You are on page 1of 79

Chapter 1 - The Demand for Audit and Other Assurance Services

1-1 The relationship among audit services, attestation services, and assurance services is
reflected in Figure 1-3 on page 13 of the text. An assurance service is an independent
professional service to improve the quality of information for decision makers. An attestation
service is a form of assurance service in hich the !"A firm issues a report a#out the relia#ility
of an assertion that is the responsi#ility of another party. Audit services are a form of attestation
service in hich the auditor expresses a ritten conclusion a#out the degree of correspondence
#eteen information and esta#lished criteria.
The most common form of audit service is an audit of historical financial statements, in
hich the auditor expresses a conclusion as to hether the financial statements are presented
in conformity ith generally accepted accounting principles. An example of an attestation
service is a report on the effectiveness of an entity$s internal control over financial reporting.
There are many possi#le forms of assurance services, including services related to #usiness
performance measurement, health care performance, and information system relia#ility.
1-2 An independent audit is a means of satisfying the need for relia#le information on the
part of decision makers. Factors of a complex society hich contri#ute to this need are%
1. &emoteness of information
a. 'ners (stockholders) divorced from management
#. *irectors not involved in day-to-day operations or decisions
c. *ispersion of the #usiness among numerous geographic locations and
complex corporate structures
+. ,iases and motives of provider
a. -nformation ill #e #iased in favor of the provider hen his or her goals
are inconsistent ith the decision maker.s goals.
3. /oluminous data
a. "ossi#ly millions of transactions processed daily via sophisticated
computeri0ed systems
#. 1ultiple product lines
c. 1ultiple transaction locations
2. !omplex exchange transactions
a. 3e and changing #usiness relationships lead to innovative accounting
and reporting pro#lems
#. "otential impact of transactions not quantifia#le, leading to increased
disclosures
1-3 1. Risk-free interest rate This is approximately the rate the #ank could earn #y
investing in 4.5. treasury notes for the same length of time as the #usiness loan.
+. Business risk for the customer This risk reflects the possi#ility that the #usiness ill
not #e a#le to repay its loan #ecause of economic or #usiness conditions such as
a recession, poor management decisions, or unexpected competition in the
industry.
3. Information risk This risk reflects the possi#ility that the information upon hich the
#usiness risk decision as made as inaccurate. A likely cause of the
information risk is the possi#ility of inaccurate financial statements.
Auditing has no effect on either the risk-free interest rate or #usiness risk. 6oever,
auditing can significantly reduce information risk.
1
1-4 The four primary causes of information risk are remoteness of information, #iases and
motives of the provider, voluminous data, and the existence of complex exchange transactions.
The three main ays to reduce information risk are%
1. 4ser verifies the information.
+. 4ser shares the information risk ith management.
3. Audited financial statements are provided.
The advantages and disadvantages of each are as follos%
ADVANTAGS D!SADVANTAGS
"S# V#!$!S
!N$O#%AT!ON
1. 4ser o#tains information
desired.
+. 4ser can #e more confident
of the qualifications and
activities of the person getting
the information.
1. 6igh cost of o#taining
information.
+. -nconvenience to the
person providing the
information #ecause
large num#er of users
ould #e on premises.
"S# S&A#S
!N$O#%AT!ON
#!S' (!T&
%ANAG%NT
1. 3o audit costs incurred. 1. 4ser may not #e a#le to
collect on losses.
A"D!TD
$!NANC!A)
STAT%NTS
A# *#OV!DD
1. 1ultiple users o#tain the
information.
+. -nformation risk can usually
#e reduced sufficiently to
satisfy users at reasona#le
cost.
3. 1inimal inconvenience to
management #y having only
one auditor.
1. 1ay not meet needs of
certain users.
+. !ost may #e higher
than the #enefits in
some situations, such
as for a small company.
1-+ To do an audit, there must #e information in a verifiable form and some standards
(criteria) #y hich the auditor can evaluate the information. 7xamples of esta#lished criteria
include generally accepted accounting principles and the -nternal &evenue !ode. *etermining
the degree of correspondence #eteen information and esta#lished criteria is determining
hether a given set of information is in accordance ith the esta#lished criteria. The information
for 8ones !ompany.s tax return is the federal tax returns filed #y the company. The esta#lished
criteria are found in the -nternal &evenue !ode and all interpretations. For the audit of 8ones
!ompany.s financial statements the information is the financial statements #eing audited and
the esta#lished criteria are generally accepted accounting principles.
2
1-, The primary evidence the internal revenue agent ill use in the audit of the 8ones
!ompany.s tax return include all availa#le documentation and other information availa#le in
8ones. office or from other sources. For example, hen the internal revenue agent audits
taxa#le income, a ma9or source of information ill #e #ank statements, the cash receipts 9ournal
and deposit slips. The internal revenue agent is likely to emphasi0e unrecorded receipts and
revenues. For expenses, ma9or sources of evidence are likely to #e cancelled checks, vendors.
invoices and other supporting documentation.
1-- This apparent paradox arises from the distinction #eteen the function of auditing and
the function of accounting. The accounting function is the recording, classifying and
summari0ing of economic events to provide relevant information to decision makers. The rules
of accounting are the criteria used #y the auditor for evaluating the presentation of economic
events for financial statements and he or she must therefore have an understanding of generally
accepted accounting principles (:AA"), as ell as auditing standards. The accountant need
not, and frequently does not, understand hat auditors do, unless he or she is involved in doing
audits, or has #een trained as an auditor.
1-.
O*#AT!ONA)
A"D!TS
CO%*)!ANC
A"D!TS
A"D!TS O$
$!NANC!A)
STAT%NTS
*"#*OS To evaluate
hether operating
procedures are
efficient and
effective
To determine hether
the client is folloing
specific procedures set
#y higher authority
To determine
hether the overall
financial
statements are
presented in
accordance ith
specified criteria
(usually :AA")
"S#S O$
A"D!T
#*O#T
1anagement of
organi0ation
Authority setting don
procedures, internal or
external
*ifferent groups for
different purposes
; many outside
entities
NAT"# 6ighly
nonstandard< often
su#9ective
3ot standardi0ed, #ut
specific and usually
o#9ective
6ighly
standardi0ed
PERFORMED
BY:
C*As Frequently 'ccasionally Almost universally
GAO
A"D!TO#S Frequently Frequently 'ccasionally
!#S
A"D!TO#S 3ever 4niversally 3ever
!NT#NA)
A"D!TO#S Frequently Frequently Frequently
3
1-/ Five examples of specific operational audits that could #e conducted #y an internal
auditor in a manufacturing company are%
1. 7xamine employee time cards and personnel records to determine if sufficient
information is availa#le to maximi0e the effective use of personnel.
+. &evie the processing of sales invoices to determine if it could #e done more
efficiently.
3. &evie the acquisitions of goods, including costs, to determine if they are #eing
purchased at the loest possi#le cost considering the quality needed.
2. &evie and evaluate the efficiency of the manufacturing process.
=. &evie the processing of cash receipts to determine if they are deposited as quickly
as possi#le.
1-10 >hen using a strategic systems auditing approach in an audit of historical financial
statements, an auditor must have a thorough understanding of the client and its environment.
This knoledge should include the client$s regulatory and operating environment, #usiness
strategies and processes, and measurement indicators. The strategic systems approach is also
useful in other assurance or consulting engagements. For example, an auditor ho is
performing an assurance service on information technology ould need to understand the
client$s #usiness strategies and processes related to information technology, including such
things as purchases and sales via the -nternet. 5imilarly, a practitioner performing a consulting
engagement to evaluate the efficiency and effectiveness of a client$s manufacturing process
ould likely start ith an analysis of various measurement indicators, including ratio analysis
and #enchmarking against key competitors.
1-11 The ma9or differences in the scope of audit responsi#ilities are%
1. !"As perform audits in accordance ith auditing standards of pu#lished financial
statements prepared in accordance ith generally accepted accounting
principles.
+. :A' auditors perform compliance or operational audits in order to assure the
!ongress of the expenditure of pu#lic funds in accordance ith its directives and
the la.
3. -&5 agents perform compliance audits to enforce the federal tax las as defined #y
!ongress, interpreted #y the courts, and regulated #y the -&5.
2. -nternal auditors perform compliance or operational audits in order to assure
management or the #oard of directors that controls and policies are properly and
consistently developed, applied and evaluated.
1-12 The four parts of the 4niform !"A 7xamination are% Auditing and Attestation, Financial
Accounting and &eporting, &egulation, and ,usiness 7nvironment and !oncepts.
1-13 -t is important for !"As to #e knoledgea#le a#out e-commerce technologies #ecause
more of their clients are rapidly expanding their use of e-commerce. 7xamples of commonly
used e-commerce technologies include purchases and sales of goods through the -nternet,
automatic inventory reordering via direct connection to inventory suppliers, and online #anking.
!"As ho perform audits or provide other assurance services a#out information generated ith
these technologies need a #asic knoledge and understanding of information technology and e-
commerce in order to identify and respond to risks in the financial and other information
generated #y these technologies.
4
Chapter 2 - The C*A *rofession
2-1 The four ma9or services that !"As provide are%
1. Assurance services Assurance services are independent professional services that
improve the quality of information for decision makers. Assurance services
include attestation services, hich are any services in hich the !"A firm issues
a report that expresses a conclusion a#out the relia#ility of an assertion that is
the responsi#ility of another party. The four categories of attestation services are
audits of historical financial statements, attestation on the effectiveness of
internal control over financial reporting, revies of historical financial statements,
and other attestation services.
+. Accountin an! bookkee"in services Accounting services involve preparing the
client.s financial statements from the client.s records. ,ookkeeping services
include the preparation of the client.s 9ournals and ledgers as ell as financial
statements.
3. #a$ services Tax services include preparation of corporate, individual, and estate
returns as ell as tax planning assistance.
2. Manaement consultin services These services range from suggestions to improve
the client.s accounting system to computer installations.
2-2 The ma9or characteristics of !"A firms that permit them to fulfill their social function
competently and independently are%
1. Orani%ational form A !"A firm exists as a separate entity to avoid an employer-
employee relationship ith its clients. The !"A firm employs a professional staff
of sufficient si0e to prevent one client from constituting a significant portion of
total income and there#y endangering the firm.s independence.
+. &on!uct A !"A firm employs a professional staff of sufficient si0e to provide a #road
range of expertise, continuing education, and promotion of a professional
independent attitude and competence.
3. Peer revie' This practice evaluates the performance of !"A firms in an attempt to
keep competence high.
2-3 The "u#lic !ompany Accounting 'versight ,oard provides oversight for auditors of
pu#lic companies, including esta#lishing auditing and quality control standards for pu#lic
company audits, and performing inspections of the quality controls at audit firms performing
those audits.
2-4 The purpose of the 5ecurities and 7xchange !ommission is to assist in providing
investors ith relia#le information upon hich to make investment decisions. 5ince most
reasona#ly large !"A firms have clients that must file reports ith the 57! each year (all
companies filing registration statements under the securities acts of l?33 and l?32 must file
audited financial statements and other reports ith the 57! at least once each year), the
profession is highly involved ith the 57! requirements.
The 57! has considera#le influence in setting generally accepted accounting principles
and disclosure requirements for financial statements #ecause of its authority for specifying
reporting requirements considered necessary for fair disclosure to investors. -n addition, the
57! has poer to esta#lish rules for any !"A associated ith audited financial statements
su#mitted to the !ommission.
+
2-+ The A-!"A is the organi0ation that sets professional requirements for !"As. The A-!"A
also conducts research and pu#lishes materials on many different su#9ects related to
accounting, auditing, management advisory services, and taxes. The organi0ation also prepares
and grades the !"A examinations, provides continuing education to its mem#ers, and develops
specialty designations to help market and assure the quality of services in speciali0ed practice
areas.
2-, 5tatement on 5tandards for Attestation 7ngagements as first issued in 1?@A and its
purposes ere to provide a frameork for attest engagements and to develop standards for
those engagements. -n +BB1, the Auditing 5tandards ,oard issued 55A7 1B in response to the
need for more detailed standards for specific types of attestation services. 55A7 1B supercedes
the previously issued standards and its main purpose is to improve the usefulness of the
attestation standards and provide greater flexi#ility to practitioners in providing assurance
services.
2-- The "!A', no has responsi#ility for esta#lishing auditing standards for pu#lic
companies, hile the Auditing 5tandards ,oard (A5,) of the A-!"A esta#lishes auditing
standards for private companies. The A5, previously had responsi#ility for esta#lishing auditing
standards for #oth pu#lic and private companies. 7xisting auditing standards ere adopted #y
the "!A', as interim auditing standards for pu#lic company audits.
2-. (enerall) acce"te! au!itin stan!ar!s are ten general guidelines to aid auditors in
fulfilling their professional responsi#ilities. These guidelines include three general standards
concerned ith competence, independence, and due professional care< three standards of field
ork including planning and supervision, study and evaluation of internal control, and the
gathering of competent evidential matter< and four standards of reporting hich require a
statement as to presentation in accordance ith generally accepted accounting principles,
inconsistency o#served in the current period in relation to the preceding period, adequate
disclosure, and the expression of an opinion as to the fairness of the presentation of the
financial statements.
(enerall) acce"te! accountin "rinci"les are specific rules for accounting for
transactions occurring in a #usiness enterprise. 7xamples may #e any of the opinions of the
FA5,.
2-/ Auditors can o#tain adequate technical training and proficiency through formal education
in auditing and accounting, adequate practical experience, and continuing professional
education. Auditors can demonstrate their proficiency #y #ecoming licensed to practice as
!"As, hich requires successful completion of the 4niform !"A 7xamination. The specific
requirements for licensure vary from state to state.
2-10 For the most part, generally accepted auditing standards are general rather than
specific. 1any practitioners along ith critics of the profession #elieve the standards should
provide more clearly defined guidelines as an aid in determining the extent of evidence to #e
accumulated. This ould eliminate some of the difficult audit decisions and provide a source of
defense if the !"A is charged ith conducting an inadequate audit. 'n the other hand, highly
specific requirements could turn auditing into mechanical evidence gathering, void of
professional 9udgment. From the point of vie of #oth the profession and the users of auditing
services, there is pro#a#ly a greater harm from defining authoritative guidelines too specifically
than too #roadly.
,
2-11 -nternational 5tandards on Auditing (-5As) are issued #y the -nternational Auditing
"ractices !ommittee (-A"!) of the -nternational Federation of Accountants (-FA!). -5As are
designed to improve the uniformity of auditing practices and related services throughout the
orld #y issuing pronouncements on a variety of audit and attest functions and promoting their
acceptance orldide. A !"A ho conducts an audit in accordance ith :AA5 may not comply
ith -5As #ecause there may #e additional -5A requirements that extend #eyond :AA5
requirements.
2-12 Cuality controls are the procedures used #y a !"A firm that help it meet its professional
responsi#ilities to clients. Cuality controls are therefore esta#lished for the entire !"A firm as
opposed to individual engagements.
2-13 The element of quality control is personnel management. The purpose of the
requirement is to help assure !"A firms that all ne personnel should #e qualified to perform
their ork competently. A !"A firm must have competent employees conducting the audits if
quality audits are to occur.
2-14 A peer revie is a revie, #y !"As, of a !"A firm.s compliance ith its quality control
system. A mandatory peer revie means that such a revie is required periodically. A-!"A
mem#er firms are required to have a peer revie every three years. &egistered firms ith the
"!A', are su#9ect to quality inspections. These are different than peer revies #ecause they
are performed #y independent inspection teams rather than another !"A firm.
"eer revies can #e #eneficial to the profession and to individual firms. ,y helping firms
meet quality control standards, the profession gains if revies result in practitioners doing
higher quality audits. A firm having a peer revie can also gain if it improves the firm.s practices
and there#y enhances its reputation and effectiveness, and reduces the likelihood of lasuits.
'f course peer revies are costly. There is alays a trade off #eteen cost and #enefits. A !"A
firm also gives up some independence of activities hen it is revieed #y another !"A firm.
2-1+ The to divisions of practice that a !"A firm may #elong to are the 57! "ractice
5ection (renamed the !enter for "u#lic !ompany Audit Firms) and the "rivate !ompanies
"ractice 5ection. A firm may #elong to one section, #oth sections, or neither. 1any of the self-
regulatory activities of the 57!"5 have #een taken over #y the "!A',.
"roponents of this division #elieve that this ill improve the quality of practice #y !"A
firms and that it ill improve self-regulation. !ritics state that it esta#lishes to classes of !"As
and implies a loer performance quality for firms that are not mem#ers of the 57! "ractice
5ection.
-
Chapter 3 - Audit #eports
3-1 Auditor.s reports are important to users of financial statements #ecause they inform
users of the auditor.s opinion as to hether or not the statements are fairly stated or hether no
conclusion can #e made ith regard to the fairness of their presentation. 4sers especially look
for any deviation from the ording of the standard unqualified report and the reasons and
implications of such deviations. 6aving standard ording improves communications for the
#enefit of users of the auditor$s report. >hen there are departures from the standard ording,
users are more likely to recogni0e and consider situations requiring a modification or
qualification to the auditor$s report or opinion.
3-2 The unqualified audit report consists of%
1. Re"ort title Auditing standards require that the report #e titled and that the title
includes the ord in!e"en!ent.
+. Au!it re"ort a!!ress The report is usually addressed to the company, its
stockholders, or the #oard of directors.
3. Intro!uctor) "arara"h The first paragraph of the report does three things% first,
it makes the simple statement that the !"A firm has done an au!it. 5econd, it
lists the financial statements that ere audited, including the #alance sheet dates
and the accounting periods for the income statement and statement of cash
flos. Third, it states that the statements are the responsi#ility of management
and that the auditor.s responsi#ility is to express an opinion on the statements
#ased on an audit.
2. *co"e "arara"h. The scope paragraph is a factual statement a#out hat the
auditor did in the audit. The remainder #riefly descri#es important aspects of an
audit.
=. O"inion "arara"h. The final paragraph in the standard report states the
auditor.s conclusions #ased on the results of the audit.
A. +ame of &PA firm. The name identifies the !"A firm or practitioner ho
performed the audit.
D. Au!it re"ort !ate. The appropriate date for the report is the one on hich the
auditor has completed the most important auditing procedures in the field.
The same seven parts are found in a qualified report as in an unqualified report. There
are also often one or more additional paragraphs explaining reasons for the qualifications.
3-3 The purposes of the scope paragraph in the auditor.s report are to inform the financial
statement users that the audit as conducted in accordance ith generally accepted auditing
standards, in general terms hat those standards mean, and hether the audit provides a
reasona#le #asis for an opinion.
The information in the scope paragraph includes%
1. The auditor folloed generally accepted auditing standards. The audit is designed to
o#tain reasonable assurance a#out hether the
+. statements are free of material misstatement.
3. *iscussion of the audit evidence accumulated.
2. 5tatement that the auditor #elieves the evidence accumulated as appropriate for
the circumstances to express the opinion presented.
.
3-4 The purpose of the opinion paragraph is to state the auditor.s conclusions #ased upon
the results of the audit evidence. The most important information in the opinion paragraph
includes%
1. The ords Ein our opinionE hich indicate that the conclusions are #ased on
professional 9udgment.
+. A restatement of the financial statements that have #een audited and the dates
thereof or a reference to the introductory paragraph.
3. A statement a#out hether the financial statements ere presented fairly and in
accordance ith generally accepted accounting principles.
3-+ The auditor.s report should #e dated Fe#ruary 1D, +BBA, the date on hich the auditor
completed the most important auditing procedures in the field.
3-, An unqualified report may #e issued under the folloing five circumstances%
1. All statements;#alance sheet, income statement, statement of retained earnings,
and statement of cash flos;are included in the financial statements.
+. The three general standards have #een folloed in all respects on the engagement.
3. 5ufficient evidence has #een accumulated and the auditor has conducted the
engagement in a manner that ena#les him or her to conclude that the three
standards of field ork have #een met.
2. The financial statements are presented in accordance ith generally accepted
accounting principles. This also means that adequate disclosures have #een
included in the footnotes and other parts of the financial statements.
=. There are no circumstances requiring the addition of an explanatory paragraph or
modification of the ording of the report.
3-- The introductory, scope and opinion paragraphs are modified to include reference to
management$s report on internal control over financial reporting, and the scope of the auditor$s
ork and opinion on internal control over financial reporting. The introductory and opinion
paragraphs also refer to the frameork used to evaluate internal control. To additional
paragraphs are added #eteen the scope and opinion paragraphs that define internal control
and descri#e the inherent limitations of internal control.
3-. >hen adherence to generally accepted accounting principles ould result in misleading
financial statements there should #e a complete explanation in a separate paragraph. The
separate paragraph should fully explain the departure and the reason hy generally accepted
accounting principles ould have resulted in misleading statements. The opinion should #e
unqualified, #ut it should refer to the separate paragraph during the portion of the opinion in
hich generally accepted accounting principles are mentioned.
/
3-/ An unqualified report ith an explanatory paragraph or modified ording is the same as
a standard unqualified report e$ce"t that the auditor #elieves it is necessary to provide
additional information a#out the audit or the financial statements. For a qualified report, either
there is a scope limitation (condition 1) or a failure to follo generally accepted accounting
principles (condition +). 4nder either condition, the auditor concludes that the overall financial
statements are fairly presented.
To examples of an unqualified report ith an explanatory paragraph or modified
ording are%
1. The entity changed from one generally accepted accounting principle to another
generally accepted accounting principle.
+. A shared report involving the use of other auditors.
3-10 >hen another !"A has performed part of the audit, the primary auditor issues one of the
folloing types of reports #ased on the circumstances.
1. 3o reference is made to the other auditor. This ill occur if the other auditor
audited an immaterial portion of the statement, the other auditor is knon or
closely supervised, or if the principal auditor has thoroughly revieed the other
auditor.s ork.
+. -ssue a shared opinion in hich reference is made to the other auditor. This type
of report is issued hen it is impractical to revie the ork of the other auditor or
hen a portion of the financial statements audited #y the other !"A is material in
relation to the total.
3. The report may #e qualified if the principal auditor is not illing to assume any
responsi#ility for the ork of the other auditor. A disclaimer may #e issued if the
segment audited #y the other !"A is highly material.
3-11 7ven though the prior year statements have #een restated to enhance compara#ility, a
separate explanatory paragraph is required to explain the change in generally accepted
accounting principles in the first year in hich the change took place.
3-12 !hanges that affect the consistency of the financial statements may involve any of the
folloing%
a. !hange in accounting principle
#. !hange in reporting entity
c. !orrections of errors involving accounting principles.
An example of a change that affects consistency ould #e a change in the method of
computing depreciation from straight line to an accelerated method. A separate explanatory
paragraph is required if the amounts are material.
!ompara#ility refers to items such as changes in estimates, presentation, and events
rather than changes in accounting principles. For example, a change in the estimated life of a
deprecia#le asset ill affect the compara#ility of the statements. -n that case, no explanatory
paragraph for lack of consistency is needed, #ut the information may require disclosure in the
statements.
10
3-13 The three conditions requiring a departure from an unqualified opinion are%
1. #he sco"e of the au!it has been restricte!. 'ne example is hen the client ill
not permit the auditor to confirm material receiva#les. Another example is hen
the engagement is not agreed upon until after the client.s year-end hen it may
#e impossi#le to physically o#serve inventories.
+. #he financial statements have not been "re"are! in accor!ance 'ith enerall)
acce"te! accountin "rinci"les. An example is hen the client insists upon using
replacement costs for fixed assets.
3. #he au!itor is not in!e"en!ent. An example is hen the auditor ons stock in
the client.s #usiness.
3-14 A ,ualifie! o"inion states that there has #een either a limitation on the scope of the audit
or a departure from :AA" in the financial statements, #ut that the auditor #elieves that the
overall financial statements are fairly presented. This type of opinion may not #e used if the
auditor #elieves the exceptions #eing reported upon are extremely material, in hich case a
disclaimer or adverse opinion ould #e used.
An a!verse o"inion states that the auditor #elieves the overall financial statements are
so materially misstated or misleading that they do not present fairly in accordance ith :AA"
the financial position, results of operations, or cash flos.
A !isclaimer of o"inion states that the auditor has #een una#le to satisfy him or herself
as to hether or not the overall financial statements are fairly presented #ecause of a significant
limitation of the scope of the audit, or a nonindependent relationship under the &o!e of
Professional &on!uct #eteen the auditor and the client.
7xamples of situations that are appropriate for each type of opinion are as follos%
O*!N!ON T1* 2A%*) S!T"AT!ON
*isclaimer 1aterial physical inventories not o#served
and the inventory cannot #e verified
through other procedures.
Fack of independence #y the auditor.
Adverse A highly material departure from :AA".
Cualified -na#ility to confirm the existence of an
asset hich is material #ut not extremely
material in value.
3-1+ The common definition of materiality as it applies to accounting and, therefore, to audit
reporting is%
A misstatement in the financial statements can #e considered material if
knoledge of the misstatement ould affect a decision of a reasona#le user of
the statements.
!onditions that affect the auditor.s determination of materiality include%
"otential users of the financial statements
11
3-1+3 continued
*ollar amounts of the folloing items% net income #efore taxes, total assets,
current assets, current lia#ilities, and oners. equity
3ature of the potential misstatements;certain misstatements, such as fraud, are
likely to #e more important to users of the financial statements than other
misstatements.
3-1, 1ateriality for lack of independence in audit reporting is easiest to define. -f the auditor
lacks independence as defined #y the &o!e of Professional &on!uct, it is alays considered
highly material and therefore a disclaimer of opinion is alays necessary. That is, either the !"A
is independent or not independent. For failure to follo :AA", there are three levels of
materiality% immaterial, material, and highly material.
3-1- The auditor.s opinion may #e qualified #y scope limitations caused #y client restrictions
or #y limitations resulting from conditions #eyond the client.s control. The former occurs hen
the client ill not, for example, permit the auditor to confirm material receiva#les or physically
o#serve inventories. The latter may occur hen the engagement is not agreed upon until after
the client.s year-end hen it may not #e possi#le to physically o#serve inventories or confirm
receiva#les.
A disclaimer of opinion is issued if the scope limitation is so material that the auditor
cannot determine if the overall financial statements are fairly presented. -f the scope limitation is
caused #y the client.s restriction the auditor should #e aare that the reason for the restriction
might #e to deceive the auditor. For this reason, a disclaimer is more likely for client restrictions
than for conditions #eyond anyone.s control.
>hen there is a scope restriction that results in the failure to verify material, #ut not
pervasive accounts, a qualified opinion may #e issued. This is more likely hen the scope
limitation is for conditions #eyond the client.s control than for restrictions #y the client.
3-1. A report ith a scope and an opinion qualification is issued hen the auditor can neither
perform procedures that he or she considers necessary nor satisfy him or herself #y using
alternative procedures, due to the existence of conditions #eyond the client.s or the auditor.s
control, #ut the amount involved in the financial statements is not highly material. An important
part of a scope and opinion qualification is that it results from not accumulating sufficient audit
evidence, either #ecause of the client.s request or #ecause of circumstances #eyond anyone.s
control.
A report qualified as to opinion only results hen the auditor has accumulated sufficient
competent evidence #ut has concluded that the financial statements are not correctly stated.
The only circumstance in hich an opinion only qualification is appropriate is for material, #ut
not highly material, departures from :AA".
3-1/ The three alternative opinions that may #e appropriate hen the client.s financial
statements are not in accordance ith :AA" are an unqualified opinion, qualified as to opinion
only and adverse opinion. *etermining hich is appropriate depends entirely upon materiality.
An unqualified opinion is appropriate if the :AA" departure is immaterial (standard unqualified)
or if the auditor agrees ith the client.s departure from :AA" (unqualified ith explanatory
paragraph). A qualified opinion is appropriate hen the deviation from :AA" is material #ut not
highly material< the adverse opinion is appropriate hen the deviation is highly material.
12
3-20 The A-!"A has such strict requirements on audit opinions hen the auditor is not
independent #ecause it is important that stockholders and other third parties #e a#solutely
assured that the auditor is un#iased throughout the entire engagement. -f users develop the
attitude that auditors are not independent of management, the value of the audit function ill #e
greatly reduced, if not eliminated.
3-21 >hen the auditor discovers more than one condition that requires a departure from or a
modification of a standard unqualified report, the report should #e modified for each condition.
An exception is hen one condition neutrali0es the other condition. An example ould #e hen
the auditor is not independent and there is also a scope limitation. -n this situation the lack of
independence overshados the scope limitation. Accordingly, the scope limitation should not #e
mentioned.
3-22 4nder current auditing standards, auditors are not required to read information contained
in electronic sites, such as the company$s >e# site, that also contain the company$s audited
financial statements and the auditor$s report. Auditing standards do not consider electronic sites
to #e Gdocuments.H This is different from the auditor$s responsi#ility for pu#lished (hard copy)
documents that contain information in addition to audited financial statements and the auditor$s
report. -n this latter example, the auditor is responsi#le for reading other information that is
pu#lished ith audited financial statements and the auditor$s report to determine hether it is
materially inconsistent ith information in the audited financial statements.
Chapter 4 - *rofessiona4 thics
4-1 The six core ethical values descri#ed #y the 8osephson -nstitute are%
1. Trustorthiness 2. Fairness
+. &espect =. !aring
3. &esponsi#ility A. !iti0enship
There are many other potential sources of ethical values, including las and regulations,
church doctrines, codes of professional ethics, and individual organi0ations$ codes of conduct.
4-2 An ethical dilemma is a situation that a person faces in hich a decision must #e made
a#out the appropriate #ehavior. There are many possi#le ethical dilemmas that one can face,
such as finding a allet containing money, or dealing ith a supervisor ho asks you to ork
hours ithout recording them.
An ethical dilemma can #e resolved using the six-step approach outlined on p. DA of the
text. The six steps are%
1. '#tain the relevant facts.
+. -dentify the ethical issues from the facts.
3. *etermine ho is affected #y the outcome of the dilemma and ho each person or
group is affected.
2. -dentify the alternatives availa#le to the person ho must resolve the dilemma.
=. -dentify the likely consequence of each alternative.
A. *ecide the appropriate action.
13
4-3 There is a special need for ethical #ehavior #y professionals to maintain pu#lic
confidence in the profession, and in the services provided #y mem#ers of that profession. The
ethical requirements for !"As are similar to the ethical requirements of other professions. All
professionals are expected to #e competent, perform services ith due professional care, and
recogni0e their responsi#ility to clients. The ma9or difference #eteen other professional groups
and !"As is independence. ,ecause !"As have a responsi#ility to financial statement users, it
is essential that auditors #e independent in fact and appearance. 1ost other professionals, such
as attorneys, are expected to #e an advocate for their clients.
4-4
*A#T *"#*OS
1. "rinciples of "rofessional
!onduct
1. "rovide ideal standards of ethical conduct and
help practitioners understand the ideal
conduct of a !"A.
+. &ules of conduct +. "rovide minimum standards of ethical conduct
stated as specific rules.
3. -nterpretation of the rules
of conduct
3. "rovide formal interpretations of the rules of
conduct to anser questions that frequently
arise a#out the rules of conduct.
2. 7thical rulings 2. "rovide more detailed guidance to
practitioners a#out interpretation of the rules
of conduct for less commonly raised
questions.
4-+ In!e"en!ence in fact exists hen the auditor is actually a#le to maintain an un#iased
attitude throughout the audit, hereas in!e"en!ence in a""earance is dependent on others.
interpretation of this independence and hence their faith in the auditor.
Activities hich may not affect independence in fact, #ut hich are likely to affect
independence in appearance are% (3otice that the first to are violations of the &o!e of
Professional &on!uct.)
1. 'nership of a financial interest in the audited client.
+. *irectorship or officer of an audit client.
3. "erformance of management advisory or #ookkeeping or accounting services and
audits for the same company.
2. *ependence upon a client for a large percentage of audit fees.
=. 7ngagement of the !"A and payment of audit fees #y management.
4-, -ndependence in auditing means taking an un#iased viepoint. 4sers of financial
statements ould #e unlikely to rely on the statements if they #elieved auditors ere #iased in
issuing audit opinions.
14
4-- Auditors of pu#lic companies are prohi#ited from performing the folloing nonaudit
services%
1. ,ookkeeping and other accounting services
+. Financial information systems design and implementation
3. Appraisal or valuation services
2. Actuarial services
=. -nternal audit outsourcing
A. 1anagement or human resource functions
D. ,roker or dealer or investment adviser, or investment #anker services
@. Fegal and expert services unrelated to the audit
?. Any other service that the "!A', determines #y regulation is impermissi#le
3onaudit services that are not prohi#ited #y the 5ar#anesI'xley Act and the 57! rules
must #e pre-approved #y the company$s audit committee. -n addition, an accountant is not
independent of an audit client if an audit partner received compensation #ased on selling
engagements to that client for services other than audit, revie and attest services.
!ompanies are required to disclose in their proxy statement or annual filings ith the
57! the total amount of audit and nonaudit fees paid to the audit firm for the to most recent
years. Four categories of fees are to #e reported% (1) audit fees< (+) audit-related fees< (3) tax
fees< and (2) all other fees. !ompanies are also required to provide further #reakdon of the
Gother feesH category, and provide qualitative information on the nature of the services provided.
4-. The rules concerning stock onership #y partners and professional staff%
A partner in the office of the partner responsi#le for an audit engagement cannot on
stock in that audit client. A partner can on stock in an audit client, as long as (1) he or she
cannot influence the audit engagement and (+) he or she is not in the same office as the partner
responsi#le for the audit engagement.
A professional staff mem#er cannot on stock in an audit client if he or she is assigned
to the engagement or if he or she #ecomes a partner in the office of the partner responsi#le for
the audit engagement. A professional staff mem#er can on stock in a firm$s audit client as long
as he or she does not participate in the audit engagement.
Partner violation% A partner in the 5an Francisco office ons one share of stock of a client
hose audit is conducted #y a different partner in the 5an Francisco office.
Professional staff violation% An audit manager ons stock in a client hose audit is performed #y
the office here the audit manager orks. The manager is promoted to partner mid-year. As
soon as the manager #ecomes a partner, there is a violation of &ule 1B1.
4-/ >ays to reduce the appearance of the lack of independence are% the use of an audit
committee to select auditors made up of directors ho are not a part of management< a
requirement that all changes of auditors and reasons therefore #e reported to the 57! or other
regulatory agency< and approval of the !"A firm #y stockholders at the annual meeting. The
5ar#anesI'xley act requires that the audit committee of a pu#lic company consist only of
independent mem#ers and #e responsi#le for the appointment, termination, and compensation
of the audit firm.
1+
4-10 A !"A firm has several options hen it decides it is not competent to perform an audit%
1. >ithdra from the engagement.
+. '#tain the expertise through continuing education and self-studies.
3. 6ire someone ho has the expertise.
2. >ork on a consulting #asis ith another !"A firm.
4-11 A fee #ased upon the amount of time it takes to complete is not a violation of &ule 3B+.
&ule 3B+ on contingent fees states that professional services for clients receiving assertion
opinions shall not #e offered or rendered under an agreement here#y no fee ill #e charged
unless a specific finding or result is attained, or here the fee is otherise contingent upon the
findings or results of such services. The purpose of the rule is to prevent sacrificing the quality
of audits #ecause of the pressure felt #y the auditor in producing the required audit outcome. An
example ould #e the fee #eing dependent upon the issuance of an unqualified opinion or the
o#taining of a loan #y a client.
4-12 The folloing are exceptions to the confidentiality requirement for the !"A.s audit files%
1. The confidentiality requirement cannot interfere ith the mem#er.s o#ligation to
follo auditing standards or generally accepted accounting principles.
+. A mem#er must comply ith a validly issued su#poena or summons enforcea#le #y
order of a court.
3. A revie of a mem#er.s professional practice under A-!"A or state !"A society or
state ,oard of Accountancy authori0ation is permitted.
2. A mem#er must respond to any inquiry made #y the ethics division or trial #oard of
the -nstitute or a duly constituted investigative or disciplinary #ody of a state !"A
society or ,oard of Accountancy.
4-13 Audits should #e maintained at a high level of quality even if solicitation, advertising, and
competitive #idding are alloed for several reasons%
1. "rofessionals do high quality ork #ecause it is a characteristic of #eing a
professional.
+. A reputation of doing high quality ork usually pays off in more clients and a more
profita#le practice.
3. "otential legal lia#ility is also a deterrent to su#standard ork.
2. The &o!e of Professional &on!uct requires a high quality of performance.
4-14 A mem#er is permitted to advertise #y &ule =B+ except in a false, misleading, or
deceptive manner. -nterpretation =B+-+ clarifies the meaning of false, misleading or deceptive
acts, including activities that%
1. !reate false or un9ustified expectations of favora#le results.
+. -mply the a#ility to influence any court, tri#unal, regulatory agency or similar #ody or
official.
3. !ontain a representation that specific professional services ill #e performed for a
stated fee, hen it as likely at the time of the representation that such fees
ould #e su#stantially increased and the prospective client as not informed of
that likelihood.
2. !ontain any other representations that ould #e likely to cause a reasona#le person
to misunderstand or #e deceived.
1,
>hen engagements are o#tained through the efforts of third parties, -nterpretation =B+-=
indicates that the mem#er has the responsi#ility to ascertain that all promotional efforts are
ithin the #ounds of the &ules of !onduct.
4-1+ "rohi#iting paying commissions to o#tain clients ho receive attestation services in &ule
=B3 is intended to discourage overly aggressive o#taining of clients #y giving Efinders. feesE to
#anks and others in a position to give #usiness rather than on the #asis of competitive and other
qualifications. "rohi#iting receiving commissions for referrals to other !"As or other providers of
services here attestation services are provided is intended to discourage referrals to others on
the #asis of a Esales commissionE rather than the competition of those offering services.
!ommissions hen attestation services are not provided are permitted to encourage
competition for these types of services.
4-1, A !"A may practice in one of the folloing forms%
1. A proprietorship
+. A general partnership
3. A general corporation (if permitted #y state la)
2. A professional corporation
=. Fimited lia#ility company (if permitted #y state la)
A. Fimited lia#ility partnership (if permitted #y state la)
4-1- There are ma9or differences #eteen the nature of the enforcement #y the A-!"A and a
state ,oard of Accountancy.
A-!"A enforcement% A eighty social sanction #ecause violations are pu#lished in
the !"A 3esletter. 6oever, A-!"A enforcement #y itself ill not prevent a !"A
from practicing pu#lic accounting. The A-!"A can remove a practitioner from
A-!"A mem#ership, #ut not eliminate the right to practice.
5tate ,oard of Accountancy enforcement% A state ,oard may revoke a practitioner.s
license to practice pu#lic accounting.
1-
Chapter + - )e5a4 )ia6i4it7
+-1 5everal factors that have affected the increased num#er of lasuits against !"As are%
1. The groing aareness of the responsi#ilities of pu#lic accountants on the part of
users of financial statements.
+. An increased consciousness on the part of the 57! regarding its responsi#ility for
protecting investors. interests.
3. The greater complexities of auditing and accounting due to the increasing si0e of
#usinesses, the glo#ali0ation of #usiness, and the intricacies of #usiness
operations.
2. 5ociety.s increasing acceptance of lasuits.
=. Farge civil court 9udgments against !"A firms, hich have encouraged attorneys to
provide legal services on a contingent fee #asis.
A. The illingness of many !"A firms to settle their legal pro#lems out of court.
D. The difficulty courts have in understanding and interpreting technical accounting and
auditing matters.
+-2 The most important positive effects are the increased quality control #y !"A firms that is
likely to result from actual and potential lasuits and the a#ility of in9ured parties to receive
remuneration for their damages. 3egative effects are the energy required to defend groundless
cases and the harmful impact on the pu#lic.s image of the profession. Fegal lia#ility may also
increase the cost of audits to society, #y causing !"A firms to increase the evidence
accumulated.
+-3 ,usiness failure is the risk that a #usiness ill fail financially and, as a result, ill #e
una#le to pay its financial o#ligations. Audit risk is the risk that the auditor ill conclude that the
financial statements are fairly stated and an unqualified opinion can therefore #e issued hen,
in fact, they are materially misstated.
>hen there has #een a #usiness failure, #ut not an audit failure, it is common for
statement users to claim there as an audit failure, even if the most recently issued audited
financial statements ere fairly stated. 1any auditors evaluate the potential for #usiness failure
in an engagement in determining the appropriate audit risk.
+-4 The prudent person concept states that a person is responsi#le for conducting a 9o# in
good faith and ith integrity, #ut is not infalli#le. Therefore, the auditor is expected to conduct an
audit using due care, #ut does not claim to #e a guarantor or insurer of financial statements.
+-+ The difference #eteen fraud and constructive fraud is that in fraud the rongdoer
intends to deceive another party hereas in constructive fraud there is a lack of intent to
deceive or defraud. !onstructive fraud is highly negligent performance.
+-, 1any !"A firms illingly settle lasuits out of court in an attempt to minimi0e legal costs
and avoid adverse pu#licity. This has a negative effect on the profession hen a !"A firm
agrees to settlements even though it #elieves that the firm is not lia#le to the plaintiffs. This
encourages others to sue !"A firms here they pro#a#ly ould not to such an extent if the
firms had the reputation of contesting the litigation. Therefore, out-of-court settlements
encourage more lasuits and, in essence, increase the auditor.s lia#ility #ecause many firms
ill pay even though they do not #elieve they are lia#le.
1.
+-- An auditor.s #est defense for failure to detect a fraud is an audit properly conducted in
accordance ith auditing standards. 5A5 ?? (A4 31A) states that the auditor should assess the
risk of material misstatements of the financial statements due to fraud. ,ased on this
assessment, the auditor should design the audit to provide reasonable assurance of detecting
material misstatements due to fraud. 5A5 ?? also states that #ecause of the nature of fraud
(including defalcations), a properly designed and executed audit may not detect a material
misstatement due to fraud.
+-. !ontri#utory negligence used in legal lia#ility of auditors is a defense used #y the auditor
hen he or she claims the client or user also had a responsi#ility in the legal case. An example
is the claim #y the auditor that management kne of the potential for fraud #ecause of
eaknesses in internal control, #ut refused to correct them. The auditor there#y claims that the
client contri#uted to the fraud #y not correcting material eaknesses in internal control.
+-/ An engagement letter from the auditor to the client specifies the responsi#ilities of #oth
parties and states such matters as fee arrangements and deadlines for completion. The auditor
may also use this as an opportunity to inform the client that the responsi#ility for the prevention
of fraud is that of the client. A ell-ritten engagement letter can #e useful evidence in the case
of a lasuit, given that the letter spells out the terms of the engagement agreed to #y #oth
parties. >ithout an engagement letter, the terms of the engagement are easily disputed.
+-10 Fia#ility to clients under common la has remained relatively unchanged for many years.
-f a !"A firm #reaches an implied or expressed contract ith a client, there is a legal
responsi#ility to pay damages. Traditionally the distinction #eteen privity of contract ith clients
and lack of privity of contract ith third parties as essential in common la. The lack of privity
of contract ith third parties meant that third parties ould have no rights ith respect to
auditors except in the case of gross negligence.
That precedent as esta#lished #y the 4ltramares case. -n recent years some courts
have interpreted 4ltramares more #roadly to allo recovery #y third parties if those third parties
ere knon and recogni0ed to #e relying upon the ork of the professional at the time the
professional performed the services (foreseen users). 5till others have re9ected the 4ltramares
doctrine entirely and have held the !"A lia#le to anyone ho relies on the !"A$s ork, if that
ork is performed negligently. The lia#ility to third parties under common la continues in a
state of uncertainty. -n some 9urisdictions the precedence of 4ltramares is still recogni0ed
hereas in others there is no significant distinction #eteen lia#ility to third parties and to clients
for negligence.
+-11 -n recent years the auditor.s lia#ility to a third party has #ecome affected #y hether the
party is knon or unknon. 3o a knon third party, under common la, usually has the same
rights as the party that is privy to the contract. An unknon third party usually has feer rights.
The approach folloed in most states is the Restatement of #orts approach to the foreseen
users concept. 4nder the Restatement of #orts approach, foreseen users must #e mem#ers of
a reasona#ly limited and identifia#le group of users that have relied on the !"A$s ork, even
though those persons ere not specifically knon to the !"A at the time the ork as done.
1/
+-12 The differences #eteen the auditor.s lia#ility under the securities acts of 1?33 and 1?32
are #ecause the 1?33 act imposes a heavier #urden on the auditor. Third party rights as
presented in the 1?33 act are%
1. Any third party ho purchases securities descri#ed in the registration statement may
sue the auditor.
+. Third party users do not have the #urden of proof that they relied on the financial
statements or that the auditor as negligent or fraudulent in doing the audit. They
must only prove that the financial statements ere misleading or not fairly stated.
-n con9unction ith these third party rights, the auditor has a greater #urden in that he or
she must demonstrate that%
1. The statements are not materially misstated.
+. An adequate audit as conducted.
3. The user did not incur the loss #ecause of misleading financial statements.
The lia#ility of auditors under the 1?32 act is not as harsh as under the 1?33 act. -n this
instance, the #urden of proof is on third parties to sho that they relied on the statements and
that the misleading statements ere the cause of the loss.
The principal focus of accountants$ lia#ility under the 1?32 act is on &ule 1B#-=. 4nder
&ule 1B#-=, accountants enerall) can only #e held lia#le if they intentionally or recklessly
misrepresent information intended for third-party use. 1any lasuits involving accountants$
lia#ility under &ule 1B#-= have resulted in accountants #eing lia#le hen they kne all of the
relevant facts, #ut merely made poor 9udgments. -n recent years, hoever, courts have decided
that poor 9udgment doesn$t necessarily prove fraud on the part of the accountant.
+-13 The auditor.s leal liabilit) to the client can result from the auditor.s failure to properly
fulfill his or her contract for services. The lasuit can #e for #reach of contract, hich is a claim
that the contract as not performed in the manner agreed upon, or it can #e a tort action for
negligence. An example ould #e the client.s detection of a misstatement in the financial
statements, hich ould have #een discovered if the auditor had performed all audit procedures
required in the circumstances (e.g., misstatement of inventory resulting from an inaccurate
physical inventory not properly o#served #y the auditor).
The auditor.s liabilit) to thir! "arties un!er common la' results from any loss incurred #y
the claimant due to reliance upon misleading financial statements. An example ould #e a #ank
that has loans outstanding to an audited company. -f the audit report did not disclose that the
company had contingent lia#ilities that su#sequently #ecame real lia#ilities and forced the
company into #ankruptcy, the #ank could proceed ith legal action against the auditors for the
material omission.
&ivil liabilit) un!er the *ecurities Act of -.// provides the right of third parties to sue the
auditor for damages if a registration statement or a prospectus contains an untrue statement of
a material fact or omits to state a material fact that ould result in misleading financial
statements. The third party does not have to prove reliance upon the statements or even sho
his or her loss resulted from the misstatement. An example ould #e stock purchased #y an
investor in hat appears, #ased upon audited financial statements, to #e a sound company. -f
the financial statements are later found to #e inaccurate or misleading, and the investment loses
value as a result of a situation existing #ut not disclosed at the date of the financial statements,
the investor could file legal proceedings against the auditor for negligence.
20
+-133 continued
&ivil liabilit) un!er the *ecurities Act of -./0 relates to audited financial statements
issued to the pu#lic in annual reports or 1B-J reports. &ule 1B#-= of the Act prohi#its fraudulent
activity #y direct sellers of securities. 5everal federal court decisions have extended the
application of &ule 1B#-= to accountants, underriters and others. An example ould #e an
auditor knoingly permitting the issuance of fraudulent financial statements of a pu#licly held
client.
&riminal liabilit) of the auditor may result from federal or state las if the auditor
defrauds another person through knoingly #eing involved ith false financial statements. An
example of an act that could result in criminal lia#ility ould #e an auditor.s certifying financial
statements that he or she knos overstate income for the year and the financial position of the
company at the audit date.
+-14 The 57! can impose the folloing sanctions against a !"A firm%
1. 5uspend the right to conduct audits of 57! clients.
+. "rohi#it a firm from accepting any ne clients for a period.
3. &equire a revie of the firm.s practice #y another !"A firm.
2. &equire firms to participate in continuing education programs.
+-1+ 5ome of the ays in hich the profession can positively respond and reduce lia#ility in
auditing are%
1. !ontinued research in auditing.
+. 5tandards and rules must #e revised to meet the changing needs of auditing.
3. The A-!"A can esta#lish requirements that the #etter practitioners alays follo in
an effort to increase the overall quality of auditing.
2. 7sta#lish ne peer revie requirements.
=. !"A firms should oppose all unfounded lasuits rather than settling out of court.
A. 4sers of financial statements need to #e #etter educated regarding the attest
function.
D. -mproper conduct and performance #y mem#ers must #e sanctioned.
@. Fo##y for changes in state and federal las concerning accountants$ lia#ility.
Chapter , - Audit #esponsi6i4ities and O68ectives
,-1 The o#9ective of the audit of financial statements #y the independent auditor is the
expression of an opinion on the fairness ith hich the financial statements present financial
position, results of operations, and cash flos in conformity ith generally accepted accounting
principles.
The auditor meets that o#9ective #y accumulating sufficient competent evidence to
determine hether the financial statements are fairly stated.
,-2 -t is management.s responsi#ility to adopt sound accounting policies, maintain adequate
internal control and make fair representations in the financial statements. The auditor.s
responsi#ility is to conduct an audit of the financial statements in accordance ith auditing
standards and report the findings of the audit in the auditor.s report.
21
,-3 An error is an unintentional misstatement of the financial statements. Fraud represents
intentional misstatements. The auditor is responsi#le for o#taining reasona#le assurance that
material misstatements in the financial statements are detected, hether those misstatements
are due to errors or fraud1
An audit must #e designed to provide reasona#le assurance of detecting material
misstatements in the financial statements. Further, the audit must #e planned and performed
ith an attitu!e of "rofessional ske"ticism in all aspects of the engagement. ,ecause there is an
attempt at concealment of fraud, material misstatements due to fraud are usually more difficult
to uncover than errors. The auditor$s #est defense hen material misstatements (either errors or
fraud) are not uncovered in the audit is that the audit as conducted in accordance ith auditing
standards.
,-4 1isappropriation of assets represents the theft of assets #y employees. Fraudulent
financial reporting is the intentional misstatement of financial information #y management or a
theft of assets #y management, hich is covered up #y misstating financial statements.
1isappropriation of assets ordinarily occurs either #ecause of inadequate internal
controls or a violation of existing controls. The #est ay to prevent theft of assets is through
adequate internal controls that function effectively. 1any times theft of assets is relatively small
in dollar amounts and ill have no effect on the fair presentation of financial statements. There
are also the cases of large theft of assets that result in #ankruptcy to the company. Fraudulent
financial reporting is inherently difficult to uncover #ecause it is possi#le for one or more
mem#ers of management to override internal controls. -n many cases the amounts are
extremely large and may affect the fair presentation of financial statements.
,-+ True, the auditor must rely on management for certain information in the conduct of his
or her audit. 6oever, the auditor must not accept management.s representations #lindly. The
auditor must, henever possi#le, o#tain competent evidential matter to support the
representations of management. As an example, if management represents that certain
inventory is not o#solete, the auditor should #e a#le to examine purchase orders from
customers that prove part of the inventory is #eing sold at a price that is higher than the
company.s cost plus selling expenses. -f management represents an account receiva#le as
#eing fully collecti#le, the auditor should #e a#le to examine su#sequent payments #y the
customer or correspondence from the customer that indicates a illingness and a#ility to pay
22
,-,
C&A#ACT#!ST!C
A"D!T ST*S
1. 1anagement$s characteristics and
influence over the control
environment.
-nvestigate the past history of the firm and
its management.
*iscuss the possi#ility of fraudulent
financial reporting ith previous auditor
and company legal counsel after o#taining
permission to do so from management.
+. -ndustry conditions. &esearch current status of industry and
compare industry financial ratios to the
company$s ratios. -nvestigate any unusual
differences.
&ead A-!"A$s In!ustr) Au!it Risk Alert for
the company$s industry, if availa#le.
!onsider the impact of specific risks that
are identified on the conduct of the audit.
3. 'perating characteristics and
financial sta#ility.
"erform analytical procedures to evaluate
the possi#ility of #usiness failure.
-nvestigate hether material transactions
occur close to year-end.
,-- The cycle approach is a method of dividing the audit such that closely related types of
transactions and account #alances are included in the same cycle. For example, sales, sales
returns, and cash receipts transactions and the accounts receiva#le #alance are all a part of the
sales and collection cycle. The advantages of dividing the audit into different cycles are to divide
the audit into more managea#le parts, to assign tasks to different mem#ers of the audit team,
and to keep closely related parts of the audit together.
,-.
GN#A) )DG# ACCO"NT C1C)
5ales
Accounts "aya#le
&etained 7arnings
Accounts &eceiva#le
-nventory
&epairs K 1aintenance
5ales K !ollection
Acquisition K "ayment
!apital Acquisition K &epayment
5ales K !ollection
-nventory K >arehousing
Acquisition K "ayment
,-/ There is a close relationship #eteen each of these accounts. 5ales, sales returns and
alloances, and cash discounts all affect accounts receiva#le. Alloance for uncollecti#le
accounts is closely tied to accounts receiva#le and should not #e separated. ,ad de#t expense
is closely related to the alloance for uncollecti#le accounts. To separate these accounts from
each other implies that they are not closely related. -ncluding them in the same cycle helps the
auditor keep their relationships in mind.
23
,-10 1anagement assertions are implied or expressed representations #y management
a#out classes of transactions and the related accounts in the financial statements. These
assertions are part of the criteria management uses to record and disclose accounting
information in financial statements. 5A5 31 (A4 3+A) classifies five #road categories of
assertions%
1. 7xistence or occurrence
+. !ompleteness
3. /aluation or allocation
2. &ights and o#ligations
=. "resentation and disclosure
,-11 :eneral audit o#9ectives follo from and are closely related to management assertions.
:eneral audit o#9ectives, hoever, are intended to provide a frameork to help the auditor
accumulate sufficient competent evidence required #y the third standard of field ork. Audit
o#9ectives are more useful to auditors than assertions #ecause they are more detailed and more
closely related to helping the auditor accumulate sufficient competent evidence.
,-12
#CO#D!NG %!SSTAT%NT
T#ANSACT!ON-#)ATD A"D!T
O9:CT!V V!O)ATD
Fixed asset repair is recorded on the rong
date.
&epair is capitali0ed as a fixed asset
instead of an expense.
Timing
!lassification
,-13 The existence o#9ective deals ith hether amounts included in the financial statements
should actually #e included. !ompleteness is the opposite of existence. The completeness
o#9ective deals ith hether all amounts that should #e included have actually #een included.
-n the audit of accounts receiva#le, a nonexistent account receiva#le ill lead to
overstatement of the accounts receiva#le #alance. Failure to include a customer.s account
receiva#le #alance, hich is a violation of completeness, ill lead to understatement of the
accounts receiva#le #alance.
,-14 5pecific audit o#9ectives are the application of the general audit o#9ectives to a given
class of transactions or account #alance. There must #e at least one specific audit o#9ective for
each general audit o#9ective and in many cases there should #e more. 5pecific audit o#9ectives
for a class of transactions or an account #alance should #e designed such that, once they have
#een satisfied, the related general audit o#9ective should also have #een satisfied for that class
of transactions or account.
,-1+ For the specific #alance-related audit o#9ective, all recorded fixed assets exist at the
#alance sheet date, the management assertion and the general #alance-related audit o#9ective
are #oth Eexistence.E
24
,-1, 1anagement assertions and general #alance-related audit o#9ectives are consistent for
all asset accounts for every audit. They ere developed #y the Auditing 5tandards ,oard,
practitioners, and academics over a period of time. 'ne or more specific #alance-related audit
o#9ectives are developed for each general #alance-related audit o#9ective in an audit area such
as accounts receiva#le. For any given account, a !"A firm may decide on a consistent set of
specific #alance-related audit o#9ectives for accounts receiva#le, or it may decide to use
different o#9ectives for different audits.
,-1- The four phases of the audit are%
1. "lan and design an audit approach.
+. "erform tests of controls and su#stantive tests of transactions.
3. "erform analytical procedures and tests of details of #alances.
2. !omplete the audit and issue an audit report.
The auditor uses these four phases to meet the overall o#9ective of the audit, hich is to
express an opinion on the fairness ith hich the financial statements present fairly, in all
material respects, the financial position, results of operations and cash flos in conformity ith
:AA". ,y accumulating sufficient competent evidence for each audit o#9ective, the overall
o#9ective is met. The accumulation of evidence is accomplished #y performing the four phases
of the audit.
Chapter - - Audit vidence
--1 -n #oth a legal case and in an audit of financial statements, evidence is used #y an
un#iased person to dra conclusions. -n addition, the consequences of an incorrect decision in
#oth situations can #e equally undesira#le. For example, if a guilty person is set free, society
may #e in danger if the person repeats his or her illegal act. 5imilarly, if investors rely on
materially misstated financial statements, they could lose significant amounts of money. Finally,
the guilt of a defendant in a legal case must #e proven #eyond a reasona#le dou#t. This is
similar to the concept of sufficient competent evidence in an audit situation. As ith a 9udge or
9ury, an auditor cannot #e completely convinced that his or her opinion is correct, #ut rather
must o#tain a high level of assurance.
The nature of evidence in a legal case and in an audit of financial statements differs
#ecause a legal case relies heavily on testimony #y itnesses and other parties involved. >hile
inquiry is a form of evidence used #y auditors, other more relia#le types of evidence such as
confirmation ith third parties, physical examination, and documentation are also used
extensively. A legal case also differs from an audit #ecause of the nature of the conclusions
made. -n a legal case, a 9udge or 9ury decides the guilt or innocence of the defendant. -n an
audit, the auditor issues one of several audit opinions after evaluating the evidence.
--2 The four ma9or audit evidence decisions that must #e made on every audit are%
1. >hich audit procedures to use.
+. >hat sample si0e to select for a given procedure.
3. >hich items to select from the population.
2. >hen to perform the procedure.
2+
--3 An audit procedure is the detailed instruction for the collection of a type of audit evidence
that is to #e o#tained. ,ecause audit procedures are the instructions to #e folloed in
accumulating evidence, they must #e orded carefully to make sure the instructions are clear.
--4 An audit program for accounts receiva#le is a list of audit procedures that ill #e used to
audit accounts receiva#le for a given client. The audit procedures, sample si0e, items to select,
and timing should #e included in the audit program.
--+ 5ufficient competent evidential matter is to #e o#tained through inspection, o#servation,
inquiries and confirmations to afford a reasona#le #asis for an opinion regarding the financial
statements under audit. There are three ma9or phrases of the standard.
*&#AS %AN!NG O$ *&#AS
5ufficient competent evidence The auditor must o#tain evidence that is
relia#le and there must #e a reasona#le
quantity of that evidence.
Through inspection, o#servation, inquiries
and confirmations
These are the ma9or types of evidence
availa#le for the auditor to use.
To afford a reasona#le #asis for an
opinion regarding the financial statements
The auditor cannot expect to #e
completely certain that the financial
statements are fairly presented #ut there
must #e persuasive evidence. The
collection of evidence gathered #y the
auditor provides the #asis for the auditor.s
opinion.
--, There are to primary reasons hy the auditor can only #e persuaded ith a reasona#le
level of assurance, rather than #e convinced that the financial statements are correct%
1. The cost of accumulating evidence. -t ould #e extremely costly for the auditor to
gather enough evidence to #e completely convinced.
+. 7vidence is normally not sufficiently relia#le to ena#le the auditor to #e completely
convinced. For example, confirmations from customers may come #ack ith
erroneous information, hich is the fault of the customer rather than the client.
--- The to determinants of the persuasiveness of evidence are competency and
sufficiency. !ompetency refers to the degree to hich evidence can #e considered #elieva#le or
orthy of trust. !ompetency relates to the audit procedures selected, including the timing of
hen those procedures are performed. 5ufficiency refers to the quantity of evidence and it is
related to sample si0e and items to select.
2,
-;. Folloing are seven characteristics that determine competence and an example of each.
$ACTO#
DT#%!N!NG CO%*TNC
2A%*) O$
CO%*TNT V!DNC
&elevance Trace inventory items located in the
arehouse to their inclusion in the
inventory su#sidiary records
-ndependence of provider !onfirmation of a #ank #alance
7ffectiveness of client.s internal controls 4se of duplicate sales invoices for a
large ell-run company
Auditor.s direct knoledge
"hysical examination of inventory #y the
auditor
Cualifications of provider Fetter from an attorney dealing ith the
client.s affairs
*egree of o#9ectivity
!ount of cash on hand #y auditor
Timeliness '#serve inventory on the last day of the
fiscal year
--/
T1*S O$ A"D!T V!DNC
2A%*)S
1. "hysical examination
!ount petty cash on hand
7xamine fixed asset additions
+. !onfirmation
!onfirm accounts receiva#le #alances of a
sample of client customers
!onfirm client$s cash #alance ith #ank
3. *ocumentation
7xamine cancelled checks returned ith cutoff
#ank statement
7xamine vendors$ invoices supporting a
sample of cash dis#ursement transactions
throughout the year
2. Analytical procedures
7valuate reasona#leness of receiva#les #y
calculating and comparing ratios
!ompare expenses as a percentage of net
sales ith prior year$s percentages
2-
--/ <continued=
T1*S O$ A"D!T V!DNC
2A%*)S
=. -nquiries of the client
-nquire of management hether there is
o#solete inventory
-nquire of management regarding the
collecti#ility of large accounts receiva#le
#alances
A. &eperformance
D. '#servation
&ecompute invoice total #y multiplying item
price times quantity sold
Food the sales 9ournal for a one-month period
and compare all totals to the general ledger
'#serve client employees in the process of
counting inventory
'#serve hether employees are restricted
from access to the check signing machine
--10 The four characteristics of the definition of a confirmation are%
1. &eceipt
+. >ritten or oral response
3. From independent third party
2. &equested #y the auditor
A confirmation is prepared specifically for the auditor and comes from an external
source. 7xternal documentation is in the hands of the client at the time of the audit and as
prepared for the client.s use in the day-to-day operation of the #usiness.
--11 Internal !ocumentation is prepared and used ithin the client.s organi0ation ithout ever
going to an outside party, such as a customer or vendor.
7xamples%
check request form
receiving report
payroll time card
ad9usting 9ournal entry
E$ternal !ocumentation either originated ith an outside party or as an internal
document that ent to an outside party and is no either in the hands of the client or is readily
accessi#le.
7xamples%
vendor.s invoice
cancelled check
cancelled note
validated deposit slip
2.
--12 Analytical procedures are useful for indicating account #alances that may #e distorted #y
unusual or significant transactions and that should #e intensively investigated. They are also
useful in revieing accounts or transactions for reasona#leness to corro#orate tentative
conclusions reached on the #asis of other evidence.
--13 The most important reasons for performing analytical procedures are the folloing%
1. 4nderstanding the client.s industry and #usiness
+. Assessment of the entity.s a#ility to continue as a going concern
3. -ndication of the presence of possi#le misstatements in the financial statements
2. &eduction of detailed audit tests
--14 The decrease of the current ratio indicates a liquidity pro#lem for 6arper !ompany since
the ratio has dropped to a level close to the requirements of the #ond indenture. 5pecial care
should #e exercised #y the auditor to determine that the +.B= ratio is proper since management
ould #e motivated to hide any loer ratio. The auditor should expand procedures to test all
current assets for proper cutoff and possi#le overstatement and to test all current lia#ilities for
proper cutoff and possi#le understatement.
--1+ Attention directing analytical procedures occur hen significant, unexpected differences
are found #eteen current year.s unaudited financial data and other data used in comparisons.
-f an unusual difference is large, the auditor must determine the reason for it, and satisfy himself
or herself that the cause is a valid economic event and not an error or misstatement due to
fraud.
>hen an analytical procedure reveals no unusual fluctuations, the implication is
minimi0ed. -n that case, the analytical procedure constitutes su#stantive evidence in support of
the fair statement of the related account #alances, and it is possi#le to perform feer detailed
su#stantive tests in connection ith those accounts.
Frequently, the same analytical procedures can #e used for attention directing and for
reducing su#stantive tests, depending on the outcome of the tests. 5imple procedures such as
comparing the current year account #alance to the prior year account #alance is more attention
directing (and provides less assurance) than more complex analytical procedures< i.e., those
hich rely on regression analysis. 1ore sophisticated analytical procedures help the auditor
examine relationships #eteen several information varia#les simultaneously. The nature of
these tests may provide greater assurance than simple procedures.
--1, The statement is correct. 7xcept for certain accounts ith small dollar #alances,
analytical procedures are essential to help the auditor identify trends in a client.s #usiness and
to see the relationship #eteen the client.s performance and industry averages. 6oever, the
auditor is responsi#le for gathering sufficient competent evidential matter through inspection,
o#servation and confirmation in addition to the evidence o#tained as a result of the analytical
procedures.
2/
--1- The purposes of audit documentation are as follos%
1. To provide a #asis for planning the audit. The auditor may use reference information
from the previous year in order to plan this year.s audit, such as the evaluation of
internal control, the time #udget, etc.
+. To provide a record of the evidence accumulated and the results of the tests. This is
the primary means of documenting that an adequate audit as performed.
3. To provide data for deciding the proper type of audit report. *ata are used in
determining the scope of the audit and the fairness ith hich the financial
statements are stated.
2. To provide a #asis for revie #y supervisors and partners. These individuals use the
audit documentation to evaluate hether sufficient competent evidence as
accumulated to 9ustify the audit report.
Audit documentation are used for several purposes, #oth during the audit and after the
audit is completed. 'ne of the uses is the revie #y more experienced personnel. A second is
for planning the su#sequent year audit. A third is to demonstrate that the auditor has
accumulated sufficient competent evidence if there.s a need to defend the audit at a later date.
For these uses, it is important that the audit documentation provide sufficient information so that
the person revieing an audit schedule knos the name of the client, contents of the audit
schedule, period covered, ho prepared the audit schedule, hen it as prepared, and ho it
ties into the rest of the audit files ith an index code.
-;1. The to criteria used #y auditors of pu#lic companies hen determining hether
memos, correspondence, and other documents must #e maintained in the audit files are
as follos%
1. The materials are created, sent, or received in connection ith the audit or revie.
+. The materials contain conclusions, opinions, analyses, or financial data related to
the audit or revie.
--1/ The 5ar#anes-'xley Act of +BB+ requires auditors of pu#lic companies to prepare and
maintain audit schedules and other information related to any audit report in sufficient detail to
support the auditor$s conclusions, for a period of not less than D years.
--20 Audit schedules should include the folloing%
+ame of the client 7na#les the auditor to identify the appropriate file to include the audit
schedule in if it is removed from the files.
Perio! covere! 7na#les the auditor to identify the appropriate year to hich an audit
schedule for a client #elongs if it is removed from the files.
Descri"tion of the contents A list of the contents ena#les the revieer to determine
hether all important parts of the audit schedule have #een included. The contents
description is also used as a means of identifying audit files in the same manner that a
ta#le of contents is used.
Initials of the "re"arer -ndicates ho prepared the audit schedule in case there are
questions #y the revieer or someone ho ants information from the files at a later
30
--20 <continued=
date. -t also clearly identifies ho is responsi#le for preparing the audit documentation if
the audit must #e defended.
Date of "re"aration 6elps the revieer to determine the sequence of the preparation of
the audit schedules. -t is also useful for the su#sequent year in planning the sequence of
preparing audit schedules.
In!e$in 6elps in organi0ing and filing audit schedules. -ndexing also facilitates in
searching #eteen related portions of the audit documentation.
--21 The permanent file contains data of an historical and continuing nature pertinent to the
current audit. 7xamples of items included in the file are%
1. Articles of incorporation
+. ,ylas, #ond indentures, and contracts
3. Analysis of accounts that have continuing importance to the auditor
2. -nformation related to the understanding of internal control%
a. flocharts
#. internal control questionnaires
=. &esults of previous years. analytical procedures, such as various ratios and
percentages compiled #y the auditors
,y separating this information from the current year.s audit files, it #ecomes easily accessi#le
for the folloing year.s auditors to o#tain permanent file data.
--22 The purpose of an anal)sis is to sho the activity in a general ledger account during the
entire period under audit, tying together the #eginning and ending #alances. The trial balance
includes the detailed make-up of an ending #alance. -t differs from an analysis in that it includes
only those items comprising the end of the period #alance. A test of reasonableness schedule
contains information that ena#les the auditor to evaluate hether a certain account #alance
appears to #e misstated. 'ne example of a test of reasona#leness schedule is a schedule that
compares current year expenses to prior years. amounts. This type of schedule is intended to
sho hich accounts need investigation due to significant variances.
--23 4nansered questions and exceptions may indicate the potential for significant errors or
fraud in the financial statements. These should #e investigated and resolved to make sure that
financial statements are fairly presented.
The audit files can also #e su#poenaed #y courts as legal evidence. 4nansered
questions and exceptions may indicate lack of due care #y the auditor.
--24 Tick marks are sym#ols ad9acent to information in audit schedules for the purpose of
indicating the ork performed #y the auditor. An explanation of the tick mark must #e included at
the #ottom of the audit schedule to indicate hat as done and ho did it.
--2+ Audit files are oned #y the auditor. They can #e used #y the client if the auditor ants
to release them after a careful consideration of hether there might #e confidential information
in them. The audit files can #e su#poenaed #y a court and there#y #ecome the property of the
court. They can #e released to another !"A firm ithout the client.s permission if they are #eing
31
--2+ <continued=
revieed as a part of a voluntary peer revie program under A-!"A, state !"A society, or state
,oard of Accountancy authori0ation. The audit files can #e sold or released to other users if the
auditor o#tains permission from the client.
--2, -t is a violation unless the !"A o#tains permission from each client #efore the audit files
for that client are released.
--2- >hen evidence can #e examined only in machine-reada#le form, auditors use
computers to read and examine evidence. There are commercial audit softare programs
designed specifically for use #y auditors, such as A!F 5oftare and -nteractive *ata 7xtraction
and Analysis (-*7A). 5preadsheet softare packages can also #e used #y auditors to perform
audit tests on data that is availa#le only in machine-reada#le form.
--2. The purposes of audit documentation softare are to convert traditional paper-#ased
documentation into electronic files and to organi0e the audit documentation. The #enefits of
audit documentation softare, such as Automated !lient 7ngagement (A!7), are as follos%
The auditor can more efficiently prepare a trial #alance, lead schedules, supporting
audit documentation, financial statements, and ratio analysis using the computer
rather than #y hand.
The effects of ad9usting 9ournal entries are automatically carried through to the trial
#alance and financial statements, making last-minute ad9ustments easier to
make.
Tick marks and revie notes can #e entered directly into computeri0ed files.
*ata can #e imported and exported to other applications. For example, a client$s
general ledger can #e donloaded into A!7 and tax information can #e
donloaded into a commercial tax preparation package after the audit is
completed.
Chapter . - Audit *4annin5 and Ana47tica4 *rocedures
.-1 There are three primary #enefits from planning audits% it helps the auditor o#tain
sufficient competent evidence for the circumstances, helps keep audit costs reasona#le, and
helps avoid misunderstandings ith the client.
.-2 7ight ma9or steps in planning audits are%
1. Accept client and perform initial planning
+. 4nderstand the client$s #usiness and industry
3. Assess client #usiness risk
2. "erform preliminary analytical procedures
=. 5et materiality, and assess accepta#le audit risk and inherent risk
A. 4nderstand internal control and assess control risk
D. :ather information to assess fraud risks
@. *evelop overall audit plan and audit program
32
.-3 The ne auditor (successor) is required #y 5A5 @2 (A4 31=) to communicate ith the
predecessor auditor. This ena#les the successor to o#tain information a#out the client so that he
or she may evaluate hether to accept the engagement. "ermission must #e o#tained from the
client #efore communication can #e made #ecause of the confidentiality requirement in the
&o!e of Professional &on!uct. The predecessor is required to respond to the successor$s
request for information< hoever, the response may #e limited to stating that no information ill
#e given. The successor auditor should #e ary if the predecessor is reluctant to provide
information a#out the client.
.-4 "rior to accepting a client, the auditor should investigate the client. The auditor should
evaluate the client$s standing in the #usiness community, financial sta#ility, and relations ith its
previous !"A firm. The primary purpose of ne client investigation is to ascertain the integrity of
the client and the possi#ility of fraud. The auditor should #e especially concerned ith the
possi#ility of fraudulent financial reporting since it is difficult to uncover. The auditor does not
ant to needlessly expose himself or herself to the possi#ility of a lasuit for failure to detect
such fraud.
.-+ An engagement letter is an agreement #eteen the !"A firm and the client concerning
the conduct of the audit and related services. -t should state hat services ill #e provided,
hether any restrictions ill #e imposed on the auditor$s ork, deadlines for completing the
audit, and assistance to #e provided #y client personnel. The engagement letter may also
include the auditor$s fees. -n addition, the engagement letter informs the client that the auditor
cannot guarantee that all acts of fraud ill #e discovered.
.;, ,ecause the 5ar#anes-'xley Act of +BB+ explicitly shifts responsi#ility for hiring and
firing of the auditor from management to the audit committee for pu#lic companies, the audit
committee is vieed as Gthe clientH in those engagements.
.;- All audit and non-audit services must #e preapproved in advance #y the audit committee
for pu#lic companies.
.;. Auditors need an understanding of the client$s #usiness and industry #ecause the nature
of the #usiness and industry affect #usiness risk and the risk of material misstatements in the
financial statements. Auditors use the knoledge of these risks to determine the appropriate
extent of audit evidence to accumulate.
The five ma9or aspects of understanding the client$s #usiness and industry, along ith
potential sources of information that auditors commonly use for each of the five areas are as
follos%
1. Industry and External Environment Read industry trade publications, AICPA Industry Audit
Guides, and regulatory requirements.
2. Business Operations and Processes Tour te plant and o!!ices, identi!y related parties, and
inquire o! management.
". Management and Governance Read te corporate carter and byla#s, read minutes o!
board o! directors and stoc$olders, and inquire o! management.
%. Client Objectives and Strategies Inquire o! management regarding teir ob&ecti'es !or te
reliability o! !inancial reporting, e!!ecti'eness and e!!iciency o! operations, and
compliance #it la#s and regulations( read contracts and oter legal documents, suc as
tose !or notes and bonds payable, stoc$ options, and pension plans.
33
.-.3 continued
). Measurement and Performance Read !inancial statements, per!orm ratio analysis, and
inquire o! management about $ey per!ormance indicators tat management uses to
measure progress to#ard its ob&ecti'es.
.-/ *uring the course of the plant tour the !"A ill remem#er that an important aspect of
the audit ill #e an effective analysis of the cost system. Therefore, the auditor ill o#serve the
nature of the company$s products, the manufacturing facilities and processes, and the flo of
materials so that the information o#tained can later #e related to the functions of the cost
system.
The nature of the company$s products and the manufacturing facilities and processes
ill reveal the features of the cost system that ill require close audit attention. For example, the
audit of a company engaged in the custom-manufacture of costly products such as yachts
ould require attention to the correct charging of material and la#or to specific 9o#s, hereas
the allocation of material and la#or charges in the audit of a #everage-#ottling plant ould not
#e verified on the same #asis. The !"A ill note the stages at hich finished products emerge
and here additional materials must #e added. 6e or she ill also #e alert for points at hich
scrap is generated or spoilage occurs. The auditor may find it advisa#le, after vieing the
operations, to refer to auditing literature for pro#lems encountered and solved #y other !"As in
similar audits.
The auditor$s o#servation of the manufacturing processes ill reveal hether there is
idle plant or machinery that may require disclosure in the financial statements. 5hould the
machinery appear to #e old or poorly maintained, the !"A might expect to find heavy
expenditures in the accounts for repairs and maintenance. 'n the other hand, if the auditor
determines that the company has recently installed ne equipment or constructed a ne
#uilding, he or she ill expect to find these ne assets on the #ooks.
-n studying the flo of materials, the auditor ill #e alert for possi#le pro#lems that may
arise in connection ith the o#servation of the physical inventory, and he or she may make
preliminary estimates of audit staff requirements. -n this regard, the auditor ill notice the
various storage areas and ho the materials are stored. The auditor may also keep in mind for
further investigation any apparently o#solete inventory.
The auditor$s study of the flo of materials ill disclose the points at hich various
documents such as material requisitions arise. 6e or she ill also meet some of the key
manufacturing personnel ho may give the auditor an insight into production pro#lems and
other matters such as excess or o#solete materials, and scrap and spoilage. The auditor ill #e
alert for the attitude of the manufacturing personnel toard accounting controls. The !"A may
make some inquiries a#out the methods of production scheduling, timekeeping procedures and
hether ork standards are employed. As a result of these o#servations, the internal
documents that relate to the flo of materials ill #e more meaningful as accounting evidence.
The !"A$s tour of the plant ill give him or her an understanding of the plant terminology
that ill ena#le the !"A to communicate fluently ith the client$s personnel. The measures
taken #y the client to safeguard assets, such as protection of inventory from fire or theft, ill #e
an indication of the client$s attention to internal control measures. The location of the receiving
and shipping departments and the procedures in effect ill #ear upon the !"A$s evaluation of
internal control. The auditor$s overall impression of the client$s plant ill suggest the accuracy
and adequacy of the accounting records that ill #e audited.
34
.-10 'ne type of information the auditor o#tains in gaining knoledge a#out the clients$
industry is the nature of the client$s products, including the likelihood of their technological
o#solescence and future sala#ility. This information is essential in helping the auditor evaluate
hether the client$s inventory may #e o#solete or have a market value loer than cost.
.-11 A related party is defined in 5A5 2= (A4 332) as an affiliated company, principal oner
of the client company, or any other party ith hich the client deals here one of the parties can
influence the management or operating policies of the other.
1aterial related party transactions must #e disclosed in the financial statements #y
management. Therefore, the auditor must identify related parties and make a reasona#le effort
to determine that all material related party transactions have #een properly disclosed in the
financial statements.
.-12 ,ecause of the lack of independence #eteen the parties involved, the 5ar#anes-'xley
Act prohi#its related party transactions that involve personal loans to executives. -t is no
unlaful for any pu#lic company to provide personal credit or loans to any director or executive
officer of the company. ,anks or other financial institutions are permitted to make normal loans
to their directors and officers using market rates, such as residential mortgages.
.-13 -n the audit of a client previously audited #y a different !"A firm, it ould #e necessary
to o#tain a copy of the corporate charter and #ylas for the permanent files and to read these
documents and prepare a summary a#stract of items to test for compliance. -n an ongoing
engagement, this ork has #een performed in the past and is unnecessary each year. The
auditor$s responsi#ility is to determine hat changes have #een made during the current year
and to update and revie the summary a#stract prepared in previous years for compliance.
.-14 The information in a mortgage that is likely to #e relevant to the auditor includes the
folloing%
1. The parties to the agreement
+. The effective date of the agreement
3. The amounts included in the agreement
2. The repayment schedule required #y the agreement
=. The definition and terms of default
A. "repayment options and penalties specified in the agreement
D. Assets pledged or encum#ered #y the agreement
@. Fiquidity restrictions imposed #y the agreement
?. "urchase restrictions imposed #y the agreement
1B. 'perating restrictions imposed #y the agreement
11. &equirements for audit reports or other types of reports on compliance ith the
agreement
1+. The interest rate specified in the agreement
13. Any other requirements, limitations, or agreements specified in the document
3+
.-1+ -nformation in the client$s minutes that is likely to #e relevant to the auditor includes the
folloing%
1. *eclaration of dividends
+. Authori0ed compensation of officers
3. Acceptance of contracts and agreements
2. Authori0ation for the acquisition of property
=. Approval of mergers
A. Authori0ation of long-term loans
D. Approval to pledge securities
@. Authori0ation of individuals to sign checks
?. &eports on the progress of operations
-t is important to read the minutes early in the engagement to identify items that need to #e
folloed up on as a part of conducting the audit. For instance, if a long-term loan is authori0ed
in the minutes, the auditor ill ant to make certain that the loan is recorded as part of long-
term lia#ilities.
.-1, The three categories of client o#9ectives are (1) relia#ility of financial reporting, (+)
effectiveness and efficiency of operations, and (3) compliance ith las and regulations. 7ach
of these o#9ectives affects the auditor$s assessment of inherent risk and evidence accumulation
as follos%
1. Reliabilit) of financial re"ortin 2 -f management sees the relia#ility of financial reporting
as an important o#9ective, and if the auditor can determine that the financial reporting
system is accurate and relia#le, then the auditor can often reduce inherent risk and
planned evidence accumulation for material accounts. -n contrast, if management has
little regard for the relia#ility of financial reporting, the auditor must increase inherent risk
assessments and gather more evidence during the audit.
+. Effectiveness an! efficienc) of o"erations 2 #his area is of "rimar) concern to most
clients1 Au!itors nee! kno'le!e about the effectiveness an! efficienc) of a client3s
o"erations in or!er to assess client business risk an! inherent risk in the financial
statements1 For e$am"le4 if a client is e$"eriencin inventor) manaement "roblems4
this 'oul! most likel) increase both the au!itor3s assessment of inherent risk for the
"lanne! evi!ence accumulation for inventor)1
3. &om"liance 'ith la's an! reulations 2 It is im"ortant for the au!itor to un!erstan! the
la's an! reulations that affect an au!it client4 inclu!in sinificant contracts sine! b)
the client1 For e$am"le4 the "rovisions in a "ension "lan !ocument 'oul! sinificantl)
affect the au!itor3s assessment of inherent risk an! evi!ence accumulation in the au!it of
unfun!e! liabilit) for "ensions1 If the client 'ere in violation of the "rovisions of the
"ension "lan !ocument4 inherent risk an! "lanne! evi!ence for "ension-relate! accounts
'oul! increase1
.-1- The purpose of a client$s performance measurement system is to measure the client$s
progress toard specific o#9ectives. "erformance measurement includes ratio analysis and
#enchmarking against key competitors.
"erformance measurements for a chain of retail clothing stores could include gross profit
#y product line, sales returns as a percentage of clothing sales, and inventory turnover #y
product line. An -nternet portal$s performance measurements might include num#er of >e# site
hits or search engine speed. A hotel chain$s performance measures include vacancy
percentages and supply cost per rented room.
3,
.-1. &lient business risk is the risk that the client ill fail to achieve its o#9ectives. 5ources of
client #usiness risk include any of the factors affecting the client and its environment, including
competitor performance, ne technology, industry conditions, and the regulatory environment.
The auditor$s primary concern hen evaluating client #usiness risk is the risk of material
misstatements in the financial statements due to client #usiness risk. For example, if the client$s
industry is experiencing a significant and unexpected donturn, client #usiness risk increases.
This increase ould most likely increase the risk of material misstatements in the financial
statements. The auditor$s assessment of the risk of material misstatements is then used to
classify risks using the audit risk model to determine the appropriate extent of audit evidence.
.-1/ 1anagement esta#lishes the strategies and #usiness processes folloed #y a client$s
#usiness. 'ne top management control is management$s philosophy and operating style,
including management$s attitude toard the importance of internal control. 'ther top
management controls include a ell-defined organi0ational structure, an effective #oard of
directors, and an involved and effective audit committee. -f the #oard of directors is effective,
this increases management$s a#ility to appropriately respond to risks. An effective audit
committee can help management reduce the likelihood of overly aggressive accounting.
.-20 Analytical procedures are performed during the planning phase of an engagement to
assist the auditor in determining the nature, extent, and timing of ork to #e performed.
"reliminary analytical procedures also help the auditor identify accounts and classes of
transactions here misstatements are likely. !omparisons that are useful hen performing
preliminary analytical procedures include%
!ompare client and industry data
!ompare client data ith similar prior period data
!ompare client data ith client-determined expected results
!ompare client data ith auditor-determined expected results
!ompare client data ith expected results, using nonfinancial data
.-21Analytical procedures are required during to phases of the audit% (1) during the planning
phase to assist the auditor in determining the nature, extent, and timing of ork to #e performed
and (+) during the completion phase, as a final revie for material misstatements or financial
pro#lems. Analytical procedures are also often done during the testing phase of the audit, #ut
they are not required in this phase.
.-22 :ordon could improve the quality of his analytical tests #y%
1. 1aking internal comparisons to ratios of previous years.
+. -n cases here the client has more than one #ranch in different industries, computing
the ratios for each #ranch and comparing these to the industry ratios.
.-23 &oger 1orris performs his ratio and trend analysis at the end of every audit. ,y that
time, the audit procedures are completed. -f the analysis as done at an interim date, the scope
of the audit could #e ad9usted to compensate for the findings. 5A5 =A (A4 3+?) requires that
analytical procedures #e performed in the planning phase of the audit and near the completion
of the audit.
The use of ratio and trend analysis appears to give &oger 1orris an insight into his
client.s #usiness and affords him an opportunity to provide excellent #usiness advice to his
client.
3-
.-24 The four categories of financial ratios and examples of ratios in each category are as
follos%
1. *hort-term !ebt-"a)in abilit) I !ash ratio, quick ratio, and current ratio.
+. 5i,ui!it) activit) I Accounts receiva#le turnover, days to collect receiva#les,
inventory turnover, and days to sell inventory.
3. Abilit) to meet lon-term !ebt obliations I *e#t to equity and times interest
earned.
2. Profitabilit) 2 7arnings per share, gross profit percent, profit margin, return on
assets, and return on common equity
Chapter / - %ateria4it7 and #is>
/-1 The planning phases are% accept client and perform initial planning, understand the
client$s #usiness and industry, assess client #usiness risk, perform preliminary analytical
procedures, set materiality and assess accepta#le audit risk and inherent risk, understand
internal control and assess control risk, gather information to assess fraud risk, and develop
overall audit plan and audit program. 7valuation of materiality is part of phase five. &isk
assessment is part of phase three (client #usiness risk), phase five (accepta#le audit risk and
inherent risk), phase six (control risk), and phase seven (fraud risk).
/-2 1ateriality is defined as% the magnitude of an omission or misstatement of accounting
information that, in light of the surrounding circumstances, makes it pro#a#le that the 9udgment
of a reasona#le person relying on the information ould have #een changed or influenced #y
the omission or misstatement.
E'#tain reasona#le assurance,E as used in the audit report, means that the auditor does
not uarantee or insure the fair presentation of the financial statements. There is some risk that
the financial statements contain a material misstatement.
/-3 1ateriality is important #ecause if financial statements are materially misstated, users.
decisions may #e affected, and there#y cause financial loss to them. -t is difficult to apply
#ecause there are often many different users of the financial statements. The auditor must
therefore make an assessment of the likely users and the decisions they ill make. 1ateriality is
also difficult to apply #ecause it is a relative concept. The professional auditing standards offer
little specific guidance regarding the application of materiality. The auditor must, therefore,
exercise considera#le professional 9udgment in the application of materiality.
/-4 The preliminary 9udgment a#out materiality is the maximum amount #y hich the auditor
#elieves the financial statements could #e misstated and still not affect the decisions of
reasona#le users. 5everal factors affect the preliminary 9udgment a#out materiality and are as
follos%
1. 1ateriality is a relative rather than an a#solute concept.
+. ,ases are needed for evaluating materiality.
3. Cualitative factors affect materiality decisions.
2. 7xpected distri#ution of the financial statements ill affect the preliminary
9udgment of materiality. -f the financial statements are idely distri#uted to users,
the preliminary 9udgment of materiality ill pro#a#ly #e set loer than if the
financial statements are not expected to #e idely distri#uted.
=. The level of accepta#le audit risk ill also affect the preliminary 9udgment of
materiality.
3.
/-+ ,ecause materiality is relative rather than a#solute, it is necessary to have #ases for
esta#lishing hether misstatements are material. For example, in the audit of a manufacturing
company, the auditor might use as #ases% net income #efore taxes, total assets, current assets,
and orking capital. For a governmental unit, such as a school district, there is no net income
#efore taxes, and therefore that ould #e an unavaila#le #ase. -nstead, the primary #ases
ould likely #e fund #alances, total assets, and perhaps total revenue.
/-, The folloing qualitative factors are likely to #e considered in evaluating materiality%
a. Amounts involving fraud are usually considered more important than
unintentional errors of equal dollar amounts.
#. 1isstatements that are otherise minor may #e material if there are possi#le
consequences arising from contractual o#ligations.
c. 1isstatements that are otherise immaterial may #e material if they affect a
trend in earnings.
/-- A preliminary 9udgment a#out materiality is set for the financial statements as a hole.
Tolera#le misstatement is the maximum amount of misstatement that ould #e considered
material for an individual account #alance. The amount of tolera#le misstatement for any given
account is dependent upon the preliminary 9udgment a#out materiality. 'rdinarily, tolera#le
misstatement for any given account ould have to #e loer than the preliminary 9udgment a#out
materiality. -n many cases, it ill #e considera#ly loer #ecause of the possi#ility of
misstatements in different accounts that, in total, cannot exceed the preliminary 9udgment a#out
materiality.
/-. There are several possi#le ansers to the question. 'ne example is%
!ash L=BB 'verstatement
Fixed assets L3,BBB 'verstatement
Fong-term loans L1,=BB 4nderstatement
Note% !ash and fixed assets are tested for overstatement and long-term loans for
understatement #ecause the auditor.s o#9ective in this case is to test for overstatements
of oner.s equity.
The least amount of tolera#le misstatement as allocated to cash and long-term loans
#ecause they are relatively easy to audit. The ma9ority of the total allocation as to fixed assets
#ecause there is a greater likelihood of misstatement of fixed assets in a typical audit.
/-/ An estimate of the total misstatement in a segment is the estimate of the total
misstatements #ased upon the sample results. -f only a sample of the population is selected and
audited, the auditor must pro9ect the total sample misstatements to a total estimate. This is done
audit area #y audit area. The misstatements in each audit area must #e totaled to make an
estimate of the total misstatements in the overall financial statements. -t is important to make
these estimates so the auditor can evaluate hether the financial statements, taken as a hole,
may #e materially misstated. The estimate for each segment is compared to tolera#le
misstatement for that segment and the estimate of the overall misstatement on the financial
statements is compared to the preliminary 9udgment a#out materiality.
3/
/-10 -f an audit is #eing performed on a medium-si0ed company that is part of a
conglomerate, the auditor must make a materiality 9udgment #ased upon the conglomerate.
1ateriality may #e larger for a company that is part of a conglomerate #ecause even though the
financial statements of the medium-si0ed company may #e misstated, the financial statements
of the large conglomerate might still #e fairly stated. -f, hoever, the auditor is giving a separate
opinion on the medium-si0ed company, the materiality ould #e loer than for the audit of a
conglomerate.
/-11 The audit risk model is as follos%
PDR M AAR
IR x &R
>here PDR M "lanned detection risk
AAR M Accepta#le audit risk
IR M -nherent risk
&R M !ontrol risk
Planne! !etection risk A measure of the risk that audit evidence for a segment
ill fail to detect misstatements exceeding a tolera#le amount, should such
misstatements exist.
Acce"table au!it risk A measure of ho illing the auditor is to accept that the
financial statements may #e materially misstated after the audit is completed and
an unqualified opinion has #een issued.
Inherent risk A measure of the auditor.s assessment of the likelihood that there
are material misstatements in a segment #efore considering the effectiveness of
internal control.
&ontrol risk A measure of the auditor.s assessment of the likelihood that
misstatements exceeding a tolera#le amount in a segment ill not #e prevented
or detected #y the client.s internal controls.
/-12 "lanned detection risk is a measure of the risk that the audit evidence for a segment ill
fail to detect misstatements exceeding a tolera#le amount, should such misstatements exist.
>hen planned detection risk is increased from medium to high, the amount of evidence the
auditor must accumulate is reduced.
/-13 An increase in planned detection risk may #e caused #y an increase in accepta#le audit
risk or a decrease in either control risk or inherent risk. A decrease in planned detection risk is
caused #y the opposite% a decrease in accepta#le audit risk or an increase in control risk or
inherent risk.
40
/-14 -nherent risk is a measure of the auditor.s assessment of the likelihood that there are
material misstatements in a segment #efore considering the effectiveness of internal control.
Factors affecting assessment of inherent risk include%
3ature of the client.s #usiness
&esults of previous audits
-nitial vs. repeat engagement
&elated parties
3onroutine transactions
8udgment required to correctly record transactions and
1akeup of the population
/-1+ -nherent risk is set for segments rather than for the overall audit #ecause misstatements
occur in segments. ,y identifying expectations of misstatements in segments, the auditor is
there#y a#le to modify audit evidence #y searching for misstatements in those segments.
>hen inherent risk is increased from medium to high, the auditor should increase the
audit evidence accumulated to determine hether the expected misstatement actually occurs.
The audit evidence goes in the opposite direction in &evie Cuestion ?-1+.
/-1, 7xtensive misstatements in the prior year.s audit ould cause inherent risk to #e set at a
high level (may#e even 1BBN). An increase in inherent risk ould lead to a decrease in planned
detection risk, hich ould require that the auditor increase the level of planned audit evidence.
/-1- Accepta#le audit risk is a measure of ho illing the auditor is to accept that the
financial statements may #e materially misstated after the audit is completed and an unqualified
opinion has #een issued.
Accepta#le audit risk has an inverse relationship to evidence. -f accepta#le audit risk is
reduced, planned evidence should increase.
/-1. >hen the auditor is in a situation here he or she #elieves that there is a high exposure
to legal lia#ility, the accepta#le audit risk ould #e set loer than hen there is little exposure to
lia#ility. 7ven hen the auditor #elieves that there is little exposure to legal lia#ility, there is still a
minimum accepta#le audit risk that should #e met.
/-1/ The first category of factors that determine accepta#le audit risk is the degree to hich
users rely on the financial statements. The folloing factors are indicators of this%
!lient.s si0e
*istri#ution of onership
3ature and amount of lia#ilities
The second category of factors is the likelihood that a client ill have financial difficulties
after the audit report is issued. Factors affecting this are%
Fiquidity position
"rofits (losses) in previous years
1ethod of financing groth
3ature of the client.s operations
!ompetence of management
41
/-1/3 continued
The third category of factors is the auditor.s evaluation of management.s integrity.
Factors that may affect this are%
&elationship ith current or previous auditors
Frequency of turnover of key financial or internal audit personnel
&elationship ith employees and la#or unions
/-20 7xact quantification of all components of the audit risk model is not required to use the
model in a meaningful ay. An understanding of the relationships among model components
and the effect that changes in the components have on the amount of evidence needed ill
allo practitioners to use the audit risk model in a meaningful ay.
/-21 The auditor should revise the components of the audit risk model hen the evidence
accumulated during the audit indicates that the auditor.s original assessments of inherent risk or
control risk are too lo or too high or the original assessment of accepta#le audit risk is too lo
or too high.
The auditor should exercise care in determining the additional amount of evidence that
ill #e required. This should #e done ithout the use of the audit risk model. -f the audit risk
model is used to determine a revised planned detection risk, there is a danger of not increasing
the evidence sufficiently.
Chapter 10 - Section 404 Audits of !nterna4 Contro4 and Contro4 #is>
10-1 1anagement typically has three #road o#9ectives in designing an effective internal
control system.
1; #e4ia6i4it7 of $inancia4 #eportin5 1anagement is responsi#le for preparing financial
statements for investors, creditors, and other users. 1anagement has #oth a legal and
professional responsi#ility to #e sure that the information is fairly presented in accordance
ith reporting requirements such as :AA". The o#9ective of effective internal control over
financial reporting is to fulfill these financial reporting responsi#ilities.
2; fficienc7 and ffectiveness of Operations !ontrols ithin an organi0ation are
meant to encourage efficient and effective use of its resources to optimi0e the company$s
goals. An important o#9ective of these controls is accurate financial and non-financial
information a#out the entity$s operations for decision making.
3; Comp4iance ?ith )a?s and #e5u4ations 5ection 2B2 of the 5ar#anes-'xley Act
requires all pu#lic companies to issue a report a#out the operating effectiveness of internal
control over financial reporting. -n addition to the legal provisions of 5ection 2B2, pu#lic,
nonpu#lic, and not-for-profit organi0ations are required to follo many las and regulations.
5ome relate to accounting only indirectly, such as environmental protection and civil rights
las. 'thers are closely related to accounting, such as income tax regulations and fraud.
42
10-2 1anagement designs systems of internal control to accomplish three categories of
o#9ectives% financial reporting, operations, and compliance ith las and regulations. The
auditor$s focus in #oth the audit of financial statements and the audit of internal controls is on
those controls related to the relia#ility of financial reporting plus those controls related to
operations and to compliance ith las and regulations o#9ectives that could materially affect
financial reporting.
10-3 5ection 2B2 requires management of all pu#lic companies to issue an internal control
report that includes the folloing%
A statement that management is responsi#le for esta#lishing and maintaining an adequate
internal control structure and procedures for financial reporting and
An assessment of the effectiveness of the internal control structure and procedures for
financial reporting as of the end of the company$s fiscal year.
10-4 1anagement$s assessment of internal control over financial reporting consists of to key
components. First, management must evaluate the !esin of internal control over financial
reporting. 5econd, management must test the o"eratin effectiveness of those controls. >hen
evaluating the design of internal control over financial reporting, management evaluates
hether the controls are designed to prevent or detect material misstatements in the financial
statements. >hen testing the operating effectiveness of those controls, the o#9ective is to
determine hether the control is operating as designed and hether the person performing the
control possesses the necessary authority and qualifications to perform the control effectively.
10-+ There are eight parts of the planning phase of audits% accept client and perform initial
planning, understand the client$s #usiness and industry, assess client #usiness risk, perform
preliminary analytical procedures, set materiality and assess accepta#le audit risk and inherent
risk, understand internal control and assess control risk, gather information to assess fraud risk,
and develop an overall audit plan and audit program. 4nderstanding internal control and
assessing control risk is therefore part six of planning. 'nly gathering information to assess
fraud risk and developing an overall audit plan and audit program follo understanding internal
control and assessing control risk.
10-, The second :AA5 field ork standard states GA sufficient understanding of internal
control is to #e o#tained to plan the audit and to determine the nature, timing, and extent of tests
to #e performed.H The auditor o#tains the understanding of internal control to assess control risk
in every audit and that responsi#ility is the same for audits of #oth pu#lic and nonpu#lic
companies. Auditors are primarily concerned a#out controls related to the relia#ility of financial
reporting and controls over classes of transactions.
10-- 5ection 2B2 requires that the auditor attest to and issue a report on management$s
assessment of internal control over financial reporting. To express an opinion on internal
controls, the auditor o#tains an understanding of and performs tests of controls related to all
significant account #alances, classes of transactions, and disclosures and related assertions in
the financial statements. "!A', 5tandard + requires that the audit report on internal control
over financial reporting under 5ar#anes-'xley include the auditor$s opinion as to hether
management$s assessment of the design and operating effectiveness of internal control over
financial reporting is fairly stated in all material respects. This involves #oth evaluating
management$s assessment process and arriving at the auditor$s independent assessment of the
internal controls$ design and operating effectiveness.
43
10-. The six transaction-related audit o#9ectives are%
1. &ecorded transactions exist (existence).
+. 7xisting transactions are recorded (completeness).
3. &ecorded transactions are stated at the correct amounts (accuracy).
2. Transactions are properly classified (classification).
=. Transactions are recorded on the correct dates (timing).
A. &ecorded transactions are properly included in the master files and correctly
summari0ed (posting and summari0ation).
10-/ !'5'$s Internal &ontrolInterate! Frame'ork is the most idely accepted internal
control frameork in the 4.5. The !'5' frameork descri#es internal control as consisting of
five components that management designs and implements to provide reasona#le assurance
that its control o#9ectives ill #e met. 7ach component contains many controls, #ut auditors
concentrate on those designed to prevent or detect material misstatements in the financial
statements.
10-10 The !'5' Internal &ontrol 2 Interate! Frame'ork consists of the folloing five
components%
1. !ontrol environment
+. &isk assessment
3. !ontrol activities
2. -nformation and communication
=. 1onitoring
The control environment serves as the um#rella for the other four components. >ithout an
effective control environment, the other four are unlikely to result in effective internal control,
regardless of their quality.
10-11 The control environment consists of the actions, policies, and procedures that reflect the
overall attitudes of top management, directors, and oners of an entity a#out internal control
and its importance to the entity. The folloing are the most important su#components the
control environment%
-ntegrity and ethical values
!ommitment to competence
,oard of directors or audit committee participation
1anagement.s philosophy and operating style
'rgani0ational structure
Assignment of authority and responsi#ility
6uman resource policies and practices
44
10-12 -nternal control includes five categories of controls that management designs and
implements to provide reasona#le assurance that its control o#9ectives ill #e met. These are
called the components internal control, and are%
The control environment
&isk assessment
!ontrol activities
-nformation and communication
1onitoring
The control environment is the #roadest of the five and deals primarily ith the ay
management implements its attitude a#out internal controls. The other four components are
closely related to the control environment. &isk assessment is management.s identification and
analysis of risks relevant to the preparation of financial statements in accordance ith :AA". To
respond to this risk assessment, management implements control activities and creates the
accounting information and communication system to meet its o#9ectives for financial reporting.
Finally, management periodically assesses the quality of internal control performance to
determine that controls are operating as intended and that they are modified as appropriate for
changes in conditions (monitoring).
10-13 The five categories of control activities are%
Adequate separation of duties
*+ample, Te !ollo#ing t#o !unctions are per!ormed by di!!erent people,
processing customer orders and billing o! customers.
"roper authori0ation of transactions and activities
7xample% The granting of credit is authori0ed #efore shipment takes
place.
Adequate documents and records
7xample% &ecording of sales is supported #y authori0ed shipping
documents and approved customer orders.
"hysical control over assets and records
7xample% A passord is required #efore entry into the computeri0ed
accounts receiva#le master file can #e made.
-ndependent checks on performance
*+ample, Accounts recei'able master !ile contents are independently 'eri!ied.
10-14 5eparation of operational responsi#ility from record keeping is intended to reduce the
likelihood of operational personnel #iasing the results of their performance #y incorrectly
recording information.
5eparation of the custody of assets from accounting for these assets is intended to
prevent misappropriation of assets. >hen one person performs #oth functions, the possi#ility of
that person.s disposal of the asset for personal gain and ad9ustment of the records to relieve
himself or herself of responsi#ility for the asset ithout detection increases.
4+
10-1+ An example of a physical control the client can use to protect each of the folloing
assets or records is%
1. "etty cash should #e kept locked in a fireproof safe.
+. !ash received #y retail clerks should #e entered into a cash register to record all
cash received.
3. Accounts receiva#le records should #e stored in a locked, fireproof safe.
Adequate #ackup copies of computeri0ed records should #e maintained and
access to the master files should #e restricted via passords.
2. &a material inventory should #e retained in a locked storeroom ith a relia#le
and competent employee controlling access.
=. "erisha#le tools should #e stored in a locked storeroom under control of a
relia#le employee.
A. 1anufacturing equipment should #e kept in an area protected #y #urglar alarms
and fire alarms and kept locked hen not in use.
D. 1arketa#le securities should #e stored in a safety deposit vault.
10-1, -ndependent checks on performance are internal control activities designed for the
continuous internal verification of other controls. 7xamples of independent checks include%
"reparation of the monthly #ank reconciliation #y an individual ith no
responsi#ility for recording transactions or handling cash.
&ecomputing inventory extensions for a listing of inventory #y someone ho did
not originally do the extensions.
The preparation of the sales 9ournal #y one person and the accounts receiva#le
master file #y a different person, and a reconciliation of the control account to the
master file.
The counting of inventory #y to different count teams.
The existence of an effective internal audit staff.
10-1- As illustrated #y Figure 1B-3, there are four phases in the process of understanding
internal control and assessing control risk. -n the first phase the auditor o#tains an
understanding of internal controls. 3ext the auditor must make a preliminary assessment control
risk (phase +) and perform tests of controls in every audit as part of their integrated audits
(phase 3). The auditor uses the results of tests of controls for #oth the audit report on internal
control over financial reporting and to assess control risk and to ultimately decide planned
detection risk and su#stantive tests for the audit of financial statements, hich is phase 2.
10-1. 5ection 2B2 of the 5ar#anes-'xley Act requires management to document its processes
for assessing the effectiveness of the company$s internal control over financial reporting.
1anagement must document the design of controls, including all five control components and
also the results of its testing and evaluation. The types of information gathered #y management
to assess and document internal control effectiveness can take many forms, including policy
manuals, flocharts, narratives, documents, questionnaires and other forms that are in either
paper or electronic formats. "!A', 5tandard + requires the auditor to evaluate the client$s
documentation hen auditing internal control over financial reporting. The lack of management
documentation of internal control over financial reporting may prevent the auditor from
concluding that the controls are adequately designed or operating effectively. >hen
documentation is inadequate, the auditor may decide to ithdra from the engagement or to
issue a disclaimer of opinion on internal control over financial reporting.
4,
10-1/ >hen o#taining an understanding of internal control, the auditor must assess to
aspects a#out those controls. First, the auditor must gather evidence a#out the !esin of
internal controls. 5econd, the auditor must gather evidence a#out hether those controls have
#een "lace! in o"eration.
10-20 -n a alkthrough of internal control, the auditor selects one or a fe documents for the
initiation of a transaction type and traces them through the entire accounting process. At each
stage of processing, the auditor makes inquiries and o#serves current activities, in addition to
examining completed documentation for the transaction or transactions selected. Thus, the
auditor com#ines o#servation, documentation, and inquiry to conduct a alkthrough of internal
control. "!A', 5tandard + requires the auditor to perform at least one alkthrough for each
ma9or class of transactions.
10-21 A key control is a control that is expected to have the greatest effect on meeting the
transaction-related audit o#9ectives. A control deficiency represents a deficiency in the design or
operation of controls that does not permit company personnel to prevent or detect
misstatements on a timely #asis. A !esin !eficienc) exists if a necessary control is missing or
not properly designed. An o"eration !eficienc) exists if a ell designed control does not operate
as designed or hen the person performing the control is insufficiently qualified or authori0ed.
10-22 A significant deficiency exists if one or more control deficiencies exist that, more than
remotel)3 adversely affect a company$s a#ility to initiate, authori0e, record, process, or report
external financial statements relia#ly. A material eakness exists if a significant deficiency, #y
itself, or in com#ination ith other significant deficiencies, results in a more than remote
likelihood that internal control ill not prevent or detect material financial statement
misstatements. The presence of one significant deficiency that is not deemed to #e a material
eakness may not affect the auditor$s report. -n that instance, the auditor$s report on internal
control over financial reporting ould contain an unqualified opinion. 6oever, if the deficiency
is deemed to #e a material eakness, the auditor must express an adverse opinion on the
effectiveness of internal control over financial reporting.
10-23 The most important internal control deficiency hich permitted the defalcation to occur
as the failure to adequately segregate the accounting responsi#ility of recording #illings in the
sales 9ournal from the custodial responsi#ility of receiving the cash. &egardless of ho
trustorthy 8ames appeared, no employee should #e given the com#ined duties of custody of
assets and accounting for those assets.
10-24 1aier is correct in her #elief that internal controls frequently do not function in the
manner they are supposed to. 6oever, regardless of this, her approach ignores the value of
#eginning the understanding of internal control #y preparing or revieing a rough flochart.
'#taining an early understanding of the client.s internal control ill provide 1aier ith a #asis
for a decision a#out the audit procedures and sample si0es #ased on assessed control risk. ,y
not o#taining an understanding of internal control until later in the engagement, 1aier risks
performing either too much or too little ork, or emphasi0ing the rong areas during her audit.
4-
10-2+ The extent of controls tested #y auditors to express an opinion on internal controls for a
pu#lic company is significantly greater than that tested solely to express an opinion on the
financial statements. To express an opinion on internal controls for a pu#lic company, the auditor
o#tains an understanding of and performs tests of controls for all significant account #alances,
classes of transactions, and disclosures and related assertions in the financial statements. -n
contrast, the extent of controls tested #y an auditor of a nonpu#lic company is dependent on the
auditor$s assessment of control risk. >henever the auditor assesses control risk #elo
maximum, the auditor must perform tests of controls to support that control risk assessment.
The auditor 'ill not "erform tests of controls hen the auditor assesses control risk at
maximum, either #ecause of inadequate controls or #ecause it is inefficient to test those
controls. >hen control risk is assessed #elo the maximum, the auditor designs and performs a
com#ination of tests of controls and su#stantive procedures. Thus, for a nonpu#lic company, the
tests of controls vary #ased on the auditor$s assessment of control risk.
10-2, There is a significant overlap #eteen tests of controls and procedures to o#tain an
understanding of internal control. ,oth include inquiry, documentation, and o#servation. There
are to primary differences in the application of these common procedures. First, in o#taining
an understanding of internal control, the procedures to o#tain an understanding are applied to
all controls identified during that phase. Tests of controls, on the other hand, are applied only
hen the assessed control risk has not #een satisfied #y the procedures to o#tain an
understanding. 5econd, procedures to o#tain an understanding are performed only on one or a
fe transactions or, in the case of o#servations, at a single point in time. Tests of controls are
performed on larger samples of transactions (perhaps +B to 1BB), and often o#servations are
made at more than one point in time.
10-2- "!A', 5tandard + requires a pu#lic company auditor to test controls each year for all
relevant assertions for significant accounts and transactions. 6oever, if evidence as o#tained
in the prior year$s audit that indicates that a key control as operating effectively, and the
auditor determines that the control is still in place, the extent of the tests of that control may #e
reduced somehat in the current year.
10-2. "!A', 5tandard + requires that the auditor$s report on internal control include to
auditor opinions%
1. The auditor$s opinion on hether management$s assessment of the effectiveness of
internal control over financial reporting as of the end of the fiscal period is fairly stated, in
all material respects. -n practice it is unlikely for the auditor to issue anything other than
an unqualified report on this opinion. -f the auditor concludes that management has not
identified and reported all significant deficiencies and material eaknesses, it ill #e in
management$s #est interests to revise its report to conform to the auditor$s conclusions.
+. The auditor$s opinion on hether the company maintained, in all material respects,
effective internal control over financial reporting as of the specified date. There is likely to
#e more variety in these reports.
4.
10;2/ The auditor may issue an unqualified opinion on internal control over financial reporting
hen to conditions are present%
there are no identified material eaknesses< and
there have #een no restrictions on the scope of the auditor$s ork.
A scope limitation is the condition that ould cause the auditor to express a ,ualifie! o"inion or
a !isclaimer of o"inion on internal control over financial reporting. This type of opinion is issued
hen the auditor is una#le to determine if there are material eaknesses, due to a restriction on
the scope of the audit of internal control over financial reporting or other circumstances here
the auditor is una#le to o#tain sufficient evidence.
10-30 "!A', 5tandard + requires that the audit of the financial statements and the audit of
internal control over financial reporting #e integrated. -n an integrated audit, the auditor must
consider the results of audit procedures performed to issue the audit report on the financial
statements hen issuing the audit report on internal control. For example, if the auditor
identifies a material misstatement in the financial statements that as not initially identified #y
the company$s internal controls, the auditor should consider this as at least a significant
deficiency, if not a material eakness for purposes of reporting on internal control. -n such
circumstances, the auditor$s report on the financial statements may #e unqualified as long as
management corrected the misstatement #efore issuing the financial statements. -n contrast,
hoever, the auditor$s report on internal control must include an adverse opinion if the auditor
concludes it is a material eakness.
Chapter 11 - $raud Auditin5
11-1 Fraudulent financial reporting is an intentional misstatement or omission of amounts or
disclosures ith the intent to deceive users. To examples of fraudulent financial reporting are
accelerating the timing of recording sales revenue to increased reported sales and earnings,
and recording expenses as fixed assets to increase earnings.
11-2 1isappropriation of assets is fraud that involves theft of an entity$s assets. To examples
are an accounts paya#le clerk issuing payments to a fictitious company controlled #y the clerk,
and a sales clerk failing to record a sale and pocketing the cash receipts.
11-3 Fraudulent financial reporting is an intentional misstatement or omission of amounts or
disclosures ith the intent to deceive users, hile misappropriation of assets is fraud that
involves theft of an entity$s assets. Frauds involving financial reporting are usually larger than
frauds involving misappropriation of assets, usually involve top management, and do not directly
involve theft of company assets.
4/
11-4 The three conditions of fraud referred to as the Gfraud triangleH are (1)
-ncentivesO"ressures< (+) 'pportunities< and (3) AttitudesO&ationali0ation. -ncentivesO"ressures
are incentives of management or other employees to commit fraud. 'pportunities are
circumstances that allo management or employees to commit fraud. AttitudesO&ationali0ation
are indications that an attitude, character, or set of ethical values exist that allo management
or employees to commit a dishonest act or they are in an environment that imposes sufficient
pressure that causes them to rationali0e committing a dishonest act.
11;+ The folloing are example of risk factors for fraudulent financial reporting for each of the
three fraud conditions%
Incentives6Pressures - The company is under pressure to meet de#t covenants
or o#tain additional financing.
O""ortunities I -neffective oversight of financial reporting #y the #oard of
directors allos management to exercise discretion over reporting.
Attitu!es6Rationali%ation I 1anagement is overly aggressive. For example, the
company may issue aggressive earnings forecasts, or make extensive
acquisitions using company stock.
11;, The folloing are example of risk factors for misappropriation of assets for each of the
three fraud conditions%
Incentives6Pressures - The individual is una#le to meet personal financial
o#ligations.
O""ortunities I There is insufficient segregation of duties that allos the
individual to handle cash receipts and related accounting records.
Attitu!es6Rationali%ation I 1anagement has disregarded the inadequate
separation of duties that allos the potential theft of cash receipts.
11;- Auditors use several sources to gather information a#out fraud risks, including%
-nformation o#tained from communications among audit team mem#ers a#out
their knoledge of the company and its industry, including ho and here the
company might #e suscepti#le to material misstatements due to fraud.
&esponses to auditor inquiries of management a#out their vies of the risks of
fraud and a#out existing programs and controls to address specific identified
fraud risks.
5pecific risk factors for fraudulent financial reporting and misappropriations of
assets.
Analytical procedures results o#tained during planning that indicate possi#le
implausi#le or unexpected analytical relationships.
Jnoledge o#tained through other procedures such as client acceptance and
retention decisions, interim revie of financial statements, and consideration of
inherent or control risks.
+0
11-. 5A5 ?? requires the audit team to conduct discussions to share insights from more
experienced audit team mem#ers and to G#rainstormH ideas that address the folloing%
1. 6o and here they #elieve the entity$s financial statements might #e
suscepti#le to material misstatement due to fraud. This should include
consideration of knon external and internal factors affecting the entity that might
create an incentive or pressure for management to commit fraud.
provide the opportunity for fraud to #e perpetrated.
indicate a culture or environment that ena#les management to rationali0e
fraudulent acts.
+. 6o management could perpetrate and conceal fraudulent financial reporting.
3. 6o assets of the entity could #e misappropriated.
2. 6o the auditor might respond to the suscepti#ility of material misstatements due
to fraud.
11-/ Auditors must inquire hether management has knoledge of any fraud or suspected
fraud ithin the company. 5A5 ?? also requires auditors to inquire of the audit committee a#out
its vies of the risks of fraud and hether the audit committee has knoledge of any fraud or
suspected fraud. -f the entity has an internal audit function, the auditor should inquire a#out
internal audit$s vies of fraud risks and hether they have performed any procedures to identify
or detect fraud during the year. 5A5 ?? further requires the auditor to make inquiries of others
ithin the entity hose duties lie outside the normal financial reporting lines of responsi#ility
a#out the existence or suspicion of fraud.
11-10 The corporate code of conduct esta#lishes the Gtone at the topH of the importance of
honesty and integrity and can also provide more specific guidance a#out permitted and
prohi#ited #ehavior. 7xample of items typically addressed in a code of conduct include
expectations of general employee conduct, restrictions on conflicts of interest, and limitations on
relationships ith clients and suppliers.
11-11 1anagement and the #oard of directors are responsi#le for setting the Gtone at the topH
for ethical #ehavior in the company. -t is important for management to #ehave ith honesty and
integrity #ecause this reinforces the importance of these values to employees throughout the
organi0ation.
11-12 1anagement has primary responsi#ility to design and implement antifraud programs and
controls to prevent, deter, and detect fraud. The audit committee has primary responsi#ility to
oversee the organi0ation$s financial reporting and internal control processes and to provide
oversight of management$s fraud risk assessment process and antifraud programs and controls.
11-13 The three auditor responses to fraud are% (1) change the overall conduct of the audit to
respond to identified fraud risks< (+) design and perform audit procedures to address identified
risks< and (3) perform procedures to address the risk of management override of controls.
11-14 Auditors are required to take three actions to address potential management override of
controls% (1) examine 9ournal entries and other ad9ustments for evidence of possi#le
misstatements due to fraud< (+) revie accounting estimates for #iases< and (3) evaluate the
#usiness rationale for significant unusual transactions.
+1
11-1+ Three main techniques use to manipulate revenue include% (1) recording of fictitious
revenue< (+) premature revenue recognition including techniques such as #ill-and-hold sales
and channel stuffing< and (3) manipulation of ad9ustments to revenue such as sales returns and
alloance and other contra accounts.
11-1, !ash register receipts are particularly suscepti#le to theft. The notice Gyour meal is free if
e fail to give you a receiptH is designed to ensure that every customer is given a receipt and all
sales are entered into the register, esta#lish accounta#ility for the sale.
11-1- The three types of inquiry are informational, assessment, and interrogative. Auditors use
informational inquiry to o#tain information a#out facts and details that the auditor does not have.
For example, if the auditor suspects financial statement fraud involving improper revenue
recognition, the auditor may inquire of management as to revenue recognition policies. The
auditor uses assessment inquiry to corro#orate or contradict prior information. -n the previous
example, the auditor may attempt to corro#orate the information o#tained from management #y
making assessment inquiries of individuals in accounts receiva#le and shipping. -nterrogative
inquiry is used to determine if the intervieee is #eing deceptive or purposefully omitting
disclosure of key knoledge of facts, events, or circumstances. For example, a senior mem#er
of the audit team might make interrogative inquiries of management or other personnel a#out
key elements of the fraud here earlier responses ere contradictory or evasive.
11-1. >hen making inquiries of a deceitful individual, three examples of ver#al cues are
frequent rephrasing of the question, filler terms such as GellH or Gto tell the truth,H and
forgetfulness or acknoledgements of nervousness. Three examples of nonver#al cues #y the
individual are creating physical #arriers #y #locking their mouth, leaning aay from the auditor,
and signs of stress such as seating or fidgeting.
11-1/ >hen the auditor suspects that fraud may #e present, 5A5 ?? requires the auditor to
o#tain additional evidence to determine hether material fraud has occurred. 5A5 ?? also
requires the auditor to consider the implications for other aspects of the audit. >hen the auditor
determines that fraud may #e present, 5A5 ?? requires the auditor to discuss the matter and
audit approach for further investigation ith an appropriate level of management that is at least
one level a#ove those involved, and ith senior management and the audit committee, even if
the matter might #e considered inconsequential. For pu#lic company auditors, the discovery of
fraud of any magnitude #y senior management is at least a significant deficiency and may #e a
material eakness in internal control over financial reporting. This includes fraud #y senior
management that results in even immaterial misstatements. -f the pu#lic company auditor
decides the fraud is a material eakness, the auditor$s report on internal control over financial
reporting ill contain an adverse opinion.
+2
Chapter 12 - The !mpact of !nformation Techno4o57 on the Audit
*rocess
12-1 The proper installation of -T can lead to internal control enhancements #y replacing
manually-performed controls ith computer-performed controls. -T-#ased accounting systems
have the a#ility to handle tremendous volumes of complex #usiness transactions cost
effectively. !omputer-performed controls can reduce the potential for human error #y replacing
manual controls ith programmed controls that apply checks and #alances to each transaction
processed. The systematic nature of -T offers greater potential to reduce the risk of material
misstatements resulting from random, human errors in processing.
The use of -T #ased accounting systems also offers the potential for improved
management decisions #y providing more and higher quality information on a more timely #asis
than traditional manual systems. -T-#ased systems are usually administered effectively #ecause
the complexity requires effective organi0ation, procedures, and documentation. That in turn
enhances internal control.
12-2 >hen entities rely heavily on -T systems to process financial information, there are ne
risks specific to -T environments that must #e considered. Jey risks include the folloing%
Reliance on the functionin ca"abilities of har!'are an! soft'are1 The risk of
system crashes due to hardare or softare failures must #e evaluated hen
entities rely on -T to produce financial statement information.
7isibilit) of au!it trail. The use of -T often converts the traditional paper trail to an
electronic audit trail, eliminating source documents and paper-#ased 9ournals and
records.
Re!uce! human involvement1 The replacement of traditional manual processes
ith computer-performed processes reduces opportunities for employees to
recogni0e misstatements resulting from transactions that might have appeared
unusual to experienced employees.
*)stematic versus ran!om errors1 *ue to the uniformity of processing performed
#y -T #ased systems, errors in computer softare can result in incorrect
processing for all transactions processed. This increases the risk of many
significant misstatements.
8nauthori%e! access1 The centrali0ed storage of key records and files in
electronic form increases the potential for unauthori0ed on-line access from
remote locations.
5oss of !ata1 The centrali0ed storage of data in electronic form increases the risk
of data loss in the event the data file is altered or destroyed.
Re!uce! sereation of !uties1 The installation of -T-#ased accounting systems
centrali0es many of the traditionally segregated manual tasks into one -T
function.
5ack of tra!itional authori%ation1 -T-#ased systems can #e programmed to initiate
certain types of transactions automatically ithout o#taining traditional manual
approvals.
+ee! for I# e$"erience1 As companies rely to a greater extent on -T-#ased
systems, the need for personnel trained in -T systems increases in order to
install, maintain, and use systems.
+3
12-3 The audit trail represents the accumulation of source documents and records maintained
#y the client to serve as support for the transactions occurring during the accounting period. The
integration of -T can change the audit trail #y converting many of the traditionally paper-#ased
source documents and records into electronic files that cannot #e visually o#served. ,ecause
many of the transactions are entered directly into the computer as they occur, some of the
documents and records are even eliminated.
12-4 &andom error represents errors that occur in an inconsistent pattern. 1anual accounting
systems are especially prone to random errors that result from honest mistakes that occur as
employees perform day-to-day tasks. >hen those mistakes do not consistently occur hile
performing a particular task, errors are distri#uted randomly into the accounting records. An
example of a random error is hen an employee accidentally pulls the rong unit price off the
approved price list hen preparing a sales invoice for a particular customer.
5ystematic error represents errors that occur consistently across all similar transactions.
,ecause -T-#ased systems perform tasks uniformly for all transactions su#mitted, any mistake
in softare programming results in the occurrence of the same error for every transaction
processed #y the system. An example of a systematic error occurs hen a program that is
supposed to post sales amounts to the accounts receiva#le su#sidiary records actually posts
the sales amount tice to customers$ accounts.
12-+ -n most traditional accounting systems, the duties related to authori0ation of
transactions, recordkeeping of transactions, and custody of assets are segregated across three
or more individuals. As accounting systems make greater use of -T, many of the traditional
manually performed tasks are no performed #y the computer. As a result, some of the
traditionally segregated duties, particularly authori0ation and recordkeeping, fall under the
responsi#ility of -T personnel. To compensate for the collapsing of duties under the -T function,
key -T tasks related to programming, operation of hardare and softare, and data control are
segregated. 5eparation of those -T functions restricts an -T employee$s a#ility to inappropriately
access softare and data files in order to misappropriate assets.
12-, (eneral controls relate to all aspects of the -T function. They have a glo#al impact on all
softare applications. 7xamples of general controls include controls related to the
administration of the -T function< softare acquisition and maintenance< physical and on-line
security over access to hardare, softare, and related #ackup< #ack-up planning in the event
of unexpected emergencies< and hardare controls. A""lication controls apply to the processing
of individual transactions. An example of an application control is a programmed control that
verifies that all time cards su#mitted are for valid employee id num#ers included in the
employee master file.
12-- The typical duties often segregated ithin an -T function include systems development,
computer operations, and data control. 5ystems development involves the acquisition or
programming of application softare. 5ystems development personnel ork ith test copies of
programs and data files to develop ne or improved application softare programs. !omputer
operations personnel are responsi#le for executing live production 9o#s in accordance ith a 9o#
schedule and for monitoring consoles for messages a#out computer efficiency and
malfunctions. *ata control personnel are responsi#le for data input and output control. They
often independently verify the quality of input and the reasona#leness of output. ,y separating
these functions, no one -T employee can make changes to application softare or underlying
master files and then operate computer equipment to use those changed programs or data files
to process transactions.
+4
12-. -f general controls are ineffective, there is a potential for material misstatement in each
computer-#ased accounting application, regardless of the quality of application controls. -f, for
example, the systems development process is not properly controlled, there is a greater risk that
unauthori0ed and untested modifications to accounting applications softare have occurred. -f
general controls are strong, there is a greater likelihood of placing greater reliance on
application controls. 5tronger general controls should lead to greater likelihood that underlying
applications operate effectively and data files contain accurate, authori0ed, and complete
information.
12-/ Application controls apply to the processing of specific individual transactions ithin a
transaction cycle, such as a computer performed credit approval process for sales on account.
*ue to the nature of these types of controls, application controls generally link directly to one or
more specific transaction o#9ectives. For example, the credit approval application control directly
links to the existence o#9ective for sales. Auditors typically identify #oth manual and computer-
performed application controls for each transaction-related o#9ective using a control risk matrix
similar to the one discussed in !hapter 1B.
12-10 GAuditing around the computerH represents an audit approach here#y the auditor does
not use computer controls to reduce control risk. -nstead, the auditor uses non--T controls to
support a reduced control risk assessment. -n these situations, the use of -T does not
significantly impact the audit trail. Typically, the auditor o#tains an understanding of internal
control and performs tests of controls, su#stantive tests of transactions, and account
#alance verification
procedures in the same manner as if the accounting system as entirely manual. The auditor is
still responsi#le for gaining an understanding of general and application computer controls
#ecause such knoledge is useful in identifying risks that may affect the financial statements.
12-11 The test data approach involves processing the auditor$s test data using the client$s
computer system and the client$s application softare program to determine hether the
computer-performed controls correctly process the test data. ,ecause the auditor designs the
test data, the auditor is a#le to identify hich test items should #e accepted or re9ected #y the
computer. >hen using this approach the auditor should assess the folloing%
6o effectively does the test data represent all relevant conditions that the
auditor ants to testP
6o certain is the auditor that the application programs #eing tested #y the
auditor$s test data are the same programs as those used #y the client throughout
the year to process actual transactionsP
6o certain is the auditor that test data is effectively eliminated from the client$s
records once testing is completedP
"arallel simulation ith audit softare involves the auditor$s use of an auditor-controlled
softare program to perform parallel operations to the client$s softare #y using the same data
files. ,ecause the auditor$s softare is designed to parallel an operation performed #y the
client$s softare, this strategy is referred to as parallel simulation testing. "arallel simulation
could #e used in the audit of payroll #y riting a program that calculates the accrued vacation
pay lia#ility for each employee using information contained in the employee master file. The
total lia#ility calculated #y the auditor$s softare program ould then #e compared to the client$s
calculation to determine if the lia#ility for accrued vacation pay is fairly stated at year-end.
++
12-12 'ften companies that purchase and install vendor developed softare applications on
computer hard drives rely on -T consultants to assist in the installation and maintenance of that
softare #ecause those companies do not have dedicated -T personnel. Also, assignment of
responsi#ility may reside ith user departments. !ompanies can reduce these risks related to
not having -T personnel #y performing sufficient reference and #ackground checks a#out
softare vendor and -T consultant reputations. -n addition, companies can load softare
programs onto hard drives in a format that does not permit changes #y client personnel,
particularly non--T user department personnel ho may have primary responsi#ility for the
system. !ompanies should also consider segregating key duties related to access to master
files and responsi#ilities for processing transactions.
12-13 ,ecause many companies that operate in a netork environment decentrali0e their
netork servers across the organi0ation, there is an increased risk for a lack of security and lack
of overall management of the netork operations. The decentrali0ation may lead to a lack of
standardi0ed equipment and procedures. -n many instances responsi#ility for purchasing
equipment and softare, maintenance, administration, and physical security, often resides ith
key user groups rather than ith a centrali0ed -T function. Also, netork-related softare often
lacks the security features, including segregation of duties, typically availa#le in traditionally
centrali0ed environments #ecause of the ready access to softare and data #y multiple users.
12-14 -n data#ase management systems, many applications share the same data files. This
increases risks in some cases given that multiple users, including individuals outside
accounting, access and update data files. >ithout proper data#ase administration and access
controls, risks of unauthori0ed, inaccurate, and incomplete data files increase. The
centrali0ation of data also increases the need to properly #ack-up data information on a regular
#asis.
12-1+ An online sales ordering system poses many potential risks for an audit client. &isks that
may exist include%
-1 !ustomer data is suscepti#le to interception #y unauthori0ed third parties.
91 The client company$s data, programs, and hardare are suscepti#le to potential
interception or sa#otage #y external parties.
/1 An unauthori0ed third party may attempt to transact #usiness ith the client
company.
These risks can #e addressed #y the use of firealls, encryption techniques, and digital
signatures. A fire'all is a system of hardare and softare that monitors and controls the flo
of e-commerce communications #y channeling all netork connections through a control
gateay. A fireall protects data, programs, and other -T resources from external users
accessing the system through netorks, such as the -nternet. Encr)"tion techni,ues are #ased
on computer programs that transform a standard message into a coded (encrypted) form. 'ne
key (the pu#lic key) is used for encoding the message and the other key (the private key) is
used to decode the message. 7ncryption techniques protect the security of electronic
communication during the transmission process. Finally, the use of !iital sinatures can
enhance internal controls over the online sales order system #y authenticating the validity of
customers and other trading partners ho conduct #usiness ith the client company.
+,
12-1, -t is unaccepta#le for an auditor to assume an independent computer service center is
providing relia#le accounting information to an audit client #ecause the auditor has no firsthand
knoledge as to the adequacy of the service center$s controls. -f the client$s service center
application is involved in processing significant financial data, the auditor must consider the
need to o#tain an understanding of internal control and test the service center$s controls.
The auditor can test the service center$s system #y use of the test data and other tests
of controls. 'r, he or she may request that the service center auditor o#tain an understanding
and test controls of the service center, hich are summari0ed in a special report issued #y the
service center auditor for use #y the customer$s auditor.
Chapter 13 - Overa44 Audit *4an and Audit *ro5ram
13-1 The five types of tests auditors use to determine hether financial statements are fairly
stated include the folloing%
"rocedures to gain an understanding of internal control
Tests of controls
5u#stantive tests of transactions
Analytical procedures
Tests of details of #alances
>hile procedures to gain an understanding of internal control help the financial
statement auditor o#tain information to make an initial assessment of control risk, tests of
controls must #e performed as support of an assessment of control risk that is #elo maximum.
The purpose of tests of controls is to o#tain evidence regarding the effectiveness of controls,
hich may allo the auditor to assess control risk #elo maximum. -f controls are found to #e
effective and functioning, the su#stantive evidence may #e reduced. 5u#stantive evidence is
o#tained to reduce detection risk. 5u#stantive evidence includes evidence from su#stantive
tests of transactions, analytical procedures, and tests of details of #alances.
For audits of internal control over financial reporting, the auditor only performs the first
to types of audit tests% procedures to o#tain an understanding of internal control and tests of
controls. ,ecause a pu#lic company auditor must issue a report on internal control over financial
reporting, the extent of the auditor$s tests of controls must #e sufficient to issue an opinion a#out
the operating effectiveness of those controls. That generally requires a significant amount of
testing of controls over financial reporting.
13-2 Tests of controls are audit procedures to test the operating effectiveness of control
policies and procedures in support of a reduced assessed control risk. Tests of controls provide
the primary #asis for a pu#lic company auditor$s report on internal controls over financial
reporting. 5pecific accounts affected #y performing tests of controls for the acquisition and
payment cycle include the folloing% cash, accounts paya#le, purchases, purchase returns and
alloances, purchase discounts, manufacturing expenses, selling expenses, prepaid insurance,
leasehold improvements, and various administrative expenses.
+-
13-3 Tests of controls are audit procedures to test the operating effectiveness of control
policies and procedures in support of a reduced assessed control risk. 7xamples include%
1. The examination of vendor invoices for indication that they have #een clerically
tested, compared to a receiving report and purchase order, and approved for payment.
+. 7xamination of employee time cards for approval of overtime hours orked.
3. 7xamination of 9ournal entries for proper approval.
2. 7xamination of approvals for the rite-off of #ad de#ts.
5u#stantive tests of transactions are audit procedures testing for monetary
misstatements to determine hether the six transaction-related audit o#9ectives have #een
satisfied for each class of transactions. 7xamples are%
1. &ecalculation of amounts (quantity times unit selling price) on selected
sales invoices and tracing of amounts to the sales 9ournal.
+. 7xamination of vendor invoices in support of amounts recorded in the
acquisitions 9ournal for purchases of inventories.
3. &ecalculation of gross pay for selected entries in the payroll 9ournal.
2. Tracing of selected customer cash receipts to the accounts receiva#le
master file, agreeing customer names and amounts.
13-4 A test of control audit procedure to test that approved age rates are used to calculate
employees. earnings ould #e to examine rate authori0ation forms to determine the existence of
authori0ed signatures.
A su#stantive test of transactions audit procedure ould #e to compare a sample of
rates actually paid, as indicated in the earnings record, to authori0ed pay rates on rate
authori0ation forms.
13-+ The auditor resolves the pro#lem #y making assumptions a#out the results of the tests of
controls and performing #oth the tests of controls and su#stantive tests of transactions on the
#asis of these assumptions. 'rdinarily the auditor assumes an effective system of internal
control ith fe or no exceptions planned. -f the results of the tests of controls are as good as or
#etter than the assumptions that ere originally made, the auditor can #e satisfied ith the
su#stantive tests of transactions, unless the su#stantive tests of transactions themselves
indicate the existence of misstatements. -f the tests of controls results ere not as good as the
auditor assumed in designing the original tests, expanded su#stantive tests must #e performed.
13-, The primary purpose of testing sales and cash receipts transactions is to evaluate the
internal controls so that the scope of the su#stantive tests of the account #alances may #e set.
-f the auditor performs the tests of details of #alances prior to testing internal controls, no #enefit
ill #e derived from the tests of controls. The auditor should attempt to understand the client.s
#usiness and internal controls as early as practical through the analysis of the accounting
system, tests of controls, and su#stantive tests of transactions.
+.
13-- >hen the results of analytical procedures are different from the auditor.s expectations
and there#y indicate that there may #e a misstatement in the #alance in accounts receiva#le or
sales, the auditor should extend the tests to determine hy the ratios are different from
expectations. !onfirmation of accounts receiva#le and cutoff tests for sales are to procedures
that can #e used to do this. 'n the other hand, if the ratios are approximately hat the auditor
expects, the other tests can #e reduced. This means that the auditor can satisfy the evidence
requirements in different ays and that analytical procedures and confirmation are
complementary hen the results of the tests are #oth good.
13-. 5u#stantive tests of transactions are performed to verify the accuracy of a client.s
accounting system. This is accomplished #y determining hether individual transactions are
correctly recorded and summari0ed in the 9ournals, master files, and general ledger. 5u#stantive
tests of transactions are also concerned ith classes of transactions, such as payroll,
acquisitions, or cash receipts. Tracing amounts from a file of vouchers to the acquisitions 9ournal
is an example of a su#stantive test of transactions for the acquisition and payment cycle. Tests
of details of #alances verify the ending #alance in an in!ivi!ual account (such as inventory,
accounts receiva#le, or depreciation expense) on the financial statements. An example of a test
of details of #alances for the acquisition and payment cycle is to physically examine a sample of
the client.s fixed assets.
13-/ 1. &ontrol :- -- &om"uter verification of the customer3s cre!it limit. The presence of
strong general controls over softare programs and master file changes can significantly
reduce the auditor$s testing of automated controls such as control Q1. 'nce it is
determined that control Q1 is functioning properly, the auditor can focus su#sequent tests
on assessing hether any changes have occurred that ould limit the effectiveness of
the control. 5uch tests might include determining hether any changes have occurred to
the program and hether these changes ere properly authori0ed and tested prior to
implementation. These are all tests of general controls over softare programs and
master file changes.
+. &ontrol :9 I #he accounts receivable clerk matches bills of la!in4 sales
invoices4 an! customer or!ers before recor!in in the sales ;ournal1 This control is not
an automated control, #ut is rather a manual control performed #y an employee. :eneral
controls over softare programs and master file changes ould have little effect on the
auditor$s testing of control Q+. -f the auditor identifies control Q+ as a key control in the
sales and collection cycle, he or she ould most likely examine a sample of the
underlying documents for the accounts receiva#le clerk$s initials and reperform the
comparisons.
+/
13-10 The audit of fixed asset additions normally involves the examination of invoices in
support of the additions and possi#ly the physical examination of the additions. These
procedures are normally performed on a test #asis ith a concentration on the more significant
additions. -f the individual responsi#le for recording ne acquisitions is knon to have
inadequate training and limited experience in accounting, the sample si0e for the audit
procedures should #e expanded to include a larger sample of the additions for the year. -n
addition, inquiry as to hat additions ere made during the year may #e made #y the auditor of
plant managers, the controller, or other operating personnel. The auditor should then search the
financial records to determine that these additions ere recorded as fixed assets.
!are should also #e taken hen the repairs and maintenance expense account is
analy0ed since lack of training may cause some deprecia#le assets to #e expensed at the time
of acquisition.
13-11 The folloing shos hich types of evidence are applica#le for the five types of tests.
T1* O$ V!DNC T1*S O$ TSTS
"hysical examination
!onfirmation
*ocumentation
'#servation
-nquiries of the client
&eperformance
Analytical procedures
Tests of details of #alances
Tests of details of #alances
All except analytical procedures
"rocedures to o#tain an understanding of
internal control and tests of controls
All five types
Tests of controls, su#stantive tests of
transactions, and tests of details of #alances
Analytical procedures
13-12 :oing from most to least costly, the types of tests are%
Tests of details of #alances
5u#stantive tests of transactions
Tests of controls
"rocedures to o#tain an understanding of internal controls
Analytical procedures
,0
13-13 ! represents the auditor.s assessment of the effectiveness of internal control. !3
represents the idea that the auditor chooses not to perform any tests of controls. 5ince no tests
of controls are performed, no assurance can #e o#tained from controls and all assurance must
come from su#stantive testing. This ould not represent the audit of a pu#lic company$s
financial statements.
Tests of controls at the !1 level ould provide minimum control risk. This ould require
more testing of the controls than ould #e required at either !+ or !3. Testing controls at the !1
level allos the auditor to o#tain assurance from the controls, there#y alloing for a reduction in
the amount of su#stantive testing hich must #e performed to meet the level of accepta#le audit
assurance. !1 reflects the level of testing of controls necessary for the audit of internal controls
over financial reporting required #y "!A', 5tandard +.
-t ould #e a good decision to o#tain assurance from tests of controls at point !1 if the
cost of su#stantive testing is considera#ly greater than tests of controls. 6oever, if the cost of
testing controls is high, it may #e a good decision to o#tain assurance at point !3.
At point !+, the auditor performs some tests of controls and is a#le to reduce control risk
#elo maximum. "oint !+ ould #e appropriate if it is cost #eneficial for the auditor to o#tain
assurance at a level #eteen the to extremes mentioned a#ove (!1 and !3).
13-14 ,efore reduced su#stantive testing is permitted, internal controls must #e effective and
the auditor must have found the results of the tests of controls satisfactory. !ost effectiveness of
reduced assessed control risk should #e considered in making the decisions as to hether to
test controls in the audit of a nonpu#lic company. The cost effectiveness of reduced control risk
is an audit efficienc) issue. -t is important to note, hoever, that tests of controls are alays
required in the integrated audit of a pu#lic company$s financial statements and internal control
over financial reporting.

13-1+ ,y identifying the #est mix of tests the auditor can accumulate sufficient competent
evidence at minimum cost. The auditor can there#y meet the standards of the profession and
still #e cost effective and competitive.
13-1, The four-step approach to designing tests of controls and su#stantive tests of
transactions is as follos%
1. Apply the transaction-related audit o#9ectives to the class of transactions
#eing tested.
+. -dentify specific control policies and procedures that should reduce
control risk for each transaction-related audit o#9ective.
3. *evelop appropriate tests of controls for each key control.
2. *esign appropriate su#stantive tests of transactions considering
deficiencies in internal control and expected results from 3 a#ove.
13-1- The approach to designing tests of controls and su#stantive tests of transactions (Figure
13-2) emphasi0es satisfying the transaction-related audit o#9ectives developed in !hapters A
and 1B. &ecall that these o#9ectives focus on the proper functioning of the accounting system.
The methodology of designing tests of details of #alances (Figure 13-A) emphasi0es
satisfying the #alance-related audit o#9ectives developed in !hapter A. The primary focus of
these o#9ectives is on the fair presentation of account #alances in the financial statements.
,1
13-1. -t is desira#le to design tests of details of #alances #efore performing tests of controls
and su#stantive tests of transactions to ena#le the auditor to determine if the overall planned
evidence is the most efficient and effective in the circumstances. -n order to do this, the auditor
must make assumptions a#out the results of the tests of controls and su#stantive tests of
transactions. 'rdinarily the auditor ill assume no significant misstatements or control pro#lems
in tests of controls and su#stantive tests of transactions unless there is reason to #elieve
otherise. -f the auditor determines that the tests of controls and su#stantive tests of
transactions results are different from those expected, the amount of testing of details of
#alances must #e altered.
13-1/ -f tolera#le misstatement is lo, and inherent risk and control risk are high, planned tests
of details of #alances hich the auditor must perform ill #e high. An increase in tolera#le
misstatement or a reduction of either inherent risk or control risk ill lead to a reduction in the
planned tests of details of #alances.
13-20 The nine #alance-related audit o#9ectives and related procedures are as follos%
GN#A)
9A)ANC-
#)ATD A"D!T
O9:CT!V S*C!$!C O9:CT!V A"D!T *#OCD"#
*etail tie-in -nventory on the inventory
summary agrees ith the
physical count, the extensions
are correct, and the total is
correctly added and agrees ith
the general ledger.
!heck extensions of price times quantity
on a sample #asis, foot the detailed
inventory summary, and trace the #alance
to the general ledger and financial
statements.
7xistence -nventory as stated in financial
statements actually exists.
Trace inventory from final inventory
summary to actual inventory and
physically count selected items.
!ompleteness 7xisting inventory items have
#een counted and included in
the financial statements.
5elect items from the physical inventory
and trace to the client.s final summary to
make sure that all items are included.
Accuracy -nventory items included in the
financial statements are stated
at the correct amounts.
"erform price tests of inventory #y
examining supporting vendors. invoices
for selected inventory items and reverify
price times quantity.
!lassification -nventory as included in the
financial statements is properly
classified.
!ompare the classification of inventory
into ra materials, ork in process, and
finished goods #y comparing the
description on physical inventory count
tags ith the client.s final inventory listing.
,2
!utoff -nventory cutoff is properly
recorded at the #alance sheet
date.
Trace selected receiving reports several
days #efore and after the #alance sheet
date to determine hether inventory
purchases are recorded in the proper
period and related physical inventory
counts are included or excluded from
inventory.
&eali0a#le value -nventory on the financial
statements excludes unusa#le
items.
-nquire of factory employees and
management regarding o#solescence of
inventory, and examine storeroom for
evidence of damaged or o#solete
inventory.
&ights and
o#ligations
-nventory items in the financial
statements are oned #y the
client.
&evie contracts ith suppliers and
customers for the possi#ility of the
inclusion of consigned or other non-
oned inventory.
"resentation and
disclosure
-nventory and related accounts
in the inventory and
arehousing cycle are properly
presented and disclosed.
7xamine financial statements for proper
presentation and disclosure including
proper description of pledged inventory
and inclusion of significant sales and
purchase commitments.
13-21 Auditors frequently consider it desira#le to perform audit tests throughout the year rather
than aiting until year-end #ecause of the !"A firm.s difficulty of scheduling personnel. *ue to
the uneven distri#ution of the year-end dates of their clients, there is a shortage of personnel
during certain periods of the year and excess availa#le time at other periods. The procedures
that are performed at a date prior to year-end are often dependent upon adequate internal
controls and hen the client ill have the information availa#le. Additionally, pu#lic company
auditors must #egin their testing of controls earlier in the year to ensure they are a#le to test a
sufficient sample of controls for operating effectiveness. 5ome controls may only #e performed
monthly or quarterly. Thus, the pu#lic company auditor must #egin testing early in the year so
that there is a sufficient num#er of months or quarters to test.
"rocedures that may #e performed prior to the end of the year are%
1. 4pdate fixed asset schedules.
+. 7xamine ne loan agreements and other legal records.
3. /ouch certain transactions.
2. Analy0e changes in the client.s accounting systems.
=. &evie minutes of #oard of directors. meetings.
A. -f the client has strong internal control, the folloing procedures may #e
performed ith minor revie and updating at year-end%
(a) '#servation of physical inventories<
(#) !onfirmation of accounts receiva#le #alances<
(c) !onfirmation and reconciliation of accounts paya#le #alances.
,3
Chapter 14 - Audit of the Sa4es and Co44ection C7c4e@ Tests of
Contro4s and Su6stantive Tests of Transactions
14-1 a. The bill of la!in is a document prepared at the time of shipment of goods to a
customer indicating the description of the merchandise, the quantity shipped, and
other relevant data. Formally, it is a ritten contract of the shipment and receipt
of goods #eteen the seller and carrier. -t is also used as a signal to #ill the
client. The original is sent to the customer and one or more copies are retained.
#. A sales invoice is a document indicating the description and quantity of goods
sold, the price including freight, insurance, terms, and other relevant data. -t is
the method of indicating to the customer the amount oed for the sale and the
due date of the payments. The original is sent to the customer and one or more
copies are retained. The sales invoice is the document for recording sales in the
accounting records.
c. The cre!it memo is a document indicating a reduction in the amount due from a
customer #ecause of returned goods or an alloance granted. -t often takes the
same general form as a sales invoice, #ut it reduces the customer.s accounts
receiva#le #alance rather than increasing it.
d. The remittance advice is a document that accompanies the sales invoice mailed
to the customer and can #e returned to the seller ith the cash payment. -t is
used to indicate the customer name, sales invoice num#er, and the amount of
the invoice hen the payment is received. A remittance advice is used to permit
the immediate deposit of cash as a means of improving control over the custody
of assets.
e. The monthl) statement to customers is the document prepared monthly and sent
to each customer indicating the #eginning #alance of that customer.s accounts
receiva#le, the amount and date of each sale, cash payment received, credit
memos issued, and the ending #alance due. -t is, in essence, a copy of the
customer.s portion of the accounts receiva#le master file.
14-2 "roper credit approval for sales helps minimi0e the amount of #ad de#ts and the
collection effort for accounts receiva#le #y requiring that each sale #e evaluated for collection
potential.
Adequate controls in the credit function ena#le the auditor to place more reliance on the
client.s estimate of uncollecti#le accounts. >ithout these controls, the auditor ould have to
make his or her on credit checks on the customers in order to #e convinced that the alloance
for uncollecti#le accounts is reasona#le.
14-3 The charge-off of uncollecti#le accounts receiva#le is a process here#y the company
rites off receiva#les already in existence that it decides ill not #e collected. This usually
occurs after a customer files for #ankruptcy or hen the account is turned over to a collection
agency. The #ad de#t expense is a provision for sales that the company ill #e una#le to collect
in the future. -t is an estimate used #ecause of the matching concept in accounting. ,ad de#t
expense is audited #y examining past trends in uncollecti#ility, as it is a pro9ection of future
uncollecti#les.
,4
14-3, continued
The uncollecti#le accounts rite-off must #e carefully audited to assure that accounts
that have #een paid are not ritten off to cover up a defalcation. This is done #y examining the
authori0ation for the rite-off and the correspondence in the files concerning that account, and
possi#ly #y confirming accounts receiva#le.
14-4 ,est5ellers.com could integrate its online ordering system ith its inventory system so
that a #ook shipment is made only after the customer$s credit card company approves the
customer$s purchase. ,ecause credit card issuers often transfer funds electronically almost
immediately after a sale, ,est5ellers.com could also set up their system to ship #ooks only after
payment has #een received #y the credit card issuer. Finally, ,est5ellers.com could arrange
ith an online credit service #ureau to run credit checks on customers purchasing over a preset
minimum amount.
Although ,est5ellers.com sells its goods through the -nternet, the company should still record
sales revenue hen the #ooks are shipped to customers.
14-+
T#ANSACT!ON-#)ATD
A"D!T O9:CT!V '1 !NT#NA) CONT#O)S
1. &ecorded sales are for shipments
actually made to existing customers
(existence).
&ecording of sales is supported #y authori0ed
shipping documents and approved customer
orders.
!redit is authori0ed #efore shipment takes
place.
5ales invoices are prenum#ered and properly
accounted for.
'nly customer num#ers existing in the
computer data files are accepted hen they are
entered.
1onthly statements are sent to customers<
complaints receive independent follo-up.
+. 7xisting sales transactions are
recorded (completeness).
5hipping documents are prenum#ered and
accounted for.
5ales invoices are prenum#ered and accounted
for.
,+
14-+ <continued=
T#ANSACT!ON-#)ATD
A"D!T O9:CT!V '1 !NT#NA) CONT#O)S
3. &ecorded sales are for the amount of
goods shipped and are correctly #illed
and recorded (accuracy).
*etermination of prices, terms, freight, and
discounts is properly authori0ed.
-nternal verification of invoice preparation.
Approved unit selling prices are entered into the
computer and used for sales.
,atch totals are compared ith computer
summary reports.
2. 5ales transactions are properly
classified (classification).
4se of adequate chart of accounts.
-nternal revie and verification.
=. 5ales are recorded on the correct
dates (timing).
"rocedures requiring #illing and recording of
sales on a daily #asis as close to the time of
occurrence as possi#le.
-nternal verification.
A. 5ales transactions are properly
included in the accounts receiva#le
master file and are correctly
summari0ed (posting and
summari0ation).
&egular monthly statements to customers.
-nternal verification of accounts receiva#le
master file contents.
!omparison of accounts receiva#le master file
or trial #alance ith general ledger #alance.
14-,
#ests of controls:
1. 'n a sample of sales invoices, examine proper authori0ation and indication of
internal verification of sales amounts.
+. 7xamine approved computer printout of unit selling prices.
3. 7xamine file of #atch totals for initials of data control clerk< compare totals to
summary reports.
*ubstantive tests of transactions:
1. &ecompute information on sales invoices.
+. Trace entries in sales 9ournal to related sales invoices.
3. Trace detail on sales invoices to shipping documents, approved price lists, and
customers. orders.
,,
14-- The most important duties that should #e segregated in the sales and collection cycle
are%
1. &eceiving orders for sales
+. 5hipping goods
3. ,illing customers and recording sales
2. 1aintaining inventory records
=. 1aintaining general accounting records
A. 1aintaining detailed accounts receiva#le records
D. "rocessing cash receipts
@. :ranting credit and pursuing unpaid accounts
5egregation of duties should #e used extensively in the sales and collection cycle for to
reasons. First, cash receipts are su#9ect to easy manipulation. 5econd, the large num#er
and nature of transactions ithin the cycle make the procedure of cross-checking, here
one employee.s duties automatically serve to verify the accuracy of another.s, highly
desira#le.
-f the asset-handling activities (shipping goods and processing cash receipts) are
com#ined ith their respective accounta#ility activities (maintaining inventory, accounts
receiva#le, and general accounting records), a serious deficiency ith respect to safeguarding
those assets exists. -t ould #e easy for an employee, #y either omitting or adding an entry, to
use the company.s assets for his or her on purpose. -f the credit granting function is com#ined
ith the sales function, there may #e a tendency of sales staff to optimi0e volume even at the
expense of high #ad de#t rite-offs.
14-. The use of prenum#ered documents is meant to prevent the failure to #ill or record sales
as ell as to prevent duplicate #illings and recordings. An example of a useful control to provide
reasona#le assurance that all shipments are #illed, is for the #illing clerk to file a copy of all
shipping documents in sequential order after a shipment has #een #illed. "eriodically, someone
can account for all num#ers in the sequence and investigate the reason for missing documents.
The same type of a useful test in this area is to account for the sequence of duplicate sales
invoices in the sales 9ournal, atching for omitted num#ers, duplicate num#ers, or invoices
outside the normal sequence. This test simultaneously provides evidence of #oth the
EexistenceE and EcompletenessE o#9ectives.
14-/ 1. !redit is authori0ed #efore a sale takes place.
#est% Analy0e the alloance for uncollecti#le accounts and rite-offs of
accounts receiva#le during the period to determine the effectiveness of
the credit approval system.
+. :oods are shipped only after proper authori0ation.
#est% &evie physical inventory shortages to determine the effectiveness of
inventory control.
3. "rices, including payment terms, freight, and discounts, are properly authori0ed.
#est% !ompare actual price charged for different products, including freight and
terms, to the price list authori0ed #y management.
,-
14-10 The purpose of footing and crossfooting the sales 9ournal and tracing the totals to the
general ledger is to determine that sales transactions are properly included in the accounts
receiva#le master file and are correctly summari0ed. The auditor ill make a sample selection
from the sales 9ournal to perform tests of controls and su#stantive tests of transactions, so he or
she must determine that the general ledger agrees ith the sales 9ournal.
14-11 The verification of sales returns and alloances is quite different from the verification of
sales for three primary reasons%
1. 5ales returns and alloances are normally an insignificant portion of operations
and therefore receive little attention from the auditor.
+. The primary emphasis the auditor places on sales returns and alloances is to
determine that returns and alloances are properly authori0ed and that sales are
not overstated at year-end and su#sequently reversed #y the issuance of returns.
3. The completeness o#9ective cannot #e ignored #ecause unrecorded sales
returns and alloances can materially overstate net income.
14-12 !ash is the most liquid asset that a company ons and thus it is the most likely target of
misappropriation. The emphasis the auditor places on the possi#ility of misappropriation of cash
is not inconsistent ith his or her responsi#ility, hich is to determine the fairness of the
presentation of the financial statements. -f material fraud has occurred, and it is not fully
disclosed in the financial statements, those statements are not fairly presented.
,.
14-13
T#ANSACT!ON-#)ATD
A"D!T O9:CT!V
'1 !NT#NA) CONT#O)S
1. &ecorded cash receipts are for
funds actually received #y the
company (existence).
5eparation of duties #eteen handling cash and
record keeping.
-ndependent reconciliation of #ank accounts.
+. !ash received is recorded in the
cash receipts 9ournal
(completeness).
5eparation of duties #eteen handling cash and
record keeping.
4se of remittance advices or a prelisting of cash.
-mmediate endorsement of incoming checks.
-nternal verification of the recording of cash
receipts.
&egular monthly statements to customers.
3. !ash receipts are deposited and
recorded at the amounts received
(accuracy).
5ame as + a#ove.
Approval of cash discounts.
&egular reconciliation of #ank accounts.
,atch totals are compared ith computer
summary reports.
2. !ash receipts transactions are
properly classified (classification).
4se of adequate chart of accounts.
-nternal revie and verification.
=. !ash receipts are recorded on the
correct dates (timing).
"rocedure requiring recording of cash receipts on
a daily #asis.
-nternal verification.
A. !ash receipts are properly
included in the accounts receiva#le
master file and are correctly
summari0ed (posting and
summari0ation).
&egular monthly statements to customers.
-nternal verification of accounts receiva#le master
file contents.
!omparison of accounts receiva#le master file or
trial #alance totals ith general ledger #alance.
14-14 Audit procedures that the auditor can use to determine hether all cash receipts ere
recorded are%
*iscussion ith personnel and o#servation of the separation of duties #eteen
handling cash and record keeping.
Account for numerical sequence of remittance advices or examine prelisting of
cash receipts.
'#serve immediate endorsement of incoming checks.
7xamine indication of internal verification of the recording of cash receipts.
'#serve hether monthly statements are #eing sent to customers.
Trace from remittance advices or prelisting to cash receipts 9ournal.
,/
14-1+ "roof of cash receipts is a procedure to test hether all recorded cash receipts have
#een deposited in the #ank account. -n this test, the total cash receipts recorded in the cash
receipts 9ournal for a period of time, such as a month, are reconciled to the actual deposits
made to the #ank during the same time period. The procedure is not useful to discover cash
receipts that have not #een recorded in the 9ournals or time lags in making deposits, #ut it is
useful to discover recorded cash receipts that have not #een deposited, unrecorded deposits,
unrecorded loans, #ank loans deposited directly into the #ank account, and similar
misstatements.
14-1, Fapping is the postponement of entries for the collection of receiva#les to conceal an
existing cash shortage. The fraud is perpetrated #y someone ho records cash in the cash
receipts 9ournal and then enters them into the computer system. The person defers recording
the cash receipts from one customer and covers the shortage ith receipts from another
customer. These in turn are covered #y the receipts from a third customer a fe days later. The
employee must either continue to cover the shortage through lapping, replace the stolen money,
or find another ay to conceal the shortage.
This fraud can #e detected #y comparing the name, amount and dates shon on
remittance advices to cash receipts 9ournal entries and related duplicate deposit slips. 5ince the
procedure is relatively time-consuming, auditors ordinarily perform the procedure only here
there is a specific concern ith fraud #ecause of internal control deficiencies discovered.
14-1- The audit procedures most likely to #e used to verify accounts receiva#le charged off as
uncollecti#le and the purpose of each procedure are as follos%
7xamine approvals #y the appropriate persons of individual accounts charged off.
The purpose is to determine that charge-offs are approved.
7xamine correspondence in client.s files that indicates the uncollecti#ility of the
accounts for a selected num#er of charge-offs. The purpose is to determine that
the account appears to #e uncollecti#le.
7xamine *un and ,radstreet credit records as an indication of the uncollecti#ility
of an account. The purpose is the same as the previous procedure.
!onsider the reason for the charge-off compared to the company policy for
riting off uncollecti#le accounts. The purpose is to determine hether or not
company policy is #eing folloed.
14-1. The primary o#9ective of the tests of controls and su#stantive tests of transactions for
sales and cash receipts is to determine hether or not the auditor may rely on internal controls
to produce accurate information. -f it is determined through tests of controls and su#stantive
tests of transactions that the system provides relia#le information as to accounts receiva#le
#alances, the auditor may reduce the sample si0e for the confirmation of accounts receiva#le
and ad9ust the type of confirmation and timing of the tests. -f the system is not considered
effective #ecause of deficiencies in internal control, the sample si0e must #e increased, positive
confirmations ill pro#a#ly #e necessary, and the confirmations ill most likely #e as of the
#alance sheet date.
-0
14-1/ -t is often accepta#le to perform tests of controls and su#stantive tests of transactions at
an interim date. The auditor may decide it is necessary to test the untested period at year-end. -t
is accepta#le to perform tests of controls and su#stantive tests of transactions for sales and
cash receipts at an interim date and not perform additional tests of the system at year-end
under the folloing circumstances%
The auditor #elieves that internal controls are effective.
The auditor does not anticipate significant changes in the internal controls during
the remaining period.
The transactions normally occurring #eteen the completion of the tests of
controls and su#stantive tests of transactions and the end of the year are similar
to the transactions prior to the test date.
The remaining period is not too long.
14-20 :enerally, successful tests of controls and su#stantive tests of transactions allo for a
reduction of tests of details of #alance at year-end. 6oever, *iane 5mith chose the month of
1arch, hich only represents one-telfth of the year, as her test period. >ith such a short test
period, *iane cannot conclude that she has selected a representative sample from the total
population< therefore, ithout testing additional months (consensus of several !"A firms
requires at least nine months coverage), *iane should not change the scope of her tests of
details of #alances at year-end.
Chapter 1, - Comp4etin5 the Tests in the Sa4es and Co44ection C7c4e@
Accounts #eceiva64e
1,-1 Tests of details of #alances are designed to determine the reasona#leness of the
#alances in sales, accounts receiva#le, and other account #alances that are affected #y the
sales and collection cycle. 5uch tests include confirmation of accounts receiva#le, and
examining documents supporting the #alance in these accounts.
Tests of controls and su#stantive tests of transactions for the sales and collection cycle
are intended to determine the effectiveness of internal controls and to test the su#stance of the
transactions that are produced #y this cycle. 5uch tests consist of activities such as examining
sales invoices in support of entries in the sales 9ournal, reconciling cash receipts, or revieing
the approval of credit.
The results of the tests of controls and su#stantive tests of transactions affect the
procedures, sample si0e, timing and items selected for the tests of details of #alances (i.e.,
effective internal controls ill result in reduced testing hen compared to the tests of details
required in the case of inadequate internal controls). The results of tests of controls also affect
the pu#lic company auditor$s report on internal controls over financial reporting.
-1
1,-2 5A5 AD (A4 33B.+B) discusses the use of negative accounts receiva#le confirmations as
follos%
The negative form requests the recipient to respond only if he or she disagrees ith the
information stated on the request. 3egative confirmation requests may #e used to
reduce audit risk to an accepta#le level hen (a) the com#ined assessed level of
inherent and control risk is lo, (#) a large num#er of small #alances is involved, and (c)
the auditor has no reason to #elieve that the recipients of the requests are unlikely to
give them consideration. For example, in the examination of demand deposit accounts in
a financial institution, it may #e appropriate for an auditor to include negative
confirmation requests ith the customers$ regular statements hen the com#ined
assessed level of inherent and control risk is lo and the auditor has no reason to
#elieve that the recipients ill not consider the requests. The auditor should consider
performing other su#stantive procedures to supplement the use of negative
confirmations.
The preceding requirement that negative confirmations are considered appropriate
here the internal controls of the sales and collection cycle are effective is violated #y !ynthia
&o#erts. approach. 3ot only is her approach questiona#le from the standpoint that
nonresponses have not necessarily proved the existence of the receiva#le, #ut her confirmation
at an interim date requires her to assume an assessed control risk less than maximum, #ut she
has not tested the related internal controls to 9ustify this assumption.
1,-3 The folloing are analytical procedures for the sales and collection cycle, and potential
misstatements uncovered #y each test. 7ach ratio should #e compared to previous years.
ANA)1T!CA) *#OCD"# *OTNT!A) %!SSTAT%NT
1. :ross margin #y product line -ncluding in the physical inventory items for
hich the corresponding lia#ility had not yet
#een recorded.
+. 5ales returns and
alloances as a percentage
of gross sales #y product line
or segment
All returns ere not recorded, or shipments to
customers ere not in accordance ith
specifications and ere returned (this could
result in significant operating pro#lems).
3. Trade discounts taken as a
percentage of net sales
*iscounts that ere taken #y customers and
alloed #y the company ere not recorded.
2. ,ad de#ts as a percentage
of gross sales
1isstatement in determining the alloance for
uncollecti#le accounts.
=. *ays sales in receiva#les
outstanding
A pro#lem ith collections, an understatement of
#ad de#ts and alloance for uncollecti#le
accounts.
A. Aging categories as a
percentage of accounts
receiva#les
!ollection pro#lems and understatement of
alloance for uncollecti#le accounts.
-2
D. Alloance for uncollecti#le
accounts as a percentage of
accounts receiva#le
1isstatement in determining the alloance for
uncollecti#le accounts.
@. !omparison of the #alances
in individual customers.
accounts over a stated
amount ith their #alances in
the previous year
A pro#lem ith collections and therefore a
misstatement of the alloance for uncollecti#le
accounts.
1,-4 The folloing are #alance-related audit o#9ectives and related audit procedures for the
audit of accounts receiva#le.
9A)ANC-#)ATD A"D!T
O9:CT!V A"D!T *#OCD"#
Accounts receiva#le in the aged
trial #alance agree ith related
master file amounts< the total is
correctly added and agrees ith the
general ledger.
Trace tenty accounts from the trial
#alance to the related accounts in the
master file.
Foot to pages of the trial #alance, total all
pages, and trace totals to the general
ledger.
The accounts receiva#le in the
aged trial #alance exist.
!onfirm accounts receiva#le using positive
confirmations. !onfirm all amounts over
L1=,BBB and a nonstatistical sample of the
remainder.
7xisting accounts receiva#le are
included in the aged trial #alance.
Trace ten accounts from the accounts
receiva#le master file to the aged trial #alance.
Accounts receiva#le in the trial
#alance are accurately recorded.
!onfirm accounts receiva#le using positive
confirmations. !onfirm all amounts over
L1=,BBB and a nonstatistical sample of the
remainder.
Accounts receiva#le in the aged
trial #alance are properly classified.
&evie the receiva#les listed on the aged trial
#alance for notes and related party receiva#les.
Transactions in the sales and
collection cycle are recorded in the
proper period.
5elect the last 1B sales transactions from the
current year.s sales 9ournal and the first 1B
from the su#sequent year.s and trace each one
to the related shipping documents, checking for
the date of actual shipment and the correct
recording.
Accounts receiva#le in the trial
#alance are oned.
&evie the minutes of the #oard of directors for
any indication of pledged or factored accounts
receiva#le.
-3
Accounts receiva#le in the trial
#alance are stated at reali0a#le
value.
*iscuss ith the credit manager the likelihood
of collecting older accounts. 7xamine
su#sequent cash receipts and the credit file on
older accounts to evaluate hether receiva#les
are collecti#le.
Accounts in the sales and collection
cycle are properly presented and
disclosed.
&evie the minutes of the #oard of directors
meetings for any indication of pledged or
factored accounts receiva#le.
1,-+ The most important o#9ectives satisfied #y confirmations are existence, rights, and
accuracy. -n extreme cases, confirmations are also useful tests for cutoff. 5ometimes
confirmations may also help the auditor satisfy the completeness o#9ective.
1,-, A necessary audit procedure is to test the information on the client.s trial #alance for
detail tie-in. The footing in the total column and the columns depicting the aging must #e
checked and the total on the trial #alance reconciled to the general ledger to determine that all
accounts are included in the listing.
The master file records are the tie-in #eteen tests of controls, su#stantive tests of
transactions, and tests of details of #alances. The aged trial #alance is the listing of the master
file. 5ince the auditor uses the aged trial #alance in tests of details, he or she must #e sure that
information is the same as that tested in tests of controls and su#stantive tests of transactions.
-n addition, a sample of individual #alances is traced to the master file to determine that the trial
#alance has #een properly summari0ed from the master file. -n most cases, it ill not #e
necessary to trace each amount to the master file unless a significant num#er of misstatements
is noted and it is determined that reliance cannot #e place upon the trial #alance ith less than
1BBN testing. 3ormally a sample of entries on the trial #alance could #e traced to the master file
and ould #e sufficient to dra a conclusion as to the overall accuracy of the trial #alance.
1,-- The purpose of the accuracy tests of gross accounts receiva#le is to determine the
correctness of the total amounts receiva#le from customers. These tests normally consist of
confirmation of accounts receiva#le or examination of shipping documents in support of the
shipment of goods to customers.
The purpose of the test of the reali0a#le value of receiva#les is to estimate the amount of
the accounts receiva#le #alance that ill not #e collected. To estimate this amount, the auditor
normally revies the aging of the accounts receiva#le, analy0es su#sequent cash payments #y
customers, discusses the collecti#ility of individual accounts ith client personnel, and examines
correspondence and financial statements of significant customers.
1,-. -n most audits it is more important to carefully test the cutoff for sales than for cash
receipts #ecause sales cutoff misstatements are more likely to affect net earnings than are cash
receipt cutoff misstatements. !ash receipt cutoff misstatements generally lead to a
misclassification of accounts receiva#le and cash and, therefore, do not affect income.
To perform a cutoff test for sales, the auditor should o#tain the num#er of the last
shipping document issued #efore year-end and examine shipping documents representing
shipments #efore and after year-end and the related sales invoices to determine that the
shipments ere recorded as sales in the appropriate period.
The propriety of the cash receipts cutoff is determined through tests of the year-end
#ank reconciliation. *eposits in transit at year-end should #e traced to the su#sequent #ank
statement. Any delays in crediting deposits #y the #ank should #e investigated to determine
hether the cash receipts #ooks ere held open.
-4
1,-/ The value of accounts receiva#le confirmation as evidence can #e visuali0ed more
clearly #y relating it to tests of controls and su#stantive tests of transactions. -f the #eginning
#alance in accounts receiva#le can #e assumed to #e correct and careful tests of the controls
have #een performed, the auditor should #e in an excellent position to evaluate the fairness of
the ending #alance in accounts receiva#le.
!onfirmations are typically more effective than tests of controls and su#stantive tests of
transactions for discovering certain types of misstatements. These include invalid accounts,
disputed amounts, and uncollecti#le accounts resulting from the ina#ility to locate the customer.
Although confirmations cannot guarantee the discovery of any of these types of misstatements,
they are more relia#le than tests of controls and su#stantive tests of transactions, #ecause tests
of controls and su#stantive tests of transactions rely upon internally created documents,
hereas confirmations are o#tained from independent sources.
There are to instances in hich confirmations are less likely to uncover omitted
transactions and amounts than tests of controls and su#stantive tests of transactions. First, in
order to send a confirmation, it is necessary to have a list of accounts receiva#le from hich to
select. 3aturally, an omitted account ill not #e included in the population from hich the auditor
is selecting the sample. 5econd, if an account ith an omitted transaction is confirmed,
customers are less likely to respond to the confirmation, or, alternatively, ill state that it is
correct. Tracing shipping documents or sales orders to the related duplicate sales invoice and
the accounts receiva#le master file is an effective method of discovering omitted transactions.
!lerical errors in #illing customers and recording the amounts in the accounts can #e
effectively discovered #y confirmation, tests of controls, or su#stantive tests of transactions.
!onfirmations are typically more effective in uncovering overstatement of accounts receiva#le
than understatements, hereas tests of controls and su#stantive tests of transactions are
effective for discovering #oth types. The important concept in this discussion is the existence of
#oth a complementary and a su#stitute relationship #eteen tests of controls and su#stantive
tests of transactions, and confirmations. They are complementary in that #oth types of evidence,
hen com#ined, provide a higher level of overall assurance of the fair presentation of sales,
sales returns and alloances, and accounts receiva#le than can result from either type
considered separately. The strengths of tests of controls and su#stantive tests of transactions
com#ined ith the strengths of confirmation result in a highly useful com#ination. The to types
of evidence are su#stitutes in the sense that the auditor can o#tain a given level of assurance
#y decreasing the tests of controls and su#stantive tests of transactions if there is an offsetting
increase in the confirmation of accounts receiva#le. The extent to hich the auditor should rely
upon the tests of controls and su#stantive tests of transactions is dependent upon his or her
evaluation of the effectiveness of internal controls. -f the auditor has carefully evaluated internal
control, tested internal controls for effectiveness, and concluded that the internal controls are
likely to provide correct results, it is appropriate to reduce the confirmation of accounts
receiva#le. 'n the other hand, it ould #e inappropriate to #ypass confirmation altogether.
-n the situation #eing addressed in this pro#lem, the auditor ill ant to put more
emphasis on tests of controls and su#stantive tests of transactions than confirmations #ecause
of the nature of the customers and the strengths in internal control. 3evertheless, #oth should
#e used, regardless of the requirements of the A-!"A.
-+
1,-10 There are to common types of confirmations used for confirming accounts receiva#le%
EpositiveE confirmations and EnegativeE confirmations. A positive confirmation is a letter,
addressed to the de#tor, requesting that the recipient indicate directly on the letter hether the
stated account #alance is correct or incorrect and, if incorrect, #y hat amount. A negative
confirmation is also a letter, addressed to the de#tor, #ut it requests a response only if the
recipient disagrees ith the amount of the stated account #alance. A positive confirmation is
more relia#le evidence #ecause the auditor can perform follo-up procedures if a response is
not received from the de#tor. >ith a negative confirmation, failure to reply must #e regarded as
a correct response, even though the de#tor may have ignored the confirmation request.
'ffsetting the relia#ility disadvantage, negative confirmations are less expensive to send
than positive confirmations, and thus more of them can #e distri#uted for the same total cost.
The determination of hich type of confirmation to #e sent is an auditor.s decision, and it should
#e #ased on the facts in the audit. 5A5 AD (A4 33B) states that it is accepta#le to use negative
confirmations only hen all of the folloing circumstances are present%
Accounts receiva#le is made up of a large num#er of small accounts.
!om#ined assessed control risk and inherent risk is lo.
There is no reason to #elieve that the recipients of the confirmations are unlikely
to give them consideration.
Typically, hen negative confirmations are used, the auditor is using a reduced control
risk assessment in the audit of accounts receiva#le. -t is also common to use negative
confirmations for audits of hospitals, retail stores, and other industries here the receiva#les are
due from the general pu#lic. -n these cases, far more assurance is o#tained from tests of
controls and su#stantive tests of transactions than from confirmations.
-t is also common to use a com#ination of negative and positive confirmations #y
sending the positives to accounts ith large #alances and negatives to those ith small
#alances. This allos the auditor to focus the confirmation testing on large account #alances,
hile still testing a representative sample from the rest of the population at minimal cost.
1,-11 -t is accepta#le to confirm accounts receiva#le prior to the #alance sheet date if the
internal controls are adequate and can provide reasona#le assurance that sales, cash receipts,
and other credits are properly recorded #eteen the date of the confirmation and the end of the
accounting period. 'ther factors the auditor is likely to consider in making the decision are the
materiality of accounts receiva#le and the auditor.s exposure to lasuits #ecause of the
possi#ility of client #ankruptcy and similar risks. -f the decision is made to confirm accounts
receiva#le prior to year-end, it is necessary to test the transactions occurring #eteen the
confirmation date and the #alance sheet date #y examining internal documents and performing
analytical procedures at year-end.
1,-12 The most important factors affecting the sample si0e in confirmations of accounts
receiva#le are%
Tolera#le misstatement
-nherent risk (relative si0e of total accounts receiva#le, num#er of accounts, prior
year results, and expected misstatements)
!ontrol risk
Achieved detection risk from other su#stantive tests (extent and results of
su#stantive tests of transactions, analytical procedures, and other tests of
details)
Type of confirmation (negatives normally require a larger sample si0e)
-,
1,-13 -n most confirmations of accounts receiva#le, some type of stratification is desira#le. A
typical approach to stratification is to consider #oth the si0e of the outstanding #alance and the
length of time an account has #een outstanding as a #asis for selecting the #alances for
confirmation, since these are the accounts that are more likely to include a significant
misstatement. -t is also important to sample some items from every material stratum of the
population. 4sing this approach, the auditor ill pay careful attention to the accounts in hich
misstatements are most likely to occur and ill follo the guidelines set forth in !hapter 1=
regarding the need to o#tain a representative sample of the population.
1,-14 Alternative procedures are procedures performed on a positive confirmation not returned
#y the de#tor using documentation evidence to determine hether the recorded receiva#le
exists and is collecti#le. -t is common to send second requests for confirmations and sometimes
even third requests. 7ven ith these efforts, some customers do not return the confirmations, so
it is necessary to follo up ith alternative procedures. The o#9ective of the alternative
procedures is to determine, #y a means other than confirmation, hether the unconfirmed
account existed and as properly stated at the confirmation date. For any confirmation not
returned, the folloing documentation can #e examined to verify the existence and accuracy of
individual sales transactions making up the ending #alance in accounts receiva#le%
1. *ubse,uent cash recei"ts 7vidence of the receipt of cash su#sequent to the
confirmation date includes examining remittance advice, entries in the cash
receipts records, or perhaps even su#sequent credits in the accounts receiva#le
master file. The examination of evidence of su#sequent cash receipts is usually
the most useful alternative procedure #ecause it is reasona#le to assume that a
customer ould not make a payment unless it as a valid receiva#le. 'n the
other hand, the fact of payment does not esta#lish hether there as an
o#ligation on the date of the confirmation. -n addition, care should #e used to
match each unpaid sales transaction ith evidence of its payment as a test for
disputes or disagreements over individual outstanding invoices.
+. Du"licate sales invoices These are useful to verify the actual issuance of a sales
invoice and the actual date of the #illing.
3. *hi""in !ocuments These are important to esta#lish hether the shipment as
actually made and as a test of cutoff.
2. &orres"on!ence 'ith the client 4sually it is unnecessary to revie
correspondence as a part of alternative procedures, #ut it can #e used to
disclose disputed and questiona#le receiva#les not uncovered #y other means.
The extent and nature of the alternative procedures depends primarily upon the
materiality of the unconfirmed accounts, the nature and extent of the misstatements discovered
in the confirmed responses, the su#sequent cash receipts of the unconfirmed accounts, and the
auditor.s evaluation of the effectiveness of internal controls. -t is normally desira#le to account
for all unconfirmed #alances ith alternative procedures, even if the amounts are small, as a
means of properly generali0ing from the sample to the population.
--
1,-1+ !onfirmation of accounts receiva#le is normally performed on only a sample of the total
population. The purpose of the confirmation is to o#tain outside verification of the #alance of the
account and to o#tain an indication of the rate of occurrence of misstatements in the accounts.
1ost misstatements hich are indicated #y the differences on the confirmation replies ill not
#e material< hoever, each difference must #e analy0ed to determine its effect and all others
considered together on the total accounts receiva#le #alance. Though the individual differences
may not #e material, they may indicate a material pro#lem hen extended to the entire
population, and ith regard to the internal controls over the accounts receiva#le.
1,-1, Three differences that may #e o#served on the confirmation of accounts receiva#le that
do not constitute misstatements, and an audit procedure that ould verify each difference are
as follos%
1. "ayment has #een made #y the customer, #ut not received #y the client at the
confirmation date. The su#sequent payment should #e examined as to the date
deposited.
+. 1erchandise shipped #y the client has not #een received #y the customer at the
confirmation date. The shipping documents should #e examined to verify that the
goods ere shipped prior to confirmation date.
3. 1erchandise has #een returned, #ut has not #een received #y the client at the
confirmation date. &eceiving documents and the credit memo should #e
examined.
1,-1- >ith regard to the sales and collection cycle, the auditor uses flocharts, assessing
control risk for the accounting cycle, tests of controls, and tests of details of #alances in the
determination of the likelihood of a material misstatement in the accounts affected #y the sales
and collection cycle. The flocharts provide a means for the auditor to document and analy0e
the accounting systems as represented #y the client. The auditor ould then make an initial
assessment of control risk #ased on the controls hich are present in the accounting cycle
as documented in the flocharts, and ould plan the tests of controls #ased upon the selection
of the significant controls. The auditor ould then perform the tests of the significant controls to
determine the effectiveness of the controls and to plan the su#stantive tests that are necessary
#ased upon the revised assessment of control risk for this accounting cycle. Finally, after
considering the results of tests of controls and su#stantive tests of transactions, the auditor
ould perform tests of details of #alances to determine the occurrences of material
misstatements in the account #alances.
1,-1. :AA" requires that sales returns and alloances #e matched ith the related sales if
the amounts are material. 6oever, most companies record sales returns and alloances in the
period in hich they occur, under the assumption of approximately equal, offsetting amounts at
the #eginning and end of each accounting period. This approach is accepta#le, if the amounts
are not significant.
1,-1/ ,ecause customers ho purchase online products are not a#le to physically examine
the actual products #efore they purchase them, there are often more sales returns for online
sales than for traditional sales systems. An auditor may need to evaluate online sales separately
from traditional sales to determine an appropriate alloance for returned items. This, in turn,
affects the auditor$s testing of any credit card receiva#les resulting from online sales.
-.
-/