Audit Standards & Engagement Planning Flashcards
compliance audits
performed to determine if entity is complying w applicable law and regulations
performed by regulatory bodies
IRS audit, OSHA audit
operational audits
performed by internal auditors to determine if mgmt’s policies are being follow appropriately and evaluate entity’s performance as well as its compliance w internal controls
financial statement audits
- determine if f/s are being fairly presented
- performed by CPAs
f/s audit, interim reviews
reasonable assurance
high lvl of assurance
NOT absolute assurance
unconditional requirement
auditor must comply to be in accordance w GAAS
“must”
“is required to”
presumptively mandatory requirement
auditor expected to comply but rarely may depart from standards if deem ineffective. alt procedures must be performed and documented
must document why they’re not gonna do it.
“should”
clarity standard format
applies to non public, non issuers
- introduction
- objectives
- definitions
- requirements
- application and other explanatory material
GAAS
generally accepted auditing standards
PCAOB
Public Company Accounting Oversight Board
3 categories of standards of GAAS
- general standards
- fieldwork standards
- reporting standards
general standards
these apply to aspects of engagement from acceptance to completion
qualification of auditor and quality of work
- T-training and proficiency
- I-independence
- P-due Professional care
fieldwork standards
apply to portion of engagement devoted to gathering evidence
how audit is planned and how audit evidence is accumulated and evaluated
3 standard of fieldwork:
- P-planning and supervision
- I-internal controls
- C-corroborative audit evidence
reporting standards
apply only to manner in which audit report is to be written
prep and content of audit report
4 standards of reporting:
- A-accounting principles in conformity w GAAP
- N-no new accounting principles applied - consistency
- O-omitted information disclosure-none
- E-expression of an opinion
10 GAAS
measurement of quality of auditor’s performance VS. audit procedures which are Acts to be performed by auditors
TIPPICANOE
3 general standard:
- T-training & proficiency
- I-independence
- P-due Professional care
3 standard of fieldwork:
- P-planning and supervision
- I-internal controls
- C-corroborative audit evidence
4 standards of reporting:
- A-accounting principles in conformity w GAAP
- N-no new accounting principles applied - consistency
- O-omitted information disclosure-none
- E-expression of an opinion
independence required for
- audit
- review
“CARES”
C-compilation (must mention if not independent) A-agreed upon procedures R-reviews examination S-special report
independence not required for
- compilation
- taxes
- consultation
- f/s preparation engagement
- other non attest (bookkeeping, payroll)
what can impair independence
any direct financial interest
material indirect financial interest
cpa auditor»_space; client
cpa auditor»_space; mutual fund»_space; client
ethical requirement
- responsibilities
- the public interest
- integrity
- objectivity and independence
- due care
- scope and nature of services
what can currently auditor inquiry of old auditor (predecessor auditor)?
RID -C
R-reason for change
I-integrity of mgmt
D-disagreements during adit
C-communication w mgmt or those charged w governance
ALSO:
internal control
substantive procedures
contingencies
subsequent events
governance
- member of mgmt may serve as executive members of the board of directors
- in owner-mangaged entities, mgmt and governance are the same
- member of entity’s legal structure (company directors)
- parties external to entity such as govt agencies
- group of ppl (board of directors)
those charged w governance
responsible for overseeing strategic direction of the entity and obligations related to accountability
what should auditor communicate w audit committee?
DISAPPROVE
D- disagreement w mgmt
I- illegal acts, noncompliance w law & regulations
S- significant accounting policies adopted or changed by mgmt
A- adjustment proposed by auditor
P- prior discussion w mgmt b4 accept engagement
P-problem or significant difficulties arising from audit
O-other information
V-views of accountant regarding accounting policies, estimates, and disclosure
E-estimates and processed used to obtain them
audit committee
made up of independent directors
one must be financial expert
if no expert, reason must be disclosed.
financial expert
- has understanding of GAAP
- exp w prepare f/s and applying knowledge to estimates, accruals, and reserves
- exp w internal accounting controls
- knows function of audit committee
-doesnt need to be CPA
engagement letter components
not required, but recommended in writing
FACSIMILE
F-fees A- auditor's responsibilities (GAAS) C- confirmation of engagement S- scope and objective of engagement I- internal control M- management responsibilities I- irregularities (fraud) L- iLlegal acts E- errors
audit program
step by step list of audit procedures
RMM
risk of material misstatement
likelihood that f/s are materially misstated which consists of control risk and inherit risk
key consideration of audit program
materiality
RMM
business and industry considerations
control risk
risk that material misstatement will not be prevented or detected and corrected on a timely basis due to lack of effective internal control
inherit risk
risk of material misstatement due to nature of element of f/s
risk that an item will be materially misstated if there are no controls in place
risk of misstatement due to factors other than a failure of relevant controls and it exists independently of the audit
steps in planning an audit
BRAINSTOPS
B- basic discussion w client R- review of audit documentation A- ask about recent development I- interim f/s N- non-audit personnel S- staffing T- timing O- outside assistant P- pronouncement S- scheduling w the client
AR=
audit risk=
inherit risk x control risk x detection risk
risk that the auditor will fail to issue an appropriate report when the financial statements are materially misstated
RRM=
risk of material misstatement
inherit risk x control risk
AR =
audit risk =
RRM x DR
risk that the auditor will fail to issue an appropriate report when the financial statements are materially misstated
detection risk (DR) =
TD x AP
test of detail risk x substantive analytical procedures risk
detection risk
risk that audit procedures will incorrectly lead to conclusion that a material misstatement does not exist when it DOES
function put forth by auditor.
only risk component that an auditor can affect.
broken down into 2 components:
- test of details risk (TD)
- substantive analytical procedures risk (AP)
fraudulent financial reporting
- misrepresentation of facts
- manipulation, falsification, alteration of accounting records
- intentional misapplication of accounting principles
- non recording of transasctions
missappropriation of assets
- defalcation schemes
- embezzlement of funds
- theft of other assets
- misuse of entity assets
fraud triangle
- reason or motive (incentive/pressure)
- opportunity
- rationalization
reason or motie
- personal gain
- pressure to meet analysts’ expectation
opportunity
lack of internal control or not enforced create opportunity
-have opportunity to override controls
rationalization
rationalize their fraudulent acts bc they do not believe its wrong
accompanied w their action is a common practice
commission is sometimes viewed as a means of eliminating an unfair advantage
rationalize their acts as having NO CHOICE. repercussion of not doing fraud would be too severe
direct effect of noncompliance
EX: nonpayment of payroll taxes or business license fee
indirect effect of noncompliance
EX: price fixing, purchase securities based on insider information
2 types of fraud
fraudulent financial reporting
misappropriation of assets
specific procedures of CPA firm depends on:
- size of firm
- nature of practice
- organizational structure and cost benefit considerations
6 element of Quality Control element within a CPA firm
HEAL-ME
H-human resources (personal mgmt)
E-ethical requirements (independence)
A-acceptance and continuance of client relationship and specific engagements
L-leadership responsibilities for quality within the firm
M-monitoring
E-engagement performance
Audit firms must establish quality control procedures to provide themselves with reasonable assurance that their personnel comply with professional standards and applicable regulatory/legal requirements
if RRM is high
planned audit procedure increase:
- more thorough test
- rely more on year end testing
- assign experienced staff with specialized skills
- close supervision required
goal is to decrease detection risk. do this by:
- increase substantive procedures
- focusing resources on high risk areas
- change nature, timing, scope of audit procedures
what is an accounting framework
is the set of criteria (either rules or standards) that are required for financial items to be recognized, classified, and recorded within an entity’s financial statements
general purpose framework is designed to
meet the common financial information objectives of a wide range of users
- generally accepted accounting principles (GAAP)
- international financial reporting standards (IFRS)
- statement of federal financial accounting standards (SFFAS
- statements of govt standards
special purpose framework
non-GAAP framework designed meet a specific purpose (ie, financial information requirements) of a specific group of users (eg, tax regulators)
- cash accounting basis
- tax accounting basis
- regulatory agency accounting basis
- contractual accounting basis
performance audit
performed on governmental or nonprofit entities
The audit can be related to any given process or project and may focus on specific procedures or processes.
These audits are performed using Generally Accepted Governmental Auditing Standards (GAGAS)
Professional standards are
measures of the quality of the auditor’s performance
A misstatement on the financial statements occurs when
one or more of management’s assertions is contradicted by audit evidence
responsibility of management
- prepare fs
- comply w laws and reg.
- est. and monitor internal control
- provide auditor w relevant info
responsibility of auditor
- provide reasonable assurance
- adhere to auditing standards
- understand regulatory environment
- assess internal control
The engagement quality review documentation should include
- identification of the engagement quality reviewer and his or her assistants
- the documents reviewed
- the date on which the engagement quality reviewer provided concurring approval of issuance.
inherit risk
The risk that an assertion will lead to a material misstatement
who to report immaterial fraud too
management and/or those charged with governance
first step in planning audit
Make a preliminary judgment about materiality
as it will affect many of the decisions the auditor will make in selecting and executing audit procedures and in interpreting results
Attestation engagements include
reporting on financial projections and forecasts
The phrase “generally accepted accounting principles” is an accounting term that
Encompasses the conventions, rules, and procedures necessary to define accepted accounting practice at a particular time.
GAAP is promulgated by the FASB
When an auditor sets control risk at maximum
- internal controls will not be relied upon
- the opinion will be based entirely upon evidence gathered from substantive testing
The two primary reasons the auditor would not rely on controls are if the controls are weak or if performing substantive tests is more efficient in conducting the audit
step in assessing control risk
- Considering whether control procedures can have a pervasive effect on financial statement assertions
- Evaluating the effectiveness of internal control procedures with tests of controls
- Obtaining an understanding of the entity’s accounting system and control environment
test of detail are
Tests of details are substantive tests that are performed after evaluating internal control
control risk is assessed below the maximum
- rely on internal controls
- reduce the amount of substantive testing
The auditor assesses control risk below the maximum when there are specific, reliable internal controls that relate to specific management assertions
allows for an increase in interim testing and a more efficient audit, rather than reliance on testing exclusively at year end
The internal auditor should report directly to the
board of directors or the audit committee.
A misstatement on the financial statements occurs when
one or more of management’s assertions is contradicted by audit evidence
attest services
audits
review
agreed upon procedures
stmt on auditing standards (SAS)
SSARS
SSAES
Misstatements are considered material if they
individually or in the aggregate, are expected to influence the decisions of a user of the financial statements.
When different materiality levels are determined for various financial statements, the LOWEST aggregate dollar amount will be used.
successor can ask predecessor about working papers regarding:
- internal control
- substantive procedures
- contingencies (litigations)
- subsequent events