Exam 1 Flashcards
Assurance services
Independent professional services that improve quality of info, targeted towards client
Attestation services
Goal is to provide assurance for information as to its reliability, and to provide assurance free of any misstatement
Examinations (audits)
Attestations that are Open ended, high level assurance, referred to as an opinion
Reviews
Attestations that result in moderate/limited assurance, less open ended
Inquiries of management and analytical procedures
Agreed upon procedures
Attestations that result in a report with procedures performed, completely closed ended, client agrees with auditor completely with what they want to perform, no assurance and just reports results
3 types of audits (examinations)
Business risk- success of business
Information risk- accuracy of financial statements
Agency costs- consequences that an agent my follow their own best interests
Presentation and disclosure
Assertion that accounts are described and classified in financial statements in accordance with GAAP
Existence or occurrence
Assertion that assets, liabilities, and equity in financial statements all exist
Rights and obligations
Assertion that client has legal rights to assets listed
Completeness
Assertion that no transactions, assets, liabilities or equity are omitted from financial statements
Cut-off
Assertion that transactions and events have been recorded on correct period
Valuation and allocation
Assets, liabilities, revenues, expenses are correctly valued
External audit
Focus is on financial statements
Objective is expression of an opinion on fairness
Internal audit
Focus is how well business is run
Reviews policies and procedures and makes recommendations to increase revenues
Operational audit
Internal audit that tests effectiveness and compliance with policies and procedures
Compliance audit
Internal audit that tests compliance for laws, government auditing, external auditor doesn’t care about it
Internal reporters report to the ________ and NOT _______
Audit committee, CEO
PCAOB
Goal is to regulate audits and auditors of public companies
Establish audit, quality control standards. Writes GAAP
Only 2 of the 5 board members can be accountants
Appointed by the SEC
AICPA
Issues statements in auditing standards, quality control standards and peer review
Statements on Auditing Standards
Auditing standards responsibility levels
Unconditional- required in all cases
Presumptively mandatory- required except when auditor deems necessary to not follow
Responsibility to consider- auditor can use professional judgement on whether or not to follow
GAAS standards
Statements(AICPA)- must be applied
Interpretive publications- recommendations to consider
Other auditing publications- help auditor understand and apply standards
AU topics
200-299- general principles and responsibilities
300-499- risk assessment and response to assessed risk
500-599- audit evidence
600-699- using work of others
700-799-audit conclusions and reporting
800-899- special considerations
900-999- ^ in US
6 main parts of a public company standard audit report
What the auditors did Opinion of auditor Mention of internal controls Managements responsibility Auditors responsibility Standards used
Qualified opinion
Modified opinion that States that financial statements are fair except for some small matter, such as auditor is not able to audit a particular area
Adverse opinion
Modified opinion that financial statements are not presented fairly
Disclaimer of opinion
Modified opinion where auditors cannot obtain sufficient audit evidence
Pervasive misstatement
Financial statements as a whole are misstated
Audit risk
The risk that the auditor will incorrectly give an unqualified opinion on materially misstated financial statements
Ineffective audit
Audit risk equation
Inherent risk x
Control risk x
Detection risk
Inherent risk
Susceptibility of an account to misstatement. Ex. Cash is easy to steal; high risk
Major types of audit evidence
Accounting information systems Documentary evidence Third party representation Physical evidence Computations Data interrelationships Client representations Evidence from related party transactions Subjective audit evidence
3 steps to review audit estimates
Review managements approach
Develop an estimate
Review subsequent events after estimate- ex. Cash collections after estimating ADA
Appropriate audit evidence
A measure of audit evidence reliability and relevance
What makes audit evidence reliable?
Independent source Generated through effective controls Obtained directly by an auditor Written documentation Original documents, not copies
Audit Sufficiency
Enough quantity of evidence to form a reasonable opinion
Scope of audit sufficiency
Nature- what audit procedure
Timing- when to perform procedure
Extent- how many items in procedure
Risk assessment
To obtain an understanding of the entity, it’s environment and internal control
Substantive tests
Tests whether the balance in the account is correct; end of processing
Tests of details
Verifying that balances are correct
Transactions, ending balances, disclosures
Analytical procedures
Evaluations of financial information made by a study of plausible relationships a month financial and non financial data
Analytical procedure approaches
Trend analysis Horizontal analysis- across time Cross sectional analysis Reasonableness tests Vertical financial statements- convert all numbers to percentage of something
Cross footing
Total of a row of numbers
Data analytics
The computer assisted examination of information in financial statements. Entire population rather than samples
6 audit steps
Plan the audit, strategy
Obtain understanding of client
Assess risks and design audit procedures
Perform tests of control, analytical procedures
Complete the audit
Form an opinion
Engagement risk
Risk to a CPA firm of association with an audit client, or would be sued by a client, reputation harmed by a client
Responsibilities of management but not auditors
Financial statements Effective internal control Compliance with laws Providing representation letter Adjusting financial statements for material misstatements
Tolerable misstatement
An account level misstatement
Transactions assertions
Occurrence Completeness Accuracy Cutoff Classification- proper accounts
Account balances assertions
Existence
Rights and obligations
Completeness
Valuation and allocation
Disclosures assertions
Occurrence Rights and obligations Completeness Accuracy and valuation Classification and understandability
PCAOB 2nd standard of fieldwork
Auditor must have sufficient understanding of the entity, it’s environment, it’s internal control to assess risk of material misstatement
AICPA-GAAS standard of internal control
To obtain reasonable assurance but not absolute assurance, auditor identifies and assesses risks based on understanding of the entity including its internal control
Control activities
Performance reviews
Information processing controls
Physical controls
Segregation of duties: authorisation, recording, and custody
Types of control tests
Inquiries- discuss with client
Inspection- sample of purchase orders
Observation- observe procedures applied to invoices
Reperformance- compare quantities on invoice to quantities on shipping documents
Deficiency
An internal control issue where a control does not allow employee to prevent material misstatements
Significant deficiency
An internal control deficiency important enough to bring up to the audit committee
Material weakness
An internal control deficiency that would cause reasonable possibility that a material misstatement will not be prevented
Assessment of internal auditors
Objectivity- policies for assuring it
Competence- education, experience
Work performance- reviewed by an external auditor
Internal control over financial reporting audit stages
Plan the engagement Identify controls to test Begin at financial statement level identify relevant assertions Identify entity level controls Test and evaluate Form an opinion
ICFR evaluations
Adequacy of management assessment Results of auditors design evaluation Results of operating tests Negative results of substantive procedures Control deficiencies
5 components of internal control
Control environment- managements attitude and ethics
Management risk assessment- organisations should evaluate their own risk
accounting information and communication system
Control activities- PIPS
Monitoring- over time for if they continue to be relevant
Steps in auditors considerations of internal control
Obtain understanding of internal control Document understanding- work paper Assess risks of material misstatement Design further audit procedures Perform tests of controls and evaluate results Substantive procedures