Standards & Related Topics Flashcards
Who is responsible for carrying out an audit according to GAAS?
Independent auditor
What is the purpose of an audit?
To determine whether the financials “in all material respects” conform to GAAP
The auditor’s responsibility for this is explicitly stated in the introductory paragraph of his report
Who is responsible for ensuring the financials conform to GAAP?
Management
Also responsible for internal control and accounting policies
What is the process of aggregation for financial accounting?
Individual transactions –> Journals –> Ledgers –> Financial Statements
What is vouching?
Tracking items from the financial statements backward, to determine if they occurred
What is tracing?
Tracking original transaction documentation to the financial statements, to ensure everything is recorded
What is an engagement letter?
States the details of the engagement with the client
Given so the client understands what the auditor must do and what the auditor’s and management’s responsibilities are
What is the purpose of an audit team discussion?
To discuss the likelihood of material misstatement in the financials
Determined by risk assessment procedures
What is a relevant assertion?
Assertion meaningful to whether an account is fairly stated or not
Depends on the type of the account
Are tests of control and substantive tests optional or mandatory?
Tests of control are optional
Substantive tests are mandatory
What is included in the audit report?
The scope of the audit and the auditor’s opinion
What must be done before the audit report is issued?
Review by the lead audit partner
What do public companies (i.e. issuers) also need besides an audit report?
Engagement quality review and “concurring approval of issuance”
Reviews the engagement team’s work in preparing the engagement report
What is a financial statement audit?
The ordinary kind of audit, determining financial statements’ conformity with GAAP
What is a compliance audit?
Determine an entity’s conformity with certain rules (e.g. IRS audits for whether a taxpayer has paid his due)
What is an operational audit?
Done by internal auditors to evaluate how effective and efficient some part of the company is
What are six important characteristics for audits?
Independence Materiality Selective Testing Audit Risk Overall Opinion Presentation
What is important about selective testing?
An auditor does not provide exhaustive testing or confirmation – only selective
What is important about audit risk?
Risk is twofold: the risk that financials are materially misstated and the risk that the auditor will not detect any such misstatement
Performance of audit is to reduce risk and provide reasonable (not absolute) assurance
What is important about presentation?
Audits ensure that financials are presented fairly, not whether the company is good
What should internal auditors do to be independent?
- report to a level in the company higher than the audited level
- if reporting to the audit committee of the board of directors, they should be independent from any area of the company
What are two common governmental auditors?
Government Accountability Office (GAO) auditors (audits for Congress)
IRS agents
Who are “those charged with governance” (TCWG)?
The main people in charge of running the company, including the board of directors and the audit committee
What is the audit committee?
Formed by the board of directors to monitor financial reporting and internal controls and to interact with auditors (both internal and external)
What is included in the AICPA’s Codification of Professional Standards?
Various Statements on Auditing Standards (SASs) and other standards
Possible card on CPS abbreviations #1
use only if tested (p. 21-6)
Possible card on CPS abbreviations #2
use only if tested (p. 21-6)
Possible card on CPS abbreviations #3
use only if tested (p. 21-6)
Who establishes and approves auditing standards for public companies?
- Established by Public Company Accounting Oversight Board (PCAOB)
- Approved by Securities and Exchange Commission (SEC)
Done as a result of Sarbanes-Oxley
How are rules different for nonissuers?
They are not subject to Sarbanes-Oxley or the SEC
What are the standards governing audits for nonissuers?
AICPA Code of Professional Conduct
Any standards from the AICPA Auditing Standards Board (ASB)
What are Statements of Auditing Standards (SASs)?
They compose the bulk of GAAS, and are issued by the AICPA Auditing Standards Board (ASB)
What is the difference between procedures and standards?
Procedures are particular acts done within audits – vary by engagement
Standards involve purposes for and evaluations of procedures – don’t vary by engagement
What are two different kinds of professional requirements?
Unconditional requirements – required in all cases, involve “must” or “is required”
Presumptively mandatory requirements – permit of rare exceptions, involve “should”
What are the three auditor qualifications required in the general standards?
TIP
- Technical training
- Independence (in fact and attitude)
- Performance (due professional care)
What is required by the standards of fieldwork?
SEE
- Supervision (of assistants) and planning
- Entity and environment
- Evidence (sufficient and appropriate)
What do the standards of reporting require to be included in the audit report?
ACDE
- Accounting basis (GAAP or OCBOA)
- Consistency of accounting principles across reporting periods
- Disclosure of information is proper
- Expressed opinion
What information is required for auditors of issuers regarding independence?
All relevant relationships should be disclosed to TCWG in writing
Auditor should confirm independence from client according to SEC regulations (also in writing)
Auditors should discuss independence with TCWG
What is an important element of due professional care for auditors?
Professional skepticism
Also: providing reasonable (not absolute) assurance, not fraudulently claiming a higher degree of skill, not guaranteeing infallibility
What are the standards governing a CPA firm’s quality control system?
Statement on Quality Control Standards (SQCS)
What is the purpose of a quality control system for a CPA firm’s accounting and auditing practice?
To provide reasonable assurance that auditors comply with all relevant standards (e.g. professional, regulatory, legal)
U.S. companies need to provide such assurance for foreign offices/affiliates as well
How are GAAS and SQCS related?
GAAS involve conduct for particular audit engagements
SQCS involve conduct for an auditing firm as a whole
What is the name given to the record for work accomplished, results, and conclusions reached?
Engagement documentation, or workpapers
According to the SQCS, who performs an engagement quality control review?
Someone who is not a member of the engagement team
Who is included in the engagement team?
All firm employees and contractors who work on the engagement
Certain specialists, and people who do routine office work, are not part of the team
What is monitoring?
Evaluation of the firm’s quality control
What is inspection?
Part of monitoring – evaluates QC policies, how well personnel understand them, and how well they have complied
What is a partner?
Someone with the authority to bind the firm to perform engagements (even if he lacks the title of “partner”)
What should be included in a firm’s quality control policies and procedures?
Leadership's responsibility Ethical requirements Client relationships and engagements Human resources Engagement performance Monitoring
What is important to know about leadership’s responsibility in a QC system?
- leadership have ultimate responsibility
- tone at the top (firm “culture” committed to quality)
- QC policies (including evaluation, promotion, incentives, etc.) should promote quality over money
- QC policies should provide adequate resources for QC procedures
What is important to know about ethical requirements in a QC system?
Policies should especially promote independence, finding risks to independence, reporting breaches, and being willing to leave engagements
Also should help firm conform to regulations on independence (e.g. rotating personnel)
What is important to know about client relationships and engagements in a QC system?
The firm should ensure:
- client integrity
- competence to serve client
- that client has understanding of audit
What is important to know about human resources in a QC system?
- recruitment and hiring
- determining personnel skills
- assigning personnel to engagements
- professional development
- performance evaluation, pay, and promotion
What skills should a firm’s HR dep’t ensure that the engagement partner has?
- understands Code of Professional Conduct
- understands auditing service to be done
- has technical competence
- understands industry
- has professional judgment
- understands client’s IT system
What should a firm’s HR dep’t stress regarding professional development?
- that continuing education requirements are met
- passing the CPA exam
What is important to know about engagement performance in a QC system?
Should provide reasonable assurance that audits are performed according to various requirements (professional, regulatory, legal)
Includes policies on:
- workpapers
- consultation
- resolving differences
- engagement QC review
What should be included in an engagement QC review?
Evaluation of judgments and conclusions
Comparison of report with financials
Discussion with engagement partner over significant issues
What documentation should there be for an engagement QC review?
Documentation that:
- firm QC review procedures are followed
- review was completed before report’s release
- reviewer is unaware of unresolved issues
What should be done if monitoring a QC review system uncovers deficiencies?
Should determine whether they are systematic, repetitive, or significant and correct them accordingly
Legal advice may be necessary if the deficiency involves a report or omitted procedures
How often should the results of monitoring be reported?
At least annually
What qualifies as a predecessor auditor?
Someone who:
- reported on the most recent audited financials
- was engaged to do so but did not (resignation/termination)
- reported on audited statements that the client wants reaudited
Who has the responsibility to begin communication between the predecessor and successor auditors?
Successor
Can be written or oral
When should info between predecessor and successor auditors be kept confidential?
Always, even if the successor does not accept the engagement
What permission should the successor (S) obtain from the predecessor (P) before the engagement?
S must ask P for client’s consent to give client info to S
Client may forbid it, and S should consider this when deciding to accept engagement
What inquiries should the successor make of the predecessor before the engagement?
- management integrity
- disagreements b/w mgmt and auditor
- illegal acts
- weaknesses in internal control
- reason for auditor change
What is commonly given by the predecessor to the successor after the engagement has been accepted?
Predecessor’s workpapers
What happens if the predecessor auditor does not respond fully to the successor?
He should clearly state that his response is limited and perhaps explain why
How should the successor’s own work be affected by the predecessor’s work?
His work and opinion are his own, so they should not reference the predecessor
What happens if the successor finds an error in the predecessor’s work?
He may ask the client to have all three parties meet to resolve it
