Accumulation and evaluation of evidence abt info- to deteremine & Report- on the degree of correspondence between the info

fo and the established criteria. To be performed by competent, independent person. To do audit- there must be info in verifiable form and some criteria by which the auditor can evaluate the info Audits of 1) fin stmt 2)operations 3) operating systems Criteria 1) US GAAP 2)IFRS 3) IRS 4) Integrated framework- COSO

Elements: 1) 2) 3) 4) Information and established criteria Accumulating and evaluating evidence Competent, independent person Audit report- communicate auditors findings to the users

Evidence:

1) 2) 3) 4)

Electronic documents/data Written communication Observations by auditor Oral testimony by auditee

Accounting= Recording, classifying and summarizing economic events in logical manner for providing financial info for decision making. Auditing= determining whether recorded info properly reflects the economic events that occurred during the accounting period. -auditors must thoroughly understand the criteria/standards- US GAAP, IFRS etc -determining type of audits, no of items to test, evidence to collect, audit procedure etc makes auditors unique from accounting.

Audited Fin statement is reliable and offers some sort of credibility to the info presented. Audited info of one party can help it get benefits interest rate for eg. From the bank for any loansas the bank will be able to see form the audit report that the partys credit is good and the risk of lending to this party will be less.

As Society becomes more complex- more diff to obtain clean info. Causes: 1) Remoteness of data- location far, no phy possible to verify, so info can be altered/faulty 2) Biases of provider provider of info may modify info or hide some info, or make it lean toward something that auditor requires 3) Voluminous data - too vast amounts of data. Minor flaws may not pop up unless the organization has a robust system n mechanism which will bring it out 4) Complex transaction - complex nature of transactions and the nature n type of organization all play a role in how various accounts are treated and reported. Also depends on accounting standards and criteria used.

For larger business, it is better to incur costs to reduce information risk. 3 ways to do it: 1) User verifies information- not practical to go and collected and verify individual company statements and documents.- time, effort and money. 2) User shares info risk with management - if users rely on inaccurate info, they can foot the bill on the management with lawsuits and charges. Management is held responsible for fin data reported. 3) Using external auditing agencies most common method- using services of CPAs/ they conduct independent audit. They are competent enough to give genuine reports. Users of the info can rest assured the info is complete, accurate and unbiased.

*Assurance- Assurance service is an independent service that improves the quality of the info available to the decision maker. Such services valued because assurance provider independent, unbiased, competent and has respect for information examined. Decision makers rely on such info to improve the reliability and relevance of the information as the basis of their decisions. *Assurance services done by CPAs or variety of other independent professionals * types of assurance services about historical financial statements, related to lotteries, forward looking and other type of info, about reliability and security of information systems. * As demand of real time information increases , dd for assurance services continues to grow.

One type of assurance service attestation service It is a service where the CPA gives a report about the reliability of the assertion made by other party. 5 categories of attestation services: 1) Attestation of historical financial statementsMgmt gives a statement saying that the fin statements have been prepared in accordance with US GAAP or IFRS. The Audit of these statemts is a form of attest. Service whereby the auditor gives a report on whether the applicable standards where used to prepare the stmts. * Most public co. audit reports are available on internet-SEC EDGAR database. 2) Attest. Of internal control over fin. Reporting- Sec 404 of Sarbanes oxley requires that the public companies report the managements assessment of the effectiveness of internal controls. Also requires the auditors to attest the effectiveness of internal control over fin statements. 3) Review of fin. Statements CPA provides lower level of assurance of reviews and high levels for audits, coz less evidence is requires for reviews. Not so costly- most non public cos will use this option to have limited assurance on their fin statmt. w/o high costs. 4) Attestation on information technology Mgmt will give various stmts about the reliability & security of the info technology. Now a days- complex transactions + direct online real time data updates and transactions using EDI=> means more need for assurance about the realibility and security.

* Webtrust- Created by AICPA and Canadian insti of chartered accountants. Its a seal. And is a website owner or business displays that seal, it means they have followed the established criteria relating to business process, Transaction integrity and info process. - Provides assurance to third party users of website * Systrust- created by AICPA and CICA...to evaluate and test system reliability with regard to data security and integrity. Provides assurance to mgmt., board of dir or third party users on the reliability of the information systems used to generate real time information. * 5 principles developed by AICPA and CICA for webtrust & Systrust services: a) Online Privacy b) Security c) Processing integrity d) Availability e) Confidentiality 5) Attest. on broad range of subject matter Organization must provide assertion before CPA can provide assurance services Assurance services- similar to attestation but here CPA does not have to give a report on the attestation of a third party=> no report! CPA can cover broad range of services

Bookkeeping Tax services Management consulting

*operational *compliance *Fin. Stmt audit Businesses are eveloving and becoming complex. Audit cannot focus just on accounting. Must consider an integrated approach where there is a focus on the business environment, strategic mgmt, operating envirnmoent, regulations, external partners etc. The auditor must know the co. that he is auditing very wellin and out. Operational: Audits on the efficiency and effectiveness of the operations of the organy ops. Involves not only accounting- but can cover as many areas as the auditor is qualified to audit. For eg..org structure, computer process, marketing, pricing etc. Generally mgmt. expects feedback/areas of improvement after the op. audit is done. No specific character of an operational auditrange / coverage is vast. Auditor may evaluate of various process.also depends on size and nature of firm etc. Criteria for evaluating in an op. audit extremely subjective. Compliance: To see whether the organization is complying with the various standards and processes those are applicable and set by some higher authority. The results of compliance audit are more for the management- as they are interested in knowing whether the co. is following the procedures, policies and regulations etc. Since the need is for the management- co. will be audited from different organizational unitssay if IRS wants to know if co. is following the policiesIRS will employ an auditor. Basically the one who issues the standardswould want to know if ppl are following them, and hence will send their ppl to go and do compliance audit.

Fin statement audit: Conducted to see if fin stmt are prepared in accordance with estb. Criteria US GAAP or Intl accounting stds. Auditors will collect evidence to see if the fin stmt contains any material errors or misstatements.

CPA Firms Most widely used. Called external or independent auditors Auditor and CPA firm used synonymously. Government accountability office auditors Purpose is to audit various fed gov progams- their op. efficiency and effectiveness GAOs highly regarded in audit profession Internal revenue agents IRS ..tax laws and regulation compliance. Very complexrequires knowledge in various tax areas. Rnges from simple to complex tax laws and implementation..n audit. Internal auditors Range from 1-2 in a dept. to many Report to Chief Officer or controller and they are independent of other business functions. But still cant be entirely independent as long as employer-employee relation exists.