Management Assertions • Existence or Occurrence--Assets, liabilities, and equity interests exist and recorded transactions & events have occurred. • Completeness--All assets, liabilities, and equity interests and transactions, that should have been recorded have been recorded. • Rights and Obligations--The client holds rights to the assets and liabilities are the obligations of the client. • Valuation, Allocation & Accuracy—All transactions, assets, liabilities, equity interests, revenues, and expenses are presented at proper amounts (determined in accordance with GAAP). • Presentation and Disclosure--Accounts are described and classified in the F.S. in accordance with GAAP, and all F.S. disclosures are complete, appropriate & clearly expressed.
Remember PERCV P = Presentation & Disclosure E = Existence R = Rights (& Obligation) C = Completeness V = Valuation (including allocation & accuracy)
Generic Definition of Risk The Probability that Something Bad will Happen. 5
Why Do We Perform Risk Assessments? • So We Can Adequately Plan the Audit. Which Means: • Nature, Timing and Extent of Audit Tests 6
Audit Risk Formula AR = IR * CR * DR AR= Risk or probability that the client’s F.S. are materially misstated, but our audit report opinion was not appropriately modified because we did not find/report the misstatement.
Setting Audit Risk (AR) What Determines Acceptable AR? • CPA Firm - Risk of Being Sued, Weighted for Potential Dollars. • Gov’t Auditor - Materiality and Sensitivity, Importance to Customer, Last Chance to Evaluate. 8
Risk of Material Misstatement Occurring Risk that the Auditors Fail to Find the Misstatement * Inherent Risk Control Risk Detection Risk = * * Audit Risk Audit Risk Inherent Risk - Risk of a material misstatement occurring in an assertion assuming no related internal controls. Control Risk- Risk that a material misstatement in an assertion will not be prevented or detected on a timely basis by the company’s internal controls. Detection Risk - Risk that the auditors’ procedures will lead them to conclude that a material misstatement does not exist in an assertion when in fact such misstatement does exist.
IR = Mistakes & Fraud (Transaction Misstatements) Audit Risk in Action 10
Inherent Risk Categories • Nature of the client & its environment • Nature of the particular financial statement element 11
Nature of Client & Its Environment • Financial Problems/ Inconsistent Profitability • Results Highly Sensitive to Economic Factors • Controlled by Few • Excessive Top Management Concern for Financial Performance • Past Audit Results • High Employee Turnover • High Competition • Higher Fraud Risk Factors Exists (SAS 99). 12
F.S. Element • Difficult to Audit/Value Transactions • Complex Computation • Complex Accounting Principles • Significant Judgment Needed - Accounting Estimates • Valuations that vary significantly based on economic factors Common Thread: Prone to mistakes or manipulation. 13
IR = Mistakes & Fraud (Transaction Misstatements) Internal Controls CR = Misstatements Not Prevented or Detected Client-Provided F.S. (with misstatements) Audit Risk in Action 14
IR = Mistakes & Fraud (Transaction Misstatements) Internal Controls CR = Misstatements Not Prevented or Detected Client-Provided F.S. (with misstatements) Audit Planning & Tests DR=Misstatements Auditor Missed AR = Misstatements in the Audited F.S. Audit Risk in Action 15
Higher IR (More mistakes & fraud) Less effective internal controls Higher CR so fewer misstatements prevented or detected Client-Provided F.S. (with more misstatements not caught by less effective controls) Audit Planning & Tests must be more & better since more to find Audited F.S. High IR & CR-What Does it Mean? 16
GAAS on Audit Evidence AICPA Underlying Principles: To obtain reasonable assurance, the auditor: . . . • Obtains sufficient & appropriate audit evidence. PCAOB 3rd Standard of Field Work: The auditor must obtain sufficientappropriate audit evidence by performing audit procedures to afford a reasonable basis for an opinion regarding the financial statements under audit.
Appropriate Evidential Matter • To be Appropriate evidence must be both: • Relevant (to the specific audit objective) • Reliable (Dependent on circumstances in which obtained) • General Principles About Evidence Reliability: • Independent sources have greater reliability than those within the client organization. • Strong internal control increases reliability of evidence created within the client organization. • Directly obtained evidence is more reliable than evidence obtained second hand. • Documentary better than Oral; Originals better than Copies.
Major Types of Evidence • Physical evidence • Documentary evidence • Documentary evidence created outside the client organization and transmitted directly to the auditors • Documentary evidence created outside the client organization and held by the client • Documentary evidence created and held within the client organization • Oral evidence • Accounting records • Analytical procedures • Reperformance and other computations • Evidence provided by specialists • Management representation & inquiry response letters
Reliability of Certain Types of Audit Evidence RELIABILITY TYPE EXAMPLE High Physical Inventory Observation Documentary External Cutoff Bank Statement External/Internal Purchase Invoice Internal Sales Invoice Low Client Representations Management Representation Letter Oral Representation
Evidence Summary • Appropriate (Quality) & Sufficiency (Quantity) are Inversely Related. • One Item of Very Reliable Evidence, May Also Be Sufficient for a Particular Assertion & A/C. • To Be Appropriate, Evidence Must Be BothRelevant to the Audit Objective (i.e., Assertion Being Tested) and Reliable. • Increased Materiality Increases the Need for More and/or More Appropriate (Better) Evidence. • Increased IR or CR Increases Need for More or Better Evidence (to Reduce DR) and vice versa.
Categories of Audit Procedures Risk Assessment Procedures To obtain an understanding of the client and its environment, including its internal control, to assess the risks of material misstatement Further Audit Procedures Tests of Controls When appropriate, to test operating effectiveness of controls in preventing/detecting material misstatements Substantive Tests To detect material misstatements at relevant assertion level. Substantive procedures include (a) analytical procedures & (b) tests of details of account balances, transactions and disclosures
Physical Examination Confirmation Comparison Tracing Vouching Reperformance Observation Inspection Reconciliation Inquiry Analytical Procedures Types of Audit Procedures • Tracing - Following a transaction through and in the same direction as the accounting cycle - from source documents to journals to ledgers to F.S. to see if recorded/reported (completeness). • Vouching - The opposite - Taking an item on the F.S. or a recorded item and following it back to source documents - to test its Validity (existence).
Analytical Procedures • Various analyses of F.S. info with financial and non-financial data to Identify things outside of expectations. • SAS 56 says we do for: • Planning what to test • Substantive test of transactions or balances • Final Wrap-up - Look at Audit Adjusted F.S. Numbers 1 & 3 are mandatory on all F.S. audits
Basic Approaches to Auditing Accounting Estimates • Review and test management’s process for developing the estimate. (Consider risk of unreasonable/unrealistic amounts or assumptions and inadequacy of disclosures.) • Independently develop an estimate to compare to management’s estimate. • Review subsequent events or transactions bearing on the estimate.
Auditing Fair Values(Estimates) Inputs for Applying Valuation Techniques (FAS 157) Level 1 – Observable quoted prices in active markets for identical assets or liabilities Example: A closing stock price in WSJ Level 2 – Observable quoted prices, generally for similar assets or liabilities in active markets Example: Company discounts future cash flows on its not publicly traded debt securities at rate used by market for publicly traded debt securities. Level 3 – Unobservable for the assets or liabilities Example: A private company uses judgment to determine a proper rate to discount the future cash flows of its not publicly traded securities.
Related Party Transactions Client Must: • Disclose as to nature, relationship and amounts in F.S.(FAS 57) Auditor Must: • Assess form versus substance • Ask for support • Look to Subsequent Events to determine substance • Ensure adequate disclosure
Identifying Related Parties • Ask Client and Last Year’s Audit W/Ps • Stockholder, Executive & Director Lists • SEC Filings • Names of Major Investments • Pension or Trust Fund names • Note Transactions With Unusual Terms • Make List Early for Audit Team and Update Throughout the Audit
What is Audit Documentation? A record of the audit procedures performed, relevant audit evidence obtained, and the conclusions the auditors reached and it provides principal support for: • Auditors’ opinion expressed on the financial information (statements). and • Representation that the auditors performed the audit in accordance with generally accepted auditing standards (GAAS)
Other Functions ofAudit Documentation • Assists both continuing audit team members and auditors new to the engagement in planning and performing and coordinating the audit; as such it also serves as a record of matters of continuing significance for future audits. • Assists audit team members responsible for supervision in reviewing the quality of the work performed. • Demonstrates the accountability of the various audit team members for the work performed. • Assists (1) internal firm quality control reviewers, (2) inspection (e.g., PCAOB) or peer review individuals, and (3) successor auditors with performing their roles.
Sufficiency of Audit Documentation Audit documentation should be sufficient to: • Enable an experienced auditor, having no previous connection to the audit, to clearly understand the work performed, the audit evidence obtained and its source, and the conclusions reached. • Identify who performed and reviewed the work + when. • Show that the accounting records agree or reconcile to the financial statements. • Include all significant audit findings & issues and actions taken to address them. • Document discussion of significant issues with management timely, including when and with whom. • Identify audit evidence which is contradictory or inconsistent with final conclusions and how addressed.
Audit DocumentationOther Requirements • Must be assembled to form the final engagement file within 60 days following report release (45 days per PCAOB). • Cannotdelete or discard any audit documentation after this file completion. • Must appropriately document any subsequent additions to audit documentation. • Minimum retention period: 5 years ( 7 years per PCAOB and State of California).
Types of Working Papers Administrative Working Trial Balance Lead Schedules and AJEs • Supporting Schedules • A/C Analysis • Reconciliations • Computational • Corroborating Documents
Types of Working Paper Files • Permanent files • Current files
Factors that May Affect the Quantity, Type and Content of Working Papers • Nature of the engagement • Nature of the audit report • Nature of the financial statements, schedules, or other information on which the auditors are reporting • Nature and condition of the client’s records • Assessed level of control risk • Need for supervision and review of the work • Documenting Audit Team Differences
Examination of General Records • Nonfinancial records • Articles of incorporation or partnership agreement • Minutes of Board of Director Meetings • Contracts • Regulations • Correspondence • Financial records • Income tax returns of prior years • Financial statements of prior years • SEC filings • Accounting records • General ledger • General journal