Audit Theory

By William Sucuahi, CPA

Learning Objective
 Explains why there is demand for auditing
 Defines the three fundamental concept of a financial
statement audit
 Recognizes the sets of management assertions that are
implicit in a business entity’s financial statements
 Explains the financial statement auditing process
Auditing vs Accounting
 Accounting focus on learning the rules, techniques,
and computations required to prepare and analyze
financial information
 Auditing focuses on learning the analytical and logical
skills necessary to evaluate the relevance and reliability
of the systems and processes responsible for recording
and summarizing the information, as well as of the
information itself.
Why do companies request
Analogy: Case of Auto Mechanic
an audit?

Car Car
Seller Buyer

Mechanic

Car
Why do companies request an audit?
 Characteristics of mechanic
 Competent
 Objective
 Honest
 Skeptical
 Responsible or liable
 Characteristic of check-up report
 Timely
 Reasonably priced
 Complete
 Effective
 Systematic and reliable
 Informative
Why do asymmetry
 Information companies request an audit?
 Means that the manager generally has more information about the true
financial position and results of operations of the entity than those
absentee owner.
 Conflict of Interest
 Managers and owners interest may not be coincide
 Principal and Agents
 The absentee stockholder will served as principal who will invest resources
 The manager served as agents for the stockholders who will fulfilled a
stewardship function by managing the resources invested
 Principal provides capital
and hires agent to manage it

Principal Information asymmetry Agent

(absentee owner) Conflict of Interest (Manager)

Agent is accountable to
Auditor gather principal; provides financial
evidence to evaluate Agent hires auditor to
reports report on the fairness of
fairness of agent’s
financial reports. agent’s financial reports.
Issues audit opinion.
Auditor
Auditing
 and
Auditing is systematic Assurance
process of objectivity obtaining and evaluating
evidence regarding assertions about economic actions and events to
ascertain the degree of correspondence between those assertions and
established criteria and communicating the results to interested users.
 Assurance means an engagement in which practitioner express a
conclusion designed to enhance the degree of confidence of the
intended users other than the responsible party about the outcome of
the evaluation measurement of a subject matter against criteria
Overview of Financial Audit
Terms of engagement
Management Auditor

Implements Obtain
Internal Control evidence

Test
Conducts management
Transaction Assertion

Accumulates
Transaction into Determine overall
Account balances Fairness of FS

Prepare FS
Issue audit
report
Issue FS to
Users
Concept in conducting Financial Audit

 Audit Risk
 Materiality
 Evidence regarding Management Assertion
Audit Risk
Audit risk is the risk that the auditor express an
inappropriate audit opinion when the financial audit
opinion when the financial statements are materially
misstated.
Materiality
Omission or misstatement of items are material if they could, individually
or collectively, influence the economic decisions of users taken on the
basis of the financial statements. Material depends on the size and
nature of the omission or misstatement judged in the surrounding
circumstances. The size or nature of the item, or a combination of
both, could be the determining factor.

The auditor’s consideration of materiality is a matter of professional

judgment.
Evidence regarding management
assertion
Most of the auditor’s work in arriving at an opinion on
the financial statements consists of obtaining and
evaluating evidence.

The nature, timing and extent of evidence gathering is

affected by the assessment of audit risk and
materiality.
Management Assertions
Assertions are representations by management, explicit or implicit,
that are embodied in the financial statements.

Three sets of assertion

 Assertion about classes of transaction and events for the period
of audit (Transaction level assertion)
 Assertion about account balances at the period end (Account
Balance level assertion)
 Assertion about presentation and disclosure
The Concepts of Audit
Evidence
Nature of audit evidence

Appropriateness of audit evidence

Sufficiency of audit evidence

Evaluation of audit evidence

The Concepts of Audit
Evidence
Nature of audit evidence

Appropriateness of audit evidence

Sufficiency of audit evidence

Evaluation of audit evidence

The Concepts of Audit
Evidence
Nature of audit evidence

Appropriateness of audit evidence

Sufficiency of audit evidence

Evaluation of audit evidence

The Audit Process
Client acceptance/
Continuance Established
And establishing Preplanning Materiality and
Engagement terms Assess risk

Audit business Internal control

Process and Plan audit
consideration
Related accounts

Complete the Evaluate result

audit And issue report
Generally Accepted Auditing
Standard (GAAS)
 General Standards
 Technical training and proficiency as an auditor
 Independence
 Professional due care
 Standard of Field Works
 Planning
 Internal Control Consideration
 Evidential Matter
 Standard of Reporting
 GAAP (PFRS)
 Consistency
 Disclosure
 Opinion
Generally Accepted Auditing
Standard (GAAS)
 General Standards
 RA 9298
 IFAC Code of Ethics
 Standard of Field Works
 PSA
 Standard of Reporting
 PSA
The Phases of an Audit That
Relate to Audit Planning
Client acceptance
and continuance

Establish the terms

of the engagement

Preplanning

Assess risks and

establish materiality

Plan the audit

 Prospective Client Acceptance
1. Obtain and review financial information.
2. Inquire of third parties.
3. Communicate with the predecessor
auditor.
4. Consider unusual business or audit risks.
5. Determine if the firm is independent.
6. Determine if the firm has the necessary
skills and knowledge.
7. Determine if acceptance violates any
applicable regulatory or ethical
requirements.
Continuing Client Retention
Evaluate client
retention periodically

Near audit completion

or after a significant
event

Conflicts over
accounting & auditing Dispute over fees
issues
Establish Terms of the
Engagement
The terms of the engagement, which are documented in
the engagement letter, should include the objectives of
the engagement, management’s responsibilities, the
auditor’s responsibilities, and the limitations of the
engagement.

In establishing the terms of the

engagement, three topics
must be discussed:
1. The engagement letter
2. The internal auditors
3. Those charged with
governance.
 The Engagement Letter
The engagement letter formalizes the arrangement reached
between the auditor and the client.
In addition to the items mentioned in the
sample engagement letter in Exhibit 5-1 in
the textbook, the engagement letter may
include:
• Arrangements for use of experts or
internal auditors.
• Any limitations of liability of the auditor
or client.
• Additional services to be provided.
•Arrangements regarding other services.
Internal
Auditors
Internal Auditors
Preplanning
Determine the Audit
Engagement Team
Requirements

Assess
Independence
Assess Risks and Establish
Materiality
Use audit
risk model

Achieve
Restrict risk at
acceptable
account
level of audit
balance level
risk
 The Inherent
AuditriskRisk Model
and control risk:
Risk that material misstatements exist

Audit Risk = IR × CR × DR

Detection risk:
Risk that auditor will not detect misstatements

• Inappropriate audit procedure

• Fail to detect when using Non-sampling Sampling
appropriate audit procedure risk risk
• Misinterpreting audit results
Using the level
 Set a planned Audit
of auditRisk Model
risk such that an opinion
can be issued on the financial statements.
 Assess inherent risk and control risk.
 Use the audit risk equation to solve for the appropriate
level of detection risk:

AR = IR × CR × DR
AR
DR = IR × CR

Auditors use this level of detection risk to design audit

procedures that will reduce audit risk to an acceptable level.
 Planning the Audit
When planning the audit, the auditor should be guided by the
results of the risk assessment procedures performed to gain
an understanding of the entity.

Additional steps:
•Assess a preliminary level of control risk
by account and assertion.
•Consider the possibility of non-compliance Let’s look at each
(illegal) acts. of these steps.
•Identify related parties.
•Conduct preliminary analytical
procedures.
•Develop an overall audit strategy and
prepare an audit plan.
•Consider additional value-added services.
 Assess a Preliminary Level for
Control Risk by Account and
Assertion
Control risk is the risk that material misstatements will not be
prevented or detected by internal controls.

A preliminary
assessment of
control risk is
necessary for the
auditor to plan the
The presence of complex
nature, timing, information technology may
and extent of require the use of an IT
testing. specialist.
Assess the Possibility of Non-
compliance (Illegal) Acts
Non-
compliance
Acts

Materially Not materially

affecting the affecting the
financial financial
statements statement

Be aware may have

Obtain evidence of occurred;
compliance investigate if
brought to attention
 Identify
Some examplesRelated
from IAS 24 Parties
How to Identify Related Parties in
Related Party Disclosure Addition to Request Management
•Parents and subsidiaries. •Review contracts and
agreements.
•Significant influence.
•Joint control. •Review bank and legal
confirmations.
•Associate entity. •Review transactions with major
•Joint venture. customers, suppliers, borrowers,
and lenders.
•Management.
•Close family of the •Review large, unusual, or
non-recurring transactions
principal owners & management. especially at year end.
•Other parties that can have •Review minutes of meetings of
significant influence. boards and management.
Conduct Preliminary Analytical
Procedures To identify
To understand the
financial statement
client’s business
accounts likely to
and transactions
contain errors

By understanding the client’s business and

identifying where errors are likely to occur, the
auditor can allocate more resources to investigate
necessary accounts.
Develop an Overall Audit Strategy
Complete other planning
Scope steps.
Compile knowledge about the
client’s business objectives
Timing and strategies, business risks,
audit risks, and controls.

Document effects of identified

Direction risks and controls on planned
audit procedures.
Prepare Audit Plan
The audit plan addresses in
Nature more detail the matters
identified in the audit strategy.

Timing An audit plan contains the

nature, timing and extent of
specific audit procedures.
Extent
Consider Additional Value-Added
Services
IT Internal
Tax Planning
Consultancy Reporting

Risk Benchmarkin Electronic

Assessment g Commerce
Types of Audit Tests
Used to obtain an understanding of
Risk Assessment
the entity and its environment,
Procedures including internal controls.

Performed to obtain audit evidence

about the operating effectiveness of
Tests of Controls controls in preventing, detecting and
correcting material misstatements.

Detect material misstatements in a

Substantive transaction class, account balance,
Procedures and disclosure component of the
financial statements.
Internal Control
 Designed and effected by those charge with
governance, managers, and other personnel to provide
reasonable assurance about the achievement of the
entity’s objective.
Internal Control
Objectives

Reliability of Effectiveness Compliance

Financial & Efficiency with Laws &
Reporting of Operations Regulations
Components of Internal Control
 Substantive Strategy
After obtaining an understanding of internal control, an
auditor may choose to follow a substantive strategy and set
control risk at the maximum for some or all assertions
because of one or all of the following factors:

Testing the
Controls do Controls are
effectiveness
not pertain to assessed as
of controls is
an assertion. ineffective.
inefficient.
Reliance Strategy
Obtain
Understanding of
Internal Control

Plan to Rely on
Internal Control and
Assess Control Risk
Below Maximum
Obtain an Understanding of
Internal Control
The auditor should obtain an understanding of each of
the five components of internal control in order to plan
the audit. This knowledge is used to:

Consider factors
Identify types of
that affect the risk
potential
of material
misstatements
misstatement

Design tests of Design substantive

controls procedures
Documenting the Understanding
of Internal Control
Procedure Manuals
and Organizational Narrative Description
Charts

Internal Control
Flowcharts
Questionnaires
Documenting the Achieved Level
of Control Risk
The auditor’s documents the tests of controls, the
linkage of the tests with the assessed risks at the
assertion level, and the results of the tests assessment
of control risk by using a structured working paper, an
internal control questionnaire, or a memorandum.
Substantive Procedures
Timing of Audit Procedures
Interim

Year End
Timing of Audit Procedures
Transaction Cycles
Completing the audit
 Identify Contingencies
 Review for Subsequent Events for Audit of Financial
Statements
 Final Evidence Evaluation Processes
Final Evidence Evaluation
Processes
Evaluate entity’s ability
Perform final analytical Obtain a
to continue as a going
procedures. representation letter.
concern.

Evaluation of financial
Review working Final assessment of
statement presentation
papers. audit results.
and disclosure.

Obtain an independent
review of the
engagement.
Audit Reporting
The Standard Audit Report with an
Unmodified Opinion
The standard audit report with an unmodified opinion
is issued when the financial statements conform to the
applicable financial reporting framework.
Nine Elements
1. Report title
2. Addressee
3. Introductory paragraph
4. Management’s responsibility
5. Auditor’s responsibility
6. Auditor’s opinion
7. Auditor’s signature
8. Audit report date.
9. Auditor’s address
An Emphasis of Matter Paragraph
and an Other Matters Paragraph
An emphasis of matter An other matters
paragraph does not paragraph does not
affect the auditor’s affect the auditor’s
opinion opinion
because it can only be because it relates to
included in the audit matters other than those
report if the matter is required to be presented
presented or disclosed in or disclosed in the
the financial statements financial statements.
in accordance with the
applicable financial
reporting framework.
An Emphasis of Matter Paragraph
for a Going-Concern Uncertainty