You've reached the end of your free preview.
Want to read all 654 pages?
Unformatted text preview: Frederick Choo Financial and Integrated
Audits 1 Table of Contents
1 Financial and Integrated Audits 3 2 The Auditor's Professional Environment 23 3 The Auditor's Ethical Environment 47 4 The Auditor's Legal Environment 75 5 Audit Plan - Preplan and Documentation 103 6 Audit Plan - Objectives 137 7 Audit Plan - Evidence 165 8 Audit Plan - Internal Control 191 9 Audit Plan - Materiality and Risk 229 10 Audit Plan - Program and Technology 255 11 Audit Sampling for Tests of Controls 283 12 Audit Sampling for Tests of Balances 304 13 Revenue Cycle - TOC and TOB 324 14 Expenditure Cycle - TOC and TOB 362 15 Inventory Cycle - TOC and TOB 396 16 Payroll Cycle - TOC and TOB 430 17 Capital Cycle - TOC and TOB 452 18 General Cash and Investments - TOC and TOB 476 19 Completing the Audit 504 20 Audit Report 540 2 21 Other Audit Engagements 588 Appendix A 630 Appendix B 631 Appendixes C D E 632 Appendix F 633 Financial and Integrated Audits - Frederick Choo Chapter 1
Financial and Integrated Audits
Chapter Learning Outcomes (LOs) Checklist
After reading this chapter, you should be able to: LO1-1 Understanding the reason for auditing. LO1-2 Distinguish among auditing, attestation, and assurance services. LO1-3 Differentiate between financial audit and integrated audit. LO1-4 Differentiate between assurance and consulting services. LO1-5 Explain the different categories of audit and types of auditor. LO1-6 Explain the organizational structure, category, and hierarchy of CPA firms. 3 4 1 Financial and Integrated Audits Chapter 1 Financial and Integrated Audits
Definition of Auditing
Auditing may be defined as:
"A systematic process of objectively obtaining and evaluating evidence regarding assertions about economic actions
and events to ascertain the degree of correspondence between those assertions and established criteria and
communicating the results to interested users."
Source: Committee on Basic Auditing Concepts, Statement of Basic Auditing Concepts AAA, 1973, p.2. Several key phrases of this definition merit special comment in Table 1-1.
TABLE 1-1 Definition of Auditing Key Phrase
A systematic process
Objectively evaluating and
examining of evidence
Assertions about economic actions
Degree of correspondence between
assertions and established criteria
Communicating results to
interested users Comments
Auditing is a logically structured and planned inquiry process.
Auditing involves independently obtaining and gathering evidence, such as confirmations of
balances, and objectively evaluating the sufficiency and appropriateness of this evidence.
These are assertions made explicitly and/or implicitly by the auditee with regard to the accounting
information presented to the auditor, for example, the auditee has valued inventories at the lower
of cost or market value.
Based on the evidence gathered, the auditor forms an opinion as to the closeness with which the
auditee's assertions comply with established standards and polices, for example, generally accepted
accounting principles (GAAP) and other statutory rules and regulations.
The auditor communicates the degree of correspondence between the auditee's assertions and
established criteria in the form of an audit report to interested parties that include stockholders,
lenders and creditors. The Demand for Auditing
The definition of auditing can further be discussed in terms of a principal-agent framework that explains the demand
for auditing. See Figure 1-1 below for the relationships. First, stockholders (referred to as principals) of a
corporation appoint a board of directors who in turn hires a professional management team (referred to as agents) to
run the corporation. Second, both the stockholders and management seek to maximize their self-interest. Their
goals/activities are not necessarily congruent. Third, the stockholders appoint an outside independent party (an
external auditor) to monitor and report the goals/activities of the management. The auditor provides a form of
attestation service, an auditing service, to the stockholders. Fourth, the external auditor gathers and evaluates
evidence concerning the explicit and implicit assertions made by the management (auditee’s assertions) in the
financial statements and reports to the stockholders about the fairness of the financial statements presentation in the
form of an audit opinion report. If the management’s financial statements are presented fairly, the auditor issues an
unqualified opinion report. On the other hand, if the management’s financial statements are not presented fairly, the
auditor issues a qualified opinion report. See Table 1-2 for a brief description of the various types of audit opinion
report. A qualified audit opinion usually means that the management’s financial statements contain material
misstatements. Misstatements may be in the form of errors, unintentional mistakes, or frauds, intentional
misrepresentations. Two common types of intentional misrepresentations are misappropriation of assets, also known
as employee fraud, and fraudulent financial reporting, also known as management fraud.
Table 1-2 Types of Audit Opinion Report
Types of Audit Opinion Report
Explanatory paragraph Added
Qualified Opinion Brief Description This report is issued when the auditor judges that the client’s financial statements fairly present, in
all material respects, the financial position, results of operations, and cash flows in conformity with
This report is issued when the auditor judges that it is necessary to add a paragraph to explain
certain accounting related matters in a standard unqualified opinion report.
This report is issued when the auditor judges that the client’s financial statements fairly present, in Financial and Integrated Audits - Frederick Choo Types of Audit Opinion Report Brief Description
all material respects, the financial position, results of operations, and cash flows in conformity with
GAAP “except for” the material effect of certain accounting related matters to which the
This report is issued when the auditor judges that the client’s financial statements, taken as a whole,
do not fairly present the financial position, results of operations, and cash flows in conformity with
This report is issued when the auditor does not express an opinion on the client’s financial
statements. Adverse Opinion Disclaimer of Opinion Figure 1-1 The Demand for Auditing in a Principal-Agent Framework
Stockholders Board of Directors XYZ Co.
(Accountant) Independent Auditor
(Opinion) Unqualified Qualified
(Audit) Financial Statements
Error Fraud Unintentional
(Employee fraud) Fraudulent
(Management fraud) The Demand of Other Users
The principal-agent framework above focuses on the stockholders as a primary party demanding audited financial
statements. Besides the stockholders, there are a diversity of other users (other 3 rd parties) of the audited financial
statements. Table 1-3 describes other users of the audited financial statements.
Table 1-3 Other Users of Audited Financial Statements
Economists Use of Audited Financial Statements
Assess the ability of a company to repay indebtedness.
Assess the financial position of a company in litigation.
Assess the effects of economic policies and the implications for public policy decisions. 5 6 1 Financial and Integrated Audits User Use of Audited Financial Statements Financial Institutions
Taxing Authorities Determine whether to make a loan to a company.
Assess the profitability of a company and the potential for future wages or profit sharing contracts.
Review performance and make decisions affecting future directions of a company.
Determine whether to invest in a company.
Determine whether regulatory action is necessary to protect the public.
Determine taxable income and tax due. Type of Services
CPA firms provide five broad types of services as shown in Table 1-4.
Table 1-4 Five Broad Types of Services Type of Service
Attestation services Tax services Management advisory
(consulting) services Accounting services Assurance services Nature of Service
Attestation services are any professional services in which a CPA firm issues a written report that expresses
an opinion or conclusion about the reliability of a written assertion that is the responsibility of another party.
Attestation services include financial audit of private (non-publicly traded) companies and integrated audit
of public (publicly traded) companies; report on a client's internal control structure; review of private
companies' financial statements; examination of prospective financial statements, and application of agreedupon procedures on specific elements, accounts, or items of a financial statement. The AICPA’s Auditing
Standard Board issues Statements on Auditing Standards (AUs), which provide guidance for CPAs who
perform financial audit for private companies. On the other hand, the SEC’s Public Company Accounting
Oversight Board (PCAOB) issues Auditing Standards (ASs), which provide guidance for CPAs who perform
integrated audit for public companies. Table 1-5 describes four broad types of attestation services.
See Appendix A for a list of the AUs and see Appendix B for a list of the ASs.
Tax services include preparation of tax returns, assistant in tax planning, and engagement in tax litigation.
The AICPA's Federal Taxation Executive Committee issues Statements on Responsibilities in Tax Practice
(SRTPs), which provide guidance for CPAs who perform tax services.
Management consulting services include design of accounting information systems, and engagement in
marketing study, and executive recruiting. The AICPA's Management Advisory Service Executive
Committee issues Statements on Standards for Management Advisory Services (SSMASs) , which provide
guidance for CPAs who perform management advisory services.
Accounting services include preparation of financial statements and compilation of financial statements. The
AICPA's Accounting and Review Services Committee issues Statements on Standards for Accounting and
Review Services (ARs), which provide guidance for CPAs who perform accounting services.
See Appendix D for a list of the ARs.
Assurance services are independent professional services that improve the quality of information, or its
context, for decision-makers. By this broad definition, assurance services include attestation services in that
they improve the quality of information for decision-makers by issuing a written report about the reliability
of certain written assertions of another party. Assurance services also encompass compilation services in
that they improve the quality of information for decision-makers by presenting (compiling) them as financial
statements in accordance with GAAP. However, assurance services do not include consulting services
although they often deliver a similar body of knowledge and skills. A key difference between assurance and
consulting services is the objective of the engagement. Assurance services are designed to optimize the
client’s decision making whereas consulting services are designed to improve the client’s outcomes or
conditions. The AICPA's Auditing Standards Board issues Statements on Standards for Attestation
Engagements (ATs), which provide guidance for CPAs who perform accounting services. Table 1-6
describes six common types of assurance services.
See Appendix C for a list of the ATs. CPA firms provide four broad types of attestation services that are described in Table 1-5.
Table 1-5 Four Broad Types of Attestation services Financial
(private company) Integrated
(public company) Four Broad Types of Attestation services This type of service involves obtaining and evaluating evidence about a client’s financial statements. The AICPA’s
GAAP and Auditing Standard Board’s Auditing Standard AU 700 require that auditors of private companies in the
United States to provide an opinion on the company’s financial statements. Based on this financial audit, the auditor
issues a “positive” (means certain or confident) expression of opinion on whether the financial statements are presented
fairly in conformity with the GAAP and Auditing Standards. Figure 1-3 presents an overview of the financial audit.
This type of service involves obtaining and evaluating evidence about a client’s internal control over financial
reporting (ICFR) and its financial statements. The Sarbanes-Oxley Act Section 404(b) and PCAOB’s Auditing
Standard AS 5 require that auditors of public companies in the United States to provide an opinion on the effectiveness Financial and Integrated Audits - Frederick Choo Four Broad Types of Attestation services Examination Review Agreed-upon
procedures of the company’s ICFR and an opinion on the company’s financial statements. Based on this integrated audit, the
auditor issues an opinion on the effectiveness of the client’s ICFR and an opinion on the fair presentation of the
financial statement in accordance with the standards of the PCAOB. Figure 1-4 presents an overview of the integrated
This type of service involves obtaining and evaluating evidence about a variety of situations which contain assertions
made by another party. The auditor performing this type of service normally follows the AICPA’s Statements on
Standards for Attestation Engagements (ATs). Based on the examination, the auditor issues a “positive” expression of
opinion on whether the other party’s assertion conforms to certain applicable criteria. Examples of examination
services include (1) prospective (rather than historical) financial statements, (2) management’s assertions about the
effectiveness of a client’s internal control structure, and (3) a client’s compliance with specified laws and regulations.
This type of service involves inquiries of an audit client’s management and comparative analyses of financial
information. The scope of this service is significantly less than that of an audit or examination in that it usually does
not involve obtaining and evaluating evidence. The auditor performing this type of service normally follows the
AICPA’s Statements on Standards for Accounting and Review Services (ARs). Based on the review, the auditor issues a
“negative” (means uncertain or unconfident) expression of opinion on whether the financial statements are presented
fairly in conformity with established criteria such as GAAP. Thus, instead of stating a “positive” opinion that “the
financial statements are presented fairly in conformity with GAAP”, a “negative” opinion is usually stated as that “ we
are not aware of any material modifications that should be made to the statements in order for them to be in conformity
with GAAP.” Examples of review services include (1) review of interim financial statements of public companies and
(2) review of annual financial statement of non-public companies.
This type of service involves the auditor, the client, and the intended users to agree on certain procedures to be
performed on specified financial statement/non-financial statement matters. The auditor performing this type of service
normally follows the AICPA’s Statements on Standards for Attestation Engagements (ATs) for financial matters (e.g.,
gross sales account for a lease agreement) and non-financial statement matters (e.g., compliance with federal
affirmative action laws). Based on the agreed-upon procedures, the auditor issues a “summary of findings” report,
which does not include an opinion. Figure 1-3 An Overview of the Financial Audit (Private Company) Management Financial Audit Implements internal controls Conducts transactions Attests to management’s
internal controls Accumulates transactions
into account balances Prepares financial statements Issues financial statements Attests to management’s
financial statements Issues audit report:
1. An opinion on the fair presentation
of the financial statements 7 8 1 Financial and Integrated Audits Figure 1-4 An Overview of the Integrated Audit (Public Company) Management Integrated Audit Reports on ICFR Attests to management’s
report on ICFR Management Report on ICFR contains
an explicit statement on whether management’s
assessment of ICFR is effective as of the end
of the period reported on Issues audit report:
1. An opinion on the effectiveness of the
company’s ICFR Attests management’s
financial statements Prepares financial statements Issues audit report:
2. An opinion on the fair presentation
of the financial statements Issues financial statements ICFR = Internal Control Over Financial Reporting CPA firms offer a wide variety of “other” assurance services. The six common “other” assurance service are shown
in Table 1- 6. Chapter 21, Other Audit Engagements, provides more discussion on some “other” assurance services
and attestation services of the assurance services.
Table 1-6 Six Common “Other” Assurance Services Type
Business Performance Measurement Information Systems Reliability
Electronic Commerce Healthcare Performance Function This assurance service identifies a client’s profile of business risks and assesses whether the
client has appropriate systems in place to effectively manage those risks.
This assurance service evaluates whether a client’s performance measurement system contains
relevant and reliable measures for assessing the degree to which the client’s goals and objectives
are achieved or how its performance compares to its competitors.
This assurance service assesses whether a client’s internal information systems (financial and
non-financial) provide reliable information for operating and financial decisions.
This service assesses whether systems and tools used in electronic commerce provide data
integrity, security, privacy, and reliability. See Figure 21-15 in Chapter 21 for an example of a
This assurance service assesses and reports on the quality of care delivered by health care Financial and Integrated Audits - Frederick Choo Type Function Measurement systems, and to provide comparative analyses on costs and delivery systems.
This assurance service provides assistance to elderly people and their family members by
offering financial advice and measuring how effectively health care providers meet the needs of
the elderly and their families. Elder Care A diagrammatic representation of the relationship among the professional services is shown in Figure 1-2.
Figure 1-2 Relationships among Professional Services Assurance Services Nonassurance Services Attestation services
Examination Review Financial
Investigation Management Consulting Services Tax Services Agreed-Upon Procedures
Risk Assessment Web/SysTrust XBRL ElderCare Plus Health Care Performance Measurement Source: Adapted from the Elliott Committee Report (AICPA, 1997) The five broad types of services shown in Table 1-4 above fall into four categories of audit (see Table 1-7) and they
are usually conducted by several types of auditor (see Table 1-8).
Table 1- 7 Four Categories of Audit Category of Audit
Financial audit Integrated audit Compliance audit Operational audit Nature of Work This type of service involves obtaining and evaluating evidence about a client’s financial statements.
The AICPA’s GAAP and Auditing Standard Board’s Auditing Standard AU 700 require that auditors of
private companies in the United States to provide an opinion on the company’s financial statements.
Based on this financial audit, the auditor issues a “positive” (means certain or confident) exp...
View Full Document