AUDIT AND OTHER ASSURANCE SERVICES Nature of AUDITING Auditing is the accumulation and evaluation of evidence about information to determine and report on the degree of correspondence between the information and established criteria by an independent and competent person. Information and Established Criteria To do an audit, there must be information in a verifiable form and some standards (criteria) by which the auditor can evaluate the information. The criteria for evaluating information also vary depending on the information being audited. In the audit of historical financial statements by CPA firms, the criteria may be U.S. generally accepted accounting principles (GAAP) issued by the FASB or International Financial Reporting Standards (IFRS) issued by the IASB. Accumulating and Evaluating Evidence Evidence is any information used by the auditor to determine whether the information being audited is stated in accordance with the established criteria. Evidence takes many different forms, including: • Electronic and documentary data about transactions • Written and electronic communication with outsiders • Observations by the auditor • Oral testimony of the auditee (client) Competent and Independent Person The auditor must be qualified to understand the criteria used and must be competent to know the types and amount of evidence to accumulate to reach the proper conclusion after examining the evidence. Auditors strive to maintain a high level of independence to keep the confidence of users relying on their reports. Auditors reporting on company financial statements are often called independent auditors.
Independent in appearance VS independent in fact
Independent in appearance: there is no any relationship between the auditor and his client independent in fact: independent in his mental attitude Reporting The final stage in the auditing process is preparing the audit report, which communicates the auditor’s findings to users. Reports differ in nature, but all must inform readers of the degree of correspondence between the information audited and established criteria. What is the distinction between auditing and accounting? One of the auditor’s responsibilities is to determine whether accounting rules have been applied correctly. Accounting is the recording, classifying, and summarizing of economic events in a logical manner for the purpose of providing financial information for decision making.
When Auditing accounting data, auditors focus on
determining whether recorded information properly reflects the economic events that occurred during the accounting period, and therefore must thoroughly understand the accounting standards according to which the information s recorded.
In addition to understanding accounting, the auditor must
possess expertise in the accumulation and interpretation of audit evidence. It is this expertise that distinguishes auditors from accountants. Determining the proper audit procedures, deciding the number and types of items to test, and evaluating the results are unique to the auditor. What is the primary economic reason for an audit? An audit An audit can help will cost our reduce company information hundreds of risk - the dollars!! risk that information What’s the upon point? which a business decision is made is inaccurate. The relationships among the auditor, client, and financial statement users Describe assurance services and distinguish audit services from other assurance and non assurance Services provided by CPAs Assurance Service Is an independent professional service that improves the quality of information for decision makers. Such services are valued because the assurance provider is independent and perceived as being unbiased with respect to the information examined. Individuals who are responsible for making business decisions seek assurance services to help improve the reliability and relevance of the information used as the basis for their decisions. Assurance services can be done by CPAs or by a variety of other professionals. A. Attestation Services
Attestation service is a type of assurance service
The CPA firm issues a report about the reliability of an assertion that is made by another party. (three parties is necessity ) Attestation services fall into four categories: 1. Audit of historical financial statements 2. Audit of internal control over financial reporting 3. Review of historical financial statements 4. Attestation services on information technology 5. Other attestation services 1.Audit of Historical Financial Statements • An audit of these statements is a form of attestation service in which the auditor issues a written report expressing an opinion about whether the financial statements are fairly stated in accordance with the applicable accounting standards. • Publicly traded companies are required to have audits. • Auditor reports can be found in all public companies’ annual financial reports. 2. Audit of Internal Control over Financial Reporting
Section 404 of the Sarbanes–Oxley Act requires public
companies to report management’s assessment of the effectiveness of internal control. The Act also requires auditors to attest to the effectiveness of internal control over financial reporting. This evaluation, which is integrated with the audit of the financial statements, increases user confidence about future financial reporting, because effective internal controls reduce the likelihood of future misstatements in the financial statements. 3. Review of Historical Financial Statements For a review of historical financial statements, the CPA provides a lower level of assurance for reviews of financial statements compared to a high level for audits, therefore less evidence is needed. It can be provided by the CPA firm at a much lower fee than an audit because less evidence is needed. Many nonpublic companies use this attestation option to provide limited assurance on their financial statements without incurring the cost of an audit. 4. Attestation Services on Information Technology As transactions and information are shared online and in real time, business people demand even greater assurances about information, transactions, and the security protecting them. • WebTrust: assures the user that the Web site owner has met established criteria related to business practices, transaction integrity, and information processes • SysTrust: attestation service to evaluate and test system reliability in areas such as security and data integrity. to provide assurance to management, the board of directors, or third parties about the reliability of information systems used to generate real-time information 5. Other attestation services • as users seek independent assurances about other types of information • For example, when a bank loans money to a company, the loan agreement may require the company to engage a CPA to provide assurance about the company’s compliance with the financial provisions of the loan • Other example, attest to the information in a client’s forecasted financial statements, which are often used to obtain financing B. Other Assurance Services Most of the other assurance services that CPAs provide do not meet the formal definition of attestation services, but the CPA must still be independent and must provide assurance about information used by decision makers. These assurance services differ from attestation services in that the CPA is not required to issue a written report, The assurance does not have to be about the reliability of another party’s assertion about compliance with specified criteria. Examples of Other Assurance Services • Controls over and risks related to investments: Assess the processes in a company’s investment practices to identify risks and to determine the effectiveness of those processes • ISO Certifications: Certify a company’s compliance with ISO 9000 quality control standards, which help ensure company products are of high quality • Corporate responsibility and sustainability: Report on whether the information in a company’s corporate responsibility report is consistent with company information and established reporting criteria • Compliance with trading policies and procedures: Examine transactions between trading partners to ensure that transactions comply with agreements; identify risks in the agreements Non assurance services • CPA firms perform numerous other services that generally fall outside the scope of assurance services. • While the primary purpose of an assurance service is to improve the quality of information, the primary purpose of a management consulting engagement is to generate a recommendation to management • Three specific examples are: • 1. Accounting and bookkeeping services • 2. Tax services • 3. Management consulting services For example, a CPA may be engaged to design and install a new information technology system for a client as a consulting engagement. The purpose of that engagement is to install the new system, with the goal of improved information being a by-product of that engagement Differentiate the main types of Audits Types of Audits Auditors or CPAs perform four primary types of audits, as: 1. Operational audit 2. Compliance audit 3. Financial statement audit 4. Forensic Audit 1. An operational audit Evaluates the efficiency and effectiveness of any part of an organization’s operating procedures and methods. At the completion of an operational audit, management normally expects recommendations for improving operations. Operational Audit Example Evaluate Computerized payroll system for efficiency and effectiveness Information Number of records processed, costs of the department, and number of errors Established Company standards for efficiency and Criteria effectiveness in payroll departments Available Error reports, payroll records, and payroll Evidence processing costs 2. A compliance audit Is conducted to determine whether the auditee is following specific procedures, rules, or regulations set by some higher authority. Results of compliance audits are typically reported to management, rather than outside users, because management is the primary group concerned with the extent of compliance with prescribed procedures and regulations. Compliance Audit Example Determine whether bank requirements for loan conditions have been met Information Company Records Established Loan Agreement Provisions Criteria Available Financial Statements and calculations by Evidence the auditor 3. A financial statement audit Is conducted to determine whether the financial statements (the information being verified) are stated in accordance with specified criteria, normally, the criteria are U.S. or international accounting standards.( applicable financial reporting framework ) Financial Statement Audit Example Annual Audit of Boeing ‘s Financial Statements Information Boeing’s Financial Statements Established Generally Accepted Financial Statements Criteria Available Documents, records, and outside Evidence sources of evidence 4. Forensic Audit Forensic Audit is the process of investigating cases of fraud or cooruption in the company’s financial statements, accounting books and records, and any other documents used in the company’s operations that may be used in white collar crime Forensic Audit Examples: ▪ Money laundering ▪ Embezzlement ▪ Bank Frauds and Tax Evasion