CHAPTER ONE

THE DEMAND FOR

AUDIT AND OTHER
ASSURANCE SERVICES
 Nature of AUDITING
Auditing is the accumulation and
evaluation of evidence about information to
determine and report on the degree of
correspondence between the information
and established criteria by an independent
and competent person.
Information and Established Criteria
To do an audit, there must be information in a
verifiable form and some standards (criteria) by
which the auditor can evaluate the information.
The criteria for evaluating information also vary
depending on the information being audited.
In the audit of historical financial statements by CPA
firms, the criteria may be U.S. generally accepted
accounting principles (GAAP) issued by the FASB or
International Financial Reporting Standards (IFRS)
issued by the IASB.
Accumulating and Evaluating Evidence
Evidence is any information used by the auditor to
determine whether the information being audited
is stated in accordance with the established criteria.
Evidence takes many different forms, including:
• Electronic and documentary data about
transactions
• Written and electronic communication with
outsiders
• Observations by the auditor
• Oral testimony of the auditee (client)
Competent and Independent Person
The auditor must be qualified to understand the criteria used
and must be competent to know the types and amount of
evidence to accumulate to reach the proper conclusion after
examining the evidence.
Auditors strive to maintain a high level of independence to
keep the confidence of users relying on their reports. Auditors
reporting on company financial statements are often called
independent auditors.

Independent in appearance VS independent in fact

Independent in appearance: there is no any relationship
between the auditor and his client
independent in fact: independent in his mental attitude
Reporting
The final stage in the auditing process is
preparing the audit report, which communicates
the auditor’s findings to users.
Reports differ in nature, but all must inform
readers of the degree of correspondence
between the information audited and
established criteria.
What is the distinction between
auditing and accounting?
One of the auditor’s
responsibilities is to
determine whether
accounting rules have
been applied correctly.
Accounting is the recording, classifying, and summarizing
of economic events in a logical manner for the purpose of
providing financial information for decision making.

When Auditing accounting data, auditors focus on

determining whether recorded information properly reflects
the economic events that occurred during the accounting
period, and therefore must thoroughly understand the
accounting standards according to which the information s
recorded.

In addition to understanding accounting, the auditor must

possess expertise in the accumulation and interpretation of
audit evidence. It is this expertise that distinguishes auditors
from accountants. Determining the proper audit procedures,
deciding the number and types of items to test, and
evaluating the results are unique to the auditor.
What is the primary economic reason
for an audit?
An audit
An audit can help
will cost our reduce
company information
hundreds of risk - the
dollars!! risk that
information
What’s the upon
point? which
a business
decision is
made is
inaccurate.
The relationships among the auditor, client, and
financial statement users
 Describe assurance services and
distinguish audit services from other
assurance and non assurance Services
provided by CPAs
 Assurance Service
Is an independent professional service that improves
the quality of information for decision makers.
Such services are valued because the assurance provider
is independent and perceived as being unbiased with
respect to the information examined.
Individuals who are responsible for making business
decisions seek assurance services to help improve the
reliability and relevance of the information used as the
basis for their decisions.
Assurance services can be done by CPAs or by a variety
of other professionals.
 A. Attestation Services

Attestation service is a type of assurance service

The CPA firm issues a report about the reliability
of an assertion that is made by another party.
(three parties is necessity )
Attestation services fall into four categories:
1. Audit of historical financial statements
2. Audit of internal control over financial
reporting
3. Review of historical financial statements
4. Attestation services on information
technology
5. Other attestation services
1.Audit of Historical Financial Statements
• An audit of these statements is a form of
attestation service in which the auditor issues
a written report expressing an opinion about
whether the financial statements are fairly
stated in accordance with the applicable
accounting standards.
• Publicly traded companies are required to
have audits.
• Auditor reports can be found in all public
companies’ annual financial reports.
2. Audit of Internal Control over Financial Reporting

Section 404 of the Sarbanes–Oxley Act requires public

companies to report management’s assessment of the
effectiveness of internal control.
The Act also requires auditors to attest to the effectiveness of
internal control over financial reporting.
This evaluation, which is integrated with the audit of the
financial statements, increases user confidence about future
financial reporting, because effective internal controls reduce
the likelihood of future misstatements in the financial
statements.
 3. Review of Historical Financial Statements
For a review of historical financial statements, the CPA provides
a lower level of assurance for reviews of financial statements
compared to a high level for audits, therefore less evidence is
needed.
It can be provided by the CPA firm at a much lower fee than an
audit because less evidence is needed.
Many nonpublic companies use this attestation option to
provide limited assurance on their financial statements
without incurring the cost of an audit.
4. Attestation Services on Information Technology
As transactions and information are shared online
and in real time, business people demand even
greater assurances about information, transactions,
and the security protecting them.
• WebTrust: assures the user that the Web site owner has
met established criteria related to business practices,
transaction integrity, and information processes
• SysTrust: attestation service to evaluate and test system
reliability in areas such as security and data integrity. to
provide assurance to management, the board of directors, or
third parties about the reliability of information systems used
to generate real-time information
 5. Other attestation services
• as users seek independent assurances about other types of
information
• For example, when a bank loans money to a company, the
loan agreement may require the company to engage a CPA to
provide assurance about the company’s compliance with the
financial provisions of the loan
• Other example, attest to the information in a client’s
forecasted financial statements, which are often used to
obtain financing
 B. Other Assurance Services
Most of the other assurance services that CPAs
provide do not meet the formal definition of
attestation services, but the CPA must still be
independent and must provide assurance about
information used by decision makers.
These assurance services differ from attestation
services in that the CPA is not required to issue a
written report,
The assurance does not have to be about the
reliability of another party’s assertion about
compliance with specified criteria.
Examples of Other Assurance Services
• Controls over and risks related to investments: Assess the
processes in a company’s investment practices to identify risks and
to determine the effectiveness of those processes
• ISO Certifications: Certify a company’s compliance with ISO
9000 quality control standards, which help ensure company
products are of high quality
• Corporate responsibility and sustainability: Report on
whether the information in a company’s corporate responsibility
report is consistent with company information and established
reporting criteria
• Compliance with trading policies and procedures: Examine
transactions between trading partners to ensure that transactions
comply with agreements; identify risks in the agreements
 Non assurance services
• CPA firms perform numerous other services that generally fall
outside the scope of assurance services.
• While the primary purpose of an assurance service is to improve
the quality of information, the primary purpose of a management
consulting engagement is to generate a recommendation to
management
• Three specific examples are:
• 1. Accounting and bookkeeping services
• 2. Tax services
• 3. Management consulting services
For example, a CPA may be engaged to design and install a new
information technology system for a client as a consulting
engagement. The purpose of that engagement is to install the new
system, with the goal of improved information being a by-product of
that engagement
Differentiate the main types
of Audits
 Types of Audits
Auditors or CPAs perform four primary types of
audits, as:
1. Operational audit
2. Compliance audit
3. Financial statement audit
4. Forensic Audit
1. An operational audit
Evaluates the efficiency and effectiveness
of any part of an organization’s operating
procedures and methods.
At the completion of an operational audit,
management normally expects recommendations for
improving operations.
 Operational Audit
Example Evaluate Computerized payroll system
for efficiency and effectiveness
Information Number of records processed, costs of
the department, and number of errors
Established Company standards for efficiency and
Criteria effectiveness in payroll departments
Available Error reports, payroll records, and payroll
Evidence processing costs
2. A compliance audit
Is conducted to determine whether the auditee
is following specific procedures, rules, or
regulations set by some higher authority.
Results of compliance audits are typically
reported to management, rather than outside
users, because management is the primary
group concerned with the extent of compliance
with prescribed procedures and regulations.
 Compliance Audit
Example Determine whether bank requirements
for loan conditions have been met
Information Company Records
Established Loan Agreement Provisions
Criteria
Available Financial Statements and calculations by
Evidence the auditor
3. A financial statement audit
Is conducted to determine whether the
financial statements (the information
being verified) are stated in accordance
with specified criteria, normally, the
criteria are U.S. or international accounting
standards.( applicable financial reporting
framework )
 Financial Statement Audit
Example Annual Audit of Boeing ‘s Financial
Statements
Information Boeing’s Financial Statements
Established Generally Accepted Financial Statements
Criteria
Available Documents, records, and outside
Evidence sources of evidence
4. Forensic Audit
Forensic Audit is the process of investigating
cases of fraud or cooruption in the company’s
financial statements, accounting books and
records, and any other documents used in the
company’s operations that may be used in white
collar crime
 Forensic Audit
Examples:
▪ Money laundering
▪ Embezzlement
▪ Bank Frauds and Tax Evasion