AUDITING

SUMMARY NOTES
TABLE OF CONTENTS:

Audit Evidence and Documentation

Audit Planning, Understanding the Client and Risk Assessment
Internal Control
Audit Sampling
Audit of Receivables and Revenue
Audit of Inventories and Cost of Goods Sold
Audit of Property, Plant and Equipment
Audit of Debt and Equity Capital
Audit of Accounts Payable and Other Payables
Audit of Cash
Audit of Investments
Completing the Audit
Assurance Services: Historical Financial Information

AUDIT EVIDENCE and DOCUMENTATION

1. Auditors are required to obtain sufficient appropriate audit evidence to support their audit
opinion. Sufficiency is the measure of the quantity of the evidence. Appropriateness of evidence
relates to its relevance and its reliability in providing support for or detecting misstatement in
account balances, transactions and disclosures. Sufficiency and appropriateness are interrelated
and lead to audit decisions on the nature of audit evidence that is collected, its timing and its
extent.

Audit evidence: Any information that corroborates or refuses the auditor’s premise that the
financial statements present fairly the client’s financial position and operating results.

2. Audit evidence is gathered by the auditor to reduce audit risk – the risk that the auditor may fail
to modify their opinion on financial statements that are materially misstated. Since financial
statements consist of a series of assertions by management, the auditors must obtain sufficient
appropriate audit evidence about each significant financial statement assertion.

3. At the account balance, class of transaction, and disclosure levels, audit risk consists of:

a. Inherent and control risk. The risk that a material misstatement in an assertion has occurred.

Inherent risk: The risk of material misstatement of a financial statement assertion assuming
there were no related controls.
Control risk: The risk that a material misstatement that could occur in an account will not be
prevented or detected on a timely basis by internal control.
Detection risk: The risk that the auditor’s procedures will lead them to conclude that a
financial statement assertion is not materially misstated when in fact such misstatement does
exist.

b. Detection risk. The risk that the auditors will not detect the misstatement.

4. Auditors perform audit procedures to obtain audit evidence that will allow them to draw
reasonable conclusions as to whether the client’s financial statements follow GAAP. An audit
consists of:
 a. Risk assessment procedures. To obtain an understanding of company and its environment.

Risk Assessment procedures: Procedures performed by the auditor to obtain an

understanding of the entity and its environment, including its internal control. Risk
assessment procedures include inquiries of management, analytical procedures, observation
and inspection. Risk assessment procedures provide the auditors with a limited amount of
evidence about the operating effectiveness of the client’s internal control.

b. Test of controls. To test the operating effectiveness of controls.

c. Substantive procedures. To detect the material misstatements in relevant assertions.

5. Substantive procedures include test of details and analytical procedures. Test of details involve
testing recorded support for account balances, transactions and disclosures.
a. Test of details. Involves testing recorded support for account balances, transactions and
disclosures.
b. Analytical procedures. Provide evidence about account balances, transactions and
disclosures through analyzing relationships among data.

Analytical procedures: Tests that involve comparisons of financial data for the current year
to that of prior years, budgets, nonfinancial data or industry averages.

6. Auditors must be careful in considering financial statement accounts that are affected by
estimates made by management. The inherent risk of these is generally greater than other
financial statement assertions.

7. Audit documentation is the connecting link between the client’s account records and the auditor’s
report. This documentation is the property of the auditors and it primarily used to illustrate the
auditor’s compliance with professional standards and to support the auditor’s opinion.

AUDIT PLANNING, UNDERSTANDING THE CLIENT AND RISK ASSESSMENT

1. The audit process may be viewed as including the following stages:

a. Plan the audit
b. Obtain an understanding of the client and its environment including internal control
c. Assess the risk of misstatement and design further audit procedures

Further audit procedures: The additional procedures that are performed based on the
result of the auditor’s risk assessment procedures. Such procedures include additional
test of controls and substantive tests of account balances, classes of transactions and
disclosures.

d. Perform further audit procedures

e. Complete the audit
f. Form an opinion and issue the audit report

2. Investigating a potential audit client is essential because auditor want to avoid accepting clients
that have unscrupulous management. As part of their investigation, the auditors are required to
attempt communication with the predecessor auditors.
 3. In planning the audit, auditors establish an understanding with the client in writing through use
of an engagement letter which makes clear the engagement, any limitations on the work, and the
responsibilities of the client.

Engagement letter: a formal letter sent by the auditors to the client at the beginning of an
engagement summarizing such matters as the nature of the engagement, any limitations on the
scope of the audit work, work to be done by the client’s staff, and the basis of audit fee.

During planning the auditors develop and audit program, an overall audit strategy and audit plan.
The audit procedures contained in the audit program are designed around the assertions of
management.

Audit Program: A detailed listing of the specific audit procedures to be performed in the course
of an audit engagement.

4. The auditors perform risk assessment procedures (including inquiries, analytical procedures,
observation and inspection) to obtain an understanding of the client and its environment. They
plan the audit to provide reasonable assurance that the financial statements are free from
material misstatement, whether caused by error or fraud.

5. Auditors are concerned about fraud. To identify fraud risks, the auditors have an audit team
discussion of potential fraud, make inquiries, perform analytical procedures, and consider the
presence of fraud risk factors.

6. The auditors must apply the materiality concept, which recognizes that some matters are
important to the fair presentation of financial statements, while others are not. Auditors arrive at
a measure of materiality for planning purposes and disaggregate it into tolerable misstatements
for the various accounts.

Materiality: Of substantial importance. Significant enough to affect evaluation or decisions by

users of financial statements. Information that should be disclosed so that financial statements
constitute a fair presentation. Involves both qualitative and quantitative considerations.

7. Auditors assess the risk of misstatement they have identified to design further audit procedures.

INTERNAL CONTROL

1. Internal control is a process, effected by the company’s board of directors, management and
personnel, designed to provide reasonable assurance regarding the achievement of objectives in
the categories of:

a. Effectiveness and efficiency of operations

b. Reliability of financial reporting
c. Compliance with applicable laws and regulations

2. The five components of internal control include:

a. Control environment
b. Risk assessment
c. Control activities
d. Accounting information and communication system
e. Monitoring
3. The auditor’s responsibility with respect to internal control includes

a. Obtaining an understanding of internal control

b. Risk assessment
c. Test of controls

4. In risk assessment, the auditors consider:

a. What can go wrong at the assertion level

b. Whether the risks are of a magnitude that could result in a material misstatement
c. Likelihood that the risk could result in a material misstatement

5. Auditors perform test of controls when the risk assessment includes an exception of the
operating effectiveness of controls. The risk assessment includes such an expectation when

a. Substantive procedures alone do not provide sufficient appropriate audit evidence

b. The auditors wish to reduce the scope of substantive procedures through performance of
tests of controls

6. Test of controls include inquiries of client personnel, inspection of documents, observation of

application of controls and reperformance of controls. Test of controls address:

a. How controls are applied

b. The consistency with which controls were applied
c. By whom or by what means the controls were applied

7. Auditors are required to communicate all significant deficiencies and material weaknesses to
management.

8. The use of an IT system by a client does not change the need to establish effective internal control;
however, it does change the nature of the controls. More advanced IT features, such as online
capabilities, database storage, IT networks, and end user computing, present special control risks.
Specialized controls are needed, including passwords, validity tests, and computer logs.

9. The use of IT may affect the control system of the organization. From an organizational
standpoint, it is essential to segregate the function of programming from the function of
controlling input to the computer programs, and the function of the computer operator from the
function of those having detailed knowledge or custody of the computer programs.

10. IT controls are classified as:

a. General control activities. This apply to all IT applications

b. Application control activities. This relate only to a specific application
c. User control activities

11. To test the application control activities, the auditors will use computer-assisted audit techniques,
such as test data, integrated test facilities, controlled programs, program analysis techniques, and
tagging and tracing transactions.

12. While generalized audit software also may be used to test application controls, it is more often
used by auditors to perform substantive procedures applied to computerized records.
Generalized audit software may be used to perform such functions as testing the clerical accuracy
of records, making comparisons of related data and selecting random samples.
AUDIT SAMPLING

1. Audit sampling is applying an audit procedure to less than 100% of the items in the population to
make some conclusion about that population.

2. Auditors may use statistical or nonstatistical sampling to perform tests of controls or substantive
procedures. Statistical sampling allows the auditor to measure and control sampling risk.
Sampling risk is the risk that the auditors will make an incorrect conclusion from the sample
results because the sample is not representative of the population.

3. The major type of statistical sampling plan for tests of controls is attributes sampling, which can
provide the auditors with an estimate of the extent of the deviations from a prescribed internal
control policy or procedure.

Attributes Sampling. A sampling plan enabling the auditors to estimate the rate of deviation in a
population.

4. The two aspects of sampling risk for test of controls include the risk of assessing control risk to
high, which relates to the efficiency of the audit, and the risk of assessing control risk too low,
which is critical because it relates to the effectiveness of the audit.

5. The major factors that affect the required sample size for an attributes sample are the:

a. Risk too low

b. Tolerable deviation rate
c. Expected deviation rate in the population

6. The two aspects of sampling risk for the substantive procedure include the risk of incorrect
rejection and the risk of incorrect acceptance. The risk of incorrect acceptance is the critical risk,
because if the auditors accept a materially misstated account balance, they may issue an
inappropriate audit opinion.

Risk of incorrect rejection: The risk that sample results will indicate that a population is materially
misstated when, in fact, it is not.

Risk of incorrect acceptance: The risk that sample results will indicate that a population is not
materially misstated when, in fact, it is materially misstated.

7. When a classical variable sampling plan is used, the required size is determined by the

a. Risk of incorrect acceptance

b. Risk of incorrect rejection
c. Amount of tolerable misstatement for the account
d. Standard deviation of the items in the account

8. Classical variables sampling methods include mean-per-unit estimation, difference estimation,

and ratio estimation.

9. In evaluating the results of a classical variables sampling plan, the auditors compute an
acceptance interval; if the client’s book value falls within the interval, it is accepted as being
materially correct. Otherwise, the auditors generally must perform additional testing to
 determine whether the client’s balance is actually misstated, or the sample was not
representative.

10. Many firms use structured approaches to nonstatistical sampling for substantive procedures. Such
approaches increase the consistency of sampling decisions by various staff members within the
firms.

AUDIT OF RECEIVABLES AND REVENUE

1. The audit of receivables and revenue represents significant audit risk because

a. Many incidence of financial statement fraud have involved the overstatement of receivables
and revenue
b. Revenue recognition may be based on complex accounting rules
c. Receivables and revenues are usually subject to valuation using significant accounting
estimates

2. The revenue cycle includes the receiving of orders from customers, delivery and billing of goods
and services, and the recording and collection of accounts receivable. Effective internal control
over sales transactions is best achieved by having separate departments responsible for preparing
sales order, approving credit, shipping merchandise, billing customers, maintaining the accounts
receivable subsidiary ledger, and authorizing adjustments to sales and accounts receivable.

3. The primary objectives for the auditors’ substantive procedures for receivables and revenue are
to:

a. Substantiate the existence of receivables and the occurrence of revenue transactions

b. Establish the completeness of receivable and revenue
c. Verify the cut-off of revenue transactions
d. Determine that the client has rights to the recorded receivables
e. Establish the proper valuation of receivables and the accuracy of revenue transactions
f. Establish that the presentation and disclosure of receivables and revenue are appropriate.

4. The most time consuming and critical audit procedures for receivables and revenue are those
designed to test the assertions of existence, occurrence and valuation. Among the procedures
designed to achieve these objectives are:

a. Confirmation of accounts receivable, which is generally required in all audits.

Acknowledgments of the debt provides evidence of the existence of receivables and the
occurrences of sales, as well as the gross valuation of the amounts.
b. Adequacy of the allowance for bad debts. Since this is a management estimate, it is typically
audited but a combination of inquiry of management, analytical procedures, and inspection
of various departments.
c. Evaluation of the appropriateness of the client’s methods of revenue recognition and
procedures directed at identifying and evaluating the disclosure of related party transactions
and receivables.

AUDIT OF INVENTORIES AND COTS OF GOODS SOLD

1. The audit of inventories presents the auditors with special risks because

a. They often represent a substantial position of current assets

b. Numerous valuation methods are used for inventories
 c. Valuation of inventories directly affects cost of goods sold
d. Determination of inventory quality, condition and value is inherently complex

2. Effective internal control over inventories requires appropriate controls over purchasing,
receiving and issuing supplies and materials, producing and shipping products, and cost
accounting.

3. The auditor’s objective for the substantive procedures for inventories and cost of goods sold are
to:

a. Substantiate the existence of inventories and the occurrence of related transactions

b. Establish the completeness of recorded inventories
c. Verify the cut-off of inventory related transactions
d. Determine that the client has rights to the recorded inventories
e. Establish the proper valuation of inventories and accuracy of related transactions
f. Determine that presentation and disclosures of inventory accounts are appropriate

4. The auditor’s consideration of inherent risk and the controls over inventories, purchases, and
production will allow them to design appropriate further audit procedures for inventory and cost
of goods sold accounts.

5. In the audit of inventories, a primary concern of the auditors is existence assertion, the
possibility of overstatement of year-end balances. A substantive procedure for inventory
account is:

a. Observation of the client’s physical inventory

b. Price tests of the valuation of inventory items
c. Cut-off tests
d. Analytical procedures
e. Tests of the financial statement presentation and disclosures

AUDIT OF PROPERTY, PLAND AND EQUIPMENT

1. The financial asset caption “Property, Plant and Equipment” includes tangible assets with a useful
life of more than one year that are used in operations. In the audit of property, plant and
equipment, the auditor’s primary substantive procedure objectives are to:

a. Substantiate the existence of property, plant and equipment and the occurrence of related
transactions.
b. Establish the completeness of recorded property, plant and equipment
c. Verify the cut-off of transactions affecting property, plant and equipment
d. Determine that the client has rights to the recorded property, plant and equipment
e. Establish the property valuation or allocation of property, plant and equipment and the
accuracy of related transactions
f. Evaluate the adequacy of presentation and disclosure for property, plant and equipment

2. Key controls over property, plant and equipment should include:

a. Proper authorization of acquisitions

b. Adequate records for the various units of property
c. Periodic physical inspection of property
d. Use of serially numbered retirement work orders
3. In the audit of property, plant and equipment for a continuing client, the emphasis of the testing
is on transactions that occurred during the year, as contrasted to an emphasis on ending balances.
Depreciation expense is often tested by Recomputation or through the use of analytical
procedures.

4. The auditor’s objectives or the audit of natural resources and intangible assets are similar to those
for property, plant and equipment. Often in auditing the depletion of natural resources, the
auditor must rely upon specialist to estimate the quantity and quality of the resource. The audit
of intangible assets typically involves vouching the cost of the assets and evaluating and testing
the allocation methods used by the client.

Specialist: A person or firm possessing special skill or knowledge in a field other than accounting
or auditing. For ex: actuary

5. In some audits, a substantial risk with respect to property, plant and equipment and intangible
assets is the risk of unrecognized impairment.

AUDIT OF DEBT and EQUITY CAPITAL

1. The financing cycle involves those activities of the company that are designed to obtain capital
funds. It typically involves the issuance and repayment of debt and equity, as well as payment of
interest and dividends. A primary concern for both of these types of transaction is proper
authorization by the appropriate official in the company.

2. Control over the issuance of bonds by a company is enhanced when an independent trustee
represents the interest of the bondholders. The responsibilities of the trustee include monitoring
the company’s compliance with the requirements of the bond agreement and processing the
payment of interest and principal to individual bondholders.

3. Capital stock transactions are best controlled by employing a registrar/transfer agent who
monitors the issuance of the company’s stock and handles transfer of shares between investors.
In smaller companies, capital stock is controlled through the maintenance of a stock certificate
book and a stockholder’s ledger.

4. After the auditors obtain an understanding of the client and its environment, including internal
control over the financing cycle, they will often perform only limited tests of controls because of
the limited number of transactions typically involved. In audits of nonpublic companies, it is
usually more efficient to assess control risk at a high level and perform detailed substantive
procedures for transactions. Internal controls must be tested in an integrated audit of a public
company.

5. In the audit of debt, the auditor’s primary substantive procedures will include:

a. Vouching selected transactions occurring during the period

b. Examining debt agreements
c. Confirming balances and terms
d. Evaluating compliance with restrictive covenants

6. The auditor’s primary substantive procedures for equity transactions will typically include:

a. Vouching the major equity transactions during the period

b. Confirming the number of shares outstanding with the registrar, and
 c. Evaluating the company’s compliance with stock option plan requirements and other
restricting agreements

AUDIT OF ACCOUNTS PAYABLE AND OTHER LIABILITIES

1. Accounts payable are short-term obligations arising from the purchase of goods and services in
the ordinary course of business.

2. The purchases cycle includes initiating and authorizing purchases, ordering goods and services,
and recording and paying accounts payable. Effective internal control over purchase transaction
is best achieved by having separate departments responsible for purchasing, receiving and
accounting for the transaction. Payments are made only for those purchases that are properly
authorized and received.

3. The auditor’s principal objectives for the substantive procedures for accounts payable and
purchases are to

a. Substantiate the existence of recorded accounts payable and the occurrence of purchase
transactions
b. Establish the completeness of accounts payable and purchase transactions
c. Determine that the client has obligations to pay the recorded accounts payable
d. Verify the cut-off of purchase transactions
e. Determine the appropriate valuation and accuracy of accounts payable
f. Determine that the presentation and disclosure of accounts payable and purchases are
appropriate

4. In auditing accounts payable and other liabilities, it is important for the auditors to remember
that an understatement of liabilities will exaggerate the financial strength of a company in the
same way as an overstatement of assets. The auditor’s substantive procedures focus on the
objective of determining the completeness of recorded amounts. A number of these procedures
involve inspecting documents related to transactions occurring during the subsequent period to
determine whether these items should have been recorded as liabilities at year-end.

5. Accrued liabilities represent obligations payable for services received before the balance sheet
date that will be paid in the subsequent period.

AUDIT OF CASH

1. Since cash generally has a high degree of inherent risk, more audit time is devoted to the audit of
the account than is indicated by its peso amount.

2. Internal control over cash receipts should provide assurance that all cash received is recorded
promptly and accurately. Control over cash sales is strongest when two or more employees
participate in each transaction, or when a cash register or a point of sale system controls
collections. When cash receipts consists of checks received through the mail. The receipts should
be listed and controlled by personnel who do not maintain cash or accounts receivable records.
The control listing should be reconciled to the entries in the cash receipts journal and deposit
records from the banks.

3. Internal control over cash disbursements is best achieved when all payments are made by check
or well-controlled electronic funds transfers, except for payment of minor items from petty cash
funds. Separation of the functions of preparing the payments and signing the checks tends to
prevent errors and fraud in cash disbursements.
 4. A primary substantive procedure for cash is confirmation of the balances of the company’s
accounts with banks. The principal objectives of the substantive procedures for cash are to:

a. Substantiate the existence of recorded cash and the occurrence of cash transactions
b. Determine the accuracy of cash transactions
c. Establish the completeness of recorded cash
d. Verify the cut-off of cash transactions
e. Determine that the client has rights to recorded cash
f. Evaluate the adequacy of the presentation and disclosure of the cash accounts

AUDIT OF INVESTMENTS

1. The high value and liquid nature of many financial investments make the separation of the
authorization, custody and record keeping functions especially important. Securities should be
registered in the name of the company; complete, detailed records of securities should be
maintained; and securities should be physically inspected periodically.

2. Auditors often vouch investment transactions during the year and inspect securities on hand at
year-end. The liquid nature of many investments in securities makes cut-off tests important. The
auditor may use the work of a specialist, such as security appraiser.

COMPLETE THE AUDIT

1. Substantive procedures for payroll accounts address the overall reasonableness of payroll costs
and the proper allocation of these costs to the functional areas of manufacturing, selling and
administration. Tests must be performed on the allocation of manufacturing costs to work in
process, finished goods and cost of goods sold.

2. Certain audit procedures cannot be completed before the end of audit. These procedures include

a. Search for unrecorded liabilities

b. Review the minutes of meeting
c. Perform final analytical procedures
d. Perform procedures to identify loss contingencies
e. Perform the review for subsequent events
f. Obtain representation letter

3. The auditors must perform audit procedures to determine the loss contingencies have been
properly presented and disclosed. To identify loss contingencies, auditors must perform various
procedures such as:

a. Reviewing minutes of meetings

b. Inquiring of the client’s lawyers
c. Reviewing correspondences with banks and regulatory agencies
d. Sending confirmations to banks
e. Obtaining representation letters

Representation Letter: A letter prepared by the officers of the client at the auditor’s request
showing client’s representations about the client’s financial position and operations.
 4. Subsequent events may be classified into:

a. Those providing additional evidence about facts existing on or before the balance sheet date
(which may require adjusting entries).
b. Those involving facts coming into existence after the balance sheet date (which may require
disclosure).

Subsequent events: An event occurring after the balance sheet but prior to completion of the
audit and the issuance of the audit report.

5. Also important to completing the audits are the procedures performed to evaluate audit findings
and review the audit work. In evaluating audit findings, the auditors accumulate known
misstatements, projected misstatements, and other estimated misstatements to determine if
the aggregate results of their procedures support the fairness of the financial statements.
Auditors should consider whether any audit results indicate a need to reassess the risks of
material misstatement of the financial statements.

6. Auditors also have certain post-audit responsibilities. When auditors find, subsequent to the
issuance of their audit report, that the financial statements are materially misleading, they
should take steps to prevent continued reliance on their report.

AUDITOR’S REPORTS

1. The auditor’s report should be viewed as a very carefully structured technical communication.
The auditor’s standard unqualified report includes:

a. Introductory paragraph clarifying the responsibilities of management and the auditors;

b. Scope paragraph describing the nature of audit
c. Opinion paragraph summarizing the auditor’s opinion based on the audit

2. The auditors’ options when expressing an opinion are

a. Standard unqualified opinion

b. Unqualified opinion with explanatory language
c. Qualified opinion
d. Adverse opinion
e. Disclaimer of opinion

Unqualified Opinion: An opinion that the financial statements fairly present financial
position, results of operations, and cash flows, in conformity with GAAP.

Qualified Opinion: A modification of the auditor’s standard report, employing a clause such
as except for to limit the auditor’s opinion on the financial statements. A qualified opinion
indicates that, except for the effects of some limitation on the scope of the audit or some
departure from GAAP, the financial statements are fairly presented.

Adverse Opinion: An opinion that the financial statements do not fairly present financial
position, results of operations, and cash flows, in conformity with GAAP.

Disclaimer of Opinion: A form report in which the auditors state that they do not express an
opinion on the financial statement.
 3. When a client presents comparative financial statements for one or more prior periods with the
current-period financial statements, the auditors should make certain that all periods are
covered by an audit report. Audit reports on prior periods should be updated based on any new
information that might affect the auditor’s opinion. When predecessor auditors have audited the
prior-period financial statements, the current auditors may summarize the predecessor auditors’
opinion in the current-year audit report, or the client may arrange to have the predecessor
auditors reissue their audit report.

ASSURANCE SERVICES: HISTORICAL FINANCIAL INFORMATION

1. Special reports by auditors refer to those on

a. Financial statements prepared in accordance with some other comprehensive basis of accounting
b. Specified elements, accounts or items of financial statements
c. Compliance with contractual or regulatory requirements
d. Special-purpose financial presentations
e. Financial information presented in prescribed forms

2. There are several major differences between personal financial statements and those of other types
of organization. For example, assets and liabilities on personal financial statements are presented at
their estimated current values and amounts. Accountants may audit, review or compile personal
financial statements.

3. Public companies must engage CPAs to review the company’s interim financial statements. If they
are also engaged to issue a report, it will provide limited assurance that the financial statements
contain no material departures from GAAP. The procedures performed in a review engagement
consists primarily of:

a. Performing analytical procedures

b. Making inquiries of management and others
c. Obtain an understanding of the client’s business and internal controls
d. Reviewing minutes
e. Obtain written representation from management. The accountants will adjust the specific
procedures based on their knowledge of the client’s internal control and business

4. Non-public companies may engage CPAs to review their annual or interim financial statement. The
procedures involved are similar to those for the review of a public company, although the accountants
are not required to obtain an understanding of internal control of a non-public company and the
professional guidance provided is more general in nature.

5. Letter for underwriters (comfort letters) provide assurance about various information contained in
registration statements used for the sale of securities. They are designed to help the underwriters
establish their due diligence requirements in investigating the fairness of the registration statement.

6. When compiled financial statements are not expected to be used by a third party, either a compilation
report may be issued or an understanding with the client may be documented through use of an
engagement letter. When third-party reliance is anticipated, the accountants must issue a report that
provides no explicit assurance. CPAs who are not independent may perform compilations.

Compilation: An accounting service that involves the preparation of information from client
records. No assurance is provided in a compilation.