Audit Reports
Comprehensive Material Series
Audit Reports
1) Explain why auditors’ reports are important to users of
financial
statements
and why it is desirable to have standard wording.
: Auditor's reports
are important to users of financial statements
because they
inform users of the
auditor's opinion as to whether or not the statements are fairly stated or
whether no conclusion can be made with regard to the fairness of their presentation. Users especially look for any deviation from the wording of the
standard unqualified report and the reasons and implications of such deviations. Having standard wording improves communications for the benefit of
users of the auditor’s report. When there are departures from
the standard wording, users are more likely to recognize
and consider situations requiring a modification
or qualification to the auditor’s report or opinion.
2) List the seven parts of a standard unqualified
audit report and explain the meaning of each part. How do the
parts compare with those found in qualified report?
: The
unqualified audit report consists of:
1. Report title Auditing standards require that the report be titled and
that the
title includes the word independent.
2. Audit report
address The report is usually addressed
to the company,
its
stockholders, or the board of directors.
3. Introductory
paragraph The first paragraph of the
report does three
things: first, it makes the simple
statement that the CPA firm has done
an audit. Second, it lists the financial
statements that were audited, including the balance sheet dates and the
accounting periods for the income statement and statement of cash flows.
Third, it states that the statements
are the responsibility of
management and that
the auditor's responsibility is to express an
opinion on the statements
based on an audit.
4. Scope paragraph.
The scope paragraph is a factual statement about what the auditor did in the audit. The remainder
briefly describes important aspects of an audit.
5. Opinion
paragraph. The final paragraph in
the standard report states
the auditor's
conclusions based on the results of
the audit.
6. Name of CPA
firm. The name identifies the CPA
firm or practitioner
who performed the audit.
7. Audit report
date. The appropriate date for the report
is the one on
which the
auditor has completed
the most
important auditing procedures in the field.
The same seven parts are found in a qualified report
as in an unqualified report. There are also often one or more additional paragraphs explaining
reasons for the qualifications.
3) What are the purposes of the scope paragraph in the auditor’s
report? Identify the most important information
included in the
scope paragraph.
: The purposes of the scope paragraph in the
auditor's report are to inform
the financial statement users that the
audit was conducted in accordance
with generally accepted auditing standards, in general terms what those standards
mean, and whether the audit provides a reasonable basis for an opinion.
The information in the scope paragraph includes:
Comprehensive Material Series
1. The auditor followed
generally accepted auditing standards.
2. The audit is designed to obtain reasonable assurance about
whether the
statements are free
of material misstatement.
3. Discussion of the audit
evidence accumulated.
4. Statement that the auditor believes the evidence accumulated
was
appropriate
for the circumstances to express
the opinion presented.
4) What are the purposes of the opinion
paragraph in the auditor’s
report? Identify the most important information
included in the
opinion paragraph.
: The purpose of the opinion paragraph is to
state the auditor's conclusions based
upon the results of the audit
evidence. The most important information
in the opinion paragraph includes:
1. The words "in our
opinion" which indicate that the conclusions are based
on professional judgment.
2. A restatement of the
financial statements that have been audited and the
dates thereof or a reference to the introductory paragraph.
3. A statement about whether the financial statements were presented
fairly
and in accordance
with generally accepted accounting principles.
5) On February 17, 2006, a CPA completed the field work on the
financial statements for the Buckheizer Technology Corporation for
the year ended December 31, 2005. The audit in satisfactory in all respects except for the existence of a change
in accounting principle from FIFO
to LIFO inventory
valuation., which results in
an explanatory paragraph to
consistency. On February 26, the auditor completed the tax return and the draft of the
financial statements. The final audit report
was completed, attached to the financial
statements, and delivered to the client on March 7. What is the appropriate date on the auditor’s report?
: The auditor's report
should be dated February 17, 2006,
the date on which the auditor completed
the most important auditing procedures in the field.
6) What five circumstances
are required for a standard unqualified
report to
be issued?
: An
unqualified report may be issued
under the following five circumstances:
1. All statements—balance sheet, income statement, statement of retained
earnings, and statement of
cash flows—are included in the
financial statements.
2. The three general standards have been followed in all respects on the
engagement.
3. Sufficient evidence has been accumulated and the auditor has conducted
the
engagement in a manner that enables him or her to conclude that the three
standards of field work have been
met.
4. The financial statements
are presented in accordance with generally
accepted accounting principles.
This also means
that adequate disclosures
have been included in the footnotes and other parts of the financial statements.
5. There are no circumstances requiring
the addition of an explanatory
paragraph or
modification of the wording of the report.
7) Describe the additional
information included in the introductory,
scope, and opinion paragraphs in a combined audit report on
financial statements and the effectiveness of internal control over
Comprehensive Material Series
financial
reporting. What is the nature of the additional paragraphs in the audit report?
: The introductory,
scope and opinion paragraphs are modified to include reference to management’s report on internal
control over financial reporting, and the scope of the auditor’s work and opinion on internal control
over financial reporting. The introductory
and opinion paragraphs also refer to
the framework used to evaluate internal control. Two additional
paragraphs are added between the scope and
opinion paragraphs that define internal
control and describe the inherent limitations of internal control.
8) What type of opinion should an auditor issue when the
financial statements are
not in accordance
with GAAP because
such adherence would result in
misleading statements?
: When
adherence to generally accepted
accounting principles would result
in misleading financial statements there should be a complete explanation
in a separate paragraph. The separate paragraph
should fully explain the departure and
the reason why generally
accepted accounting principles would have resulted
in misleading statements. The opinion
should be unqualified, but it should refer
to the separate paragraph during the portion of the opinion in which
generally accepted accounting principles
are mentioned.
9) Distinguish
between an unqualified
report with explanatory
paragraph or modified wording and a qualified report. Give examples when an explanatory paragraph or modified
wording should be used in an unqualified
opinion.
: An unqualified report with an explanatory
paragraph or modified wording is
the same
as a standard unqualified
report except
that the auditor believes it is
necessary to provide additional
information about the audit or the financial
statements. For a qualified report, either there is a scope limitation (condition 1) or a failure
to follow generally accepted accounting principles (condition 2). Under either condition, the auditor concludes that
the overall financial statements are fairly presented.
Two examples of an
unqualified report with an explanatory paragraph or modified wording
are:
1. The entity changed from
one generally accepted accounting principle
to another generally
accepted accounting principle.
2. A shared
report involving the use of other
auditors.
10)Describe what is meant by a reports involving the use of other
auditors. What are the three options available to the principal
auditor and when should each be used?
: When another CPA has
performed part of the audit, the
primary auditor issues one of the
following types of reports based on
the circumstances.
1. No reference is made to the other auditor. This will occur if the other auditor audited an immaterial
portion of the statement, the other
auditor is known or closely supervised, or if the principal auditor
has thoroughly
reviewed the other auditor's work.
2. Issue a shared
opinion in which reference is made to the other auditor.
This type of report is issued
when it is impractical to review the
work of the other auditor or when a
portion of the financial statements audited
by the other CPA is material
in relation to the total.
Comprehensive Material Series
3. The report may be
qualified if the principal auditor is not willing to assume any responsibility for the work of the other auditor. A
disclaimer may be issued if the segment audited by the other CPA is highly material.
11)The client has restated the prior-year statements because of a change from LIFO to FIFO. How should be this reflected in the
auditor’s report?
: Even though the prior year statements
have been restated
to enhance comparability, a separate explanatory
paragraph is required to explain
the change
in generally accepted accounting
principles in the first year in
which the change took place.
12)Distinguish between
changes that affect consistency and those that may
affect comparability but not consistency.
Give an example of each.
: Changes that affect the consistency of the financial statements
may involve any of the following:
a. Change in accounting
principle
b. Change in reporting entity
c. Corrections of errors involving
accounting principles.
An example of a change that affects consistency would be a change in the method of computing depreciation from straight line to an accelerated method. A separate explanatory paragraph is required if the amounts are material.
Comparability refers
to items such as changes in estimates, presentation,
and events rather than changes in
accounting principles. For example, a change in the estimated life of a depreciable asset will affect the
comparability of the statements. In that
case, no explanatory paragraph for
lack of consistency is needed, but the
information may require
disclosure in the statements.
13)List the three conditions that require a departure from unqualified
opinion and give one specific example of each those conditions.
: The three conditions requiring a departure from
an unqualified opinion are:
1. The scope of the audit has been restricted. One example
is when the client will not permit the auditor to confirm material receivables. Another example
is when the engagement is not agreed
upon until after the client's year-end
when it may be impossible to physically
observe inventories.
2. The financial statements have not been prepared in
accordance with generally accepted
accounting principles. An example is when the client insists upon using replacement costs for fixed assets.
3. The auditor is not independent. An example
is when the auditor owns
stock in the
client's business.
14)Distinguish between a qualified opinion, adverse opinion, and a
disclaimer of opinion, and explain the circumstances under which each is appropriate.
: A qualified opinion states that there has been either a limitation on the
scope of the audit or a departure from
GAAP in the financial statements, but that the auditor believes that the overall financial
statements are fairly presented. This type of opinion may not be used if the auditor
believes the exceptions being reported
upon
Comprehensive Material Series
are extremely material, in which case a
disclaimer or adverse opinion would be
used.
An adverse opinion
states that the auditor believes the overall financial
statements are so materially misstated or misleading that they do not present fairly in accordance
with GAAP the financial position, results of operations, or cash flows.
A disclaimer of opinion states that the
auditor has been unable to satisfy
him or herself as to whether or not the
overall financial statements are
fairly presented because of a significant limitation of the
scope of the audit, or a non-independent
relationship under the Code
of Professional Conduct between the auditor and the client.
Examples of situations
that are appropriate for each type of
opinion are as follows:
|
OPINION TYPE |
EXAMPLE SITUATION |
|
Disclaimer Adverse Qualified |
Material
physical inventories not
observed and the inventory cannot be
verified through
other procedures. Lack of independence by
the auditor. GAAP. an asset which is material but not extremely material in
value. |
15)Define materiality as it is used in audit reporting. What conditions
will
affect the auditor’s determination of materiality?
: The common definition of materiality as it
applies to accounting and, therefore, to
audit reporting is:
A
misstatement in the financial statements can be considered material
if knowledge of the misstatement would affect a decision of a
reasonable user of the statements.
Conditions
that affect the auditor's determination
of materiality include:
< Potential users of the
financial statements
< Dollar amounts of the following items: net income before taxes,
total
assets, current
assets, current liabilities, and
owners' equity
Nature of the potential misstatements—certain misstatements, such as fraud, are
likely to be more important to users of the financial statements
than other misstatements.
16)Explain how materiality differs for
failure to follow GAAP and for lack
of
independence.
: Materiality for lack of independence in audit
reporting is easiest to define. If the
auditor lacks independence as defined by the Code of Professional
Conduct, it is always considered highly material and therefore
a disclaimer of opinion is always
necessary. That is, either
the CPA is independent or not
independent. For failure to
follow GAAP, there are three
levels of materiality: immaterial,
material, and highly material.
17)How does the auditor’s opinion differ between scope limitations
caused by client
restrictions and limitations
resulting from conditions beyond the client’s control? Under
which of these two
Comprehensive Material Series
would the
auditor be most likely to issue a
disclaimer of opinion? Explain.
: The auditor's opinion may be qualified by
scope limitations caused by client restrictions or by limitations resulting from conditions beyond the client's control. The former occurs when the client will not, for example, permit the auditor to confirm material receivables or physically observe inventories. The latter may
occur when the engagement is not agreed upon until after the client's year-end when it may not be possible to physically observe
inventories or confirm receivables.
A disclaimer of opinion is issued if the scope
limitation is so material that the
auditor cannot determine if
the overall financial statements are
fairly presented. If the scope limitation is caused by the
client's restriction the auditor
should be aware that the reason
for the restriction might be to
deceive the auditor. For this reason,
a disclaimer is more likely
for client restrictions than for
conditions beyond anyone's control.
When there
is a scope restriction that results in the failure to verify
material, but not pervasive accounts, a
qualified opinion may be issued. This is more
likely when the scope limitation is for conditions
beyond the client's control than
for restrictions
by the client.
18)Distinguish between a report qualified as
to opinion only and one
with both
a scope and opinion qualification.
: A report
with a scope and an opinion qualification is issued when the auditor can
neither perform procedures
that he or she considers necessary
nor satisfy him or herself by using alternative procedures, due to the existence of conditions beyond
the client's or the auditor's control, but the amount involved in the financial
statements is not highly material. An important part of a scope and opinion
qualification is that it results
from not accumulating sufficient
audit evidence, either because of the client's request or because of circumstances beyond anyone's
control.
A report qualified as to
opinion only results when the auditor has accumulated sufficient
competent evidence but has concluded
that the financial statements are not
correctly stated. The only circumstance in which an opinion only
qualification is
appropriate is for material, but not highly material, departures from GAAP.
19)Identify the three
alternative opinion that may be
appropriate when the client’s financial statements
are not accordance with GAAP. Under what circumstances is each appropriate.
: The three
alternative opinions that may be appropriate when the client's financial statements are
not in accordance with GAAP are an unqualified opinion, qualified
as to opinion only and adverse opinion.
Determining which is appropriate depends entirely upon materiality. An unqualified
opinion is appropriate if the GAAP
departure is immaterial
(standard unqualified) or if the
auditor agrees with the client's departure from GAAP
(unqualified with explanatory paragraph). A qualified opinion is appropriate when the deviation from
GAAP is material but not highly material; the adverse opinion is appropriate when the deviation is highly
material.
20)Discuss
why the AICPA has such strict requirements
on audit
opinions
when the auditor is not independent.
: The AICPA
has such strict requirements on audit opinions when the auditor is not
independent because it is important that stockholders and other
third parties be absolutely assured that the auditor is unbiased throughout the entire
engagement. If users develop the
attitude that auditors are not
independent of management, the value of
the audit function will be greatly reduced, if not eliminated.
Comprehensive Material Series
21)When an auditor
discovers more than one condition that requires
departure from or modification of standard unqualified report, what should the auditor’s report include?
: When the auditor discovers more than one condition that requires
a departure from or a modification
of a standard unqualified
report, the report
should be modified for each condition. An exception
is when one condition neutralizes the
other condition. An example
would be when the auditor is not independent and there is also a scope limitation.
In this situation the lack of independence
overshadows the scope limitation. Accordingly, the scope limitation should not
be mentioned.
22)What responsibility
does the auditor have for information on the
company’s web site that may be
inked to electronic versions of
the company’s annual financial
statements and auditor’s report?
How does this
differ from the
auditor’s responsibility for
other information in
the company’s annual
report that includes
the financial statements and
auditor’s report?
: Under current
auditing standards, auditors are not required to read
information contained in electronic sites, such as the company’s Web site, that also contain the
company’s audited financial statements and the auditor’s report. Auditing standards
do not consider electronic sites to be “documents.” This is different from the auditor’s
responsibility for
published (hard
copy) documents that
contain information in addition to audited financial
statements and the auditor’s report.
In this latter example, the auditor is responsible
for reading other information that
is published with audited financial
statements and the auditor’s report
to determine whether it is materially
inconsistent with information in the audited financial
statements.
The Audit Process-Audit
Responsibilities and objectives
1) State the objective of the audit of financial statements. In
general
terms, how do auditors meet that objective?
: The objective of the audit of financial statements by the independent auditor
is the
expression of an opinion on the fairness with which the
financial statements present financial
position, results of operations, and cash flows in conformity with generally accepted accounting principles.
The auditor
meets that objective by accumulating sufficient competent evidence to
determine whether the
financial statements are fairly
stated.
2) Distinguish between management’s and auditor’s responsibility
for
the
financial statements being audited.
: It is management's responsibility to adopt sound accounting policies, maintain adequate
internal control and
make
fair
representations in the financial statements. The auditor's responsibility is to conduct an audit of the financial statements in accordance with auditing
Comprehensive Material Series
standards and
report the findings of the audit in the auditor's report.
3) Distinguish between the
terms errors and
fraud. What is
the
auditor’s
responsibility for finding each?
: An error is an unintentional misstatement of the financial statements. Fraud represents
intentional misstatements. The
auditor is responsible for obtaining
reasonable assurance that material
misstatements in the financial statements are detected, whether
those misstatements are due to errors or
fraud.
An audit must be designed to provide reasonable assurance of detecting material misstatements in the financial statements.
Further, the audit must be planned
and performed with an attitude of
professional skepticism in all aspects of the engagement. Because there is
an attempt at concealment of fraud, material misstatements due to
fraud are usually more difficult to uncover than errors. The auditor’s best defense when material misstatements (either errors
or fraud) are not uncovered in the audit
is that the audit was conducted in accordance with
auditing standards.
4) Distinguish between
fraudulent financial reporting and misappropriation of assets. Discuss the likely difference between
those two types of fraud on the fair presentation
of financial statements.
: Misappropriation of assets represents the theft of assets by
employees. Fraudulent financial reporting is the intentional misstatement of financial information by management or a theft of
assets by management, which
is covered up by misstating
financial statements.
Misappropriation of assets ordinarily occurs
either
because
of inadequate internal controls or
a violation of existing controls. The
best way to prevent theft of assets is through adequate internal controls that function effectively.
Many times theft of assets is relatively small
in dollar amounts and will
have no effect on the fair
presentation of financial statements.
There are also the cases of large theft of assets that result in bankruptcy to the company. Fraudulent financial reporting is inherently difficult to uncover because it is possible for one or more
members of management to override internal controls. In many cases
the amounts are
extremely large and may affect the fair presentation of financial
statements
5) “It is well accepted in auditing that throughout the conduct of
the ordinary audit, it is essential to
obtain large amounts of information from
management and to rely heavily on management’s judgments. After all, the financial statements are management’s
representations, and simple,
it is extremely
difficult, if not
impossible, for the auditor to evaluate the obsolescence inventory as well as management can in a highly complex
business. Similarly, the collectability of
accounts receivable and
the continued usefulness of
machinery and equipment are heavily dependent on
management’s willingness to
provide truthful responses
to questions.” Reconcile the auditor’s responsibility
for discovering material misrepresentations by management
with these comments.
: True, the auditor
must rely on management for certain information in the conduct of his or
her audit. However, the auditor must not accept management's representations blindly.
The
auditor must, whenever possible, obtain
competent evidential matter to support the representations of management. As an example, if management represents that
certain inventory is not
obsolete, the auditor should be able to examine purchase orders
from
customers that prove part of the inventory is being
sold at a price that is higher than the company's cost plus selling expenses. If management represents an account
receivable as
Comprehensive Material Series
|
|
|
|
|
< Investigate the past history
of the firm and its management. financial reporting with previous auditor
and company legal counsel after
obtaining permission to do so from
management.
|
|
2. Industry conditions. |
<
Research
current status of industry and compare industry financial ratios to the company’s ratios. Investigate any unusual < Read AICPA’s
Industry Audit Risk Alert
for the company’s industry, if
available. Consider the impact of
specific risks that are identified on the conduct of the audit. |
|
3. Operating characteristics and financial stability. |
|
7) Describe what is meant by the cycle approach to auditing. What
are
the
advantages of dividing the audit into different cycles?
: The cycle approach is a method of dividing the audit such that closely
related types of
transactions and account balances are included in the same cycle.
For example, sales, sales returns, and
cash receipts transactions and the accounts receivable balance are all a part
of the sales and collection cycle. The advantages of dividing the audit into
different cycles are to divide the
audit into more manageable parts, to assign tasks to different members of the audit team, and to keep closely related parts of the
audit together.
8) Identify the cycle to which each of the following ledger accounts would
ordinarily be assigned:
sales, account
payable, retained
earnings, account receivable, inventory and repairs and maintenance.
:
GENERAL LEDGER ACCOUNT CYCLE
Comprehensive Material Series
|
Sales Accounts Payable Retained Earnings Accounts Receivable Inventory Repairs & Maintenance |
Sales & Collection Acquisition & Payment Capital Acquisition & Repayment Sales & Collection Inventory & Warehousing Acquisition & Payment
|
9) Why are sales, sales R&A, bad debts, cash discounts,
AR, and
allowance for uncollectible accounts all
included in the same cycle?
: There is a close relationship between each of these accounts. Sales,
sales returns and
allowances, and cash
discounts all affect accounts receivable. Allowance for uncollectible accounts is closely tied to accounts
receivable and should not be
separated. Bad debt expense is closely
related to the allowance for
uncollectible accounts. To separate
these accounts from each other implies
that they are not closely related. Including them in the same cycle helps
the auditor keep their relationships in
mind.
10)Define what is meant
by a management assertion about financial
statements. Identify the
five board categories
of management assertions.
: Management assertions are implied or expressed representations by management about classes of transactions and the related accounts
in the financial statements. These
assertions are part of the criteria
management uses to record and disclose accounting information in financial statements. SAS 31 (AU 326)
classifies five broad categories of assertions:
1. Existence or occurrence
2. Completeness
3. Valuation or allocation
4. Rights and obligations
5. Presentation
and disclosure
11)Distinguish between
the general audit objectives and management
assertions. Why are the general audit objectives
more useful to
auditors?
: General audit objectives follow from and are closely related to management assertions. General audit objectives, however, are intended to provide a framework to help the auditor
accumulate sufficient
competent evidence required
by the third standard of field work. Audit
objectives are more useful to auditors than assertions because they are
more detailed and more closely related to helping the auditor
accumulate sufficient competent
evidence.
12)An acquisition of fixed-asset repair by a construction company is recorded on
the wrong date.
Which transaction-related audit
objective has been
violated? Which
transaction-related audit objective has been violated if the
acquisition had been capitalized as a fixed asset
rather than expensed?
:
Comprehensive Material Series
|
RECORDING MISSTATEMENT |
TRANSACTION-RELATED
AUDIT OBJECTIVE VIOLATED
|
|
Fixed asset repair is recorded on the wrong
date.
Repair is capitalized as
a fixed asset instead of an expense. |
Timing Classification |
13)Distinguish between
the existence and
completeness balance- related audit objectives. State the effect on financial
statements (overstatement or understatement) of a violation of each in the
audit of accounts receivable.
: The existence objective deals with whether
amounts included in the financial statements should actually be included. Completeness is the opposite of existence. The completeness objective deals with whether all amounts that should be included have actually been included.
In the audit of accounts receivable, a nonexistent account receivable will lead to
overstatement of the accounts receivable balance. Failure to include a customer's account receivable balance, which is a
violation of completeness, will lead
to understatement of the
accounts receivable balance.
14)What are specific audit objectives? Explain
their relationship to the
general
audit objectives.
: Specific
audit objectives are the application of the general audit objectives to a given
class of
transactions or account balance. There must be at least
one specific audit objective for each
general audit objective and in many cases there should be more. Specific
audit objectives for a class of
transactions or an account balance should be designed such that, once they have
been satisfied, the related general
audit objective should also have been satisfied for that class of transactions or account.
15)Identify the management
assertion and general balance-related audit for the specific balance-related audit
objective: All recorded fixed assets
exist at the balance sheet date.
: For the specific balance-related audit objective, all recorded
fixed assets exist at the balance sheet
date, the management assertion and the general balance-related audit objective
are both "existence."
16)Explain how management
assertions, general balance-related audit
objectives, and specific
balance-related audit objectives
are developed for an account
balance such as accounts receivable.
: Management assertions and general balance-related audit
objectives are consistent for all asset accounts for
every audit.
They were developed by the Auditing Standards Board,
practitioners, and academics over a period of time. One or more specific
balance-related audit objectives are
developed for each general balance-related audit objective in an audit area
such as accounts receivable. For any
given account, a CPA firm may decide
on a consistent set of specific balance-related audit objectives for accounts receivable, or it may decide to use
different objectives for different audits.
17)Identify the four phases of the audit.
What is the relationship of the
four phases to the objective of the audit of financial statements?
: The four phases of
the audit are:
Comprehensive Material Series
1. Plan and design an audit
approach.
2. Perform tests of controls and substantive tests
of transactions.
3. Perform
analytical procedures and tests of details of balances. 4. Complete the audit
and issue an audit report.
The auditor uses these four phases to meet the
overall objective of the audit, which
is to express an opinion on the fairness with which the financial statements present fairly, in all material respects, the financial position,
results of operations and cash flows in conformity with GAAP. By accumulating sufficient competent
evidence for each audit objective, the overall objective is met. The accumulation of
evidence is accomplished by performing the four phases of the audit.
The Audit Process-Audit Evidence
1) Discuss the similarities and differences between evidence in a
legal
case and
evidence in an audit of financial statements.
: In both a
legal case and in an audit of financial statements, evidence is used by an
unbiased
person to draw conclusions. In addition, the consequences of an incorrect decision in both situations can be equally undesirable. For
example, if a guilty person is set free, society may be in danger if the person repeats his or her
illegal act. Similarly, if investors rely on materially misstated financial statements, they
could lose significant amounts of money.
Finally, the guilt of
a defendant in a legal case
must be proven beyond a reasonable doubt.
This is similar to the concept of sufficient competent evidence in an audit situation. As with a judge or jury, an
auditor cannot be completely convinced
that his or her opinion is correct,
but rather must obtain a high level of
assurance.
The nature of evidence in a legal case and in
an audit of financial statements differs because a legal case relies heavily on
testimony by witnesses and other parties involved. While
inquiry is a form of evidence used by auditors, other more reliable
types of evidence such as confirmation with third
parties, physical examination, and
documentation are also used
extensively. A legal case
also differs from an audit because
of the nature of the
conclusions made. In a legal case, a
judge or jury decides the guilt or innocence of the defendant. In an audit, the auditor issues one of several
audit opinions after evaluating the evidence.
2) List the four major evidence decisions that must be made on
every
audit.
: The four major audit evidence decisions
that must be made on every audit
are:
1. Which audit procedures to use.
Comprehensive Material Series
2. What
sample size to select for a given procedure. 3. Which items to select from the population.
4. When to perform the procedure.
3) Describe what is meant by an audit procedure. Why is it
important
for audit
procedures to be carefully worded?
: An audit
procedure is the detailed instruction for the collection of a type of audit evidence
that is to be obtained. Because
audit
procedures are the instructions to be followed in
accumulating evidence, they
must be worded carefully to make
sure the instructions are clear.
4) Describe what is meant by an audit program for accounts
receivable.
What four
things should be included in an audit program?
: An audit
program for accounts receivable is a list of audit procedures that will be used to
audit
accounts receivable for a given client. The audit procedures, sample size,
items to select, and timing should be
included in the audit program.
5) State the third standard of field work. Explain the meaning of
each
of the
major phrases of the standard.
: Sufficient competent evidential matter is to be obtained through inspection, observation,
inquiries and
confirmations to afford a reasonable basis for an opinion
regarding the financial statements under
audit. There are three major phrases of the standard.
|
PHRASE |
MEANING OF PHRASE |
|
Sufficient competent evidence Through inspection, observation,
inquiries and confirmations To afford a reasonable basis
for
an
opinion
regarding the financial statements |
The auditor must obtain
evidence that is reliable and there
must be a reasonable quantity of that
evidence.
These are the major types of evidence available for the auditor to use. The auditor cannot expect to
be
completely certain that
the
financial statements are fairly presented but there must be persuasive evidence. The
collection of evidence gathered by the
auditor provides the basis for the auditor's opinion. |
6) Explain why the auditor can be persuaded only with a
reasonable level of
assurance, rather than
convinced, that
the financial statements are correct.
: There are two primary reasons why
the auditor can only be persuaded with a reasonable level of assurance, rather than be convinced
that the financial statements are correct:
1. The cost of accumulating evidence. It would be extremely costly for the auditor to
gather enough
evidence to be completely convinced.
2. Evidence is normally not
sufficiently reliable to enable the
auditor to be completely
convinced. For example, confirmations from customers may come back with erroneous information, which is the fault of
the customer rather than the client.
Comprehensive Material Series
7) Identify the two factors, that determine the persuasiveness
of evidence. How are these two factors related
to audit procedures, sample size, items
to select, and timing?
: The two determinants of the persuasiveness of evidence are
competency and sufficiency.
Competency refers to the degree to which
evidence can be considered believable or worthy
of trust. Competency relates to the
audit procedures selected, including the timing of when those procedures are performed. Sufficiency
refers to the quantity of evidence
and it is related
to sample size and items to
select.
8) Identify the seven characteristics that determine the
competence of evidence. For each characteristics, provide one
example of a type of evidence that is likely to be competent.
7.8 : Following are seven characteristics that
determine competence and an example of
each.
|
|
EXAMPLE OF
COMPETENT
EVIDENCE
|
|
Relevance Independence of provider Effectiveness
of client's internal controls
Auditor's direct knowledge
Qualifications of provider Degree of objectivity Timeliness |
Trace inventory items
located in
the
warehouse to their inclusion in
the
inventory subsidiary records Confirmation of a bank balance Use of duplicate sales invoices for a large well-run company Physical examination of inventory by the
auditor Letter from an attorney dealing with the client's affairs Count of cash on hand by auditor Observe inventory on the last day of the fiscal year |
9) List the seven types
of audit evidence included in this chapter and
give two
examples of each.
:
|
TYPES OF AUDIT
EVIDENCE
|
EXAMPLES
|
|
1. Physical examination 2. Confirmation
|
<
Count petty
cash on hand
<
Confirm
accounts receivable balances of a sample of client customers < Confirm client’s cash
balance with bank |
Comprehensive Material Series
|
3. Documentation
4. Analytical procedures |
<
Examine
cancelled checks returned with
cutoff bank statement < Examine vendors’
invoices supporting a sample of cash disbursement transactions throughout the year
<
Evaluate
reasonableness of receivables by calculating and comparing
ratios sales with prior year’s percentages
|
Comprehensive Material Series
|
TYPES OF AUDIT
EVIDENCE
|
EXAMPLES
|
|
5. Inquiries of the client 6. Re-performance 7. Observation |
<
Inquire of
management whether there is obsolete inventory < Inquire of management regarding the collectibility of large accounts receivable
balances
<
Re-compute
invoice total by multiplying item
price times quantity sold <
Food the
sales journal for a one-month period and compare all totals to
the general ledger
<
Observe
client employees in the process of counting inventory <
Observe
whether employees are
restricted from access to the check
signing machine
|
10)What are the four characteristics of the
definition of a confirmation?
Distinguish between a confirmation and external documentation.
: The four characteristics of the definition
of a confirmation are:
1. Receipt
2. Written or oral response
3. From independent third party
4. Requested by
the auditor
A confirmation is prepared
specifically for the auditor and comes from an external source. External documentation is in the
hands of the client at the time of
the audit and was prepared for the client's use in the
day-to-day operation of the
business.
11)Distinguish between internal documentation and external
documentation as audit evidence and give three
examples of each.
: Internal
documentation is prepared and
used within the client's organization without
ever
going to an
outside party, such as a customer or
vendor.
Internal documentation is prepared and used within
the client's organization without
ever
going to an
outside party, such as a customer or
vendor.
Examples:
< check request form
< receiving report
< payroll time card
< adjusting journal entry
External documentation either originated with an outside party or was an internal document that went to an outside party and is now either in the hands of the client or is readily accessible.
Examples:
< vendor's invoice
< cancelled check
< cancelled note
< validated deposit slip
12)Explain the importance
of analytical procedures as evidence in
Comprehensive Material Series
determining
the fair presentation of the
financial statements.
: Analytical
procedures are useful for indicating
account balances that may be distorted by
unusual or significant
transactions and that should be intensively investigated. They are also useful in reviewing accounts or transactions for
reasonableness to corroborate tentative conclusions reached on the basis of other
evidence.
13)Identify
the most important
reasons for performing
analytical
procedures.
: The most important reasons for performing
analytical procedures are the following:
1. Understanding the
client's industry and business
2. Assessment of the
entity's ability to continue as a
going concern
3. Indication of the
presence of possible misstatements in the financial statements
4. Reduction of detailed audit tests
14)Your
client, Harper Company, has a
contractual commitment as a part of a
bond indenture to maintain a current ratio of 2.0. if the ratio falls below that level on the balance
sheet date, the entire bond becomes payable immediately. In the current year,
the client’s financial statements show
that the ratio has dropped from 2.6 to
2.05 over the past year. How
should this situation affect your audit
plan?
: The decrease of the
current ratio indicates a liquidity problem for Harper Company since the ratio has dropped to a level close to the requirements of the bond indenture. Special care
should be exercised by the auditor to determine that the 2.05 ratio is
proper since management would be motivated to hide any lower ratio. The auditor should expand procedures to test all current assets for proper cutoff and possible overstatement and to test
all current liabilities for proper cutoff and possible understatement.
15)Distinguish between attention-directing analytical procedures
and those intended
to eliminate or reduce
detailed substantive procedures.
: Attention directing analytical procedures occur when significant, unexpected differences are found between
current year's unaudited financial data and other data used in comparisons. If
an unusual difference is large, the auditor must determine the reason for it,
and satisfy himself or herself that the cause is a valid economic
event and not an error or misstatement due to fraud.
When an analytical procedure reveals
no unusual fluctuations, the implication is
minimized. In that case, the analytical procedure constitutes
substantive evidence in support
of the fair statement of the related account balances, and it is
possible to perform fewer detailed
substantive tests in connection with
those accounts.
Frequently, the same analytical procedures can be
used for attention directing
and for reducing
substantive tests, depending on the outcome of the tests. Simple
procedures such as comparing the current year account balance to the prior year account balance is more attention directing
(and provides less assurance) than more
complex analytical procedures; i.e., those which rely on regression analysis. More sophisticated analytical procedures help the auditor examine relationships between several information variables simultaneously. The nature of these tests
may provide greater
assurance than simple procedures.
16)Explain why the statement “Analytical
procedures are essential in every part of an audit, but these tests are rarely sufficient
by themselves for any audit area” is correct or
incorrect.
Comprehensive Material Series
: The statement is
correct. Except for certain accounts with small dollar balances, analytical
procedures are essential to help the auditor identify trends in a
client's business and to see the
relationship between the
client's performance and industry averages. However, the auditor
is responsible for gathering sufficient competent evidential matter
through inspection, observation and confirmation in addition to the evidence
obtained as a result of the analytical procedures.
17)List the purposes of audit documentation
and explain why each
purpose is
important.
: The purposes of audit documentation are as
follows:
1. To provide a basis for planning the audit. The auditor may use reference
information from the previous year
in order to plan this year's audit, such as the evaluation
of internal control, the time budget,
etc.
2. To provide a record
of the evidence accumulated and the results of the tests. This is the primary
means of documenting that an adequate audit was performed.
3. To provide
data for deciding the proper type of audit
report. Data are used in determining
the scope of the audit
and the fairness
with which the financial
statements are stated.
4. To provide a basis for review by supervisors
and partners. These individuals use the
audit documentation to evaluate whether sufficient competent evidence was accumulated to justify the audit report.
Audit documentation are used for several
purposes, both during the audit and after the
audit is completed. One of
the uses is the review by more experienced personnel. A second is for planning the
subsequent year audit.
A third is to demonstrate that
the auditor has
accumulated sufficient
competent evidence if there's a need to defend the audit at a later date. For these uses, it is important
that the audit documentation provide sufficient
information so that the person
reviewing an audit schedule knows the name of the client, contents
of the audit schedule, period
covered, who prepared the audit
schedule, when it was prepared, and how it ties into the rest of the audit files with an
index code.
The purposes
of audit documentation are as follows:
1. To provide a basis for planning the audit. The auditor may use reference
information
from the previous year in order to plan this year's
audit, such as the evaluation of
internal control, the time budget, etc.
2. To provide a record of
the evidence accumulated and the results of
the tests. This is the
primary means
of documenting that an adequate audit was performed.
3. To provide data for
deciding the proper type of audit
report. Data are used in determining
the scope of
the audit and the fairness with which the financial statements are stated. 4. To provide a basis for review by supervisors and partners. These individuals use the audit documentation to evaluate whether sufficient competent evidence was
accumulated
to justify the audit report.
Audit documentation are used
for several purposes, both during the audit and after the audit is completed. One of the uses is the review by more
experienced personnel. A second
is for
planning the
subsequent year audit.
A third is to demonstrate that
the auditor has
accumulated sufficient
competent evidence if there's a need to defend the audit at a later date. For these uses, it is important
that the audit documentation provide sufficient
information so that the person
reviewing an audit schedule knows the name of the client, contents
of the audit schedule, period
covered, who prepared the audit
schedule, when it was prepared, and how it ties into the rest of the audit files with an
index code.
18)What are the two criteria that auditors
of public companies consider when
determining whether memos,
correspondence, and other
documents must be maintained in the audit files?
: The two criteria used by auditors of public
companies when determining whether memos, correspondence, and other documents must be
maintained in the audit files are as follows:
1. The materials are
created, sent, or received in connection with the audit or review.
Comprehensive Material Series
2. The materials contain
conclusions, opinions, analyses, or financial data related to
the audit or
review.
19)For
how long does the Sarbanes-Oxley Act require auditors of public
companies
to retain audit documentation?
: The Sarbanes-Oxley Act of 2002 requires auditors of public companies to prepare and
maintain
audit schedules and other information related to any audit report in sufficient detail to support the auditor’s conclusions, for a period of not less than 7 years.
20)Explain why it is
important for audit documentation to include each of the following:
identification of the name of the client, period
covered, description of the contents,
initial of the preparer, date
of the preparation, and an index code.
: Audit
schedules should include the following:
Name of the client Enables the auditor to identify the
appropriate file to include the audit
schedule in
if it is removed from the files.
Period
covered Enables the auditor to
identify the appropriate year to which an audit schedule for a client belongs if it is
removed from the files.
Description of the contents A list of the contents enables the reviewer to determine
whether all important parts of the audit schedule have been included. The contents description is also used as a means of identifying audit files in the same
manner that a table of contents is used.
Initials of the preparer Indicates who prepared the audit schedule in case there are
questions by the reviewer or
someone who wants information from the files at a later date. It also clearly identifies who is responsible for preparing the audit
documentation if the audit must be
defended.
Date of preparation Helps the reviewer to determine the sequence of the
preparation of the audit schedules. It
is also useful for the subsequent year in planning the sequence of preparing audit schedules.
Indexing Helps in organizing and filing audit schedules. Indexing also facilitates in searching between related portions of the audit
documentation.
21)Define what is meant by a permanent file,
and list several types of information
typically included. Why does the auditor not include the contents of the permanent file with the
current year’s audit file?
: The permanent file contains data of an historical and continuing nature pertinent to the current audit. Examples of items included in
the file are:
1. Articles of
incorporation
2. Bylaws, bond
indentures, and contracts
3. Analysis of accounts
that have continuing importance to the auditor
4. Information related to the understanding of
internal control:
a. flowcharts
b. internal control
questionnaires
5. Results of previous years' analytical procedures, such
as various ratios
and
percentages
compiled by the auditors
By separating
this information from the current year's
audit files, it becomes easily accessible
for the following year's
auditors to obtain permanent file data.
Comprehensive Material Series
22)Distinguish between
the following types
of current period
supporting schedules and state
the purpose of each: analysis, trial
balance, and tests of reasonableness.
: The purpose of an analysis is to show the activity in a general ledger account during
the entire period under audit, tying together the beginning and ending
balances. The trial balance includes the detailed make-up of an
ending balance. It differs from an
analysis in that it includes only those items comprising the end of the
period balance. A test of
reasonableness schedule contains information that enables
the
auditor to evaluate
whether a certain account
balance appears to be misstated. One example of a test of
reasonableness schedule is a schedule that
compares current year
expenses to prior years' amounts. This type of schedule is intended to show which accounts need investigation due to
significant variances.
23)Why is it essential that the auditor not
leave questions or exceptions
in the
audit documentation without an adequate explanation?
: Unanswered questions and exceptions may
indicate the potential for significant errors or
fraud in the
financial statements. These should be investigated and resolved to make sure
that financial statements are fairly presented.
The audit files
can also be subpoenaed by courts as legal evidence.
Unanswered questions and exceptions may indicate lack of due care by the auditor.
24)Define
what is meant by a tick mark. What is its purpose?
: Tick marks are symbols
adjacent to information in audit schedules for the purpose of
indicating
the work performed by the auditor. An explanation of the tick mark must be
included at the bottom of the audit
schedule to indicate what was done and who did it.
25)Who owns the audit files? Under what circumstances can they
be
used by other people?
: Audit
files are owned by the auditor.
They can be used by the client if the auditor wants
to
release them after a careful consideration of whether there might be confidential
information in them. The audit files can
be subpoenaed by a court and thereby become the property of the court. They can be released to another CPA
firm without the client's permission
if they are being reviewed as a part of a voluntary peer review program under AICPA, state CPA society,
or state Board of Accountancy authorization. The
audit files can be sold or released to other users if the auditor obtains permission from the client.
26)A CPA sells
his auditing practice to another CPA
firm and includes all audit files as
part of the purchase price. Under what circumstances is this a violation of the code of professional conduct?
: It is a
violation unless the CPA obtains permission from each client
before the audit files for that client
are released.
27)How does the auditor read and evaluate
information that is available
only in
machine-readable form?
: When evidence can be examined only in
machine-readable form, auditors use computers to
read and examine
evidence. There are commercial audit
software programs designed specifically for use by auditors, such as ACL Software and Interactive Data Extraction and
Analysis (IDEA). Spreadsheet software
packages can also be used by auditors to perform audit tests on data that is available only in machine-readable form.
28)Explain the purposes and benefits of audit documentation software.
: The purposes of audit documentation software are to convert traditional paper-based
documentation into electronic files
and to organize the audit documentation. The benefits of audit documentation software, such as Automated Client Engagement (ACE), are as follows:
Comprehensive Material Series
< The auditor can more efficiently prepare a trial balance, lead
schedules, supporting audit
documentation, financial statements,
and ratio analysis using the
computer rather than by hand.
< The effects of adjusting journal entries are automatically carried
through to the trial balance and financial statements, making last-minute adjustments easier to
make.
< Tick marks and review
notes can be entered directly into computerized files.
< Data can be imported and exported
to
other applications. For example,
a client’s
general ledger can
be downloaded
into
ACE
and tax information can be downloaded into
a commercial tax
preparation package
after
the audit is
completed.
The Audit Process-Audit
Planning and Analytical Procedures
1) what benefits does
the auditor derive from planning
audits?
: There
are three primary benefits from planning audits: it helps the auditor obtain sufficient
competent
evidence for the circumstances, helps keep audit costs reasonable, and helps
avoid misunderstandings with the client.
2) Identify
the eight major steps in planning
audits.
: Eight major steps in
planning audits are:
1. Accept client and
perform initial planning
2. Understand the client’s business and industry
3. Assess client business risk
Comprehensive Material Series
4. Perform preliminary analytical procedures
5. Set materiality, and
assess acceptable audit risk and inherent risk 6. Understand
internal control and assess control risk
7. Gather information to
assess fraud risks
8. Develop overall audit
plan and audit program
3) What are the responsibilities of the successor and predecessor
auditors
when a company is changing auditors?
: The new auditor (successor) is required by SAS 84 (AU 315) to communicate with the
predecessor auditor. This
enables the successor to obtain information about the client so that he or she may evaluate whether to accept the engagement. Permission must be obtained
from the client before communication can be made because of the confidentiality requirement in the Code of Professional Conduct. The predecessor is required
to respond to the successor’s request for
information; however, the response may be limited to stating
that no information will be given. The successor auditor should be wary if the predecessor is reluctant to provide information about the client.
4) What factors should an auditor consider prior to accepting an
engagement?
Explain.
: Prior to accepting a client,
the auditor should
investigate the client. The auditor
should
evaluate the client’s standing in the business community, financial stability, and relations with its previous CPA
firm. The primary purpose of
new client investigation is to ascertain the integrity of the client and the possibility of fraud. The auditor should be especially concerned with the
possibility of fraudulent
financial reporting since it is difficult
to uncover. The auditor does
not want
to needlessly expose himself or herself to the possibility of a lawsuit for failure to detect such fraud.
5) What is the purpose of an engagement letter? What subjects
should
be covered
in such a letter?
: An engagement letter is an agreement between the CPA
firm and the client concerning the
conduct of the audit and related services. It should state what
services will be provided, whether any
restrictions will be imposed on the
auditor’s work, deadlines for completing the audit, and assistance to be provided by client personnel. The engagement letter may also include the auditor’s fees. In addition, the engagement letter informs the client that the auditor cannot
guarantee that all acts of fraud will
be discovered.
6) Who is considered
“the client” when auditing public companies?
: Because the Sarbanes-Oxley Act of 2002 explicitly shifts
responsibility for hiring and firing of
the auditor
from management to the audit committee for public companies, the audit
committee is viewed as “the client” in those engagements.
7) Which services must be preapproved
by the audit committee a
public
company?
: All audit and non-audit services must be
preapproved in advance by the audit committee for
public
companies.
8) Explain why auditors need
an understanding of the client’s industry.
What
sources are commonly used by
auditors to learn about the client’s
industry?
: Auditors need an understanding of the client’s
business and industry because the nature of
the business and industry
affect business risk and the risk of material misstatements in the financial statements.
Auditors use the knowledge of these risks to determine the appropriate
extent of audit evidence to accumulate.
The five major aspects of understanding the
client’s business and industry, along
with potential sources of information that auditors commonly use for each
of the five areas are as follows:
Comprehensive Material Series
1. Industry and External
Environment – Read industry trade
publications,
AICPA Industry Audit Guides, and regulatory requirements.
2. Business Operations
and Processes – Tour the plant
and offices, identify
related
parties, and inquire of management.
3. Management and
Governance – Read the corporate
charter and bylaws,
read minutes of board of directors and stockholders,
and inquire of management.
4. Client Objectives and Strategies – Inquire of management regarding their objectives for the reliability of financial reporting,
effectiveness and efficiency of
operations, and compliance with laws and regulations; read
contracts and other legal documents, such as those for notes and bonds payable, stock options, and pension
plans.
5. Measurement and Performance – Read financial statements, perform ratio analysis, and
inquire of management about key performance
indicators that management uses to
measure progress toward its
objectives.
9) When a CPA has
accepted an engagement from a new
client who is manufacturer, it is customary for the CPA to tour the client’s plant facilities. Discuss the ways in which the CPA’s observations made
during the course of the
plant tour will be of help in planning and
conducting the audit.
: During the course of the plant tour the CPA will
remember that an important aspect of the
audit will be an effective analysis of the cost system.
Therefore, the auditor will observe
the nature of the company’s
products, the manufacturing facilities and processes, and the flow of
materials so that
the information obtained can later be related to the functions of the cost
system.
The nature of the company’s products and the
manufacturing facilities and processes
will reveal the features of the cost system
that will require close audit attention. For example, the audit of a company engaged in the custom-manufacture of costly products such as yachts
would require attention to
the correct charging of material and labor to specific jobs, whereas
the allocation of material and labor charges in the audit of a
beverage-bottling plant would
not be verified on the same basis. The CPA will note
the stages at which finished products emerge and where
additional materials must be added. He or she will also be alert for points at which scrap is generated or spoilage occurs. The auditor may find it advisable, after viewing the operations, to refer to auditing literature
for problems encountered and solved
by other CPAs in similar audits.
The auditor’s
observation of the manufacturing processes
will reveal whether there is idle plant or machinery that may require disclosure in the financial
statements. Should the
machinery appear
to be old or poorly maintained, the
CPA might expect
to find heavy
expenditures in the accounts for repairs and maintenance. On the other
hand, if the auditor determines that the company has recently installed
new equipment or constructed a new building, he or she will expect to find these
new assets on the books.
In studying the flow of materials, the auditor
will be alert for possible problems that
may arise in connection with the observation
of the physical inventory, and he or she may make preliminary estimates of audit staff requirements. In this regard, the auditor will notice
the various storage areas and how the materials are stored. The
auditor may also
keep
in mind for
further
investigation any apparently obsolete inventory.
The auditor’s study of the flow
of materials will disclose the points at which various documents such as material requisitions arise. He or she will also meet some of the key manufacturing personnel who may give the auditor an insight into production problems and
other matters such as excess or
obsolete materials, and scrap and spoilage. The
auditor will be alert for the attitude of the manufacturing
personnel toward accounting controls.
The CPA may make some inquiries
about the methods of production scheduling, timekeeping procedures and whether work standards are employed. As a result of these
observations, the internal documents that relate to the flow of materials will be more meaningful as accounting evidence.
The CPA’s tour of the plant will give him or her
an understanding of the plant
terminology that will enable the CPA to communicate fluently with the client’s personnel. The measures
Comprehensive Material Series
taken by the client to safeguard assets, such as protection of
inventory from fire or theft, will be
an indication of the client’s
attention to internal control measures. The location of the receiving and shipping departments and the procedures
in effect will bear upon the CPA’s
evaluation of internal control. The auditor’s overall
impression of the client’s plant will
suggest the accuracy and adequacy of the accounting records that will be
audited.
10)An auditor often tries to acquire background knowledge of the
client’s industry as an aid to audit work. How does the acquisition
of this knowledge aid the auditor in
distinguishing between obsolete and
current inventory?
: One type of information the auditor obtains
in gaining knowledge about the
clients’ industry is the nature of the client’s products, including the likelihood of their technological obsolescence and future salability. This information is essential in helping the auditor evaluate
whether the client’s
inventory may be obsolete or have a
market value lower than cost.
11)Define what is meant by a related
party. What are the auditor’s
responsibilities for related parties and related party
transactions?
: A
related party is defined in SAS 45 (AU 334) as an affiliated company,
principal owner of the
client company, or any
other party with which the client deals where one of
the parties can influence the
management or operating policies of the other.
Material related party transactions must be disclosed in the financial statements by management. Therefore, the auditor must identify related parties and make a
reasonable effort
to determine that all material
related party transactions have been
properly disclosed in the
financial statements.
12)Which types of loans to executives are
permitted by the Sarbanes-
Oxley Act?
: Because of the lack of independence between the parties involved, the
Sarbanes-Oxley Act
prohibits related party transactions that involve personal loans
to executives. It is now unlawful for
any public company to provide personal credit
or loans to any director or executive officer
of the company. Banks or other
financial institutions are permitted
to make normal loans to their directors
and officers using market rates, such
as residential mortgages.
13)Your firm has performed the audit of
Rogers Company for several years and you
have been assigned the audit responsibility
for the current audit. How would you
review of the corporate charter and
bylaws for this audit differ from that of the audit of a client who
was audited by a different CPA firm in the preceding year?
: In the audit of a client previously audited
by a different CPA firm, it would be necessary to
obtain a copy of the corporate charter and bylaws for the
permanent files and to read these
documents and prepare a summary abstract of items to test for compliance. In an ongoing
engagement, this work has been performed
in the past and
is unnecessary each year. The auditor’s
responsibility is to determine what
changes have been made during the current
year
and to update and review the
summary abstract prepared in
previous years for compliance.
14)For
the audit of Radline Manufacturing Company,
the audit partner asks you to carefully
read the new mortgage contract with
the First National Bank
and abstract all
pertinent information. List
the information in a mortgage
that is likely to be relevant to the
auditor.
The
information in a mortgage that is likely
to be relevant to the auditor includes the following:
1. The parties to the agreement
Comprehensive Material Series
2. The effective date of the agreement
3. The amounts included in
the agreement
4. The repayment schedule
required by the agreement
5. The definition and terms
of default
6. Prepayment options and penalties specified in
the agreement
7. Assets pledged or
encumbered by the agreement
8. Liquidity restrictions imposed by the agreement
9. Purchase restrictions
imposed by the agreement
10. Operating restrictions imposed by the agreement
11. Requirements for audit reports or other types of reports on compliance with the
agreement
12. The interest rate specified in the
agreement
13. Any other requirements, limitations, or agreements specified in the
document
15)Identify two types of information in the
client’s minutes of the board of
directors meetings that are likely to
be relevant to the auditor. Explain why it is important to read the minutes early in the
engagement.
: Information in the client’s minutes that is likely
to be relevant to the auditor
includes the following:
1. Declaration of dividends
2. Authorized compensation
of officers
3. Acceptance of contracts and agreements
4. Authorization for the acquisition of property
5. Approval of mergers
6. Authorization of
long-term loans
7. Approval to pledge securities
8. Authorization of individuals to sign checks
9. Reports on the progress of operations
It is important to read the minutes early in the engagement to
identify items that need to be followed up on as a part of conducting the
audit. For instance, if a long-term loan is authorized in the minutes, the auditor will want to make certain that the loan is
recorded as part of long-
term
liabilities.
16)Identify the three categories of client
objectives. Indicate how each objective
may affect the auditor’s assessment
of inherent risk and evidence
accumulation.
: The three
categories of client objectives are (1) reliability of financial reporting, (2)
effectiveness and efficiency of operations, and (3) compliance
with laws and regulations. Each of these objectives affects the auditor’s
assessment of inherent risk and evidence accumulation as follows:
1. Reliability of financial reporting – If management sees the reliability
of financial reporting as an important objective, and if the auditor can determine that the financial reporting system is accurate and reliable, then the auditor can often
reduce inherent risk and planned evidence accumulation for material
accounts. In contrast, if management has little regard for
the reliability of financial reporting,
the auditor must increase inherent risk assessments and gather more
evidence during the audit.
2. Effectiveness and efficiency of operations – This area is of primary concern to most clients. Auditors need knowledge
about the effectiveness and efficiency
of a client’s operations in order
to assess client business risk and inherent risk in the financial statements. For example, if a client
is experiencing inventory management
problems, this
would most
likely
increase both
the auditor’s assessment
of inherent risk for the planned evidence accumulation for inventory.
3. Compliance with laws
and regulations – It is important for the auditor
to
understand the laws and
regulations that
affect an audit client,
including significant contracts
signed by the client. For example, the provisions in a
Comprehensive Material Series
pension plan document would significantly affect the auditor’s assessment of
inherent risk and evidence
accumulation in the audit of unfunded liability for pensions. If the client were in violation of the provisions of the pension plan document, inherent risk and planned evidence for pension-related accounts would
increase.
17)What is the purpose of the client’s performance
measurement system? Give
examples of key performance
indicators for the
following business: (1) a chain of retail clothing stores; (2) an
internet portal; (3) a hotel
chain.
: The purpose of a client’s
performance measurement system is to
measure the client’s progress toward
specific objectives. Performance measurement includes ratio analysis and benchmarking against key
competitors.
Performance measurements for a chain of retail clothing stores could include
gross profit by product line, sales returns
as a percentage of clothing sales, and inventory turnover by product line. An Internet portal’s performance measurements might include number
of Web site hits or search engine
speed.
A hotel
chain’s performance measures include vacancy percentages and supply cost per
rented room.
18)Define client business
risk and describe several sources of client
business risk. What
is the auditor’s
primary concern when evaluating
client business risk?
: Client business risk is
the risk that the client will fail to achieve its objectives. Sources of client business risk include any of the
factors affecting the client and its environment, including
competitor performance, new technology, industry conditions, and
the
regulatory environment. The
auditor’s primary concern when evaluating client business risk is the risk of material misstatements in the financial statements due to client
business risk. For example, if the client’s
industry is experiencing a significant and
unexpected downturn, client business risk increases. This increase would most
likely increase the risk of
material misstatements in
the financial statements. The auditor’s assessment
of the risk of
material misstatements is then used
to classify risks using the audit risk model to
determine the appropriate extent of audit evidence.
19)Describe top management
controls and their relation to client business risk.
Give examples of
effective management and
governance controls.
: Management establishes the strategies and business processes followed by a
client’s business. One top management control
is management’s philosophy and operating style, including management’s attitude toward the importance of internal control. Other top management controls
include a well-defined organizational structure, an effective
board of directors, and an involved
and effective audit committee. If
the board of directors is effective, this increases management’s ability to appropriately respond to risks. An effective audit committee can help management reduce the likelihood of overly aggressive accounting.
20)What are the purposes
of preliminary analytical procedures?
What types of
comparisons are useful
when performing preliminary
analytical procedures?
: Analytical procedures are performed during the
planning phase of an engagement to
assist the auditor in determining the nature, extent, and timing of work
to be performed. Preliminary analytical procedures also help the auditor
identify accounts and classes of
Comprehensive Material Series
transactions where misstatements are likely. Comparisons that
are useful when
performing preliminary analytical
procedures include:
< Compare client and industry data
< Compare client data with
similar prior period data
< Compare client data with
client-determined expected results
< Compare client data with
auditor-determined expected results
< Compare client data with expected
results, using nonfinancial data
21)When are analytical procedures required to be performed during the audit? What
is the primary
purpose of analytical
procedures performed during the
completion phase of the audit?
: Analytical procedures are required during two phases
of the audit: (1) during the
planning phase to assist the auditor in determining the nature, extent, and timing of work to be performed and (2) during the completion phase, as a final review for
material misstatements or financial
problems. Analytical procedures are
also often done during the testing phase
of the audit, but they are not
required in this phase.
22)Gale Gordon, CPA, has found ratio and trend analysis relatively
useless as a tool in conducting audits. For several engagement, he
computed the industry ratios included in publications
by Robert Morris Associates and compared them with
industry standards. For most engagements, the client’s business was
significantly different from the industry data in the publication
and the client would
automatically explain away any
discrepancies by attributing them to the
unique nature of its operations. In cases in which the client had more than one branch in different industries,
Gordon found the ratio analysis no help at all. How could Gordon
improve the quality of his analytical
procedures?
: Gordon could improve the quality of his analytical tests by:
1. Making internal comparisons to ratios of
previous years.
2. In cases where the client has more than one branch in different industries, computing
the ratios for each branch and comparing these
to the industry ratios.
23)At the completion of
every audit, Roger Morris, CPA,
calculates a large number of ratios and trends for comparison with industry
averages and prior-year calculations. He believes the calculations are worth the relatively small cost of doing them because they
provide him with an excellent overview of the client’s operations.
If the ratios are out of line, Morris
discusses the reasons with the client and often make suggestions on how to bring the ratio back in line
in the future. In
some cases, these
discussions with management
have been the
basis for management
consulting engagements. Discuss the major strengths and shortcomings
in Morris’s use of ratio and trend analysis.
: Roger Morris performs his ratio and trend
analysis at the end of every audit.
By that time, the audit procedures are
completed. If the analysis was done at
an interim date, the scope of
the audit could be adjusted to
compensate for the findings. SAS 56 (AU 329) requires that analytical procedures be performed in the planning phase of
the audit and near the completion of
the
Comprehensive Material Series
audit.
The use
of
ratio and trend analysis appears
to give Roger Morris an
insight into his client's business
and affords him an opportunity to provide excellent business advice to his
client.
24)Name the four categories of financial
ratios and give an example of a ratio in
each category. What is the primary
information provided by each financial ratio category?
: The four
categories of financial ratios and examples of ratios in each category are as
follows:
1. Short-term debt-paying ability – Cash ratio, quick
ratio, and current ratio.
2. Liquidity activity – Accounts receivable turnover, days to collect receivables,
inventory
turnover, and days to sell inventory.
3. Ability to meet long-term debt obligations – Debt to equity and times interest
earned.
4. Profitability – Earnings per share, gross profit
percent, profit margin, return on
assets, and
return on common equity
The Audit Process-Materiality and Risk
1) Chapter 8 introduced the eight parts of the planning phase of
an
audit.
Which part is the evaluation of materiality and risk?
: The planning phases are: accept client and
perform initial planning, understand the client’s
business and industry,
assess client business risk, perform preliminary analytical procedures, set materiality and assess acceptable audit
risk and inherent risk, understand
internal control and assess control
risk, gather information to assess fraud risk, and develop overall audit
plan and audit program. Evaluation of materiality is part of phase five. Risk assessment is part of phase three (client business risk), phase five (acceptable audit risk and
inherent risk), phase six (control risk), and phase seven (fraud risk).
Comprehensive Material Series
2) Define the meaning
of the term
materiality as it
is used in
accounting and auditing.
What is the
relationship between materiality and the phrase obtain reasonable
assurance used in the auditor’s report?
:
Materiality is defined as: the magnitude of an omission
or misstatement of accounting information that, in light of the surrounding
circumstances, makes it probable that the judgment of a reasonable person relying on the information would have been changed or influenced
by the omission or misstatement.
"Obtain reasonable assurance," as used
in the audit report, means that the auditor does not guarantee or insure the fair
presentation of the financial statements. There
is some risk that the financial
statements contain a material misstatement.
3) Explain why materiality is important but
difficult to apply in practice.
: Materiality is important because if financial statements are materially misstated, users' decisions
may be affected, and thereby cause financial
loss to them.
It is difficult to apply because there are often many different users of the financial statements. The auditor
must therefore make an assessment
of the likely users and the
decisions they will make.
Materiality is also difficult to apply because it is a relative
concept. The professional auditing standards offer little specific guidance regarding the application of materiality. The auditor must, therefore,
exercise
considerable professional judgment in the application of materiality.
4) What is meant by setting a preliminary judgment about
materiality?
Identify the
most important factors
affecting the preliminary
judgment.
: The preliminary judgment about materiality is the maximum amount by which the auditor believes the financial
statements could be misstated and still not affect the decisions of
reasonable users. Several factors affect
the preliminary judgment about
materiality and are as follows:
1. Materiality is a relative rather than an absolute
concept.
2. Bases are needed for evaluating
materiality.
3. Qualitative
factors affect materiality decisions.
4. Expected distribution
of the financial statements
will affect
the preliminary judgment of
materiality. If
the financial statements are
widely distributed to users, the preliminary
judgment of materiality will probably be set lower than if the financial
statements are not expected to be
widely distributed.
5. The level of
acceptable audit risk will also affect the preliminary judgment of materiality.
5) What is meant by using bases for setting a preliminary judgment about materiality? How would those bases
differ for the audit of a manufacturing company and a government
unit such as school
district?
: Because materiality is relative rather
than absolute, it is necessary to have bases for establishing whether misstatements
are material. For example, in the
audit of a manufacturing company, the auditor might use as bases: net
income before taxes, total assets, current assets, and working
capital. For a governmental unit, such as a school district, there is no net
income before taxes, and therefore that would be an unavailable base. Instead, the primary bases would
likely be fund balances, total assets, and perhaps total revenue.
6) Assume that Rosanne Madden, CPA, is using 5% of net income before tax, current assets, or current liabilities as her
major guidelines for
Comprehensive Material Series
evaluating materiality. What qualitative
factors should she also
consider in deciding whether misstatements maybe material?
: The following qualitative factors are likely to be considered in evaluating
materiality:
a. Amounts
involving fraud are usually considered more important than
unintentional
errors of equal dollar amounts.
b. Misstatements that are otherwise minor may be material if there are possible
consequences
arising from contractual obligations.
c. Misstatements that are otherwise immaterial may be material if they affect a
trend in
earnings.
7) Distinguish
between the terms
tolerable misstatement and
preliminary judgment about materiality. How are they related to each
other?
: A preliminary judgment about materiality is set for the financial statements as a whole.
Tolerable misstatement is the maximum amount of misstatement that would be considered material for an individual account balance.
The amount of tolerable misstatement for any given account is dependent upon the preliminary judgment about materiality. Ordinarily, tolerable misstatement for any given account would have
to be lower than the preliminary judgment about materiality. In many cases,
it will be considerably lower because
of the possibility of
misstatements in different
accounts that, in total, cannot exceed the preliminary judgment about materiality.
8) Assume a company with
the following balance sheet accounts:
|
Account Cash Fixed Assets Long-Term
loans
M. Johnson
Proprietor
|
|
You are concerned only about overstatement of
owner’s equity. Set tolerable misstatement
for the three relevant accounts such that the
preliminary judgment about materiality does not exceed $5,000.
Justify your answer.
: There are several possible answers to the question. One example is:
Cash $500 Overstatement
Fixed assets $3,000 Overstatement
Long-term loans $1,500 Understatement
Note: Cash and fixed
assets
are
tested for overstatement and long-term loans for
understatement because the auditor's objective in this case is to test
for overstatements of owner's equity.
Comprehensive Material Series
The least amount of tolerable misstatement was allocated to cash and long-term
loans because they are relatively easy
to audit. The majority of the total allocation was to fixed assets
because there is a greater likelihood of misstatement of fixed assets in
a typical audit.
9) Explain what is
meant by making
an estimate of
the total misstatement in a segment and in the overall
financial statements. Why is it
important to make these estimates? What is done with them?
: An estimate of the total misstatement in a
segment is the estimate of the total misstatements based upon the sample results. If only a
sample of the population is selected and audited, the auditor must project the total sample
misstatements to a total estimate. This is done audit area by audit area. The misstatements in
each audit area must be totaled to make an estimate
of the total misstatements in the overall financial statements. It is
important to make these estimates so the auditor can evaluate
whether the financial statements, taken as a whole, may be
materially misstated. The
estimate for each segment is compared to tolerable misstatement for that segment and the estimate of the overall misstatement on the financial statements is compared to the preliminary judgment about materiality.
10)How would the conduct of an audit of a
medium-sized company be affected by
the company’s being
a small part
of a large
conglomerate as compared with
it being a separate entity?
: If an audit is being performed on a
medium-sized company that is part of a conglomerate, the auditor must make a materiality judgment based upon the conglomerate. Materiality may be larger for a company that is part of a conglomerate because even though the financial
statements of the medium-sized company may be misstated,
the financial statements of
the large conglomerate might still be fairly stated. If, however, the auditor is giving a separate
opinion on the medium-sized company,
the materiality would be lower than for the audit of a conglomerate.
11)Define the audit risk model and explain each term in the
model.
: The audit risk model
is as follows:
PDR =
AAR
IR x CR
Where PDR = Planned detection risk
AAR = Acceptable audit risk IR = Inherent risk
CR = Control risk
Planned detection risk A measure of the risk that
audit evidence for a segment will fail to detect misstatements exceeding a tolerable amount, should
such misstatements exist.
Acceptable audit risk A measure of how willing the auditor is to accept that
the financial statements may be materially misstated after the
audit is completed and an unqualified
opinion has been issued.
Comprehensive Material Series
Inherent risk A measure of the auditor's
assessment of the likelihood that there
are material misstatements in a segment before considering the effectiveness
of internal control.
Control risk A measure of the auditor's assessment of the likelihood that
misstatements exceeding a tolerable amount in a segment will not be prevented or detected by the client's internal
controls.
12)What is meant by
planned detection risk? What is the effect on the amount of evidence the auditor must accumulate
when planned detection risk is increased from medium to
high?
: Planned detection risk is a measure of the risk that the audit evidence for a
segment will fail to detect misstatements exceeding a tolerable
amount, should such misstatements exist. When
planned detection risk is increased from medium to high, the amount of evidence the auditor must accumulate is reduced.
13)Explain the causes of an increased or
decreased planned detection
risk.
: An increase in planned detection risk may be
caused by an increase in acceptable audit risk
or a decrease in either control
risk or inherent risk. A decrease in planned detection risk is caused by the opposite: a decrease in
acceptable audit risk or an increase in control risk or inherent risk.
14)Define what is meant by inherent risk.
Identify four factors that
make for high inherent risk in audits.
: Inherent risk is a measure of the auditor's
assessment of the likelihood that there are material
misstatements
in a segment before considering the effectiveness
of internal control.
Factors affecting assessment of inherent risk
include:
< Nature of the client's
business
< Results of previous audits
< Initial vs. repeat engagement
< Related parties
< Non-routine transactions
< Judgment required to
correctly record transactions and < Makeup of the population
15)Explain why inherent risk is set for segments rather than for
overall audit. What is the effect on the
amount of evidence the auditor
must accumulate when inherent risk is
increased from medium to high
for a segment? Compare your answer with
the one for question 12.
: Inherent risk is set
for segments rather than
for the overall audit
because misstatements occur in segments. By identifying expectations of misstatements in segments,
the auditor is thereby able to modify audit evidence by
searching for misstatements in those segments.
When inherent risk is
increased from medium to high, the auditor should increase the audit evidence accumulated to determine whether the expected misstatement actually
occurs. The audit evidence goes in the
opposite direction in Review
Question 9-12.
16)Explain
the effect of extensive misstatements found in
the prior
year’s audit on inherent risk, planned detection risk, and planned audit evidence.
Comprehensive Material Series
: Extensive misstatements in the prior year's
audit would cause inherent risk to be set at a high level (maybe
even 100%). An increase in inherent risk would
lead to a decrease in planned detection
risk, which would require that the
auditor increase the level of planned audit evidence.
17)Explain what is meant by term acceptable
audit risk. What is its
relevance
to evidence accumulation?
: Acceptable audit risk is a measure of how willing the auditor is to accept that the
financial
statements
may be materially misstated after
the audit is completed and an unqualified opinion has been issued.
Acceptable audit risk has an inverse relationship to evidence. If
acceptable audit risk is reduced,
planned evidence should increase.
18)Explain the relationship between
acceptable audit risk and the legal
liability
of auditors.
: When
the auditor is in a situation where he or she believes that there is a
high exposure to
legal liability, the
acceptable audit risk would be set
lower than when there is little
exposure to liability. Even when the auditor believes that
there is little exposure to legal liability,
there is still a minimum acceptable
audit risk that should be met.
19)State the three categories of factors that affect
acceptable audit risk and list the factors that auditor can use to indicate the degree to which each category exists.
: The first category of
factors that determine acceptable audit risk is the degree to which users rely on the financial statements. The following factors are indicators of this:
< Client's size
< Distribution of ownership
< Nature and amount of liabilities
The second category of
factors is the likelihood that a client will
have financial difficulties after the audit report is issued. Factors affecting this are:
< Liquidity position
< Profits
(losses) in previous years
< Method of financing growth
< Nature of the client's operations < Competence of management
The third category of factors
is the auditor's evaluation of management's integrity.
Factors that may affect this
are:
< Relationship with current or previous auditors
< Frequency of turnover of key
financial or internal audit personnel < Relationship with employees and labor unions
20)Auditors have not been successful in measuring the components of the audit risk model. How is it possible to use the model in a
meaningful way without a
precise way of measuring risk?
: Exact quantification of
all components of the audit risk model is not required to use the model in a meaningful way. An understanding
of the relationships among model components and the
Comprehensive Material Series
effect that changes in the components have on the amount of evidence needed will allow practitioners to use the audit risk model in
a meaningful way.
21)Explain
the circumstances
when the auditor
should revise
the components of the audit risk
model and the effect of the revisions on planned detection risk and planned
evidence.
: The auditor should revise the components of the audit risk model when the evidence accumulated during the audit indicates that
the auditor's original assessments of
inherent risk or control risk are too
low or too high or the original
assessment of acceptable audit risk is too low
or too high.
The auditor should exercise
care in determining the additional amount of
evidence that will be required. This
should be done without the use of
the audit risk model. If the audit risk
model is used to determine a revised planned detection risk, there is a
danger of not increasing the evidence sufficiently.
The Audit Process-Audits of
Internal Control
and Control Risk
1) Describe the three
broad objectives management
has when
designing
effective internal control.
: Management typically has three broad objectives in designing an effective internal control
system.
1. Reliability of Financial Reporting Management is
responsible for preparing
financial
statements for investors, creditors, and other users.
Management has both a legal and
professional responsibility to be sure
that the information is fairly presented in accordance with reporting requirements such as GAAP. The objective of effective internal control over financial reporting is to fulfill these
financial reporting responsibilities.
2. Efficiency and Effectiveness of Operations Controls
within an organization are
meant to encourage efficient
and effective use of its resources to
optimize the company’s goals. An important objective of these controls is accurate financial and non-financial information about the entity’s operations for decision making.
3. Compliance with Laws and Regulations Section 404 of the Sarbanes-Oxley Act
requires all public companies to issue a report about the operating effectiveness of internal control over
financial reporting. In
addition to the legal provisions of Section 404, public,
Comprehensive Material Series
nonpublic, and not-for-profit organizations are required to follow
many laws and regulations. Some relate
to accounting only indirectly, such as environmental protection and
civil rights laws. Others are closely
related to accounting, such as income tax regulations and fraud.
2) Describe which of the three categories of broad objectives
for internal controls would be considered by the
auditor in an audit of both financial
statements and internal
control over financial
reporting.
:
Management designs systems of internal control to accomplish three categories
of
objectives: financial reporting, operations, and compliance with laws and regulations. The
auditor’s focus in both the
audit of financial statements and
the audit of internal controls is
on those controls related
to the reliability of financial reporting plus those controls related
to operations and to compliance with laws and regulations objectives that
could materially affect financial reporting.
3) Section 404 of the Sarbanes-Oxley
Act requires management to
issue a report on internal control over financial reporting.
Identify the specific section 404
reporting requirements for management.
: Section 404 requires management of all public companies to issue
an internal control report that includes
the following:
A statement that management is responsible for establishing and maintaining an
adequate
internal
control structure and procedures for financial reporting and
An assessment of the effectiveness of the internal control structure and procedures for
financial
reporting as of the end of the company’s fiscal year.
4) What two components of internal control must management
assess when reporting on internal
control to comply with section 404 of the
Sarbanes-Oxley Act?
: Management’s assessment of internal control
over financial reporting consists
of two key components.
First, management must evaluate the design
of internal control over financial reporting. Second, management must test the operating
effectiveness of those controls.
When evaluating
the design of internal control over
financial reporting, management evaluates whether
the controls are designed to prevent or detect material misstatements in the
financial statements. When testing the operating effectiveness of those controls, the objective is to determine whether
the control is operating as designed and whether
the person performing the control
possesses the necessary authority and qualifications to perform the
control effectively.
5) Chapter eight introduced the eight parts of the planning phase
of audits. Which part is understanding internal control and
assessing control risk? What parts
precede and follow that understanding and
assessing?
: There are eight parts of the planning phase of audits: accept client and perform initial
planning, understand the client’s business
and industry, assess client
business risk, perform
preliminary analytical procedures, set
materiality and assess acceptable audit risk and inherent risk, understand
internal control and assess control risk, gather information to assess fraud
risk, and develop an overall audit
plan and audit program. Understanding internal control
and assessing control risk is therefore part six of planning. Only gathering information
to assess fraud risk and developing an overall audit
plan and audit program follow understanding internal control and assessing control risk.
Comprehensive Material Series
6) What is the auditor’s responsibility for obtaining an
understanding of internal control? How
does the responsibility differ for audits of public and nonpublic companies?
: The
second GAAS field work standard states “A sufficient
understanding of internal control is to
be obtained to plan the audit and to
determine the nature, timing, and extent of tests to be performed.” The auditor obtains the understanding of internal control to
assess control risk in every audit
and
that
responsibility is the same
for
audits
of both public
and nonpublic companies.
Auditors are primarily
concerned about controls related to
the reliability of financial reporting
and controls over classes of transactions.
7) When auditing a
public company,
what are the
auditor’s responsibilities related to internal control as required by PCAOB
standard 2?
: Section 404 requires that
the auditor attest
to and issue
a report on management’s
assessment of internal
control over financial reporting. To express an opinion on internal
controls, the auditor obtains
an understanding of and performs tests of controls related to all
significant account balances, classes of transactions, and disclosures and related assertions in the financial statements. PCAOB
Standard 2 requires that the audit report on internal control over financial reporting
under Sarbanes-Oxley include the auditor’s opinion as to whether
management’s assessment of
the design and operating effectiveness
of internal control over financial reporting is fairly stated
in all material respects. This
involves both
evaluating management’s
assessment process and arriving at the auditor’s
independent assessment of the internal
controls’ design and operating effectiveness.
8) State
the six transaction-related audit objectives.
: The six
transaction-related audit objectives are:
1. Recorded
transactions exist (existence).
2. Existing
transactions are recorded (completeness).
3. Recorded
transactions are stated at the correct amounts (accuracy).
4. Transactions
are properly classified
(classification).
5. Transactions are recorded on the correct
dates (timing).
6. Recorded transactions are properly included in the master
files and correctly
summarized
(posting and summarization).
9) Management must identify the framework used to evaluate the
effectiveness of internal control over financial reporting.
What framework is used by most U.S. public companies?
: COSO’s Internal ControlIntegrated Framework is the most widely accepted internal control
framework in the U.S. The COSO
framework describes internal control
as consisting of five components that management designs and
implements to provide reasonable assurance that
its control objectives will be met. Each component contains many controls, but auditors
concentrate on those designed to prevent or detect material misstatements in the financial statements.
10)What are the five components
of internal control in the COSO
internal
control framework?
: The COSO Internal Control – Integrated Framework consists of the following five
components:
1. Control environment
2. Risk assessment 3. Control activities
Comprehensive Material Series
4. Information and
communication
5. Monitoring
The control environment serves as the umbrella for the other four components. Without
an effective control environment, the other four are unlikely to
result in effective internal
control, regardless of their quality.
11)What is meant by the control environment?
What are the factors the
auditor
must evaluate to understand it?
: The control environment consists
of the actions, policies, and procedures that reflect the
overall attitudes of top management, directors, and owners of an entity about internal
control and its importance to the entity. The following are the most important subcomponents the control
environment:
< Integrity and ethical values
< Commitment to competence
< Board of directors or audit
committee participation
< Management's philosophy and operating style
< Organizational structure
< Assignment of authority and responsibility
< Human resource policies and practices
12)What is the relationship
among the five components of internal
control?
: Internal control includes five categories of
controls that management designs and implements
to provide reasonable assurance that its
control objectives will be met. These
are called the components internal
control, and are:
< The control environment
< Risk assessment
< Control activities
< Information and
communication
< Monitoring
The control
environment is the broadest of the
five and deals primarily with the
way
management implements its attitude about internal controls.
The
other four components are
closely related to the control environment. Risk assessment is
management's identification and analysis
of risks relevant to the preparation
of financial statements in accordance with
GAAP. To respond to this risk assessment, management implements control activities and creates the accounting information and communication
system to meet its objectives for
financial reporting. Finally, management periodically assesses the quality of internal control performance to determine that controls are
operating as intended and that they are
modified as appropriate for changes in
conditions (monitoring).
13)List the types of specific control
activities and provide one specific
illustration of a control in sales area for each control activity.
: The five categories
of control activities are:
< Adequate separation of
duties
Example: The following two functions are performed
by different
people: processing
customer orders and billing of
customers.
< Proper authorization of transactions and activities
Example: The granting of credit is authorized before shipment takes place.
< Adequate documents and
records
Example: Recording of sales is supported by authorized shipping
documents and approved customer orders.
< Physical control over
assets and records
Comprehensive Material Series
Example: A password is required before entry into the computerized accounts receivable master file can be
made.
< Independent checks on
performance
Example:
Accounts receivable master
file contents are
independently
verified.
14)The separation of operational
responsibility from record keeping
is
meant to prevent
different types of
misstatements than the
separation of the custody of assets from accounting. Explain the difference
in the purposes of these two types of separation
of duties.
:
Separation of operational responsibility from record keeping is intended to reduce the
likelihood of operational personnel biasing the results of their
performance by incorrectly recording information.
Separation of the custody of assets from accounting for these assets is intended to
prevent misappropriation of
assets. When one person performs
both functions, the possibility of that person's disposal of the asset for
personal gain and adjustment of the records to relieve himself or herself of responsibility for the
asset without detection increases.
15)For
each of the following, give an example of a physical control the
client can use to protect the asset or record:
1. Petty cash
2. Cash received by
retail clerks
3. Accounts receivable
records
4. Raw material
inventory
5. Perishable tools
6. Manufacturing
equipment
7. Marketable securities
: An example of a physical control the client can use to protect
each of the following assets or records is:
1. Petty cash should be kept locked in a
fireproof safe.
2. Cash received by retail clerks should be entered into a cash
register to record all
cash
received.
3. Accounts receivable records
should
be stored in a locked,
fireproof safe.
Adequate backup copies of computerized records should be maintained and access to the master files should be
restricted via passwords.
4. Raw material inventory should be retained in a locked
storeroom with a reliable
and competent
employee controlling access.
5. Perishable tools
should be stored in a locked storeroom under control
of a reliable employee.
6. Manufacturing equipment should be kept in an area protected by
burglar alarms and fire alarms and kept locked
when not in use.
7. Marketable securities should be stored
in a safety deposit vault.
16)Explain what is meant by independent
checks on performance and
give five
specific examples.
:
Independent checks on performance are internal control
activities designed for the
continuous
internal verification of other controls. Examples of independent checks
include:
Comprehensive Material Series
< Preparation of the
monthly
bank
reconciliation by an individual with no
responsibility for recording transactions or handling
cash.
< Re-computing inventory
extensions for a listing of inventory by someone who did
not
originally do the extensions.
< The preparation of the sales
journal by one person and the accounts receivable
master file
by a different person, and a reconciliation of the control
account to the master file.
< The counting of inventory by
two different count teams.
< The existence of an effective
internal audit staff.
17)Describe the four phases performed by the
auditor when obtaining
an
understanding of internal control
and assessing control risk.
: As illustrated by Figure 10-3, there are four phases in the process of understanding internal
control and assessing control risk.
In the first phase the auditor obtains an understanding of internal controls. Next the auditor must make
a preliminary assessment control risk (phase 2) and perform tests of controls in every audit
as part of their integrated audits (phase
3). The auditor uses the results of
tests of controls for both the audit
report on internal control
over financial reporting and to assess
control risk and to ultimately decide planned detection risk and substantive tests for the audit of financial
statements, which is phase 4.
18)What are management’s
responsibilities for documenting internal
control over financial reporting in a public company? How would the lack of documentation affect an auditor’s
report on internal control over
financial reporting by PCAOB standard 2?
: Section 404 of the Sarbanes-Oxley Act
requires management to document its processes for assessing the effectiveness of the company’s internal control
over
financial reporting. Management must document the design of controls, including all five control
components and also the results of its
testing and evaluation. The types of information gathered by
management to assess and document
internal control effectiveness can
take many forms, including policy
manuals, flowcharts,
narratives, documents, questionnaires and other forms that are in either paper
or
electronic formats. PCAOB Standard
2 requires the auditor
to evaluate the client’s documentation when auditing internal control over financial reporting. The lack of management documentation
of internal control
over
financial reporting may prevent
the auditor from
concluding that the controls are adequately
designed
or operating effectively. When documentation is inadequate, the auditor may
decide to withdraw from the
engagement or to issue a disclaimer of
opinion on internal control over financial reporting.
19)What two aspects of internal control must
the auditor assess when performing procedures
to obtain an
understanding of internal
control?
: When obtaining an understanding of internal
control, the auditor must assess two
aspects about those controls. First, the auditor must gather evidence about the design of internal
controls. Second, the auditor must gather evidence about whether those controls have been placed in operation.
20)What is a walkthrough
of internal control? What is the PCAOB standard
2 requirement related to auditor walkthroughs of internal control in an integrated audit?
: In a walkthrough
of internal control, the auditor selects one or a few documents for the initiation of a transaction type and traces them through the entire
accounting process. At each
stage of processing, the auditor makes inquiries and observes current activities, in addition to examining completed documentation for the transaction or transactions selected. Thus, the
auditor combines observation, documentation, and inquiry to conduct a walkthrough of internal control.
PCAOB Standard 2 requires the auditor to perform at least one walkthrough
for each major class of transactions.
21)Describe
what is meant by a key control and a
control deficiency.
Comprehensive Material Series
: A key control is a control that is expected to have the greatest effect on meeting
the transaction-related audit
objectives. A control deficiency
represents a deficiency in the design or
operation of controls that
does
not permit
company personnel to prevent or detect misstatements on a timely basis. A design deficiency exists if a
necessary control is missing or not
properly designed. An operation
deficiency exists if a well
designed control does not operate as
designed or when the person
performing the control is insufficiently qualified or authorized.
22)Distinguish a
significant deficiency in internal control
form a material weakness in internal control. How would the presence of one significant
deficiency affect the auditor’s report on internal
control required by PCAOB standard 2? How would the presence of one material weakness affect an auditor’s
report on internal control required by
PCAOB standard 2?
: A significant deficiency exists if one or more control deficiencies exist that, more than remotely, adversely affect a
company’s ability to initiate, authorize, record, process, or
report external financial statements
reliably. A material weakness exists if a significant deficiency, by
itself, or in combination with other significant deficiencies, results in a more than remote
likelihood that
internal control will not prevent
or detect material financial statement misstatements. The presence of one significant deficiency that is not deemed
to be a material weakness may not affect
the auditor’s report. In that
instance, the auditor’s report on
internal control over financial reporting would contain an unqualified opinion. However,
if the deficiency
is deemed
to be a material weakness, the auditor
must express an adverse opinion
on the effectiveness
of internal control over financial reporting.
23)Frank James, a highly competent employee of Brinkwater Sales Corporation,
had been responsible for accounting-related matters
for two decades. His devotion to the firm and his duties always been
exceptional, and over the years, he had been given increased
responsibility. Both
president of Brinkwater and the partner of an
independent CPA firm in charge of the audit were shocked and
dismayed to discover that
James had embezzled more than $500,000
over a 10-year period by not recording
billings in the sales journal and subsequently diverting the cash receipts. What
major factors permitted the defalcation to take place?
: The
most important internal control deficiency which
permitted the defalcation to occur was the failure to adequately segregate the
accounting responsibility of
recording billings in the sales journal
from the custodial responsibility of receiving the cash. Regardless of how
trustworthy James appeared, no
employee should be given the
combined duties of custody of assets
and accounting for those assets.
24)Jeanne
Maier, CPA, believes that it is appropriate
to obtain an understanding
of intaernal control about halfway
through the audit, after she is familiar
with the client’s operations and the way
the system actually works. Sha has found
through experience taht filling out internal control questionnaires
and flowcharts early in the
engagement is not beneficial because the system rarely functions the
way it is supposed to. Later in
engagement, the auditor can prepare
flowcharts and questionnaires with relative
ease because of the knowledge
already obtained on
the audit. Evaluate
her approach.
: Maier is correct in her
belief that internal controls frequently do not function in the manner they are supposed to. However,
regardless of this, her approach ignores the value of beginning
Comprehensive Material Series
the understanding of
internal control by preparing or
reviewing a rough flowchart. Obtaining an early understanding of the client's internal
control will provide Maier with a
basis for a decision about the audit
procedures and sample sizes based on assessed control risk. By not obtaining an understanding of internal control until
later in the engagement, Maier risks performing either too much or too little work, or emphasizing the wrong areas during her audit.
25)Distinguish the auditor’s responsibility
for testing control in an audit of a public company from the responsibility
to test controls in an audit of a nonpublic company.
: The extent of
controls tested by auditors to express an opinion on internal controls
for a public company is significantly greater than that tested
solely to express
an opinion on the
financial statements. To express an opinion on internal controls
for a public company, the
auditor obtains an understanding of and
performs tests of controls for all significant account balances, classes of transactions, and disclosures and
related assertions in the financial statements. In contrast, the extent of controls tested by an auditor of a nonpublic company is
dependent on the auditor’s assessment of control risk.
Whenever the
auditor
assesses control
risk
below
maximum, the auditor must perform tests of controls to support that
control risk assessment. The auditor will not perform tests
of controls when the auditor assesses
control
risk at maximum, either
because of inadequate controls or because it is inefficient to test those
controls. When control risk
is assessed below the maximum, the
auditor designs and performs a combination of tests of controls and
substantive procedures. Thus, for a nonpublic company, the tests of controls vary based on the auditor’s
assessment of control risk.
26)How does the sufficiency of evidence
differ between procedures to
obtain an understanding of internal control and
tests of controls?
: There is a significant overlap between tests of controls
and procedures to obtain an
understanding of
internal control. Both include
inquiry, documentation, and
observation. There are two primary
differences in the application of
these common procedures. First, in
obtaining an understanding of internal
control, the procedures to obtain an understanding are applied to all
controls identified during that phase. Tests of
controls, on the other hand, are
applied only when the
assessed control
risk
has
not been satisfied by the procedures to obtain an
understanding. Second, procedures to obtain an understanding are
performed only on one or a few
transactions or, in the case of observations, at a single
point in time. Tests of controls are performed on larger
samples of transactions (perhaps 20
to 100), and often observations
are made at more than one point in time.
27)During the prior-year
audits of McKimmon Inc., a public company, the auditor did tests of controls for all
relevant financial statement assertions.
Some of the related controls are manual while others are automated.
Describe the extent the auditor
can rely on tests of controls performed in prior years.
: PCAOB Standard
2 requires a public company auditor to test controls each year for all relevant assertions for significant accounts
and transactions. However, if evidence was obtained
in the prior year’s audit that indicates that a key control was operating effectively, and the auditor determines that the control is still
in place, the extent of the tests of that control may be reduced somewhat
in the current year.
28)What are two opinions that must be
included in the auditor’s report on internal control over financial reporting required by PCAOB
standard 2?
: PCAOB
Standard 2 requires that the auditor’s
report on internal control include
two auditor opinions:
1. The auditor’s
opinion on whether management’s
assessment of the effectiveness of internal control
over financial reporting as of the end of the fiscal period is fairly stated, in all material respects. In practice
it is unlikely for the auditor to issue
anything other than an
unqualified report on this opinion. If the auditor concludes that management has not identified and
reported all significant deficiencies and
Comprehensive Material Series
material weaknesses, it will be in management’s best interests to revise its
report to conform to the auditor’s conclusions.
2. The auditor’s opinion on whether the company maintained, in all material respects, effective internal control over financial reporting as of the specified date. There
is likely to be more variety in these reports.
29)What two conditions
must be present for the auditor to issue an
unqualified opinion on internal control over financial reporting?
What type of condition will cause the auditor to issue a qualified
or disclaimer of opinion on internal
control over financial reporting?
: The auditor
may issue an unqualified opinion on internal control over financial reporting when two conditions are present:
there are no identified
material weaknesses; and
there have been no
restrictions on the scope of the
auditor’s work.
A scope limitation is the condition that would cause the auditor to express a qualified opinion or a
disclaimer of opinion on internal control over financial reporting. This
type of opinion is issued when the auditor is unable to determine if
there are material weaknesses, due to a restriction on the scope of the audit of internal control
over financial reporting or other circumstances where the auditor is
unable to obtain sufficient evidence.
30)Describe
the concept of
an integrated audit
of the financial
statements
and internal control required by PCAOB standard 2.
: PCAOB Standard 2 requires that the audit of the financial
statements and the audit of
internal control over financial reporting be integrated. In an
integrated audit, the auditor must
consider the results of
audit procedures performed to issue the audit report on the financial
statements when issuing the audit report on internal
control. For example, if the auditor identifies a material misstatement in the
financial statements that was not
initially identified by the company’s internal controls, the auditor should consider this as at least
a significant deficiency, if not a material
weakness for purposes
of reporting on internal control. In such
circumstances, the auditor’s
report on the financial statements may be unqualified as long as management corrected the misstatement before
issuing the financial statements. In contrast,
however, the auditor’s
report on internal control must include an adverse opinion if the auditor concludes it is a material weakness.
The Audit Process-Fraud
Auditing
1) Define fraudulent financial reporting and give two examples
that
illustrate
fraudulent financial reporting.
—: Fraudulent financial reporting is an intentional misstatement or omission of amounts or
disclosures with the
intent to deceive users. Two
examples of fraudulent financial reporting are
accelerating the timing of recording sales revenue to increased reported
sales and earnings, and recording
expenses as fixed assets to increase earnings.
2) Define misappropriation of
assets and
give two examples
of
misappropriation
of assets.
—:
Misappropriation of assets is fraud that involves theft of an entity’s
assets. Two examples
are an
accounts payable clerk issuing payments to a fictitious company controlled
by the clerk, and a sales clerk failing
to record a sale and pocketing the cash receipts.
3) Distinguish fraudulent financial reporting from
misappropriation of
assets.
Comprehensive Material Series
—: Fraudulent financial reporting is an intentional misstatement or omission of amounts or disclosures with the intent to deceive users, while misappropriation of assets is fraud that
involves theft of an entity’s assets. Frauds involving financial
reporting are usually larger than frauds
involving misappropriation of assets, usually
involve top management, and do not
directly involve theft of company
assets.
4) What are the three conditions of fraud often referred to as
“the
fraud
triangle?”
—:
The three conditions of fraud
referred to as the “fraud triangle” are
(1) Incentives/Pressures;
(2) Opportunities; and (3) Attitudes/Rationalization. Incentives/Pressures are incentives of management or other employees to
commit fraud. Opportunities are circumstances that allow management or employees to commit fraud. Attitudes/Rationalization are indications that an attitude, character, or set of ethical values exist that allow management
or employees to commit a dishonest act
or they are in an environment that imposes sufficient
pressure that causes them to rationalize
committing a dishonest act.
5) Give examples of risk factors
for fraudulent financial reporting for
each of the
three fraud conditions: incentives/pressures, opportunities, and attitudes/rationalization.
—:
The following are example of risk factors for fraudulent financial
reporting for each of the three fraud
conditions:
< Incentives/Pressures - The company is under
pressure to meet debt covenants
or obtain
additional financing.
< Opportunities – Ineffective oversight of financial reporting by the board
of
directors allows management to exercise discretion over
reporting.
< Attitudes/Rationalization – Management is overly aggressive. For example,
the
company may
issue
aggressive earnings forecasts, or make extensive acquisitions using company stock.
6) Give examples of risk factors
for misappropriation of assets for each
of the three fraud conditions: incentives/pressures, opportunities, and attitudes/rationalization.
—:
The following are example of risk factors for misappropriation of assets
for each of the three fraud conditions:
< Incentives/Pressures - The individual is unable to meet personal financial
obligations.
< Opportunities – There is insufficient
segregation of duties
that
allows the
individual to handle cash
receipts and related accounting records.
< Attitudes/Rationalization – Management has disregarded the inadequate
separation of
duties that allows the potential
theft of cash receipts.
7) What sources are used by the auditor to gather information
to
assess
fraud risks?
—:
Auditors use several sources to gather information about fraud risks,
including:
< Information obtained from communications among audit team members about
their knowledge of the company
and its industry, including how and where the
company might be susceptible to material misstatements due to fraud.
< Responses to auditor inquiries of
management about their views of the
risks of fraud and about existing programs and controls to address
specific identified fraud risks.
Comprehensive Material Series
< Specific risk factors for fraudulent financial reporting and misappropriations of
assets.
< Analytical procedures results obtained during planning that indicate possible
implausible
or unexpected analytical relationships.
< Knowledge obtained through other procedures such as client acceptance and
retention
decisions, interim review of
financial statements, and consideration of
inherent or control risks.
8) What should the audit team consider
in its planning discussion
about
fraud
risks?
—:
SAS
99 requires the audit team to conduct discussions to share
insights from more
experienced
audit team members and to “brainstorm” ideas that address the following:
1. How and where they
believe
the
entity’s financial statements might
be
susceptible to material misstatement due to fraud. This should
include consideration of known external and internal factors affecting the entity
that might
< create an incentive or
pressure for management to commit fraud.
< provide the opportunity for fraud to be perpetrated.
< indicate a culture or environment that enables management to
rationalize
fraudulent
acts.
2. How management could perpetrate and conceal
fraudulent financial reporting.
3. How assets of the entity could be misappropriated.
4. How the auditor might respond to the
susceptibility of material
misstatements due
to fraud.
9) Auditors are required
to make inquiries of individuals in
the company when gathering
information to asses fraud risk. Identify
those with whom the auditor must make
inquiries.
—: Auditors must inquire whether management has knowledge
of any fraud or suspected fraud within
the company. SAS 99 also requires
auditors to inquire of the audit committee about its views of the risks
of fraud and whether the audit
committee has knowledge of any fraud or suspected fraud. If the entity has an
internal audit function, the auditor should inquire about internal audit’s views of fraud
risks and whether they have
performed any procedures to identify or
detect fraud during the year. SAS 99 further requires the auditor to
make inquiries of others within the
entity whose duties lie outside the
normal financial reporting lines of responsibility about the existence or suspicion of
fraud.
10)Describe the purpose of corporate codes
of conduct and identify
three
examples of items addressed in a typical code of conduct.
—: The corporate code of conduct establishes the “tone at the top” of the importance
of honesty and integrity and can also provide more specific guidance about
permitted and
prohibited behavior. Example of items typically addressed in a code
of conduct include
expectations of general employee
conduct, restrictions on conflicts of interest, and limitations on
relationships
with clients and suppliers.
11)Discuss the importance of the control
environment, or “setting the
tone at
the top,” in establishing a culture of honesty and integrity in a company.
—: Management and the board of directors are
responsible for setting the “tone at the top” for ethical behavior in the company. It is important for management to behave with
honesty and integrity because this
reinforces the importance of these values to employees throughout the
organization.
Comprehensive Material Series
12)Distinguish
management’s responsibility from the
audit committee’s responsibility for designing and implementing
antifraud programs and controls within a
company.
—:
Management has primary responsibility to design and implement antifraud
programs and controls to prevent, deter, and detect fraud. The audit committee has primary
responsibility to oversee the organization’s financial reporting and internal control processes and to provide
oversight of management’s
fraud risk assessment process and antifraud programs and controls. 13)What are the three categories of
auditor responses to fraud risks?
—: The three auditor responses to fraud are: (1)
change the overall conduct of the
audit to respond to identified fraud
risks; (2) design and perform audit procedures to address identified
risks; and (3) perform procedures to address the risk of
management override of controls.
14)What three
auditor actions are required to address the potential for
management
override of controls?
—:
Auditors are required to take three
actions to address potential
management override of
controls: (1) examine
journal
entries
and
other adjustments for
evidence of possible misstatements due to fraud; (2) review
accounting estimates for biases; and
(3) evaluate the business rationale for
significant unusual transactions.
15)Describe
the three main techniques used to
manipulate revenue.
—: Three main techniques use to manipulate revenue include: (1) recording of fictitious
revenue; (2) premature
revenue recognition including
techniques such as bill-and-hold
sales and channel stuffing; and (3) manipulation of adjustments to revenue such as sales
returns and allowance and other contra accounts.
16)You go through the drive-through window of
a fast food restaurant and notice a sign
that reads “your meal is free if we
fail to give you a receipt.” Why would the restaurant post this sign?
—: Cash register
receipts are particularly susceptible to theft. The notice “your meal is free if we
fail to give you a receipt”
is designed to ensure that every customer is given a receipt and all sales are entered into the register, establish accountability for the sale.
17)Name the three
categories of inquiry and describe the purpose of each when used by an auditor to obtain
additional information about a suspected
fraud.
—: The
three types of inquiry are
informational, assessment, and interrogative. Auditors use informational inquiry to obtain information about facts and details that the auditor
does not have. For example, if the auditor suspects financial statement fraud involving improper revenue
recognition, the auditor
may inquire of management as to revenue
recognition policies.
The auditor uses assessment inquiry to
corroborate or contradict prior information. In the previous example, the auditor may attempt to
corroborate the information obtained from management by making assessment inquiries of individuals in
accounts receivable and shipping. Interrogative
inquiry is used to determine if the interviewee is being deceptive or purposefully omitting disclosure of key knowledge of facts, events, or circumstances. For example, a senior
member of the audit team might make
interrogative inquiries of management or other personnel about key
elements of the fraud where earlier
responses were contradictory or evasive.
18)Identify three verbal and three nonverbal
cues that may be observed
when
making inquiries of an individual who is being deceitful.
—:
When making inquiries of a deceitful
individual, three examples of verbal cues are frequent
rephrasing of the question, filler terms such as “well” or “to tell the truth,” and
forgetfulness or acknowledgements of nervousness. Three examples of nonverbal cues by the
individual are
Comprehensive Material Series
creating
physical barriers by blocking their mouth, leaning away from the auditor,
and signs of stress such as sweating or fidgeting.
19)You have identified
a
suspected fraud involving the company’s
controller. What must you do
in response to this discovery?
How might this discovery affect your report on internal control when
auditing a public company?
—: When
the auditor suspects that fraud may
be present, SAS 99 requires the
auditor to obtain additional evidence to
determine whether material fraud has
occurred. SAS 99 also requires the
auditor to consider the implications for other aspects of the
audit. When the auditor
determines that fraud may be present, SAS 99 requires the auditor to discuss the matter and audit approach for further investigation with an appropriate level of management
that is at least one level above those
involved, and with senior management and the audit committee, even if the
matter might be considered inconsequential. For public company auditors, the discovery of
fraud of any magnitude by
senior management is at least a significant deficiency and may be a material weakness
in internal control
over financial reporting. This includes fraud by senior management that results in even immaterial misstatements. If the public company auditor
decides the fraud is a material weakness,
the auditor’s report on internal
control over financial reporting will
contain an adverse opinion.
The Audit Process-The Impact of Information
Technology
1) Explain how client internal controls
can be improved through the
proper
installation of IT.
: The
proper installation of IT can lead
to internal control enhancements by replacing manually-
performed controls with
computer-performed controls. IT-based
accounting systems have the ability to handle
tremendous volumes
of complex business transactions cost
effectively.
Computer-performed controls can reduce the potential
for human error by replacing manual
controls with programmed controls that
apply
checks
and
balances to each transaction processed. The systematic nature of IT offers
greater potential to reduce the risk of material misstatements resulting from random, human
errors in processing.
The use of IT based
accounting systems
also
offers the
potential for improved management decisions by providing more and higher quality
information on a more timely basis than
traditional manual systems. IT-based systems
are usually administered effectively
because the complexity requires effective organization, procedures, and documentation. That in turn
enhances internal control.
2) Identify risks for
accounting systems that
rely heavily on
IT
functions.
: When
entities rely heavily on IT systems to process financial information, there are
new risks
specific to IT environments that must be considered. Key risks include the following:
Comprehensive Material Series
< Reliance on the functioning capabilities of hardware and software. The risk of
system crashes due to hardware
or software failures must be
evaluated when entities rely on IT to produce financial statement information.
< Visibility of
audit trail.
The use of IT often converts the traditional paper trail
to an electronic audit trail,
eliminating source documents and paper-based journals and records.
< Reduced human involvement. The replacement of traditional manual processes
with computer-performed processes reduces
opportunities for
employees to
recognize misstatements resulting from transactions that might have
appeared unusual to experienced employees.
< Systematic versus random errors. Due to the uniformity of processing
performed by IT based systems, errors
in computer software can
result
in incorrect processing
for
all transactions processed. This increases the
risk
of many
significant misstatements.
< Unauthorized access. The centralized storage
of key records
and files in
electronic form increases the potential
for unauthorized on-line access
from remote locations.
< Loss of data. The centralized storage of data in electronic
form increases the risk
of data loss
in the event the data file is altered or destroyed.
< Reduced segregation of
duties. The installation of IT-based accounting
systems centralizes many
of the traditionally segregated manual
tasks
into
one
IT
function.
< Lack of
traditional authorization. IT-based systems
can be programmed to initiate certain
types
of transactions automatically without
obtaining traditional manual approvals.
< Need for IT
experience. As companies rely to a greater
extent on IT-based systems,
the need for personnel trained in IT systems
increases in order to install, maintain,
and use systems.
3) Define what is meant by an audit trail and explain how it can
be
affected
by client’s integration of IT.
: The audit trail represents the accumulation
of source documents and records maintained by
the client to serve as support for the transactions occurring
during the accounting period. The integration of IT can change the audit trail
by converting many of the traditionally paper-based source documents and records into electronic
files that cannot be visually observed. Because
many of the transactions are entered directly
into the computer as they occur, some of the
documents and records are even eliminated.
4) Distinguish between random error resulting from manual
processing and systematic error resulting from IT processing and give an example
of each category of error.
: Random error represents errors that occur in an inconsistent pattern. Manual accounting systems are especially prone to random errors that result from honest mistakes
that occur as employees perform
day-to-day tasks. When those mistakes do not consistently occur while
performing a particular task, errors are distributed randomly into the accounting records. An
example of a random error is when an employee accidentally pulls the wrong
unit price off the approved price list when preparing a sales invoice for a particular customer.
Systematic error represents errors that occur
consistently across all similar transactions.
Because IT-based systems perform tasks uniformly for all transactions submitted, any
mistake
in software programming results in the occurrence of the same error for every transaction processed
by the system. An example of a systematic error occurs
when a program that is
supposed to post sales amounts to the accounts receivable subsidiary
records actually posts the sales amount
twice to customers’ accounts.
Comprehensive Material Series
5) Identify the traditionally segregated
duties in noncomplex
IT systems and explain how increases in the complexity
of the IT
function affect that separation.
: In most traditional accounting systems,
the duties related to authorization of transactions, recordkeeping of transactions, and custody of assets are segregated across three or more individuals. As accounting systems make greater use of IT, many of the traditional manually
performed tasks are now performed by the computer.
As a result, some of the traditionally segregated duties, particularly authorization
and recordkeeping, fall under the responsibility of IT personnel. To compensate for the collapsing of duties under the IT function, key IT tasks related to programming,
operation of hardware and software, and data control are
segregated. Separation of those IT functions restricts an IT employee’s ability to inappropriately access software
and data files in order to misappropriate assets.
6) Distinguish between general controls and application controls
and
give two
examples of each.
: General controls relate to all aspects of the IT
function. They have a global impact on all
software applications. Examples of general controls include controls related to the
administration of the IT function; software acquisition and maintenance; physical and on-line
security over access to hardware,
software, and related backup;
back-up planning in the event of
unexpected emergencies; and hardware
controls. Application controls apply to the processing of individual transactions. An example of an application control is a programmed
control that verifies that
all time cards submitted are for valid employee id numbers included in the employee
master file.
7) Identify the typical duties within an IT function and describe
how
those
duties should be segregated among IT personnel.
: The typical duties often segregated within
an IT function include systems development,
computer operations, and
data control. Systems
development involves the
acquisition or
programming of application software.
Systems development personnel work
with test copies of programs and data
files to develop new or improved application software programs.
Computer operations personnel are
responsible for executing live production
jobs in accordance with a job schedule and for monitoring consoles for messages about computer efficiency
and
malfunctions. Data control
personnel are responsible for data
input and output control. They often independently verify the quality of
input and the reasonableness of
output. By separating these functions,
no one IT employee can make changes
to application software or underlying master files and then operate computer
equipment to use those changed programs or
data files to process transactions.
8) Explain how the
effectiveness of general
controls affects the
auditor’s tests of automated application
controls, including the
auditor’s ability to rely on tests done in prior audits.
: If general controls are ineffective,
there is a potential
for material misstatement in each computer-based accounting application,
regardless of the quality of application controls. If, for example, the systems development process is
not properly controlled, there is a greater risk that unauthorized and untested modifications to
accounting applications software have occurred. If general controls are strong,
there
is a greater likelihood of placing greater
reliance on
application controls. Stronger general controls should lead to greater
likelihood that underlying applications operate effectively and data files contain accurate, authorized, and complete
information.
9) Explain the relationship between
application controls
and
transaction-related
audit objectives.
:
Application controls
apply to the processing of specific individual transactions within a
transaction cycle, such
as a computer performed credit
approval process for sales on account.
Due to the nature of these types of controls, application controls generally link directly to one
or more specific transaction objectives.
For example, the credit approval application control directly
links to the existence objective for sales. Auditors typically
identify both manual and computer-
Comprehensive Material Series
performed
application controls for each transaction-related objective using a control
risk matrix similar to the one discussed
in Chapter 10.
10)Explain what is meant by auditing around
the computer and describe what must be present for this approach to be effective when
auditing clients who use IT to process accounting information.
: “Auditing around the computer” represents an audit approach whereby the auditor does not use computer
controls to reduce control risk. Instead, the auditor uses non-IT controls to
support a reduced
control
risk
assessment. In these situations, the
use of IT does not significantly impact the audit trail.
Typically, the auditor
obtains an understanding of internal
control and performs tests
of controls, substantive tests of transactions, and account
balance verification
procedures in the same manner as if the accounting system was
entirely manual. The auditor is still
responsible for gaining an understanding of general and application computer controls
because such knowledge is useful in identifying risks
that may affect the financial statements.
11)Explain what is meant
by the test data approach. What are the major
difficulties with using this approach? Define parallel simulation
with audit software and provide an
example of how it can be used to test a
client’s payroll system.
: The test data approach involves processing
the auditor’s test data using the
client’s computer system and the client’s application software program to determine whether the computer- performed controls correctly process the test data. Because the
auditor designs the test data, the
auditor is able to identify which
test items should be accepted or rejected by the computer. When using this
approach the auditor should assess
the following:
< How effectively
does the test data represent all relevant conditions that the
auditor wants to test?
< How certain is the auditor that the
application programs being tested by
the auditor’s test data
are the same programs as those used by the client throughout the year to process actual transactions?
< How certain
is the auditor that test data is effectively
eliminated from the
client’s records once
testing is completed?
Parallel simulation with audit software involves the auditor’s use of an auditor-controlled software program to perform parallel
operations to the client’s software
by using the same data files. Because the auditor’s software is designed to parallel an operation
performed by the
client’s software,
this strategy is referred
to as parallel simulation testing.
Parallel simulation could be used in the
audit of payroll by writing a
program that calculates the accrued vacation
pay liability for each employee
using information contained in the employee
master file. The total liability calculated by the auditor’s software
program would then be compared to
the client’s calculation to determine if the liability for
accrued vacation pay is fairly stated at year-end.
12)Describe risks that
are associated with purchasing software to be
installed on microcomputer hard
drives. What precautions
can clients take to reduce
those risks?
: Often companies that purchase and install vendor developed software applications on computer hard drives rely on IT consultants
to assist in the installation and maintenance of that software because those companies do not have
dedicated IT personnel. Also, assignment of
responsibility may reside with user departments. Companies can reduce
these risks related to not having IT personnel
by performing sufficient reference and background checks about
software vendor
and IT consultant reputations. In addition, companies can load software
programs onto hard drives in a format that does not permit changes by client
personnel, particularly non-IT user department personnel who may have primary responsibility for the system. Companies should also consider
segregating key duties related to access to master files and responsibilities for processing
transactions.
Comprehensive Material Series
13)Compare
the risks associated
with network systems
to those
associated
with centralized IT functions.
: Because many companies that operate in a network environment decentralize their network
servers across the organization, there is an increased risk for a
lack of security and lack of overall management of the network operations. The decentralization may lead to a lack of
standardized equipment and procedures. In many instances responsibility for purchasing equipment and software, maintenance, administration, and physical security, often resides with key
user groups rather than with a centralized
IT function. Also, network-related software
often lacks the security
features, including
segregation of duties, typically
available in traditionally centralized environments because of the ready
access to software and data by multiple users.
14)How
does the use of a database management system affect risks?
: In database management systems, many applications share
the same data files. This
increases risks in some cases
given
that
multiple users,
including individuals outside
accounting, access and update data files. Without proper database administration and access controls, risks of unauthorized, inaccurate, and
incomplete data
files
increase. The centralization of data
also increases the need to properly back-up data information on a regular basis.
15)An audit client is in the process of
creating an online web-based sales ordering system for customers to purchase products using personal
credit cards for payment. Identify
three risks related to an online sales
system that management should
consider. For each risk, identify
an internal control that could be
implemented to reduce that risk.
: An online sales ordering system poses many potential risks for
an audit client. Risks that may exist include:
1. Customer data is
susceptible to interception by unauthorized third parties.
2. The client company’s data, programs, and hardware are susceptible to potential
interception
or sabotage by external parties.
3. An unauthorized third party may attempt to transact
business with the client
company.
These risks can be addressed by the use of firewalls, encryption techniques, and
digital signatures. A firewall is a system of hardware and software that monitors and
controls the flow of e-commerce communications by channeling all network connections through
a control gateway. A firewall protects data,
programs, and other IT resources from external users accessing the system through networks,
such as the Internet. Encryption techniques are based on computer programs
that transform a standard message into a coded (encrypted) form. One key (the
public key) is used for encoding the message and the other key (the private key) is used to decode
the message. Encryption techniques protect
the
security of electronic
communication during the transmission process. Finally, the use of digital signatures can enhance internal controls over the online
sales order system by authenticating the validity of customers and other trading partners who
conduct business with the client
company.
16)Explain why it is unacceptable for an
auditor to assume that an independent computer
service center is
providing reliable accounting information to an audit client. What can auditor do to test the service center’s internal controls?
: It is unacceptable for an auditor to assume an independent computer service center is
providing reliable accounting information to an audit client because the
auditor has no firsthand knowledge
as to the adequacy of the service
center’s controls. If the client’s service center
Comprehensive Material Series
application is involved in processing significant financial data, the auditor
must consider the
need to obtain an understanding of internal control and test the service
center’s controls.
The auditor can test the service center’s system
by use of the test data and other
tests of controls. Or, he or she may request that the service
center auditor obtain an understanding
and test controls of the service center,
which are summarized in a special
report issued by the service center
auditor for use by the customer’s
auditor.
The Audit Process-Overall Audit Plan and Audit Program
1) What are the five types of tests auditors use to determine
whether financial statements are fairly stated? Identify which tests are performed
to reduce control risk and which tests are performed to reduce planned detection risk. Also, identify
which tests will be used by a public
company auditor when internal control over financial reporting.
: The five types of
tests auditors use to determine whether financial statements are fairly
stated include the following:
< Procedures
to gain an understanding of internal control
< Tests of controls
< Substantive
tests of transactions
< Analytical procedures
< Tests of details of balances
While procedures to gain an understanding of internal control
help
the financial statement auditor obtain information to make an initial assessment of control risk, tests of
controls must be performed as support
of an assessment of control risk
that is below maximum. The purpose of
tests of controls is to obtain
evidence regarding the effectiveness
of controls, which may allow the auditor
to assess control risk below maximum. If controls are found to be effective
and functioning, the substantive evidence may be reduced. Substantive evidence
is obtained to reduce detection risk. Substantive evidence includes evidence from substantive tests of transactions, analytical procedures,
and tests of details of balances.
For audits of internal
control over financial reporting, the auditor only performs the first two
types of audit tests: procedures to
obtain an understanding of internal control and tests of controls. Because a
public company auditor must issue a
report on internal control over financial
reporting, the extent of the auditor’s
tests of controls must be sufficient
to issue an opinion about
Comprehensive Material Series
the operating
effectiveness of those controls. That generally requires a significant
amount of testing of controls over financial
reporting.
2) What is the purpose of tests of controls? Identify specific accounts on the financial statements that are affected
by performing tests of controls for the
acquisition and payment cycle.
: Tests of
controls are audit procedures to test the operating effectiveness of control policies
and procedures in support of a reduced assessed control risk. Tests
of controls provide the primary basis
for a public company auditor’s
report on internal controls over
financial reporting. Specific accounts affected by performing tests of controls for
the acquisition and payment cycle include the following: cash, accounts
payable, purchases, purchase returns
and allowances, purchase
discounts, manufacturing expenses, selling expenses, prepaid insurance,
leasehold improvements, and various
administrative expenses.
3) Distinguish between a test of control and a substantive
test of
transactions.
Give two examples of each.
: Tests of controls are audit procedures to test the operating effectiveness
of control policies
and
procedures in support of a reduced assessed control risk. Examples include:
1. The examination of vendor invoices for indication that they have been
clerically tested,
compared to a receiving report
and
purchase order, and
approved for payment.
2. Examination of employee time
cards for approval of overtime hours
worked.
3. Examination of
journal entries for proper approval.
4. Examination of approvals for the write-off
of bad debts.
Substantive tests of transactions are audit
procedures testing
for monetary misstatements
to determine whether the six transaction-related audit
objectives have been satisfied for each
class of transactions. Examples are:
1. Recalculation of amounts
(quantity times unit selling price)
on selected sales invoices and tracing of amounts to the
sales journal.
2. Examination of vendor invoices in support of amounts recorded in the
acquisitions journal for purchases of inventories.
3. Recalculation of
gross pay for selected entries in
the payroll journal.
4. Tracing of selected customer
cash receipts to the accounts receivable master file, agreeing customer names and
amounts.
4) State a test of control audit procedure to test the
effectiveness of the following control:
approved wage rates are used in calculating
employees’ earnings. State a
substantive test of transactions audit
procedure to determine whether approved wage rates are actually used
in calculating employees’ earnings.
: A test of control audit procedure to test that approved wage rates are used to calculate employees'
earnings would be to examine rate
authorization forms to determine the existence of authorized signatures.
A substantive test of transactions audit procedure would be to compare a sample of rates actually paid, as indicated in the earnings record,
to authorized pay rates on rate
authorization forms.
Comprehensive Material Series
5) A considerable portion of the tests of controls and substantive tests
of transactions are performed simultaneously as a matter of audit convenience. But the substantive tests of
transactions procedures and sample size, in
part, depend on the results of the tests of controls. How can the auditor resolve this
apparent inconsistency?
: The auditor resolves the problem by making assumptions about the
results of the tests of controls and performing both the tests of
controls and substantive tests of transactions on the basis of these assumptions. Ordinarily the auditor assumes an effective system of internal control with few or no exceptions planned. If the results of the tests of
controls are as good as or better than the
assumptions that were originally made, the auditor
can be satisfied with
the substantive tests
of transactions, unless the substantive tests of transactions themselves indicate the existence of misstatements. If
the tests of controls results were not as good as the auditor assumed in designing the original
tests, expanded substantive tests must be performed.
6) Evaluate the following statement: “tests of sales and cash
receipts transactions are such an
essential part of every audit that i like
to perform them as near the end of the
audits as possible. By that time i have
a fairly good understanding of the client’s business and its internal controls because confirmations,
cutoff tests, and other
procedures have already been
completed.”
: The primary
purpose of testing sales and cash receipts transactions is to evaluate the
internal controls so that the scope of
the substantive tests of the account balances may be set. If the auditor performs the tests of details of
balances prior to testing internal controls, no benefit will be derived from the tests of controls. The auditor should attempt to understand the client's business and internal controls as early as practical through the analysis of the accounting system, tests of controls, and substantive
tests of transactions.
7) Explain how the calculation and comparison to previous years of the gross margin percentage and the ratio of
accounts receivable to sales are related to
the confirmation
of accounts receivable and other tests of the accuracy of accounts
receivable.
: When
the results of analytical procedures are different from the auditor's expectations and thereby indicate that there may be a misstatement
in the balance in accounts
receivable or sales, the auditor should extend the tests
to determine why the ratios are different
from expectations. Confirmation
of accounts receivable and cutoff
tests for sales are two procedures that
can be used to do this. On the other hand, if the ratios are approximately what the auditor expects,
the other tests can be reduced. This means that the auditor can satisfy the evidence requirements
in different ways and that analytical procedures and
confirmation are complementary when
the results of the tests are both good.
8) Distinguish between substantive tests of transactions and tests
of details of balances. Give one example
of each for the acquisition and payment cycle.
: Substantive tests of transactions are
performed to verify the accuracy of a client's accounting system. This is accomplished by determining whether individual transactions are correctly
recorded and summarized in the journals, master files, and general ledger. Substantive tests of transactions are also concerned with
classes of transactions, such
as payroll, acquisitions, or cash receipts. Tracing amounts from a file of vouchers to the acquisitions
journal is an example of a substantive
test of transactions for the acquisition and payment cycle. Tests
of details of balances verify the ending balance
in an individual account (such
as inventory, accounts
receivable, or depreciation expense) on the financial statements. An example of a test of details
Comprehensive Material Series
of balances for the acquisition and payment cycle
is to physically examine
a sample of the
client's fixed assets.
9) The auditor Ferguson’s
Inc. identified two internal controls in the
sales and collection receipts cycle
for testing. In the first control, the
computer verifies that a planned sale on account will not exceed the customer’s
credit limit entered in the accounts receivable master file. In the second control, the accounts receivable clerk matches bills of
ladding, sales invoices, and customer orders before recording in the sales journal. Describe how the
presence of general controls over
software programs and master file changes affects the extent of audit testing of each of these two
internal controls.
: 1. Control #1 -- Computer verification of the customer’s credit limit. The presence of
strong general controls over software programs and master file
changes can significantly reduce the auditor’s testing of automated controls such as control #1. Once it is
determined that control #1 is functioning properly, the auditor can focus subsequent tests on assessing whether any changes have occurred that would limit the effectiveness
of the control. Such tests might include
determining whether any changes have occurred to the program and whether these changes were
properly authorized and tested prior
to implementation. These are all tests
of general controls over software programs and
master file changes.
2. Control #2 – The accounts receivable clerk
matches
bills
of lading, sales invoices, and customer orders before recording in the sales
journal. This control is not an automated control, but is rather a manual
control performed by an employee. General controls over
software programs and master file changes would have little effect
on the auditor’s testing of control #2. If the auditor identifies control #2
as a key control in the sales and collection cycle, he or she would most likely examine a sample of the
underlying documents for the accounts receivable clerk’s initials and reperform the comparisons.
10)Assume that the client’s internal
controls over the recording and
classifying of fixed asset additions are considered deficient
because the individual
responsible for recording
new aquisitions has
inadequate technical training and limited experience in accounting. How will this situation affect the evidence
you should accumulate in auditing fixed
assets as compared with another
audit in which the controls are
excellent? Be as specific as possible.
: The audit of fixed asset additions normally
involves the examination of invoices in support of the additions and possibly
the physical examination of the additions. These procedures are normally performed on a test basis with a concentration on the more
significant additions. If the individual
responsible for recording new acquisitions is known to have inadequate training and limited experience in accounting, the sample
size for the audit procedures should be expanded to include a larger sample of the additions for the year.
In addition, inquiry as to what
additions were made during the year
may be made by the auditor of plant
managers, the controller, or other operating personnel. The auditor should
then search the financial records to determine that these additions were recorded as fixed assets.
Care should also be taken when the repairs and maintenance expense account
is analyzed since lack of training may cause some depreciable
assets to be expensed at the time of
acquisition.
11)For each
of the eight types of evidence discussed in chapter 7,
identify whether it is applicable
for risk assessment
procedures,
Comprehensive Material Series
tests of
controls, substantive tests
of transactions, analytical
procedures, adn tests of details of balances.
: The following shows
which types of evidence are applicable for the five types of tests.
|
TYPE OF EVIDENCE |
TYPES OF TESTS |
|
Physical examination Confirmation Documentation Observation Inquiries of the client Reperformance Analytical procedures |
Tests of details of balances All except analytical
procedures
Procedures
to
obtain an
understanding of
internal control and tests of controls All five types Tests of
controls, substantive tests of
transactions, and tests of details of balances Analytical procedures |
12)Rank the following types of tests from
moct costly to least costly: analytical
procedures, tests of details of balances, risk assessment procedures, tests of controls, and substantive tests of transactions.
: Going from
most to least costly, the types of tests are:
< Tests of details of balances
< Substantive tests of transactions
< Tests of controls
< Procedures
to obtain an understanding of internal controls < Analytical procedures
13)In figure 13-3, explain the difference
among C3, C2, and C1. Explain the circumstances under which it will be a
good decision to obtain audit assurance
from substantive tests at point C1.
Do the same for points C2, and C3.
: C represents the auditor's assessment of
the effectiveness of internal
control. C3represents the idea that the auditor chooses not to
perform any tests of controls. Since
no tests of controls are performed, no assurance can be obtained
from controls and all assurance must come from
substantive testing. This would not represent the audit of a public
company’s financial statements.Tests of controls at the C1 level would provide minimum control
risk. This would
Comprehensive Material Series
require more testing of the controls than would be required at
either C2 or C3. Testing controls at the
C1 level allows the auditor
to obtain assurance from the controls, thereby allowing for a reduction in
the amount of substantive testing which must be performed to meet the level
of acceptable audit assurance. C1 reflects the level of
testing of controls necessary for the audit of
internal controls over financial reporting required by PCAOB Standard 2.
It would
be a good decision to obtain assurance from tests of controls at point C1 if the cost of substantive testing is considerably greater than tests of controls. However,
if the cost of testing controls is high,
it may be a good decision to obtain
assurance at point C3.
At point C2, the auditor performs some tests of controls and is able to
reduce control risk below maximum. Point
C2 would be appropriate if it is cost beneficial for the auditor to
obtain assurance at a level between the two extremes mentioned above (C1 and C3).
14)Table
13-3 illustrates variations in the emphasis on different types of audit tests. What are the benefits to the
auditor of identifying the best mix of
tests?
: By identifying
the best mix of tests the auditor can accumulate sufficient competent evidence
at minimum cost. The auditor
can thereby meet the standards of
the profession and still be cost effective
and competitive.
15)State the four-step approach to designing tests of controls and
substantive
tests of transactions.
: The
four-step approach to designing tests of
controls and substantive tests of transactions is
as follows:
1. Apply the
transaction-related audit objectives to the class of transactions being tested.
2. Identify specific control
policies and
procedures that
should
reduce
control risk for each transaction-related audit objective.
3. Develop
appropriate tests of controls for each key control.
4. Design appropriate substantive tests
of transactions considering deficiencies in internal control and expected
results from 3 above.
16)Expalin
the relationship between the methodology
for designing tests of controls and substantive tests of
transactions in figure 13-4 to the
methodology for designing tests of details of balances in
figure 13-6.
: The approach to designing tests of controls
and substantive tests of transactions (Figure 13-
4) emphasizes satisfying the transaction-related audit
objectives developed in Chapters 6 and
10. Recall that these objectives focus on the proper functioning of the
accounting system.
The methodology of designing tests
of details of balances (Figure 13-6) emphasizes satisfying the balance-related audit objectives developed in Chapter 6. The
primary focus of these objectives is on the fair presentation
of account balances in the financial statements.
17)Why is it desirable to design tests of
details of balances before performing
tests of controls and substantive tests of transactions? State the assumptions that the auditor must
make in doing that. What does the
auditor do if the assumptions are wrong?
: It is desirable to design tests of details of
balances before performing tests of controls and substantive tests of transactions to enable the auditor to determine if the overall planned evidence is the most efficient and effective
in the circumstances. In order to do this, the auditor must make assumptions about the results of the tests of controls and substantive tests of transactions. Ordinarily the auditor will
assume no significant misstatements or control problems
Comprehensive Material Series
in tests
of controls and substantive tests of transactions unless there is reason
to believe otherwise. If the
auditor
determines that
the
tests
of controls and
substantive tests
of transactions results are different
from those expected, the amount of testing
of details of balances must be altered.
18)Explain
the relationship of tolerable misstatement,
inherent risk,
and
control risk to planned tests of details of balances.
: If tolerable misstatement is low, and inherent risk and control risk are high, planned tests of
details of balances which the auditor must perform will be high. An increase in tolerable
misstatement or a reduction of
either inherent risk or control risk will lead to a reduction in the planned tests of details of balances.
19)List the nine balance-related audit objectives in the
verification of the ending balance in inventory and provide one useful audit
procedure for each of the
objectives.
: The nine
balance-related audit objectives and related procedures are as follows:
|
GENERAL |
SPECIFIC OBJECTIVE |
AUDIT PROCEDURE |
|
Detail tie-in |
Inventory
on the inventory summary agrees with the
physical count,
the
extensions are correct, and
the total is
correctly added
and agrees with the general
ledger. |
|
|
Existence |
Inventory as stated in financial statements actually exists. |
Trace inventory from
final inventory
summary to
actual inventory and physically count selected
items. |
|
Completeness |
Existing inventory items have been counted and included in the financial statements. |
Select items from the physical
inventory and
trace to the
client's final summary to make
sure that all items are included.
|
|
Accuracy |
Inventory
items
included in
the financial statements are
stated at the correct amounts. |
Perform price
tests
of inventory
by
examining supporting
vendors' invoices for selected inventory items
and reverify price
times quantity. |
|
Classification |
Inventory as included in the financial statements is properly classified. |
Compare the classification of
inventory into
raw
materials, work in process, and finished goods by comparing the
description on physical inventory count tags with the client's final inventory
listing.
|
Comprehensive Material Series
|
Cutoff |
Inventory
cutoff
is
properly recorded at the balance sheet date. |
Trace selected
receiving reports several days
before and after the
balance sheet
date to determine whether inventory
purchases are recorded
in the proper period
and related physical
inventory counts
are
included or excluded from inventory.
|
|
Realizable value |
Inventory on the financial statements
excludes unusable items.
|
Inquire of factory employees
and management regarding obsolescence of inventory, and examine storeroom for
evidence of damaged or
obsolete
inventory. |
|
GENERAL |
SPECIFIC OBJECTIVE |
AUDIT PROCEDURE |
|
Rights and obligations
|
Inventory items
in
the
financial statements
are
owned by the client. |
Review contracts
with suppliers
and
customers for
the possibility of the inclusion of consigned or other
non- |
|
Presentation and disclosure
|
Inventory and
related accounts in the inventory and
warehousing cycle
are properly
presented and disclosed.
|
Examine financial statements for proper presentation and
disclosure including proper description
of
pledged inventory
and
inclusion of
significant sales and purchase commitments. |
20)Why do auditors often consider it
desirable to perform audit tests
throughout the year rather than wait until year-end? List several examples of evidence that can be accumulated
before year-end.
: Auditors frequently consider it desirable to
perform audit tests throughout the year rather than waiting
until year-end because of the CPA
firm's difficulty of scheduling
personnel. Due to the uneven distribution of the year-end dates of their
clients, there is a shortage of personnel during certain periods of the year and excess available time at other periods. The procedures that
are performed at a date prior to year-end are often dependent upon adequate internal controls and when
the client will have the information
available. Additionally, public
company auditors must begin their testing
of controls earlier
in the year to ensure they are able to test a sufficient
sample of controls for operating effectiveness.
Some controls may only be performed monthly or quarterly.
Thus, the public company auditor
must begin testing early in the year
so that there is a sufficient number of months or quarters to
test.
Procedures
that may be performed prior to the end of the year are:
1. Update fixed asset
schedules.
2. Examine new loan
agreements and other legal records. 3. Vouch certain transactions.
Comprehensive Material Series
4. Analyze changes in
the client's accounting systems.
5. Review minutes of
board of directors' meetings.
6. If the
client
has
strong internal control, the
following procedures may be
performed with minor review
and updating at year-end:
(a) Observation of physical inventories;
(b) Confirmation of
accounts receivable balances;
(c) Confirmation and
reconciliation of accounts payable
balances.
Completing The Audit
1) Distinguish between a contingent liability and an actual liability
and give
three examples
of each.
Ñ:
A contingent liability is a potential future
obligation to an outside party for an
unknown
amount resulting from activities that have already taken
place. Some examples would be:
< Pending litigation
< Income tax disputes
< Product warranties
< Notes receivable discounted
< Guarantees of obligations of
others
< Unused balances of
outstanding letters of credit
An actual liability is a real future
obligation to an outside party for a known
amount from activities that have already taken
place. Some examples would be:
< Notes payable
Comprehensive Material Series
< Accounts payable
< Accrued interest payable
< Income taxes payable
< Payroll withholding
liabilities
< Accrued salaries and wages
2) In the audit of the James Mobley Company, you are concerned
about the possibility of contingent
liabilities resulting from income tax disputes. Discuss the procedures you could use for an extensive investigation in this area.
Ñ: If you are
concerned about the possibility of
contingent liabilities for income tax
disputes, there are various procedures you could
use for an intensive investigation
in that area. One good approach would be an analysis of income tax expense. Unusual or nonrecurring amounts should be investigated
further to determine if they represent situations of potential tax liability. Another helpful procedure
for uncovering potential tax liabilities
is to review the general correspondence file for communication
with attorneys or internal revenue
agents. This might give an
indication that the potential for a liability exists even though no actual litigation has begun. Finally,
an examination of internal revenue
agent reports from prior years may provide
the most obvious indication of disputed tax matters.
3) Explain why an auditor is interested
in a client’s future commitments
to
purchase raw materials at affixed price.
Ñ: The auditor would be interested in a client's future commitments to purchase
raw materials at a fixed
price so that this information could be disclosed in the financial statements. The commitment may be
of interest to an investor as it
is compared to the future price
movements of the material. A future
commitment to purchase raw materials at a fixed
price may result in the client
paying more or less than the market
price at a future time.
4) Explain
why the analysis of legal expense is
an essential part of every audit.
Ñ: The analysis of legal expense is an essential part of every audit engagement
because it may give an indication of contingent liabilities which
may become actual liabilities in the future
and require disclosure in the current financial statements. Since any single contingency could be
material, it is important to verify
all legal transactions, even if the
amounts are small. After
the analysis of legal expense
is completed, the attorneys to whom payment was made should be
considered for letters of confirmation for contingencies (attorney
letters).
5) During the audit of the
Merrill Manufacturing Company, Ralph Pyson, CPA, has become aware of four lawsuits against the client
though discussions with the client, reading corporate minutes, and reviewing
correspondence
files. How should Pyson determine the materiality
of the lawsuits and the proper disclosure
in the financial statements?
Ñ: Pyson
should determine the materiality
of the lawsuits by
requesting from Merrill's attorneys an assessment of the legal situations and the probable
liabilities involved. In addition, Pyson
may have his own attorney assess the
situations. Proper disclosure
in the financial statements will depend on the
attorneys' evaluations of the probable
liabilities involved. If the evaluations indicate highly probable, material amounts, disclosure will be necessary in the
form of a footnote, assuming
the amount of the probable material loss cannot be reasonably estimated. If the client refuses
to make adequate disclosure of the contingencies, a qualified or
adverse opinion may be necessary.
Comprehensive Material Series
6) Distinguish between an asserted and unasserted claim. Explain why
a client’s
attorney may not reveal an unasserted claim.
Ñ: An asserted claim is an existing legal action that has been taken against the
client, whereas an
unasserted claim represents a potential legal action.
The client's attorney may not reveal an
unasserted claim for fear that the disclosure
of this information may precipitate
a lawsuit that would be damaging to the client, and that would otherwise not be filed.
7) Describe the action that an auditor should take if an attorney refuses to provide
information that is within the attorney’s jurisdiction and may directly
affect the fair presentation
of the financial statements.
Ñ: If an attorney
refuses to provide the auditor with information
about material existing lawsuits or likely
material unasserted claims, the audit opinion would have to be modified to reflect the lack of available evidence. This is required
by SAS 12 (AU 337), and has the effect of requiring management to give its attorneys permission
to provide contingent liability information to auditors and to encourage attorneys
to cooperate with auditors in obtaining information
about contingencies.
8) Distinguish between the two general types of subsequent events and
explain
how they
differ. Give two examples of each type.
Ñ:
The first type of subsequent event is one that has a direct effect on the financial
statements
and requires adjustment. Examples of this type of subsequent event are
as follows:
< Declaration of bankruptcy by a customer with an outstanding
accounts
receivable balance due to the
deteriorating financial condition
< Settlement of a litigation for an amount different from
the amount
recorded on the books
< Disposal of equipment not being used in operations at a price
below
the current
book value
< Sale of investments at a
price below recorded cost
< Sale of raw material as scrap in the period subsequent to the
balance
sheet date
Comprehensive Material Series
The second type of subsequent event is one that
has no direct effect on the financial statements but for which disclosure is advisable. Examples include the following:
< Decline in the market
value of securities held for temporary
investment or
resale
< Issuance of bonds or equity securities
< Decline in the market
value of inventory as a consequence of government
action barring further
sale of a product
< Uninsured loss of
inventories as a result of fire
9) In obtaining letters from
attorneys, Bill Malano’s aim is to receive the letters as early as possible after the balance sheet date. This provides him with a signed letter from every attorney in time to properly investigate
any exceptions. It also eliminates the problem
of a lot unresolved loose ends
near the end of the audit. Evaluate
Malano’s approach.
Ñ: Malano's approach
does not take into consideration the
need to obtain letters from attorneys
as near the end of field work as possible. If the letters are received near the balance sheet date, the period from the balance
sheet to the end of the auditor's field
work will not be included in the attorneys'
letters. His procedure
would not obtain the most current
information regarding contingent
liabilities, and would not provide
adequate information
for disclosure of pertinent subsequent
events.
10)What
major considerations should
the auditor
take into
account in
determining how extensive the review of
subsequent events should be?
Ñ: The major considerations
the auditor should take into account
in determining
how extensive the subsequent events review should be are:
< The company's financial strength and stability of earnings
< The effectiveness of the
company's internal controls
< The number and significance
of the adjustments made by the auditor
< The length of time between the
balance sheet date and the
completion
of the audit
< Changes in key
personnel
Auditors of public companies should be aware that PCAOB Standard 2 requires them to also inquire about changes in internal control over financial
reporting occurring subsequent
to the end of the
fiscal period
that might significantly affect internal control over financial reporting.
11)Identify five audit procedures normally done as a part of the review for
subsequent
events
Ñ: Audit procedures
normally performed as a part of the review for subsequent
events are:
< Cutoff and valuation tests
of various balances and related
transactions;
e.g., sales cutoff tests
< Inquire of management
< Correspond with attorneys
< Review internal statements prepared subsequent to
the balance sheet
date
Comprehensive Material Series
< Review records
prepared subsequent to the balance sheet date
< Examine minutes of meetings of board of directors and
stockholders
subsequent to the balance
sheet date
< Obtain a letter of representation
12)Distinguish between subsequent events occurring between the balance sheet date and the date of the auditor’s report, and subsequent discovery of
facts existing
at the date of the auditor’s report.
Give two examples of each and explain
the appropriate action by the auditor in each instance.
Ñ: Subsequent events occurring between the balance sheet date and the date of the auditor's report are those transactions
and events which might affect the
financial statements being
audited (either adjustment,
disclosure, or both). Examples of these types of events would be:
< Declaration of bankruptcy by
a customer with an outstanding accounts
receivable balance due
because of a deteriorating financial condition
< Settlement of a litigation for an amount different from
the amount
recorded on the books
< Disposal of equipment not
being used in operations at a price below
the current
book value
< Sale of investments at a
price below recorded cost
< Sale of raw material as
scrap in the period subsequent to the balance
sheet date
< Decline in the market value of securities held for temporary
investment
or resale
< Issuance of bonds or equity
securities
< Decline in the market value of inventory as a consequence
of
government action barring
further sale of a product
< Uninsured loss of
inventories as a result of fire
If these events and transactions have a material effect on the financial
statements, they may require adjustment
of the current period financial statements or disclosure.
Auditors of public companies should also be alert for subsequent changes in internal control over financial reporting.
The subsequent discovery of facts existing at the date of the auditor's report
occurs when the auditor becomes aware
that some information included in
the financial statements
was materially misleading
after the
audited financial statements have been issued. Some examples of
such facts would be:
< Subsequent discovery of the
inclusion of fraudulent sales
< Subsequent discovery of the failure
to write-off obsolete inventory
< Omission of an essential
footnote
In such cases when the auditor discovers the
statements to be misleading, he or she
should request the client to issue a
revised set of financial statements
as soon as possible containing a new
audit report and an explanation of the reasons for the revisions to the financial statements.
13)Miles Lawson, CPA, believes that the final summarization is the easiest part
of the audit if careful planning is follow throughout the audit. He makes sure that each segment of the audit is completed,
he is finished with the audit. He
believes this may cause each part of the audit to take a little longer, but he makes up for it by not having to do the final summarization.
Evaluate Lawson’s approach.
Comprehensive Material Series
Ñ: The weakness in Lawson's approach is the danger of discovering an
inadequacy
in one audit area which could affect other areas of the audit. For example, if misstatements were discovered as part
of the tests of controls for
sales, the initial plans for the tests
of details of balances for accounts receivable
may have been insufficient and should
have been revised. Similarly, the
audit of fixed assets is related
to the contracts and notes payable whenever fixed
assets are used as collateral.
Another difficulty with
Lawson's approach is that there
is no combining of the misstatements in different audit areas to
determine if the combined
misstatements are material. If the combined misstatements are considered
material, it may be necessary to expand
the testing in certain areas or require
adjusting entries to some balances.
14)Compare
and contrast the accumulation of audit evidence and the evaluation of the adequacy of the disclosures in
the financial statements. Give two examples
in which adequate
disclosure could
depend heavily on the accumulation of evidence and two others in
which audit evidence does not normally significantly
affect the adequacy of the disclosure.
Ñ: The
accumulation of audit evidence is crucial to the auditor in determining
whether the financial
statements are stated in accordance with generally accepted accounting principles, applied on a basis
consistent with the preceding year.
The evaluation of the adequacy of the
disclosures in financial statements
is made to determine that the account balances
on the trial balance are properly aggregated and disclosed on
the financial statements.
Examples where
adequate disclosure
could depend heavily
upon the accumulation of evidence are:
< The disclosure of
declines in inventory values below cost
< The segregation of current
from noncurrent receivables
< The segregation of trade accounts receivable
from amounts due from
affiliates
< The disclosure of contingent liabilities
that the auditor has not been
informed of by the client
Examples where audit
evidence does not normally
significantly affect the adequacy of the
disclosure are:
< Deciding whether a disposal of equipment should be recorded
as an
extraordinary item
< The disclosure of an
acquisition as a pooling of interests
or a purchase
< The disclosure of
contingencies that the auditor was informed
of by the
client
15)Distinguish
between a client letter of representation and a management letter and state the primary purpose of each.
List some items that might be included
in each letter.
Ñ: A letter of representation is a written communication from the client to the auditor which formalizes statements
that the client has made about matters
pertinent to the audit. SAS 85
(AU 333) suggests four categories of items that
should be included in the letter.
Below are those four items with examples in each category follow (refer students to SAS 85―AU
333―for a comprehensive list):
1. Financial statements
Comprehensive Material Series
< Management's acknowledgment of its responsibility for the fair presentation
in the financial statements of financial position, results
of operations, and cash flows in conformity
with generally accepted accounting
principles
< Management’s belief that the financial statements
are fairly presented in
conformity with generally accepted accounting principles
2. Completeness of
information
< Availability of all financial
records and related data
< Completeness and availability
of all minutes
or meetings of
stockholders, directors, and committees of directors
< Absence
of unrecorded transactions
3. Recognition,
measurement, and disclosure
< Management’s
belief that the effects of any
uncorrected financial statement
misstatements are immaterial to the financial statements
< Information concerning
fraud involving (1)
management, (2)
employees who have significant roles
in internal control, or (3) others where
the fraud could have a material effect on the financial statements
< Information concerning related
party transactions and amounts
receivable
from or payable to related parties
< Unasserted claims or assessments
that the entity’s lawyer has
advised are probable of assertion and must be disclosed in accordance with Financial Accounting
Standards Board (FASB) Statement No.
5, Accounting for Contingencies
< Satisfactory title to assets, liens or encumbrances on
assets, and
assets
pledged as collateral
< Compliance with
aspects
of contractual agreements that
may affect the
financial statements
4. Subsequent events
< Bankruptcy
of a major customer with an outstanding account receivable at
the balance sheet date
< A merger
or acquisition after the balance sheet date
For audits of public
companies, PCAOB Standard 2 requires
the auditor to obtain specific representations from management
about internal control over
financial reporting. Some of those representations are
noted below:
5. Internal
controls
< Management’s acknowledgement of its responsibility
for establishing and
maintaining
effective internal controls over
financial reporting.
< Management’s conclusion about the effectiveness of internal control over
financial reporting as of the end of the fiscal period.
< Disclosure
to the auditor of all deficiencies in the design or operation of
internal control over financial reporting
identified as part of management’s assessment, including separate disclosure
of significant deficiencies
and material weaknesses.
< Management’s knowledge
of any material fraud or other fraud involving
senior management or other employees
who have a significant role in the
company’s internal control over financial reporting.
Auditors of public
companies may obtain a combined representation letter for both the audit of the financial statements and the
audit of internal control over financial
reporting.
A management letter is a
letter directed to the client to
inform management of certain recommendations
about the business which the CPA
believes would be beneficial to the
client.
Items that might be included
in a management letter are:
< Recommendation to switch inventory valuation methods
Comprehensive Material Series
< Recommendation to install a
formal security system
< Recommendation to prepare more
timely bank reconciliations
< Recommendation to segregate
duties
< Recommendation to have
certain types of transactions authorized by
specific
individuals
16)Explain
what is meant
by information
accompanying basic financial
statements. Provide two examples of such information. What levels of
assurance may the CPA offer
for this information?
Ñ: Information
accompanying basic financial statements is any and all information
prepared for management or outside users included with the basic financial
statements. Examples include detailed comparative statements supporting
control totals in the basic statements, supplementary
information required by the
SEC, statistical data such as ratios and
trends, and specific comments on the changes that have taken
place in the financial statements.
The auditor can provide one of two levels of assurance for information accompanying basic financial statements. The
auditor may issue a positive opinion
indicating a high level of assurance, or a disclaimer indicating no
assurance.
17)What is meant by reading other financial information
in annual reports? Give
an example of the type of information the
auditor is examining.
Ñ: SAS 8 (AU
550) requires the auditor to read
information in annual reports
containing audited financial
statements for consistency
with the financial
statements and the auditor's report.
Types of information the auditor examines include
statements about financial condition in the president's
letter and displays and summaries of
statistical financial information.
18)Distinguish between regular audit documentation review
and independent review and state the purpose of each. Give two examples of potential findings in each of these two types of review.
Ñ: A regular
audit documentation review is the
one that is done by someone who is
knowledgeable about the client and the unique circumstances in the audit. The
purposes of this review are to:
< Evaluate the performance
of inexperienced personnel
< To make sure that the audit meets the CPA firm's
standard of performance < To counteract the bias that frequently enters into the auditor's
judgment.
Examples of important potential findings in a regular audit documentation review
are:
< Incorrect computations
< Inadequate scope
< Lack of proper documentation for audit decisions
An independent review is one done by a completely
independent person who has no experience
on the engagement.
The purpose is to have a competent
professional from within the firm who has not been biased by the ongoing
relationship between the regular auditors and the client perform an independent review. Examples of important potential findings
in an independent review are:
< A number of small adjustments
waived that should have been
accumulated into an
adjusting journal entry due to materiality
< Too narrow and too biased of a scope in an audit
area
< Inadequate disclosure of contingencies
Comprehensive Material Series
19)Describe matters that the auditor must
communicate to audit committees of
public
companies.
24.19 Ñ: In addition to the SAS 61 required
audit committee communications, the
Sarbanes-Oxley Act
expands these communications requirements by
also requiring
public company auditors to timely report
the following items to the audit committee:
< All critical accounting policies and practices to be used.
< All alternative treatments
of financial information within generally
accepted accounting principles
that have been
discussed with management, ramifications of the use of such
alternative disclosures
and treatments, and the treatment preferred
by the auditor.
< Other material written communications
between the auditor and
management, such as
any management letter
or schedule of
unadjusted differences.
As the audit of the public
company is completed, the auditor should determine that the audit committee is informed about the initial
selection of and changes in significant accounting policies or their
application during the current audit period. When changes have occurred,
the auditor should inform the committee of the reasons for the change. The auditor
should also communicate information about methods used to account for significant unusual transactions
and the effect of significant
accounting policies in controversial or emerging areas.
The End
Comments
Post a Comment