69360 Fundamentals of Financial Statements Audit Dushanbe, May 10 – 14, 2011 1/1/2011 The World Bank Group WB194927 Fundamentals of an Audit of Financial Statements Contents 1. Objectives and General Principles Governing an Audit of Financial Statements............ 3 Responsibility for the Financial Statements ............................................................................ 3 General Principles of an Audit ................................................................................................ 3 Scope of an Audit .................................................................................................................... 4 Reasonable Assurance ............................................................................................................. 4 Professional Judgment ............................................................................................................. 4 Sufficient Appropriate Audit Evidence ................................................................................... 5 Audit Risk ................................................................................................................................ 5 Terms of Audit Engagements .................................................................................................. 7 2. Quality Control for Audit Work (Engagement level) .................................................... 10 Role of the engagement partner ............................................................................................. 10 Engagement performance ...................................................................................................... 10 Engagement quality control review ....................................................................................... 11 3. Audit Documentation ..................................................................................................... 16 4. Audit Planning................................................................................................................ 31 5. Accounting and Internal Control Systems ..................................................................... 43 6. Audit Evidence ............................................................................................................... 50 7. Audit Performance ......................................................................................................... 62 8. Audit Report ................................................................................................................... 86 9. Other responsibilities...................................................................................................... 95 2 Fundamentals of an Audit of Financial Statements 1. Objectives and General Principles Governing an Audit of Financial Statements An Audit of Financial Statements (ISA 200.3) The purpose of an audit is to enhance the degree of confidence of intended users in the financial statements. This is achieved by the expression of an opinion by the auditor on whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework. In the case of most general purpose frameworks, that opinion is on whether the financial statements are presented fairly, in all material respects, or give a true and fair view in accordance with the framework. An audit conducted in accordance with ISAs and relevant ethical requirements enables the auditor to form that opinion. Objective of an Audit The objective of an audit of financial statements is to enable an auditor to express an opinion as to whether the financial statements are prepared, in all material respects, in accordance with International Financial Reporting Standards or another identified financial reporting framework. The auditor‟s opinion is expressed in by using the phrase “give a true and fair view� or “present fairly, in all material respects�. The opinion is included in a written report (the audit report) that accompanies audited financial statements. Responsibility for the Financial Statements The auditor and the client‟s management have separate and distinct responsibilities. The auditor is responsible for forming and expressing an opinion on the financial statements. The client‟s management, on the other hand, bears responsibility for preparing and presenting the financial statements. Management‟s responsibilities are not relieved by the fact that the statements are audited. General Principles of an Audit An auditor must comply with general principles of an audit. These require an auditor to:  comply with the “Code of Ethics for Professional Accountants� issued by the IFAC (or a national Code of Ethics, where appropriate).  conduct an audit in accordance with ISAs (where applicable).  plan and perform the audit with an attitude of professional skepticism, recognizing that circumstances may exist that cause the financial statements to be materially misstated. Professional skepticism includes being alert to, for example:  Audit evidence that contradicts other audit evidence obtained.  Information that brings into question the reliability of documents and responses to inquiries to be used as audit evidence.  Conditions that may indicate possible fraud.  Circumstances that suggest the need for audit procedures in addition to those required by the ISAs. 3 Fundamentals of an Audit of Financial Statements Scope of an Audit “Scope of an audit� is a term that refers to the audit procedures that are considered necessary to achieve the audit‟s objective. The auditor should determine these procedures, taking into consideration the requirements of:  ISAs;  relevant professional bodies;  legislation;  regulations; and, where appropriate,  the terms of the audit engagement and reporting requirements. Reasonable Assurance As the basis for the auditor‟s opinion, ISAs require the auditor to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error. Reasonable assurance is a high level of assurance. It is obtained when the auditor has obtained sufficient appropriate audit evidence to reduce audit risk (that is, the risk that the auditor expresses an inappropriate opinion when the financial statements are materially misstated) to an acceptably low level. However, reasonable assurance is not an absolute level of assurance, because there are inherent limitations of an audit which result in most of the audit evidence on which the auditor draws conclusions and bases the auditor‟s opinion being persuasive rather than conclusive. An audit carried out in accordance with ISAs is designed to provide reasonable assurance that financial statements, taken as a whole, are free from material misstatement. In general, misstatements, including omissions, are considered to be material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of the financial statements. Judgments about materiality are made in the light of surrounding circumstances, and are affected by the auditor‟s perception of the financial information needs of users of the financial statements, and by the size or nature of a misstatement, or a combination of both. The auditor can not provide absolute assurance because of certain limitations in the audit process which include, e.g., inherent limitations that affect the auditor‟s ability to detect material misstatements such as:  the use of testing;  the inherent limitations of accounting and internal control systems, such as collusion; and  the fact that most audit evidence is persuasive rather than conclusive;  fraud, particularly fraud involving senior management or collusion;  the existence and completeness of related party relationships and transactions;  the occurrence of non-compliance with laws and regulations; and,  future events or conditions that may cause an entity to cease to continue as a going concern. Professional Judgment Professional judgment is essential to the proper conduct of an audit. This is because interpretation of relevant ethical requirements and the ISAs and the informed decisions required throughout the audit cannot be made without the application of relevant knowledge and experience to the facts and circumstances. Professional judgment is necessary in particular regarding decisions about: 4 Fundamentals of an Audit of Financial Statements  materiality and audit risk.  the nature, timing and extent of audit procedures used to meet the requirements of the ISAs and gather audit evidence.  evaluating whether sufficient appropriate audit evidence has been obtained, and whether more needs to be done to achieve the objectives of the ISAs and thereby, the overall objectives of the auditor.  the evaluation of management‟s judgments in applying the entity‟s applicable financial reporting framework.  the drawing of conclusions based on the audit evidence obtained, for example, assessing the reasonableness of the estimates made by management in preparing the financial statements. Sufficient Appropriate Audit Evidence Sufficiency is the measure of the quantity of audit evidence. The quantity of audit evidence needed is affected by the auditor‟s assessment of the risks of misstatement (the higher the assessed risks, the more audit evidence is likely to be required) and also by the quality of such audit evidence (the higher the quality, the less may be required). Obtaining more audit evidence, however, may not compensate for its poor quality. Appropriateness is the measure of the quality of audit evidence; that is, its relevance and its reliability in providing support for the conclusions on which the auditor‟s opinion is based. The reliability of evidence is influenced by its source and by its nature, and is dependent on the individual circumstances under which it is obtained. Whether sufficient appropriate audit evidence has been obtained to reduce audit risk to an acceptably low level, and thereby enable the auditor to draw reasonable conclusions on which to base the auditor‟s opinion, is a matter of professional judgment. Audit Risk Audit risk is a function of the risks of material misstatement and detection risk. The assessment of risks is based on audit procedures to obtain information necessary for that purpose and evidence obtained throughout the audit. The assessment of risks is a matter of professional judgment, rather than a matter capable of precise measurement. Risks of Material Misstatement The risks of material misstatement may exist at two levels:  The overall financial statement level; and  The assertion level for classes of transactions, account balances, and disclosures. Risks of material misstatement at the overall financial statement level refer to risks of material misstatement that relate pervasively to the financial statements as a whole and potentially affect many assertions. Risks of material misstatement at the assertion level are assessed in order to determine the nature, timing and extent of further audit procedures necessary to obtain sufficient appropriate audit evidence. This evidence enables the auditor to express an opinion on the financial statements at an acceptably low level of audit risk. Auditors use various approaches to accomplish the objective of assessing the risks of material misstatement. For example, the auditor may make use of a model that expresses the general relationship of the components of audit risk in mathematical terms to arrive at an acceptable level of detection risk. Some auditors find such a model to be useful when planning audit procedures. 5 Fundamentals of an Audit of Financial Statements The risks of material misstatement at the assertion level consist of two components: inherent risk and control risk. Inherent risk and control risk are the entity‟s risks; they exist independently of the audit of the financial statements. Control risk is a function of the effectiveness of the design, implementation and maintenance of internal control by management to address identified risks that threaten the achievement of the entity‟s objectives relevant to preparation of the entity‟s financial statements. Detection Risk Detection risk is the risk that the auditor does not detect a material misstatement where there actually is one. The greater the risks of material misstatement the auditor believes exists, the less the detection risk that can be accepted and, accordingly, the more persuasive the audit evidence required by the auditor. 6 Fundamentals of an Audit of Financial Statements Terms of Audit Engagements When an auditor agrees to provide audit services to a client, the terms of the engagement need to be agreed to and recorded in an engagement letter or other suitable form of contract. The agreed terms of the audit engagement include:  the objective and scope of the audit of the financial statements;  the responsibilities of the auditor;  the responsibilities of management;  identification of the applicable financial reporting framework for the preparation of the financial statements; and  reference to the expected form and content of any reports to be issued by the auditor and a statement that there may be circumstances in which a report may differ from its expected form and content. An Example of Audit Engagement Letter (ISA) To the appropriate representative of management or those charged with governance of ABC Company: The objective and scope of the audit You have requested that we audit the financial statements of ABC Company, which comprise the balance sheet as at December 31, 20X1, and the income statement, statement of changes in equity and cash flow statement for the year then ended, and a summary of significant accounting policies and other explanatory information. We are pleased to confirm our acceptance and our understanding of this audit engagement by means of this letter. Our audit will be conducted with the objective of our expressing an opinion on the financial statements. The responsibilities of the auditor We will conduct our audit in accordance with International Standards on Auditing (ISAs). Those standards require that we comply with ethical requirements and plan and perform the audit to obtain reasonable assurance about whether the financial statements are free from material misstatement. An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the financial statements. The procedures selected depend on the auditor‟s judgment, including the assessment of the risks of material misstatement of the financial statements, whether due to fraud or error. An audit also includes evaluating the appropriateness of accounting policies used and the reasonableness of accounting estimates made by management, as well as evaluating the overall presentation of the financial statements. Because of the inherent limitations of an audit, together with the inherent limitations of internal control, there is an unavoidable risk that some material misstatements may not be detected, even though the audit is properly planned and performed in accordance with ISAs. In making our risk assessments, we consider internal control relevant to the entity‟s preparation of the financial statements in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the entity‟s internal control. However, we will communicate to you in writing concerning any significant deficiencies in internal control relevant to the audit of the financial statements that we have identified during the audit. 7 Fundamentals of an Audit of Financial Statements The responsibilities of management and identification of the applicable financial reporting framework. Our audit will be conducted on the basis that management acknowledge and understand that they have responsibility:  for the preparation and fair presentation of the financial statements in accordance with International Financial Reporting Standards;  for such internal control as management determines is necessary to enable the preparation of financial statements that are free from material misstatement whether due to fraud or error; and,  to provide us with: o access to all information of which management is aware that is relevant to the preparation of the financial statements such as records, documentation and other matters; o Additional information that we may request from management for the purpose of the audit; and, o unrestricted access to persons within the entity from whom we determine it necessary to obtain audit evidence. As part of our audit process, we will request from management, written confirmation concerning representations made to us in connection with the audit. We look forward to full cooperation from your staff during our audit. [Other relevant information] [Insert other information, such as fee arrangements, billings and other specific terms, as appropriate.] Reporting The form and content of our report will be in accordance with ISA 700; however, it may need to be amended in the light of our audit findings. Please sign and return the attached copy of this letter to indicate your acknowledgement of, and agreement with, the arrangements for our audit of the financial statements including our respective responsibilities. XYZ & Co. Acknowledged and agreed on behalf of ABC Company by (signed) ...................... Name and Title Date 8 Fundamentals of an Audit of Financial Statements Recurring Audits The auditor may decide not to send a new audit engagement letter or other written agreement each period. However, the following factors may make it appropriate to revise the terms of the audit engagement or to remind the entity of existing terms:  any indication that the entity misunderstands the objective and scope of the audit;  any revised or special terms of the audit engagement;  a recent change of senior management;  a significant change in ownership;  a significant change in nature or size of the entity‟s business;  a change in legal or regulatory requirements;  a change in the financial reporting framework adopted in the preparation of the financial statements; and,  a change in other reporting requirements. 9 Fundamentals of an Audit of Financial Statements 2. Quality Control for Audit Work (Engagement level) Role of the engagement partner The engagement partner is responsible for:  Overall quality control of the audit engagement  Evaluation of compliance with ethical requirements and independence  Acceptance and continuance of client relationships and specific audit engagements  Assignment of an engagement team with the appropriate capabilities, competence and time  Direction, supervision and performance of the audit engagement in compliance with professional standards and regulatory and legal requirements  Ensuring appropriate consultation is undertaken on difficult or contentious matters  Ensuring that an engagement quality control review is undertaken for audits of financial statements of listed entities and ensuring resulting issues are discussed before the auditor's report is issued. Engagement performance Direction This involves informing members of the engagement team of:  Their responsibilities including the need to comply with ethical requirements and to perform the audit with professional skepticism;  Responsibilities of respective partners where more than one partner is involved in the conduct of the audit;  The objectives of the work to be performed;  The nature of the entity‟s business;  Risk-related issues;  Problems that may arise;  The detailed approach to the performance of the engagement. Discussion amongst members of the engagement team is encouraged. Supervision This involves:  Tracking the progress of the audit;  Considering the competence and capabilities of individual members of the engagement team;  Addressing significant matters arising during the audit, considering their significance and modifying the planned approach;  Identifying matters for consultation or consideration by more experienced engagement team members during the audit engagement. Review The basic principle is that the work of less experienced team members is reviewed by more experienced team members. Considerations include whether:  Work has been performed in accordance with professional standards;  Significant matters have been raised for further consideration;  Appropriate consultations have taken place and conclusions documented; 10 Fundamentals of an Audit of Financial Statements  There is a need to revise the nature, timing and extent of work performed;  The work performed supports the conclusions reached and is appropriately documented;  The evidence obtained is sufficient and appropriate to support the auditor‟s report;  The objectives of the audit have been achieved. Engagement quality control review The engagement quality control reviewer must document for the audit engagement reviewed:  That procedures required by the firm‟s policies on engagement quality control review have been performed;  That the engagement quality control review has been completed on or before the date of the auditor‟s report;  That the reviewer is not aware of any unresolved matters that would cause the reviewer to believe that the significant judgements the engagement team made and the conclusions they reached were not appropriate. Considerations specific to small entities In addition to audits of financial statements of listed companies, an engagement quality control review is required for audit engagements that meet the criteria established by the firm. In some cases none of the firm‟s audit engagements will meet criteria that would subject them to such a review. Example: Identify and comment on the quality control issues from the following scenario (adapted from BPP): VBMC is a small four-partner audit firm with a single office in a regional location. Clients include businesses and companies mainly in the retail and financial services industries. Two of the firm's biggest clients are considered by legislation public interest entities. The firm considers quality control very important and endeavours to comply with international guidance. Mandek is partner in charge of quality. He is also Marketing Partner of the firm. There is no specific quality control department, but Mandek gives an annual update on the firm's quality control procedures in August when he is not busy. Annual quality control reviews of audits are not undertaken due to the firm's size. The partners are in daily contact and discuss quality at their monthly meetings. However, as part of Mandek‟s annual marketing review of clients, he identifies any clients perceived as risky due to their size or the firm's dependence on them. Human resources New joiners to the firm are generally accounting graduates from the local economics university to minimise training costs. They all attend final interviews with the Senior Partner, Vlad. Selection is based on their exam marks, ability to speak fluent English (some of the firm's clients are international), presentation and confidence. Annual appraisals of all professional staff are conducted by the Senior Partner. He feels that even though the firm is growing, it is still small enough to appraise staff personally. Promotion is based on a 'balanced scorecard' of four criteria: 11 Fundamentals of an Audit of Financial Statements  marketing events attended  completion of audit work on time  feedback from clients (based on an assessment after each audit)  punctuality of arrival in the mornings (staff should arrive by 8am, but can leave once their work is complete) Audit process All audit work is reviewed by the auditor in charge (AIC) before presentation of the files to the engagement partner. The AIC highlights the key risk areas for the partner to perform a second review on. Files are created and delivered for review entirely electronically. Due to the firm's scanning facility being oversubscribed, less important physical evidence is discarded at the end of the audit. The firm is too small to have industry units so clients are spread across the four partners based on their location. Technical matters An Ethical helpdesk is staffed by one of the partners, Ivan (when he‟s in the office) respected in the firm for his technical knowledge. Staff are encouraged to seek help where they consider it appropriate. All audit staff are updated annually on the latest developments in auditing and ethical standards for reference while conducting audits. Any necessary 'library' data – exchange rates, share prices etc are obtained directly by audit staff from the Internet. Technical issues are resolved by the engagement partner on the relevant audit. The following is an excerpt from CGA Canada Practice Alert, July 2009 What is an engagement quality control review? A quality control review of an engagement is a review by an objective professional who is independent from the client, and has no other responsibilities for the engagement. An engagement quality control review provides an objective evaluation of the significant judgments made by the engagement team and the conclusions reached in formulating the report. The quality control reviewer reviews the completed file, but may also perform review procedures as the engagement progresses. For example, by reviewing the risk assessment and other planning procedures before an audit progresses further, any weaknesses in the planned procedures or in the risk assessment process that the reviewer identifies can be addressed on a timely basis, and audit procedures can be adjusted accordingly before they are completed. “The extent of the engagement quality control review may depend, among other things, on the complexity of the engagement, whether the entity is a listed entity, and the risk that the report might not be appropriate in the circumstances. The performance of an engagement quality control review does not reduce the responsibilities of the engagement partner.� 12 Fundamentals of an Audit of Financial Statements Typically, the file would undergo a detailed review by a senior member of the assurance team before the completed file would be submitted to the quality control reviewer, and control review. The practitioner would not sign off on the file until the quality control reviewer has signed off on the satisfactory resolution of all issues raised during the review. So, what does a quality control reviewer review? Potential items for review are identified in the sample quality control review checklist in the Public Practice Manual. This “file inspection checklist� is included at the end of this Practice Alert. This checklist includes sections for audits, reviews, and compilations. (Although there are no requirements for quality control reviews of compilation engagements, a quality control review process may be helpful in reducing risk to an acceptable level in higher risk engagements.) Professional judgment is required to determine the extent of the quality control review, although the following guidance should be followed: A quality control review conducted by an objective, independent professional has the potential to identify issues that might otherwise be missed, and can often result in a higher quality professional product. Example (adapted): A sole practitioner has been appointed as auditor for a non-government-organization (NGO) each year for several years, providing the auditor with a certain comfort level with the engagement and with the management of the NGO. The auditor believes that his experience and knowledge of the client gained over the years has improved his ability to provide quality service to the client. When approaching the requirement to assess the risk of material misstatement due to fraud each year, the auditor considers the nature of the organization, the individuals involved, and the controls they have implemented, and concludes that the risks of fraud are low and that the standard audit procedures used in prior years is sufficient. No specific tests are designed or performed to address risks of fraud. One year, a director of the NGO contacts the auditor and advises him that the NGO board has engaged a forensic auditor to investigate suspected fraudulent travel and other expenses by the executive director. Some time later, evidence obtained from the forensic audit establishes that several thousand dollars were taken improperly from the NGO over a period of several years, and the Board dismisses the executive director. Aware that another auditor was engaged to investigate this fraud, and concerned that no evidence ever surfaced during the annual audit that arose any suspicion of fraud, the auditor knew that his re-appointment was not certain. He also had heard that the NGO Board had received legal advice that could result in litigation concerning his audit reports. While this example is only loosely based on actual events, the risks described are real risks that all auditors should address. What could the auditor have done differently? Could an engagement quality control review have helped? The continuing appointments as auditor over a number of years represented a threat to independence that the auditor should have identified during the engagement acceptance process each year. Had this threat been identified, the auditor may have then determined that an engagement quality control review would be an appropriate safeguard to implement. Approaching the engagement from an objective viewpoint, the engagement quality control reviewer might have quickly identified the following ISA deficiencies during a review of the audit planning, resulting in a revised audit plan that would address the risks appropriately: 13 Fundamentals of an Audit of Financial Statements  The auditor relied on previous experience with the client when assessing a low risk of misstatement due to fraud (the risk of fraud should be assessed without regard to any expectations of management honesty or dishonesty);  The auditor assessed a low risk of misstatement due to fraud in part due to the expected benefits from internal controls (the risk of fraud should be assessed before considering the effect of internal controls; reliance on controls is only appropriate after testing those controls for effectiveness);  Due to the inappropriate reliance on these factors, the auditor did not identify any risks of fraud (such as a risk of management override of controls, common in small entities);  Since no risks of fraud were identified, no audit procedures were designed to detect fraud. (For example, if management override had been identified as a risk, appropriate procedures might have included testing management expense payments for appropriateness and approval, scrutinizing vendor accounts for proper approvals and for fictitious or related companies, verifying proper payments to management for remuneration, etc.) In this example, the advice provided by the engagement quality control reviewer might have resulted in audit procedures that would detect the fraud. Even if the fraud remained undetected through the audit, the auditor would have been able to claim ISA was followed and that the audit addressed fraud risk appropriately, thereby providing a measure of protection in the event of litigation. There is always a risk that material misstatements might be undetected by the accountant or auditor and that an inappropriate Audit Report could be issued. The purpose of a quality control review is to reduce that risk. Who can act as an engagement quality control reviewer for a small firm? If there is more than one accounting professional in the firm, one of those persons may qualify to perform quality control reviews. To qualify, the professional must:  be objective - independence from the client is essential;  have the appropriate training, experience, technical expertise, and authority o generally, that means an ability to perform the engagement that is the subject of the quality control review; o not otherwise be a member of the engagement team; o not make important decisions specific to the engagement. The quality control reviewer could be a partner or an employee, provided that objectivity is not impaired. Since an auditor may decide that it is desirable to select a quality control reviewer within the firm whenever possible, careful planning may be necessary to ensure that project assignments and engagement assignments are not made that would impair the objectivity of a potential quality control reviewer for an engagement. In the case of a sole practitioner with no other employed professionals, it may be necessary to make suitable arrangements with another firm or an external professional to provide a quality control review. In that case, a written agreement that protects confidentiality and describes the responsibilities of each party is highly recommended. 14 Fundamentals of an Audit of Financial Statements For audits of public enterprises, no person may act as an engagement quality control reviewer for more than five years, nor may a person act as engagement quality control reviewer if, during the previous five years that person has served as lead engagement partner for the audit. Further, those performing the engagement or the engagement quality control review cannot be involved in the monitoring process of inspecting the engagements. As a result, small firms may need to outsource those monitoring procedures. When practicable, those performing the engagement quality control review should not be selected by the engagement partner. In small firms, the engagement partner may have to be involved in selecting the engagement quality control reviewer Engagement Partner The engagement partner is responsible for the overall quality on each audit engagement to which that partner is assigned. This includes the following:  relevant ethical requirements, particularly independence;  satisfactory completion of the client acceptance and continuation procedures;  assignment of engagement teams  direction, supervision and performance of the audit;  review of the work performed and, where necessary, consultation;  engagement quality control review by quality control reviewer, consisting of: o discussion of significant matters with the engagement partner; o review of the financial statements and the proposed auditor‟s report; o review of selected audit documentation relating to the significant judgments the engagement team made and the conclusions it reached; and, o evaluation of the conclusions reached in formulating the auditor‟s report and consideration of whether the proposed auditor‟s report is appropriate. 15 Fundamentals of an Audit of Financial Statements 3. Audit Documentation The auditor should document matters that are important in providing evidence:  to support the audit opinion; and  that the audit was carried out in accordance with ISAs. Documentation consists of the audit working papers prepared, or obtained and retained, by the auditor. They may be in various forms, including data stored on paper, film, and electronic media. The chief objectives of working papers are to: 1) assist in planning and performing the audit; 2) assist in the supervision and review of audit work; 3) record the audit evidence resulting from the audit work performed to support the auditor‟s opinion Nature and Purposes of Audit Documentation (ISA 230.2-3) Audit documentation that meets the requirements of this ISA and the specific documentation requirements of other relevant ISAs provides: (a) Evidence of the auditor‟s basis for a conclusion about the achievement of the overall objectives of the auditor; and, (b) Evidence that the audit was planned and performed in accordance with ISAs and applicable legal and regulatory requirements. Audit documentation serves a number of additional purposes, including the following:  assisting the engagement team to plan and perform the audit.  assisting members of the engagement team responsible for supervision to direct and supervise the audit work, and to discharge their review responsibilities in accordance with ISA 220.2  enabling the engagement team to be accountable for its work.  retaining a record of matters of continuing significance to future audits.  enabling the conduct of quality control reviews and inspections in accordance with ISQC 1 or national requirements that are at least as demanding.  enabling the conduct of external inspections in accordance with applicable legal, regulatory or other requirements. Form and Content of Working Papers Working papers should be sufficiently detailed and complete to provide an overall understanding of the audit. They should document:  audit planning;  the nature, timing and extent of procedures performed; 16 Fundamentals of an Audit of Financial Statements  the results of procedures performed; and  the conclusions based on the audit evidence obtained. The documentation should include the auditor‟s reasoning and conclusions on all significant matters that required the exercise of judgment. The facts that were known at the time, and the conclusions based on those facts, should be detailed where difficult questions of principles or judgment are involved. The amount of detail to be included in working papers is a matter of professional judgment. As a guideline, it may be useful to consider how much detail would be necessary to provide another auditor, who has no previous experience with the audit, with an understanding of the work performed and the basis of major decisions made. The form and content of working papers are affected by matters such as:  the nature of the engagement;  the form of the auditor‟s report;  the nature and complexity of the business;  the nature and condition of the entity‟s accounting and internal control systems;  the particular needs for direction, supervision and review of the work performed by assistants; and  the specific methodology and technology used during the course of the audit. Working papers are designed and organized to meet the documentation needs of individual audits. Standardized working papers, such as checklists or a working papers index, may improve the efficiency of working paper preparation and review. They facilitate the delegation of work and provide a means to control its quality. To increase audit efficiency, the auditor may utilize client-prepared schedules, analyses and other documentation. In this event, the auditor needs to verify that those materials were properly prepared. In the case of recurring audits, working paper files may be classified as “permanent� or “current�. Permanent files contain information of continuing importance and are updated on an ongoing basis. Current files contain information that relates primarily to the audit of a single period. 17 Fundamentals of an Audit of Financial Statements Permanent files Permanent files would ordinarily include:  information about the client‟s legal and organizational structure, such as articles of incorporation, corporate bylaws, and organization chart.  copies of the minutes of the board of directors‟ meetings. copies or extracts of important legal documents and agreements such as financing arrangements and contracts with major suppliers or customers.  information concerning the industry, economic environment and legislative environment within which the entity operates.  evidence of the auditor‟s understanding of the accounting and internal control systems. This may include flowcharts, internal control questionnaires and narrative descriptions of pertinent aspects of the systems.  analyses of significant trends and ratios such as gross profit ratio, current ratio and turnover ratios (note: these analyses may be included in the current file rather than the permanent file). Information in the permanent file is updated each period with new information of continuing importance. An index to the permanent file may be prepared to facilitate the organization of the file‟s contents. Current files The current file contains the working papers relating to the period under audit. Its contents will ordinarily include the following:  evidence of the planning process including the audit program and any changes made to it.  a memorandum or other evidence of the auditor‟s assessment of inherent and control risk and any changes made to those assessments  a memorandum or other evidence of the auditor‟s consideration of the work of the internal auditing department, if applicable.  analyses of significant ratios and trends (if not included in the permanent file).  a record of the nature, timing and extent of audit procedures performed and the results obtained.  evidence that the work of assistants was supervised and reviewed. This is usually indicated by the supervisor‟s initials and dates on each working paper reviewed.  an indication of who performed the audit procedures and when it was performed. This is usually indicated by the assistant‟s initials and dates on each working paper prepared.  copies of communications with other auditors, experts and other third parties.  copies of letters concerning audit matters, including letters describing the terms of the engagement and material weaknesses in internal control.  letters of representation received from the client, such as the management representation letter. 18 Fundamentals of an Audit of Financial Statements  conclusions reached by the auditor concerning the significant aspects of the audit including how unusual matters, if any, were resolved.  copies of the financial statements and auditor‟s report. 19 Fundamentals of an Audit of Financial Statements Organization of the current file Audit firms use various methods to organize the contents of the current file. As mentioned above, the contents of the current file will depend on the nature of the client‟s business and many other factors. The index below provides an example of how working papers may be organized. I. GENERAL SECTION Working paper reference Planning  Audit plan _____  Audit program _____  Risk assessment memorandum - fraud and error _____  Risk assessment memorandum - going concern _____  Risk assessment memorandum - inherent and control risk _____  Analytical procedures - preliminary _____  Memorandum - materiality determination _____ Correspondence  Engagement letter _____  Management representation letter _____  Other correspondence _____ Trial Balance  Trial balance _____  Proposed adjusting entries _____  Proposed reclassification adjustments _____ Financial Statements  Current year financial statements _____  Audit report _____  Prior year financial statements _____ Audit Completion  Memorandum - going concern _____  Subsequent events _____  Memorandum - summary audit results and conclusions _____  Analytical procedures - final _____ II. AUDIT EVIDENCE  Cash and investments _____  Receivables _____  Inventory _____  Property, plant and equipment _____  Payables _____  Long-term debt _____  Equity _____ 20 Fundamentals of an Audit of Financial Statements Working paper format Each audit firm will have its own specific guidelines for working paper format. In general, however, every working paper should contain the following elements:  indexing - each working paper should be marked with an index number so that it can be located and reviewed efficiently by reviewers.  cross-referencing - information contained in working papers should be referenced to other working papers that contain interrelated information.  heading - the working paper should show the name of the client, the title of the working paper and the period of time to which the working paper relates.  signatures or initials and dates - the preparer of the working paper should sign and date each working paper so that reviewer can easily identify the person responsible for the work if questions arise during review. The reviewer should also sign and date each working paper upon completion of the review.  tickmarks and legend - tickmarks are symbols placed on the working papers that explain the audit procedures performed by the assistant. Some audit firms will have standard tickmarks that are used by preparers. Other firms allow assistants to develop tickmarks. In this case, a legend must be placed on each working paper that explains the meaning of the tickmark to the reviewer. 21 Fundamentals of an Audit of Financial Statements Example: Audit Program for Accounts Receivable Risks  The accounts receivable listing or individual balances may be inaccurate (Completeness)  Accounts receivable balances may not exist (Existence)  Accounts receivable may not be collectible (Valuation)  Bad debts write-offs may not be valid (Rights and Obligations, Valuations)  Sales transactions may be processed in the wrong period (Cut-off/Presentation) Steps Agree a detailed listing of accounts receivable to the trial balance Obtain a detailed listing of accounts receivable balances (aged by customer, if possible) and: a) trace totals to the accounts receivable ledger; b) select reconciling items, if any, and i) trace these items to supporting documentation; and ii) determine whether the results of the client's investigations have been reviewed and approved by a responsible official; c) test, on a judgmental sample basis, the mathematical accuracy of the detailed listing; and d) if appropriate, examine support for any significant adjustments made throughout the year in reconciling detailed accounts receivable records with the account(s) in the general ledger. Positively confirm selected accounts receivable balances Select customers' account from the detail accounts receivable listing for positive confirmation and perform the following: a) send positive confirmation requests. Where appropriate, send itemized statements to customers to facilitate responses. Second requests and, where necessary, third requests should be mailed when responses to positive confirmation requests have not been received within a reasonable time. When management requests us not to confirm certain accounts receivable balances, consider whether there are valid grounds for such a request. Before accepting a refusal as justified, examine any available evidence to support management's explanations. b) summarize confirmation coverage. Review confirmation replies For confirmations returned: a) agree account information and account balance to detailed listing; b) reconcile the account detail between the returned confirmation and the detail listing, where applicable; and c) investigate all reconciling items and determine whether any adjustments are necessary. Test accounts where there is no confirmation When confirmation is not carried out, or where it is not possible to confirm a selected amount (including where confirmation requests are unanswered), select customer accounts from the 22 Fundamentals of an Audit of Financial Statements detail accounts receivable listing for verification and perform the steps outlined below in order to obtain a moderate to low level of assurance that the aforementioned audit objectives are achieved. a) compare subsequent receipts credited to accounts with remittance advices or other receipts (e.g. deposit slips and bank statement) and ascertain that payments relate to the account balances; b) examine documentation such as shipping documents, copies of sales invoices, customer sales orders, and other relevant correspondence supporting the unpaid portion of the account balances. Coordinate this test with the review of the collectability of overdue accounts; and c) consider whether it is necessary to verify further the existence of the customer. Assess adequacy of allowance for doubtful accounts To an extent based upon materiality and inherent risk, assess the adequacy of allowance for doubtful accounts by performing the following procedures: a) obtain a list of accounts for which an allowance has been established. Review and test the process used by management to develop their estimate of collectability; b) where provisions are made by the use of formulae based on the aged listing, determine by reference to the details in our notes of the client's procedures whether the basis is: i) consistent with prior years; ii) appropriate to the circumstances of the business; and iii) in accordance with the accounting policy; d) determine the effect, if any, of the client's policies and experiences regarding the timing of the passage of title, sales returns and allowances where right of return exists; and e) discuss collectability with management and review other documentation supporting collectability as necessary. Review bad debt writeoffs Review bad debt writeoffs by performing the following: a) consider the reasonableness of bad debt expense in light of the levels of bad debt write-offs compared with prior years; and b) examine documentation relating to write-offs during the period and determine whether the write-offs were properly authorized. Test sales/accounts receivable cutoff Accounts receivable cutoff testing is typically performed in conjunction with testing inventory cutoff and may be tested in the inventory audit area. If cutoff is tested in the accounts receivable audit area, perform the following: Select sales and credit memoranda to obtain evidence that an appropriate cutoff is achieved by reviewing the cutoff at the time of inventory taking and at year-end (if different) and performing the following: a) for selected sales for periods before and after the cutoff date, examine the related records of goods shipped and services performed to determine that the sales invoices are recorded as sales in the proper period; 23 Fundamentals of an Audit of Financial Statements b) for selected credit (debit) memoranda for periods before and after the cutoff date, examine the related records of returns and claims from customers to determine that the credit (debit) memoranda are recorded in the proper period; c) determine whether there are unusually high volumes of returned goods after year-end; and d) consider unusual fluctuations in sales or return patterns before and after year-end and, if present, review for possible cutoff errors. 24 Fundamentals of an Audit of Financial Statements Example – Working Papers The format of working papers varies from one audit firm to another. The example below consists of selected working papers from the revenue cycle portion of audit working papers. Participants should pay particular attention to cross-referencing. R-lead ABC Co. Prepared by: Date: Accounts Receivable Lead Sheet Reviewed by: Date: Year Ended December 31, 2xx0 R Account Working paper Amount Working paper reference Reference (from) (to) Accounts Receivable R-1 36,100 TB-1 25 Fundamentals of an Audit of Financial Statements R1 ABC Co. Prepared by: Date: Accounts Receivable Selection and Confirmation Control Reviewed by: Date: Year Ended December 31, 2xx0 Customer name Amount Date Second Date Workpaper Due sent request received Reference ^^ ^^ Amco 560 Am East 1,120 # 05/01/x1 21/1/x1 R-2 Alba 6150 # 05/01/x1 18/1/x1 R-2 Border 300 Consolidated Em 650 D&T 7200 # 05/01/x1 30/1/x1 05/02/x1 R-2 Emta 420 Foster 1,440 # 05/01/x1 28/1/x1 R-2 Great Northern 110 Harrah 3,520 # 05/01/x1 25/1/x1 R-2 Lotter 4,890 # 05/01/x1 30/1/x1 11/02/ R-2 MainCo 120 Netter 1560 # 05/01/x1 19/1/x1 R-2 Nortle 260 Press 900 # 05/01/x1 30/1/x1 R-2 Rigger 110 Star 1040 # 05/01/x1 22/1/x1 R-2 Selco 2,520 # 05/01/x1 21/1/x1 R-2 Trimmer 2,260 # 05/01/x1 29/1/x1 R-2 Tost 550 Winter 420 Total 31/12/x0 36,100 F R-lead Total selected for confirmation confirmation - Sum of #'s = 32,600 to R-2 Percentage of total = 90% Tickmark legend # Selected for confirmation ** Alternate procedures performed; see R-2 F Footed ^^ Per client accounts receivable listing, not retained in the working papers 26 Fundamentals of an Audit of Financial Statements Note: Due to the relatively small number of accounts receivable outstanding as of year-end, non-statisical sampling was used to select balances for testing the existence assertion. A judgmental sample was obtained by selecting all balances over EUR700 which resulted in testing 90% of the accounts receivable balance. See R-2 for results of procedures performed. 27 Fundamentals of an Audit of Financial Statements R-2 Example – Working Papers (continued) MMM Co. Prepared by: Date: Accounts Receivable - Existence Testing Reviewed by: Date: Year Ended December 31, 2xx0 Customer name Amount Amount per WP Alternate Misstatement Due Confirmatio Ref Procedures n Am East R-1 1,120 1,120 R-2A 0 Alba R-1 6,150 6,150 R-2B 0 D&T R-1 7,200 7,200 R-2C 0 Foster R-1 1,440 1,440 R-2D 0 Harrah R-1 3,520 3,520 R-2E 0 Lotter R-1 4,890 4,890 R-2F 0 Netter R-1 1,560 1,560 R-2G 0 Press R-1 900 R-2H 900 0 Star R-1 1,040 1,040 R-2I 0 Selco R-1 2,520 2,520 R-2J 0 Trimmer R-1 2,260 2,260 R-2K 0 Total 31/12/2xx0 R-1 32,600 31,700 900 0 Total confirmed 31,700 Total alternate procedures 900 32,600 Note: In order to test the existence assertion of accounts receivable, outstanding customer 28 Fundamentals of an Audit of Financial Statements Balances as of December 31, 2xx0 were selected for confirmation - see R-1 for the sample Selected. Based on the results of procedures performed, we conclude that the accounts receivable balance is fairly stated as of year-end. 29 Fundamentals of an Audit of Financial Statements Example – Working Papers (continued) Accounts Receivable Confirmation Request XXX Company Date 229 North Street City, Country To the Management of Star Company: In accordance with the request of our auditors, CCC and Partners, we ask that you kindly confirm to them directly your indebtedness as of December 31, 2xx0 which according to our records amounted to EUR1,040 as shown in the enclosed statement. If the amount above is in agreement with your records, please sign in the space provided below and return this letter directly to our auditors in the enclosed stamped addressed envelope. If the amount is not in agreement with your records, please notify our auditors directly of the amount and, if possible, detail the differences on the back of the confirmation letter. Sincerely, For XXX Company The amount below is/is not (please circle one) in agreement with our records as of December 31, 2xx0. Signature Title Date 30 Fundamentals of an Audit of Financial Statements Confidentiality, Safe Custody, Retention and Ownership of Working Papers Working papers belong to the auditor. Although portions of the working papers may be given to the client at the auditor‟s discretion, they are not a substitute for the client‟s accounting records. The auditor should implement procedures to maintain the confidentiality and safe custody of working paper files. He/she should keep the files for a period of time that is sufficient to meet the needs of the audit practice as well as legal and professional requirements for record retention. 4. Audit Planning Preliminary Engagement Activities Prior to planning the audit, the auditor evaluates whether (i) there are any circumstances that would not allow for the audit be performed, (ii) there are any circumstances that would not be in compliance with relevant ethical requirements, including independence, and (iii) the terms of the engagement have been agreed to. Audit Strategy Planning activities include establishing of overall audit strategy that sets the scope, timing and direction of the audit, and that guides the development of the audit plan. The overall audit strategy includes the following:  the characteristics of the engagement that define its scope;  the reporting objectives of the engagement to plan the timing of the audit and the nature of the communications required;  the consideration of the factors that are significant in directing the engagement team‟s efforts;  the results of preliminary engagement activities; and,  the nature, timing and extent of resources necessary to perform the engagement. Audit Plan The auditor develops an audit plan that includes a description of:  The nature, timing and extent of planned risk assessment procedures;  The nature, timing and extent of planned further audit procedures at the assertion level  Other planned audit procedures that are required to be carried out so that the engagement complies with ISAs. The nature and extent of planning activities will vary according to the size and complexity of the entity, the key engagement team members‟ previous experience with the entity, and changes in circumstances that occur during the audit engagement. Planning is not a discrete phase of an audit, but rather a continual and iterative process that often begins shortly after (or in connection with) the completion of the previous engagement. 31 Fundamentals of an Audit of Financial Statements Considerations in Establishing the Overall Audit Strategy (ISA 300) Characteristics of the Engagement  The financial reporting framework on which the financial information to be audited has been prepared, including any need for reconciliations to another financial reporting framework.  Industry-specific reporting requirements such as reports mandated by industry regulators.  The expected audit coverage, including the number and locations of components to be included.  The nature of the control relationships between a parent and its components that determine how the group is to be consolidated.  The extent to which components are audited by other auditors.  The nature of the business segments to be audited, including the need for specialized knowledge.  The reporting currency to be used, including any need for currency translation for the financial information audited.  The need for a statutory audit of standalone financial statements in addition to an audit for consolidation purposes.  The availability of the work of internal auditors and the extent of the auditor‟s potential reliance on such work.  The entity‟s use of service organizations and how the auditor may obtain evidence concerning the design or operation of controls performed by them.  The expected use of audit evidence obtained in previous audits, for example, audit evidence related to risk assessment procedures and tests of controls.  The effect of information technology on the audit procedures, including the availability of data and the expected use of computer-assisted audit techniques.  The coordination of the expected coverage and timing of the audit work with any reviews of interim financial information and the effect on the audit of the information obtained during such reviews.  The availability of client personnel and data. Reporting Objectives, Timing of the Audit, and Nature of Communications  The entity‟s timetable for reporting, such as at interim and final stages.  The organization of meetings with management and those charged with governance to discuss the nature, timing and extent of the audit work.  The discussion with management and those charged with governance regarding the expected type and timing of reports to be issued and other communications, both written and oral, including the auditor‟s report, management letters and communications to those charged with governance.  The discussion with management regarding the expected communications on the status of audit work throughout the engagement.  Communication with auditors of components regarding the expected types and timing of reports to be issued and other communications in connection with the audit of components.  The expected nature and timing of communications among engagement team members, including the nature and timing of team meetings and timing of the review of work performed. 32 Fundamentals of an Audit of Financial Statements  Whether there are any other expected communications with third parties, including any statutory or contractual reporting responsibilities arising from the audit. Significant Factors, Preliminary Engagement Activities, and Knowledge Gained on Other Engagements  The determination of materiality and, where applicable: o The determination of materiality for components and communication thereof to component auditors; o The preliminary identification of significant components and material classes of transactions, account balances and disclosures.  Preliminary identification of areas where there may be a higher risk of material misstatement.  The impact of the assessed risk of material misstatement at the overall financial statement level on direction, supervision and review.  The manner in which the auditor emphasizes to engagement team members the need to maintain a questioning mind and to exercise professional skepticism in gathering and evaluating audit evidence.  Results of previous audits that involved evaluating the operating effectiveness of internal control, including the nature of identified deficiencies and action taken to address them.  The discussion of matters that may affect the audit with firm personnel responsible for performing other services to the entity.  Evidence of management‟s commitment to the design, implementation and maintenance of sound internal control, including evidence of appropriate documentation of such internal control.  Volume of transactions, which may determine whether it is more efficient for the auditor to rely on internal control.  Importance attached to internal control throughout the entity to the successful operation of the business.  Significant business developments affecting the entity, including changes in information technology and business processes, changes in key management, and acquisitions, mergers and divestments.  Significant industry developments such as changes in industry regulations and new reporting requirements.  Significant changes in the financial reporting framework, such as changes in accounting standards.  Other significant relevant developments, such as changes in the legal environment affecting the entity. Nature, Timing and Extent of Resources  The selection of the engagement team (including, where necessary, the engagement quality control reviewer) and the assignment of audit work to the team members, including the assignment of appropriately experienced team members to areas where there may be higher risks of material misstatement.  Engagement budgeting, including considering the appropriate amount of time to set aside for areas where there may be higher risks of material misstatement. 33 Fundamentals of an Audit of Financial Statements Example of Auditor’s (small audit firm) Procedures for Audit Planning  Reviewing correspondence files, prior year‟s audit documentation, permanent files, prior years‟ financial statements, and auditor‟s reports.  Discussions with firm personnel responsible for non-audit services to the client.  Asking about current business developments affecting the entity.  Reading current interim financial statements.  Discussions with management and the board of directors, or its audit/supervisory committee, about the type, scope, and timing of the audit.  Considering implications of relevant accounting and auditing standards, particularly recent standards.  Coordinating the assistance of client personnel in preparing data and schedules.  Determining the involvement of consultants, specialists, and internal auditors.  Establishing the timing of audit work.  Establishing and coordinating staffing requirements.  Reviewing various sources of industry information, such as industry publications, annual reports of other entities in the industry. Financial Ratios The calculation of financial ratios during planning may identify potential problems areas which should be addressed during the audit and will assist the auditor in determining the nature, timing and extent of audit procedures. There are four categories of significant financial ratios: 1) Profitability – to evaluate the entity‟s ability to generate an adequate return on sales, total assets and invested capital. 2) Asset utilization (efficiency) – to evaluate how current assets are being managed and how productively fixed assets are used to generate sales. 3) Liquidity – to evaluate an entity‟s ability to pay off short term obligations as they become due. 4) Debt utilization (leverage) – to evaluate the client‟s overall debt position in light of its current asset base and earnings. 34 Fundamentals of an Audit of Financial Statements Examples - Financial Ratios Ratio Calculation Objective Profitability 1) Net profit margin Net income Measure overall profitability Net sales 2) Gross profit margin Gross profit Indicates average mark-up Net sales 3) Return on assets Net income Evaluate the use of funds, without regard to the sources of funds Total assets 4) Return on equity Net income Evaluate earnings on funds invested by stockholders Stockholders' equity Asset utilization: 5) Receivable turnover Sales Evaluate management's ability to manage outstanding receivables Accounts receivable 6) Accounts receivable days Accounts receivable Calculate average collection period Sales/365 7) Inventory turnover Cost of sales Evaluate management's ability to manage inventory efficiently Inventory 8) Accounts payable days Accounts payable Evaluate decisions regarding payments to creditors and calculate average payment Cost of sales / 365 days period 35 Fundamentals of an Audit of Financial Statements Liquidity: 9) Current ratio Current assets Evaluate liquidity and a margin of safety Current liabilities 10) Quick ratio Current assets – inventory Measure the relationship of monetary assets to current liabilities current liabilities Debt utilization: 11) Debt to assets Total debt Measure extent to which assets are funded by outside sources Total assets 12) Times interest earned Income before interest & taxes Measure the company‟s ability to pay interest Interest NOTE: When either the numerator or the denominator of a ratio is an income statement item and the other is a balance sheet item, it is often preferable to use an average of beginning and ending balance sheet amounts rather than the ending balance sheet amount. 36 Fundamentals of an Audit of Financial Statements Examples - Financial Ratios (continued) Example 1: During the planning process, the auditor obtained the comparative balance sheets and income statements of TTT Corporation, a client involved in retail trade for the past two years. TTT Corporation Analytical Procedures For Planning December 31, 2xx1 ASSETS 2xx0 2xx1 Cash & cash equivalents $35,000 $5,000 Accounts receivable 45,000 58,000 Inventory 40,000 147,000 Total current assets 120,000 210,000 Property, plant and equipment 280,000 350,000 Less: Accumulated depreciation (80,000) (50,000) 200,000 300,000 Total assets $320,000 $510,000 LIABILITIES Accounts payable and accrued expenses $50,000 $84,000 Current portion of long term debt 30,000 50,000 Total current liabilities 80,000 134,000 Long term debt 106,000 37 Fundamentals of an Audit of Financial Statements EQUITY Capital stock 10,000 10,000 Paid in capital 110,000 110,000 Retained earnings 120,000 150,000 Total equity 240,000 270,000 Total liabilities and equity $320,000 $510,000 INCOME STATEMENT Sales $ 200,000 $ 300,000 Cost of sales 140,000 205,000 Gross profit 60,000 95,000 Operating expenses 30,000 62,000 Net income 30,000 33,000 38 Fundamentals of an Audit of Financial Statements Examples - Financial Ratios (continued) The auditor prepared a working paper for the following financial ratios for TTT Company: TTT Company Prepared by: Analytical Procedures for Planning Date: December 31, 2001 Reviewed by: Date: 2xx0 2xx1 Gross profit margin Gross profit 30% 32% Sales Current ratio Current assets 1.50 1.57 Current liabilities Accounts receivable Accounts Receivable 82 Days 71 days days Sales/365 Quick ratio Current assets - inventory 1.00 0.47 Current liabilities Net profit margin Net income 15% 11% Sales Inventory turnover Cost of sales 3.5 Times 1.39 times Inventory Accounts payable days Accounts payable 130 Days 150 days Cost of sales/365 Return on assets Net income 9% 6% Total assets 39 Fundamentals of an Audit of Financial Statements Discussion questions: 1) Which financial ratios indicate an improvement in the client‟s operating results? 2) Which financial ratios indicate potential current or future problem areas? 3) Based on information contained in the financial statements and the financial ratios above, what additional information should be obtained for planning purposes? Audit risk model Audit risk is the risk that the auditor expresses an inappropriate opinion when the financial statements are materially misstated. It consists of 3 component risks, inherent risk, control risk and detection risk. The auditor plans and performs the audit to reduce audit risk to an acceptably low level. Audit Risk = Inherent Risk x Control Risk x Detection Risk Inherent risk This is the susceptibility of an assertion to a misstatement that could be material, either individually or when aggregated with other misstatements, assuming that there are no related internal controls. Control risk This is the risk that a misstatement could occur in an assertion and that could be material, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by the entity's internal control. Detection risk This is the risk that the auditor will not detect a misstatement that exists in an assertion that could be material, either individually or when aggregated with other misstatements. Risk of material misstatement This is the risk that the financial statements are materially misstated prior to audit. It consists of:  inherent risk  control risk Detection risk is the only component the auditor can control. In order to reduce the probability of a misstatement to an appropriate level, the auditor follows three key steps:  the auditor will set a planned level of audit risk for each account balance or class of transaction.  inherent risk and control risk are assessed.  detection risk is then set at an appropriate level as the „balancing figure� in the equation. 40 Fundamentals of an Audit of Financial Statements Illustration Audit risk Inherent risk Control risk Detection risk Low Low High Moderate Very low High Low Low Materiality When establishing the overall audit strategy, the auditor determines materiality for the financial statements as a whole. If, in the specific circumstances of the entity, there is one or more particular classes of transactions, account balances or disclosures for which misstatements of lesser amounts than materiality for the financial statements as a whole could reasonably be expected to influence the economic decisions of users taken on the basis of the financial statements, the auditor also determines the materiality level or levels to be applied to those particular classes of transactions, account balances or disclosures. (ISA 420.10, adapted) There is currently no specific definition of the concept of materiality; the concept is interpreted in relation to the circumstance of an audit as follows:  Misstatements are considered to be material if they, individually or in aggregate, could reasonably be expected to influence the economic decisions of users.  Judgements about materiality are made in the light of surrounding circumstances, and are affected by the size and nature of a misstatement or a combination of both.  Judgements about matters that are material to users of financial statements are based on a consideration of the common financial information needs of users as a group. The practical implication of this is as follows:  The auditor must be concerned with identifying “material� errors, omissions and misstatements. Both the amount (quantity) and nature (quality) of misstatements need to be considered, e.g., lack of disclosure regarding ongoing litigation is likely to be considered material.  To put this into practice the auditor therefore has to set his/her own materiality levels – this will always be a matter of judgment and will depend on the level of audit risk. The higher the anticipated risk, the lower the value of materiality will be. Therefore, the materiality level will have an impact on three key areas:  How many and what items to examine.  Whether to use sampling techniques.  What level of error is likely to lead to a qualified audit opinion. The calculation of materiality A percentage is often applied to a chosen benchmark. Factors that may affect the identification of an appropriate benchmark include the following:  The elements of the financial statements  Whether there are particular items on which the attention of users will be focused  The nature of the entity  The entity‟s ownership structure and the way it is financed 41 Fundamentals of an Audit of Financial Statements  The relative volatility of the benchmark Examples of benchmarks which are typically used include the following:  between ½ and 1% of revenue  between 1 and 2% of total assets; or  between 5 and 10% of profit before tax. The figure chosen will depend on the confidence the auditor has in the financial statements, the uses the financial statements will be put to and any other factors affecting the auditor's judgement. Audit program An audit program is a set of instructions to assistants who are involved in performing audit work that details the nature, timing and extent of audit procedures needed to implement the overall audit plan. The audit program also serves as way to control the proper execution of those procedures. In preparing the audit program, the auditor would consider inherent risk and control risk assessments to determine the extent of the audit procedures to be performed. The auditor would also consider the timing of tests of controls and substantive procedures. Approach to writing an audit program Financial statements contain management assertions that are embodied in the financial statements. Assertions are classified as follows:  existence - an asset or a liability exists at a given date (e.g., inventories physically exist);  rights and obligations (ownership) - an asset or a liability pertains to an entity at a given date (e.g., the client has legal title to inventory);  occurrence - a transaction or event took place which pertains to the entity during the period (e.g., sale of inventory actually took place);  completeness - there are no unrecorded assets, liabilities, transactions or events, or undisclosed items (e.g., all inventory items are included on the balance sheet);  valuation - an asset or liability is recorded at an appropriate carrying value (e.g., inventory is properly stated at the lower of cost or net realizable value in accordance with IAS 2);  measurement - a transactions or event is recorded at the proper amount and revenue or expense is allocated to the proper period (e.g., proper purchase cut-off was made for inventory items acquired at or near year end);  presentation and disclosure - an item is disclosed, classified, and described in accordance with the applicable reporting framework (e.g., the components of inventory are properly classified on the balance sheet); The process of writing an audit program involves the following steps: 1) Determine the assertions that are being made in the financial statement. 2) Develop specific audit objectives related to those assertions. 3) Formulate audit procedures to test the assertions. 4) Document the procedures in the audit program. 42 Fundamentals of an Audit of Financial Statements For example, to develop audit procedures for the long-term debt balance, the auditor would consider the following audit objectives (as related to specific assertions): 1) Determine whether internal control over long-term debt is adequate. 2) Determine whether long-term debt disclosures comply with National Accounting Standards (presentation and disclosure) 3) Determine whether long-term debt exists at yearend (existence). 4) Determine whether long-term debt represents an obligation of the client as of yearend (rights and obligations). 5) Determine whether all long-term debt has been recorded as of yearend (completeness). 6) Determine whether all long-term debt has been properly valued at year end (valuation). Examples of audit procedures to test whether audit objectives are met could be:  presentation and disclosure o review disclosures for compliance with national standards o review debt agreement for pledging of assets and events causing default  existence o confirm the debt balance with the bank o trace receipt of funds to bank account and cash receipts journal o inspect copies of debt agreements  rights and obligations o review board minutes for proper authorization  completeness o review bank confirmations for unrecorded debt o perform analytical procedures (e.g. interest reasonableness test) o inquire of management as to completeness of recorded debt  valuation o reconcile summary debt schedules to the general ledger o foot summary debt schedules o recalculate interest expense and accrued interest payable Once formulated, the procedures and any other steps relating to those procedures would be documented in the audit program. 5. Accounting and Internal Control Systems The internal control system consists of all the policies and procedures (internal controls) adopted by management to assist in achieving its objectives. Accounting and internal control systems consist of the accounting system, control environment, and control procedures. Accounting system means all the procedures and records an entity uses to process transactions and maintain financial records. An accounting system identifies, assembles, analyzes, calculates, classifies, records, summarizes, and reports transactions and other events. Objectives of an internal control system that relate to the functions of the accounting system include ensuring, as far as is practicable, the following:  adherence to management policies;  the safeguarding of assets; 43 Fundamentals of an Audit of Financial Statements  the prevention and detection of fraud and error;  the accuracy and completeness of accounting records; and  the timely preparation of reliable financial information. The internal control system extends beyond matters related directly to the accounting system to matters concerning the control environment and control procedures. The control environment refers to the overall attitude, awareness, and actions of directors and management regarding the internal control system and its importance to the entity. The control environment serves as the foundation for all other components of internal control by providing structure and discipline. Factors that reflect an entity‟s control environment include:  The function of the board of directors, i.e., how often the board meets and to what degree it is informed of the entity‟s operating results.  Management‟s philosophy and operating style, i.e., conservative or aggressive in terms of pursuing growth opportunities.  The entity‟s organizational structure and methods of assigning authority and responsibility.  Management‟s control system including the internal audit function, personnel policies and procedures, and segregation of duties. Control procedures refer to additional policies and procedures established by management to achieve the entity‟s specific objectives. Examples of specific control procedures include:  Reporting, reviewing and approving bank and other reconciliations.  Checking the arithmetical accuracy of records.  Maintaining and reviewing control accounts and trial balances.  Comparing internal data with external sources of information.  Limiting direct physical access to assets and records.  Comparing and analyzing financial results with budgeted results. A strong control environment will enhance the effectiveness of specific control procedures. For example, comparing and analyzing financial results with budgeted amounts will only be effective if management policy is to use the analysis on a timely basis. Inherent limitations Accounting and internal control systems are subject to inherent limitations and therefore provide reasonable, but not absolute, assurance that management‟s objectives will be met. Examples of inherent limitations include:  management‟s usual requirement that the cost of the control not exceed the benefit of the control.  the fact that most internal controls are directed at routine transactions rather than non-routine ones.  the potential for human error due to carelessness, errors in judgment, or misunderstanding of instructions.  the possibility that collusion between members of management, employees, or outside parties may circumvent internal controls.  the possibility that an internal control may become inadequate due to changes within or outside the entity. 44 Fundamentals of an Audit of Financial Statements Understanding the Accounting and Internal Control System In order to plan the audit, the auditor must obtain an understanding of the accounting and internal control systems. This understanding will be used to:  identify types of potential misstatements;  consider factors that affect the determination of audit risk; and  design substantive tests. In order to obtain an understanding, the auditor will rely on previous experience with the client and on the results of procedures such as:  inquiry of client personnel at various levels and in various departments together with documents such as procedures manuals, job descriptions and flowcharts;  inspection of documents and records produced by the accounting and internal control systems; and  observation of client activities and operations, including observation of computer operations and transaction processing. Auditors use many tools to gain an understanding of the accounting and internal controls systems and to assist them in documenting it. Examples include:  internal control questionnaires which assist in identifying control policies and procedures;  “walkthroughs� of accounting systems which consist of interviewing client personnel and tracing a few transactions through the accounting system;  flowcharts which consist of graphic representations of activities and documents related to the accounting system and internal controls. Accounting system The auditor‟s knowledge of the accounting system should enable him/her to identify and understand the client‟s major classes of transactions, how those transactions are processed, and to which accounting records, supporting documents, and financial statement accounts the transactions relate. In other words, the auditor should understand the entire accounting and reporting process, from the initiation of a transaction to the inclusion of the transaction in financial statement accounts. Control environment The auditor‟s knowledge of the control environment should enable him/her to assess directors‟ and management‟s attitudes, awareness, and actions regarding internal controls and their importance to the entity. Control procedures The auditor‟s knowledge of control procedures should enable him/her to develop the audit plan. The auditor will have obtained some knowledge about the presence or absence of control procedures when obtaining an understanding of the accounting system and control environment. He/she would consider the level of this knowledge to determine whether additional understanding of control procedures is necessary. Control procedures will relate to all the policies and procedures adopted by management to ensure that management‟s objectives are achieved. The auditor is primarily interested in the 45 Fundamentals of an Audit of Financial Statements control procedures that are relevant to planning the audit. In order to determine which controls are in place and whether those controls are appropriate, he/she must consider management objectives relating to the relevant internal controls as well as characteristics that underlie an effective internal control system. Those objectives and characteristics include: Objectives:  adherence to management policies;  the safeguarding of assets;  the prevention and detection of fraud and error;  the accuracy and completeness of accounting records; and  the timely preparation of reliable financial information. Characteristics:  Appropriate segregation of duties (separate authorization, recordkeeping and custody duties);  Clearly defined lines of authority and responsibility;  Appropriate authorization procedures; and  Appropriate monitoring (procedures to determine that internal controls are functioning as intended). As a practical matter, one approach to identifying relevant control procedures involves the following steps:  Consider the type of errors that could occur. For example, incorrect amounts billed to the customer, missing sales invoices, or sales invoices recorded twice.  Consider the types of control procedures that could prevent, or detect and correct those errors.  Determine whether the controls are in place when obtaining an understanding of the accounting system and control environment. Internal control questionnaires are based on this approach and help the auditor identify relevant control procedures by focusing on specific areas where control procedures should be in place. Certain control procedures, in addition to achieving management‟s objectives, relate to financial statement assertions. For example, using pre-numbered sales invoices and reviewing the sequence of invoice numbers recorded in the sales journal ensures that all sales are recorded and that sales invoices are not recorded twice. This is one of the controls that meets the objective for accuracy and completeness of accounting records. It is also directly related to the completeness assertion, i.e. that sales reported in the financial statements are complete. Example - Internal control questionnaire The listing below is a selection of questions relating to control procedures in the client‟s inventory accounting cycle. The questions relate to inventory purchases and receipts, payments for inventory and inventory storage, and record keeping. The list does not include all questions that could be asked, nor would the questions listed relate to all companies. It is presented as an example of the kinds of control procedures an auditor should look for when obtaining an understanding of the client‟s accounting and internal control systems. Internal control questionnaire Inventory purchase orders 1) Are purchases of goods and services properly authorized? 46 Fundamentals of an Audit of Financial Statements 2) Are pre-numbered purchase orders prepared and approved according to general or specific management policies regarding the vendor selected, the goods ordered, and prices? 3) Are all major purchases made of the basis of competitive bids to ensure that the company obtains the best price? Receipt of goods 1) Are pre-numbered receiving reports used for all receipts of goods? 2) Do receiving personnel count the goods when they are received and record the count on the receiving document? Recording the receipt of goods 1) Are purchase orders prepared by someone who does not also:  prepare supporting documents required for payment?  make payment to the vendor? 2) Are purchase orders, receiving reports, and vendor invoices matched before recording the purchase? 3) Are quantities on the receiving document and prices on the purchase order compared to the vendor invoice to ensure that the billed amount is correct? Payments for inventory 1) Are subsidiary journals for accounts payable maintained by someone who does not also:  Prepare supporting documents that authorize payment of the invoice?  Make payments to the vendor? Storage and inventory recordkeeping 1) Are inventories physically safeguarded? 2) Are the following duties related to inventory separated:  Receiving?  Storing?  Shipping?  Perpetual record keeping? 3) Are perpetual inventory records reconciled to physical inventory counts? 4) Are perpetual inventory records reconciled to general ledger accounts? 5) Regarding physical inventory counts:  Are employees given proper written instructions and are they adequately supervised?  Are there procedures to ensure that all goods are counted and that none are double counted?  Are there procedures to ensure adequate cutoff of:  Sales?  Purchases?  Movement of inventories between areas?  Are differences between inventory counts and recorded inventory quantities immediately investigated?  Are slow-moving, obsolete, or damaged inventories appropriately identified?  Are consigned goods present in the warehouse appropriately identified?  Are goods out on consignment appropriately identified?  Are there procedures to prevent alteration, duplication, or omission of inventory counts? 47 Fundamentals of an Audit of Financial Statements Documentation of understanding of internal control The auditor‟s documentation of his/her understanding of internal control is influenced by the size and complexity of the audit as well as the nature of the client‟s internal control system. Methods used to document the understanding include:  completing questionnaires which consist of a comprehensive list of questions regarding internal controls;  writing memoranda which are narrative descriptions of the accounting system and internal controls based on interviews with client personnel and “walkthroughs� (i.e. tracing a few transactions through the accounting system) and;  preparing flowcharts which are graphic representations of activities and documents related to the accounting system and internal controls. Obtaining the level of understanding of the accounting system, control environment and control procedures requires experience. The purpose of the following example is to show how a memorandum documenting the understanding of an accounting system may also be used to document the presence or absence of control procedures. Example - accounting system memorandum In order to gain an understanding of the document flow for non-inventory purchases, the auditor met with personnel in the purchasing, receiving and accounts payable departments and wrote this portion of an accounting systems memorandum: Purchase requisition: A department in need of supplies sends an internally generated purchase requisition form to the purchasing department. Anna in the purchasing department determines the proper quantity and vendor for the purchase and prepares a purchase order. One copy of the purchase order is sent to the vendor. A second copy is sent to the accounting department. Anna sends a third copy to John in the receiving department so that he will know that items received have actually been ordered. However, the quantity of goods ordered is not included on John‟s copy because receiving personnel are required to count goods when they are received. Receipt of goods and payment to the vendor: When the goods are received, John prepares a receiving report and sends it to Robert in the accounting department. When Robert receives the invoice from the vendor, the invoice, receiving report, and purchase order are matched. Payment is approved and recorded in the purchases journal because evidence exists that the goods were ordered, received and billed. Payment and a remittance advice is sent to the vendor in accordance with the terms of the sale. The purchase order, receiving report and vendor‟s invoice are stamped paid to prevent duplicate payment. Discussion questions: Using the internal control questionnaire above: 1) List several control procedures that are present in the narrative above. 48 Fundamentals of an Audit of Financial Statements Tests of Control The auditor should perform tests of controls to support an assessment of control risk at less than high. Tests of controls are used to determine the effectiveness of:  the design of the accounting and internal control systems, i.e., whether they are suitable designed to prevent, or detect and correct material misstatements; and  the operation of internal controls throughout the period. In order to determine which controls to test, the auditor should:  consider the types of errors that could occur; and  determine the control procedures that should prevent or detect and correct such errors. Procedures used in tests of controls include:  inquiries of appropriate personnel;  inspections of documents and reports;  observation of the application of controls; and  re-performance of the control by the auditor to evaluate the operation of the control. Example - tests of controls The auditor has identified two control procedures that relate to the completeness assertion of sales and accounts receivable: 1) Sales invoices are sequentially numbered and are listed sequentially in a sales invoice file. Shipping documents are matched to sales invoices in the sales invoice file on a daily basis. 2) The clerical accuracy of sales invoices is reviewed by a second person who checks the quantities, prices, extensions and footing of each sales invoice. The auditor has decided to use inspection and re-performance procedures to test the control over clerical accuracy. The procedures are as follows: A sample of 70 sales invoices is selected from the sales files throughout the year using a statistical sampling method. The auditor inspects each selected invoice to determine that the initials of the reviewer are present on each invoice as evidence that the reviewing procedure was actually performed by the second individual. He/she then re-performs the clerical check by performing the following procedures:  comparing quantities on the invoice to related shipping documents;  comparing unit prices to the client‟s price lists; and  verifying extensions and footings. After performing the procedures, the auditor would evaluate sample results to evaluate whether the control is functioning as management intended. He/she would consider these results and the results of other related procedures to assess the level of control risk for this assertion. 49 Fundamentals of an Audit of Financial Statements 6. Audit Evidence Risk Assessment Procedures The objective of the auditor is to identify and assess those risks, which may result in a material misstatement in the financial statements. The auditor then assesses these risks to determine which of them are significant risks that have to be addressed by specific audit procedures. The risk assessment procedures consist of the following:  inquiries of management, and of others within the entity who in the auditor‟s judgment may have information that is likely to assist in identifying risks of material misstatement due to fraud or error;  analytical procedures;  observation and inspection. To be able to identify and assess the risks that may result in material misstatements, the auditor considers the following:  the entity and its environment;  the entity‟s internal control;  control activities relevant to the audit. The Entity and Its Environment In order to be able to identify and assess risks, the auditor needs to understand the entity and the environment in which it operates. This includes sufficient knowledge of the following:  relevant industry, regulatory, and other external factors including the applicable financial reporting framework;  the nature of the entity, including: o its operations; o its ownership and governance structures; o the types of investments that the entity is making and plans to make, including investments in special-purpose entities; and, o the way that the entity is structured and how it is financed, to enable the auditor to understand the classes of transactions, account balances, and disclosures to be expected in the financial statements.  the entity‟s selection and application of accounting policies, including the reasons for changes thereto.  The entity‟s objectives and strategies, and those related business risks that may result in risks of material misstatement.  The measurement and review of the entity‟s financial performance. The Entity’s Internal Control To achieve the objectives of the risk assessment, the auditor needs to understand whether the entity has functioning internal control relevant to the auditor‟s objectives. Ordinarily, the entity will have many internal controls which may or may not be important for the auditor. The auditor needs to determine which controls are important for the audit. In general, the auditor examines control environment of the entity and its risk management. 50 Fundamentals of an Audit of Financial Statements Control environment Control environment considerations whether management has created and maintained a culture of honesty and ethical behavior; and whether this environment provides an appropriate foundation for proper functioning of internal control. The entity’s risk assessment process The audited entity should have a system in place designed to identify business risks relevant to financial reporting objectives. The system should also be able to estimate the significance of the risks, assess the likelihood of their occurrence, and assist in deciding about actions to address those risks. If the entity has not established such a system, the auditor discusses with management whether business risks relevant to financial reporting objectives have been identified and how they have been addressed. Further, the auditor needs to understand the following:  the significant transactions;  the information technology and manual systems used to initiate, record, process these transactions, and how they are transferred to the general ledger and reported in the financial statements;  the related accounting records, supporting information and specific accounts in the financial statements that are used to initiate, record, process and report transactions; this includes the correction of incorrect information and how information is transferred to the general ledger;  the process used to prepare the entity‟s financial statements, including significant accounting estimates and disclosures; and,  controls over journal entries. Control activities relevant to the audit The auditor does not have to understand every existing internal control; however, the auditor needs to understand those controls that are relevant to the audit. Which controls these are is a matter of the auditor‟s judgment. The auditor also needs to know how the entity monitors the function of the controls relevant to the audit. Identifying and Assessing the Risks of Material Misstatement The risk of material misstatement exists at both the financial statement level and the level classes of transactions, account balances and disclosures. While obtaining the understanding of the entity, the auditor is alert to identify risk throughout the process, particularly those risks, that could result in a material misstatement. Assertions used by the auditor Assertions Occurrence: transactions and events that have been recorded have occurred and about classes of pertain to the entity. transactions Completeness: all transactions and events that should have been recorded have and events for been recorded. the period under Cut-off: transactions and events have been recorded in the correct accounting audit period. Classification: transactions and events have been recorded in the proper accounts. 51 Fundamentals of an Audit of Financial Statements Assertions used by the auditor Accuracy: amounts and other data relating to recorded transactions and events have been recorded appropriately. Assertions Completeness: all assets, liabilities and equity interests that should have been about account recorded have been recorded. balances at the Rights and obligations: the entity holds or controls the rights to assets, and period-end liabilities are the obligations of the entity. Valuation and allocation: assets, liabilities, and equity interests are included in the financial statements at appropriate amounts and any resulting valuation or allocation adjustments are appropriately recorded. Existence: assets, liabilities, and equity interests exist. Assertions Occurrence and rights and obligations: disclosed events, transactions and other about matters have occurred and pertain to the entity. presentation Completeness: all disclosures that should have been included in the financial and disclosure statements have been included. Classification and understandability: financial information is appropriately presented and described, and disclosures are clearly expressed. Accuracy and valuation: financial and other information are disclosed fairly and at appropriate amounts. Assertions Existence - the control exists, functionality – the control functions as intended, about internal continuity – the control functions throughout the period controls Risks That Require Special Audit Consideration The auditor may conclude that some of the identified risks are significant. Examples of significant risks include the following:  the risk of fraud;  the risk related to recent significant economic, accounting or other developments and, therefore, requires specific attention;  the complexity of transactions;  the risk involves significant transactions with related parties;  the degree of subjectivity involved in the measurement of financial information, i.e., estimates; and,  the risk involves significant transactions that are outside the normal course of business for the entity, or appear unusual. Where the auditor concludes that a risk is a significant risk, that risk needs to be specifically addressed by audit procedures. 52 Fundamentals of an Audit of Financial Statements Audit Approach The auditor’s assessment of the identified risks at the assertion level provides a basis for considering the appropriate audit approach. The auditor may determine:  An effective response to risk can only be achieved by performing tests of controls  Performing only substantive procedures is appropriate for a particular assertion  A combined approach is appropriate 53 Fundamentals of an Audit of Financial Statements The process for deciding whether to adopt a controls based approach versus a substantive approach can be summarised as follows: Obtain an understanding of the entity and its environment, including its internal control Design audit procedures in response to the assessed risk of misstatement at financial statement level and at the assertion level Expectation that controls are operating effectively? Yes No Tests of control Purpose: to obtain sufficient appropriate audit evidence that the controls were operating effectively during the period Controls operating Report to No effectively? management Yes Substantive tests Purpose: to detect material misstatements at the assertion Restricted substantive tests level. Satisfactory results from Include: tests of controls may allow  tests of details of the auditor to assess the risk transactions, balances and of material misstatement as disclosures, and low and reduce the extent of the substantive procedures  substantive analytical procedures Irrespective of the approach selected the auditor must design and perform substantive procedures for each material class of transaction, account balance and disclosure. 54 Fundamentals of an Audit of Financial Statements Stage Risk Controls Tests of Controls Customer  Order could be Credit check separate Inspect new accounts for places order/ accepted and from sales authorisation goods department Review a sample of new written order despatched to a customers and ensure form Independent check by customer who references were obtained supervisor on prices raised is not credit before new account opened and discounts offered worthy  Risk of Regular reviews of Compare a sample of orders irrecoverable credit limits to credit limits and ensure debts within limit or rejected Written order  Risk that order Sequentially Review files of copy order passed is not fulfilled, numbered order forms to ensure the numerical loss of future forms sequence is complete for packing business from Inspect open orders for and Copy delivery notes dissatisfied unfulfilled orders passed to sales dept. delivery customer once order fulfilled & Test numerical sequence is  Risk that wrong sales dept. perform complete items, wrong regular review of Review customer complaint Delivery note quantity or orders not yet files for evidence of raised damage goods delivered incorrectly despatched goods are despatched when items are Delivery notes Observe the inspection sequentially despatched numbered Inventory cards updated Delivery notes matched to order form Physical inspection of goods once packed Goods sent to  Risk that goods Customer signs copy Sample delivery notes and customer do not reach the of delivery note for review customers signatures proper return to client destination. Match a sample of delivery Check made to notes with the corresponding  Risk that ensure all drivers invoice invoice is not return all copy raised for goods delivery notes Compare a sample of 55 Fundamentals of an Audit of Financial Statements despatched or Invoices raised from invoices with the authorised raised delivery notes price list and credit terms incorrectly Authorised price lists and specified terms of trade in place Customer  Risk of errors in Sequence check on Sample invoices and vouch invoiced accounting, delivery notes and to the despatch note and e.g., incorrect matching to invoice customer order Warehouse amounts, posted will send Sequentially to wrong copy of sales account numbered invoices order, Match to order form as checked by Reperform the sales ledger delivery note Supervisor reconciliation and Invoices raised invoice raised promptly entered into Sales Day Book and customer's Sales Ledger account Customer  Risk that cash is Regular review of Discuss with credit control accounts not received receivables balances Review aged receivables and old debts actively Review customer monitored pursued correspondence file 56 Fundamentals of an Audit of Financial Statements Payment  Risk that Two people open and Observe the procedures in received from cash/cheques count cash place are customer misappropriated Cash promptly banked Compare dates in the cash Bankings promptly book with the dates recorded recorded in Cash in the receivables ledger Book Receivables ledger accounts promptly updated Recording of cash received in receivables ledger performed by Discuss segregation of duties responsible person over maintenance of cash and Segregation of duties trade receivables between those who update receivables ledger and those who: – raise invoices – raise credit notes – follow up statement queries – open and count cash Statements  Risks of Statements sent out Review the entity‟s sent to accounting on a regular basis procedures for sending out errors and fraud Customer queries are monthly statements and customer dealt with by person dealing with customer not responsible for queries and complaints writing up sales ledger accounts Monthly  Risks of Control account Reperform the reconciliation management accounting reconciliations: errors and fraud – Cash book to bank Review for authorisation accounts and reconciliations statement – Receivables ledger to Receivables Ledger Control Account Analytical review of 57 Fundamentals of an Audit of Financial Statements sales level and profit margins Cash collection Recalculate the cash period calculated and collection period followed up Consideration of Fraud and Laws and Regulations in an Audit of Financial Statements Fraud (adapted from ISA 240) Misstatements in the financial statements can arise from either fraud or error. The distinguishing factor between fraud and error is whether the underlying action that results in the misstatement of the financial statements is intentional or unintentional. Although fraud is a broad legal concept, for the purposes of an audit, the auditor is concerned with fraud that causes a material misstatement in the financial statements. Two types of intentional misstatements are relevant to the auditor - misstatements resulting from fraudulent financial reporting and misstatements resulting from misappropriation of assets. Although the auditor may suspect or, in rare cases, identify the occurrence of fraud, the auditor does not make legal determinations of whether fraud has actually occurred. Fraudulent financial reporting involves intentional misstatements including omissions of amounts or disclosures in financial statements to deceive financial statement users. It can be caused by the efforts of management to manage earnings in order to deceive financial statement users by influencing their perceptions as to the entity‟s performance and profitability. Such earnings management may start out with small actions or inappropriate adjustment of assumptions and changes in judgments by management. Pressures and incentives may lead these actions to increase to the extent that they result in fraudulent financial reporting. Such a situation could occur when, due to pressures to meet market expectations or a desire to maximize compensation based on performance, management intentionally takes positions that lead to fraudulent financial reporting by materially misstating the financial statements. Fraudulent financial reporting may be accomplished by the following:  Manipulation, falsification (including forgery), or alteration of accounting records or supporting documentation from which the financial statements are prepared.  Misrepresentation in, or intentional omission from, the financial statements of events, transactions or other significant information.  Intentional misapplication of accounting principles relating to amounts, classification, manner of presentation, or disclosure. Fraudulent financial reporting often involves management override of controls that otherwise may appear to be operating effectively. Fraud can be committed by management overriding controls using such techniques as:  recording fictitious journal entries.  adjusting assumptions and changing judgments used to estimate account balances.  omitting, advancing or delaying recognition in the financial statements of events and transactions that have occurred during the reporting period.  concealing, or not disclosing, facts that could affect the amounts recorded in the financial statements. 58 Fundamentals of an Audit of Financial Statements  engaging in complex transactions that are structured to misrepresent the financial position or financial performance of the entity.  altering records and terms related to significant and unusual transactions. Misappropriation of assets involves the theft of an entity‟s assets and is often perpetrated by employees in relatively small and immaterial amounts. However, it can also involve management who are usually more able to disguise or conceal misappropriations in ways that are difficult to detect. Misappropriation of assets can be accomplished in a variety of ways including:  Embezzling receipts (for example, misappropriating collections on accounts receivable or diverting receipts in respect of written-off accounts to personal bank accounts).  Stealing physical assets or intellectual property (for example, stealing inventory for personal use or for sale, stealing scrap for resale, colluding with a competitor by disclosing technological data in return for payment). The procedures applicable to fraud detection include the following:  discussion among the engagement team;  risk assessment procedures, including the following: o inquiries of management and other personnel; o inquiries of internal audit; o inquiring of members of bodies such as supervisory board or audit committee; o consideration of other information; o evaluation of fraud risk factors. Examples of circumstances indicating the possibility of fraud (adapted from ISA 240) Discrepancies in the accounting records, including:  Transactions that are not recorded in a complete or timely manner or are improperly recorded as to amount, accounting period, classification, or entity policy.  Unsupported or unauthorized balances or transactions.  Last-minute adjustments that significantly affect financial results.  Evidence of employees‟ access to systems and records inconsistent with that necessary to perform their authorized duties.  Tips or complaints to the auditor about alleged fraud. Conflicting or missing evidence, including:  Missing documents.  Documents that appear to have been altered.  Unavailability of other than photocopied or electronically transmitted documents when documents in original form are expected to exist.  Significant unexplained items on reconciliations.  Unusual balance sheet changes, or changes in trends or important financial statement ratios or relationships - for example, receivables growing faster than revenues.  Inconsistent, vague, or implausible responses from management or employees arising from inquiries or analytical procedures.  Unusual discrepancies between the entity's records and confirmation replies.  Large numbers of credit entries and other adjustments made to accounts receivable records. 59 Fundamentals of an Audit of Financial Statements  Unexplained or inadequately explained differences between the accounts receivable sub- ledger and the control account, or between the customer statements and the accounts receivable sub-ledger.  Missing inventory or physical assets of significant magnitude.  Unavailable or missing electronic evidence, inconsistent with the entity‟s record retention practices or policies.  Fewer responses to confirmations than anticipated or a greater number of responses than anticipated. Problematic or unusual relationships between the auditor and management, including:  Denial of access to records, facilities, certain employees, customers, vendors, or others from whom audit evidence might be sought.  Undue time pressures imposed by management to resolve complex or contentious issues.  Complaints by management about the conduct of the audit or management intimidation of engagement team members, particularly in connection with the auditor‟s critical assessment of audit evidence or in the resolution of potential disagreements with management.  Unusual delays by the entity in providing requested information.  Unwillingness to facilitate auditor access to key electronic files for testing through the use of computer-assisted audit techniques.  Denial of access to key IT operations staff and facilities, including security, operations, and systems development personnel.  An unwillingness to add or revise disclosures in the financial statements to make them more complete and understandable.  An unwillingness to address identified deficiencies in internal control on a timely basis. Effect of Laws and Regulations (adapted from ISA 250) Those laws and regulations to which an entity is subject constitute the legal and regulatory framework. The provisions of some laws or regulations have a direct effect on the financial statements in that they determine the reported amounts and disclosures in an entity‟s financial statements. Other laws or regulations are to be complied with by management or set the provisions under which the entity is allowed to conduct its business but do not have a direct effect on an entity‟s financial statements. Some entities operate in heavily regulated industries (such as banks and chemical companies). Others are subject only to the many laws and regulations that relate generally to the operating aspects of the business. Non-compliance with laws and regulations may result in fines, litigation or other consequences for the entity that may have a material effect on the financial statements. Non-compliance by the entity with laws and regulations may result in a material misstatement of the financial statements. Detection of non-compliance, regardless of materiality, may affect other aspects of the audit including, for example, the auditor‟s consideration of the integrity of management or employees. Whether an act constitutes non-compliance with laws and regulations is a matter for legal determination, which is ordinarily beyond the auditor‟s professional competence to determine. Nevertheless, the auditor‟s training, experience and understanding of the entity and its industry or sector may provide a basis to recognize that some acts, coming to the auditor‟s attention, may constitute non-compliance with laws and regulations. 60 Fundamentals of an Audit of Financial Statements Management is responsible for ensuring that the entity‟s operations are conducted in accordance with laws and regulations. The auditor is not expected to detect noncompliance with laws and regulations because, as explained above, this is a legal determination that is ordinarily beyond the auditor‟s professional competence. However, in accordance with specific statutory requirements, the auditor may be specifically required to report, as part of the audit of the financial statements, on whether the entity complies with certain provisions of laws or regulations. Where there are specific statutory reporting requirements, it may be necessary for the audit plan to include appropriate tests for compliance with these provisions of the laws and regulations. Examples of types of information that may come to the auditor‟s attention and may indicate noncompliance are:  Payment of fines or penalties to authorities.  Investigation by a governmental agency.  Payment for unspecified services to consultants, related parties, employees or government employees.  Sales commissions or agents‟ fees that appear excessive in relation to those ordinarily paid by the entity or the services received.  Purchasing at prices significantly above or below market prices.  Unusual payments in cash.  Existence of an accounting system that fails, either intentionally or unintentionally, to provide an adequate audit trail or sufficient audit evidence.  Unauthorized transactions or improperly recorded transactions.  Media comment. 61 Fundamentals of an Audit of Financial Statements 7. Audit Performance Procedures performed during the audit will include the appropriate mix of tests of controls and substantive procedures needed to obtain sufficient, appropriate audit evidence upon which to base the audit opinion. The auditor may decide not to examine all the evidence available because, in many cases, conclusions can be reached about a particular account balance, class of transactions or control through the use of judgmental or statistical sampling procedures. Alternatively, the auditor may be able to obtain sufficient, appropriate evidence by applying analytical procedures. Topics covered include the following:  audit evidence  audit sampling  analytical procedures  audit of accounting estimates  initial engagements - opening balances  related parties  subsequent events  going concern  management representations  concluding the audit The auditor should obtain sufficient, appropriate audit evidence upon which to base the audit opinion. Audit evidence is obtained from an appropriate mix of tests of controls and substantive procedures. In those cases where the auditor assesses control risk for all audit areas as high, evidence will be obtained entirely from substantive procedures. Audit evidence consists of accounting records and source documents underlying the financial statements and corroborating evidence from other sources. In forming the audit opinion, the auditor does not normally examine all the evidence available because conclusions can be reached about a particular account balance, class of transactions or control through the use of judgmental or statistical sampling procedures. Audit sampling will be discussed later. In order to judge whether audit evidence is sufficient and appropriate, the auditor considers factors such as:  the auditor‟s assessment of inherent risk at both the financial statement level and the account balance or class of transactions level;  the nature of the accounting and internal control systems and the assessment of control risk.  the materiality of the item being examined;  experience gained during previous audits;  results of audit procedures, including evidence of fraud or error;  the source and reliability of the information available. The reliability of audit evidence depends on its source (internal or external) and its nature (visual, documentary or oral). Although the reliability of audit evidence depends on individual circumstances, the following general rules will help the auditor to assess the reliability of audit evidence: 62 Fundamentals of an Audit of Financial Statements  evidence from external sources is more reliable than that generated internally.  evidence generated internally is more reliable when the related accounting and internal controls systems are effective.  evidence obtained directly by the auditor is more reliable than that obtained from the client.  evidence in the form of documents and written representations is more reliable than oral representations. When obtaining audit evidence from tests of controls, the auditor should determine whether the audit evidence is sufficient and appropriate to support the level of assessed control risk. When obtaining audit evidence from substantive procedures, the auditor should determine whether the audit evidence is sufficient and appropriate to support the assertions contained in financial statements. Usually, audit evidence is obtained for all the assertions relating to a particular account balance. For example, the auditor may be primarily concerned with the existence, valuation, measurement and presentation and disclosure assertions relating to the accounts receivable balance. Substantive procedures can provide evidence about more than one assertion. The collection of accounts receivable may, for example, provide evidence about both the existence and valuation of the receivables balance. Procedures for obtaining audit evidence The auditor obtains audit evidence by one or more of the following procedures: inspection, observation, inquiry and confirmation, computation and analytical procedures. Inspection consists of examining records, documents or tangible assets. Three major categories of documentary evidence which provide different degrees of reliability are:  documents created and held by third parties;  documents created by third parties and held by the client; and  documents created and held by the client. Observation consists of looking at a process or procedure such as the observation of a physical inventory count. Inquiry and confirmation consists of seeking information from knowledgeable persons inside or outside the entity. Inquiries may be made orally or in writing. Confirmation is a response to an inquiry to corroborate information in the accounting records. For example, the auditor may seek direct confirmation of bank balances by communicating with the bank. Computation consists of checking the arithmetical accuracy of source documents and accounting records. It also consists of performing independent calculations. Analytical procedures consist of the analysis of significant ratios and trends. Fluctuations and relationships that are inconsistent with other relevant data or which deviate from expected amounts are investigated. 63 Fundamentals of an Audit of Financial Statements Examples of Audit Procedures Developing the audit program involves the following steps: 1) Determine the assertions that are being made in the financial statement. 2) Develop specific audit objectives related to those assertions. 3) Formulate audit procedures to test the assertions. 4) Document the procedures in the audit program. The list below contains examples of audit procedures and the assertions to which they relate. Keep in mind that the formulation of audit procedures depends on the direction of audit testing, i.e. understatement or overstatement of the account balance or class of transactions being tested. Cash 1. Send confirmations letters to banks to verify the existence of amounts on deposit (existence). 2. Count cash on hand to verify its existence (existence). 3. Review the cutoff of cash receipts and cash disbursements at year end to verify that transactions affecting cash are recorded in the proper period (rights and obligations). 4. Review year end bank reconciliations to verify that cash has been properly stated at year end (completeness). 5. Foot summary schedules of cash and agree the total with the amount that will appear on the financial statements (valuation). 6. Test the translation of foreign currencies (valuation). Accounts receivable 1. Inquire of management about the pledging of receivables (disclosure). 2. Review loan agreements for pledging of receivables (disclosure). 3. Confirm accounts receivables by direct communication with debtors (existence). 4. Vouch accounts receivables to supporting customer orders, sales orders, invoices and shipping documents (existence). 5. Review the cutoff of sales and cash receipts at year end to verify that transactions affected accounts receivable are recorded in the proper period (rights and obligations). 6. Perform analytical procedures such as the calculation of gross profit margin and accounts receivable turnover (completeness) 7. Foot the accounts receivable subsidiary ledger to verify clerical accuracy (valuation). 8. Reconcile subsidiary ledgers to the general ledger (valuation). 9. Examine subsequent cash receipts to test the adequacy of the allowance for doubtful accounts (valuation and/or existence) 10. Age the accounts receivable listing to test the adequacy of the allowance for doubtful accounts (valuation). Inventory 1. Inquire of management about pledging of inventory (disclosure). 2. Confirm consigned inventory with the consignee (existence). 3. Observe the physical inventory count and make test counts (existence). 4. Review cutoff of sales, sales returns, purchase and purchase returns at year end to verify that transactions affecting inventory are recorded in the proper period (rights and obligations). 5. Compare test counts made during the physical inventory to the client‟s final inventory listing to verify the accuracy of the count and the summarization of inventory (completeness). 6. Account for all count sheets used during the physical inventory (completeness). 64 Fundamentals of an Audit of Financial Statements 7. Perform analytical procedures such as the calculation of gross profit margin and inventory turnover (completeness). 8. Reconcile inventory summary schedules to the general ledger to verify clerical accuracy (valuation). 9. Test the inventory cost method (valuation). 10. Test the pricing of inventory to verify that it is recorded at the lower of cost or net realizable value (valuation). Property, Plant and Equipment 1. Inquire of management about pledging of property, plant and equipment (disclosure). 2. Review loan agreements to determine if property, plant and equipment has been pledged (disclosure). 3. Inspect major acquisitions to verify their existence (existence). 4. Vouch additions and retirements to supporting documents (existence and rights and obligations). 5. Review minutes of the board of directors‟ meetings to determine that major additions have been properly authorized (rights and obligations). 6. Perform analytical procedures such as the comparison of repairs and maintenance expense on a monthly and annual basis (completeness). 7. Vouch significant amounts of repairs and maintenance to supporting documents (completeness). 8. Foot property, plant and equipment schedules to verify clerical accuracy (valuation). 9. Reconcile property, plant and equipment summary schedules to the general ledger to verify clerical accuracy (valuation). 10. Recalculate depreciation to verify its clerical accuracy (valuation). Accounts payable 1. Confirm accounts payable by direct confirmation with vendors (occurrence, obligation, completeness and valuation). 2. Vouch accounts payable balances to receiving reports, purchase orders and invoices (existence and valuation). 3. Review the cutoff of purchases, purchase returns, and cash disbursements at year end to verify that transactions affecting accounts payable are recorded in the proper period (rights and obligations). 4. Perform analytical procedures such as the calculation of the ratio of accounts payable divided by purchases (completeness). 5. Perform a search for unrecorded liabilities by tracing cash disbursements made after year end for services or goods received prior to year end to the accounts payable listing (completeness). 6. Foot the accounts payable subsidiary ledger to verify clerical accuracy (valuation). 7. Reconcile subsidiary ledgers to the general ledger (valuation). Long-term debt 1. Inquire of management regarding pledging of assets related to debt (disclosure). 2. Review debt agreements for details on pledged assets or events that may result in default on the loan (disclosure). 3. Confirm long-term debt with appropriate third parties (existence). 65 Fundamentals of an Audit of Financial Statements 4. Trace receipt of funds and payments to the bank account and to the cash receipts journal (occurrence). 5. Review the cutoff of cash receipts and disbursements at year end to verify that transactions affecting debt are recorded in the proper period (rights and obligations). 6. Review minutes of the board of directors meetings to verify that transactions have been properly authorized (rights and obligations). 7. Inquire of management as to the completeness of debt (completeness). 8. Review bank confirmations for any indication of unrecorded debt (completeness). 9. Foot summary schedules of long-term debt to verify clerical accuracy (valuation). 10. Reconcile subsidiary ledgers to the general ledger (valuation). 11. Recalculate interest expense and accrued interest payable (valuation). Additional consideration for specific items Examples of specific items include the following:  Attendance at physical inventory counting  Confirmation of accounts receivable  Inquiry regarding litigation and claims  Valuation and disclosure of long-term investments  Segment information Attendance at physical inventory count When inventory is material to the financial statements, the auditor should obtain sufficient appropriate audit evidence regarding the existence and condition of the inventory. Being present at the inventory count will enable the auditor to inspect the inventory, to observe control procedures to ensure the accuracy of the count, and to evaluate whether the procedures are reliable. Prior to attending the inventory count, the auditor should consider:  the nature of the accounting and internal control systems used regarding the inventory;  materiality and inherent control and detection risk related to the inventory in order to determine the sample size of test counts to be performed at the physical inventory;  the client‟s procedures and instructions regarding the inventory count.  when the count will be taken;  where the inventory is located (e.g. how many different locations);  whether the assistance of an expert is needed. The auditor should review management‟s inventory count instructions that relate to:  the application of control procedures. For example, how used and unused count sheets are controlled and actual count and recount procedures.  accurate identification of:  the stage of completion of work in process inventory;  slow moving, damaged, or obsolete items of inventory; and  consigned inventories.  whether appropriate arrangements have been made regarding the movement of inventory between areas and the shipping and receiving of inventory before and after the cutoff date. 66 Fundamentals of an Audit of Financial Statements To obtain assurance that management‟s procedures are being complied with, the auditor should observe employees performing the procedures and perform independent test counts. For example, the auditor would test the completeness of the counts recorded by the client by selecting items from the actual inventory and tracing those items to the inventory count sheets. The auditor would test the existence of inventory by selecting items from the inventory count sheets and tracing those items to the actual inventory. The auditor should also consider the adequacy of procedures used to establish proper cut-off of sales and purchases and to estimate physical quantity (e.g. a coal pile). The client normally prepares a final inventory list as a result of the physical count. The final list would be tested during audit work to assess whether it reflects actual inventory counts observed during the physical inventory taking. Confirmation of accounts receivable When accounts receivable are material to the financial statements and it is reasonable to expect that debtors will respond, the auditor should obtain direct confirmation of the receivable balance from the debtor. This procedure provides evidence relating to the existence of accounts receivable. It does not provide evidence relating to the completeness (i.e. that all sales are recorded) or valuation (i.e. that all accounts are collectible) of accounts receivable. The method used to select accounts for confirmation will depend upon whether judgmental or statistical sampling procedures are applied. Once the accounts are selected, the auditor sends confirmation request letters to the selected debtors requesting that the debtor confirm directly to the auditor the balance owed to the client. Confirmation request letters will contain management‟s authorization to disclose this information to the auditor. If a reply to a confirmation request is not received from the debtor, the auditor should perform alternative procedures, otherwise the item will be treated as an error for the purpose of evaluating sample results. Alternative procedures may consist of examining subsequent cash receipts from the debtor or examining sales and shipping documents. If management asks the auditor not to send a confirmation request to a particular debtor, the auditor should consider management‟s reasons for the request. For example, a client might believe that a confirmation request sent to a debtor disputing the amount owed will negatively affect negotiations between the client and the debtor. In this situation, the auditor should examine evidence supporting the client‟s position and apply alternative procedures to the account receivable balance. Inquiry regarding litigation and claims The auditor should perform procedures in order to become aware of any litigation or claims that involve the client and which may have a material affect on the financial statement. Such procedures would include:  inquiring of management regarding pending litigation and claims and obtaining representations from management;  reviewing board minutes and correspondence with the client‟s lawyers;  examining legal expense accounts for unusual expenditures;  considering other information regarding the client‟s business such as information obtained from the in-house legal department. 67 Fundamentals of an Audit of Financial Statements When litigation or claims have been identified, or if the auditor believes that they may exist, the auditor should communicate directly with the client‟s lawyers. The communication should be by letter, prepared by the client and sent to the lawyer by the auditor, requesting that the lawyer communicate directly with the auditor. The letter may be a general inquiry or may specify the following:  a list of litigation and claims;  management‟s assessment of the outcome of the litigation or claim and its estimate of the costs involved;  a request that the lawyer confirm the reasonableness of management‟s assessments and provide the auditor with further information if the list is incomplete or incorrect. If management refuses to give the auditor permission to communicate with its lawyers, this would be a scope limitation and should ordinarily result in a qualified opinion or disclaimer of opinion in the audit report. Valuation and disclosure of long-term investments When long-term investments are material to the financial statements, the auditor should obtain sufficient appropriate evidence regarding their valuation and disclosure. Procedures would ordinarily include:  evaluation of the client‟s ability to hold the investment on a long-term basis;  inquiring of management about its intention to hold the investment for the long term and obtaining written representation of this intention;  obtaining the financial statements and other information, such as market quotations, to assess the value of the investment and comparing that value to the carrying amount recorded in the client‟s financial statements as of the audit date. If the value is less than the carrying amount, the auditor would consider whether a write-down is required. If there is uncertainty regarding the recovery of value, the auditor would consider whether appropriate adjustments and/or disclosures have been made in accordance with the identified financial reporting framework. Segment information When segment information is material to the financial statements, the auditor should obtain sufficient, appropriate evidence regarding its disclosure in accordance with the identified financial reporting framework. Segment information consists of geographical or industry information that is disclosed in an entity‟s financial statements. The auditor would discuss with management the methods used to determine segment information. The auditor would test the application of such methods using analytical procedures and other audit tests judged to be appropriate in the circumstances. The auditor would then consider whether application of these methods results in disclosure that is in accordance with the identified financial reporting framework. 68 Fundamentals of an Audit of Financial Statements Audit Sampling Audit sampling means the application of an audit procedure to less than 100% of the items in an account balance or class of transactions in order to form a conclusion about. Sampling enables the auditor to obtain sufficient appropriate audit evidence in a cost efficient manner. The method used to select a sample may be statistical or non-statistical: Statistical sampling relies on the laws of probability to select sample data. When evaluating the sample data, statistics allow the auditor to quantitatively measure (and therefore control) the risk of sampling error that results from examining only a part of the data. Statistical sampling is usually used when examining a population that consists of a large number of homogeneous items. Non-statistical sampling relies on the auditor‟s experience to select an appropriate sample. This method is often used when the population consists of a small number of high value items. For example, 40 items were added to the property, plant and equipment balance during the audit period and the total EUR value of the additions was EUR70,000. The 40 items include 7 high- dollar-value items totaling EUR57,000. The auditor may decide to select a judgmental sample that consist of those seven items plus five other randomly selected items upon which to perform audit procedures. Audit sampling may be used when performing tests of controls or substantive tests. Tests of controls are used to assess the effectiveness of a control to prevent or detect and correct a material misstatement in the financial statements. Substantive tests are used to obtain evidence to assess whether account balances and classes of transactions are properly stated. Precision and reliability The following is a review of some of the basic terminology and concepts is necessary before discussing the design of an audit sample. The selection and evaluation of statistical samples includes making estimates of precision (accuracy) and reliability (risk). These terms can be described as follows: Precision reflects the extent to which the sample characteristic can be expected to correspond to the true, but unknown, characteristic of the population being tested. For example, assume that the auditor is performing a test of controls by examining a sample of sales invoices to determine if a sales supervisor had properly approved them. If the sample shows that 2% of the sample items deviate from the control procedure, what does that tell the auditor about a rate of deviation in the population as a whole? It is unlikely that the deviation rate in the population will be exactly 2%. However, the auditor may statistically establish a range of, for example, plus or minus 1%, around the sample deviation rate, within which the true population characteristic is expected to be. Precision ranges are stated in percentages when performing tests of controls, and in monetary amounts when performing substantive testing. Materiality is directly related to precision. Materiality is the measure of an allowable margin of error that the auditor is willing to accept when performing a particular audit test. For example, when performing tests of controls, a maximum acceptable upper precision limit of 5% means that the auditor is willing to accept as much as a 5% deviation of a certain characteristic in the population and still conclude that the client has substantially complied with the control procedure being tested. When performing substantive procedures, a precision limit of plus or minus EUR25,000 means that the auditor will accept a population as being free from material error if 69 Fundamentals of an Audit of Financial Statements the value of the true population is within plus or minus EUR25,000 of the value estimated from the sample. Reliability (or confidence) is the mathematical probability that the true characteristic of the population will fall somewhere within the precision range described above. For example, a specified 90% confidence level in the sample being tested above, means that 90 out of 100 random sample drawn from the population would contain a deviation rate of no more than 5%. With this degree of confidence, there is also a 10% chance that the true deviation rate in the sample could be more than 5% which could result in an incorrect conclusion regarding the population. Tests of controls and substantive testing The audit objective of tests of controls is to determine whether the client is complying with certain control procedures. Noncompliance results in a higher probability that the related account balance could be misstated. Tests of controls, therefore, can be a useful (but not required) preliminary step in determining the nature, timing and extent of substantive tests. The audit objective of substantive tests, is to estimate the true amount of a characteristic of an audit population. For example, the audit objective may be to estimate, with 95% confidence, that the sales account is not misstated by more than EUR50,000. When performing tests of controls and substantive tests, the auditor uses sample tables to determine sample size based on factors such as the desired level of precision, desired reliability and estimated deviation or error rate. The auditor also evaluates sample results using sample tables that reflect specified levels of precision and reliability and deviations or errors noted as the result of the applying audit procedures. Design of the sample When designing an audit sample, the auditor should consider the specific audit objectives, the population and the sample size. Audit objectives In designing an audit sample, the auditor would first consider the specific audit objectives to be achieved and the audit procedures that would best achieve that result. For example, assume that the audit objective relating to an accounts receivable balance is to determine that the balance represents valid claims against debtors (existence assertion). In this case, the direction of testing will be for overstatement of the accounts receivable balance. Confirmation of selected debtor balances is a procedure often used to provide sufficient, appropriate audit evidence regarding the existence of accounts receivable. On the other hand, if the audit objective relating to accounts receivable is to determine that all outstanding accounts receivable are recorded at year end (completeness assertion), then the direction of testing would be for understatement of the accounts receivable balance. In this situation, the auditor may decide to examine shipping documents or subsequent cash receipts to test the completeness of the accounts receivable listing. Population The population is the entire set of data from which the auditor will select a sample. The individual items that make up the population are called sampling units. A population can be divided into sampling units in a variety of ways. For example, the sampling unit when confirming accounts receivable may be the outstanding customer balance or the individual invoice amounts that make up that balance. 70 Fundamentals of an Audit of Financial Statements A population may be stratified into sub-populations that are sub-groups of sampling units that have similar characteristics. Sample size When determining the sample size, the auditor should consider sampling risk, tolerable error and expected error. Sampling risk is the risk that the auditor‟s conclusion based on the results of sampling may be different from the conclusion that would be reached if the entire population was tested using the same audit procedure. Sampling risk must be considered when performing both tests of controls and substantive procedures: Tests of controls:  Risk of under reliance is the risk that the assessed level of control risk that was based on sample results is too high. If the auditor assesses control risk too high, more substantive testing will be performed than is necessary which leads to audit inefficiency.  Risk of over reliance is the risk that the assessed level of control risk that was based on sample results is too low. If the auditor assesses control risk too low, not enough substantive testing will be performed to ensure an effective audit. Therefore, the risk of over reliance is of greater audit concern than the risk of under reliance. Substantive procedures:  Risk of incorrect rejection is the risk that the sample results support the conclusion that the recorded account balance is materially misstated when it is not materially misstated.  Risk of incorrect acceptance is the risk that the sample results support the conclusion that the recorded account balance is not materially misstated when it is materially misstated. The risk of incorrect acceptance is of greater audit concern than the risk of incorrect rejection. The level of sampling risk that the auditor is willing to accept affects sample size. The lower the acceptable risk, the greater the sample size will need to be. Tolerable error is the maximum error in a population that an auditor would be willing to accept and still conclude that the results from the audit sample has achieved the audit objective. Tests of controls: When performing tests of controls, tolerable error is expressed in terms of deviation rate which consists of the number of deviations found in the sample selected to test a particular control procedure. The auditor‟s determination of tolerable error rate is a function of:  the planned assessed level of control risk  the degree of assurance desired from the sample Substantive tests: When performing substantive tests, tolerable error is expressed in terms of a monetary amount. Tolerable error is related to materiality in that it would be equal to or less than the materiality apportioned to the assertion of the account balance or class of transactions being tested. Expected error is the error that the auditor expects to be present in the population to be sampled. Tests of controls: When performing tests of controls, expected error is the estimate of deviation rate in the entire population. Substantive tests: When performing substantive tests, expected error is the estimate of the maximum error contained in the account balance or class of transactions expressed in terms of a 71 Fundamentals of an Audit of Financial Statements monetary amount. This estimate may be based on the understanding of the client‟s business, prior year audit experience, a pilot sample, and/or the results of the review and evaluation of internal control. Selection of the sample The sample should be selected so that it is representative of the population. This means that all items in the population should have the opportunity to be selected. There are many methods used to select a sample. The following three methods are commonly used:  Random selection ensures that all items have an equal chance of selection by using, for example, random number tables.  Systematic selection involves selecting items using a constant interval, the first interval having a random start. Intervals may be in terms of units or monetary amounts. For example, every 20th invoice could be selected from the sales invoice file or every $1000 increase in the cumulative value of the population. When using systematic selection, the auditor needs to determine that the population itself is not systematically ordered (e.g. sorted by geographical location) since this would bias the sample.  Haphazard sampling consists of selecting units without any conscious bias, i.e. without any special reason for including or omitting an item. When the auditor uses this method, the auditor should guard against making a biased selection. Evaluation of sample results After the auditor has performed audit procedures on the selected sample items, the auditor should:  analyze any errors detected in the sample;  project errors found in the sample to the population; and  reassess the sampling risk. Analysis of errors When the auditor designs the sample, those conditions that constitute an error will also be defined. For example, the auditor is testing for overstatement of accounts receivable. A confirmation is received from the customer that states an amount due of EUR300 when the client has a recorded amount due of EUR340. The cause of this difference must be analyzed to determine whether it constitutes an error. If the difference is due, for example, to posting a EUR40 invoice twice, it would be considered an error for the purpose of evaluating sample results. If the difference is due to a mis-posting between customer accounts, it would not be considered an error because mis-posting does not misstate the total accounts receivable balance. When audit evidence regarding a selected item cannot be obtained (e.g. an accounts receivable confirmation is not returned), alternative procedures must be performed (e.g. examining subsequent cash receipts when an accounts receivable confirmations is not returned). If audit evidence for the selected item cannot be obtained through alternative procedures, the item would be treated as an error. 72 Fundamentals of an Audit of Financial Statements Projection of errors When errors are found in the sample, the auditor must project those errors to the population from which the sample was selected. There are several acceptable methods used to project errors. One of them method will be reviewed in the example below. Reassessing sampling risk To reassess sampling risk, the auditor needs to determine whether errors in the population exceed tolerable error. The auditor accomplishes this by comparing projected error to tolerable error while taking into account other audit procedures relevant to the specific control or financial statement assertion. In the case of substantive procedures, projected error is net of any adjustments made by the client. When projected error exceeds tolerable error, the auditor must reassess sampling risk. If that risk is unacceptable, the auditor would consider extending the audit procedure or performing alternative procedures. Going Concern When planning and performing audit procedures, and in evaluating the results of those procedures, the auditor should consider whether the going concern assumption that underlies the preparation of financial statements is appropriate. The going concern assumption is the assumption that an entity will continue in operation for the foreseeable future, generally one year after the balance sheet date. Under this assumption, assets are valued on the basis of continued use, (for example, historical cost) and liabilities are classified based on the terms of existing agreements. If the assumption is unjustified, there could be a material impact on the financial statements since the entity may need to liquidate or significantly reduce the scale of its operations. In this case, assets, such as inventory, may need to be reduced to net realizable value or liquidation value. The classification of liabilities may change from long-term to short-term due, for example, to the default of terms specified in the client‟s loan agreement with its bank. The auditor should consider the risk that the going concern assumption may no longer be appropriate. The listing below provides examples of factors that the auditor should consider when evaluating this assumption. The existence of one or more factors, however, does not always indicate that the assumption should be questioned. Factors that indicate that the going concern assumption needs to be questioned: 1) Financial indications:  Fixed term borrowings that are close to maturity that realistically cannot be repaid or renewed.  Excessive reliance on short-term borrowings to finance long-term assets.  Total liability or current liability balances exceed total asset or current asset balances.  Adverse key financial ratios.  Substantial operating losses.  Discontinuance of dividends.  Inability to pay creditors when payments are due.  Difficulty in complying with the terms of loan agreements.  Change in payment terms to suppliers from credit to cash on delivery. 73 Fundamentals of an Audit of Financial Statements  Inability to obtain credit financing for essential investment. 2) Operating indications:  Loss of key managers without replacement.  Loss of a major market, franchise, license, or principal supplier.  Labor problems or shortages of important supplies. 3) Other indications:  Noncompliance with capital or other statutory requirements.  Pending legal proceedings against the entity which may, if successful, result in judgments that could not be paid.  Changes in legislation or governmental policy that adversely affect the entity‟s operations. The significance of these factors may often be mitigated by others. For example, a client unable to make normal debt payments may decide to dispose of certain assets in order to generate cash flow to meet its obligations. Alternatively, the client and the bank may agree to reschedule loan payments, or management may have the ability to obtain additional capital. In many cases, the existence of mitigating factors means that the going concern assumption is still appropriate. The auditor must apply professional judgment to make this determination. If it appears during the planning phase that the going concern assumption may not be appropriate, procedures performed during the audit may become more significant or it may be necessary to perform additional procedures to resolve this question. Procedures that help resolve a question relating to going concern are:  Analyze and discuss cash flow, profit and other relevant forecasts with management.  Review the terms of loan agreements and determine whether any have been breached.  Review events occurring after the end of the period to identify items that affect the client‟s ability to continue as a going concern.  Read the minutes of board of directors‟ and shareholder meetings for any references to financing difficulties.  Inquire of the client‟s attorney regarding litigation and claims.  Confirm the existence, legality, and enforceability of agreements with related parties or third parties to provide financing and assess the financial ability of such parties to provide it.  Consider the impact of unfilled customer orders on the client‟s financial position. Going concern is considered during planning and again at the conclusion of the audit. Analytical Procedures An auditor should apply analytical procedures at the planning and overall review phases of an audit. This is to assist in understanding the client‟s business and in identifying areas of potential risk. Analytical procedures may also be applied as substantive tests when obtaining audit evidence. Analytical procedures consist of analyzing significant ratios and trends derived from financial and non-financial data. They also include investigating fluctuations and relationships that are not 74 Fundamentals of an Audit of Financial Statements consistent with other relevant information or that deviate from predicted amounts. Examples of analytical procedures are:  comparing information, such as current period sales to prior periods, for example, in order to track growth trends;  comparing actual results of operations to operating budgets to, for example, identify unusual or unexpected changes in revenues and expenses;  comparing financial ratios, such as the client‟s ratio of sales to accounts receivable to the industry average, to evaluate, for example, whether accounts receivable collections are typical of industry experience;  calculating and comparing the gross profit margin of the current period to prior periods to identify, for example, changes in product mix, changes in product profitability or underreporting of sales; and  comparing the relationship of payroll expense to the number of employees currently employed to determine, for example, if payroll expense for the period is reasonable. Substantive procedures may consist of tests of details, analytical procedures or a combination of both. The decision to use analytical procedures as a substantive test is based on the auditor‟s judgment regarding the expected effectiveness and efficiency of the analytical procedure. When the auditor intends to use analytical procedures, a number of factors should be considered:  Availability of financial information such as budgets as well as non-financial information such as the number of units produced and sold.  Reliability of the information. For example, whether budgets are carefully prepared.  Relevance of the information. For example, whether budgets are prepared to reflect expected results rather than goals to be achieved.  Source of the information. For example, information obtained from external sources is more reliable than information obtained from internal sources.  Comparability of the information. For example, broad industry data may not be comparable if the client produces and sells specialized products.  Knowledge gained during previous audits together with the auditor‟s understanding of the effectiveness of the accounting and internal control systems.  Objectives of the analytical procedures and the extent to which their results can be relied upon. Extent of reliance on analytical procedures Analytical procedures involve the evaluation of expected relationships among financial and non- financial data. The presence of these relationships provides audit evidence as to the completeness, accuracy and validity of the data produced by the accounting system. There is a risk, however, that the results of analytical procedures may indicate an expected relationship when, in fact, a material misstatement exists. Therefore, the amount of reliance that an auditor places on the results of analytical procedures as substantive tests depends on the following factors:  materiality of the items involved. For example, when inventory balances are material, the auditor does not rely on analytical procedures to form conclusions. He/she may, however, 75 Fundamentals of an Audit of Financial Statements rely on analytical procedures for certain income and expense items when they are not individually material.  other audit procedures directed towards the same audit objective. For example, other procedures performed by the auditor in testing the valuation of accounts receivable, such as review of subsequent cash receipts, could confirm or dispel questions resulting from the application of analytical procedures to an aged accounts receivable listing.  accuracy in predicting the results of analytical procedures. For example, the auditor would normally expect gross profit margins to be comparable from year to year but would not expect discretionary expenses such as research or advertising to be comparable.  assessments of inherent and control risk. For example, if control risk relating to sales order processing is high, more reliance should be placed on tests of details of transactions and balances than on analytical procedures to obtain audit evidence regarding accounts receivables. Examples of analytical procedures Analytical procedures are often performed in combination with other substantive procedures to test the assertions relating to account balances and classes of transactions. Ratios and other comparisons may be compared with those of the prior year and/or expectations the auditor developed, based on his/her knowledge of the client and its industry. Typical ratios and other comparisons for various audit areas include the following: Sales and accounts receivable:  gross profit ratio  accounts receivable turnover  ratio of bad debt write-offs to ending accounts receivable Inventory and cost of sales:  gross profit ratio  inventory turnover  comparison of current year inventory reserve with the prior year‟s Property, plant and equipment:  comparison of repairs and maintenance amounts on a monthly and annual basis  depreciation expense as a percentage of property, plant and equipment cost Accounts payable and other accrued liabilities:  accounts payable days  accounts payable as a percentage of total current liabilities  comparison of general and administrative expenses with the prior year‟s  payroll tax expense as a percentage of total payroll Long-term debt:  interest expense as a percentage of long-term debt 76 Fundamentals of an Audit of Financial Statements Audit of Accounting Estimates Accounting estimates are made when a precise means of measurement is not available for a particular financial item. Examples of accounting estimates include:  Allowances to reduce inventory and accounts receivable to their estimated realizable value.  Depreciation rates that are used to allocate the cost of fixed assets over their estimated useful lives.  Provision for a loss from a lawsuit.  Deferred taxes. Management is responsible for making accounting estimates. Estimates require the exercise of judgment. Because estimates are often based on the outcome of events that are uncertain at the time of making them, the risk of material misstatement is greater as a result of the uncertainty. The auditor should obtain sufficient, appropriate audit evidence to evaluate whether the accounting estimate is reasonable and properly disclosed. Examples of the approaches used to evaluate an accounting estimate:  reviewing and testing the approach management used to develop the estimate;  using an independent estimate for comparison with management‟s estimate; or  reviewing subsequent events that confirm management‟s estimate. Evaluation of results of audit procedures The auditor uses his/her knowledge of the business, and results of other audit evidence obtained during the audit, to make a final assessment of the reasonableness of the accounting estimate. 77 Fundamentals of an Audit of Financial Statements Example - Accounting Estimate MMM Co. has not recorded an allowance for doubtful accounts because past collection experience has indicated that an allowance is not necessary. The auditor obtained an aged accounts receivable listing and performed certain audit procedures. Required: Review the aged accounts receivable listing and answer the questions listed below. Client prepared MMM Co. Prepared Date: by: schedule Aged Accounts Receivable List Reviewed Date: by: Year Ended December 31, 2xx1 Customer name 0 - 30 days 30 - 60 60 - 90 Over 90 Total days days days # # # # Amco 560 560 Am East 1,120 1,120 Alba 5,700 450 6,150 Border 300 300 Consolidated Em 650 650 D&T 7,200 7,200 Emta 420 420 Foster 1,190 250 1,440 Great Northern 110 110 Harrah 3,520 3,520 Lotter 4,890 4,890 MainCo 120 120 Netter 650 790 120 1,560 Nortle 260 260 Press 220 170 510 900 Rigger 110 110 Star 710 330 1,040 Selco 2,520 2,520 Trimmer 1,050 1,210 2,260 Tost 550 550 Winter 420 420 Total 31/12/x1 17,200 9,550 1,520 7,830 36,100 F F F F F 48% 26% 4% 22% Total 31/12/x0 15,520 7,520 1,250 780 25,070 Percentage of 62% 30% 5% 3% 78 Fundamentals of an Audit of Financial Statements total ** ** ** ** ** Tickmark legend # Tested aging by agreeing age to invoice; no exceptions ** Per prior year working papers F Footed CF Crossfooted R-10 Discussion questions: 1) What substantive audit procedures have been applied in the working paper? 2) Which assertion is being tested? 3) Is an allowance for doubtful accounts required? 4) What additional procedures could be performed to assist the auditor in determining whether the allowance for doubtful accounts is properly stated? Initial Engagements - Opening Balances Opening balances are the account balances that exist at the beginning of the period. They reflect the effects of transactions and the application of accounting policies in the prior period. For initial audit engagements, the auditor should obtain sufficient appropriate audit evidence that:  opening balances do not contain misstatements that materially affect the current period‟s financial statements;  the prior period‟s closing balances have been correctly brought forward to the current period or, when appropriate, restated; and  appropriate accounting policies are consistently applied or changes in accounting policies have been properly accounted for and disclosed. In order to evaluate the sufficiency and appropriateness of opening balances, the auditor will need to determine:  The client‟s accounting policies and whether the accounting policies are appropriate and consistently applied in the current period.  Whether the prior period financial statements were audited, and if the auditor‟s report was modified. If the prior period financial statements were audited, the auditor may be able to obtain sufficient appropriate evidence regarding opening balances by reviewing the predecessor auditor‟s working papers.  The nature of the accounts and the risk of misstatement in the current period‟s financial statements.  The materiality of the opening balances relative to the current period‟s financial statements. If the prior period financial statements were not audited, or if the auditor is not satisfied with the audit performed by the predecessor auditor, then the auditor will need to perform other procedures. Examples include:  Subsequent collections of opening accounts receivable to obtain evidence regarding existence, rights and obligations and valuation. 79 Fundamentals of an Audit of Financial Statements  Subsequent payments of opening accounts payable to obtain evidence regarding completeness and rights and obligations.  Vouching significant fixed assets to supporting purchase invoices so as to obtain evidence regarding existence. (Note: vouching is a procedure that entails tracing a transaction recorded in an account to the underlying source document. This procedure is primarily used when testing for overstatement.)  Inspecting loan agreements to obtain evidence regarding the existence and proper disclosure of long-term debt. Audit conclusions and reporting It may be more difficult to obtain audit evidence for certain opening balances such as inventory. If the auditor is unable to obtain the necessary evidence, the auditor's report should include a qualified opinion or a disclaimer of opinion depending upon how material the inventory balance is to the financial statements taken as a whole. Examples are as follows:  qualified opinion “We did not observe the counting of physical inventory as of December 31, 2xx0 because that date was prior to our appointment as auditors. We were unable to satisfy ourselves as to the inventory quantities at that date by other audit procedures. In our opinion, except for the effects of such adjustments, if any, that might have been necessary had we observed the counting of the physical inventory and satisfied ourselves as to the opening balance of inventory, the financial statements present fairly, in all material respects, the financial position of KKK Company as of December 31, 2xx1 and the results of operations for the year then ended.�  disclaimer of opinion “We did not observe the counting of physical inventory as of December 31, 2xx0 because that date was prior to our appointment as auditors. We were unable to satisfy ourselves as to the inventory quantities at that date by other audit procedures. Because of the significance of the above matter in relation to the Company‟s operations for the year ended December 31, 2xx1, we are not in the position to, and do not, express an opinion on the results of operations and cash flows for the year then ended. In our opinion, the balance sheet presents fairly, in all material respects, the financial position of KKK Company as of December 31, 2xx1 in accordance with International Financial Reporting Standards.� If the opening balances contain a material misstatement, the auditor should inform management. If the effect of the misstatement is not properly accounted for and adequately disclosed in the current period, the auditor should express a qualified opinion or an adverse opinion. If the current period‟s accounting policies have not been consistently applied and if the change has not been properly accounted for and adequately disclosed, the auditor should express a qualified opinion or adverse opinion. 80 Fundamentals of an Audit of Financial Statements Related Parties Audit procedures should be performed to obtain sufficient appropriate audit evidence regarding the identification of related parties and related party transactions that are material to the financial statements. Two parties are related if one party is able to control or exercise significant influence over the other party making financial and operational decisions. Related party transactions involve any transfer of resources or obligations between related parties, regardless of whether a price is charged. Although the existence of related parties and related party transactions are ordinary features of business, the auditor needs to be aware of them because:  the financial reporting framework may require disclosure of certain related party relationships and transactions;  the existence of related parties or related party transactions may affect the financial statements;  the source of audit evidence affects the auditor's assessment of its reliability. A greater degree of reliance may be placed on audit evidence obtained from unrelated third parties; and  a related party transaction may not be motivated by ordinary business considerations. When the financial reporting framework requires related party disclosure, the auditor should be satisfied that all disclosures about related parties have been included in the financial statements. Transactions with related parties When making a preliminary assessment of control risk during planning, the auditor should consider the adequacy of control procedures over the authorization and recording of related party transactions. This assessment will affect the nature, timing and extent of substantive tests performed during the course of the audit. During the audit, the auditor needs to be alert for transactions that may indicate the existence of previously unidentified related parties. Examples of such transactions include those:  that have abnormal terms of trade such as unusual prices, interest rates, guarantees, and repayment terms.  that lack a logical business reason for their occurrence.  in which substance differs from form.  processed in an unusual manner.  with high volume or terms and conditions of transactions with certain customers or suppliers as compared with others.  that are unrecorded, such as the receipt or provision of services at no charge. Procedures performed during the audit might identify transactions with related parties. For example, bank confirmations may indicate a guarantor relationship with a related party. When such transactions are identified, the auditor should determine that they have been properly accounted for and disclosed. 81 Fundamentals of an Audit of Financial Statements Subsequent Events Subsequent events are events that occur after the end of the reporting period that may require adjustment to, or disclosure in, the entity‟s financial statements. There are two types of events: a) those that provide further evidence of conditions that existed at the end of the period; and b) those that provide evidence of conditions that arose after the end of the period. The auditor should perform procedures to obtain sufficient, appropriate evidence that all subsequent events have been identified and adjusted for, or disclosed in the financial statements. Procedures to identify subsequent events should normally be performed near the end of the audit. Examples of procedures to identify subsequent events:  Reviewing the procedures established by management to ensure that subsequent events have been identified.  Reading minutes of the meetings of shareholders, the board of directors, and audit and executive committees held after period end and inquiring about matters discussed at meetings for which minutes are not yet available.  Reading the client‟s most recent interim financial statements and when necessary, budgets, cash flow forecasts, and other related management reports.  Inquiring of the client‟s lawyers about litigation and claims.  Inquiring of management about any other possible subsequent events that could affect the financial statements. Examples of specific inquiries are:  Have new commitments, borrowings or guarantees been entered into?  Have sales of assets taken place or been planned to take place?  Have new shares been issued?  Have any assets been appropriated by the government?  Have any assets been destroyed, for example, by fire or flood?  Have there been any new developments regarding risk areas and contingencies?  Have any unusual accounting adjustments been made or contemplated?  Have any events occurred that would affect the appropriateness of accounting policies in the financial statements such as events that would call into question the validity of the going concern assumption? Facts discovered after the date of the auditor's report but before the financial statements have been issued If the auditor becomes aware of a fact after the date of the auditor‟s report, but before the financial statements have been issued, that could materially affect the financial statements, the auditor should discuss the matter with management. If the auditor determines that the financial statements should be amended to reflect the new fact, management should amend the financial statements and the auditor should perform the procedures necessary to issue a new audit report. If management does not comply, the auditor should express a qualified or adverse opinion. If the client has already received the original auditor‟s report, top management should be notified not to issue the financial statements and the auditor‟s report. If management disregards this notification, the auditor should consider appropriate legal action. 82 Fundamentals of an Audit of Financial Statements Facts discovered after the financial statements have been issued After the financial statements have been issued, the auditor could become aware of a fact that existed at the date of his/her report that might have caused him/her to modify the report had the fact been known. In this (rare) case, the auditor should consider whether the financial statements need revision and discuss the matter with management. When the auditor judges revision to be necessary, management should revise the financial statements and the auditor should perform the audit procedures necessary to issue a new audit report. This should include an “emphasis of a matter� paragraph referring to a note to the financial statements that discusses in more detail the reason for the revision of the previously issued financial statements and the auditor‟s earlier report. Going Concern At the end of the audit, the auditor should consider whether the going concern assumption is appropriate. If it appears not to be appropriate, the auditor should perform procedures to assess the client‟s ability to continue in operation for the foreseeable future. Examples of relevant procedures include:  Analyzing and discussing cash flow, profit, and other relevant forecasts with management.  Reviewing the terms of loan agreements and determining whether terms have been breached.  Reviewing events occurring after the end of the period to identify items that affect the client‟s ability to continue as a going concern.  Reading the minutes of board of directors‟ and shareholders‟ meetings for reference to financing difficulties.  Inquiring of the client‟s attorney regarding litigation and claims.  Confirming the existence, legality, and enforceability of agreements with related parties or third parties to provide financing and assessing their financial ability to do so.  Considering the impact of unfilled customer orders on the client‟s financial position. The auditor should also discuss with management its plans for future action, such as plans to liquidate assets, borrow money, restructure debt, reduce or delay expenditures, or increase capital. The auditor would be particularly interested in plans that may have a significant effect on the client‟s solvency in the near future. The auditor would obtain appropriate audit evidence that the plans are:  feasible;  likely to be implemented; and  likely to improve the current situation. The auditor should also obtain written representation from management regarding these plans. Audit conclusions and reporting After performing the procedures described above, the auditor would decide whether the doubt regarding the entity‟s ability to continue as a going concern has been satisfactorily resolved.  If the doubt is satisfactorily resolved, the auditor would not modify the auditor‟s report.  If the doubt is resolved because of mitigating factors, in particular management‟s plans for future action, the auditor decides whether those factors need to be disclosed in the financial 83 Fundamentals of an Audit of Financial Statements statements. If adequate disclosure is not made, the auditor should express a qualified or adverse opinion.  If the doubt is not satisfactorily resolved, the auditor would consider whether the financial statements:  adequately describe the conditions that cause substantial doubt about the entity‟s ability to continue as a going concern;  state that there is significant uncertainty that the entity will be able to continue as a going concern and therefore may not be able to realize its assets and discharge its liabilities in the normal course of business; and  state that the financial statements do not include any of the adjustments that may be necessary if the entity is unable to continue as a going concern. If adequate disclose is made in the financial statements, the auditor would express an unqualified opinion and modify the auditor‟s report by adding an emphasis of matter paragraph that highlights the going concern problem. If adequate disclose is not made in the financial statements, the auditor would express a qualified or adverse opinion, as appropriate. (For examples, see the Modified Reports section. Management Representations During the course of the audit the auditor should obtain and document appropriate representations from management.  The auditor should obtain evidence that management acknowledges its responsibility for the fair presentation of financial statements prepared in accordance with the identified financial reporting framework, and that management has approved the financial statements.  The auditor should obtain written representations from management on matters that are material to the financial statements when other sufficient appropriate evidence cannot reasonable be expected to exist. Management makes many representations to the auditor during the course of the audit. If other audit evidence contradicts a management representation, the auditor should investigate the circumstances and, when necessary, consider the reliability of other management representations. The auditor should obtain written representations from management for items that are material to the audit. Management‟s refusal to provide a representation that the auditor considers necessary, would constitute a scope limitation. In this event, the auditor should express a qualified opinion or disclaimer of opinion. Concluding the Audit A number of procedures are involved in completing the audit. They should be performed on or near the last day of audit work. Most of them have been discussed in the preceding materials and include:  A search for unrecorded liabilities.  Evaluating the effect of misstatements. 84 Fundamentals of an Audit of Financial Statements  Performing an overall review of financial information by applying analytical procedures.  Performing procedures, including inquiry of the client‟s lawyers, to identify litigation or claims.  Performing a review for subsequent events.  Evaluating the appropriateness of the going concern assumption.  Obtaining a management representation letter from the client.  Reviewing the adequacy of disclosures in the financial statements to determine that they are in accordance with the identified financial reporting framework.  Determining that all working papers have been reviewed as required. When the auditor has completed all audit work and evaluated the results of applying audit procedures, he/she has the basis upon which to express an audit opinion in an audit report. 85 Fundamentals of an Audit of Financial Statements 8. Audit Report Auditor’s Report Reports Audit reports Standard Report Changes to the audit Unmodified opinion reports Unmodified opinions with Modified on matters that do additional communication affect the auditor's opinion Emphasis of matter Other paragraph matters paragraph Insufficient or Material misstatement “Without qualifying inappropriate audit our opinion ….� evidence (Eg 6) Material but Material and not pervasive pervasive Material but Material and Qualified Adverse not pervasive “except for� “…. do not give pervasive Disclaimer (Eg 2) a true and fair Qualified “do not view� “except for� express an (Eg 3) opinion� (Eg 5) 86 Fundamentals of an Audit of Financial Statements  the audit opinion is modified when:  The auditor concludes that the financial statements are not free from material misstatement (previously disagreement)  The auditor is unable to obtain sufficient appropriate audit evidence (previously limitation on scope)  an audit report including an emphasis of matter is not referred to as a modified report  the concept of the “other matter� paragraph Forming an opinion and reporting on financial statements  the auditor to give an opinion on whether the financial statements are prepared, in all material respects, in accordance with the applicable financial reporting framework. o to do this, the auditor needs to consider the following: o whether sufficient appropriate audit evidence has been obtained o whether uncorrected misstatements are material Basic elements of the auditor’s report The auditor's report should include the following basic elements, normally in this order: (a) Title (b) Addressee (c) Introductory paragraph (d) Managements' responsibility for the financial statements (e) Auditor's responsibility (f) Auditor's opinion (g) Other reporting responsibilities (h) Auditor's signature (i) Date of the auditor's report (j) Auditor's address Unmodified opinion Forming an opinion includes considering whether, in the context of the applicable financial reporting framework: (a) the accounting policies selected and applied are consistent with the financial reporting framework and appropriate to the circumstances; (b) the accounting estimates made by management are reasonable in the circumstances; (c) the information presented in the financial statements, including accounting policies, is relevant, reliable, comparable and understandable; and 87 Fundamentals of an Audit of Financial Statements (d) the financial statements provide sufficient disclosures to enable users to understand the effect of material transactions and events on the information conveyed in the financial statements. Example 1: An audit report including an unmodified opinion INDEPENDENT AUDITOR’S REPORT [Appropriate addressee] Report on the financial statements We have audited the accompanying financial statements of ABC company, which comprise the statement of financial position as at 31 December, 20X1, and the statement of comprehensive income, statement of changes in equity and statement of cash flows for the year then ended, and a summary of significant accounting policies and other explanatory information. Management's responsibility for the financial statements Management is responsible for the preparation and fair presentation of these financial statements in accordance with International Financial Reporting Standards, and for such internal control as management determines is necessary to enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error. Auditor's responsibility Our responsibility is to express an opinion on these financial statements based on our audit. We conducted our audit in accordance with International Standards on Auditing. Those standards require that we comply with ethical requirements and plan and perform the audit to obtain reasonable assurance about whether the financial statements are free from material misstatement. An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the financial statements. The procedures selected depend on the auditor's judgement, including the assessment of the risks of material misstatement of the financial statements, whether due to fraud or error. In making those risk assessments, the auditor considers internal control relevant to the entity's preparation and fair presentation of the financial statements in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the entity's internal control. An audit also includes evaluating the appropriateness of accounting policies used and the reasonableness of accounting estimates made by management, as well as evaluating the overall presentation of the financial statements. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion. 88 Fundamentals of an Audit of Financial Statements Opinion In our opinion the financial statements present fairly, in all material respects, (or give a true and fair view of) the financial position of ABC Company as at December 31, 20X1, and (of) its financial performance and its cash flows for the year then ended in accordance with International Financial Reporting Standards. Report on other legal and regulatory requirements [Form and content of this section of the auditor's report will vary depending on the nature of the auditor's other reporting responsibilities.] [Auditor‟s signature] [Date of the auditor‟s report] [Auditor‟s address] ISA 705 Modifications to the opinion on the independent auditor’s report The auditor will give a modified audit opinion when: (a) the auditor concludes, based on the evidence obtained, that the financial statements as a whole are not free from material misstatement; or (b) the auditor is unable to obtain sufficient appropriate audit evidence to conclude that the financial statements as a whole are free from material misstatement. When the auditor expects to modify the opinion this must be communicated with those charged with governance. In both circumstances there can be two „level‟s of modified opinion: (i) Material but not pervasive where the circumstances prompting the misstatement are material (ii) Material and pervasive where the financial statements could be mis-leading. Pervasive is used to describe the effects or possible effects on the financial statements of misstatements or undetected misstatement. The revised ISA includes a clearer definition of pervasive. Pervasive effects on the financial statements are those that, in the auditor‟s judgement:  Are not confined to specific elements, accounts or items in the financial statements  If so confined, represent or could represent a substantial proportion of the financial statements; or  In relation to disclosures are fundamental to users‟ understanding of the financial statements. 89 Fundamentals of an Audit of Financial Statements Types of modified opinion Nature of circumstances Material but not pervasive Material and pervasive Financial statements are QUALIFIED OPINION ADVERSE OPINION materially misstated Auditor unable to obtain QUALIFIED OPINION DISCLAIMER OF sufficient appropriate audit OPINION evidence Qualified opinion – financial statements are materially misstated Material misstatements could arise in respect of: o The appropriateness of selected accounting policies o The application of selected accounting policies o The appropriateness or adequacy of disclosures in the financial statements Example 2: Qualified opinion due to material misstatement of inventories Basis for qualified opinion The company‟s inventories are carried in the statement of financial position at xxx. Management has not stated inventories at the lower of cost and net realisable value but has stated them solely at cost, which constitutes a departure from International Financial Reporting Standards. The company‟s records indicate that had management stated the inventories at the lower of cost and net realisable value, an amount of xxx would have been required to write the inventories down to their net realisable value. Accordingly, cost of sales would have been increased by xxx, and income tax, net income and shareholders‟ equity would have been reduced by xxx, xxx and xxx, respectively. Qualified Opinion In our opinion, except for the effects of the matter described in the Basis for Qualified Opinion paragraph, the financial statements present fairly, in all material respects, (or give a true and fair view of) the financial position of ABC Company as at December 31, 20X1, and (of) its financial performance and its cash flows for the year then ended in accordance with International Financial Reporting Standards. Example 3: Adverse opinion due to material misstatement because of non-consolidation of subsidiary Basis for adverse opinion As explained in Note X, the company has not consolidated the financial statements of subsidiary XYZ Company it acquired during 20X1 because it has not yet been able to ascertain the fair 90 Fundamentals of an Audit of Financial Statements values of certain of the subsidiary‟s material assets and liabilities at the acquisition date. This investment is therefore accounted for on a cost basis. Under International Financial Reporting Standards, the subsidiary should have been consolidated because it is controlled by the company. Had XYZ been consolidated, many elements in the accompanying financial statements would have been materially affected. The effects on the consolidated financial statements of the failure to consolidate have not been determined. Adverse Opinion In our opinion, because of the significance of the matter discussed in the Basis for Adverse Opinion paragraph, the consolidated financial statements do not present fairly (or do not give a true and fair view of) the financial position of ABC Company and its subsidiaries as at December 31, 20X1, and (of) their financial performance and their cash flows for the year then ended in accordance with International Financial Reporting Standards. Qualified opinion – auditor unable to obtain sufficient appropriate audit evidence The auditor‟s inability to obtain sufficient appropriate audit evidence could arise from:  circumstances beyond the entity‟s control (e.g. accounting records destroyed)  circumstances relating to the nature or timing of the auditor‟s work (e.g. the timing of the auditor‟s appointment prevents the observation of the physical inventory count)  limitations imposed by management (e.g. management prevents the auditor from requesting external confirmation of specific account balances) Example 4: Qualified opinion due to inability to obtain sufficient appropriate audit evidence about an investment in a foreign affiliate (material but not pervasive) Basis for qualified opinion ABC Company‟s investment in XYZ Company, a foreign associate acquired during the year and accounted for by the equity method, is carried at xxx on the statement of financial position as at December 31, 20X1, and ABC‟s share of XYZ‟s net income of xxx is included in ABC‟s income for the year then ended. We were unable to obtain sufficient appropriate audit evidence about the carrying amount of ABC‟s investment in XYZ as at December 31, 20X1 and ABC‟s share of XYZ‟s net income for the year because we were denied access to the financial information, management, and the auditors of XYZ. Consequently, we were unable to determine whether any adjustments to these amounts were necessary. Qualified Opinion In our opinion, except for the possible effects of the matter described in the Basis for Qualified Opinion paragraph, the financial statements present fairly, in all material respects, (or give a true and fair view of) the financial position of ABC Company as at December 31, 20X1, and (of) its financial performance and its cash flows for the year then ended in accordance with International Financial Reporting Standards. 91 Fundamentals of an Audit of Financial Statements Disclaimer of opinion - auditor unable to obtain sufficient appropriate audit evidence An opinion must be disclaimed when the auditor:  Cannot obtain sufficient appropriate audit evidence on which to base the opinion and  Concludes that the possible effects on the financial statements of undetected misstatements, if any, could be both material and pervasive. The opinion must also be disclaimed in situations involving multiple uncertainties when it is not possible to form an opinion on the financial statements due to the potential interaction of the uncertainties and their possible cumulative effect on the financial statements. Example 5: Disclaimer of opinion due to inability to obtain sufficient appropriate audit evidence about multiple elements of the financial statements (inventories and accounts receivable – material and pervasive) Basis for disclaimer of opinion We were not appointed as auditors of the company until after December 31, 20X1 and thus did not observe the counting of physical inventories at the beginning and end of the year. We were unable to satisfy ourselves by alternative means concerning the inventory quantities held at December 31, 20X0 and 20X1 which are stated in the statement of financial position at xxx and xxx, respectively. In addition, the introduction of a new computerised accounts receivable system in September 20X1 resulted in numerous errors in accounts receivable. As of the date of our audit report, management was still in the process of rectifying the system deficiencies and correcting the errors. We were unable to confirm or verify by alternative means accounts receivable included in the statement of financial position at a total amount of xxx as at December 31, 20X1. As a result of these matters, we were unable to determine whether any adjustments might have been found necessary in respect of recorded or unrecorded inventories and accounts receivable, and the elements making up the statement of comprehensive income, statement of changes in equity and statement of cash flows Disclaimer of Opinion Because of the significance of the matters described in the Basis for Disclaimer of Opinion paragraph, we have not been able to obtain sufficient appropriate audit evidence to provide a basis for an audit opinion. Accordingly, we do not express an opinion on the financial statements. Limitation imposed by management There are additional instructions about what the auditor should do if management limit the scope of the audit work. The auditor must request the removal of the limitation and if refused must communicate to those charged with governance, unless they are the ones who have imposed the limitation. If the limitation is both material and pervasive such that a qualified opinion would not be sufficient then the auditor shall resign if permitted by law. If it is not possible to resign before giving the audit opinion, then a disclaimer of opinion must be issued. ISA 706 Emphasis of matter paragraphs and other matter paragraphs in the independent auditor’s report 92 Fundamentals of an Audit of Financial Statements Emphasis of matter An emphasis of matter paragraph is a paragraph which may be included in the auditor‟s report. It refers to a matter appropriately presented or disclosed in the financial statements; but that in the auditor‟s judgement, is of such importance that it is fundamental to users‟ understanding of the financial statements. Where an emphasis of matter paragraph is used:  it comes immediately after the opinion paragraph  it is entitled „Emphasis of matter‟  the paragraph makes a clear reference to the matter being emphasised and where the relevant disclosures are in the financial statements  the paragraph must state that the auditor‟s opinion is not modified in respect of the matter emphasised Examples include:  An uncertainty relating to the future outcome of exceptional litigation or regulatory action  A major catastrophe that has had, or continues to have, a significant effect on the entity‟s financial position Example 6: an Emphasis of Matter paragraph Emphasis of Matter We draw attention to Note X to the financial statements which describes the uncertainty related to the outcome of the lawsuit filed against the company by XYZ Company. Our opinion is not qualified in respect of this matter. Other matter paragraph An other matter (OM) paragraph is a paragraph included in the auditor‟s report that refers to a matter other than those presented or disclosed in the financial statements (outside the scope of the financial statements) that, in the auditor's judgement, is relevant to users‟ understanding of the audit, the auditor‟s responsibilities or the auditor‟s report. For example, an OM paragraph may be included to alert the users to:  items relating to the conduct of the audit (eg being unable to withdraw as auditor)  disclosure or comment required by laws, regulations or local GAAP  the fact that more than one set of financial statements has been prepared using different frameworks  the fact the report is intended solely for the intended users, in order to restrict the distribution or use of the auditor‟s report. 93 Fundamentals of an Audit of Financial Statements Example: You are an audit partner. Your firm carries out the audit of ST Co. You have been asked to perform a second partner review of the audit file for the year ended 31 December 20X3 before the audit opinion is finalised. Reported profit before tax is €2.35 million and total assets are €9.5 million. You have read the following note from the audit file. Debt: R Co There is a debt outstanding from R Co, a limited liability company from January 20X3 in respect of a vehicle developed by ST to Rudolph‟s own specification. R Co has disputed the quality of the vehicle and also does not agree that it was made completely to the specification. The company has submitted the dispute with ST to arbitration, in accordance with their contractual agreement. R Co was a major customer up until the time of the dispute, often accounting for 50% of sales ledger total. It has not placed any orders with ST in 20X3 or 20X4, preferring a French supplier who is ST‟s only real competitor in the European market. The directors of ST are confident that at arbitration R Co will be required to pay the full bill, which is in the region of €1 million. They state that the quality of the machine is irrefutable and that any amendments to the specification were only safety improvements. The arbitral decision, which is not subject to appeal, is expected after the date of the AGM. Given their confidence, the directors of ST have refused to refer to the dispute in the financial statements. Given that the outcome of this arbitration is by no means certain, the potential overstatement of the debt is material and the permanent loss of R Co‟s custom could affect the going concern opinion, the following modification to the auditor's opinion is proposed. Basis for Adverse Opinion No allowance has currently been made for the impairment of an outstanding debt from R Co in respect of a dispute over a contract which has currently been submitted to arbitration, which, in our opinion is not in accordance with International Financial Reporting Standards. An allowance of €1 million should be made in respect of this debt. Accordingly, receivables, profit for the period and retained earnings should be reduced by €1 million. Also, due to its significance, this allowance should have been disclosed separately in accordance with IAS 1 Presentation of Financial Statements. Adverse Opinion In our opinion, because of the effects of the matters discussed in the Basis for Adverse Opinion paragraph, the financial statements do not give a true and fair view of the financial position of R Company as of December 31, 20X3, and of its financial performance and its cash flows for the year then ended in accordance with International Financial Reporting Standards.' Required Comment on the suitability of the proposed audit opinion and any other relevant matters. Your comments should include an indication of what form the auditor's report should take. 94 Fundamentals of an Audit of Financial Statements 9. Other responsibilities ISA 710 Comparative information – corresponding figures and comparative financial statements 6.1 ISA 710 states that comparatives can be of two types: Corresponding figures: where amounts and disclosures for the preceding period are included as part of current period financial statements. Comparative financial statements: where amounts and disclosures for the preceding period are included separately as an entire statement for comparison purposes. 6.2 The auditor‟s objectives under ISA 710 are: To obtain sufficient appropriate audit evidence about whether the comparative information included in the financial statements has been presented, in all material respects, in accordance with the requirements for comparative information in the applicable financial reporting framework and; To report in accordance with the auditor‟s reporting responsibilities In order to achieve the objectives, the auditor will want to ensure: Accounting policies used are consistent with those of the current period The amounts agree to those presented in the prior period. Auditor‟s report 6.3 The auditor‟s opinion is on the current period financial statements as a whole (including corresponding figures) so corresponding figures are not separately identified. 6.4 Where the prior period auditor's opinion was modified relating to the corresponding figures, and: Issue remains Modified opinion with regard to the corresponding unresolved figures Issue leading to Opinion on current period need not refer to the previous previous modification modification now resolved 6.5 For comparative financial statements, the auditor should separately identify each period reported on within the auditor‟s report. When reporting on prior period financial statements in connection with the current period‟s audit, if the opinion on that period has changed since the original opinion was issued, an other matter paragraph should be used to explain why. ISA 720 The auditor‟s responsibilities relating to other information in documents containing audited financial statements 95 Fundamentals of an Audit of Financial Statements 6.6 The auditor is required to give an opinion as to whether the financial statements are presented fairly in all material respects (or give a true and fair view). The annual report may also include other information such as: (a) the directors' or management's report including names of directors (b) financial summaries, ratios or highlights (c) employment data (d) selected quarterly data. Material inconsistencies 6.7 A material inconsistency exists when other information contradicts information in the audited financial statements (ie the information in question appears in both the other information and the financial statements). 6.8 AMENDMENT AUDITOR RESPONSE IF NECESSARY TO UNCORRECTED Audited financial statements Qualified or adverse opinion. The other information Include an „Other Matter’ paragraph describing the material inconsistency; or take other actions, eg seek legal advice or withdraw from the engagement. Material misstatements of fact in other information 6.9 A material misstatement of fact in other information exists when such information, not related to matters appearing in the audited financial statements, is incorrectly stated or presented. 6.10 When the auditor considers that there is an apparent misstatement of fact, he should request management to consult with a qualified third party, such as the entity‟s legal counsel and should consider the advice received. 6.11 If management refuses to correct the misstatement, the auditor should consider taking further action, such as notifying those charged with governance of the entity in writing or obtaining legal advice. 6.12 It stands to reason that any material misstatements of fact in the financial statements would be addressed as part of the audit and any uncorrected errors would lead to either a qualified or adverse opinion. 96