Audit Flashcards
T or F: The purpose of audit is to identify fraud.
F
Information risk
The risk that users and shareholders do not have the same information as managers.
Three levels of assurance/nonassurance
Assurance: most expensive.
Review: less expensive, faster, lower level of confidence.
Notice to Reader (NTR): 0 assurance. Done for CRA/bookkeeping but not accepted by banks.
Examples of audit of information other than the financial statements.
- mall stores may be audited if their rent is based on revenues.
- condo corporations
- more detailed level of materiality
Examples of audits for non financial information
- effectiveness of internal controls
- audit of controls of service organization
- compliance
- IT
- greehouse gas emissions
Who is responsible for the preparation of financial statements: auditor or management?
Management.
Who is responsible for the design, implementation, and maintenance of internal controls: auditor or management?
Management.
Auditors’ personal responsibilities (3)
- Professional competence and due care (education, experience)
- Compliance with ethical and independence requirements
- Professional skepticism and professional judgement
Auditors’ performance responsibilities
- Adequate planning and supervision
- Determining and applying materiality levels
- Identify and assess risks of material misstatement
- Obtain sufficient and appropriate evidence
- Reporting
Ethics vs. Professional Ethics
Ethics: moral principles/values (personal)
Professional ethics: morally permissible standards the profession has defined
CPA Code of Professional Conduct: Relevant section 200 rules
201: Maintenance of good reputation of the profession
202: Integrity, due care, objectivity
203: Professional competence
204: Indpendence
205: False and misleading documents and oral representations
206: Compliance with professional standards
208: Confidentiality of information
210: Conflicts of interest
211: Duty to report breaches of the CPA code
214: Fee quotations and billings
215: Contingent fees
217: Advertising, solicitation, endorsements
218: Retention of documentation and working papers
CPA Professional Conduct: Relevant section 300 rules
302: Communication with predecessor
303: Provision of client information
2 Types of Independence required
Independence in fact, independence in appearance
Threats to independence (5)
- Self-interest
- Advocacy
- Intimidation
- Self-review
- Familiarity
True or false: when a threat to independence is identified, the auditor must immediately be removed from the client’s case.
False. First, try to reduce or resolve the threat before withdrawing. Eg. Can the auditor sell their shares before conducting the audit?
Safeguards to independence created by the profession, legislation, or securities regulation
Education and training
Periodic rotation of senior members on the engagement
Safeguards to independence provided by the audit client
Qualified, independent audit committee
Corporate governance policies
Corporate policies and ethical codes
Safeguards to independence available within the audit firm’s procedures
Tone at the top
Firm policies and procedures
Rotation of senior personnel
Required consultation
True or False: CPA Canada sets the rules for auditing
False. PROVINCIAL self-regulating CPA boards.
Business failure vs. audit failure
Business failure: business cannot repay debts, perhaps due to poor mgmt, shift in demand, economic factors.
Audit failure: auditor issues an incorrect audit opinion.
Expectation gap
The difference between what users expect from the audit and what the audit actually provides.
Examples of incorrect expectations by users of an audit, which create an expectation gap.
- Auditors should accept primary responsibility for fin stmts.
- Auditors certify the fin. stmts.
- A clean opinion guarantees the accuracy of fin stmts.
- Auditors perform 100% verification.
- Auditors should give early warning about possible business failure
- Auditors are supposed to detect fraud.
3 Audit evidence decisions
NATURE: Which audit procedures to use?
EXTENT: Which items to select for testing?
TIMING: When to perform the procedures?
3 Categories of audit procedures
RISK ASSESSMENT: risk of material misstatement
TEST OF CONTROLS: evaluate effectiveness
SUBSTANTIVE: tests of details & analytical procedures
3 Characteristics of persuasive evidence
APPROPRIATE: relevant & reliable
SUFFICIENT
TIMELY
6 factors of evidence reliability
Evidence obtained directly by the auditor
Independence of source
Qualifications of source
Consistency from multiple sources
Effectiveness of client’s internal controls
Degree of objectivity
7 Types of audit procedures
INSPECTION OBSERVATION EXTERNAL CONFIRMATION RECALCULATION REPERFORMANCE ANALYTICAL PROCEDURES INQUIRY
T or F: External documents are considered more reliable than internal documents.
True.
Vouching vs tracing
Vouching: Use documentation to support recorded transactions/amounts.
Tracing: Use documentation to determine if transactions or amounts are included in the accounting records.
Analytical procedures: 4 types of data that balances and ratios are compared with
Industry data
Similar prior-period data
Client-determined expected results
Auditor-determined expected results
Possible adjustments to strategy if audit risk is determined to be pervasive
Assign more experienced staff
Heighten level of professional skepticism
Increase involvement of audit partners and managers
Closer supervision and review
What must be considered in identifying significant risks?
Risk of fraud
Risk related to key economic, accounting, other developments
Complexity of transactions
Significant related party transactions
Degree of subjectivity in measurement of financial information
Significant transactions outside the normal course of business
The fraud triangle: conditions for fraud
- Incentives/pressures
- Opportunities
- Attitudes/rationalization
The risk of material misstatement is a function of (3 types of risk)
Detection risk
Inherent risk
Control risk
Indicators of doubt of continuance as a going concern
Liquidity position Profits(losses) in previous years Method of financing growth Nature of the client's operations Competence of management
What is the objective of conducting an audit of the financial statements?
To express an OPINION of whether the financial statements are FREE FROM MATERIAL MISSTATEMENTS and presented fairly in conformity with the APPLICABLE REPORTING FRAMEWORK.
Management (client) responsibilities in an audit
- Adopt sound and appropriate accounting POLICIES
- Implement and maintain adequate INTERNAL CONTROLS
- Provide FAIR REPRESENTATIONS in the financials.
- Provide auditor with access to ALL RELEVANT INFORMATION
- Provide auditor with any additional information they may request
- Provide unrestricted access to PERSONS within the entity from whom the auditor determines it necessary to obtain evidence
Responsibilities of those charged with governance
(board of directors)
- oversight of management
- approve audited financial statements
Key difference between error and fraud
intent
Fraudulent financial reporting
- harms users of financial statements by providing them with incorrect information for decision making
- usually committed by management
Misappropriation of assets
- harms stockholders, creditors, and others because assets are no longer available to their owners
- usually committed by employees
Auditor’s responsibility to evaluate going concern
- conclude opinion on the appropriateness of management’s use of the going-concern basis of accounting
- conclude if there is material uncertainty about the entity’s ability to continue as a going concern.
What are management assertions?
Implied or expressed representations about:
- classes of transactions or events
- related account balances in the fin. stmts.
- classification, presentation, disclosure of information
Management assertions about classes and transactions of events (statement of comprehensive income)
OCCURRENCE COMPLETENESS ACCURACY CUTOFF - correct reporting time period CLASSIFICATION - correct accounts
it occurs to her to completely and accurately cut off the class
Management assertions about account balances (statement of financial position)
EXISTENCE
COMPLETENESS
VALUATION AND ALLOCATION
RIGHTS AND OBLIGATIONS - the entity does control the rights to assets, and liabilities are the obligation of the entity
Management assertions about presentation and disclosure (notes to the financial statements)
OCCURRENCE AND RIGHTS AND OBLIGATIONS - disclosed info did occur and does pertain to entity
COMPLETION
ACCURACY AND VALUATION
CLASSIFICATION AND UNDERSTANDABILITY
Services, other than audit, offered by public accounting firms
Tax Accounting Management advising Valuation Assistance with adoption of IFRS Environmental & CSR reporting
Greatest challenge in assessing operational efficiency during an audit
Developing criteria
Stakeholders of an audit
management, users of financial statements, CRA, banks, employees, customers
Implications of accepting an audit engagement
auditors must have:
- independence
- competence
Additional issues when filing with the OSC
- IFRS compliance
- specific forms required by OSC that must be filed in a specific time frame
- must be registered with CPAB
Quality controls that audit firms must have in place
- Culture/tone at top
- Ethical requirements (independence, integrity)
- Policies and procedures relating to:
- acceptance of engagements
- HR practices
- engagement performance
- Monitoring these quality controls
True or False: audit evidence must be convincing and conclusive
False, it must be persuasive
Examples of internal documentation
cheque request form
receiving report
payroll time card
adjusting journal entry
Examples of external documentation
vendor’s invoice
cancelled note
cancelled cheque
validated deposit slip
Analytical procedures are performed during what phase of the audit engagement?
The planning phase, to help determine the nature, extent, and timing of work to be done.
What should be disclosed if there exists a related party transaction?
- the nature of the relationship
- description of transx
- amounts due to or from related parties if not otherwise apparent
acceptable audit risk
a measure of how willing the auditor is to accept that the financial statements may be materially misstated after the audit is completed and an unqualified
opinion has been issued
True or false: The less audit risk the auditor is willing to accept, the higher the level of evidence that the auditor will collect.
True
Inherent risk or control risk?
The management bonuses at CFHI are based on net income
Inherent risk
Inherent risk or control risk?
Due to the size of the CFHI’s business, only one accounting
clerk does most of the accounting.
Control risk
Which assertion is being upheld when sales invoices are matched with shipping documents by a computer system which creates an exception report?
Occurence
Which assertion is being upheld when receiving reports are prenumbered and accounted for on a daily basis?
Completeness and Cut Off
Which assertion is being upheld when sales invoices are independently verified before being sent to customers?
Accuracy
Why does the auditor obtain an understanding of internal controls?
To assess risks of material misstatement to the financial statements.
What should the auditor due of they find significant deficiencies in internal controls?
Report the weaknesses to the audit committee or an appropriate representative of management
Test of controls vs substantive tests
Test of controls: verify whether a client’s controls are applied in the manner described in documentation eg. examination that JE’s received approval
Substantive tests: test for dollar errors in transx or financial statement balances eg. recalculation of amounts
