone of the organization identification, analysis, and management of risks relevant to the preparation of financial
2. Risk assessment – management’s identification and assessment of risks statements that are fairly presented in conformity with generally accepted accounting principles.
3. Information, financial reporting and communication systems – a means of recording transactions (Note that this component concerns the assessment by management of risk facing the entity, not
and communicating responsibilities the auditor's assessment of control risk.)
4. Monitoring the controls – assessment of internal control performance over time
5. Existing control activities – control policies and procedures Matters the auditor should consider are how management:
a. Identifies business risks (inherent and residual risks) relevant to financial reporting;
Component 1 – Control Environment: b. Estimates the significance of the risks;
• It sets the tone of an organization, influencing the control consciousness of its people. c. Assesses the likelihood of their occurrence; and
• It includes the governance and management functions the attitudes, awareness, and actions of d. Decides upon actions to manage them.
those charged with governance and management concerning the entity’s internal control and its
importance in the entity. Component 3 – Information and Communication System: Information and communication
• It is a set of characteristics that defined good control working relationships in an entity. systems support the identification, capture, and exchange of information in a timely and useful
• It is the foundation for effective internal control for it provides an appropriate foundation for other manner.
components of internal control.
The auditor shall obtain an understanding of the information system, including the related
Elements of control environment: business processes, relevant to financial reporting, including the following areas:
1. Integrity and ethical values – The entity should establish ethical standards. Ethical standards
influence the effectiveness of the design, administration and monitoring of controls. a. The classes of transactions in the entity’s operations that are significant to the financial statements;
2. Participation by those charged with governance (BOD and audit committee). b. The procedures, within both information technology (IT) and manual systems, by which those
3. Management’s philosophy and operating style – Management’s approach to taking and managing transactions are initiated, recorded, processed, corrected as necessary, transferred to the general
business risks, attitudes and actions toward financial reporting, and attitudes toward information ledger and reported in the financial statements;
processing and accounting functions and personnel. c. The related accounting records, supporting information and specific accounts in the financial
4. Assignment of authority and responsibility – How authority and responsibility for operating statements that are used to initiate, record, process and report transactions; this includes the
activities are assigned and how reporting relationships and authorization hierarchies are correction of incorrect information and how information is transferred to the general ledger.
established. Appropriate methods of assigning responsibility must be implemented to avoid d. The records may be in either manual or electronic form;
incompatible functions and to minimize the possibility of errors because of too much work load e. How the information system captures events and conditions, other than transactions, that are
assigned to an employee. significant to the financial statements;
5. Commitment to competence – Management’s consideration of the competence levels for f. The financial reporting process used to prepare the entity’s financial statements, including
particular jobs and how those levels translate into requisite skills and knowledge. Competence is significant accounting estimates and disclosures; and
g. Controls surrounding journal entries, including non-standard journal entries used to record non- 4. Documentation – provides evidence of the underlying transactions and is a basis for establishing
recurring, unusual transactions or adjustments. responsibility for the execution and recording of transactions
The information system relevant to financial reporting objectives, which includes the 5. Performance reviews – includes review of the following:
accounting system, consists of the methods and records established to record, process, summarize, a. Reviews and analyses of actual performance versus budgets, forecasts, and prior period
and report entity transactions (as well as events and conditions) and to maintain accountability for performance
the related assets, liabilities, and equity. b. Relating different sets of data to one another, together with analyses of the relationships and
investigative and corrective actions (for example, the management of a sports team might use
Communication involves providing an understanding of individual roles and responsibilities attendance data to ascertain the reasonableness of ticket sales).
pertaining to internal control over financial reporting. Communication may take such forms as c. Comparing internal data with external sources of information, and
policy manuals and financial reporting manuals. Open communication channels help ensure that d. Review of functional or activity performance (for example, sales reports, receivable reports, etc.,
exceptions are reported and acted on. may be used to analyze performance and to identify errors).
Accounting system: means the series of tasks and records of an entity by which transactions are 6. Information processing controls – ensure that transactions are valid, properly authorized, and
processed as a means of maintaining financial records. The tasks identify, assemble, analyze, completely and accurately recorded
calculate, classify, record, summarize and report transactions and other events.
a. Application controls – controls which apply to the processing of individual applications
Component 4 – Control Activities: Control activities are the policies and procedures that help Examples of application controls:
ensure management’s directives are carried out and that necessary steps to address risks are • Checking the arithmetical accuracy of records
taken. Control activities address risks that if not mitigated would threaten the achievement of the • Maintaining and reviewing accounts and trial balance
entity’s objectives. • Automated controls such as edit checks of input data and numerical sequence checks
• Manual follow-up of exception reports
The auditor should obtain a sufficient understanding of control activities to assess the risks of • Controls surrounding receivables
material misstatement at the assertion level and to design further audit procedures responsive to • Controls surrounding payroll
assessed risks.
b. General controls – which are controls that relate to many applications and support the effective
Categories of Control activities: Categories of specific control activities that may be relevant to an functioning of application controls by helping to ensure the continued proper operation of
audit: information systems. General controls apply to information processing throughout the company.
Examples of general controls:
1. Prenumbering of documents – helps to assure that: • Program change controls
a. All transactions are recorded (completeness). • Controls that restrict access to programs or data
b. No transactions are recorded more than once (existence). • Controls over the implementation of new releases of packaged software applications
• Controls over system software that restrict access to or monitor the use of system utilities that
2. Authorization of transactions – authorization should occur before commitment of resources
could change financial data or records without leaving an audit trail
• Controls over data center/network
3. Independent checks to maintain asset accountability – independent checks involve the verification
of work previously performed by others
7. Physical controls – are physical controls for safeguarding assets involve security devices and limited
Examples include:
access to programs and to restricted areas, including computer facilities
a. Review of bank reconciliations
b. Comparison of subsidiary records to control accounts
a. Physical segregation and security of assets, including adequate safeguards such secured facilities
c. Comparison of physical counts of inventory to perpetual records
over access to assets and records.
Examples of physical controls:
• Protective or security devices Component 5 – Monitoring the Controls: Monitoring is a process that assesses the quality of
• Bonded or independent custodians internal control performance on an ongoing basis. Management’s monitoring of controls includes
• Physical and security of assets: considering whether they are operating as intended and that they are modified as appropriate for
➢ Cash – placed in cash boxes, vault or safe deposit boxes changes in conditions.
➢ Cash – deposited in a bank
➢ Inventory – placed in a warehouse Monitoring assesses the effectiveness of the internal control’s performance over time. The
➢ PPE items – tagged with non-movable labels objective is to ensure the controls are working properly and, if not, to take necessary corrective
b. Authorization for access to computer programs and data files (for example, requiring password actions. Management accomplishes monitoring of controls through ongoing activities, separate
prior to access) evaluations or a combination of the two.
c. Authorized access to assets and records (such as through the use of computer access codes,
prenumbered forms, and required signatures on documents for the removal or disposition of Management’s monitoring activities may also include using information from external parties
assets) such as complaints from customers or comments from regulatory bodies that may indicate
d. Required signatures on documents for the removal or disposition of assets problems, highlight areas in need of improvement, or require communications relating to internal
e. Periodic counting and comparison with amounts shown on control records control from external auditors.
Examples:
➢ Comparing the results of cash, security and inventory counts with accounting records Internal Control in Smaller Entities
➢ Reconciliations
f. The extent to which physical controls intended to prevent theft of assets are relevant to the In smaller entities, there are often few employees, which can limit the extent to which
reliability of financial statement preparation, and therefore the audit, depends on circumstances segregation of duties is practicable and the paper trail of documentation available. But internal
such as when assets are highly susceptible to misappropriation. control still exists. In such entities, the control environment (management’s commitment to ethical
values, competence, attitude toward control, and their day-to-day actions) will be very important
8. Segregation of duties – involves ensuring that individuals do not perform incompatible duties. to evaluate. This will involve assessing the behavior, attitudes, and actions of management.
Duties should be segregated such that the work of one individual provides a crosscheck on the
work of another individual. The presence of a highly involved owner-manager can be both an internal control strength and
an internal control weakness. The strength is that the person (assuming his or her competence) will
A proper segregation of duties (or incompatible functions) requires that one person should not be knowledgeable about all aspects of operations and that it is highly unlikely material errors will
be responsible for all phases of a transaction. It requires assigning different people the be missed. The weakness is that the person is also in a good position to override internal controls.
responsibilities of:
• Authorizing transactions Effect of Information Technology on Internal Control
• Recording transactions – recordkeeping
• Maintaining custody of assets involved in the transactions Effect on Internal Control
An entity's use of information technology may affect any of the five components of internal
This means that different employees authorize transactions in the asset, record the control:
transactions, and have custody of the asset. a. Management's failure to appropriately address IT risks may negatively impact the control
environment.
Segregation of duties is intended to reduce the opportunities to allow any person to be in a b. The use of IT may enhance an entity's risk assessment by providing more timely information.
position to both perpetrate and conceal errors or fraud in the normal course of the person’s duties. c. Many information and communication systems make extensive use of IT, and the way in which IT is
used often affects an entity's internal control.
Example of segregation of duties: d. Much of the information used in monitoring is provided by IT, and therefore, the accuracy of the IT
• The responsibilities of the treasury department include handling of cash and custody of securities system is crucial.
but do not include data processing. e. The use of IT may affect the way in which existing control activities are implemented. Also, the
effectiveness of user controls may depend upon the accuracy of information provided to the user
by IT systems. 2. Secondary: to provide a basis for constructive suggestions to management about improvements in
internal control structure
Manual vs. Automated Controls
a. Manual controls may be more appropriate than automated controls in situations where judgment • Steps in consideration of internal control:
and discretion is required, such as circumstances in which misstatements are difficult to define,
anticipate, or predict. 1. Obtain sufficient understanding of the internal control relevant to the audit – involves obtaining
b. Manual controls, however, may pose additional risks because they can be more easily ignored or understanding of the design and operation of internal control relevant to the audit
overridden, they are subject to human error, and they are less consistent than automated controls.
• The auditor should use the understanding of the five components of internal control sufficient to
Testing Automated Controls evaluate the design and determine if the control has been implemented.
a. In testing automated controls, the auditor needs to identify and test not just specific application • While the five components of internal control provide a useful framework for identifying and
controls but relevant general controls on which the application controls depend. (Application evaluating controls, the auditor should be more concerned with whether and how a specific control
controls and general controls are covered further below.) prevents, or detects and corrects, material misstatements, than with the classification of controls
b. In a manual system, manual controls such as approvals, reviews, and reconciliations are used. In an into categories.
automated system using information technology, both manual and automated controls may be • Internal control is relevant to the entire entity and each of the five components of internal control
used; however, even manual controls may be dependent to some extent on the effective may affect any of the three entity objectives, but not all of an entity's objectives and related
functioning of IT. controls are relevant to the audit. Generally, those controls that pertain to financial reporting
objective are most relevant to the audit; it is primarily those controls that the auditor must
IT Benefits consider and understand. The auditor need not assess all controls related to financial reporting,
IT is used by an entity to improve the efficiency and effectiveness of its internal control. The but rather applies professional judgment in determining which controls to assess.
auditor should consider the effect of such benefits as part of assessing internal control. Benefits
may include: a. Evaluate the design of relevant control – involves determining whether the control, individually or
a. The ability to process large volumes of transactions and data accurately and consistently. in combination with other controls, is capable of effectively preventing or detecting and correcting
b. Improved timeliness and availability of information. material misstatements
c. Facilitation of data analysis and performance monitoring.
d. Reduction in the risk that controls will be circumvented. Major emphasis in the design of effective control
e. Enhanced segregation of duties through effective implementation of security controls. a. Assets are properly protected
b. Duties are segregated
IT Risks c. Transactions are authorized
The use of IT may also create additional internal control risks. The auditor must evaluate the
entity's use of IT to determine whether and to what extent the following risks exist: b. Determine whether the control has been implemented – whether the control is placed in
a. Potential reliance on inaccurate systems. operation; a control has been implemented if the control exists and is being used by the entity
b. Unauthorized access to data, which may result in loss of data and/or data inaccuracies.
c. Unauthorized changes to data, systems, or programs. Procedures to obtain evidence about the design and implementation of controls:
d. Failure to make required changes or updates to systems or programs. • Inquiry of entity personnel (inquiry alone is not sufficient)
• Inspecting documents and records
CONSIDERING INTERNAL CONTROL • Observing of application of specific controls
• Performing a “walk-through” test – tracing a transaction through the accounting system, from
• Considering internal control – involves study and evaluation of internal control initial recording to presentation in the financial statements
• Reasons/purpose of the auditor’s study and evaluation of internal control:
1. Primary: to provide a basis for planning the audit to determine the nature, timing, and extent of The understanding of internal control is used by the auditor in:
audit procedures
• Identify types of potential misstatements that can occur
• Consider factors that affect the risks of material misstatements a. Inquiry
• Determine the nature, timing, and extent of audit procedures b. Observation
c. Inspection
2. Perform preliminary assessment of control risk – the assessment of control risk is based on d. Reperformance
understanding of internal control
a. Assess control risk at a high level: a. Results of tests of controls does not confirm effectiveness of controls – the auditor should revise
(1) If internal control is poor or not effective, or the preliminary risk assessment of control risk from less than high to high level; the auditor should
(2) If it is inefficient to rely on internal control (inefficient to perform tests of controls) also make the necessary revision on the overall audit strategy, audit plan and preliminary audit
program
Auditor’s response if control risk is assessed at a high/maximum level: b. Results of tests of controls confirm effectiveness of controls – the auditor may rely on entity’s
• Skip or do not perform tests of controls internal control and decrease substantive testing
• Rely primarily on substantive tests
Required Documentation:
b. Assess control risk at less than high level:
(1) If internal control is effective or reliable, and 1. Document the understanding of accounting and internal control systems
(2) If it is inefficient to obtain evidence to justify the assessment of control risk at less than high level
• Form of documentation may vary
Note: Even if the internal control is effective, the auditor should assess control risk at a high level if • One form or a combination of forms of documentation may be used at the same time
it is inefficient to obtain evidence to justify the assessment of control risk at less than high level. • Forms of documentation:
The PSA requires the auditor to document the basis which is the evidence to justify the assessment 1. Internal control questionnaire – consists of a list of questions on internal control be answered by
of control risk at less than high level. "Yes" or "No" response. A negative response is designed to draw attention to a possible weakness
in internal control. Written explanations are required for "No" answers.
Auditor’s response if control risk is assessed at less than high/maximum level: 2. Flowcharts – pictorial/symbolic diagram depicting the operation of a program/system or the
• Perform tests of controls – to confirm operating effectiveness of controls sequential flow of authority, processes, transactions and documents. The use of standard symbols
makes flowcharts easy to understand.
3. Perform tests of controls – tests of controls are performed when the auditor plans to rely on a. Systems flowcharts – used to evaluate internal control because it shows the origin of each
internal control; the auditor will only test those controls that he plans to rely upon (controls that document in the system, its subsequent processing, and its final disposition
are likely to prevent or detect and correct material misstatement relevant to the financial b. IT flowcharts – used in evaluating the internal control in an automated/computerized accounting
statements) environment. The auditor can use these flowcharts to evaluate both the flow of the program and
the internal controls related to the IT function in general.
Tests of controls – 3. Internal control checklists – a detailed listing of ideal control measures (the auditor tickmarks the
• Tests performed to test the operating effectiveness (as to design and operation) of internal controls adopted by the client)
controls that are likely to detect or prevent material misstatements in support of a reduced 4. Narrative memoranda – a written version of a flowchart. It is a description of the auditor's
assessed level of control risk. Thus, tests of controls are performed to substantiate the reduced understanding of the system of internal control. Note that flowcharts are more appropriate for
assessed level of control risk documenting complex control structures, while written narratives are more appropriate for less
• Tests performed confirm that the controls tested are working effectively complex structures.
• Unlike substantive tests of details, tests of controls are not required audit procedure. 5. Decision trees or tables –
• The greater the reliance the auditor plans to place on internal control, the more extensive the tests a. Decision trees – are graphic illustrations that depict the logic of an operation or process. They
of those controls that need to be performed. generally employ questions with "Yes" or "No" answers, which direct the user to the next relevant
• Tests of controls generally consist of one (or combination of the following evidence gathering questions.
techniques: b. Decision tables – are graphic illustrations that depict the logical relationships of a system in table
form. Both approaches document the auditor's understanding of a process.
• Inadequate policies and procedures in place for:
2. Document the assessed level of control risk ➢ Appropriately assessing and applying accounting principles
• If the control risk is assessed at a high level, the auditor should document his conclusion that ➢ Determining accounting estimates and assessing their reasonableness
control risk is at a high level. ➢ Preparing the financial statements and the disclosures required, and
• If the control risk is assessed at less than high level, the auditor should document: ➢ Safeguarding assets
a. His conclusion that control risk is at less than high level, and • Significant internal control activities or application controls not operating as designed, not applied
b. The basis for that assessment – results of tests of controls confirming the assessment of control risk consistently by appropriate individuals, or not monitored by appropriate individuals.
at below high/maximum level • Significant deficiencies previously communicated to management or those charged with
governance that remain uncorrected after some reasonable period of time.
Communicating with those charged with governance and management:
The auditor should communicate audit matters of governance interest arising from the audit of ASSERTIONS, AUDIT PROCEDURES AND AUDIT EVIDENCE
financial statements with those charged with governance of an entity.
ASSERTIONS AND AUDIT OBJECTIVES
Governance refers to the role of persons entrusted with the supervision, control and direction
of an entity. Those charged with governance ordinarily are accountable for ensuring that the entity Nature of Assertions:
achieves its objectives, financial reporting, and reporting to interested parties. Financial statements are not statements of facts. They are a collection of claims and
assertions, made implicitly or explicitly by the entity’s management, about the recognition,
Reportable conditions are significant deficiencies/weaknesses in the design or operation of measurement, presentation, and disclosure of information in the financial statements.
the internal control which have come to the auditor’s attention that should be reported to the
appropriate level of management such as the highest official of the company or those charged with Assertions (or management assertions) are representations by management, explicit or
governance (usually to the entity’s audit committee of the board of directors) in writing, in a formal otherwise, that are embodied in the financial statements. These assertions relate to the fairness of
management letter (the by-product of the audit engagement) at the earliest opportunity so that presentation of the financial statements, thus, they are directly related to applicable financial
appropriate corrective actions may be taken as soon as possible. reporting framework.
Examples of assertions:
A deficiency may be of such magnitude as to be considered a material weakness in internal • All the assets exist. (Existence)
control. A material internal control weakness is a condition in which material errors or fraud
• All sales transactions have been recorded. (Completeness)
would ordinarily not be detected within a timely period by employees in the normal course of
• Inventories are properly valued. (Valuation)
performing their assigned functions.
• All amounts are properly presented and disclosed in the financial statements. (Accuracy)
No expression of opinion on entity’s internal control:
Levels of Assertions:
1. Financial statement level – entity’s management representation that the financial statements as a
Consideration of internal control in financial statement audit is not sufficient to express an
whole are presented fairly, in all material respects, in accordance with the applicable financial
opinion on an entity’s controls because only those controls on which an auditor intends to rely
reporting framework
are reviewed, tested, and evaluated. Moreover, the auditor is not required to identify or search
• For example, management asserts the financial statements are free from material misstatements.
for internal control weaknesses.
2. Account balance or class of transactions level – entity’s management representation that the
underlying account balances and class of transactions, including related disclosures, are free of
Internal control weaknesses: Examples of significant weaknesses in internal control include:
material misstatements
• Weak control environment (such as ineffective oversight, poor attitude toward internal control, or
• For example, when considering the sales balance, management is asserting that sales revenue is
instances found of management override or fraud)
complete (completeness assertion), the transactions occurred (occurrence assertion), and
• Weaknesses in IT general controls.
transactions have been appropriately recorded in the accounting records (accuracy assertion).
• Significant business risks that have not been addressed by policies, procedures or internal controls.
Examples include:
Categories of Assertions used by the Auditor: • Does the asset exist? (Existence)
1. Assertions about classes of transactions and events for the period under audit • Are all sales transactions recorded? (Completeness)
a. Occurrence – recorded transactions and events have occurred and pertain to the entity • Is inventory properly valued? (Valuation)
b. Completeness – all transactions and events that should have been recorded have been recorded • Did the transaction occur? (Occurrence)
c. Accuracy – amounts and other data relating to recorded transactions and events have been • Are amounts properly presented and disclosed in the financial statements? (Accuracy)
recorded appropriately b. Assess the risks of material misstatement – The auditor should identify what controls have been
d. Cutoff (proper period) – transactions and events have been recorded in the correct accounting implemented to address the relevant assertions.
period Examples:
e. Classification – transactions have been recorded in the proper accounts • How does management ensure transactions are recorded? (Completeness)
2. Assertions about account balances at the period end • How does management ensure that significant estimates are based on reasonable assumptions and
a. Existence – assets, liabilities, and equity interests exist properly recorded in the financial statements? (Accuracy)
b. Rights and obligations – the entity holds or controls the rights to assets, and liabilities are the c. Design audit procedures that are responsive to the assessed risks
obligations of the entity Examples:
c. Completeness – all assets, liabilities and equity interests that should have been recorded have been • If the risk is high that receivables are being overstated, the audit procedures should be designed to
recorded specifically address the valuation assertion.
d. Valuation and allocation – assets, liabilities, and equity interests are included in the FS at • When the auditor designs tests of controls, emphasis should be placed on testing controls over the
appropriate amounts and any resulting valuation or allocation adjustments are appropriately relevant assertions rather than just significant controls.
recorded
• An audit procedure may provide evidence supporting more than one assertion. For example, when
3. Assertions about presentation and disclosure
an auditor obtains confirmation of inventories held at outside locations, evidence is obtained not
a. Occurrence and rights and obligations – disclosed events, transactions, and other matters have
just about completeness, but also about the existence of inventory.
occurred and pertain to the entity
• More than one procedure may be required to fully support an assertion. For example, in order to
b. Completeness – all disclosures that should have been included in the financial statements have
be reasonably certain that inventory quantities include all inventories on hand at year-end, the
been included
auditor should also inspect receiving transactions near year-end for recording in the proper period.
c. Classification and understandability – financial information is appropriately presented and
described, and disclosures are clearly expressed
Audit Objectives:
d. Accuracy and valuation – financial and other information are disclosed fairly and at appropriate
The auditor develops audit objectives that relate to management assertions about the financial
amounts
statement components. To achieve audit objectives, the auditor shall design audit procedures and
The existence and completeness objectives emphasize opposite audit concerns. Existence deals
gather sufficient appropriate audit evidence whether the assertions are in accordance with the
with overstatements and completeness deals with understatements (such as due to unrecorded
applicable financial reporting framework.
transactions).
Audit objectives are used to verify management assertions. Thus, there should be proper matching
of auditor’s objectives with management assertions.
Auditor’s Use of Relevant Assertions:
The auditor uses relevant assertions in developing audit objectives that will be the basis for
Types of Audit Objectives:
designing audit procedures. Relevant assertions are assertions that have a meaningful bearing on
1. Whether general or specific:
whether an account is fairly stated. For example:
a. General audit objectives – are broad objectives of auditing an account balance or class of
• Existence assertion, not valuation, is typically relevant to the audit of cash account.
transactions
• The valuation assertion would be relevant to assessing the inventory balance than assessing sales
• Examples of general audit objectives include existence, completeness, valuation, classification, cut-
balance.
off, accuracy, presentation and disclosure, validity, ownership, and overall reasonableness
b. Specific audit objectives – audit objectives stated in terms tailored to the specific audit
The auditor should use relevant assertions to:
engagement
a. Consider the types of potential misstatements that may occur
• The general audit objectives remain the same for every audit engagement, but the evidence varies, their combination.
depending on the circumstances. The general audit objectives are applicable to every account b. Timing of an audit procedure – refers to when to perform the audit procedure, or the period or
balance on the financial statements. date to which the audit evidence applies
• After the general objectives are understood, specific objectives for each account balance on the Audit procedures are normally performed:
financial statements can be developed. There should be one specific audit objective for each a. Early in the accounting period being examined
relevant general objective. b. Throughout the accounting period being examined, but with emphasis of the transactions near the
2. Whether substantive or compliance end
a. Substantive audit objectives – objectives that relate to the determination of the validity of c. Within one to three months after the close of the accounting period
assertions on account balances or class of transactions or disclosures found in the financial Audit procedures performed before period end are known as interim work.
statements The nature and timing of the audit procedures to be used may be affected by the fact that some of
b. Compliance audit objectives – objectives that relate to the degree of entity’s compliance with the accounting data and other information may be available only in electronic form or only at
relevant controls certain points or periods in time.
c. Extent of an audit procedure – refers to the quantity to be performed or the extent of testing or
AUDIT PROCEDURES the number of items to be examined (for example, a sample size, or the number of observations of
a control activity)
Based on audit objectives, the auditor should plan and perform audit procedures. Audit
procedures are the means for obtaining sufficient appropriate audit evidence to satisfy financial Audit Procedures for Obtaining Audit Evidence:
statement assertions and to support audit opinion on the fairness of the financial statements. They
are the detailed instructions for the collection of a particular type of evidence that is to be obtained 1. Risk assessment procedures – procedures to obtain an understanding of the entity and its
during the audit. Since audit procedures are performed to verify management assertions, they environment, including its internal control, in order to identify and assess the risks of material
would differ depending on the particular assertion or account audited. misstatement (RMM)
Risk assessment procedures include:
Primary Purpose of Audit Procedures: a. Inquiry of management and other personnel
Audit procedures are performed to gather necessary (not all) corroborative evidence to b. Analytical procedures (as a planning tool)
achieve audit objectives in order to result to sufficient appropriate audit evidence on the fairness of c. Observation and inspection
the presentation of the entity’s financial statements. Risk assessment procedures alone do not provide audit evidence sufficient to support an audit
opinion. Risk assessment procedures must be supplemented by tests of controls, when necessary,
Audit procedures distinguished from audit standards and audit techniques: and substantive procedures.
• Audit standards – measure of the quality of the audit performance; they are set by the AASC, thus,
they remain the same from one audit engagement to another 2. Further audit procedures – The auditor shall design and perform audit procedures whose nature,
• Audit procedures – performed to meet the audit standards; determined by the auditor, thus, they timing, and extent are based on and are responsive to the assessed RMM at the assertion level.
vary from audit to audit; although they vary from audit to audit, the auditor should perform • Further audit procedures are actually audit procedures classified according to purpose
relevant essential audit procedures provided by the audit standards (PSAs) • In designing the further audit procedures to be performed, the auditor shall:
• Audit techniques – methods used by the auditor or the details of the audit procedures; they also (1) Consider the assessed RMM
vary from audit to audit (2) Obtain more persuasive audit evidence the higher the auditor’s assessment of risk by:
a. Increasing the quantity of evidence; or
Nature, Timing and Extent of Audit Procedures: b. Obtain evidence that is more relevant or reliable (such a obtaining third party evidence or by
a. Nature of an audit procedure – refers to: obtaining corroborating evidence from a number of independent sources)
(1) Its purpose (i.e., test of controls or substantive procedure) and
(2) Its type (i.e., inspection, observation, inquiry, confirmation, recalculation, reperformance, or Auditor’s responses to assessed risks of material misstatements (RMM) include both:
analytical procedures) a. Overall responses – The auditor shall design and implement overall responses to address the RMM
When RMM is assessed at high level it affects the types of audit procedures to be performed and at the financial statement level.
Overall responses may include: Other best descriptions: Substantive procedures may also be described as audit procedures that
• Emphasizing to the audit team the need to maintain professional skepticism are designed to:
• Assigning more experienced staff or those with special skills or using experts • Detect material peso/monetary errors or fraud
• Providing more supervision • Substantiate the validity of management's assertions regarding the financial statements. Thus,
• Incorporating additional elements of unpredictability in the selection of further audit procedures to substantive procedures are sometimes called validation procedures because they provide evidence
be performed about the existence of misstatement.
• Making general changes to the nature, timing, or extent of audit procedures (such as performing • Gather evidence in respect to all material classes of transactions, account balances, and
substantive procedures at the period end instead of at an interim date) disclosures.
Overall responses affect auditor’s general approach: • Be performed in response to the assessment of the risks of material misstatement at the assertion
• Substantive approach – an approach whose emphasis is on substantive procedures level, which includes the results of tests of controls, if any. In other words, substantive procedures
• Combined approach – an approach that uses both tests of controls and substantive procedures are performed in response to the planned level of detection risk.
b. Further audit procedures
Substantive procedures are mandatory:
Further audit procedures include: Irrespective of the assessed risks of material misstatement, substantive procedures are
(1) Tests of controls (compliance tests) – audit procedures designed to evaluate the operating required for all relevant assertions related to each material class of transactions, account balance,
effectiveness of relevant controls in preventing, or detecting and correcting material and disclosure. This requirement reflects the fact that:
misstatements at the assertion level a. The auditor’s assessment of risk is judgmental and so may not identify all risks of material
• In designing and performing tests of controls, the auditor shall obtain more persuasive audit misstatement; and
evidence the higher/greater reliance the auditor places on the effectiveness of a control. b. There are inherent limitation to internal control
• Test of controls, although not intended to detect material misstatements, may provide evidence Substantive testing cannot be eliminated. However, it may be reduced by auditor’s reliance on
that a misstatement is likely to occur. entity’s effective internal control.
When to perform tests of controls: Nature, timing and extent of substantive tests:
a. When the auditor intends to rely on the operating effectiveness of relevant controls in determining When internal control is not reliable, the auditor will have to perform extensive substantive
the nature, timing and extent of substantive procedures; or tests. Thus, the result of test of controls is a major factor in determining the nature, timing and
• Tests of controls are performed only on those controls that the auditor has determined are suitably extent of substantive tests.
designed to prevent, or detect and correct, a material misstatement in an assertion. 1. Nature: relates the quality of audit evidence (performing more effective or less effective audit
b. When substantive procedures alone cannot provide sufficient appropriate evidence at the procedures)
assertion level 2. Timing: also relates to the quality of evidence (performing the audit procedures at year-end or at
• For example, an entity conducts its business using IT and no documentation of transactions is interim date)
produced or maintained, other than through the IT system. 3. Extent: relates to the quantity of audit evidence (using larger sample size or smaller sample size)
Dual purpose test: Reliance on substantive tests:

The reliance placed on substantive tests in relation to the reliance placed on internal control
• The auditor may design a test of controls to be performed concurrently with a test of details on the
has an inverse relationship.
same transaction. Although the purpose of a test of controls is different from the purpose of a test
of details, both may be accomplished concurrently by performing test of controls and test of details
on the same transaction, also known as a dual-purpose test. Types of substantive procedures:
Whether or not to use substantive analytical procedures or to perform tests of details of
transactions and balances, the auditor usually consider the relative effectiveness and efficiency of
(2) Substantive procedures – audit procedures designed to detect material misstatements at the
the tests.
assertion level
1. Tests of details – examining or obtaining audit evidence on the actual details of account balance,
class of transactions, and disclosure
• The objective of tests of details is to substantiate or identify misstatements in the recorded
amounts. Applicability of substantive analytical procedures:
Directional testing – refers to the direction of an audit test • Generally more applicable to large volume of transactions that tend to be predictable over time
a. Tracing – if the auditor starts from original source documents and traces forward to the accounting • Not required substantive procedures during testing phase (but are required during audit planning
records, this tests the assertion of completeness. This helps the auditor identify understatement and final or overall review stages)
errors. • When appropriate, they are used on accounts that are predictable and plausible.
b. Vouching – If the auditor starts from the accounting records and vouches backwards to the original
source documents, this tests the assertion of existence or occurrence. This helps the auditor Limitations of analytical procedures: Since analytical procedures are based on expected plausible
identify overstatement errors. relationships among data, differences do not necessarily indicate errors or fraud, but simply
indicate the need for further investigation. Changes in an account, changes in accounting principle,
a) Test of details of transactions – testing of transactions which give rise to the ending balance of a and inherent differences between industry norms and the client all contribute to fluctuations in
given account; these involve examining authorization, recording and posting of transactions (such expected amounts.
as examining receipts or disbursements of Cash account)
• Applicability of test of details of transactions: It is used when the account being substantiated has
relatively few or smaller volume of transactions of relatively material amounts occurring during the
year (for example, PPE, intangibles, bonds payable and stockholders’ equity accounts)
• Test of transactions are often performed several months prior to the balance sheet date. Audit Procedures According to Types:
• Tests of details of transactions primarily involve tracing and vouching. The following procedures, individually or in combinations, may be used as risk assessment
procedures, test of controls, or substantive procedures, depending on the context in which they
b) Tests of details of balances – direct testing of accounts ending balance are applied by the auditor:
• Tests of details of balances focus on obtaining evidence directly about an account balance. 1. Inspection – consists of examining records or documents (whether internal or external, in paper
• More types of evidence are obtained using tests of details of balances than by using any other type form, or other media), or a physical examination of an asset
of test. • For example, an inspection of records or documents for evidence of authorization is a test of
• Test details of balances is usually the most costly to perform. controls.
• Applicability of test of details of balances: 2. Observation – consists of viewing/looking at a process or procedure being performed by others.
➢ For accounts whose balances are affected by large volume transactions of relatively immaterial Examples:
amounts (such as cash, accounts receivable and inventories). • Observation of the counting of inventories by the entity’s personnel
➢ If an account has a high turnover rate with many transactions occurring during the year, the auditor • Observation of the performance of control activities that leave no audit trail
generally will concentrate more on the ending balance total. 3. External confirmation – represents audit evidence obtained by the auditor as a direct written
➢ It is used when the auditor is satisfied that internal control is strong. response to the auditor from a third party (the confirming party) in paper form, or by electronic or
other medium
2. Substantive analytical procedures – these are analytical procedures performed during testing • Confirmation is a specific type of inquiry that involves the process of obtaining a representation of
phase to substantiate predictable relationships among both financial and non-financial data information or of an existing condition about account balances and transactions or events directly
• Analytical procedures are evaluations of financial information made by a study of plausible from independent third parties.
relationships among both financial and nonfinancial data. Analytical procedures generally involve • Confirmations are controlled by the auditor because the auditor:
comparisons of recorded amounts to independent expectations developed by the auditor. a. Selects the parties to be contacted
• The application of planned analytical procedures is based on the expectation that relationships b. Prepares and mails the confirmation requests, and
among data exist and continue in the absence of known conditions to the contrary. c. Receives the confirmation replies directly from the third parties
• Analytical procedures will result to circumstantial evidence rather than conclusive evidence. • External confirmations frequently are relevant when addressing assertions associated with certain
• Results of substantive analytical procedures would entail additional tests to be performed. account balance and their elements. However, they are not restricted to account balances only.
• Analytical procedures are the audit tests that are usually the least costly to perform. Examples of external confirmation:
• Confirmation of accounts receivable balances:
a. Positive confirmation – customers should reply whether or not they agree with their respective 4. Compare – technique used after count of assets; also used to compare current period balances
balances; it is considered more effective than negative confirmation with those of prior periods
b. Negative confirmation – customers should reply if there are discrepancies 5. Inquire – asking questions, whether oral or written, directed to the client or to third parties
• Bank confirmation of account balances (including amount of loan outstanding) 6. Trace – to determine whether transactions supported by source documents are properly recorded
• Suppliers’ confirmation of accounts payable and posted
• Confirmation from lenders 7. Vouch – examine and authenticate of underlying evidential papers
• Inventory confirmation when inventory is under custody and control of a third party 8. Verify – to prove the accuracy of extensions, footings, postings, ownership and existence
• Confirmation from lawyers or financiers who have custody over client’s property title deeds 9. Reconcile – to bring into agreement information obtained from two groups of related, but
• Confirmations of the terms of agreements or transactions an entity has with third parties independent, figures
• Confirmation about the absence of certain conditions, for example, the absence of a “side Reconciliation involves comparing financial amounts from two independent sources for agreement,
agreement” that may influence revenue recognition such as:
d. Recalculation (computation) – consists of checking the mathematical accuracy (manually or • Reconciling the cash balance per the books with the balance per bank
electronically) of documents or records • Reconciling the physical inventory count with the perpetual inventory records
Examples: • Reconciling lead schedules to general ledger amounts
• Auditor’s recalculation of depreciation, interest expense or earnings per share 10. Analysis of accounts – to detail the composition of an account or to detail the individual debits and
e. Reperformance – involves the auditor’s independent execution of procedures or controls that were credits in the account in a chronological sequence
originally performed (by the client’s staff) as part of the entity’s internal control 11. Review – perform to obtain evidence of authoritative documentation to support certain
f. Analytical procedures – consist of evaluations of financial information made by a study of plausible transactions
relationships among both financial and non-financial data 12. Extend – to prove the accuracy of multiplications (on invoices, payroll records, etc.)
Analytical procedures also encompass the investigation of identified fluctuations and relationships 13. Foot – to prove the accuracy of vertical or horizontal additions
that are inconsistent with other relevant information or deviate significantly from predicted 14. Scan – looking for evidence of unusual amounts/items, which, if found, would be further
amounts. investigated
g. Inquiry – consists of seeking information of knowledgeable persons, both financial and non- • Scanning may also be considered an analytical procedure, as the auditor uses professional
financial, within the entity or outside the entity. judgment to search for large, significant, or unusual items in the accounting records.
• Inquiry is used extensively throughout the audit in addition to other audit procedures.
• Inquiries may be formal written inquiries or informal oral inquiries. AUDIT PROGRAM
• Evaluating responses to inquiries is an integral part of the inquiry process. An audit program is a detailed listing of the nature, timing and extent of planned audit
• Evidence obtained from inquiry can be gathered with every type of audit test. procedures (tests of controls and/or substantive tests) that the auditor will perform to gather
In respect of some matters, the auditor may consider it necessary to obtain written representation sufficient appropriate evidenced. It is a set of instructions to assistants involved in the audit and as
from management and, where appropriate, those charged with governance to confirm responses a means to control and record the proper execution of work.
to oral inquiries.
AUDIT EVIDENCE
Audit Techniques:
The auditor applies audit techniques (methods) to gather corroborative evidence and uses his The auditor shall design and perform audit procedures that are appropriate in the
professional judgment to determine which audit techniques would best result to the audit evidence circumstances for the purpose of obtaining reasonable assurance or sufficient appropriate audit
he needs. evidence to reduce audit risk at acceptably low level thereby enable the auditor to draw reasonable
conclusions on which to base the auditor’s opinion.
Examples of audit techniques: Most of the auditor's work in forming the auditor's opinion consists of obtaining and
1. Confirm – to obtain information directly from an independent third party evaluating audit evidence. The auditor shall conclude whether sufficient appropriate audit
2. Inspect – to obtain evidence through physical examination evidence has been obtained based on his professional judgment.
3. Count – physical examination of assets (such as cash count or petty cash count)
Audit Evidence, Defined:
• Audit evidence refers to all the information used by the auditor in arriving at the conclusions on 2. Mathematical recomputations – auditor’s recomputation of the accuracy of client’s computations
which the audit opinion is based. Thus, audit evidence supports the opinion and the auditor's such as depreciation, amortization, doubtful accounts, etc.
report. 3. Documentation – examination of the supporting documents of recorded transactions and balances
• Sometimes called as evidential matter, it is the main output/product of performing audit appearing in the financial statements
procedures. 4. Representation by third parties (or confirmation) – a document originating from independent
outside party and sent directly to the auditor
Audit Evidence Relationship with Assertions: Audit evidence comprises both: 5. Representation by client personnel – statements from client personnel in response to queries
a. Information that supports and corroborates management's assertions, and posed by the auditor
b. Information that contradicts such assertions. 6. Results of analytical procedures
7. Internal control – existence of effective internal control may be regarded as a strong evidence of
Nature of Audit Evidence: the validity of the accounts and amounts found in the financial statements
Audit evidence includes both information contained in the accounting records underlying the 8. Subsequent events – they provide additional evidence regarding conditions that already existing on
financial statements and other information: the balance sheet that and affect accounting estimates
1. Accounting records (Underlying data) – accounting records/data prepared by the client’s Sources of audit evidence:
personnel and from which financial statements are prepared • Audit evidence is cumulative in nature and is primarily obtained from audit procedures performed
a. Records of initial accounting entries during the course of the audit. However, it may also include information obtained from other
b. Supporting records, such as checks and records of electronic fund transfers, invoices and contracts sources such as:
c. General and subsidiary ledgers ➢ Previous audits (where the auditor performs audit procedures to establish its continuing relevance)
d. Journal entries and other adjustments to the financial statements that are not reflected in formal ➢ Firm's quality control procedures for client acceptance and continuance
journal entries • Audit evidence may come from:
e. Records such as worksheets and spreadsheets supporting cost allocations, computations, a. Internal sources (inside the entity) – generated internally, such as evidence existing within the
reconciliation and disclosures accounting records, minutes of meetings, or a management representation
b. External or independent sources (outside the entity) – for example, confirmations from third
2. Corroborating evidence – corroborating information that are used by the auditor to verify the parties analysts’ reports, and comparable data about competitors (benchmarking data)
fairness of the accounting records c. Direct knowledge of the auditor
a. Documents (such as checks, bank statements, contracts and minutes of meetings) • Audit evidence may also come from:
b. Information/evidence from other sources such as: a. Information obtained from testing the accounting records (accounting records are an important
• Previous audits source of audit evidence) – for example, through analysis and review, reperforming procedures
• Quality control procedures for client acceptance and continuance followed in the financial reporting process, and reconciling related types and application s of the
• Confirmations from third parties same information
• Industry analysts’ reports b. Non-financial original records
• Comparable data about competitors (benchmarking) • Audit evidence may include information prepared using the work of a management’s expert.
• Client written representation • In some cases the absence of information (for example, management's refusal to provide a
c. Information obtained by he auditor from audit procedures such as inquiry, observation, inspection requested representation) is used by the auditor, and therefore, also constitutes audit evidence.
and computation
d. Other information developed by, or available to, the auditor that permits the auditor to reach Information to Be Used as Audit Evidence
conclusions through valid reasoning • When designing and performing audit procedures, the auditor shall consider the relevance and
reliability of the information to be used as audit evidence.
Types of Audit Evidence: • When information to be used as audit evidence has been prepared using the work of a
1. Physical evidence – obtained by physical examination of assets (such as count of stock certificates management's expert, the auditor shall, to the extent necessary, having regard to the significance
in support of stock investment account or observation of client’s processes or procedures) of that expert's work for the auditor's purposes:
a. Evaluate the competence, capabilities and objectivity of that expert; ➢ Obtaining audit evidence relating to the physical existence of inventory is not relevant in obtaining
b. Obtain an understanding of the work of that expert; and audit evidence relating to the valuation of inventory.
c. Evaluate the appropriateness of that expert's work as audit evidence for the relevant assertion. ➢ Accounts receivable confirmations are relevant to the existence of receivables, but not to their
• When using information produced by the entity, the auditor shall evaluate whether the valuation (i.e., a customer can confirm that a receivable exists, but this does not necessarily imply
information is sufficiently reliable for the auditor's purposes, including as necessary in the that the customer has the intent or the ability to pay).
circumstances: • The relevance of information to be used as audit evidence may be affected by the direction of
a. Obtaining audit evidence about the accuracy and completeness of the information; and testing.
b. Evaluating whether the information is sufficiently precise and detailed for the auditor's purposes. • A given set of audit procedures may provide audit evidence that is relevant to certain assertions,
but not to others.
Sufficient Appropriate Audit Evidence: • Obtaining audit evidence regarding a particular assertion, for example, the existence of inventory,
The auditor shall design and perform audit procedures that are appropriate in the is not a substitute for obtaining audit evidence regarding another assertion.
circumstances for the purpose of obtaining sufficient appropriate audit evidence. • Audit evidence from different sources or of a different nature may often be relevant to the same
assertion.
1. Sufficiency – the measure of the quantity or amount of audit evidence that the auditor shall
accumulate b. Reliability – objectivity of evidence
• Sufficiency is determined based on the auditor’s professional judgment. Reliability of evidence is influenced by:
• Audit evidence is sufficient if there is enough of it to afford a reasonable basis for an audit opinion • Its source (external or internal)
on the financial statements. • Its nature (visual, documentary, or oral)
Factors affecting sufficiency of audit evidence: • The circumstances under which it is obtained
Auditor’s judgment as to the quantity of audit evidence is influenced by: • Where relevant, the controls over its preparation and maintenance
a. Auditor’s assessment of the risks of misstatement – the higher the assessed risks, the more audit
evidence is likely to be required Generalizations about the reliability of audit evidence:
• For example, as risk of material misstatement increases in Accounts Receivable, audit evidence 1. The reliability of audit evidence is increased when it is obtained from knowledgeable independent
required also increases. sources outside the entity.
b. Quality or competence of audit evidence – the higher the quality, the less may be required. • Examples of information from sources independent of the entity may include confirmations from
Obtaining more audit evidence, however, may not compensate for its poor quality. third parties, analysts' reports, and comparable data about competitors (benchmarking data).
c. Materiality of item being examined – more material amounts, more evidence to support its validity 2. The reliability of audit evidence that is generated internally is increased when the related controls,
d. Experience gained during previous audit may indicate the amount of evidence taken before and including controls over its preparation and maintenance, imposed by the entity are effective.
whether such evidence was enough (Effective internal control provides more reliable audit evidence than ineffective internal control.)
e. Type of information available 3. Audit evidence obtained directly by the auditor is more reliable than evidence obtained indirectly
Merely obtaining more audit evidence may not compensate for audit evidence of lower quality. or by inference.
The auditor should exercise professional judgment and professional skepticism in evaluating the • For example, observation of the application of a control is more reliable than inquiry about the
sufficiency and appropriateness of audit evidence to support the audit opinion. application of a control).
4. Audit evidence in documentary form (whether paper, electronic, or other medium) is more reliable
The sufficiency and appropriateness of audit evidence are interrelated. than evidence obtained orally.
• For example, a contemporaneously written record of a meeting is more reliable than a subsequent
2. Appropriateness – measures the quality of audit evidence, that is, its relevance and its reliability in oral representation of the matters discussed.
providing support for the conclusions on which the auditor's opinion is based 5. Evidence provided by original documents is more reliable than evidence provided by photocopies
a. Relevance – deals with the logical connection with, or bearing upon, the purpose of audit or facsimiles.
procedures and the assertion under consideration
• Audit evidence is considered relevant if it pertains to the assertions being evaluated or to the The above generalizations should be considered in determining which evidence is persuasive or
specific audit objective being tested. For example: least persuasive.
Information produced by a management expert as audit evidence:
Generalizations about reliability are subject to important exceptions, for example, even when the A management expert is an individual or organization possessing expertise in a field other
information to be used as audit evidence is obtained from sources external to the entity, than accounting or auditing, whose work in that field is used by the entity to assist the entity in
circumstances may exist that could affect its reliability (such as if the source is not knowledgeable preparing the financial statements.
or a management’s expert may lack objectivity).
When information to be used as audit evidence has been prepared using the work of a
More assurance is ordinarily obtained from consistent audit evidence obtained from different management’s expert, the auditor shall, to the extent necessary, having regard to the significance
sources or of a different nature than from items of audit evidence considered individually. of that expert’s work for the auditor’s purposes:
1. Evaluate the competence, capabilities and objectivity of that expert
Hierarchy of reliability of evidence: (from most reliable to least reliable) a. Competence – relates to the nature and level of expertise of the management’s expert
1. Direct evidence or personal observation and knowledge (such as physical observation) b. Capability – relates to the ability of the management’s expert to exercise that competence in the
2. Externally generated evidence sent directly to the auditor (such as confirmations from banks and circumstances
customers and bank statements and cut-off bank statements received from banks) c. Objectivity – relates to the possible effects that bias, conflict of interest or the influence of others
3. Externally generated evidence kept by the client (such as vendor’s invoices, bank statements may have on the professional or business judgment of the management expert
received from the client) Sources of information regarding competence, capabilities and objectivity of a management’s
4. Internally generated evidence circulated externally (such as sales invoices from sale to customers expert:
and paid checks and cost allocations) • Personal experience with previous work of that expert
5. Internally generated evidence not circulated externally (such as purchase requisitions, customer’s • Discussions with that expert
order and cost allocations) • Discussions with others who are familiar with that expert’s work
6. Oral evidence • Knowledge of that expert’s qualifications, membership of a professional body or industry
association, license to practice, or other forms of external recognition
Persuasive Evidence: • Published papers or books written by that expert
Audit evidence is persuasive if it is sufficient both in quantity and quality to support audit • An auditor’s expert, if any, who assists the auditor regarding the information produced by the
opinion. Thus, sufficiency and appropriateness of audit evidence are the determinants of management expert
persuasiveness of audit evidence. The auditor may need to rely on audit evidence that is
persuasive rather than conclusive. However, to obtain reasonable assurance, the auditor must not 2. Obtain an understanding of the work or field of expertise of that management’s expert
be satisfied with audit evidence that is less than persuasive. Aspects of the management’s expert’s filed relevant to the auditor’s understanding may
include:
Cost-benefit considerations: • Whether that expert’s field has areas of specialty within it that are relevant to the audit.
The auditor should consider the relationship between the cost of obtaining audit evidence and • Whether any professional or other standards, and regulatory or legal requirements apply.
the usefulness of the information obtained. • What assumptions and methods are used by the management’s expert, and whether they are
generally accepted within that expert’s filed and appropriate for financial reporting purposes.
The valid bases for omitting an audit test/procedure for which there is no alternative are:
• The nature of internal and external data or information the auditor’s expert uses
a. Relative risk (or inherent risk) involved
b. Relationship between the cost of obtaining audit evidence and the usefulness of the information
3. Evaluate the appropriateness of that expert’s work as audit evidence for relevant assertion
obtained
The auditor shall consider:
c. Degree of reliance on the relevant internal controls (or Assessment of control risk at a low level)
a. The relevance and reasonableness of that expert’s findings or conclusions, their consistency with
other audit evidence, and whether they have been appropriately reflected in the financial
Difficulty and expense involved in testing a particular item is not a valid basis for an auditor of statements;
deciding to omit an audit procedure. b. If the expert’s work involves use of significant assumptions and methods, the relevance and
reasonableness of those assumptions and methods; and
c. If that expert’s work involves significant use of source data the relevance, completeness, and
accuracy of that source data • Population – the entire set of data from which a sample is selected and about which the auditor
wishes to draw conclusions. For example, all of the items in an account balance or a class of
Evaluating the Sufficiency and Appropriateness of Audit Evidence: transactions constitute a population. A population may be divided into strata, or sub-populations,
Based on the audit procedures performed and the audit evidence obtained, the auditor shall with each stratum being examined separately. The term population is used to include the term
evaluate before the conclusion of the audit whether the assessments of the RMM at the assertion stratum.
level remain appropriate. • Confidence levels – the mathematical complements of sampling risks
• Sampling unit – the individual items constituting a population, for example checks listed on deposit
Factors affecting sufficient appropriate audit evidence: slips, credit entries on bank statements, sales invoices or debtors’ balances, or a monetary unit
The auditor’s judgment as to what constitutes sufficient appropriate audit evidence is • Stratification – the process of dividing a population into subpopulations, each of which is a group
influenced by such factors as the following: of sampling units which have similar characteristics (often monetary value)
• Significance of the potential misstatement in the assertion and the likelihood of its having a • Tolerable error –
material effect on the financial statements. a. Tolerable error amount – in substantive procedures, it is the maximum total error in a population
• Effectiveness of management’s responses and controls to address the risks. that the auditor is willing to accept
• Experience gained during previous audits with respect to similar potential misstatements. b. Tolerable deviation rate – in tests of control, it is the maximum rate of deviation from the
• Results of audit procedures performed, including whether such audit procedures identified specific prescribed control procedure the auditor is willing to accept without changing control risk
instances of fraud or error. assessment or planned reliance on internal control.
• Source and reliability of the available information. • Expected error –
• Persuasiveness of audit evidence. a. Expected error amount – in substantive tests, it is the auditor's best estimate of the amount of
• Understanding of the entity and its environment, including internal control. error the auditor expects to find in the population
b. Expected deviation rate – in tests of control, it is the auditor's best estimate of the rate of
AUDIT SAMPLING deviation from a prescribed control procedure in the population
Definition of terms:
Whether audit sampling is a required: Audit sampling is not required part of any audit procedure
• Sampling – testing of less than 100% of the items within a population to form a conclusion about because when designing audit procedures, the auditor should determine appropriate means of
the population selecting items for testing as follows:
• Audit sampling – applying audit procedures to less than 100% of the items within an account
balance or class of transactions, such that all sampling units have a chance of selection, to form a a. Selecting all items (100% examination)
conclusion about the balance or class
• Error – either control deviations, when performing tests of control, or misstatements, when b. Selecting specific items from a population judgmentally based on such factors as knowledge of the
performing substantive procedures. client’s business, preliminary assessments of inherent and control risks, and the characteristics of
• Total error – either the rate of deviation (in case of tests of control) or total misstatement (in case the population being tested (subject to non-sampling risk)
of substantive procedures)
• Anomalous error – means an error that arises from an isolated event that has not recurred other Specific items selected:
than on specifically identifiable occasions and is therefore not representative of errors in the • High value or key items that exhibit some other characteristic (for example, items that are
population suspicious, unusual, particularly risk-prone or that have a history of error)
• Sampling risk – the possibility that the auditor’s conclusion, based on a sample may be different • All items over a certain amount. The auditor may decide to examine items whose values exceed a
from the conclusion reached if the entire population were subjected to the same audit procedure. certain amount so as to verify a large proportion of the total amount of an account balance or class
• Non-sampling risk – arises from factors that cause the auditor to reach an erroneous conclusion for of transactions.
any reason not related to the size of the sample. For example, most audit evidence is persuasive • Items to obtain information. The auditor may examine items to obtain information about matters
rather than conclusive, the auditor might use inappropriate procedures, or the auditor might such as the client’s business, the nature of transactions, accounting and internal control systems.
misinterpret evidence and fail to recognize an error. • Items to test procedures. The auditor may use judgment to select and examine specific items to
determine whether or not a particular procedure is being performed.
b. Provide an objective basis for quantitatively evaluating sample results.
c. Audit sampling: Sampling is essential throughout audits as auditors attempt to gather sufficient c. Design an efficient sample.
appropriate evidence in a cost efficient manner. d. Quantify sampling risk so as to limit/control risk to an acceptable level.
When to use audit sampling: b. Random sample selection: Random sample selection methods should be used in statistical
• Where an auditor has no special knowledge about likely misstatements contained in account sampling. Such methods give all items in the population an equal chance to be included in the
balances and transactions sample to be audited.
• When the auditor believes that the sample is to be a good representative of the population
(account balances and transactions) 2. Nonstatistical sampling – the sample size is not determined mathematically. Auditors use their
judgment in determining sample size, and sample results are evaluated judgmentally. Conclusions
Situations where sampling may not apply: Sampling concepts generally do not apply to: may be drawn in more precise ways when using statistical sampling methods.
a. Risk assessment procedures performed to obtain an understanding of internal control.
b. Tests of automated application controls when effective general controls are present. (Generally, • It is acceptable for auditors to use either or combination of statistical and nonstatistical sampling.
such controls would only be tested once or a few times.) • Both sampling approaches involve judgment in planning, executing the sampling plan, and
c. Analyses of security and access controls, or other controls that do not provide documentary evaluating the results of the sample.
evidence of performance (e.g., controls related to segregation of duties). • Both sampling approaches can provide sufficient competent evidence.
d. Some tests related to the operation of the control environment or the accounting system (e.g., • Sampling methods are used by auditors in both control testing and substantive testing.
examination of the effectiveness of activities performed by those charged with governance). • Basic distinction between statistical sampling and nonstatistical sampling: Statistical sampling is a
mathematical approach to inference, whereas nonstatistical sampling is a more subjective
Lists procedures that do not involve sampling: approach.
a. Inquiry and observation
b. Analytical procedures Auditor’s professional judgment:
c. Procedures applied to every item in a population
d. Tests of controls where application is not documented Although statistical sampling aids the auditor in quantitative ways, it is not a substitute for
e. Procedures from which the auditor does not intend to extend a conclusion to the remaining item in professional judgment. The auditor must exercise professional judgment in both statistical and
the account nonstatistical sampling to:
f. Untested balances a. Define the population and the sampling unit;
b. Select the appropriate sampling method;
Approaches to audit sampling: c. Evaluate the appropriateness of audit evidence;
d. Evaluate the nature of deviations or errors;
1. Statistical sampling – any approach to sampling that has the following characteristics: e. Consider sampling risk; and
a. Random selection of a sample; and f. Evaluate the results obtained from the sample and project those results to the population.
b. Use of probability theory to evaluate sample results, including measurement of sampling risk
Types of sampling:
In statistical sampling, auditors specify the sampling risk they are willing to accept and then
calculate the sample size that provides that degree of reliability. Results are evaluated Audit sampling is used for both tests of controls (attributes sampling) and for tests of details of
quantitatively. Statistical sampling measures quantitatively the risk from testing only part of an transactions and balances (usually, variables sampling). In both attributes sampling and variables
audit population. sampling, the plans may be either nonstatistical or statistical.
a. Advantages of statistical sampling: Conclusions may be drawn in more precise ways when using 1. Attribute sampling – estimates the quality characteristic of a population; it estimates the rate of
statistical sampling because it enables the auditor to: deviation for internal controls that the auditor decides to rely upon
a. Measure the sufficiency of the audit evidence obtained.
Applicability of attribute sampling: primarily used for test of controls because attribute sampling 2) Risk of incorrect rejection – the risk that the recorded account balance (based on the sample) is
deals with estimating deviation from internal control procedures materially misstated when in fact it is not materially misstated (i.e., sample results mistakenly
indicate a material misstatement).
2. Variables sampling – estimates the numerical quantity of a population ➢ This means that the auditor wrongly concludes that material error in an account balance exists
Applicability of variable sampling: typically used in substantive testing of account balances when in fact it does not.
because variables sampling deal with peso balances
b. Sampling risks in tests of controls: (Risk of assessing control risk to low and Risk of assessing
Sampling risk: control risk to high)
• The possibility that the auditor’s conclusion, based on a sample may be different from the
conclusion reached if the entire population were subjected to the same audit procedure. a. Risk of assessing control risk too low – the risk that the assessed level of control risk (based on the
• The risk that the sample is not representative of the population and that the auditor's conclusion sample) is lower than the true level of control risk (i.e., sample results indicate a lower deviation
will be different from the conclusion had the auditor examined 100% of the population. rate than actually exists in the population).
• The possibility that even though a sample is properly chosen, it may not be representative of the ➢ This means that the auditor wrongly concludes that the control risk is low or that client’s internal
population. control system can be relied upon.
• Two types of sampling risk:
b. Risk of assessing control risk too high – the risk that the assessed level of control risk (based on the
1. Risk that affects audit effectiveness and may lead to an inappropriate audit opinion (“Beta risk” sample) is higher than the true level of control risk (i.e., sample results indicate a greater deviation
or “Type II error”) – the risk the auditor will conclude that: rate than actually exists in the population).
a. In the case of a test of control, that control risk is lower than it actually is, or ➢ This means that the auditor wrongly concludes that the control risk is high or that the client’s
b. In the case of a substantive test, that a material error does not exist when in fact it does internal control system cannot be relied upon.
2. Risk affects audit efficiency as it would usually lead to additional work to establish that initial Analysis of sampling risks:
conclusions were incorrect (“Alpha risk” or “Type I error”) – the risk the auditor will conclude that:
a. In the case of a test of control, that control risk is higher than it actually is, or Aspects of Auditor’s wrong Effect on audit work
b. In the case of a substantive test, that a material error exists when in fact it does not sampling risks conclusion because of wrong Sacrificed
conclusion
Aspects of audit risk: (Sampling risk and Nonsampling risk) Risk of incorrect Not materially Performance of less Effectiveness of the audit
acceptance misstated when in extensive substantive because it may lead to
1. Sampling risk: aspects of audit risk that are due to sampling; the risk or the possibility that, when fact materially tests inappropriate opinion due
a test of controls or a substantive test is restricted to a sample, the auditor's conclusions may be misstated to inappropriate less
different from the conclusions which would have been reached had the tests been applied to all extensive substantive tests
items in the account balance or class of transactions Risk of incorrect Materially Additional work Efficiency of the audit
rejection misstated when in (performance of because of unnecessary
a. Sampling risks in substantive testing: (Risk of incorrect acceptance and risk of incorrect rejection) fact not materially unnecessary more additional work
misstated extensive substantive
1) Risk of incorrect acceptance – the risk that the recorded account balance (based on the sample) is tests)
not materially misstated when in fact it is materially misstated (i.e., sample results fail to identify Risk of assessing ↓CR than actual Performance of tests of Effectiveness of the audit
an existing material misstatement). control risk too CR – internal controls and less because it may lead to
➢ This means that the auditor wrongly concludes material error in an account balance does not low control is reliable extensive substantive inappropriate opinion due
exist when in fact it does. tests to inappropriate less
extensive substantive tests
Risk of assessing ↑ CR than actual Additional work Efficiency of the audit
control risk too CR – internal (because non- because of unnecessary (confidence) level (e.g., 95%) and the maximum acceptable tolerable rate (e.g., 1%), and a table is
high control is not performance of tests of additional work then used to determine sample size. If no deviations are found in the sample, the auditor can be
reliable controls would lead to 95% certain that the rate of deviation in the population does not exceed 1%. If deviations are
the performance of found, a regular attribute sampling table may be used to estimate the deviation rate in the
unnecessary more population, and audit procedures may need to be expanded.
extensive substantive
tests b. Stop-or-go sampling (sequential sampling) – is designed to avoid oversampling for attributes by
allowing the auditor to stop an audit test before completing all steps. It is used when few errors are
2. Nonsampling risk: all aspects of audit risk that are not due to sampling. Nonsampling risk is the expected in the population. Sequential sampling separates the sampling process into several
possibility that auditors will arrive at an erroneous conclusion not because of the chosen sample states. After a step, the auditor determines if it is warranted to accept or increase the preliminary
but due to other factors. level of control risk.
• Nonsampling risk is always present and cannot be measured.
• Nonsampling risk can be controlled by adequate planning and supervision of audit work and proper 2. Variables sampling – sampling in substantive tests:
adherence to quality control standards.
• Examples of nonsampling risk: a. Probability-proportional-to-size (PPS) sampling – sampling technique where the sampling unit is
➢ The auditor might use/select inappropriate procedures (audit procedures that are not appropriate defined as an individual peso in a population. Once a peso is selected, the entire account
to achieve a specific objective) (containing that peso) is audited.
➢ The auditor might misinterpret evidence or the results of audit tests • It is a sampling plan that automatically stratifies the population.
➢ and fail to recognize an error (for example, failure by the auditor to recognize misstatements in
documents examined) b. Classical variables sampling – a statistical sampling method used to estimate the numerical
measurement of a population, such as a peso value (e.g., accounts receivable balance). This
Sampling risk and non-sampling risk can affect the components of audit risk. For example, when sampling method is used primarily in substantive testing. The objective of variables sampling is to
performing tests of control, the auditor may find no errors in a sample and conclude that control obtain evidence about the reasonableness of monetary amounts. The auditor estimates the true
risk is low, when the rate of error in the population is, in fact, unacceptably high (sampling risk). Or value of the population by computing a point estimate of the population and computing a precision
there may be errors in the sample which the auditor fails to recognize (non-sampling risk). interval around this point estimate. Classical variables sampling measures sampling risk by using
the variation of the underlying characteristic of interest.
Types of statistical plans:
Three commonly used classical variables sampling:
1. Attribute sampling – sampling in tests of controls
1. Mean-per-unit estimation – a sampling plan that uses the average value of the items in the sample
Attribute sampling is a statistical sampling method used to estimate the rate (%) of occurrence to estimate the true population value (i.e., estimate = average sample value x number of items in
(exception) of a specific characteristic or attribute. Samples taken to test the operating population). MPU does not require the book value of the population to estimate true population
effectiveness of controls are intended to provide a basis for the auditor to conclude whether the value.
controls are being applied as prescribed. Attribute sampling generally deals with yes/no questions.
For example, "Are time cards properly authorized (i.e., to assure recorded hours were worked)?", 2. Ratio estimation – a sampling plan that uses the ratio of the audited (correct) values of items to
or "Are invoices properly voided (e.g., stamped "paid") to prevent duplicate payments?" their book values to project the true population value. Ratio estimation is a highly efficient
technique when the calculated audit amounts are approximately proportional to the client's book
Attribute sampling models: amounts.
a. Discovery sampling – a special type of attribute sampling appropriate when the auditor believes 3. Difference estimation – a sampling plan that uses the average difference between the audited
the population deviation rate is zero or near zero. It is used when the auditor is looking for a very (correct) values of items and their book values to project the actual population value. Difference
critical characteristic or deviations (e.g., fraud). The auditor predetermines the desired reliability
estimation is used instead of ratio estimation when the differences are not nearly proportional to therefore, the smaller the
book values. sample size can be.
Expected Expected Direct ↓ ↑• The higher the rate of deviation
Comparison of PPS sampling to classical variables sampling deviation error Lower Higher that the auditor expects, the
rate larger the sample size needs to
Advantages of PPS sampling Advantages of classical variables sampling be so as to be in a position to
1. Generally easier to use 1. May result in a smaller sample size if there are make a reasonable estimate of
2. Size of sample not based on variation of audited many differences between audited and book the actual rate of deviation.
amounts values • The greater the amount of error
3. Automatically results in a stratified sample 2. Easier to expand sample size if that becomes the auditor expects to find in
4. Individually significant items are automatically necessary the population, the larger the
identified 3. Selection of zero balances does not require sample size needs to be in order
5. Usually results in a smaller sample size if no special sample design considerations to make a reasonable estimate
misstatements are expected 4. Inclusion of negative balances does not require of the actual amount of error in
6. Can be easily designed and sample selection can special sample design considerations the population.
begin before the complete population is Degree/level Degree/level Direct ↓ ↑• The more assurance the auditor
available of intended of Lower Higher intends to obtain from
reliance confidence accounting and internal control
systems, the lower the auditor’s
Factors influencing determination of sample size for tests of control and substantive procedures: assessment of control risk will
be, and the larger the sample
Factor Relationship Required sample Analysis size will need to be.
to sample size • The greater the degree of
Tests of Substantive size ↓ ↑ confidence that the auditor
control procedures Smaller Larger requires that the results of the
Assessed Direct ↓ ↑ The higher the auditor’s sample are in fact indicative of
level of IR Lower Higher assessment of inherent risk and the actual incidence of error in
and CR control risk, the larger the the population, the larger the
sample size needs to be. sample size needs to be.
Acceptable Direct ↓ ↑ Higher inherent risk and control Tolerable Tolerable Inverse and ↑ ↓• The lower the rate of deviation
level of Lower Higher risk imply that a lower detection deviation error indirect Higher Lower that the auditor is willing to
detection risk is needed to reduce the rate accept, the larger the sample
risk audit risk to an acceptable low size needs to be.
level, and lower detection risk • The lower the total error that
can be obtained by increasing the auditor is willing to accept,
sample size. the larger the sample size needs
Reliance on Inverse ↑ ↓ The more the auditor is relying to be.
other Higher Lower on other substantive procedures Risk of Inverse ↑ ↓ The more assurance the auditor
substantive to reduce to an acceptable level assessing Higher Lower intends to obtain from
procedures the detection risk, the less control risk accounting and internal control
assurance the auditor will too low systems, the lower the auditor’s
require from sampling and, assessment of control risk will
be, and the larger the sample items in the population have a chance of selection. Haphazard selection is not appropriate when
size will need to be. This is a using statistical sampling.
sampling risk and sampling risk
is reduced by increasing the
sample size. Other sample selection methods:
Risk of Inverse ↑ ↓ The greater the degree of
incorrect Higher Lower confidence that the auditor 1. Value-weighted selection – sets the high-value items as priority to be included in the sample
acceptance requires that the results of the
sample are in fact indicative of 2. Block selection – involves selecting a block(s) of contiguous items from within the population.
the actual incidence of error in Block selection cannot ordinarily be used in audit sampling because most populations are
the population, the larger the structured such that items in a sequence can be expected to have similar characteristics to each
sample size needs to be. This is other, but different characteristics from items elsewhere in the population.
a sampling risk and sampling risk
is reduced by increasing the 3. Stratification – grouping of items of similar size and each group is treated as a separate population.
sample size. For example, assume 1,000 items are stratified into two groups: the 100 largest items will all be
Number of items in the Negligible effect, that is, virtually For large populations, the actual examined individually, but sampling techniques will be applied to the remaining 900 items. In this
population no effect on sample size unless size of the population has little, case, the population size for the sampling application would be 900, not 1,000. Stratification is
the population is very small. In if any, effect on sample size. For used when there is a wide range (variability) in the monetary size of items in the population.
other words, population size is small populations however,
not an issue provided the audit sampling is often not as Steps when applying a variables sampling
population is large. efficient as alternative means of
obtaining sufficient appropriate 1. Define the objective of the test
audit evidence. • For example, the auditor wishes to estimate the value of an account balance (e.g., the client's
accounts receivable balance).
• When the deviation in the sample is at the expected deviation rate or less, the auditor can continue
using his planned assessment of control risk. If it happens to be greater than expected, 2. Define the population
reassessment of risk is necessary. Usually, an increase in such should be made. • For example, the population might consist of 5,000 accounts with a recorded book value of
• The stronger the internal control, the lower the control risk, the lower the tolerable deviation rate. P4,500,000. The auditor would examine 100% of accounts for which potential errors could equal or
exceed the tolerable error and would exclude those accounts from the population to be sampled.
Principal sample selection methods: Appropriate sample selection methods could reduce
sampling risk. 3. Define the sampling unit
• The auditor should consider the completeness of the population in defining the sampling unit (for
a. Random-number sampling – use of a computerized random number generator or random number example, each of the 5,000 accounts is a sampling unit)
tables.
4. Determine the sample size
b. Systematic selection – the number of sampling units in the population is divided by the sample size • The auditor uses the following parameters, in conjunction with tables or formulas to determine
to give a sampling interval regardless of the amount involved (for example 50, and having sample size.
determined a starting point within the first 50, each 50th sampling unit thereafter is selected). 1) Tolerable misstatement
2) Expected misstatement (size, frequency, etc.)
c. Haphazard selection – the auditor selects the sample without following a structured technique, but 3) Acceptable level of risk: audit risk, risk of incorrect acceptance, and risk of incorrect rejection
the method is intended to avoid or predictability (for example avoiding difficult to locate items, or 4) Characteristics of the population (e.g., an estimate of the standard deviation, or variability, of the
always choosing or avoiding the first or last entries on a page) and thus attempt to ensure that all population)
5) Assessed risk: asses • It refers to the documentation of audit evidences collected and evaluated by the auditor to support
the audit opinion.
5. Select the sample • The records kept by the auditor that documents:
• Sample items should be selected in such a way that the sample can be expected to be a. The procedures applied
representative of the population (e.g., random sampling). b. The tests performed
• In this example, an appropriate sample would consist of individual account balances. Confirmations c. The information or evidenced obtained, and
could then be used to determine the audited values for sample items. d. The conclusions the auditor reached in the engagement
• Also called “working papers” or “workpapers” or audit file
6. Evaluate the sample results
• The auditor projects the misstatements found in the sample to the population using one of several Purposes / functions of audit documentation:
methods (e.g., MPU, ratio, difference, etc.). The projected misstatement is applied to the recorded
balance to obtain a "point estimate" of the true balance. File documentation plays a critical role in the planning and performance of the audit. During
• The auditor must then add an allowance for sampling risk (sometimes called a "precision interval") an audit engagement, data are compiled and included in the audit working papers. It provides the
to this estimate. record that work was in fact performed and it forms the basis for the auditor’s report. It will also be
used for quality control reviews, monitoring of adherence to the accounting firm’s standards, and
7. Form conclusions about the balances (or transactions) tested possibly inspections by third parties.
• In deciding whether to accept the client's book value, the auditor determines whether the
recorded book value falls within the acceptable range (i.e., the point estimate +/- the allowance for 1. Primary
sampling risk). If so, the book value is fairly stated. • To support the auditor's conclusions/opinion/report on the financial statements (and not to
• The auditor's treatment of items selected for sampling that cannot be located (e.g., are "lost") will support the FS).
depend on their effect on the auditor's evaluation of the sample. • To provides a basis for determining the appropriate audit report.
• If the sample is representative of the population, the auditor generally will make a correct decision • To support the auditor's representation that an adequate audit was conducted in accordance with
regarding whether the account balance is fairly stated. PSA/GAAS
• If the sample is not representative of the population, the auditor will make an incorrect decision, • To provide evidence of the audit work performed
either accepting a materially misstated balance, or rejecting a fairly stated balance. • To assist the auditor in the planning, performance, review, supervision and coordination of the
engagement and in preparation of the audit report
• To show that the accounting records agree or reconcile with the financial statements
8. Document the sampling procedure • Provide supervisory personnel the opportunity to assess the sufficiency of evidence obtained
• The auditor must document each step in audit sampling, starting with planning and including the during the audit
rationale for the auditor's parameters, the performance of procedures, the observed results, and
the evaluation and interpretation of those results. 2. Other objectives:
• To assist the auditor in planning future audits
AUDIT DOCUMENTATION / WORKING PAPERS • To enable the audit team to be accountable for its work
• To provide information useful in rendering other services (MAS or tax consulting)
AUDIT DOCUMENTATION • To provide adequate defense in case of litigation
The auditor should prepare, on a timely basis, audit documentation that provides: • To enable an experienced auditor to conduct quality control reviews and inspections in accordance
a. A sufficient and appropriate record of the basis for the auditor’s report; and with quality control standards
b. Evidence that the audit was performed in accordance with PSAs and applicable legal and regulatory • To enable an experienced auditor to conduct external inspections in accordance with applicable
requirements. legislation, regulations or other requirements
Audit documentation: To comply with the quality control standards, firms should have policies and procedures that
specifically address engagement documentation. These documentation policies should be • Analyses of long-term accounts (such as PPE, long-term liabilities and of stockholders' equity
documented and communicated to all staff. accounts)
• Analyses of internal control (flowchart, narrative descriptions, etc.)
Design of audit documentation: b. Copies or extracts of entity’s important legal documents and agreements:
• When preparing working papers, the auditor should remember that working papers should be • Corporate charter or articles of Incorporation (or articles of co-partnership) and by-laws
designed to meet the circumstances and the auditor's needs on each engagement. • Major contracts (such as bond and note indentures)
• Pension plans, stock option plans, profit-sharing plans and employee bonus
Form, content and extent of audit documentation: • Terms of share capital and bond issues
• Form, content and extent of audit documentation depend on auditor’s judgment – since it is • Engagement letter
neither necessary nor practical to document every matter.
• Audit documentation should be complete in itself and should not require subsequent or additional 2. Current audit file – contains evidence gathered and conclusions reached relevant to the audit of a
oral explanation. particular year. It is designed to support management assertions. Includes all papers accumulated
• Audit documentation should be concise and limited only to essentials. during the current year’s audit:
• Audit documentation should be appropriately organized to provide a clear link to the significant • Copy of the financial statements
matters • Audit plan and audit programs
• Experienced auditor: The audit documentation should be in such form, content and extent of audit • Working (top) trial balance – listing of unadjusted ending balances of accounts (contains columns
documentation that would enable an experienced auditor, having no previous connection with the for adjusting and reclassifying entries)
audit, to understand: • Adjusting and reclassifying entries – adjustments are made to correct material errors while
a. The nature, timing, and extent of the audit procedures performed to comply with PSAs and reclassifications are made to properly present information in the financial statements
applicable legal and regulatory requirements • Lead or top schedule (assembly sheet) – shows the major components of an amount reported in
b. The results of the audit procedures and the audit evidence obtained, and the financial statements; this working paper show the grouping of related accounts; it eliminates
c. Significant matters arising during the audit and the conclusions reached thereon. voluminous details from the auditor’s working trial balance by classifying and summarizing similar
or related items
Factors to consider by the auditor in deciding the form, content and extent of audit • Supporting schedules – schedules that support specific amounts on the financial statements;
documentation: usually the largest portion of the audit file
a. Nature of the audit procedures to be performed; • Audit memoranda – includes documentation on discussions of certain items such as internal
b. Risks of material misstatement; control, inventory observation, errors identified, and problems encountered
c. Extent of judgment required in performing the work and evaluating the results; • Account analysis – shows the activity during the period in a particular short-term account
d. The significance of the audit evidence obtained; • Correspondence with other parties such as lawyers, customers, banks, and management
e. Nature and extent of exceptions identified; • Audit notes – used to record items of work to be done and questions concerning the audit
f. The need to document a conclusion or the basis for a conclusion not readily determinable from the investigation
documentation of the work performed or audit evidence obtained; and
• Abstract or copies of minutes of board of directors’ meeting
g. Audit methodology and tools used
B. One-time engagement – no distinction as to permanent or current file
Classification and composition of auditor’s working papers:
A. Continuing engagement (recurring audit):
Other types of files:
1. Permanent file – contains information of continuing or long-term significance/interest to the
1. Tax files – contain file of information on client’s current and income taxes and other business taxes
auditor in performing recurring audits, such as:
that may be used as bases for:
a. Information
a. Preparing current year’s tax returns
• Organizational chart b. Preparing other tax-related services
• Analysis of business and industry c. Representing the client in tax assessment case
2. Correspondence file – contains all correspondence/letters to or from (or in behalf of) a client 3. Signing off on completion checklists relating to the file assembly process
3. Completion memorandum – a summary that describes the significant matters identified during the 4. Documenting audit evidence that the auditor has obtained, discussed and agreed with the relevant
audit and how they are addressed members of the audit team before the date of the auditor’s report.
Ownership of working papers or audit documentation: Elements of working papers:

Legal provision on ownership of working papers (Sec. 29 of RA 9298 – Ownership of Working Working papers should be properly organized to facilitate their review. Working papers should
Papers): All working papers, schedules and memoranda made by a CPA and his staff in the course have the following elements:
of an examination, including those prepared and submitted by the client, incident to or in the 1. Heading – used to properly identify each working paper; it includes the name of the client,
course of an examination, by such CPA, except reports submitted by a CPA to a client shall be type/title of working paper, description of its content, and the date or period covered by the
treated confidential and privileged and remain the property of such CPA in the absence of a written examination.
agreement between the CPA and the client, to the contrary, unless such documents are required to 2. Dates and initial of staff and reviewers
be produced through subpoena issued by any court, tribunal, or government regulatory or 3. Indexing – use of lettering or numbering system to aid in cross-referencing to other working papers
administrative body. 4. Cross-indexing / cross referencing – Audit working papers are indexed by means of reference
numbers. The primary purpose of cross-indexing audit working papers is to permit cross-
• Audit documentation or working papers are the property of the auditor/audit firm and the client referencing and simplify supervisory review by providing a trail useful to the auditor and
has no right to the working papers prepared by the auditor. supervisors in reviewing the working papers. (For example, reported findings should be adequately
• Confidentiality of working papers: Although working papers are the personal property of the cross-referenced to supporting documentation.)
auditor, they can not be shown to third parties under the rule on confidentiality unless it falls under Audit working papers should have an indexing system that shows the relationship between
the certain exceptions such as production of documents through subpoena issued by any court, findings, conclusions, and the related facts. The main advantage of properly indexed working
tribunal, or government regulatory or administrative body. papers is to better organize the working papers.
• Although certain working papers may sometimes serve as a useful reference source for his client, 5. Tick marks – symbols that describe the audit procedures performed. Tick marks are explained in
auditor’s working papers should not be regarded as part or substitute for the client's accounting working papers.
records.
• The audit documentation for a specific audit engagement is assembled in an audit file. Using electronic tools in working papers:
There are three important principles to note when using electronic tools in working paper
Auditor/CPA firm’s responsibility on audit documentation: preparation:
1. Policies and procedures: Establishment of policies and procedures on audit documentation • All the requirements of the PSAs still apply;
2. Confidentiality and safe custody: Adopt appropriate procedures for maintaining confidentiality • Electronic files require electronic document management. This addresses matters such as
and safe custody of working papers and accessibility (such as password access), data security, application management (including training),
3. Retention of audit documentation: Working papers should be retained by the auditor for a period back-up routines, edit rights, storage locations, review procedures, and decisions on what changes
of time sufficient to meet the needs of his practice and to satisfy any pertinent legal requirements to files will be tracked to provide the necessary audit trail; and
of record retention. Retention period should be no shorter than 5 years from the date of the • Final documents (all documents that are required to be maintained to support the audit opinion)
auditor’s report, or, if later, the date of the group auditor’s report. The auditor should not delete must be retained and be accessible in accordance with the firm’s file retention policies.
or discard audit documentation before the end of its retention period.
4. Completion of final audit file: within 60 days after the date of the auditor’s report COMPLETING THE AUDIT
Deletion from/changes to audit documentation: The procedures being performed in completing the audit are necessary. These procedures are
• After completion date: Not allowed usually performed by audit managers or other senior members of the audit team who have
• During assembly process: Allowed but limited to changes that are administrative in nature, such extensive audit experience with the client because the procedures involve many subjective
as: judgments by the auditor. These procedures do not pertain to specific transaction cycles or
1. Deleting or discarding superseded documentation accounts.
2. Sorting, collating and cross-referencing working papers
REVIEWING RELATED PARTY TRANSACTIONS • Loss on uncollectible accounts resulting from of customer’s continued deteriorating financial
condition leading to bankruptcy
Management’s responsibility: Identification and disclosure of:
a. Related parties; and 2. Those requiring disclosure – events that are indicative of conditions that arose after the date of the
b. Related party transactions financial statements.
Examples:
Auditor’s responsibility • Issuance of bonds/stocks after the BS date
• Major purchase of a business
1. Review related party transactions to ensure that they have been properly identified, recorded and • Loss on inventory due to fire that occurred in the subsequent period
disclosed in the financial statements • Loss of plant due to flood
2. Obtain a written representation from management concerning: • Loss on uncollectible receivable because of a major catastrophe suffered by the customer after the
a. Completeness of information on identification of related parties; and BS date
b. Adequacy of disclosure in the FS
Subsequent events relevant to the auditor: limited to those subsequent events (both requiring
• The auditor needs to have the level of knowledge of the entity’s business and industry that will adjustment or disclosure) that occur subsequent to date of the FS and the date of the auditor’s
enable identification of the events and transactions and practices that may have material effect on report
the financial statements.
• An audit cannot be expected to detect all related party transactions. Auditor’s responsibility for subsequent events:
Reasons for the review: The auditor should modify the auditor’s report in case of: 1. Perform audit procedures designed to identify subsequent events
• Inability to obtain sufficient appropriate audit evidence concerning related parties and transactions
with such parties The auditor should perform procedures designed to obtain sufficient appropriate audit
• Inadequate disclosure in the FS evidence that all events up to the date of the auditor’s report that may require adjustment of, or
disclosure in, the financial statements have been identified.
PERFORM SUBSEQUENT EVENTS REVIEW
These procedures would include:
• Subsequent events refer to events occurring between period end (the date of the financial a. Reviewing procedures management has established to ensure that subsequent events are
statements or the balance sheet date) and the date of the auditor’s report that may affect the identified.
financial statements and the auditor’s report. b. Inquiry:
• These events are also called post-balance sheet events/transactions since they occur after or • Inquiring of management as to whether any subsequent events have occurred which might affect
subsequent to the balance sheet date. the financial statements.
• Subsequent events may also refer to facts discovered after the date of the auditor’s report. • Inquiring of the entity’s legal counsel concerning litigation claims, and assessments
• The period between the date of the financial statements and the date of the auditor's report is c. Reading minutes of the meetings (of shareholders, those charged with governance, audit and
called the subsequent period. During this period, the auditor has an active responsibility to executive committees) including those held after period end and inquiring about matters discussed
investigate certain subsequent events. at meetings for which minutes are not yet available.
d. Reading the entity’s latest available interim financial statements as well as budgets and cash flow
Types of subsequent events: forecasts and other related management reports; compare them with the financial statements
under audit.
1. Those requiring adjustment – those that provide evidence of conditions that existed at the date of e. Obtaining representation letter from management regarding whether any events occurred during
the financial statements. the subsequent period that require adjustments to or disclosure in the financial statements.
Examples:
• Settlement of litigation in excess of amount recorded Examples of inquiries of management on specific matters are:
• Current status of items that were accounted for on the basis of preliminary or inconclusive data The auditor should seek direct communication with the entity’s lawyers when litigation or
• New commitments, borrowings or guarantees claims have been identified or when the auditor believes they may exist. The letter would ordinarily
• Sales or acquisition of assets that have occurred or are planned specify the following:
• Issue of new shares or debentures or an agreement to merge or liquidate that is made or planned • A list of litigation and claims;
• Any assets that have been appropriated by government or destroyed, for example, by fire or flood • Management’s assessment of the outcome of the litigation or claim and its estimate of the financial
• Any developments regarding risk areas and contingencies implications, including costs involved; and
• Any unusual accounting adjustments made or contemplated • A request that the entity’s legal counsel confirm the reasonableness of management’s assessments
• Any events that have occurred or are likely to occur which will bring into question the and provide the auditor with further information if the list is considered by the entity’s legal
appropriateness of accounting policies used in the financial statements (such as going-concern counsel to be incomplete or incorrect.
issues).
The letter, which should be prepared by management and sent by the auditor, should request
2. To consider/evaluate the effect of subsequent events (whether such events are properly the lawyer to communicate directly with the auditor.
accounted for and adequately disclosed) on the financial statements and on the auditor’s report
If management refuses to give the auditor permission to communicate with the entity’s legal
When subsequent events that materially affect the financial statements are identified, the counsel, this would be a scope limitation and should ordinarily lead to a qualified opinion or a
auditor should consider whether such events are properly accounted for and adequately disclosed disclaimer of opinion. Where the entity’s legal counsel refuses to respond in an appropriate
in the financial statements. manner and the auditor is unable to obtain sufficient appropriate audit evidence by applying
alternative audit procedures, the auditor would consider whether there is a scope limitation which
LITIGATIONS AND CLAIMS may lead to a qualified opinion or a disclaimer of opinion.
Litigation and claims involving an entity may have a material effect on the financial PERFORMING WRAP-UP PROCEDURES
statements and thus may be required to be disclosed and/or provided for in the financial
statements. Performing analytical procedures in the overall review at/near the end of the audit
Audit procedures regarding litigation and claims: Analytical procedures involve analysis of significant ratios and trends including the resultant
investigation of fluctuations and relationships that are inconsistent with other relevant information
1. Identify existence of any litigation and claims or expectation:
The auditor should carry out procedures to identify existence of any litigations and claims Analytical procedures are required to be performed during the planning and overall review
involving the entity which may result in a material misstatement of the financial statements. Such stages.
procedures would include the following:
• Make appropriate inquiries of management including obtaining representations • Purpose of performing analytical procedures in the overall review stage of the audit: to ensure
• Review minutes of those charged with governance and correspondence with the entity’s legal that the auditor’s overall conclusion as to whether the financial statements as a whole are
counsel consistent with the auditor’s understanding of the entity.
• Examine legal expense accounts, and
• Use any information obtained regarding the entity’s business including information obtained from • Auditor’s focus when performing analytical procedures in the overall review stage:
discussions with any in-house legal department. a. Identifying unusual fluctuations or transactions or unexpected account balances that were not
previously identified
2. Communicate directly with the entity’s lawyers. ➢ Requires investigation, adequate explanation and appropriate corroborative evidence by
performing additional tests of details
b. Assessing the validity of the conclusions reached and evaluating the overall financial statements
presentation
Events or conditions that may give rise to business risks, that individually or collectively, may cast
Assessing going concern assumption doubt about the entity’s ability to continue as a going concern:
• Financial statements are ordinarily prepared based on going concern basis, contrary to the quitting Financial events and conditions:
concern basis, in the absence of information to the contrary. This means that the assets and • Net liability or net current liability position
liabilities are recorded on the basis that the entity will be able to realize its assets and discharge its • Maturing fixed-term borrowings without realistic prospects of renewal or repayment
liabilities in the normal course of business. • Indications of withdrawal of financial support by debtors and other creditors
• Negative operating cash flows
• Going concern assumption – an entity is ordinarily viewed as continuing in business for the • Adverse key financial ratios
foreseeable future with neither the intention nor the necessity of liquidation, ceasing trading or • Substantial operating losses
seeking protection from creditors pursuant to laws and regulations. • Significant deterioration in value of assets used to generate cash flows
• Arrears or discontinuance of dividends
Management’s responsibility: • Inability to pay creditors on due dates
a. Management should assess the entity’s ability to continue as a going concern – making a judgment • Inability to comply with the terms of loan agreements or other statutory requirements
about the future outcome of uncertain events or conditions (for a period of one year from balance
• Change from credit to cash-on-delivery transactions with suppliers
sheet date)
• Inability to obtain financing for essential new product development or other essential investments
b. To disclosure (based on the result of assessment)
Operating events and conditions:
Disclosure requirements if FS are not prepared on a going concern basis:
• Loss of key management without replacement
a. The fact that FS are not prepared on a going concern basis
• Loss of a major market, franchise, license, or principal supplier
b. The basis on which the FS are prepared, and
c. The reasons why the entity is not regarded as a going concern • Labor difficulties or shortages of important supplies
Auditor’s responsibility: Other events and conditions:

a. Overall evaluation of the appropriateness of management’s use of the going concern assumption in • Noncompliance with capital or statutory requirements
the preparation of the financial statements • Pending legal or regulatory proceedings against the entity that may, if successful, result in claims
b. Identifying material uncertainties about the entity’s ability to continue as a going concern that that are unlikely to be satisfied
need to be disclosed in the financial statements • Changes in legislation or government policy expected to adversely affect the entity
c. Whether such events or conditions are adequately disclosed in the financial statements
d. Consider report modification because of these events or conditions Factors that can mitigate the adverse effects of identified material going concern uncertainty:
e. If conditions or events such as those identified previously create substantial doubt as to the ability The auditor should consider whether management has plans for and the ability to implement
of the entity to continue as a going concern, the auditor should consider whether management has alternative means of maintaining adequate cash flows to mitigate events and conditions that may
feasible plans (plans for and the ability to implement alternative means of maintaining adequate cast doubt about the entity’s ability to continue as a going concern.
cash flows)
Examples of mitigating factors:
The auditor has no responsibility to predict future events or conditions that may cause an entity to • When there is a history of profitable operations and a ready access to financial resources
cease to continue as a going concern. Thus, auditors are not required to design audit procedures • Management has plans and ability to maintain adequate cash flows by alternative means, such as:
solely to detect going concern problems. ➢ Disposal of assets (including disposal of operations producing negative cash flows)
➢ Borrowing money or restructuring debt
Examples of events/conditions that may signify existence ➢ Leasing (instead of purchasing) of PPE items
of a material going concern uncertainty ➢ Renewal or, extension or rescheduling of loan repayments
➢ Reducing or delaying or postponing expenditures
➢ Obtaining additional capital
➢ Reducing or postponing dividend payments • Forms of management representations: Management representations may be verbal, whether
• Availability of alternative source of supply in case of loss of a principal supplier solicited or unsolicited, or written, whether explicitly such as contained in a management
representation letter or implicitly such as contained in financial information provided. The forms of
Audit procedures to identify conditions and events that may cast doubt about an entity’s ability representations include:
to continue as a going concern: a. A representation letter from management – known as the management representation letter or
• Analytical procedures client’s representation letter
• Subsequent events review b. A letter from the auditor (confirmatory letter) – outlining the auditor’s understanding of
• Review of compliance with debt and loan agreements management’s representations, duly acknowledged and confirmed by management
• Reading minutes of meetings c. Relevant minutes of meetings (of the board of directors or similar body)
• Inquiry of legal counsel d. Signed copy of the financial statements
• Confirmation with related and third parties of arrangements for financial support e. Matters communicated in discussions or electronically such as e-mails or telephone messages.
f. Schedules, analyses, and reports prepared by the entity, and management’s notations and
MANAGEMENT REPRESENTATION LETTER: comments therein.
• Auditor’s responsibility: The auditor should obtain appropriate written representations from • Basic elements of a management representation letter:
management. a. Addressee: Should be addressed to the auditor
b. Contents: Should contain the specified information
Management letter vs. management representation letter: c. Date: Should be appropriately dated (ordinarily coincides with date of the auditor’s report)
Management letter is a letter to management regarding internal control deficiencies/weaknesses. d. Signatory: Should be appropriately signed by the members of management who have primary or
On the other hand, management representation letter is a letter from the management confirming overall responsibility for financial and operating aspects of the entity
its responsibility and its oral representations.
Appropriate signatory of a management representation letter:
• Management’s responsibility: Management has responsibility to provide written representations • Owner-manager
(this responsibility is included in the engagement letter that sets out the terms of engagement). • Chief/senior executive officer
• Chief/senior financial officer
• Purposes of a management representation letter: • Other members of management
a. Main: To emphasize or impress upon management its ultimate responsibility for the financial
statements • Basic contents of management representation letter:
➢ That management acknowledges its responsibility for the fair presentation of the financial
b. Other purposes: statements in accordance with the applicable financial reporting framework
➢ It confirms oral representations made by management during the audit ➢ That management has approved the financial statements
➢ It reduces the possibility of misunderstanding between the auditor and the client concerning the ➢ That management acknowledges its responsibility for the design and implementation of internal
matters that are the subject of the representations control to prevent and detect error
➢ It documents management’s acceptance acknowledgment of its responsibility for fair presentation ➢ That management believes the effects of those uncorrected financial statement misstatements
of the financial statements aggregated by the auditor during the audit are immaterial, both individually and in the aggregate,
➢ It may provide corroborative evidence when audit evidence may not be reasonably expected to be to the financial statements taken as a whole
available
For example: Audit evidence to corroborate management’s intention to hold a specific investment • Classification of matters to be included in a management representation letter: Written
for long-term appreciation or to discontinue a line of business confirmation or representations should be obtained for all significant representations provided to
➢ It complements, but do not replace or substitute, other audit procedures or other audit evidence the auditor for all financial statements on which the auditor reports. These representations are
that the auditor could reasonably expect to be available grouped below:
a. Representations that directly relate to items that are material, either individually or in aggregate, ➢ Not a substitute for performing other audit procedures or a means to reduce the auditor’s
to the financial statements. responsibility
b. Representations not directly related to items that are material to the financial statements but are ➢ Not as the sole source of evidence on significant audit matters
significant, either individually or in aggregate, to the engagement. ➢ Cannot be substitute for other audit evidence that the auditor could reasonably expect to be
c. Representations that are relevant to management’s judgments or estimates that are material, available
either individually or in aggregate, to the financial statements.
• Auditor’s responsibility on representations relating to matters that are material to the financial
Specific matters included in a management representation letter: statements:
• Management’s acknowledgement of its responsibility for the fair presentation of the FS a. Seek corroborative audit evidence from sources inside or outside the entity;
• Management’s acknowledgement of its responsibility for the design and implementation of b. Evaluate whether the representations made by management appear reasonable and consistent
internal control to prevent and detect error with other audit evidence obtained, including other representations; and
• Availability of all financial records and related data and minutes of meetings (of shareholders, c. Consider whether the individuals making the representations can be expected to be well informed
board of directors, and committee of directors) on the particular matters.
• Irregularities involving management or employees
• Confirmation on the completeness of the information provided regarding the identification of • Example of a management representation letter: The following letter is not intended to be a
related parties standard letter. Representations by management will vary from one entity to another and from
• That the FS are free of material misstatements, including omissions one period to the next.
• Compliance or noncompliance with aspects of contractual agreements or requirements of
regulatory that could have a material effect on the FS in the event of noncompliance. (Entity Letterhead)
• Plans or intentions that may materially alter the carrying value or classification of assets and
liabilities (To Auditor) (Date)
• Plans to abandon lines of product or other plans or intentions that will result in any excess or
obsolete inventory, and no inventory is stated at an amount in excess of net realizable value This representation letter is provided in connection with your audit of the financial statements of
• Satisfactory title on assets and liens or encumbrances on the company’s assets ABC Company for the year ended December 31, 19X1 for the purpose of expressing an opinion as
• Communications from regulatory agencies concerning noncompliance with/or deficiencies in to whether the financial statements present fairly, in all material respects, the financial position of
financial reporting practices ABC Company as of December 31, 19X1 and of the results of its operations and its cash flows for
the year then ended in accordance with (indicate applicable financial reporting framework).
• Information or recording and/or disclosure of:
➢ The identity of, and balances and transactions with, related parties
We acknowledge our responsibility for the fair presentation of the financial statements in
➢ Losses arising from sale and purchase commitments
accordance with (indicate applicable financial reporting framework).
➢ Agreements and options to buy back assets previously sold
➢ Assets pledged as collateral
We confirm, to the best of our knowledge and belief, the following representations:
➢ All liabilities, both actual and contingent
➢ Formal or informal compensating balance arrangements or other arrangements involving
restrictions on cash balances and credit line or similar arrangements • There have been no irregularities involving management or employees who have a significant role
➢ Subsequent events requiring adjustment of or disclosure in the FS in internal control or that could have a material effect on the financial statements.
➢ Claims and assessments in connection with litigation
➢ Capital stock repurchase options and agreements, and capital stock reserved for options, warrants, • We have made available to you all books of account and supporting documentation and all minutes
conversions and other requirements of meetings of shareholders and the board of directors (namely those held on March 15, 19X1 and
September 30, 19X1, respectively).
• Limitations of management representations: although management representations are
considered part of evidential matter, they (are): • We confirm the completeness of the information provided regarding the identification of related
parties.
• If required, add “On behalf of the board of directors (or similar body).” • We have properly recorded or disclosed in the financial statements the capital stock repurchase
options and agreements, and capital stock reserved for options, warrants, conversions and other
• The financial statements are free of material misstatements, including omissions. requirements.
• The Company has complied with all aspects of contractual agreements that could have a material Yours truly,
effect on the financial statements in the event of noncompliance.
(Senior Executive Officer)
• There has been no noncompliance with requirements of regulatory authorities that could have a (Senior Financial Officer)
material effect on the financial statements in the event of noncompliance.
• The following have been properly recorded and, when appropriate, adequately disclosed in the • Legal representation letter – client’s letter of inquiry to lawyer who have been consulted by the
financial statements: client concerning litigation, claims, or assessments to provide corroborative evidential matter; such
➢ The identity of, and balances and transactions with, related parties. letter of inquiry should be mailed only by the auditor after preparation by the client and review by
➢ Losses arising from sale and purchase commitments. the auditor
➢ Agreements and options to buy back assets previously sold.
➢ Assets pledged as collateral. • Application of materiality:
1. Representations may be limited to matters that are considered either individually or collectively
• We have no plans or intentions that may materially alter the carrying value or classification of material to the financial statements
assets and liabilities reflected in the financial statements. 2. Materiality limits would not apply when obtaining written client representation on:
a. Fraud or irregularities involving management
• We have no plans to abandon lines of product or other plans or intentions that will result in any b. Availability of minutes of meetings
excess or obsolete inventory, and no inventory is stated at an amount in excess of net realizable
value. • Effect if management refuses to provide the necessary written representations: Refusal by
management to provide a written representation requested by the auditor that the auditor deems
• The Company has satisfactory title to all assets and there are no liens or encumbrances on the necessary constitutes a scope limitation and would result in a qualified opinion or a disclaimer of
company’s assets, except for those that are disclosed in Note X to the financial statements. opinion. In such circumstances, also consider:
a. Any reliance placed on other representations made by management during the audit; and
• We have recorded or disclosed, as appropriate, all liabilities, both actual and contingent, and have b. Any additional implications of the refusal on the auditor’s report.
disclosed in Note X to the financial statements all guarantees that we have given to third parties.
• When management representation is contradicted by other audit evidence: The auditor should
• Other than . . . described in Note X to the financial statements, there have been no events investigate the circumstances and, when necessary, reconsider the reliability of other
subsequent to period end which require adjustment of or disclosure in the financial statements or representations made by management
Notes thereto.
• The . . . claim by XYZ Company has been settled for the total sum of XXX which has been properly SUBSEQUENT DISCOVERY OF OMITTED PROCEDURES AFTER SUBMISSION OF THE AUDIT REPORT
accrued in the financial statements. No other claims in connection with litigation have been or are
expected to be received. • Omitted audit procedures may be discovered (after the audit report has been submitted) during a
firm's internal inspection program or during peer review.
• There are no formal or informal compensating balance arrangements with any of our cash and • Auditor’s action:
investment accounts. Except as disclosed in Note X to the financial statements, we have no other a. The auditor should assess the importance of the omitted procedures to his ability to support the
line of credit arrangements. audit opinion.
b. The auditor should determine whether other audit procedures that were applied tend to Inability to obtain SAAE (Scope limitation):
compensate for the omitted audit procedures. If so, no further action is necessary. Due to management imposed Qualified opinion Resign, if appropriate; or
c. If, on the other hand, the omitted audit procedures impair the auditor's ability to support the limitation Disclaimer of opinion
previously issued opinion, and there are people relying (or likely to rely) on the report, then the Other limitations Qualified opinion Disclaimer of opinion
auditor should promptly undertake to apply the omitted procedures or the corresponding
alternative procedures. Pervasive effects or possible effects on the FSs are those that, in the auditor’s judgment:
d. If, after applying the omitted procedures, the auditor determines that the financial statements are a) Are not confined to specific elements, accounts or items of the FSs;
materially misstated and that the auditor's report is inappropriate, the auditor should discuss the b) If so confined, represent or could represent a substantial proportion of the FSs; or
matter with the management and take steps to prevent future reliance on the report. c) In relation to disclosures, are fundamental to users’ understanding of the FSs.
THE AUDITOR’S REPORT ON FINANCIAL STATEMENTS Auditor’s Reports

(Based on PSA 700 revised – The Independent Auditor’s Report
On a Complete Set of General Purpose Financial Statements) The auditor’s report shall be in writing (hard copy format or an electronic medium).
Introduction Standard Auditor’s Report
At the end of the audit, the auditor shall: The following are the parts of a standard auditor’s report with unqualified opinion without
a) Form an opinion on the financial statements (FSs) based on an evaluation of the conclusions drawn emphasis of matter paragraph and other matter paragraph:
from the audit evidence obtained; and a) Title
b) Express clearly that opinion through a written report that also describes the basis for the opinion. b) Addressee
c) Sub-title (if the report includes “Other Reporting Responsibilities” paragraph in (h))
Auditor’s Opinions d) Introductory Paragraph
e) Management’s Responsibility for the financial statements
Types of Auditor’s Opinions f) Auditor’s Responsibility
g) Auditor’s Opinion
a) Unmodified (unqualified) opinion—The opinion expressed when the FSs are prepared, in all h) Other Reporting Responsibilities, if applicable
material respects, in accordance with the applicable FRF. i) Signature of the Auditor
b) Modified opinion—The three types of are: j) Date of the Auditor’s Report
i. Qualified opinion – the auditor is satisfied that the FSs are presented fairly, except for a specific k) Auditor’s Address
aspect of them.
ii. Adverse opinion – the auditor does not believe the FSs are fairly presented. Title
iii. Disclaimer of opinion – the auditor does not know if the FSs are presented fairly.
The auditor’s report shall have a title that clearly indicates that it is the report of an independent
The table below illustrates how the auditor’s judgment about the affects the type of opinion to be auditor. For example, “Independent Auditor’s Report,” affirms that the auditor has met all of the
expressed. relevant ethical requirements regarding independence and distinguishes the independent auditor’s
report from reports issued by others.
Nature of Matter Giving Rise to the Material but Not Material and Pervasive
Modification Pervasive Addressee
FSs are materially misstated Qualified opinion Adverse opinion
The auditor’s report is normally addressed to those for whom the report is prepared, often either In the Philippines, Securities Regulation Code (SRC) Rule 68 requires that the auditor’s report on FSs
to the shareholders and/or to TCWG of the entity. filed with the Securities and Exchange Commission (SEC), which will likewise be filed with the
Bureau of Internal Revenue (BIR), be manually signed. In case of an auditing firm, the certifying
Introductory Paragraph partner shall sign his/her own signature and shall indicate that he/she is signing for the firm, the
name of which is also indicated in the report. The auditor is also required to state the signing
The introductory paragraph in the auditor’s report shall: accountant’s license number, Tax Identification No. (TIN), Privilege Tax Receipt (PTR) No.,
a) Identify the entity whose FSs have been audited; registration number with the PRC/BOA, and accreditation issued by the SEC.
b) State that the FSs have been audited;
c) Identify the title of each statement comprising the FSs; Date of the Auditor’s Report
d) Refer to the summary of significant accounting policies and other explanatory information; and
e) Specify the date or period covered by each FS comprising the FSs. The auditor’s report shall be dated no earlier than the date on which the auditor has obtained SAAE
on which to base the auditor’s opinion on the FSs, including evidence that:
Management’s Responsibility for the Financial Statements a. All the statements that comprise the FSs, including the related notes, have been prepared; and
b. Those with the recognized authority have asserted that they have taken responsibility for those
This section describes the responsibilities of those in the organization responsible for the FSs and FSs.
internal control relevant to the preparation of FSs that are free from material misstatement,
whether due to fraud or error. The date of the auditor’s report informs the user of the auditor’s report that the auditor has
considered the effect of events and transactions of which the auditor became aware and that
Auditor’s Responsibility occurred up to that date.
This section states that the responsibility of the auditor is to express an opinion on the FSs based In the Philippines, under SRC Rule 68, management is required to submit to the SEC, together with
on the audit. the FSs, a ‘Statement of Management Responsibility’ that indicates, that the company’s Board of
Directors reviewed and approved the FSs before such statements are submitted to the
Auditor’s Opinion stockholders of the company.
This includes a section with the heading “Opinion.” Use the phrase: The financial statements Modifications to Auditor’s Report
present fairly, in all material respects, in accordance with [the applicable financial reporting
framework]. The instances of modifications include when the auditor:
• adds “Emphasis of Matter Paragraph”
Other Reporting Responsibilities • includes “Other of Matter Paragraph”
• provides modified auditor’s opinion
If the auditor addresses other reporting responsibilities (e.g., reportorial requirement of regulatory
authorities) in the auditor’s report on the FSs that are in addition to to report on the FSs, these Emphasis of Matter Paragraph
shall be addressed in a separate section in the auditor’s report that shall be sub-titled “Report on
Other Legal and Regulatory Requirements”. A paragraph included in the auditor’s report that refers to a matter appropriately presented or
disclosed in the FSs, in the auditor’s judgment, is of such importance that it is fundamental to
Signature of the Auditor users’ understanding of the FSs. The auditor can include emphasis of matter paragraph provided
the auditor has obtained SAAE that the matter is not materially misstated in the FSs. The inclusion
The auditor’s report shall be signed. The auditor’s signature is either in the name of the audit firm, of this paragraph in the auditor’s report does not affect the auditor’s opinion.
the personal name of the auditor or both, as appropriate.
When the auditor includes an Emphasis of Matter paragraph in the auditor’s report, the auditor
shall:
• Include it immediately after the Opinion paragraph; Sample of Auditor’s Reports
• Use the heading “Emphasis of Matter,” or other appropriate heading;
• Include in the paragraph a clear reference to the matter being emphasized and to where relevant INDEPENDENT AUDITOR’S REPORT
disclosures that fully describe the matter can be found in the FSs; and
• Indicate that the auditor’s opinion is not modified in respect of the matter emphasized The Board of Directors and Shareholders
Other Matter Paragraph Report on the Financial Statements
A paragraph included in the auditor’s report that refers to a matter other than those presented or We have audited [if disclaimer of opinion, We were engaged to audit] the accompanying financial
disclosed in the FSs that, in the auditor’s judgment, is relevant to users’ understanding of the audit, statements of [Name of Client], which comprise the statements of financial position as at
the auditor’s responsibilities or the auditor’s report. [Reporting Date], 2012 and 2011, and the statements of [comprehensive income, income,
operations, or other appropriate title used in the financial statements], statements of changes in
The auditor shall include this paragraph immediately after the Opinion paragraph and any equity and statements of cash flows for the years then ended, and a summary of significant
Emphasis of Matter paragraph, or elsewhere in the auditor’s report if the content of the Other accounting policies and other explanatory information.
Matter paragraph is relevant to the Other Reporting Responsibilities section.
Management’s Responsibility for the Financial Statements
Modified Auditor’s Opinions
Management is responsible for the preparation and fair presentation of these financial statements
Description of Introductory Paragraph in accordance with [Applicable Financial Reporting Framework], and for such internal control as
• Qualified or Adverse Opinion – No modification made. management determines is necessary to enable the preparation of financial statements that are
• Disclaimer of Opinion – Amend this paragraph of the auditor’s report to state that the auditor was free from material misstatement, whether due to fraud or error.
only engaged (not audited) to audit the FSs.
Auditors’ Responsibility
Description of Auditor’s Responsibility Paragraph
• Qualified or Adverse Opinion – Amend this section to state that the auditor believes that the audit [If qualified opinion or adverse]
evidence the auditor has obtained is sufficient and appropriate to provide a basis for the auditor’s
modified audit opinion. Our responsibility is to express an opinion on these financial statements based on our audits. We
• Disclaimer of Opinion – Amend this section to state only the following: “Our responsibility is to conducted our audits in accordance with Philippine Standards on Auditing. Those standards
express an opinion on the financial statements based on conducting the audit in accordance with require that we comply with ethical requirements and plan and perform the audit to obtain
Philippine Standards on Auditing. Because of the matter(s) described in the Basis for Disclaimer of reasonable assurance about whether the financial statements are free from material misstatement.
Opinion paragraph, however, we were not able to obtain sufficient appropriate audit evidence to
provide a basis for an audit opinion.” An audit involves performing procedures to obtain audit evidence about the amounts and
disclosures in the financial statements. The procedures selected depend on the auditors’
Basis for Modification Paragraph judgment, including the assessment of the risks of material misstatement of the financial
• The auditor shall include additional paragraph on the standard auditor’s report immediately before statements, whether due to fraud or error. In making those risk assessments, the auditors consider
the opinion paragraph, and use the heading “Basis for Qualified Opinion,” “Basis for Adverse internal control relevant to the entity’s preparation and fair presentation of the financial
Opinion,” or “Basis for Disclaimer of Opinion,” as appropriate. statements in order to design audit procedures that are appropriate in the circumstances, but not
for the purpose of expressing an opinion on the effectiveness of the entity’s internal control. An
Opinion Paragraph audit also includes evaluating the appropriateness of accounting policies used and the
reasonableness of accounting estimates made by management, as well as evaluating the overall
• The auditor shall use the heading “Qualified Opinion,” “Adverse Opinion,” or “Disclaimer of
presentation of the financial statements.
Opinion,” as appropriate, for the opinion paragraph.
We believe that the audit evidence we have obtained is sufficient and appropriate to provide a presentation of financial statements on a going concern basis. Had the financial statements been
basis for our [qualified or adverse, as appropriate] audit opinion. prepared on a liquidation basis of accounting, we believe that it would have had a significant
negative effect on the company’s financial position and financial performance.
[If disclaimer of opinion] Adverse Opinion
Our responsibility is to express an opinion on these financial statements based on conducting the Adverse Opinion
audit in accordance with Philippine Standards on Auditing. Because of the matter described in the
Basis for Disclaimer of Opinion paragraph, however, we were not able to obtain sufficient In our opinion, because of the significance of the matter discussed in the basis for adverse opinion
appropriate audit evidence to provide a basis for an audit opinion. paragraph, the financial statements do not present fairly, in all material respects the financial
position [Name of Client] as of [Reporting Date], 2012 and 2011, and of its financial performance
Opinion [If unqualified/unmodified opinion] and its cash flows for the years then ended in accordance with Philippine Financial Reporting
Standards.
In our opinion, the financial statements present fairly, in all material respects, the financial position
of [Name of Client] as at [Reporting Date], 2012 and 2011, and its financial performance and its [If disclaimer of opinion]
cash flows for the years then ended in accordance with [Applicable financial reporting framework].
Basis for Disclaimer of Opinion
[If qualified opinion]
The company’s investment in its joint venture XYZ (Country X) Company is carried at xxx on the
Basis for Qualified Opinion company’s statement of financial position, which represents over 90% of the company’s net assets
as at December 31, 2012. We were not allowed access to the management and the auditors of XYZ,
The Company’s inventories are recognized in the statement of financial position at P16 million including XYZ’s auditors’ audit documentation. As a result, we were unable to determine whether
Based on the audit evidence obtained, we believe that an adjustment to inventories of P5 million is any adjustments were necessary in respect of the company’s proportional share of XYZ’s assets
required to recognize slow moving items at their net realized value. The tax effect of this that it controls jointly, its proportional share of XYZ’s liabilities for which it is jointly responsible, its
adjustment is P1.5 million. Accordingly, we believe that shareholders’ equity and profit for the year proportional share of XYZ’s income and expenses for the year, and the elements making up the
are overstated by P3.5 million respectively.] statement of changes in equity and statement of cash flow.
Qualified Opinion Disclaimer of Opinion
In our opinion, except for the effects of the matters descried in the basis for qualified opinion Because of the significance of the matter described in the Basis for Disclaimer of Opinion
paragraph, the financial statements present fairly, in all material respects, the financial position of paragraph, we have not been able to obtain sufficient appropriate audit evidence to provide a basis
[Name of Client] as of [Reporting Date], 2012 and 2011, and its financial performance and its cash for an audit opinion. Accordingly, we do not express an opinion on the financial statements.
flows for the years ended in accordance with Philippine Financial Reporting Standards.
[If with emphasis of a matter]
[If adverse opinion]
Emphasis of Matter
Basis for Adverse Opinion
We draw attention to Note X to the financial statements, which appropriately describe the
As discussed in Note X to the financial statements, the Company’s financing arrangements expired significant uncertainty related to the outcome of a lawsuit in which the company is the defendant.
and the amount outstanding was payable on December 31, 20XI. The company has been unable to The lawsuit alleges infringement of certain patent right and claims royalties and punitive damages
re-negotiate or obtain replacement financing and is considering filling for bankruptcy. Based on in the amount of P10 million to the outcome of the lawsuit, the company believes that it will be
the audit evidence obtained, we believe that the company will not be able to meet its obligations in able to successfully defend its case and, accordingly, no provision for any liability that may result
the ordinary course of business. Accordingly, we do not agree with management’s preparation and
has been recognized in the financial statements. Our opinion is not qualified in respect of this a) Corresponding figures –comparative information where amounts and other disclosures for the
matter. prior period are included as an integral part of the current period FSs, and are intended to be read
only in relation to the amounts and other disclosures relating to the current period (referred to as
Report on Other Legal and Regulatory Requirements “current period figures”). The level of detail presented in the corresponding amounts and
disclosures is dictated primarily by its relevance to the current period figures; and
[NAME OF AUDITING FIRM] b) Comparative FSs –comparative information where amounts and other disclosures for the prior
BOA Registration No. period are included for comparison with the FSs of the current period but, if audited, are referred to
SEC Accreditation No. in the auditor’s opinion. The level of information included in those comparative FSs is comparable
TIN with that of the FSs of the current period.
By: Audit Procedures
[NAME OF PARTNER] The auditor shall evaluate whether:

Partner a) The comparative information agrees with the amounts and other disclosures presented in the prior
CPA License No. period or, when appropriate, have been restated; and
SEC A.N. b) The accounting policies reflected in the comparative information are consistent with those applied
TIN in the current period or, if there have been changes in accounting policies, whether those changes
BIR AN. have been properly accounted, presented and disclosed.
PTR No., Issued on [Date, Place of Issue]
Makati City, Philippines If the auditor becomes aware of a possible material misstatement in the comparative information
[Date of Auditors’ Report] while performing the current period audit, the auditor shall perform such additional audit
procedures necessary to obtain SAAE, including requesting written representations for all periods
referred to in the auditor’s opinion.
Supplementary Information Presented with the Financial Statements
Audit Reporting
Supplementary information – information that is presented together with the FSs that is not
required by the applicable FRF used to prepare the FSs, normally presented in either The essential audit reporting differences between the approaches are:
supplementary schedules or as additional notes. a) For corresponding figures, the auditor’s opinion on the FSs refers to the current period only;
whereas
The auditor shall evaluate whether such supplementary information is clearly differentiated from b) For comparative FSs, the auditor’s opinion refers to each period for which FSs are presented.
the audited FSs. If such supplementary information is not clearly differentiated, the auditor shall
ask management to change how the unaudited supplementary information is presented. If Corresponding figures
management refuses to do so, the auditor shall explain in the auditor’s report that such
supplementary information has not been audited. The fact that supplementary information is The auditor’s opinion shall not refer to the corresponding figures because the auditor’s opinion is
unaudited does not relieve the auditor of the responsibility to read that information to identify on the current period FSs includes corresponding figures, except:
material inconsistencies with the audited financial statements. a) Modification in auditor’s report on the prior period remain unresolved
b) Misstatement in prior period FSs
Comparative Information c) Prior period FSs not audited
d) Prior period FSs audited by a predecessor auditor
The two broad approaches to the auditor’s reporting responsibilities in respect of comparative
information are: Modification in auditor’s report on the prior period remain unresolved
The auditor shall modify the auditor’s opinion on the current period’s FSs. In addition to expressing an opinion on the current period’s FSs, the auditor shall state in an Other
Matter paragraph:
Misstatement in prior period FSs a) that the FSs of the prior period were audited by a predecessor auditor;
b) the type of opinion expressed and, if the opinion was modified, the reasons therefore; and
If the auditor obtains audit evidence that a material misstatement exists in the prior period FSs on c) the date of that report,
which an unmodified opinion has been previously issued, and the corresponding figures have not unless the predecessor auditor’s report on the prior period’s FSs is reissued with the FSs.
been properly restated, the auditor shall express a qualified opinion or an adverse opinion in the
auditor’s report on the current period FSs. Prior Period Financial Statements Not Audited
When the prior period FSs that are misstated have not been amended and an auditor’s report has If the prior period FSs were not audited, the auditor shall state in an Other Matter paragraph that
not been reissued, but the corresponding figures have been properly restated or appropriate the comparative FSs are unaudited.
disclosures have been made in the current period FSs, the auditor’s report may include an
Emphasis of Matter paragraph.
Prior period FSs not audited Other Information in Documents Containing Audited Financial Statements
The auditor shall state in an Other Matter paragraph in the auditor’s report that the corresponding Other information refers to financial and non-financial information (other than the FSs and the
figures are unaudited. auditor’s report thereon) which is included, either by law, regulation or custom, in a document
containing audited FSs and the auditor’s report thereon. Other information may comprise, for
Prior period FSs audited by a predecessor auditor example:
• A report by management or TCWG on operations.
The auditor shall state (if nor prohibited by law to do so) in an Other Matter paragraph in the • Financial summaries or highlights.
auditor’s report: • Employment data.
a) That the FSs of the prior period were audited by the predecessor auditor; • Planned capital expenditures.
b) The type of opinion expressed and, if the opinion was modified, the reasons therefore; and • Financial ratios.
c) The date of that report. • Names of officers and directors.
• Selected quarterly data.
Comparative financial statements
“Documents containing audited FSs” refers to annual reports (or similar documents), that are
The auditor’s opinion shall refer to each period for which FSs are presented on which an audit issued to owners (or similar stakeholders), containing audited FSs and the auditor’s report, as well
opinion is expressed. as other documents containing audited FSs, such as those used in securities offerings.
Opinion on Prior Period FSs Different from Previous Opinion The auditor’s opinion does not cover other information and the auditor has no specific
responsibility for determining whether or not other information is properly stated. However, the
The opinion expressed on the prior period FSs may be different from the opinion previously auditor reads the other information because the credibility of the audited FSs and the auditor’s
expressed if the auditor becomes aware of circumstances or events that materially affect the FSs of report may be undermined by material inconsistencies between the audited FSs and other
a prior period during the course of the audit of the current period. The auditor shall disclose the information.
substantive reasons for the different opinion in an Other Matter paragraph.
Material Inconsistencies
Prior Period FSs Audited by a Predecessor Auditor
If, on reading the other information, the auditor identifies a material inconsistency, the auditor
shall determine whether the audited FSs or the other information needs to be revised.
Audit of Financial Statements Prepared in Accordance with Special Purpose Framework
Material Inconsistencies Identified in Other Information Obtained Prior to the Date of the Auditor’s
Report Introduction
If revision of the audited FSs is necessary and management refuses to make the revision, the Special purpose FSs are FSs prepared in accordance with a special purpose framework designed to
auditor shall modify the opinion in the auditor’s report. meet the financial information needs of specific users.
If revision of the other information is necessary and management refuses to make the revision, the Examples of special purpose frameworks are:
auditor shall communicate this matter to TCWG; and • A tax basis of accounting for a set of FSs that accompany an entity’s tax return;
a) Include in the auditor’s report an Other Matter paragraph describing the material inconsistency. • The cash receipts and disbursements basis of accounting for cash flow information that an entity
b) Withhold the auditor’s report. may be requested to prepare for creditors;
c) Withdraw from the engagement, if possible. • The financial reporting provisions established by a regulator to meet the requirements of that
d) Seek advice from the auditor’s legal counsel. regulator such as SEC, BSP or IC; or
• The financial reporting provisions of a contract, such as a bond indenture, or a project grant.
Material Inconsistencies Identified in Other Information Obtained Subsequent to the Date of the
Auditor’s Report The financial reporting framework (FRF) must be acceptable. The financial information needs of the
intended users are a key factor in determining the acceptability of the FRF and is a matter of
If revision of the audited FSs is necessary, the auditor shall follow the relevant requirements in professional judgment.
“Subsequent Events”.
The auditor shall comply with (a) relevant ethical requirements, including independence and (b) all
If revision of the other information is necessary and management agrees to make the revision, the PSAs relevant to the audit.
auditor shall carry out the procedures necessary under the circumstances, which may include
reviewing the steps taken by management to ensure that individuals in receipt of the previously Forming an Opinion and Reporting Considerations
issued FSs, the auditor’s report thereon, and the other information are informed of the revision.
Description of the applicable financial reporting framework:
If revision of the other information is necessary, but management refuses to make the revision, the a) The auditor’s report shall also describe the purpose for which the FSs are prepared and, if
auditor shall notify TCWG of the auditor’s concern regarding the other information and take any necessary, the intended users, or refer to a note in the special purpose FSs that contains that
further appropriate action, which may include obtaining advice from the auditor’s legal counsel. information; and
b) If management has a choice of financial reporting frameworks in the preparation of such FSs, the
Material Misstatements of Fact explanation of management’s responsibility for the FSs shall also make reference to its
responsibility for determining that the applicable financial reporting framework is acceptable in the
If, on reading the other information for the purpose of identifying material inconsistencies, the circumstances.
auditor becomes aware of an apparent material misstatement of fact, the auditor shall discuss the
matter with management. Misstatement of fact occurs when other information that is unrelated to The auditor’s report shall include an Emphasis of Matter paragraph alerting users of the auditor’s
matters appearing in the audited FSs that is incorrectly stated or presented. A material report that the FSs are prepared in accordance with a special purpose framework and that, as a
misstatement of fact may undermine the credibility of the document containing audited FSs. result, the FSs may not be suitable for another purpose. In addition to the above, the auditor may
consider it appropriate to indicate that the auditor’s report is intended solely for the specific users.
If the auditor concludes that there is a material misstatement of fact in the other information
which management refuses to correct, the auditor shall notify TCWG of the auditor’s concern and INDEPENDENT AUDITOR’S REPORT
take any further appropriate action, which may include obtaining advice from the auditor’s legal
counsel. [Appropriate Addressee]
We have audited the accompanying financial statements of ABC Company, which comprise the Without modifying our opinion, we draw attention to Note X to the financial statements, which
balance sheet as at December 31, 20X1, and the income statement, statement of changes in equity describes the basis of accounting. The financial statements are prepared to assist ABC Company to
and cash flow statement for the year then ended, and a summary of significant accounting policies comply with the financial reporting provisions of the contract referred to above. As a result, the
and other explanatory information. The financial statements have been prepared by management financial statements may not be suitable for another purpose. Our report is intended solely for ABC
of ABC Company based on the financial reporting provisions of Section Z of the contract dated Company and DEF Company and should not be distributed to or used by parties other than ABC
January 1, 20X1 between ABC Company and DEF Company (“the contract”). Company or DEF Company.
Management’s Responsibility for the Financial Statements [Auditor’s signature]
Management is responsible for the preparation of these financial statements in accordance with [Date of the auditor’s report]
the financial reporting provisions of Section Z of the contract; this includes the design,
implementation and maintenance of internal control relevant to the preparation of financial [Auditor’s address]
statements that are free from material misstatement, whether due to fraud or error.
Audits of Single Financial Statements and Specific Elements, Accounts or Items of a Financial
Auditor’s Responsibility Statement
Our responsibility is to express an opinion on these financial statements based on our audit. We Introduction
conducted our audit in accordance with Philippine Standards on Auditing. Those standards require
that we comply with ethical requirements and plan and perform the audit to obtain reasonable “Element of a financial statement” or “element” means an “element, account or item of a financial
assurance about whether the financial statements are free from material misstatement. statement.” Examples of Specific Elements, Accounts or Items of a Financial Statement
• Accounts receivable, allowance for doubtful accounts receivable, inventory, including related
An audit involves performing procedures to obtain audit evidence about the amounts and notes.
disclosures in the financial statements. The procedures selected depend on the auditor’s judgment, • A schedule of externally managed assets and income of a private pension plan, including related
including the assessment of the risks of material misstatement of the financial statements, whether notes.
due to fraud or error. In making those risk assessments, the auditor considers internal control • A schedule of disbursements in relation to a lease property, including explanatory notes.
relevant to the entity’s preparation of the financial statements in order to design audit procedures • A schedule of profit participation or employee bonuses, including explanatory notes.
that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the
effectiveness of the entity’s internal control. An audit also includes evaluating the appropriateness Considerations When Accepting the Engagement
of accounting policies used and the reasonableness of accounting estimates made by management,
as well as evaluating the overall presentation of the financial statements. The auditor shall comply with relevant ethical requirements, including independence and all PSAs
relevant to the audit.
We believe that the audit evidence we have obtained is sufficient and appropriate to provide a
basis for our audit opinion. If the auditor is not also engaged to audit the entity’s complete set of financial statements, the
auditor shall determine whether the audit of a single financial statement or of a specific element of
Opinion those financial statements in accordance with PSAs is practicable.
In our opinion, the financial statements of ABC Company for the year ended December 31, 20X1 Form of opinion
are prepared, in all material respects, in accordance with the financial reporting provisions of
Section Z of the contract. The auditor’s decision as to the expected form of opinion is a matter of professional judgment. It
may be affected by whether use of the phrase “presents fairly, in all material respects” in the
Basis of Accounting and Restriction on Distribution and Use auditor’s opinion on a single financial statement or on a specific element of a financial statement
prepared in accordance with a fair presentation framework is generally accepted in the particular determines is necessary to enable the preparation of the financial statement that is free from
jurisdiction. material misstatement, whether due to fraud or error.
Forming an Opinion and Reporting Considerations Auditor’s Responsibility
If the auditor undertakes an engagement to report on a single financial statement or on a specific Our responsibility is to express an opinion on the financial statement based on our audit. We
element of a financial statement in conjunction with an engagement to audit the entity’s complete conducted our audit in accordance with Philippine Standards on Auditing. Those standards require
set of financial statements, the auditor shall express a separate opinion for each engagement. that we comply with ethical requirements and plan and perform the audit to obtain reasonable
assurance about whether the financial statement is free from material misstatement.
If the auditor concludes that it is necessary to express an adverse opinion or disclaim an opinion
on the entity’s complete set of financial statements as a whole, PSA 705 does not permit the An audit involves performing procedures to obtain audit evidence about the amounts and
auditor to include in the same auditor’s report an unmodified opinion on a single financial disclosures in the financial statement. The procedures selected depend on the auditor’s judgment,
statement that forms part of those financial statements or on a specific element that forms part of including the assessment of the risks of material misstatement of the financial statement, whether
those financial statements. This is because such an unmodified opinion would contradict the due to fraud or error. In making those risk assessments, the auditor considers internal control
adverse opinion or disclaimer of opinion on the entity’s complete set of financial statements as a relevant to the entity’s preparation and fair presentation of the financial statement in order to
whole. design audit procedures that are appropriate in the circumstances, but not for the purpose of
expressing an opinion on the effectiveness of the entity’s internal control. An audit also includes
If the auditor concludes that it is necessary to express an adverse opinion or disclaim an opinion evaluating the appropriateness of accounting policies used and the reasonableness of accounting
on the entity’s complete set of financial statements as a whole but, in the context of a separate estimates, if any, made by management, as well as evaluating the overall presentation of the
audit of a specific element that is included in those financial statements, the auditor nevertheless financial statement.
considers it appropriate to express an unmodified opinion on that element, the auditor shall only
do so if: We believe that the audit evidence we have obtained is sufficient and appropriate to provide a
a) The auditor is not prohibited by law or regulation from doing so; basis for our audit opinion.
b) That opinion is expressed in an auditor’s report that is not published together with the auditor’s Opinion
report containing the adverse opinion or disclaimer of opinion; and
c) The specific element does not constitute a major portion of the entity’s complete set of financial In our opinion, the financial statement presents fairly, in all material respects, the financial position
statements. of ABC Company as at December 31, 20X1 in accordance with those requirements of the Financial
Reporting Framework in Jurisdiction X relevant to preparing such a financial statement.
INDEPENDENT AUDITOR’S REPORT
[Auditor’s signature]
[Appropriate Addressee]
[Date of the auditor’s report]
We have audited the accompanying balance sheet of ABC Company as at December 31, 20X1 and a
summary of significant accounting policies and other explanatory information (together “the [Auditor’s address]
financial statement”).
Engagements to Report on Summary Financial Statements
Management’s Responsibility for the Financial Statement
Introduction
Management is responsible for the preparation and fair presentation of this financial statement in
accordance with those requirements of the Financial Reporting Framework in Jurisdiction X Summary FSs refer to historical financial information that is derived from FSs but that contains less
relevant to preparing such a financial statement, and for such internal control as management detail than the FSs, while still providing a structured representation consistent with that provided
by the FSs of the entity’s economic resources or obligations at a point in time or the changes a) The date on which the auditor has obtained sufficient appropriate evidence on which to base the
therein for a period of time. opinion, including evidence that the summary FSs have been prepared and those with the
recognized authority have asserted that they have taken responsibility for them; and
Engagement Acceptance b) The date of the auditor’s report on the audited FSs.
Restriction on Distribution or Use or Alerting Readers to the Basis of Accounting
The auditor shall accept an engagement to report on summary FSs only when the auditor has been
engaged to conduct an audit of the FSs from which the summary FSs are derived. When distribution or use of the auditor’s report on the audited FSs is restricted, or the auditor’s
report on the audited FSs alerts readers that the audited financial statements are prepared in
Form of Opinion accordance with a special purpose framework, the auditor shall include a similar restriction or alert
in the auditor’s report on the summary FSs.
When the auditor has concluded that an unmodified opinion on the summary FSs is appropriate,
the auditor’s opinion shall use one of the following phrases: REPORT OF THE INDEPENDENT AUDITOR ON THE SUMMARY FINANCIAL STATEMENTS
a) The summary FSs are consistent, in all material respects, with the audited FSs, in accordance with
[the applied criteria]; or [Appropriate Addressee]
b) The summary FSs are a fair summary of the audited FSs, in accordance with [the applied criteria].
The accompanying summary financial statements, which comprise the summary balance sheet as
When the auditor’s report on the audited FSs contains a qualified opinion, an Emphasis of Matter at December 31, 20X1, the summary income statement, summary statement of changes in equity
paragraph, or an Other Matter paragraph, but the auditor is satisfied that the summary FSs are and summary cash flow statement for the year then ended, and related notes, are derived from the
consistent, in all material respects, with or are a fair summary of the audited FSs, in accordance audited financial statements of ABC Company for the year ended December 31, 20X1. We
with the applied criteria, the auditor’s report on the summary FSs shall: expressed an unmodified audit opinion on those financial statements in our report dated February
a) State that the auditor’s report on the audited FSs contains a qualified opinion, an Emphasis of 15, 20X2. Those financial statements, and the summary financial statements, do not reflect the
Matter paragraph, or an Other Matter paragraph; and effects of events that occurred subsequent to the date of our report on those financial statements.
b) Describe:
i. The basis for the qualified opinion on the audited FSs, and that qualified opinion; or the Emphasis The summary financial statements do not contain all the disclosures required by [describe financial
of Matter or the Other Matter paragraph in the auditor’s report on the audited FSs; and reporting framework applied in the preparation of the audited financial statements of ABC
ii. The effect thereof on the summary FSs, if any. Company]. Reading the summary financial statements, therefore, is not a substitute for reading the
audited financial statements of ABC Company.
When the auditor’s report on the audited FSs contains an adverse opinion or a disclaimer of
opinion, the auditor’s report on the summary FSs shall Management’s Responsibility for the Summary Financial Statements
a) State that the auditor’s report on the audited FSs contains an adverse opinion or disclaimer of
opinion; Management is responsible for the preparation of a summary of the audited financial statements in
b) Describe the basis for that adverse opinion or disclaimer of opinion; and accordance with [describe established criteria].
c) State that, as a result of the adverse opinion or disclaimer of opinion, it is inappropriate to express
an opinion on the summary FSs. Auditor’s Responsibility
If the summary FSs are not consistent, in all material respects, with or are not a fair summary of the Our responsibility is to express an opinion on the summary financial statements based on our
audited FSs, the auditor shall express an adverse opinion on the summary FSs. procedures, which were conducted in accordance with Philippine Standard on Auditing (PSA) 810,
“Engagements to Report on Summary Financial Statements.”
The Date of the Auditor’s Report
Opinion
The auditor shall date the auditor’s report no earlier than:
In our opinion, the summary financial statements derived from the audited financial statements of The practitioner should plan the work so that an effective engagement will be performed. In
ABC Company for the year ended December 31, 20X1 are consistent, in all material respects, with planning a review of financial statements, the practitioner should obtain or update the knowledge
(or a fair summary of) those financial statements, in accordance with [describe established criteria]. of the business.
[Auditor’s signature] Documentation
[Date of the auditor’s report] The practitioner should document matters which are important in providing evidence to support
the review report, and evidence.
[Auditor’s address]
Procedures and Evidence
REVIEW, OTHER ASSURANCE SERVICES, AND RELATED SERVICES
The practitioner should apply judgment in determining the specific nature, timing and extent of
Review Engagements review procedures, which are primarily through inquiry and analytical procedures to obtain
sufficient appropriate evidence and to be able to draw conclusions.
The objective of a review of FSs is to enable a practitioner to state whether, on the basis of
procedures which do not provide all the evidence that would be required in an audit, anything has The practitioner should apply the same materiality considerations as would be applied if an audit
come to the practitioner’s attention that causes the practitioner to believe that the FSs are not opinion on the FSs were being given.
prepared, in all material respects, in accordance with the applicable financial reporting framework
(negative assurance). The practitioner should inquire about events subsequent to the date of the FSs that may require
adjustment of or disclosure in the FSs. The practitioner does not have any responsibility to perform
A review engagement provides a moderate level of assurance. procedures to identify events occurring after the date of the review report.
The practitioner should comply with the Code of Ethics general principles, such as: If the practitioner has reason to believe that the information subject to review may be materially
a) Independence; misstated, the practitioner should carry out additional or more extensive procedures as are
b) Integrity; necessary to be able to express negative assurance or to confirm that a modified report is required.
c) Objectivity;
d) Professional competence and due care; Conclusions and Reporting
e) Confidentiality;
f) Professional behavior; and The review report should contain a clear written expression of negative assurance.
g) Technical standards.
The report on a review of FSs should contain the following basic elements, ordinarily in the
The practitioner should conduct a review in accordance with PSRE 2400. following layout:
a) Title;
The practitioner should plan and perform the review with an attitude of professional skepticism. b) Addressee;
c) Opening or introductory paragraph i
Terms of engagement d) Scope paragraph
e) Statement of negative assurance;
The practitioner and the client should agree on the terms of the engagement. f) Date of the report;
g) Practitioner’s address; and
Planning h) Practitioner’s signature.
The review report should:

a) State that nothing has come to the practitioner’s attention based on the review that causes the Address
practitioner to believe the FSs are not presented fairly, in all material respects, in accordance with
the applicable financial reporting framework; or Examination of Prospective Financial Information
b) If matters have come to the practitioner’s attention, describe those matters that impair a fair
presentation, in all material respects, in accordance with the applicable financial reporting Introduction
framework, including, unless impracticable, a quantification of the possible effect(s) on the FSs, and
either: “Prospective financial information” means financial information based on assumptions about
i. Express a qualification of the negative assurance provided; or events that may occur in the future and possible actions by an entity. It is highly subjective in
ii. When the effect of the matter is so material and pervasive, give an adverse opinion; or nature and its preparation requires the exercise of considerable judgment. Prospective financial
c) If there has been a material scope limitation, describe the limitation and either: information can be in the form of:
i. Express a qualification of the negative assurance; or • a forecast,
ii. When the possible effect of the limitation is so significant and pervasive that the practitioner • a projection or
concludes that no level of assurance can be provided, not provide any assurance. • a combination of both, for example, a one year forecast plus a five year projection.
The practitioner should date the review report as of the date the review is completed. A “forecast” means prospective financial information prepared on the basis of assumptions as to
future events which management expects to take place and the actions management expects to
SAMPLE UNQUALIFIED REVIEW REPORT take as of the date the information is prepared (best-estimate assumptions).
REVIEW REPORT TO ..... A “projection” means prospective financial information prepared on the basis of:
a) Hypothetical assumptions about future events and management actions which are not necessarily
We have reviewed the accompanying financial statements of ABC Company, which comprise the expected to take place, such as when some entities are in a start-up phase or are considering a
statement of financial position as at December 31, 19XX, and the statement of comprehensive major change in the nature of operations; or
income, statement of changes in equity and statement of cash flows for the year then ended. These b) A mixture of best-estimate and hypothetical assumptions.
financial statements are the responsibility of the Company’s management. Our responsibility is to Such information illustrates the possible consequences as of the date the information is prepared if
issue a report on these financial statements based on our review. the events and actions were to occur (a “what-if” scenario).
We conducted our review in accordance with the Philippine Standard on Review Engagements Management is responsible for the preparation and presentation of the prospective financial
2400. This Standard requires that we plan and perform the review to obtain moderate assurance as information, including the identification and disclosure of the assumptions on which it is based. The
to whether the financial statements are free of material misstatement. A review is limited primarily auditor may be asked to examine and report on the prospective financial information to enhance
to inquiries of company personnel and analytical procedures applied to financial data and thus its credibility whether it is intended for use by third parties or for internal purposes.
provides less assurance than an audit. We have not performed an audit and, accordingly, we do not
express an audit opinion. The Auditor’s Assurance
Based on our review, nothing has come to our attention that causes us to believe that the When reporting on the reasonableness of management’s assumptions the auditor provides only a
accompanying financial statements are not presented fairly, in all material respects, in accordance moderate level of assurance. However, when in the auditor’s judgment an appropriate level of
with Philippine Financial Reporting Standards (or Philippine Financial Reporting Standard for Small satisfaction has been obtained, the auditor is not precluded from expressing positive assurance
and Medium-sized Entities). regarding the assumptions.
PRACTITIONER Acceptance of Engagement
Date Before accepting an engagement to examine prospective financial information, the auditor would
consider, amongst other things:
• The intended use of the information; example would be where financial information fails to disclose adequately the consequences of any
• Whether the information will be for general or limited distribution; assumptions which are highly sensitive.
• The nature of the assumptions, that is, whether they are best-estimate or hypothetical
assumptions; When the examination is affected by conditions that preclude application of one or more
• The elements to be included in the information; and procedures considered necessary in the circumstances, the auditor should either withdraw from
• The period covered by the information. the engagement or disclaim the opinion and describe the scope limitation in the report on the
prospective financial information.
The auditor should not accept, or should withdraw from, an engagement when the assumptions
are clearly unrealistic or when the auditor believes that the prospective financial information will The following is an example of an extract from an unmodified report on a forecast:
be inappropriate for its intended use.
We have examined the forecast in accordance with Philippine Standard on Assurance
The auditor and the client should agree on the terms of the engagement. Engagements. Management is responsible for the forecast including the assumptions set out in
Note X on which it is based.
Knowledge of the Business
Based on our examination of the evidence supporting the assumptions, nothing has come to our
The auditor should obtain a sufficient level of knowledge of the business to be able to evaluate attention which causes us to believe that these assumptions do not provide a reasonable basis for
whether all significant assumptions required for the preparation of the prospective financial the forecast. Further, in our opinion the forecast is properly prepared on the basis of the
information have been identified. assumptions and is presented in accordance with Philippine Financial Reporting Standards.
Period Covered Actual results are likely to be different from the forecast since anticipated events frequently do not
occur as expected and the variation may be material.
The auditor should consider the period of time covered by the prospective financial information.
Since assumptions become more speculative as the length of the period covered increases, as that
period lengthens, the ability of management to make best-estimate assumptions decreases. The following is an example of an extract from an unmodified report on a projection:
Examination Procedures We have examined the projection in accordance Philippine Standard on Assurance Engagements.
Management is responsible for the projection including the assumptions set out in Note X on which
When determining the nature, timing and extent of examination procedures, the auditor’s it is based.
considerations should include:
a) The likelihood of material misstatement; This projection has been prepared for (describe purpose). As the entity is in a start-up phase the
b) The knowledge obtained during any previous engagements; projection has been prepared using a set of assumptions that include hypothetical assumptions
c) Management’s competence regarding the preparation of prospective financial information; about future events and management’s actions that are not necessarily expected to occur.
d) The extent to which the prospective financial information is affected by the management’s Consequently, readers are cautioned that this projection may not be appropriate for purposes
judgment; and other than that described above.
e) The adequacy and reliability of the underlying data.
Based on our examination of the evidence supporting the assumptions, nothing has come to our
Report on Examination of Prospective Financial Information attention which causes us to believe that these assumptions do not provide a reasonable basis for
the projection, assuming that (state or refer to the hypothetical assumptions). Further, in our
When the auditor believes that the presentation and disclosure of the prospective financial opinion the projection is properly prepared on the basis of the assumptions and is presented in
information is not adequate, the auditor should express a qualified or adverse opinion in the report accordance with Philippine Financial Reporting Standards.
on the prospective financial information, or withdraw from the engagement as appropriate. An
Even if the events anticipated under the hypothetical assumptions described above occur, actual • A statement that the distribution of the report of factual findings would be restricted to the
results are still likely to be different from the projection since other anticipated events frequently specified parties who have agreed to the procedures to be performed.
do not occur as expected and the variation may be material.
Planning
Agreed-upon Procedures Engagements
The auditor should plan the work so that an effective engagement will be performed.
Introduction
Documentation
The objective of an agreed-upon procedures engagement is for the auditor to carry out procedures
of an audit nature to which the auditor and the entity and any appropriate third parties have The auditor should document matters which are important in providing evidence to support the
agreed and to report on factual findings. report of factual findings, and evidence that the engagement was carried out in accordance with
this PSRS and the terms of the engagement.
An engagement to perform agreed-upon procedures may involve the auditor in performing certain
procedures concerning individual items of financial data (for example, accounts payable, accounts Procedures and Evidence
receivable, purchases from related parties and sales and profits of a segment of an entity), a
financial statement (for example, a balance sheet) or even a complete set of financial statements. The auditor should carry out the procedures agreed upon and use the evidence obtained as the
basis for the report of factual findings.
As the auditor simply provides a report of the factual findings of agreed-upon procedures, no
assurance is expressed. Instead, users of the report assess for themselves the procedures and The procedures applied in an engagement to perform agreed-upon procedures may include the
findings reported by the auditor and draw their own conclusions from the auditor’s work. following:
• Inquiry and analysis.
The report is restricted to those parties that have agreed to the procedures to be performed since • Recomputation, comparison and other clerical accuracy checks.
others, unaware of the reasons for the procedures, may misinterpret the results. • Observation.
• Inspection.
General Principles of an Agreed-Upon Procedures Engagement • Obtaining confirmations.
The auditor should comply with the Code of Ethics general principles, such as: Reporting
a. Integrity;
b. Objectivity; The report on an agreed-upon procedures engagement needs to describe the purpose and the
c. Professional competence and due care; agreed-upon procedures of the engagement in sufficient detail to enable the reader to understand
d. Confidentiality; the nature and the extent of the work performed.
e. Professional behavior; and
f. Technical standards. Illustration of a Report of Factual Findings in Connection with Accounts Payable
The auditor should conduct an agreed-upon procedures engagement in accordance with this PSRS REPORT OF FACTUAL FINDINGS
and the terms of the engagement.
To (those who engaged the auditor)
Defining the Terms of the Engagement
We have performed the procedures agreed with you and enumerated below with respect to the
Matters that would be included in the engagement letter include the following: accounts payable of ABC Company as at (date), set forth in the accompanying schedules (not
• A listing of the procedures to be performed as agreed upon between the parties. shown in this example). Our engagement was undertaken in accordance with the Philippine
Standard on Related Services. The procedures were performed solely to assist you in evaluating Date
the validity of the accounts payable and are summarized as follows:
1. We obtained and checked the addition of the trial balance of accounts payable as at (date) Address
prepared by ABC Company, and we compared the total to the balance in the related general ledger
account. Compilation Engagements
2. We compared the attached list (not shown in this example) of major suppliers and the amounts
owing at (date) to the related names and amounts in the trial balance. Introduction
3. We obtained suppliers’ statements or requested suppliers to confirm balances owing at (date).
4. We compared such statements or confirmations to the amounts referred to in 2. For amounts A compilation engagement would ordinarily include the preparation of financial statements (which
which did not agree, we obtained reconciliations from ABC Company. For reconciliations obtained, may or may not be a complete set of financial statements) but may also include the collection,
we identified and listed outstanding invoices, credit notes and outstanding checks, each of which classification and summarization of other financial information.
was greater than Pxxx. We located and examined such invoices and credit notes subsequently
received and checks subsequently paid and we ascertained that they should in fact have been listed The objective of a compilation engagement is for the accountant to use accounting expertise, as
as outstanding on the reconciliations. opposed to auditing expertise, to collect, classify and summarize financial information. This
ordinarily entails reducing detailed data to a manageable and understandable form without a
We report our findings below: requirement to test the assertions underlying that information. The procedures employed are not
a) With respect to item 1 we found the addition to be correct and the total amount to be in designed and do not enable the accountant to express any assurance on the financial information.
agreement. However, users of the compiled financial information derive some benefit as a result of the
b) With respect to item 2 we found the amounts compared to be in agreement. accountant's involvement because the service has been performed with professional competence
c) With respect to item 3 we found there were suppliers’ statements for all such suppliers. and due care.
d) With respect to item 4 we found the amounts agreed, or with respect to amounts which did not
agree, we found ABC Company had prepared reconciliations and that the credit notes, invoices and General Principles of a Compilation Engagement
outstanding checks over Pxxx were appropriately listed as reconciling items with the following
exceptions: The accountant should comply with the Code of Professional Ethics general principles, such as:
a) integrity;
(Detail the exceptions) b) objectivity;
c) professional competence and due care;
Because the above procedures do not constitute either an audit or a review made in accordance d) confidentiality;
with Philippine Standards on Auditing, we do not express any assurance on the accounts payable as e) professional behavior; and
of (date). f) technical standards.
Had we performed additional procedures or had we performed an audit or review of the financial Defining the Terms of the Engagement
statements in accordance with Philippine Standards on Auditing, other matters might have come to
our attention that would have been reported to you. An engagement letter confirms the accountant's acceptance of the appointment and helps avoid
misunderstanding regarding such matters as the objectives and scope of the engagement, the
Our report is solely for the purpose set forth in the first paragraph of this report and for your extent of the accountant's responsibilities and the form of reports to be issued.
information and is not to be used for any other purpose or to be distributed to any other parties.
This report relates only to the accounts and items specified above and does not extend to any Planning
financial statements of ABC Company, taken as a whole.
The accountant should plan the work so that an effective engagement will be performed.
AUDITOR
Documentation
The accountant should document matters which are important in providing evidence that the Date
engagement was carried out in accordance with this PSA and the terms of the engagement.
Address
Procedures AUDITING IN A CIS (IT) ENVIRONMENT
The accountant requires a general understanding of the nature of the entity's business
transactions, the form of its accounting records and the accounting basis on which the financial 1. A CIS environment exists when a computer of any type or size is involved in the processing by the
information is to be presented through experience with the entity or inquiry of the entity's entity of financial information of significance to the audit, whether the computer is operated by the
personnel. entity or by a third party
2. The overall objective and scope of an audit does not change in a CIS environment
If the accountant becomes aware that information supplied by management is incorrect, 3. A CIS environment may affect:
incomplete, or otherwise unsatisfactory, the accountant should consider performing the above a. The procedures followed in obtaining a sufficient understanding of the accounting and internal
procedures and request management to provide additional information or if the accountant control systems
becomes aware of material misstatements, the accountant should try to agree appropriate b. The consideration of the inherent and control risk
amendments with the entity. If such additional information or amendments are not made and the c. The design and performance of tests of controls and substantive procedures
financial information is considered to be misleading, the accountant should withdraw from the 4. The auditor should have sufficient knowledge of the CIS to plan, direct, and review the work
engagement. performed
5. If specialized skills are needed, the auditor would seek the assistance of a professional possessing
Responsibility of Management such skills, who may be either on the auditor’s staff or an outside professionals
6. In planning the portions of the audit which may be affected by the client’s CIS environment, the
The accountant should obtain an acknowledgment from management of its responsibility for the auditor should obtain an understanding of the significance and complexity of the CIS activities and
appropriate presentation of the financial information and of its approval of the financial the availability of data for use in the audit
information. 7. When the CIS are significant, the auditor should also obtain an understanding of the CIS
environment and whether it may influence the assessment of inherent and control risks
Reporting on a Compilation Engagement 8. The auditor should consider the CIS environment in designing audit procedures to reduce audit risk
to an acceptably low level. The auditor can use either manual audit procedures, computer-assisted
The financial information compiled by the accountant should contain a reference such as audit techniques, or a combination of both to obtain sufficient evidential matter
"Unaudited," "Compiled without Audit or Review" or "Refer to Compilation Report" on each page
of the financial information or on the front of the complete set of financial statements. RISK ASSESSMENTS AND INTERNAL CONTROL:
CIS CHARACTERISTICS AND CONSIDERATION
EXAMPLE OF A REPORT ON AN ENGAGEMENT TO COMPILE FINANCIAL STATEMENTS
Organizational Structure
COMPILATION REPORT TO ..... Characteristics of a CIS organizational structure includes:
a. Concentration of functions and knowledge
On the basis of information provided by management we have compiled, in accordance with the Although most systems employing CIS methods will include certain manual
Philippine Standard on Related Services, the balance sheet of ABC Company as of December 31, operations, generally the number of persons involved in the processing of financial information is
19XX and statements of income, changes in equity and cash flows for the year then ended. significantly reduced.
Management is responsible for these financial statements. We have not audited or reviewed these b. Concentration of programs and data
financial statements and accordingly express no assurance thereon. Transaction and master file data are often concentrated, usually in machine-
readable form, either in one computer installation located centrally or in a number of installations
Accountant distributed throughout the entity.
Certain transactions may be initiated by the CIS itself without the need for an
Nature of Processing input document
The use of computers may result in the design of systems that provide less visible e. Vulnerability of data and program storage media
evidence than those using manual procedures. In addition, these systems may be accessible by a Large volumes of data and the computer programs used to process such data
larger number of persons. may be stored on portable or fixed storage media, such as magnetic disks and tapes. These media
are vulnerable to theft, loss, or intentional or accidental destruction.
System characteristics that may result from the nature of CIS processing include:
a. Absence of input documents INTERNAL CONTROLS IN A CIS ENVIRONMENT
• Data may be entered directly into the computer system without supporting document
• In some on-line transaction systems, written evidence of individual data entry authorization (e.g., GENERAL CIS CONTROLS – to establish a framework of overall control over the CIS activities and to
approval for order entry) may be replaced by other procedures, such as authorization controls provide a reasonable level of assurance that the overall objectives of internal control are achieved
contained in computer programs (e.g., credit limit approval)
b. Lack of visible audit trail General CIS controls may include:
The transaction trail may be partly in machine-readable form and may exist only a. Organization and management controls – designed to define the strategic direction and establish
for a limited period of time (e.g., audit logs may be set to overwrite themselves after a period of an organizational framework over CIS activities, including:
time or when the allocated disk space is consumed) • Strategic information technology plan
c. Lack of visible output • CIS policies and procedures
Certain transactions or results of processing may not be printed or only summary • Segregation of incompatible functions
data may be printed • Monitoring of CIS activities performed by third party consultants
b. Development and maintenance controls – designed to provide reasonable assurance that systems
d. Ease of access to data and computer programs are developed or acquired, implemented and maintained in an authorized and efficient manner.
Data and computer programs may be assessed and altered at the computer or They also typically are designed to establish control over:
through the use of computer equipment at remote locations. Therefore, in the absence of • Project initiation, requirements definition, systems design, testing, data conversion, go-live
appropriate controls, there is an increased potential for unauthorized access to, and alteration of, decision, migration to production environment, documentation of new or revised systems, and
data and programs by persons inside or outside the entity user training
• Acquisition and implementation of off-the-shelf packages
Design and procedural aspects • Request for changes to the existing systems
The development of CIS will generally result n design and procedural characteristics that • Acquisition, implementation, and maintenance of system software
are different from those found in manual systems. These different design and procedural aspects of c. Delivery and support controls – designed to control the delivery of CIS services and include:
CIS include: • Establishment of service level agreements against which CIS services are measured
a. Consistency of performance • Performance and capacity management controls
CIS perform functions exactly as programmed and are potentially more reliable • Disaster recovery/contingency planning, training, and file backup
than annual systems, provided that all transactions types and conditions that could occur are
• Computer operations controls
anticipated and incorporated into the system. On the other hand, a computer program that is not
• Systems security
correctly programmed and tested may consistently process transactions or other data erroneously
• Physical and environment controls
b. Programmed control procedures
d. Monitoring controls – designed to ensure that CIS controls are working effectively as planned.
The nature of computer processing allows the design of internal control
These include:
procedures in computer programs
• Monitoring of key CIS performance indicators
c. Single transaction update of multiple or data base computer files
A single input t the accounting system may automatically update all records • Internal external CIS audits
associated with the transaction
d. Systems generated transactions
CIS APPLICATION CONTROLS – to establish specific control procedures over the application CIS ENVIRONMENTS – ON-LINE COMPUTER SYSTEMS
systems in order to provide reasonable assurance that all transactions are authorized, recorded 1. On-line computer systems are computer systems that enable users to access data and programs
and are processed completely, accurately and on a timely basis. CIS application controls include: directly through terminal devices
a. Controls over Input – designed to provide reasonable assurance that: 2. On-line systems allow users to directly initiate various functions such as:
• Transactions are properly authorized before being processed by the computer a. Entering transactions
• Transactions are accurately converted into machine readable form and recorded in the computer b. Making inquiries
data files c. Requesting reports
• Transactions are not lost, added, duplicated or improperly changed d. Updating master files
• Incorrect transactions are rejected, corrected and, if necessary, resubmitted on a timely basis. e. Electronic commerce activities
b. Controls over processing and computer data files – designed to provide reasonable assurance that: 3. Types of terminals used in on-line systems:
• Transactions, including system generated transactions, re properly processed by the computer A. General purpose terminals
• Transactions are not lost, added, duplicated or improperly changed 1. Basic keyboard and screen
• Processing errors (i.e., rejected data and incorrect transactions) are identified and corrected on a 2. Intelligent terminal
timely basis 3. PCs
c. Controls over output – designed to provide reasonable assurance that: B. Special purpose terminals
• Results of processing are accurate 1. Point-of-sale devices
• Access to output is restricted to authorized personnel on a timely basis 2. Automated teller machines (ATM)
2. Types of on-line computer systems:
• Output is provided to appropriate authorized personnel on a timely basis
a. On-line/ real time processing
Individual transactions are entered at terminal devices, validated, and
Review of general CIS controls
used to update related computer files immediately.
General CIS controls that relate to some or all applications are typically interdependent
b. On-line/batch processing
controls in that their operation is often essential to the effectiveness of CIS application controls.
Individual transactions are entered at a terminal device, subjected to
Accordingly, it may be more efficient to review the design of the general controls before reviewing
certain validation checks, and added to a transaction file that contains other transactions entered
the application controls.
during the period. Later, during a subsequent processing cycle, the transaction file may be
validated further and then used to update relevant master file.
Review of CIS application controls
c. On-line/Memo update (and subsequent Processing)
CIS application controls which the auditor may wish to test include:
a. Manual controls exercised by the user
b. Controls over system output • Combines in-line/ real time and on-line/ batch processing
c. Programmed control procedures • Individual transactions immediately update a memo file containing information that has been
extracted from the most recent version of the master file. Inquiries are made from this memo file
CIS ENVIRONMENTS – STAND-ALONE PERSONAL COMPUTERS • These same transactions are added to a transaction file for subsequent validation and updating of
1. A personal computer (PC) can be used in various configurations. These include: the master file on a batch basis
a. A stand-alone workstation operated by a single user or a number of users at different times; d. On-line/ inquiry
b. A workstation which part of a Local Area Network (LAN) of PCs; and • Restricts users at terminal devices to making inquiries of master file
c. A workstation connected to a server • Master files are updated by other systems, usually on a batch basis
2. In a stand-alone PC environment, it may not be practicable or cost-effective for management to e. On-line downloading/ uploading processing
implement sufficient controls to reduce the risks of undetected error to a minimum level • On-line downloading refers to the transfer of data from a master file to an intelligent terminal
3. After obtaining the understanding of the accounting system and control environment, the auditor device for further processing by a user
may find it more cost-effective not to make a further review of general controls or application
controls, but concentrate audit efforts on substantive procedures. NETWORK ENVIRONMENT
1. A network environment is a communication system that enables computer users to share e. Key-to-tape and Key-to-disk – systems in which input data can be entered directly onto magnetic
computer equipment, application software, data, and voice and video transmissions tape, magnetic disk, or floppy disk through CRT
2. A file server is a computer with an operating system that allows multiple users in a network to 10. STORAGE DEVICES – devices which store data that can be subsequently used by the CPU
access software applications and data files a. Random access – data can be accessed directly regardless of how it is physically stored (e.g.,
3. Basic types of networks magnetic disk)
a. Local area network (LAN) b. Sequential access – data must be processed in the order in which it is physically stored (e.g.,
b. Wide area network (WAN) magnetic tape)
c. metropolitan area network (MAN) 11. OUTPUT DEVICES – produce readable data or machine-readable data when further processing is
required. Examples are CRT, printer, and CRT COM (Computer output to Micro film)
CIS ENVIRONMENTS – DATABASE SYSTEMS 12. TERMINALS – CRT devices or microcomputers used for input/output (communication) with the CPU
1. DATABASE – a collection of data that is shared and used by many different users for different 13. POINT-OF-SALE DEVICES – a terminal connected to a computer. It takes the place of a cash register
purposes or similar devices which allows instant recording and is capable of keeping perpetual inventory
2. Two components of database systems: 14. MODEM – a device for interfacing communications equipment within communication networks
a. Database
b. Database management system (DBMS) – software that creates, maintains, and operates the Software consists of computer programs which instruct the computer hardware to perform the
database desired processing.
3. Characteristics of database systems:
a. Data sharing
b. Data independence
TERMS USED IN CIS ENVIRONMENTS Types of computer programs

1. OPERATING SYSTEM – controls the functioning of the CPU and its peripheral equipment. Several
HARDWARE different operating systems allow a single configuration of hardware to function in the following
1. COMPUTER HARDWARE – consists of the configuration of physical electronic equipment modes:
2. CONSOLE – a special CRT (Cathode Ray Tube) used for communication between the operator and a. MULTIPROGRAMMING – the operating system processes a program until an input/output
the computer. operation is required. Since input or output can be handled by peripheral devices, such as channels
3. PERIPHERAL EQUIPMENT – all non-CPU hardware that may be placed under the control of the and controllers, the CPU can begin executing another program’s instructions. Several programs
processor. This consists of input, storage, output, and communication devices appear to be concurrently processing
4. CONTROLLERS – units designed to operate (control) specific input/output devices b. MULTIPROCESSING – multiple CPUs process data while sharing peripheral devices, allowing two or
5. CHANNELS – units designed to handle the transfer of data into or out of primary storage (memory) more programs to be process simultaneously
6. BUFFER MEMORY (BUFFER) – temporary storage unit used to hold data during input/output c. VIRTUAL STORAGE – the operating system separates user programs into segment pages
operations automatically. It appears as though there is unlimited memory available for programs, even though
7. OFF-LINE – peripheral equipment not in direct communication with the CPU the program is still confined to a physical segment of memory.
8. ON-LINE – peripheral equipment in direct communication with, and under the control of the CPU 2. UTILITY PROGRAM – performs a commonly required process, such as storing and merging
9. INPUT DEVICES – provides a means of transferring data into CPU storage 3. APPLICATION PROGRAM – performs the desired processing tasks (e.g., payroll preparation)
a. Magnetic tape reader – capable of sensing information recorded as magnetized spots on magnetic 4. SOURCE PROGRAM – written by a programmer in a source language (e.g., COBOL) that will be
tape. It is also used as an output device and storage medium. converted into an object program
b. Magnetic ink character reader( MICR) – reads characters by scanning temporarily magnetized 5. OBJECT PROGRAM – converted source program that was changed using a complier to create a set
characters using magnetic ink of machine-readable instructions
c. Optical character recognition (OCR) – reads characters directly from documents based on their 6. COMPILER – converts a source program to a machine language object program
shapes and positions on the source document 7. INTERPRETER – converts each source code instruction to object code each time it is executed
d. Cathode ray tube (CRT) – a typewriter-like device that decodes keystrokes into electronic impulses
8. DATABASE MANAGEMENT SYSTEM (DBMS) – a software package for the purpose of creating, • Shifts control over processing to the auditor by using the client’s software to process auditor-
accessing, and maintaining a database prepared test data that includes both valid and invalid conditions
9. TELECOMMUNICATIONS MONITOR PROGRAM – provides edit capabilities and file maintenance to • It embedded controls are functioning properly, the client’s software should detect all the
users, monitors on-line terminals, and handles input to application programs exceptions planted in the auditor’s test data
• Ineffective if the client does not use the software tested
ELECTRONIC DATA INTERCHANGE (EDI) – the electronic exchange of transactions, from one b. Base case system evaluation (BCSE)
entity’s computer to another entity’s computer through an electronic communications network. In • Develops test data that purports to test every possible condition that an auditor expects a client’s
electronic fund transfer (EFT) Systems, for example, electronic transactions replace checks as a software will confront
mean of payment. • Provides an auditor with much more assurance than test data alone, but expensive to develop and
EDI controls include: therefore cost-effective only in large computer systems
a. Authentication – controls must exist over the origin, proper submission, and proper delivery of EDI c. Integrated test facility (ITF)
communications to ensure that the EDI messages are accurately sent and received to and from • A variation of test of data whereby simulated data and actual data are run simultaneously with the
authorized customers and suppliers. client’s program and computer results are compared with auditor’s predetermined results
b. Encryption – involves conversion of plain text data to cipher text data to make EDI messages • It provides assurance that the software tested is actually used to prepare financial reports
unreadable to unauthorized persons d. Parallel simulation
c. VAN controls – a value added network (VAN) is a computer service organization that provides • It involves of processing client’s live (actual) data utilizing an auditor’s generalized audit software
network, storage, and forwarding (mailbox) services for EDI messages • If an entity’s control have been operating efficiently, the client’s software should generate the
same exceptions as the auditor’s software
AUDIT APPROACHES
• It should be performed on a surprise basis, I possible
1. Auditing around the computer – the auditor ignores or bypasses the computer processing function
e. Controlled reprocessing
of an entity’s EDP system
• A variation of parallel simulation, it involves processing of actual client data through a copy of the
2. Auditing with the computer – the computer is used as an audit tool
client’s application program
3. Auditing through the computer – the auditor enters the client’s system and examines directly the
2. Continuous audit techniques – test the audit computer controls throughout a period.
computer and its system and application software
a. Audit modules – programmed audit routines incorporated into an application program that are
designed to perform an audit function such as a calculation, or logging activity
COMPUTER ASSISTED AUDIT TECHNIQUES FOR TESTS OF CONTROLS
b. Systems control audit review files (SCARFs) – log that collect transaction information for
I. Program analysis – techniques that allow the auditor to gain an understanding of the client’s
subsequent review and analysis by the auditor
program
c. Audit hooks – “exists” in an entity’s computer program that allows an auditor to insert commands
1. Code review – involves actual analysis of the logic of the program’s processing routines
for audit processing
2. Comparison programs – programs that allow the auditor to compare computerized files
d. Transaction tagging – a transaction record is tagged and then traced through critical control points
3. Flowcharting software – used to produce a flowchart of a program’s logic and may be used both in
in the information system
mainframe and microcomputer environments
e. Extended records – this technique attaches additional audit data which would not otherwise be
4. Program tracing and mapping – program tracing is a technique in which instruction executed is
saved to regular historic records and thereby helps to provide a more complete audit trail
listed along with control information affecting that instruction. Program mapping identifies sections
III. Review of operating system and other system software
of code which may be potential source of abuse
1. JOB ACCOUNTING DATA/ OPERATING SYSTEM LOGS – these logs that track particular functions,
5. Snapshot – this technique “takes a picture” of the status of program execution, intermediate
include reports of the resources use by the computer system. The auditor may be able to use them
results, or transaction data at specified processing points I the program processing
to review the work processed, to determined whether unauthorized applications were processed
II. Program testing – involves the use of auditor-controlled actual or simulated data
and to determine that authorized applications were processed properly
1. Historical audit techniques – test the audit computer controls at a point in time
2. LIBRARY MANAGEMENT SOFTWARE – this logs changes in programs, program modules, job control
a. Test data
language, and other processing activities
• A set of dummy transactions specifically designed to test the control activities that management
claims to have incorporated into the processing programs
3. ACCESS CONTROL AND SECURITY SOFTWARE – this restricts access to computers to authorized 6. Obtaining evidence that the audit software functioned as planned
personnel through techniques such as only allowing certain users with “read-only” access or 7. Establishing appropriate security measures to safeguard against manipulations of the entity’s data
through use of an encryption files
COMPUTERIZED AUDIT TOOLS Procedures to control the use of TEST DATA may include:
1. AUDIT SOFTWARE – computer programs used to process data of audit significance from the client’s 1. Controlling the sequence of submission of test data where it spans several processing cycles
accounting system 2. Performing test runs
a. Package programs (generalized audit software) 3. Predicting the results of test data
1. Reading computer files 4. Confirming that the current version of the program was used
2. Selecting samples 5. Obtaining reasonable assurance that the programs used to process the test data were used by the
3. Performing calculations entity throughout the applicable audit period
4. Creating data files
5. Printing reports in an auditor-specified format
b. Purpose written programs (special purpose or custom designed programs)
c. Utility programs – they are generally not designed for audit purposes
2. Electronic spreadsheets – contain a variety of predefined mathematical operations and functions
that can be applied to data entered into the cells of a spreadsheet
3. Automated work paper software – designed to generate a trial balance, lead schedules, and other
reports useful for the audit. The schedules and reports can be created once the auditor has either
manually entered or electronically imported through using the client’s account balance information
into the system
4. Text retrieval software – allow user to view any text that ia available in an electronic format. The
software program allows the user to browse through text files much as a user would browse
through books.
5. Database management systems
6. Public databases
7. Word processing software
Factors to consider in using CAAT

1. Degree of technical competence in CIS
2. Availability of CAAT and appropriate computer facilities
3. Impracticability of manual tests
4. Effectiveness and efficiency
5. Timing of tests
Controlling the CAAT application

Procedures to control the use of AUDIT SOFTWARE may include:
1. Participating in the design and testing of computer programs
2. Checking the coding of the program
3. Requesting the client’s CIS personnel to review the operating system instructions
4. Running the audit software on small test files before running them on main data files
5. Ensuring that the correct files were used

Notes From Sir Red Sirug Handouts On Auditing Theory

Caricato da

Informazioni sul documento

Descrizione originale:

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Notes From Sir Red Sirug Handouts On Auditing Theory

Caricato da

Copyright:

Formati disponibili

AUDITING THEORY REVIEW NOTES

Forms of subject matter of an assurance engagement: Examples of suitable criteria:

Audit Opinion and Audit Report: Financial Statements:

Principal duties of the COA:

Both the IASB and IAASB are under the IFAC.

Publicity, Solicitation and Advertising: Examples of Violations of the IRR:

Audits of Components: Whether or not to accept a change in engagement:

Dual purpose test: Reliance on substantive tests:

Ownership of working papers or audit documentation: Elements of working papers:

Auditor’s responsibility: Other events and conditions:

THE AUDITOR’S REPORT ON FINANCIAL STATEMENTS Auditor’s Reports

Introduction Standard Auditor’s Report

Other Matter Paragraph Report on the Financial Statements

Qualified Opinion Disclaimer of Opinion

By: Audit Procedures

[NAME OF PARTNER] The auditor shall evaluate whether:

Management’s Responsibility for the Financial Statements [Auditor’s signature]

Forming an Opinion and Reporting Considerations Auditor’s Responsibility

[Auditor’s signature] Documentation

The review report should:

PRACTITIONER Acceptance of Engagement

TERMS USED IN CIS ENVIRONMENTS Types of computer programs

Factors to consider in using CAAT

Controlling the CAAT application

Potrebbero piacerti anche