Chapter 3 Flashcards
Required engagement letter contents:
1) the objective and scope of the audit
2) the responsibilities of the auditor
3) the responsibilities of mgmt
4) stmt that because of the inherent limitations - unavoidable risk that some go undetected
5) ID of the applicable financial reporting
6) reference to the expected form and content of any reports to be issued by the auditor
For Audit of issuers – engagement:
The auditor must agree to the terms of the engagement with the audit committee in an engagement letter; letter should be provided to the audit comittee annually
Appropriate factors for change in engagement
1) indication that mgmt misunderstands the objective
2) any revised or special eng terms
3) a change in senior mgmt
4) a significant change in ownership
5) change in legal or regulatory req
6) change in financial reporting framework
Initial audit: communication with the predecessor auditor
Inquires regarding:
1) info that might bear on mgmt integrity
2) disagreements with mgmt over accounting principles
3) the predecessors understanding as to the reasons of the change
4) communication to mgmt regarding fraud
Overview of planning - auditor required to:
1) obtain knowledge of the clients business and industry
2) develop the audit strategy
3) develop the audit plan
4) perform risk assessment procedures to obtain understanding of the entity
Auditor plans audit to be responsive to the initial assessment but:
Should be prepared to revise the audit strategy and the audit plan based on the results of the audit procedures
NET of supervision
1) the size and complexity of the entity
2) the nature of the work assigned
3) the assessed risks of material misstatement
4) the qualifications of the assistants
for planning: knowledge of the clients business and industry
1) tour client facilities
2) review the financial history of the client
3) obtain an understanding of client accounting
4) inquire of client personnel
Written audit plan
Required
Factors used to make the preliminary assessment of materiality:
1) the application of a % to an appropriate FS benchmark
2) prior period financial results
3) any significant known or expected changes in the entitys circumstances
4) changes in the conditions of the industry or the economy as a whole
6 main FS assertions
1) completeness
2) cutoff
3) valuation, allocation and accuracy
4) existence and occurrence
5) rights and obligations
6) understandability and classification
Consideration of fraud: an auditor should -
1) discuss fraud risk with team
2) obtain info to identify fraud risks
3) assess fraud risk and develop an appropriate response
4) evaluate audit evidence on fraud
5) make appropriate communication about fraud
6) document the auditors consideration of fraud
risk assessment procedures - procedures to know entity and environment
1) inquiries
2) analytical procedures
3) observation and inspection
4) risk assessment discussion
5) other procedures
Auditors risk assessment: documentation required (1)
1) the planning discussion
2) the procedures performed on Fraud
3) identified RMM due to fraud
4) if the auditor has not identified improper revenue recognition as a Fraud risk
Response to fraud risk
Auditor does by designing appropriate audit procedures
COSCO framework internal control:
Crime
Control environment Risk assessment Information and communication syste Monitoring Existing control activities
Significant risks - required documentation
1) discussion among audit team: how, when, participants, & subject matter
2) key elements of understanding of entity
3) assessment of the risks
4) the identified risks and controls evaluated
5) more complex entity= more extensive audit doc
Effective control environment:
Paid tips
Prenumbering docs Authorization of transactions Independent checks to maintain asset Documentation Timely and appropriate perfo reviews Information processing controls Physical controls for safeguarding Segregation of duties
Documentation may include:
Any item the auditor can FIND
Flowcharts
Internal Control Questionnaire
Narrative
Documentation from client
Control Environment - key points
- integrity
- competence
- participation of those in governance
- mgmt philosophy
- organizational structure
- assignment of responsibility
- human resource policies
Info and communication systems
- communicating roles and responsibilities
- initiating authorizing and reporting entity transactions conditions and events
Characteristics of audit scope - extent:
- effect of IT on the audit
- knowledge gained from prior experience with entity
- use of service organizations
- size and complexity of entity to be audited
Characteristics of audit scope - timing:
- deadlines for interim and final reporting
- key dates for meetings with mgmt
- nature and timing of audit communications
Characteristics of audit scope - nature:
- preliminary evaluations of materiality, audit risk, and IC
- material locations and account balances
- areas where there is a higher risk of material mistatement
Inverse Relationship
RMM to DR
Consideration of non-compliance
- the legal and regulatory framework
- how the entity is complying with that framework
Reporting non-compliance - governance not involved in mgmt
if issue SERIOUS, communicate intentional and material matters to governance ASAP
Reporting non-compliance - governance involved in mgmt
communicate the matter to the next higher level of authority at the entity. if no higher level - obtain legal advice
Risk assessment steps
IM A CPA
Internal control - understand
Material Misstatement - assess the risks
Assessed level of risk
IC - test for operating effectiveness
Perform substantive procedures
Evaluate the sufficiency and appropriateness of audit evidence
Reporting to regulatory agencies
Auditor has duty if:
- in response to a predecessor auditor
- court order
- assistance from a government agency
Objective of analytical procedures used during planning:
- enhance the auditors understanding of the entity and of transaction since last audit
- identify unusual transactions and events
Factors Indicative of signifcant risks
- risk of fraud
- related parties and related party trans
- improper revenue recognition
- noncompliance with laws
- accounting principles
Documenting NET of audit procedures performed:
- who performed the audit work and date completed
- who reviewed specific audit docs and date reviewed
- identifying characteristics of specific items tested
Auditors specialist
used by auditor to assist in obtaining sufficient appropriate audit evidence
Designing further audit procedures, consider…
- significance of the risk
- likelihood that a MM will occur
- characteristics of the relevant class of transaction, account balance, disclosure
- nature of the specific controls used by the entity
Management’s Specialist
used by the entity to assist the entity in preparing the FS
Relationship between audit risk and materiality
inverse relationship; they must be considered together in designing audit procedures; must be considered at FS level and at the individual level
Referencing specialist
not mentioned in the auditors report if an unmodified opinion is issued; may reference the work if auditor receives prior permission from the specialist for a modified report
Fraud - communicate outside the organization
- comply with certain legal and regulatory requirements
- to a successor auditor (with client permission)
- in response to subpoena
- to a funding agency or other specified agency
- possibly to authorities when mgmt./governance fail to take action
When obtaining reasonable assurance about if FS free of MM, auditor should:
- exercise professionalism
- discuss fraud risk with engagement personnel
- obtain info about fraud
- identify and assess fraud risk
- evaluate how audit evidence
- communicate and document conclusions
Auditor unable to obtain sufficient evidence regarding noncompliance
issue a qualified opinion or disclaimer of opinion
Auditors risk assessment: documentation required (2)
5) results of procedures performed to assess the risk of mgmt override of controls
6) other conditions and analytical relationships that warranted further audit work
7) the nature if communciations made about fraud
