Auditing A Practical Approach with Data Analytics, 2e Raymond Johnson, Laura Wiley.pdf
ebooksonline2004
120 views
46 slides
Sep 25, 2024
Slide 1 of 46
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
About This Presentation
"Auditing: A Practical Approach with Data Analytics" by Raymond Johnson and Laura Wiley, in its 2nd edition, focuses on integrating data analytics into the auditing process. This textbook is designed to equip students and professionals with the skills to apply analytical techniques to enha...
Slide Content
Cover Design: Wiley
Cover Image: © Lidiia Moor / Getty Images
www.wiley.com
AUDITING
A PRACTICAL APPROACH WITH DATA ANALYTICS
Wiley Loose-Leaf Print Edition
JOHNSON | WILEY
MORONEY | CAMPBELL | HAMILTON
2ND EDITIONGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Cover Image: © Lidiia Moor / Getty Images
www.wiley.com
AUDITING
A PRACTICAL APPROACH WITH DATA ANALYTICS
Wiley Loose-Leaf Print Edition
JOHNSON | WILEY
MORONEY | CAMPBELL | HAMILTON
2ND EDITIONGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Auditing
A Practical Approach with Data Analytics
Second Edition
RAYMOND N. JOHNSON Ph D, CPA
Portland State University
Portland, Oregon
LAURA D. WILEY Ph D, CPA
Louisiana State University
Baton Rouge, Louisiana
Adapted from Robyn Moroney, Fiona Campbell,
and Jane Hamilton,
Auditing: A Practical Approach (Wiley)
Johnson_FM.indd 1 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
A Practical Approach with Data Analytics
Second Edition
RAYMOND N. JOHNSON Ph D, CPA
Portland State University
Portland, Oregon
LAURA D. WILEY Ph D, CPA
Louisiana State University
Baton Rouge, Louisiana
Adapted from Robyn Moroney, Fiona Campbell,
and Jane Hamilton,
Auditing: A Practical Approach (Wiley)
Johnson_FM.indd 1 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
DEDICATION
This book would not be what it is today without the
unconditional support and thoughtful input and suggestions from
our spouses, Marilyn Johnson and Joe Wiley.
VICE PRESIDENT, EDITORIAL PRODUCT MANAGEMENT
Michael McDonald
ASSOCIATE EDITORIAL DIRECTOR Zoe Craig
ACQUISITIONS EDITOR Veronica Schram
SENIOR MANAGER, COURSE DEVELOPMENT
AND PRODUCTION Ed Brislin
MARKETING MANAGER Christina Koop
EDITORIAL SUPERVISOR Terry Ann Tatro
EDITORIAL ASSISTANT Natalie Munoz
SENIOR COURSE PRODUCTION OPERATIONS SPECIALIST Nicole Repasky
SENIOR DESIGNER Wendy Lai
COVER IMAGE © Lidiia Moor/Getty
Images
This book was set in Source Sans Pro-Regular 9.5/12.5 by Lumina Datamatics.
Founded in 1807, John Wiley & Sons, Inc. has been a valued source of knowledge and understand-
ing for more than 200 years, helping people around the world meet their needs and fulfill their
aspirations. Our company is built on a foundation of principles that include responsibility to the
communities we serve and where we live and work. In 2008, we launched a Corporate Citizenship
Initiative, a global effort to address the environmental, social, economic, and ethical challenges we
face in our business. Among the issues we are addressing are carbon impact, paper specifications
and procurement, ethical conduct
within our business and among our vendors, and community and
charitable support. For more information, please visit our website: www.wiley.com/go/citizenship.
Copyright © 2022 John Wiley & Sons, Inc. All rights reserved. No part of this publication may be
reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic,
mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections
107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of
the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright
Clearance Center, Inc. 222 Rosewood Drive, Danvers, MA 01923, website www.copyright.com.
Requests to the Publisher for permission should be addressed to the Permissions Department, John
Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030-5774, (201)748-6011, fax (201)748-6008,
website http://www.wiley.com/go/permissions.
ISBN-13: 978-1-119-78608-5
The inside back cover will contain printing identification and country of origin if omitted from this
page. In addition, if the ISBN on the back cover differs from the ISBN on this page, the one on the
back cover is correct.
Printed in the United States of America.
10 9 8 7 6 5 4 3 2 1
Johnson_FM.indd 2 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
This book would not be what it is today without the
unconditional support and thoughtful input and suggestions from
our spouses, Marilyn Johnson and Joe Wiley.
VICE PRESIDENT, EDITORIAL PRODUCT MANAGEMENT
Michael McDonald
ASSOCIATE EDITORIAL DIRECTOR Zoe Craig
ACQUISITIONS EDITOR Veronica Schram
SENIOR MANAGER, COURSE DEVELOPMENT
AND PRODUCTION Ed Brislin
MARKETING MANAGER Christina Koop
EDITORIAL SUPERVISOR Terry Ann Tatro
EDITORIAL ASSISTANT Natalie Munoz
SENIOR COURSE PRODUCTION OPERATIONS SPECIALIST Nicole Repasky
SENIOR DESIGNER Wendy Lai
COVER IMAGE © Lidiia Moor/Getty
Images
This book was set in Source Sans Pro-Regular 9.5/12.5 by Lumina Datamatics.
Founded in 1807, John Wiley & Sons, Inc. has been a valued source of knowledge and understand-
ing for more than 200 years, helping people around the world meet their needs and fulfill their
aspirations. Our company is built on a foundation of principles that include responsibility to the
communities we serve and where we live and work. In 2008, we launched a Corporate Citizenship
Initiative, a global effort to address the environmental, social, economic, and ethical challenges we
face in our business. Among the issues we are addressing are carbon impact, paper specifications
and procurement, ethical conduct
within our business and among our vendors, and community and
charitable support. For more information, please visit our website: www.wiley.com/go/citizenship.
Copyright © 2022 John Wiley & Sons, Inc. All rights reserved. No part of this publication may be
reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic,
mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections
107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of
the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright
Clearance Center, Inc. 222 Rosewood Drive, Danvers, MA 01923, website www.copyright.com.
Requests to the Publisher for permission should be addressed to the Permissions Department, John
Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030-5774, (201)748-6011, fax (201)748-6008,
website http://www.wiley.com/go/permissions.
ISBN-13: 978-1-119-78608-5
The inside back cover will contain printing identification and country of origin if omitted from this
page. In addition, if the ISBN on the back cover differs from the ISBN on this page, the one on the
back cover is correct.
Printed in the United States of America.
10 9 8 7 6 5 4 3 2 1
Johnson_FM.indd 2 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Brief Contents
1 Introduction and Overview of Audit and Assurance 1-1
2 Professionalism and Professional Responsibilities 2-1
3 Risk Assessment Part I: Audit Risk and Audit Strategy 3-1
4 Risk Assessment Part II: Understanding the Client 4-1
5 Audit Evidence 5-1
6 Gaining an Understanding of the Client’s System of Internal
Control 6-1
7 Risk Response: Performing Tests of Controls 7-1
8 Audit Data Analytics 8-1
9 Risk Response: Performing Substantive Procedures 9-1
10 Risk Response: Audit Sampling for Substantive Procedures 10-1
11 Auditing the Revenue Process 11-1
12 Auditing the Purchasing and Payroll Processes 12-1
13 Auditing Cash, Inventory, and Related Income Statement Accounts
13-1
14 Auditing Investing and Financing Activities 14-1
15 Completing the Audit 15-1
16 Reporting on the Audit 16-1
APPENDIX A Cloud 9 Inc. Audit A-1
AUDITING AND ASSURANCE STANDARDS AS-1
GLOSSARY G-1
INDEX I-1
iii
Johnson_FM.indd 3 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1 Introduction and Overview of Audit and Assurance 1-1
2 Professionalism and Professional Responsibilities 2-1
3 Risk Assessment Part I: Audit Risk and Audit Strategy 3-1
4 Risk Assessment Part II: Understanding the Client 4-1
5 Audit Evidence 5-1
6 Gaining an Understanding of the Client’s System of Internal
Control 6-1
7 Risk Response: Performing Tests of Controls 7-1
8 Audit Data Analytics 8-1
9 Risk Response: Performing Substantive Procedures 9-1
10 Risk Response: Audit Sampling for Substantive Procedures 10-1
11 Auditing the Revenue Process 11-1
12 Auditing the Purchasing and Payroll Processes 12-1
13 Auditing Cash, Inventory, and Related Income Statement Accounts
13-1
14 Auditing Investing and Financing Activities 14-1
15 Completing the Audit 15-1
16 Reporting on the Audit 16-1
APPENDIX A Cloud 9 Inc. Audit A-1
AUDITING AND ASSURANCE STANDARDS AS-1
GLOSSARY G-1
INDEX I-1
iii
Johnson_FM.indd 3 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
From the Authors
Being an auditor is being a trusted professional. Auditing is about developing an inquisitive
mind and mastering decision-making. It is also about adapting to change and pivoting when
unexpected situations occur. With companies evolving more rapidly than ever, auditors must
think critically, act ethically, communicate clearly, and embrace new technologies.
To help you develop these skills, we have taken a very practical approach in this second
edition:
• Written the text in a conversational style and incorporated more headings and bulleted/numbered lists to streamline the content.
•
Created a five-step audit decision-making framework to assist you
with developing your critical thinking skills.
• Added information about biases in decision-making.
• Included new infographics to increase your understanding of key
topics.
• Updated content for recent changes in auditing standards and new
CPA exam content to provide you with the most up-to-date content.
In the area of technology, auditors and their clients are incorporating more technology
than ever before. You should not be concerned about mastering any specific technology or
software at this time, but you should be knowledgeable about how auditors are incorporating
various technologies, and you should be technologically nimble and willing to experiment
with using technology to analyze client data. To help you do this, we have:
•
Included a separate chapter on audit data analytics (ADA) and integrated the use of ADA into many chapters.
•
Offered IDEA-based cases, Tableau exercises, and Excel exercises in Wiley Course Re-
sources.
• Added discussions about clients’ digital mindset, automated tools for performing audit procedures, artificial intelligence and machine learning, and cybersecurity.
The accounting and auditing skills you build in this course will serve you for the rest of
your life as you develop independence of thought and action. If you keep asking questions, continue to explore the application of new technologies, and stay true to the importance of integrity and independent thought and actions that will earn the public trust, you should have a rich and rewarding career.
We are excited and honored to lead you on this “auditing” journey. We hope you dive
into the material and explore the resources provided in this text and Wiley Course Resources. Above all else, we wish you great success in your auditing course and your career!
Raymond N. Johnson, PhD, CPA
Laura D. Wiley, PhD, CPA
iv
Auditing is about developing an inquisitive
mind and mastering decision-making. With
companies evolving more rapidly than ever, au-
ditors must think critically, act ethically, com-
municate clearly, and embrace new technolo-
gies. To help you develop these skills, we have
taken a very practical approach in this text.
Johnson_FM.indd 4 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Being an auditor is being a trusted professional. Auditing is about developing an inquisitive
mind and mastering decision-making. It is also about adapting to change and pivoting when
unexpected situations occur. With companies evolving more rapidly than ever, auditors must
think critically, act ethically, communicate clearly, and embrace new technologies.
To help you develop these skills, we have taken a very practical approach in this second
edition:
• Written the text in a conversational style and incorporated more headings and bulleted/numbered lists to streamline the content.
•
Created a five-step audit decision-making framework to assist you
with developing your critical thinking skills.
• Added information about biases in decision-making.
• Included new infographics to increase your understanding of key
topics.
• Updated content for recent changes in auditing standards and new
CPA exam content to provide you with the most up-to-date content.
In the area of technology, auditors and their clients are incorporating more technology
than ever before. You should not be concerned about mastering any specific technology or
software at this time, but you should be knowledgeable about how auditors are incorporating
various technologies, and you should be technologically nimble and willing to experiment
with using technology to analyze client data. To help you do this, we have:
•
Included a separate chapter on audit data analytics (ADA) and integrated the use of ADA into many chapters.
•
Offered IDEA-based cases, Tableau exercises, and Excel exercises in Wiley Course Re-
sources.
• Added discussions about clients’ digital mindset, automated tools for performing audit procedures, artificial intelligence and machine learning, and cybersecurity.
The accounting and auditing skills you build in this course will serve you for the rest of
your life as you develop independence of thought and action. If you keep asking questions, continue to explore the application of new technologies, and stay true to the importance of integrity and independent thought and actions that will earn the public trust, you should have a rich and rewarding career.
We are excited and honored to lead you on this “auditing” journey. We hope you dive
into the material and explore the resources provided in this text and Wiley Course Resources. Above all else, we wish you great success in your auditing course and your career!
Raymond N. Johnson, PhD, CPA
Laura D. Wiley, PhD, CPA
iv
Auditing is about developing an inquisitive
mind and mastering decision-making. With
companies evolving more rapidly than ever, au-
ditors must think critically, act ethically, com-
municate clearly, and embrace new technolo-
gies. To help you develop these skills, we have
taken a very practical approach in this text.
Johnson_FM.indd 4 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
About the Authors
Raymond N. Johnson
Raymond N. Johnson, PhD, CPA, has taught auditing con-
cepts and practices, financial statement analysis, and a case
course focused on developing students’ critical-thinking skills
at Portland State University for 35 years. He was the first re-
cipient of Harry C. Visse Excellence in Teaching Fellowship
and is currently a professor emeritus from Portland State
University. He has also taught auditing and accounting at
Bond University, The University of Queensland, the Aus-
tralian National University, and Southampton University.
Dr. Johnson is a past Chair of the International Accounting
Education Standards Board’s Consultative Advisory Group.
Previously, he served on the NASBA board of directors for
seven years, and he previously chaired NASBA’s Education
Committee and the NASBA Ethics Committee. He also served
on an AACSB Task Force that was responsible for the most
recent update to AACSB Accounting Accreditation rules.
Dr. Johnson served a three-year term on the AICPA Profession-
al Ethics Executive Committee, which sets ethical standards for
CPAs in the United States. He is a former member of NASBA’s
Standard Setting Advisory Committee and served for seven
years on the NASBA/AICPA International Qualifications
Appraisal Board. Previously, Dr. Johnson served on the Oregon
Board of Accountancy for seven years and was Chair of the
Board for two years. Dr. Johnson is a past president of the Oregon
Society of CPAs. He has previously served as staff to the U.S.
Auditing Standards Board, has written numerous academic
and professional articles, and has made numerous presenta-
tions at professional meetings.
Laura D. Wiley
Laura Wiley, PhD, CPA, is the Assistant Department Chair
and senior instructor in the Department of Accounting
at the E. J. Ourso College of Business, Louisiana State
University (LSU). She came to LSU in 1996 and teaches
financial accounting and auditing courses. She also leads
a study-abroad excursion in the Master of Accountancy
program, taking students on educational business trips to
Central and South American countries. Dr. Wiley is active
in the Society of Louisiana CPAs (LCPA) and has served as
the chair of the Accounting Education Issues committee
since 2014. She received the LSU Tiger Athletic Founda-
tion Outstanding Instructor Award in 2019 and the LCPA’s
Distinguished Achievement in Education award in 2015.
Dr. Wiley has consulted with large and small companies on
accounting-related matters and conducted onsite training
sessions for company employees. Over her career, she has
also been a presenter at numerous CPE events and published
in the Journal of Accounting Education. Prior to coming to
LSU, she was an auditor with PricewaterhouseCoopers in
Atlanta, Georgia. She earned her bachelor’s degree in ac-
counting from The University of Alabama, her master’s de-
gree in accounting from LSU, and her doctorate in human
resource education and workforce development from LSU.
Her research interests are accounting education and finan-
cial literacy. She is an active licensed CPA in the state of
Louisiana.
v
©The National Association of State Boards of
Accountancy
©The National Association of State
Boards of Accountancy
©Aaron Hogan, Eye Wander Photo
©Aaron Hogan, Eye Wa nder Photo
Johnson_FM.indd 5 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Raymond N. Johnson
Raymond N. Johnson, PhD, CPA, has taught auditing con-
cepts and practices, financial statement analysis, and a case
course focused on developing students’ critical-thinking skills
at Portland State University for 35 years. He was the first re-
cipient of Harry C. Visse Excellence in Teaching Fellowship
and is currently a professor emeritus from Portland State
University. He has also taught auditing and accounting at
Bond University, The University of Queensland, the Aus-
tralian National University, and Southampton University.
Dr. Johnson is a past Chair of the International Accounting
Education Standards Board’s Consultative Advisory Group.
Previously, he served on the NASBA board of directors for
seven years, and he previously chaired NASBA’s Education
Committee and the NASBA Ethics Committee. He also served
on an AACSB Task Force that was responsible for the most
recent update to AACSB Accounting Accreditation rules.
Dr. Johnson served a three-year term on the AICPA Profession-
al Ethics Executive Committee, which sets ethical standards for
CPAs in the United States. He is a former member of NASBA’s
Standard Setting Advisory Committee and served for seven
years on the NASBA/AICPA International Qualifications
Appraisal Board. Previously, Dr. Johnson served on the Oregon
Board of Accountancy for seven years and was Chair of the
Board for two years. Dr. Johnson is a past president of the Oregon
Society of CPAs. He has previously served as staff to the U.S.
Auditing Standards Board, has written numerous academic
and professional articles, and has made numerous presenta-
tions at professional meetings.
Laura D. Wiley
Laura Wiley, PhD, CPA, is the Assistant Department Chair
and senior instructor in the Department of Accounting
at the E. J. Ourso College of Business, Louisiana State
University (LSU). She came to LSU in 1996 and teaches
financial accounting and auditing courses. She also leads
a study-abroad excursion in the Master of Accountancy
program, taking students on educational business trips to
Central and South American countries. Dr. Wiley is active
in the Society of Louisiana CPAs (LCPA) and has served as
the chair of the Accounting Education Issues committee
since 2014. She received the LSU Tiger Athletic Founda-
tion Outstanding Instructor Award in 2019 and the LCPA’s
Distinguished Achievement in Education award in 2015.
Dr. Wiley has consulted with large and small companies on
accounting-related matters and conducted onsite training
sessions for company employees. Over her career, she has
also been a presenter at numerous CPE events and published
in the Journal of Accounting Education. Prior to coming to
LSU, she was an auditor with PricewaterhouseCoopers in
Atlanta, Georgia. She earned her bachelor’s degree in ac-
counting from The University of Alabama, her master’s de-
gree in accounting from LSU, and her doctorate in human
resource education and workforce development from LSU.
Her research interests are accounting education and finan-
cial literacy. She is an active licensed CPA in the state of
Louisiana.
v
©The National Association of State Boards of
Accountancy
©The National Association of State
Boards of Accountancy
©Aaron Hogan, Eye Wander Photo
©Aaron Hogan, Eye Wa nder Photo
Johnson_FM.indd 5 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Chapter 1: Introduction and Overview of Audit and
Assurance
• ADDED the 2020 ASB Audit Report Updates.
• NEW discussion of review of interim financial state-
ments.
• NEW section on the critical-thinking and data analytics
skills required by auditors.
• NEW illustration on the audit decision-making frame-
work.
• NEW Audit Decision-Making Example at the end of the
text discussion.
Chapter 2: Professionalism and Professional Responsibilities
•
NEW section on applying the conceptual framework
through use of an example.
• UPDATED Illustration 2.10 to reflect the most recent de-
piction of auditor liability under common law.
• UPDATED discussion of Ultramares Corp. v. Touche case
reflecting the latest appeal.
Chapter 3: Risk Assessment Part I: Audit Risk and Audit Strategy
•
UPDATED Illustration 3.1 and following discussion for
clear connection and focus on the factors that influence client acceptance and retention.
•
UPDATED Illustration 3.4 to include “Developing an Au-
dit Strategy” as part of the risk assessment phase.
• UPDATED definition and discussion of materiality from
SAS 138, including qualitative and quantitative factors.
• NEW discussion of unconscious and conscious biases
that impact professional skepticism.
• IMPROVED discussion of audit risk with more logical
flow of audit risk components.
• NEW illustration on inherent and control risk compo-
nents.
• NEW discussion on role of data analytics in audit risk and
audit strategy.
• ENHANCED discussion of fraud risk.
Chapter 4: Risk Assessment Part II: Understanding the Client
•
NEW illustrations: (1) comparing entity risks of a fast-
food restaurant versus a high-end restaurant and (2) how KPIs vary by industry.
•
UPDATED tables on financial ratios to include not only
the formulas but also a description of what they assess and how they are interpreted.
•
REDUCED text discussions where they repeated illustra-
tion or table information.
• UPDATED discussions on (1) procedures performed to
gain an understanding of the client, (2) tools for per-
forming analytical procedures, (3) related parties, and (4) inherent risk considerations for IT, as well as a cli- ent’s digital mindset.
Chapter 5: Audit Evidence
•
UPDATED discussion of management assertions from
SAS 134.
• NEW illustrations on (1) the four forms of information
that auditors can use as audit evidence, (2) attributes that auditors should consider when evaluating audit evidence, and (3) using ADA and automated tools to perform audit procedures.
•
UPDATED discussion and examples of sufficient appro-
priate audit evidence from SAS 142.
• UPDATED discussion of ADA and automated tools for
performing audit procedures.
Chapter 6: Gaining an Understanding of the Client’s System of Internal Control
•
NEW illustrations on (1) common inherent limitations
of internal control, (2) steps involved in assessing control risk, and (3) major benefits and risks of IT systems.
•
REDUCED text discussions that repeated information
presented in tables.
• DELETED cash receipts example of transaction flows, as
sales process example is comprehensive.
• NEW Professional Environment feature on cybersecurity.
• NEW discussion on the use of a service organization by
an audit client (SOC 1 Reports).
• MOVED section on management letters to Chapter 7.
Chapter 7: Risk Response: Performing Tests of Controls (previously Chapter 8)
•
MOVED discussion of steps in assessing control risk into
Chapter 6.
• NEW discussion, illustrations, and EOC on evaluating an
SOC 1, Type 2 report.
• ADDED section on management letters from Chapter 6.
New to This Edition:
Chapter-by-Chapter Changes
vi
Johnson_FM.indd 6 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Assurance
• ADDED the 2020 ASB Audit Report Updates.
• NEW discussion of review of interim financial state-
ments.
• NEW section on the critical-thinking and data analytics
skills required by auditors.
• NEW illustration on the audit decision-making frame-
work.
• NEW Audit Decision-Making Example at the end of the
text discussion.
Chapter 2: Professionalism and Professional Responsibilities
•
NEW section on applying the conceptual framework
through use of an example.
• UPDATED Illustration 2.10 to reflect the most recent de-
piction of auditor liability under common law.
• UPDATED discussion of Ultramares Corp. v. Touche case
reflecting the latest appeal.
Chapter 3: Risk Assessment Part I: Audit Risk and Audit Strategy
•
UPDATED Illustration 3.1 and following discussion for
clear connection and focus on the factors that influence client acceptance and retention.
•
UPDATED Illustration 3.4 to include “Developing an Au-
dit Strategy” as part of the risk assessment phase.
• UPDATED definition and discussion of materiality from
SAS 138, including qualitative and quantitative factors.
• NEW discussion of unconscious and conscious biases
that impact professional skepticism.
• IMPROVED discussion of audit risk with more logical
flow of audit risk components.
• NEW illustration on inherent and control risk compo-
nents.
• NEW discussion on role of data analytics in audit risk and
audit strategy.
• ENHANCED discussion of fraud risk.
Chapter 4: Risk Assessment Part II: Understanding the Client
•
NEW illustrations: (1) comparing entity risks of a fast-
food restaurant versus a high-end restaurant and (2) how KPIs vary by industry.
•
UPDATED tables on financial ratios to include not only
the formulas but also a description of what they assess and how they are interpreted.
•
REDUCED text discussions where they repeated illustra-
tion or table information.
• UPDATED discussions on (1) procedures performed to
gain an understanding of the client, (2) tools for per-
forming analytical procedures, (3) related parties, and (4) inherent risk considerations for IT, as well as a cli- ent’s digital mindset.
Chapter 5: Audit Evidence
•
UPDATED discussion of management assertions from
SAS 134.
• NEW illustrations on (1) the four forms of information
that auditors can use as audit evidence, (2) attributes that auditors should consider when evaluating audit evidence, and (3) using ADA and automated tools to perform audit procedures.
•
UPDATED discussion and examples of sufficient appro-
priate audit evidence from SAS 142.
• UPDATED discussion of ADA and automated tools for
performing audit procedures.
Chapter 6: Gaining an Understanding of the Client’s System of Internal Control
•
NEW illustrations on (1) common inherent limitations
of internal control, (2) steps involved in assessing control risk, and (3) major benefits and risks of IT systems.
•
REDUCED text discussions that repeated information
presented in tables.
• DELETED cash receipts example of transaction flows, as
sales process example is comprehensive.
• NEW Professional Environment feature on cybersecurity.
• NEW discussion on the use of a service organization by
an audit client (SOC 1 Reports).
• MOVED section on management letters to Chapter 7.
Chapter 7: Risk Response: Performing Tests of Controls (previously Chapter 8)
•
MOVED discussion of steps in assessing control risk into
Chapter 6.
• NEW discussion, illustrations, and EOC on evaluating an
SOC 1, Type 2 report.
• ADDED section on management letters from Chapter 6.
New to This Edition:
Chapter-by-Chapter Changes
vi
Johnson_FM.indd 6 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
NEW TO THIS EDITION: CHAPTER-BY-CHAPTER CHANGES vii
• NEW Professional Environment feature on AICPA evi-
dence from peer reviews on control testing.
• HIGHLIGHTED AND EXPANDED example of New Mil-
lennium Ecoproducts throughout.
Chapter 8: Audit Data Analytics (previously Chapter 7)
• NEW learning objective (and related EOC material) on
how artificial intelligence and machine learning may be
used in an audit.
• NEW emphasis on how ADA fits into the five-step audit
decision-making framework with specific focus on use of
ADA as a risk assessment tool and as a substantive pro-
cedure.
• NEW focus on how gathering data for ADA application
involves two key steps: (1) accessing and preparing the
data for ADA and (2) considering the relevance and reli-
ability of the data used.
•
NEW Professional Environment feature detailing a recent
report on the use of technology in UK audit firms.
Chapter 9: Risk Response: Performing Substantive Procedures
•
NEW illustrations highlighting (1) dual-purpose tests,
(2) using a substantive analytical procedure in the con- text of the audit decision-making framework, (3) an ex-
ample of estimation uncertainty, (4) inherent risk factors, and (5) an illustrative timeline of an event related to an estimate occurring before the date of the audit report.
•
UPDATED discussion on auditing accounting estimates
from SAS 143, including a running case example to illus-
trate application.
Chapter 10: Risk Response: Audit Sampling for Substantive Procedures
•
COMBINED discussions within Learning Objectives 1
with 2, and 4 with 5, for a more streamlined, focused ap-
proach.
• ADDED audit risk model depictions to illustrate example
scenarios for improved understanding.
• NEW summary discussion of PPS sampling.
Chapter 11: Auditing the Revenue Process
• NEW section and assessment material on evaluating con-
trol activities in a paperless revenue system.
• NEW discussions of the preliminary audit strategy as well
as drawing a final conclusion for revenues.
• NEW illustration on (1) the five-step process for auditing
revenues, (2) the lapping scheme, and (3) the ADA de-
cision tree for auditing allowance for doubtful accounts.
Chapter 12: Auditing the Purchasing and Payroll
Processes
• NEW illustrations detailing the auditing steps for both
the purchasing and payroll processes.
• COMBINED some learning objectives for improved pre-
sentation of topics.
Chapter 13: Auditing Cash, Inventory, and Related
Income Statement Accounts (previously first half of Chapter 13)
•
NEW discussions of understanding internal controls, de-
veloping a preliminary audit strategy, and drawing a final conclusion.
•
REVISED discussion of bank transfers for improved un-
derstanding.
• NEW Professional Environment feature on bank confir-
mations.
• NEW discussion on the three-step process of valuing in-
ventory.
• NEW discussion of the use of ADA to count inventories.
Chapter 14: Auditing Investing and Financing Activities
(previously second half of Chapter 13)
• NEW discussions of how audit planning decisions affect
the assessment of inherent risk, understanding internal controls, developing a preliminary audit strategy, and drawing a final conclusion.
•
NEW section on auditing debt transactions.
• NEW Auditing Decision-Making Example on investing
and financing activities.
Chapter 15: Completing the Audit (previously Chapter 14)
• ENHANCED discussions and explanations throughout.
• REVISED Professional Environment feature on forensic
accounting.
Chapter 16: Reporting on the Audit (previously Chapter 15)
•
UPDATED throughout to reflect 2020 ASB auditing
standards.
• NEW audit reports from Amazon.com and Photronics,
Inc.
• NEW discussion of preparation engagements.
Johnson_FM.indd 7 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
• NEW Professional Environment feature on AICPA evi-
dence from peer reviews on control testing.
• HIGHLIGHTED AND EXPANDED example of New Mil-
lennium Ecoproducts throughout.
Chapter 8: Audit Data Analytics (previously Chapter 7)
• NEW learning objective (and related EOC material) on
how artificial intelligence and machine learning may be
used in an audit.
• NEW emphasis on how ADA fits into the five-step audit
decision-making framework with specific focus on use of
ADA as a risk assessment tool and as a substantive pro-
cedure.
• NEW focus on how gathering data for ADA application
involves two key steps: (1) accessing and preparing the
data for ADA and (2) considering the relevance and reli-
ability of the data used.
•
NEW Professional Environment feature detailing a recent
report on the use of technology in UK audit firms.
Chapter 9: Risk Response: Performing Substantive Procedures
•
NEW illustrations highlighting (1) dual-purpose tests,
(2) using a substantive analytical procedure in the con- text of the audit decision-making framework, (3) an ex-
ample of estimation uncertainty, (4) inherent risk factors, and (5) an illustrative timeline of an event related to an estimate occurring before the date of the audit report.
•
UPDATED discussion on auditing accounting estimates
from SAS 143, including a running case example to illus-
trate application.
Chapter 10: Risk Response: Audit Sampling for Substantive Procedures
•
COMBINED discussions within Learning Objectives 1
with 2, and 4 with 5, for a more streamlined, focused ap-
proach.
• ADDED audit risk model depictions to illustrate example
scenarios for improved understanding.
• NEW summary discussion of PPS sampling.
Chapter 11: Auditing the Revenue Process
• NEW section and assessment material on evaluating con-
trol activities in a paperless revenue system.
• NEW discussions of the preliminary audit strategy as well
as drawing a final conclusion for revenues.
• NEW illustration on (1) the five-step process for auditing
revenues, (2) the lapping scheme, and (3) the ADA de-
cision tree for auditing allowance for doubtful accounts.
Chapter 12: Auditing the Purchasing and Payroll
Processes
• NEW illustrations detailing the auditing steps for both
the purchasing and payroll processes.
• COMBINED some learning objectives for improved pre-
sentation of topics.
Chapter 13: Auditing Cash, Inventory, and Related
Income Statement Accounts (previously first half of Chapter 13)
•
NEW discussions of understanding internal controls, de-
veloping a preliminary audit strategy, and drawing a final conclusion.
•
REVISED discussion of bank transfers for improved un-
derstanding.
• NEW Professional Environment feature on bank confir-
mations.
• NEW discussion on the three-step process of valuing in-
ventory.
• NEW discussion of the use of ADA to count inventories.
Chapter 14: Auditing Investing and Financing Activities
(previously second half of Chapter 13)
• NEW discussions of how audit planning decisions affect
the assessment of inherent risk, understanding internal controls, developing a preliminary audit strategy, and drawing a final conclusion.
•
NEW section on auditing debt transactions.
• NEW Auditing Decision-Making Example on investing
and financing activities.
Chapter 15: Completing the Audit (previously Chapter 14)
• ENHANCED discussions and explanations throughout.
• REVISED Professional Environment feature on forensic
accounting.
Chapter 16: Reporting on the Audit (previously Chapter 15)
•
UPDATED throughout to reflect 2020 ASB auditing
standards.
• NEW audit reports from Amazon.com and Photronics,
Inc.
• NEW discussion of preparation engagements.
Johnson_FM.indd 7 8/24/21 9:41 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
viii
Hallmark Features
Auditing provides a unique pedagogical framework that helps students master the content and
prepare them for a successful career in accounting.
8-1
Audit Data Analytics
CHAPTER 8
Special thanks to Dr. Adrian Gepp of Bond University, Queensland, Australia, for his invaluable
assistance in co- authoring this chapter.
Audit Data Analytics
(Chapter 8)
Audit Evidence
(Chapter 5)
Client Acceptance/Continuance and Risk Assessment
(Chapters 3 and 4)
Developing Responses to Risk and an Audit Strategy
Gaining an
Understanding of
the Client
Identifying Significant
Accounts and
Transactions
Setting Planning
Materiality
Making Preliminary
Risk Assessments
Gaining an Understanding
of the System of Internal Control
(Chapter 6)
Overview of Audit and Assurance
(Chapter 1)
Completing and Reporting on the Audit
(Chapters 15 and 16)
Reporting
Drawing Audit
Conclusions
Procedures Performed Near
the End of the Audit
Auditing Investing and
Financing Activities
(Chapter 14)
Auditing Cash and
Inventory
(Chapter 13)
Auditing the Purchasing
and Payroll Processes
(Chapter 12)
Auditing the
Revenue Process
(Chapter 11)
Performing Tests of Controls
(Chapter 7)
Performing Substantive Procedures
(Chapter 9)
Audit Sampling for
Substantive Procedures
(Chapter 10)
Professionalism and Professional Responsibilities
(Chapter 2)
The Audit Process
c08AuditDataAnalytics.indd 1 7/23/21 8:18 AM
The Big Picture
Each chapter begins with a flowchart de- tailing exactly what section of the audit
process students are about to learn. The
chart helps students see the big picture of
the audit process.
Continuing Case
A Cloud 9 Continuing Case exercise applies concepts introduced in each chapter, concludes each chapter, and is available as an assessment question.
3-44 ChApteR 3 Risk Assessment part I: Audit Risk and Audit Strategy
Cloud 9 Continuing Case
W&S Partners has just won the January 31, 2026, audit for
Cloud 9. The audit team assigned to this client is:
• Partner, Jo Wadley
• Audit manager, Sharon Gallagher
• Audit senior, Josh Thomas
• IT audit manager, Mark Batten
• Experienced staff, Suzie Pickering
• First-year staff, Ian Harper
As a part of the risk assessment phase for the new audit, the audit
team needs to gain an understanding of Cloud 9’s structure and its
business environment, determine materiality, and assess the risk
of material misstatement. This will assist the team in developing
an audit strategy and designing the nature, extent, and timing of
audit procedures.
One task during the planning phase is to consider the con-
cept of materiality as it applies to the client. Auditors will de-
sign procedures to identify and correct errors or irregularities
that would have a material effect on the financial statements
and affect the decision-making of the users of the financial
statements. Materiality is used in determining audit procedures
and sample selections, and evaluating differences from client
records to audit results. Materiality is the maximum amount of
misstatement, individually or in aggregate, that can be accepted in the financial statements. In selecting the benchmark to be used to calculate materiality, the auditors should consider the key drivers of the business. They should ask, “What are the end users (that is, stockholders, banks, etc.) of the accounts going to be looking at?” For example, will stockholders be interested in profit figures that can be used to pay dividends and increase share price?
W&S Partners’ audit methodology dictates that one plan-
ning materiality (PM) amount is to be used for the financial statements as a whole. The benchmark selected for determin- ing materiality is the one determined to be the key driver of the
business.
W&S Partners uses the following percentages as starting
points for the various benchmarks:
Benchmark Threshold (%)
Income before tax 5.0
Total revenue 0.5
Gross profit 2.0
Total assets 0.5
Equity 1.0
These starting points can be increased or decreased by taking into
account qualitative client factors, which could be:
• The nature of the client’s business and industry (for example,
rapidly changing, either through growth or downsizing, or
an unstable environment).
• Whether the client is a public company (or subsidiary of )
subject to regulations.
• The knowledge of or high risk of fraud.
Typically, income before tax is used; however, it cannot be used
if reporting a loss for the year or if profitability is not consistent.
When calculating PM based on interim figures, it may be nec-
essary to annualize the results. This allows the auditors to plan
the audit properly based on an approximate projected year-end
balance. Then, at year-end, the figure is adjusted, if necessary, to
reflect the actual results.
Required
Answer the following questions based on the information pre- sented for Cloud 9 in the appendix to this text and in the current chapter and previous chapters.
a. Using the October 31, 2025, trial balance (in the appendix
to this text), calculate planning materiality, and include the
justification for the benchmark that you have used for your
calculation.
b. Discuss how the planning materiality would be used to deter-
mine performance materiality.
c. If the planning materiality amount is increased or decreased
later in the audit, how would that impact the audit?
c03RiskAssessmentPartI.indd 44 8/10/21 5:42 PM
5-6 Chapter 5 a udit evidence
assets and liabilities may exist but not be owned by the entity. For example, inventory held on
consignment in the client’s warehouse exists, but it is not owned by the client. This inventory
should not be listed as an asset because it does not meet the rights and obligations assertion
since it is not owned by the client.
When considering (9) completeness, auditors search for assets, liabilities, and equity items
to ensure they have been recorded. This assertion is particularly important when auditors
believe there is a risk of understatement and the client has omitted some items from the bal-
ance sheet. For example, a client may fail to record various accrued liabilities due to an error
or an attempt to improve reported financial ratios for the period. In addition, auditors gather
evidence that all related disclosures are included in the notes to the financial statements.
When considering (10) accuracy, valuation and allocation, auditors search for evidence that
assets, liabilities, and equity items have been recorded at appropriate amounts and subsequent
allocation or valuation adjustments are appropriately recorded. Allocation refers to the alloca-
tion of historical cost over a period of time, such as depreciation of buildings and equipment.
Valuation refers to subsequent measurements that determine fair value or net realizable value.
This assertion is particularly important when auditors believe there is a risk of over- or under-
valuation. Here are some examples:
• An auditor verifies that inventory has been appropriately recorded at the lower of cost or
net realizable value (risk of overstatement).
• An auditor tests for the adequacy of the allowance for doubtful accounts (risk of under-
statement or overstatement depending on the client’s motivation).
• An auditor verifies that equipment used in operations has been appropriately marked
down if it is impaired (risk of overstatement).
For (11) classification, auditors gather evidence that assets, liabilities, and equity interests
are recorded in the proper accounts. For example, a parking lot added to land should be clas-
sified in a separate account from land. A parking lot is considered a land improvement and is
subject to depreciation. Including the parking lot with the land account is improper classifica-
tion because land is not depreciated.
When considering (12) presentation, auditors gather evidence that assets, liabilities, and
equity interests are appropriately aggregated or disaggregated in the financial statements. For
example, liabilities are separated into current and long-term portions on the balance sheet. In
addition, related disclosures for long-term debt should be relevant and understandable. In the
notes, a company describes its long-term debt and includes relevant details such as interest
rates, payment schedule, and maturity dates.
Cloud 9 Continuing Case
Ian and Suzie have already talked in general terms about the errors that could occur in Cloud 9’s accounts receivable. For exam- ple, basic mathematical mistakes and other clerical errors could affect the customer’s total in either direction. Suzie emphasizes that Cloud 9’s management asserts this error did not exist when they prepared the financial statements—i.e., they assert that accounts receivable are valued correctly.
Auditors must gather evidence about each assertion for
each transaction class, account, and note in the financial state-
ments. Now that Ian understands this idea better, he can iden- tify the assertions that relate to the potential errors in accounts receivable that they discussed earlier:
• No mathematical mistakes or other clerical errors exist that could affect the total receivables in either direction—accuracy, valuation and allocation.
• No accounts receivables were omitted when calculating the
total—completeness.
• Accounts receivables included in the total do exist at year-end—
existence.
• Accounts receivables belong to Cloud 9 and have not been
sold or factored—rights and obligations.
• Bad debts have been provided for—accuracy, valuation and
allocation.
• Sales from the next period are not included in the earlier period—
cutoff. Ian is a bit confused about this because cutoff is an asser-
tion for transactions, not account balances. Suzie agrees it is a
special sort of assertion that relates to transactions or events, but
also gives evidence about balance sheet accounts (e.g., an over-
statement of revenue is also an overstatement of receivables).
c05AuditEvidence.indd 6 7/26/21 12:26 PM
Learning Objectives
Learning Objectives have been carefully craft-
ed to reflect the Bloom’s Taxonomy framework,
as well as reinforce the practical auditing skills
that students will develop.
5-2 Chapter 5 a udit evidence
Auditing and Assurance Standards
PCAOB
AS 1105 a udit evidence
AS 1205 p art of the audit performed by Other
Independent a uditors
AS 1210 Using the Work of a Specialist
AS 1215 a udit Documentation
AS 2110 Identifying and assessing risks of Material
Misstatement
AS 2310 t he Confirmation process
AS 2605 Consideration of the Internal audit Function
Auditing StAndArdS BOArd
Au-C 230 a udit Documentation
Au-C 315 Understanding the entity and Its environment
and assessing the risks of Material Misstatement
Au-C 500 a udit evidence
Au-C 505 e xternal Confirmations
Au-C 600 Special Considerations—audits of Group
Financial Statements (Including the Work of Component
auditors)
Au-C 610 Using the Work of Internal auditors
Au-C 620 Using the Work of an auditor’s Specialist
Cloud 9 - Continuing Case
At the next planning meeting for the Cloud 9 audit, Suzie Pickering
presents the results of the analytical procedures performed so far
and a working draft of the audit program. The audit manager,
Sharon Gallagher, and the audit senior, Josh Thomas, are also in-
volved in the planning, with special responsibility for the internal
control assessment.
The meeting’s agenda is to discuss the available sources of ev-
idence at Cloud 9 and specify these in the detailed audit program.
The team members also must ensure they have enough evidence
to conduct the audit. Two specific issues worry members of the
team. First, there are three very large asset balances on Cloud 9’s
trial balance that have particular valuation issues. Josh suggests
that a specialist will be required for the derivatives, but they can
handle the accounts receivable and inventory themselves. Second,
Sharon is worried about how they will gather evidence regarding a
subsidiary of Cloud 9 located in Vietnam. W&S Partners does not
have an office in Vietnam, so they must determine the most effec-
tive and efficient way to gather evidence regarding the subsidiary.
In the planning meeting, the team considers the following
questions:
• What evidence is available?
• What criteria will the team use to choose among alternative
sources of evidence?
• What are the implications of using the work of specialists
and other auditors?
Chapter Preview—Audit Process in Focus
In Chapters 3 and 4, we considered audit risk and risk assessment. Those chapters focused
on the importance of risk identification to help ensure the auditor’s desired level of risk is
Learning Objectives
LO 1 Define management assertions about classes of
transactions, account balances, and presentation and
disclosure.
LO 2 Discuss the characteristics of audit evidence.
LO 3 apply the procedures for gathering audit evidence,
including the use of audit data analytics.
LO 4 evaluate when it is appropriate for auditors to use
the work of others.
LO 5 Document the details of evidence gathered in
working papers.
c05AuditEvidence.indd Page 2 04/03/19 8:37 PM F-0590 /208/WB02435/9781119401810/ch05/text_s
3-2 CHAPTER 3 Risk Assessment Part I
Cloud 9 - Continuing Case
Sharon and Josh have already discussed some specifi c client accep-
tance issues, such as independence threats and safeguards. Sharon
explains they also must consider the overall integrity of the client
(that is, management of Cloud 9). This means they need to perform
and document procedures that are likely to provide information
about the client’s integrity. Josh is a little skeptical. “Do you mean
that we should ask them if they are honest?” Sharon suggests it is
probably more useful to ask others, and the key people to ask are
the existing auditors. Josh is still skeptical. “The existing auditors
are Ellis & Associates. Are they going to help us take one of their
clients from them?” Sharon says the client must give permission
fi rst, and, if that is given, the existing auditor will usually state
whether or not there were any issues that the new auditor should
be aware of before accepting the work. This type of communica-
tion is covered by AS 2610 (AU-C 210 for private company clients)
and is part of professional ethics. Sharon also gives Josh the task
of researching Cloud 9’s press coverage, with special focus on any-
thing that may indicate poor management integrity.
Sharon emphasizes they must perform and document proce-
dures to determine whether W&S Partners is competent to per-
form the engagement and has the capabilities, time, and resources
to do so. For example, they must make sure they have audit team
members who understand the clothing and footwear business.
They also must have enough staff to complete the audit on time.
In addition, Sharon and Josh must perform and document
procedures to show that W&S Partners can comply with all parts
of the code of professional conduct, not just those that focus on
independence threats and safeguards. Finally, they can draft the
engagement letter to cover the contractual relationship between
W&S Partners and Cloud 9.
Auditing and Assurance Standards
PCAOB
AS 1015 Due Professional Care in the Performance of Work
AS 1101 Audit Risk
AS 1301 Communications with Audit Committees
AS 2101 Audit Planning
AS 2105 Consideration of Materiality in Planning and
Performing an Audit
AS 2110 Identifying and Assessing Risk of Material
Misstatement
AS 2301 The Auditor’s Responses to the Risks of
Material Misstatement
AS 2401 Consideration of Fraud in a Financial
Statement Audit
AS 2610 Initial Audits—Communication Between
Predecessor and Successor Auditors
AUDITING STANDARDS BOARD
AU-C 200 Overall Objectives of the Independent
Auditor and the Conduct of an Audit in Accordance With
Generally Accepted Auditing Standards
AU-C 210 Terms of Engagement
AU-C 240 Consideration of Fraud in a Financial
Statement Audit
AU-C 300 Planning an Audit
AU-C 315 Understanding the Entity and Its Environment
and Assessing the Risks of Material Misstatement
AU-C 320 Materiality in Planning and Performing an
Audit
AU-C 330 Performing Audit Procedures in Response to
Assessed Risks and Evaluating Audit Evidence Obtained
QC10 A Firm’s System of Quality Control
Learning Objectives
LO 1 Evaluate client acceptance and continuance
decisions.
LO 2 Identify the diff erent phases of an audit.
LO 3 Explain and apply the concept of materiality.
LO 4 Explain professional skepticism and apply the
audit risk model.
LO 5 Explain how auditors determine their audit
strategy and how audit strategy aff ects audit decisions.
LO 6 Explain the fraud risk assessment process and
analyze fraud risk.
c03RiskAssessmentPartI.indd Page 3-2 24/01/19 9:35 PM F-0590 /208/WB02435/9781119401810/ch03/text_s
Auditing and Assurance
Standards
Relevant AICPA and PCAOB Auditing and
Assurance Standards are listed at the be-
ginning of each chapter and highlighted
throughout the discussion.
Johnson_FM.indd 8 8/24/21 9:42 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Hallmark Features
Auditing provides a unique pedagogical framework that helps students master the content and
prepare them for a successful career in accounting.
8-1
Audit Data Analytics
CHAPTER 8
Special thanks to Dr. Adrian Gepp of Bond University, Queensland, Australia, for his invaluable
assistance in co- authoring this chapter.
Audit Data Analytics
(Chapter 8)
Audit Evidence
(Chapter 5)
Client Acceptance/Continuance and Risk Assessment
(Chapters 3 and 4)
Developing Responses to Risk and an Audit Strategy
Gaining an
Understanding of
the Client
Identifying Significant
Accounts and
Transactions
Setting Planning
Materiality
Making Preliminary
Risk Assessments
Gaining an Understanding
of the System of Internal Control
(Chapter 6)
Overview of Audit and Assurance
(Chapter 1)
Completing and Reporting on the Audit
(Chapters 15 and 16)
Reporting
Drawing Audit
Conclusions
Procedures Performed Near
the End of the Audit
Auditing Investing and
Financing Activities
(Chapter 14)
Auditing Cash and
Inventory
(Chapter 13)
Auditing the Purchasing
and Payroll Processes
(Chapter 12)
Auditing the
Revenue Process
(Chapter 11)
Performing Tests of Controls
(Chapter 7)
Performing Substantive Procedures
(Chapter 9)
Audit Sampling for
Substantive Procedures
(Chapter 10)
Professionalism and Professional Responsibilities
(Chapter 2)
The Audit Process
c08AuditDataAnalytics.indd 1 7/23/21 8:18 AM
The Big Picture
Each chapter begins with a flowchart de- tailing exactly what section of the audit
process students are about to learn. The
chart helps students see the big picture of
the audit process.
Continuing Case
A Cloud 9 Continuing Case exercise applies concepts introduced in each chapter, concludes each chapter, and is available as an assessment question.
3-44 ChApteR 3 Risk Assessment part I: Audit Risk and Audit Strategy
Cloud 9 Continuing Case
W&S Partners has just won the January 31, 2026, audit for
Cloud 9. The audit team assigned to this client is:
• Partner, Jo Wadley
• Audit manager, Sharon Gallagher
• Audit senior, Josh Thomas
• IT audit manager, Mark Batten
• Experienced staff, Suzie Pickering
• First-year staff, Ian Harper
As a part of the risk assessment phase for the new audit, the audit
team needs to gain an understanding of Cloud 9’s structure and its
business environment, determine materiality, and assess the risk
of material misstatement. This will assist the team in developing
an audit strategy and designing the nature, extent, and timing of
audit procedures.
One task during the planning phase is to consider the con-
cept of materiality as it applies to the client. Auditors will de-
sign procedures to identify and correct errors or irregularities
that would have a material effect on the financial statements
and affect the decision-making of the users of the financial
statements. Materiality is used in determining audit procedures
and sample selections, and evaluating differences from client
records to audit results. Materiality is the maximum amount of
misstatement, individually or in aggregate, that can be accepted in the financial statements. In selecting the benchmark to be used to calculate materiality, the auditors should consider the key drivers of the business. They should ask, “What are the end users (that is, stockholders, banks, etc.) of the accounts going to be looking at?” For example, will stockholders be interested in profit figures that can be used to pay dividends and increase share price?
W&S Partners’ audit methodology dictates that one plan-
ning materiality (PM) amount is to be used for the financial statements as a whole. The benchmark selected for determin- ing materiality is the one determined to be the key driver of the
business.
W&S Partners uses the following percentages as starting
points for the various benchmarks:
Benchmark Threshold (%)
Income before tax 5.0
Total revenue 0.5
Gross profit 2.0
Total assets 0.5
Equity 1.0
These starting points can be increased or decreased by taking into
account qualitative client factors, which could be:
• The nature of the client’s business and industry (for example,
rapidly changing, either through growth or downsizing, or
an unstable environment).
• Whether the client is a public company (or subsidiary of )
subject to regulations.
• The knowledge of or high risk of fraud.
Typically, income before tax is used; however, it cannot be used
if reporting a loss for the year or if profitability is not consistent.
When calculating PM based on interim figures, it may be nec-
essary to annualize the results. This allows the auditors to plan
the audit properly based on an approximate projected year-end
balance. Then, at year-end, the figure is adjusted, if necessary, to
reflect the actual results.
Required
Answer the following questions based on the information pre- sented for Cloud 9 in the appendix to this text and in the current chapter and previous chapters.
a. Using the October 31, 2025, trial balance (in the appendix
to this text), calculate planning materiality, and include the
justification for the benchmark that you have used for your
calculation.
b. Discuss how the planning materiality would be used to deter-
mine performance materiality.
c. If the planning materiality amount is increased or decreased
later in the audit, how would that impact the audit?
c03RiskAssessmentPartI.indd 44 8/10/21 5:42 PM
5-6 Chapter 5 a udit evidence
assets and liabilities may exist but not be owned by the entity. For example, inventory held on
consignment in the client’s warehouse exists, but it is not owned by the client. This inventory
should not be listed as an asset because it does not meet the rights and obligations assertion
since it is not owned by the client.
When considering (9) completeness, auditors search for assets, liabilities, and equity items
to ensure they have been recorded. This assertion is particularly important when auditors
believe there is a risk of understatement and the client has omitted some items from the bal-
ance sheet. For example, a client may fail to record various accrued liabilities due to an error
or an attempt to improve reported financial ratios for the period. In addition, auditors gather
evidence that all related disclosures are included in the notes to the financial statements.
When considering (10) accuracy, valuation and allocation, auditors search for evidence that
assets, liabilities, and equity items have been recorded at appropriate amounts and subsequent
allocation or valuation adjustments are appropriately recorded. Allocation refers to the alloca-
tion of historical cost over a period of time, such as depreciation of buildings and equipment.
Valuation refers to subsequent measurements that determine fair value or net realizable value.
This assertion is particularly important when auditors believe there is a risk of over- or under-
valuation. Here are some examples:
• An auditor verifies that inventory has been appropriately recorded at the lower of cost or
net realizable value (risk of overstatement).
• An auditor tests for the adequacy of the allowance for doubtful accounts (risk of under-
statement or overstatement depending on the client’s motivation).
• An auditor verifies that equipment used in operations has been appropriately marked
down if it is impaired (risk of overstatement).
For (11) classification, auditors gather evidence that assets, liabilities, and equity interests
are recorded in the proper accounts. For example, a parking lot added to land should be clas-
sified in a separate account from land. A parking lot is considered a land improvement and is
subject to depreciation. Including the parking lot with the land account is improper classifica-
tion because land is not depreciated.
When considering (12) presentation, auditors gather evidence that assets, liabilities, and
equity interests are appropriately aggregated or disaggregated in the financial statements. For
example, liabilities are separated into current and long-term portions on the balance sheet. In
addition, related disclosures for long-term debt should be relevant and understandable. In the
notes, a company describes its long-term debt and includes relevant details such as interest
rates, payment schedule, and maturity dates.
Cloud 9 Continuing Case
Ian and Suzie have already talked in general terms about the errors that could occur in Cloud 9’s accounts receivable. For exam- ple, basic mathematical mistakes and other clerical errors could affect the customer’s total in either direction. Suzie emphasizes that Cloud 9’s management asserts this error did not exist when they prepared the financial statements—i.e., they assert that accounts receivable are valued correctly.
Auditors must gather evidence about each assertion for
each transaction class, account, and note in the financial state-
ments. Now that Ian understands this idea better, he can iden- tify the assertions that relate to the potential errors in accounts receivable that they discussed earlier:
• No mathematical mistakes or other clerical errors exist that could affect the total receivables in either direction—accuracy, valuation and allocation.
• No accounts receivables were omitted when calculating the
total—completeness.
• Accounts receivables included in the total do exist at year-end—
existence.
• Accounts receivables belong to Cloud 9 and have not been
sold or factored—rights and obligations.
• Bad debts have been provided for—accuracy, valuation and
allocation.
• Sales from the next period are not included in the earlier period—
cutoff. Ian is a bit confused about this because cutoff is an asser-
tion for transactions, not account balances. Suzie agrees it is a
special sort of assertion that relates to transactions or events, but
also gives evidence about balance sheet accounts (e.g., an over-
statement of revenue is also an overstatement of receivables).
c05AuditEvidence.indd 6 7/26/21 12:26 PM
Learning Objectives
Learning Objectives have been carefully craft-
ed to reflect the Bloom’s Taxonomy framework,
as well as reinforce the practical auditing skills
that students will develop.
5-2 Chapter 5 a udit evidence
Auditing and Assurance Standards
PCAOB
AS 1105 a udit evidence
AS 1205 p art of the audit performed by Other
Independent a uditors
AS 1210 Using the Work of a Specialist
AS 1215 a udit Documentation
AS 2110 Identifying and assessing risks of Material
Misstatement
AS 2310 t he Confirmation process
AS 2605 Consideration of the Internal audit Function
Auditing StAndArdS BOArd
Au-C 230 a udit Documentation
Au-C 315 Understanding the entity and Its environment
and assessing the risks of Material Misstatement
Au-C 500 a udit evidence
Au-C 505 e xternal Confirmations
Au-C 600 Special Considerations—audits of Group
Financial Statements (Including the Work of Component
auditors)
Au-C 610 Using the Work of Internal auditors
Au-C 620 Using the Work of an auditor’s Specialist
Cloud 9 - Continuing Case
At the next planning meeting for the Cloud 9 audit, Suzie Pickering
presents the results of the analytical procedures performed so far
and a working draft of the audit program. The audit manager,
Sharon Gallagher, and the audit senior, Josh Thomas, are also in-
volved in the planning, with special responsibility for the internal
control assessment.
The meeting’s agenda is to discuss the available sources of ev-
idence at Cloud 9 and specify these in the detailed audit program.
The team members also must ensure they have enough evidence
to conduct the audit. Two specific issues worry members of the
team. First, there are three very large asset balances on Cloud 9’s
trial balance that have particular valuation issues. Josh suggests
that a specialist will be required for the derivatives, but they can
handle the accounts receivable and inventory themselves. Second,
Sharon is worried about how they will gather evidence regarding a
subsidiary of Cloud 9 located in Vietnam. W&S Partners does not
have an office in Vietnam, so they must determine the most effec-
tive and efficient way to gather evidence regarding the subsidiary.
In the planning meeting, the team considers the following
questions:
• What evidence is available?
• What criteria will the team use to choose among alternative
sources of evidence?
• What are the implications of using the work of specialists
and other auditors?
Chapter Preview—Audit Process in Focus
In Chapters 3 and 4, we considered audit risk and risk assessment. Those chapters focused
on the importance of risk identification to help ensure the auditor’s desired level of risk is
Learning Objectives
LO 1 Define management assertions about classes of
transactions, account balances, and presentation and
disclosure.
LO 2 Discuss the characteristics of audit evidence.
LO 3 apply the procedures for gathering audit evidence,
including the use of audit data analytics.
LO 4 evaluate when it is appropriate for auditors to use
the work of others.
LO 5 Document the details of evidence gathered in
working papers.
c05AuditEvidence.indd Page 2 04/03/19 8:37 PM F-0590 /208/WB02435/9781119401810/ch05/text_s
3-2 CHAPTER 3 Risk Assessment Part I
Cloud 9 - Continuing Case
Sharon and Josh have already discussed some specifi c client accep-
tance issues, such as independence threats and safeguards. Sharon
explains they also must consider the overall integrity of the client
(that is, management of Cloud 9). This means they need to perform
and document procedures that are likely to provide information
about the client’s integrity. Josh is a little skeptical. “Do you mean
that we should ask them if they are honest?” Sharon suggests it is
probably more useful to ask others, and the key people to ask are
the existing auditors. Josh is still skeptical. “The existing auditors
are Ellis & Associates. Are they going to help us take one of their
clients from them?” Sharon says the client must give permission
fi rst, and, if that is given, the existing auditor will usually state
whether or not there were any issues that the new auditor should
be aware of before accepting the work. This type of communica-
tion is covered by AS 2610 (AU-C 210 for private company clients)
and is part of professional ethics. Sharon also gives Josh the task
of researching Cloud 9’s press coverage, with special focus on any-
thing that may indicate poor management integrity.
Sharon emphasizes they must perform and document proce-
dures to determine whether W&S Partners is competent to per-
form the engagement and has the capabilities, time, and resources
to do so. For example, they must make sure they have audit team
members who understand the clothing and footwear business.
They also must have enough staff to complete the audit on time.
In addition, Sharon and Josh must perform and document
procedures to show that W&S Partners can comply with all parts
of the code of professional conduct, not just those that focus on
independence threats and safeguards. Finally, they can draft the
engagement letter to cover the contractual relationship between
W&S Partners and Cloud 9.
Auditing and Assurance Standards
PCAOB
AS 1015 Due Professional Care in the Performance of Work
AS 1101 Audit Risk
AS 1301 Communications with Audit Committees
AS 2101 Audit Planning
AS 2105 Consideration of Materiality in Planning and
Performing an Audit
AS 2110 Identifying and Assessing Risk of Material
Misstatement
AS 2301 The Auditor’s Responses to the Risks of
Material Misstatement
AS 2401 Consideration of Fraud in a Financial
Statement Audit
AS 2610 Initial Audits—Communication Between
Predecessor and Successor Auditors
AUDITING STANDARDS BOARD
AU-C 200 Overall Objectives of the Independent
Auditor and the Conduct of an Audit in Accordance With
Generally Accepted Auditing Standards
AU-C 210 Terms of Engagement
AU-C 240 Consideration of Fraud in a Financial
Statement Audit
AU-C 300 Planning an Audit
AU-C 315 Understanding the Entity and Its Environment
and Assessing the Risks of Material Misstatement
AU-C 320 Materiality in Planning and Performing an
Audit
AU-C 330 Performing Audit Procedures in Response to
Assessed Risks and Evaluating Audit Evidence Obtained
QC10 A Firm’s System of Quality Control
Learning Objectives
LO 1 Evaluate client acceptance and continuance
decisions.
LO 2 Identify the diff erent phases of an audit.
LO 3 Explain and apply the concept of materiality.
LO 4 Explain professional skepticism and apply the
audit risk model.
LO 5 Explain how auditors determine their audit
strategy and how audit strategy aff ects audit decisions.
LO 6 Explain the fraud risk assessment process and
analyze fraud risk.
c03RiskAssessmentPartI.indd Page 3-2 24/01/19 9:35 PM F-0590 /208/WB02435/9781119401810/ch03/text_s
Auditing and Assurance
Standards
Relevant AICPA and PCAOB Auditing and
Assurance Standards are listed at the be-
ginning of each chapter and highlighted
throughout the discussion.
Johnson_FM.indd 8 8/24/21 9:42 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
HALLMARK FEATURES ix
Flowcharts and Graphs
Detailed flowcharts and graphs help students visualize important processes.
2-8 Chapter 2 p rofessionalism and professional responsibilities
Step 1: Identify Threats CPAs interact with clients in a number of circumstances. CPAs
need to be alert to a possible relationship or situation that might cause a threat to their com-
pliance with ethical rules. The following is a discussion of seven common threats that CPAs in
public practice should be alert to, irrespective of the services the CPA is engaged to perform.
• Adverse interest threat. An adverse interest threat is the threat that a CPA will not
act with objectivity because the CPA’s interests are opposed to the client’s interests. For
example, an adverse interest threat exists if a client has expressed an intention to begin
litigation against the CPA regarding the quality of tax work previously performed.
• Advocacy threat. An advocacy threat is the threat that a CPA will promote a client’s inter-
ests or position to the point that his or her objectivity or independence is compromised. For
example, an advocacy threat exists if the CPA provides expert witness services to a client in
litigation or in a dispute with a customer regarding a licensing arrangement. Once the CPA is
advocating for a client, the CPA is no longer objective. An advocacy threat would also exist if
a firm acts as an investment adviser to an officer or director of a client.
• Familiarity threat. A familiarity threat is the threat that, due to a long or close rela-
tionship with a client, a CPA will become too sympathetic to the client’s interests or too
accepting of the client’s work or product. For example, a familiarity threat would exist if
a CPA’s immediate family member were employed by the client in a key position (such
as the CFO). A familiarity threat would also exist if a former partner or professional
employee of an audit firm joined the client as its CFO and had knowledge of the firm’s
policies and practices for the audit engagement.
• Management participation threat. A management participation threat is the
threat that a CPA will take on the role of client management or otherwise assume man-
agement responsibilities. For example, a CPA may have a small business client, and the
owner asks the CPA’s firm to do various bookkeeping services for the client. Providing
bookkeeping services may cause the CPA to make various management decisions, which
is a threat to the firm’s objectivity and independence. This may also put an accounting
firm in a position of auditing its own work.
• Self-interest threat. A self-interest threat is the threat that a CPA could benefit,
financially or otherwise, from an interest in, or relationship with, a client or persons asso-
ciated with the client. For example, a self-interest threat exists when a CPA has a financial
adverse interest threat the
threat that a CPA will not act
with objectivity because the
CPA’s interests are opposed to the
client’s interests
advocacy threat the threat that
a CPA will promote a client’s
interests or position to the point
that his or her objectivity or
independence is compromised
familiarity threat the threat
that, due to a long or close
relationship with a client, a CPA
will become too sympathetic
to the client’s interests or too
accepting of the client’s work or
product
management participation
threat the threat that a CPA
will take on the role of client
management or otherwise assume
management responsibilities
self-interest threat the threat
that a CPA could benefit, financially
or otherwise, from an interest in,
or a relationship with, a client or
persons associated with the client
Decline or
terminate
engagement
Threats
identified
Step 3
Identify
and apply
safeguards
Threats
significant
No
Yes
Proceed
with
engagement
Threats not
significant
No threats
identified
Are threats
at an acceptable
level?
Step 4
Evaluate the
efectiveness
of safeguards
Step 2
Evaluate
significance
of threats
Step 1
Identify
threats
Step 5
Document
threats and
safeguards
applied
ILLUSTRATION 2.2
Conceptual framework
flowchart
c02ProfessionalismAndProfessionalResponsibilities.indd 8 7/23/21 8:43 AM
3-18ChApteR 3 Risk Assessment part I: Audit Risk and Audit Strategy
• Significant subjectivity in measurement of financial information.
• Significant unusual transactions.
As part of risk assessment, auditors will document the identified inherent risks for the client,
including documenting which risks are considered significant. Knowing where the risks are
greatest assists the auditor in planning the best procedures for the audit.
Control RiskAfter assessing IR, the second step is to gain an understanding of the cli-
ent’s system of internal controls. The client should have controls in place to minimize the
risk of material misstatement caused by inherent risks. The auditors gain an understand-
ing of internal controls for the purpose of assessing control risk. Control risk (CR) is the
risk that a client’s internal controls will not prevent or detect a material misstatement on
a timely basis.
Illustration 3.7 shows inherent and control risks for a jewelry store. An inherent risk
for jewelry inventory is that it is susceptible to theft from both customers and employees. If
jewelry is stolen without the client knowing, the inventory account will be overstated because
stolen goods would remain recorded in the client’s records. The client knows that jewelry is
susceptible to theft; therefore, the client has put controls in place to minimize the risk of theft.
The control risk for this client would be the risk of one or more of these controls failing and
jewelry stolen without client management knowing.
control risk (CR) the risk that
a client’s system of internal con-
trols will not prevent or detect a
material misstatement on a
timely basis
Inherent Risk
3-1-8Contrl-r RContinisik-I tL8-n Rn U-STnArl-r RConOkkRsr n
1t88nL-nRl-Ci O -Nnt.nk8t-r ntinsrO1OC-nR.n U-n U-ST
Control Risk
p(ikn(oRru)krliruoEI rliIo)x rR I)nlktrIEe nERrEixrErR I)nlktrf)Enx7
hlRdr(mr(i r(nre(n r(mrk3 rI(ikn(oRrmElolifrEixrlis ik(nt
a lifrRk(o irClk3()krk3 rIol ikrdi(Clif7
ILLUSTRATION 3.7
Example of inherent and control risks
Note that IR and CR are the client’s risks and exist separately from the audit of the
financial statements. In other words, the auditors have no control over a client’s inherent
and control risks. Inherent risk is driven by industry, economic, and client factors that
are out of the control of the auditor. Control risk is impacted by the client’s design and
implementation of internal controls, which are also out of the auditor’s control. These two
risks combine to form the RMM.
c03RiskAssessmentPartI.indd 18 8/19/21 1:41 PM
The Professional Environment
Professional Environment features provide in-depth discussions
of how concepts in a chapter are applied in the business world.
5-20 CHAPTER 5 A udit Evidence
Using the Work of Internal Auditors
The role of the internal audit function was introduced in Chapter 1. Internal auditors are
employees of the client who perform assurance and consulting activities designed to evaluate
and improve the eff ectiveness of the entity’s governance, risk management, and internal con-
trol processes. Not every client will have an internal audit function. For example, small and
medium-sized companies, especially private companies, may not have the resources to staff
an internal audit function. But if the client does have an internal audit function, what role,
if any, do the internal auditors play in the fi nancial statement audit? According to AU-C 610 internal auditors employees
of the client who perform assur-
ance and consulting activities
designed to evaluate and improve
the eff ectiveness of the entity’s
governance, risk management,
and internal control processes
Cloud 9 - Continuing Case
Josh will take responsibility for obtaining a specialist’s opinion on
the derivatives. He knows that W&S Partners has other staff (who
are not part of the audit team) who can provide additional expertise.
However, because he believes the accounts are so material to the
audit and derivatives have become such a big issue in audits in recent
years, he deems an external specialist’s opinion is also required. He
has some experience of using a derivatives specialist on prior audits,
and he also plans to ask Jo Wadley (the partner) to recommend a
suitable specialist.
Josh plans to investigate any possible connections between
the specialist and Cloud 9 that could adversely impact the special-
ist’s objectivity before engaging him for this audit.
Professional Environment Working with IT Auditors
Specialist IT auditors are often used in audits of clients with com-
plex information technology (IT) environments because the eff ec-
tive audit of the IT systems contributes to overall audit quality.
Large audit fi rms usually have such specialists within the fi rm, but
smaller audit fi rms could engage external IT consultants for this
part of the fi nancial statement audit. In general, reliance on an
IT specialist is appropriate when the fi nancial statement auditor
complies with the conditions of AU-C 620.
If the IT expert and the fi nancial statement auditor do not
work well together, audit quality can be impaired. For this rea-
son, researchers have investigated the factors that aff ect the way
that fi nancial statement auditors work with specialist IT auditors.
Brazel
12
reviewed this research evidence and drew the following
conclusions. First, responses from fi nancial statement auditors in
the United States who were surveyed about their experiences with
IT auditors indicated that they believe IT auditors’ competence
levels vary in practice. Financial statement auditors also said that
IT auditors appear to be overconfi dent in their abilities in some
settings, and questioned the value provided by IT auditors to the
fi nancial statement audit.
Second, Brazel suggests the research shows that both fi nan-
cial statement auditors’ IT ability and experience and the IT audi-
tor’s competence aff ect how these two professions interact on an
audit engagement. This indicates that audit fi rms need to ensure
that staff training and scheduling produce appropriate combi-
nations of fi nancial statement auditors and IT auditors on an
engagement.
Finally, Brazel argues that the research fi ndings demon-
strated that auditors need to consider the implications of fi nding
a balance between greater software-assisted audit techniques
training for financial statement auditors and greater use of IT
specialists for overall audit effi ciency and eff ectiveness.
The role of IT audit specialists could grow to become even
more than a support function for auditors. Some researchers
suggest that in e-businesses, the external fi nancial statement
auditor’s authority will be challenged by IT audit specialists be-
cause of technological change and its impact on auditing.
13
In
e-businesses, economic transactions are captured, measured,
and reported on a real-time basis without either internal human
intervention or paper documentation.
14
Auditing is likely to be-
come more real-time and continuous to refl ect the pattern of the
transactions. If traditional auditors are unwilling or unable to
adapt to the new environment, their role could be taken over by
IT specialists.
Other developments such as reporting using XBRL (eXten-
sible Business Reporting Language) provide challenges for au-
ditors as they have to adapt their techniques and approaches to
audit fi nancial information that is disaggregated and tagged. Us-
ers can extract and analyze XBRL data directly without re-entry
and the tag provides additional information about the calculation
and source of the data. This means auditors have to recognize that
their clients are reporting fi nancial data with diff erent levels of
information and users might have greater expectations of the data.
Learn more about XBRL at www.xbrl.org.
12
J. F. Brazel. “How do fi nancial statement auditors and IT auditors work together?” The CPA Journal,
November, 2008, pages 38–41.
13
A. Kotb, C. Roberts, & S. Sian. “E-business Audit: Advisory Jurisdiction or Occupational Invasion?” Critical
Perspectives on Accounting 23, no. 6 (2012), pages 468–82.
14
Kotb et al., 2012.
c05AuditEvidence.indd Page 5-20 1/15/19 9:44 PM f-1241 /208/WB02435/9781119401810/ch05/text_s
Audit Decision-Making
Framework
Each chapter concludes with an Audit
Decision-Making Example that takes stu-
dents through specific steps of the audit
process while offering solutions to issues
presented throughout the example.
Obtain Company Background Information and Dat
a
You have been assigned to the audit of inventory for a private company that owns and operates a chain
of retail jewelers. The company’s sales revenue has grown by 300% in the last two years, primarily
by acquisitions. Seventy-eight percent of the value of the company’s inventory is in wedding rings,
diamonds, gold necklaces, and high-end watches. Because the company has grown through acqui-
sition, the company has not yet brought two acquired companies (representing 35% of sales) under
the company’s inventory system. As a result, the company is currently operating with three different
inventory-control systems. The core inventory system being used by the retail stores represents 65%
of sales. Sixty percent of inventory was tested in the prior year and controls over the existence of
inventory were effective.
The CFO’s top priority is to put all retail operations under this one inventory-control system by the
end of the fiscal year (January 31). He is particularly concerned about lower-than-expected gross margins
at some of the acquired stores, and he expects that better inventory control will improve this situation. In
addition, gold prices have risen 15% in the last 12 months, and the company is making sure it is not selling
“conflict diamonds” illegally traded to fund conflict in war-torn areas of Africa. Your responsibility is to
develop an audit strategy for testing the existence of inventory.
?What Is the Audit Problem You Are Trying to Solve?
The focus of attention in this instance is to develop an audit strategy for testing the existence of inventory.
The auditor may develop a different audit strategy for testing the valuation of that inventory.
Gather Information and Evidence
Important information includes:
• A significant portion of the inventory is high in value, small in size, and susceptible to theft.
• Although internal controls may be strong overall, there is risk they may not be operating effectively and uniformly in some locations.
• The weak gross margins in some stores may be evidence of inventory shrinkage or theft.
• Fraud risk may be high in some locations due to the opportunity offered by weak internal
controls.
• The auditor needs to determine how internal controls affect audit strategy and whether the auditor
wants one audit strategy for part of the inventory and another audit strategy for another part of the
inventory.
Perform the Analysis and Evaluate the Results
Analysis of risk:
• Inherent risk factors include valuable inventory that is subject to theft and misappropriation.
• Internal controls are not uniform. Based on the prior year’s evidence and a preliminary understand-
ing of the system in the current year, strong internal controls appear to operate over only 60% of
the inventory.
• It may be more efficient to physically inspect inventory as of one date and use one audit strategy for
all inventory testing.
• Fraud risk is considered to be high at locations where inventory controls are not strong.
!
Draw an Audit Conclusion
• Inherent risk is set at the maximum because inventory is high in value and susceptible to theft and misappropriation.
• Control risk is set at high, as 40% of inventory may not have sufficient internal controls.
• Fraud risk is considered high due to the opportunity offered by weak internal controls.
• These risk settings result in setting detection risk at low.
• Low detection risk impacts the nature, timing, and extent of substantive procedures. For exam-
ple, the auditor will plan testing of the physical existence of inventory at year-end, select a larger
number of locations to visit, and vary the extent of inventory testing at each location depending on
internal controls over the counting of inventory at each location.
Audit Decision-Making Example
Audit Decision-Making example 3-35
c03RiskAssessmentPartI.indd 35 7/23/21 8:20 AM
Real-World Illustrations
Many illustrations, such as working
papers and confirmations, present
documents that students will en-
counter in a real-world audit.
5-32 Chapter 5 a udit evidence
The trial balance is then referenced into the appropriate lead and supporting schedules where
audit work is documented for each account in the trial balance. At Bell & Bowerman, LLP,
the trial balance is referenced using the letter “A”; cash and cash equivalents in various banks
are referenced into the C Lead; accounts receivable are referenced into the E Lead; inventory
accounts are referenced into the F Lead; property, plant and equipment are referenced into
the K Lead; and so on.
The first working paper example is the cash and cash equivalents lead schedule
in Illustration 5.15. The purpose of this lead is to summarize all general ledger accounts that
are combined into the cash and cash equivalents account on the financial statements. The
lead schedule also has adjusting journal entries, if any, that are proposed by the auditor. In the
top-left corner of the lead schedule are the client name, period-end, and currency unit (in this
example, balances are rounded to the nearest thousand dollars). In the top center of the lead
schedule is section identification (C). In the top-right corner, details of the working paper pre-
parer and reviewers are documented. Next, details of the cash and cash equivalents balance
are listed. For each item listed in the lead schedule, the following are noted.
• General ledger account number, per the client records.
• General ledger account name, per the client records.
• Preadjusted balance, any adjustments, and the audit-adjusted current-year balance per
the client’s trial balance (TB).
• The prior-year balance, per the prior-year audit file (PY).
• Variance and percentage change, the calculated difference between the prior-year and
current-year balances.
• The cross-reference to the working paper where supporting documentary evidence is
kept for each balance (e.g., C02).
The final section of the lead working paper includes any relevant background information
about the account and comments based upon completed testing.
ILLUSTRATION 5.15 Working paper example: Cash lead schedule
Bell & Bowerman, LLPClient: New Millennium Ecoproducts
Period-end: 12/ 31/2025
Currency un it: $000
C–LEAD
Reference: C-Lead
Prepared by: KM 1/21/2026
Reviewed by: SO 1/22/2026
Reviewed by: MM 1/24/2026
Lead schedule:
Account
no. Account name
Pre-
adjusted
balance
12/31/2025 Adjustments
Adjusted
current-y ear
balance
12/31/2025
Prior-year
balance
12/31/2024 Variance Ref
Cash in Bank: We lls Fargo $ 11,000 $0 $ 11,000 TB PY 5% C01
Cash in Bank: U.S. Bank 134 0 134 TB PY 0% C02
Cash in Bank: Barclays 126 0 126 TB PY 0% C03
Cash in Bank: C itigroup 56 0 56TB PY 12% C0410400
10500
10100
10200
10300
Short -Term Deposits 5,796 0 5,796 TB PY 4% C05
Total Cash and Cash
Equivalents
$17,112 $0 $17,112
$ 10,500
134
126
50
5,600
$16,410
$500
0
0
6
196
$702 4%
Key to audit tick marks (TM):
TB Agrees to client’s trial balance.
PY Agrees to prior-year audit file.
Background: No si gnificant changes in banks or bank accounts from the prior period. Note: Analytical review on movements in the cash flows has
been performed on the cas h flow schedul e — see A1.1.
Comments: Cash and cash equivalents: In line with budget and c hange c onsistent with level o f activity for the period (see also our review of the
statement of cash flows referenced in A1.1). Short-term deposits : Although the balance is very consistent with previous period, inclusion of
short-term deposits within cash and cash equivalents is accept able (refer to C5).
%
Variance
c05AuditEvidence.indd 32 7/23/21 8:20 AM
Real-World Examples
Audit Reasoning Examples apply chapter
concepts in brief real-world scenarios that
students might encounter in a professional
environment. They also provide real-world
company examples of chapter concepts.
Professional Skepticism and Audit Risk 3-15
Professional Skepticism
Auditors have a responsibility to plan and perform an audit with professional skepticism.
Professional skepticism is an attitude adopted by auditors when conducting all phases of the
audit. It means that auditors remain independent of the entity, its management, and its staff
when completing the audit work. In a practical sense, professional skepticism means au-
ditors maintain a questioning mind and thoroughly investigate all evidence presented by the
client (AS 1015.07). For example, AU-C 200.A22 states auditors should be skeptical if any of
the following arise during the audit:
• Audit evidence recently gathered that is contradictory to other evidence previously gathered.
• New information that brings into question the reliability of client documents or responses
to auditor inquiries.
• Conditions that may provide evidence of possible fraud.
• Situations that indicate the need for additional audit procedures beyond what is required
by generally accepted auditing standards.
Does maintaining professional skepticism mean auditors should assume client manage-
ment is being dishonest? The answer is no. Auditors should not assume management is dis-
honest, but at the same time, auditors should not assume management is always honest or
correct. Using professional skepticism means that even if auditors believe management and
those charged with governance are being honest, they should gather reliable evidence to sup-
port management’s responses to auditor inquiries and to support amounts and disclosures
in the fi nancial statements. Throughout all phases of the audit, auditors should keep these
questions in mind when gathering audit evidence: Is this information reliable? Do we need to
perform more audit procedures? When auditors exercise professional skepticism during the
risk assessment phase, it helps to ensure they are using appropriate assumptions when devel-
oping their audit strategy that will be used in the risk response phase. In the reporting phase,
auditors use professional skepticism when evaluating the evidence gathered and forming an
opinion that the fi nancial statements are presented fairly.
professional skepticism an
attitude that includes a question-
ing mind, being alert to condi-
tions that may indicate possible
misstatement due to fraud or
error, and a critical assessment of
audit evidence
Audit Reasoning Ex ample Professional Skepticism
An auditor was auditing a recreational vehicle (RV) dealership. The auditor had obtained some
initial fi nancial information from the client showing unaudited results for the end of the third
quarter. Sales were up and profi t margins were up, making it the best year so far for the client.
Interim records showed that inventory was also up, and the client’s inventory records showed over
300 RVs on hand at the end of the third quarter. The audit senior went to talk to the audit man-
ager about the good news and the client’s performance. The audit manager asked the senior a key
question. “You did the inventory observation last year. How many RVs did the client have then?”
“I think it was about 210,” the senior replied. Then the audit manager asked, “How full was the lot
last year?” The senior replied that it was “almost overfl owing” the year before. The manager then
said, “Let’s look at this more skeptically. I don’t think they have storage capacity for another 90
RVs even though sales are up. There could be an error in the inventory records. This information
makes me believe that the existence of inventory is a very high inherent risk.”
Audit Risk
Audit risk is the risk that an auditor expresses an inappropriate audit opinion when fi nancial
statements are materially misstated (AU-C 200 Overall Objectives of the Independent Auditor
and the Conduct of an Audit in Accordance With Generally Accepted Auditing Standards and
AS 1101 Audit Risk). This means the audit report states the fi nancial statements are presented
fairly, in all material respects, when in actuality the fi nancial statements contain a material
error or fraud. While it is impossible to eliminate audit risk, auditors aim to reduce it to an
c03RiskAssessmentPartI.indd Page 3-15 24/01/19 9:35 PM F-0590 /208/WB02435/9781119401810/ch03/text_s
3-28 CHAPTER 3 Risk Assessment Part I
• Ongoing losses.
• Rapid growth.
• Poor cash fl ows combined with high earnings.
• Pressure to meet market expectations and profi t targets.
• Planning to list on a stock exchange.
• Planning to raise debt or renegotiate a loan.
• The client being about to enter into a signifi cant new contract.
• A signifi cant proportion of remuneration tied to earnings (that is, bonuses or stock options).
Audit Reasoning Ex ample Fraud at Toshiba: Part I
You may be familiar with Toshiba Corporation, a publicly traded Japanese company headquar-
tered in Tokyo that makes consumer electronics, household electronics, offi ce equipment, and more. In July 2015, the CEO of Toshiba announced he was resigning amid an accounting scandal
in which profi ts had been overstated for the past seven years by approximately $1.9 billion (224.8
billion yen). What incentives and pressures were involved that led to the fraud? The technology
industry is extremely competitive and Toshiba’s upper management set aggressive profi t targets.
The home electronics and appliances division was showing losses and the memory chip division
was feeling pressure because of decreasing demand from Chinese electronics companies.
6
As an
example, in September 2012, the head of the digital products and service division was told by the
CEO to improve a 24.8 billion yen loss into a 12 billion yen profi t in just three days!
7
Think about
how the external auditor would learn about the incentives given to lower-level management. How
might an internal auditor learn about these incentives? Opportunities to Perpetrate a Fraud
After identifying one or more incentives or pressures to commit a fraud, auditors assess
whether a client’s employees have an opportunity to perpetrate a fraud. Auditors utilize their
knowledge of how other frauds have been perpetrated to assess whether the same opportuni-
ties exist at the client. While the examples below of opportunities to commit a fraud suggest
a fraud may have been committed, their existence does not mean a fraud has defi nitely oc-
curred. Auditors must use professional judgment to assess each opportunity in the context of
other risk indicators and consider available evidence thoroughly.
Examples of opportunities that increase the risk that a fraud may have been perpetrated
include:
• Accounts that rely on estimates and judgment (discussed further in Chapter 9).
• A high volume of transactions close to year-end.
• Signifi cant adjusting entries and reversals after year-end.
• Signifi cant related-party transactions (discussed further in Chapter 4).
• Poor corporate governance mechanisms.
• Poor system of internal control (discussed further in Chapters 6 and 8).
• A high turnover of staff with accounting or internal control responsibilities.
6
E. Pfanner and M. Fujikawa, M. “Toshiba Slashes Earnings for Past Seven Years,” The Wall Street Journal,
September 7, 2015. https://www.wsj.com/articles/toshiba-slashes-earnings-for-past-7-years-1441589473
7
K. Nagata. “Pressure to show a profi t led to Toshiba’s accounting scandal,” The Japan Times, September 18,
2015. http://www.japantimes.co.jp/news/2015/09/18/business/corporate-business/pressure-to-show-a-profi t-
led-to-toshibas-accounting-scandal/#.WNJjNmQrLjA
c03RiskAssessmentPartI.indd Page 3-28 24/01/19 9:35 PM F-0590 /208/WB02435/9781119401810/ch03/text_s
Conceptual Illustrations
NEW situational art helps students
conceptualize auditing concepts.
Johnson_FM.indd 9 8/24/21 9:42 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Flowcharts and Graphs
Detailed flowcharts and graphs help students visualize important processes.
2-8 Chapter 2 p rofessionalism and professional responsibilities
Step 1: Identify Threats CPAs interact with clients in a number of circumstances. CPAs
need to be alert to a possible relationship or situation that might cause a threat to their com-
pliance with ethical rules. The following is a discussion of seven common threats that CPAs in
public practice should be alert to, irrespective of the services the CPA is engaged to perform.
• Adverse interest threat. An adverse interest threat is the threat that a CPA will not
act with objectivity because the CPA’s interests are opposed to the client’s interests. For
example, an adverse interest threat exists if a client has expressed an intention to begin
litigation against the CPA regarding the quality of tax work previously performed.
• Advocacy threat. An advocacy threat is the threat that a CPA will promote a client’s inter-
ests or position to the point that his or her objectivity or independence is compromised. For
example, an advocacy threat exists if the CPA provides expert witness services to a client in
litigation or in a dispute with a customer regarding a licensing arrangement. Once the CPA is
advocating for a client, the CPA is no longer objective. An advocacy threat would also exist if
a firm acts as an investment adviser to an officer or director of a client.
• Familiarity threat. A familiarity threat is the threat that, due to a long or close rela-
tionship with a client, a CPA will become too sympathetic to the client’s interests or too
accepting of the client’s work or product. For example, a familiarity threat would exist if
a CPA’s immediate family member were employed by the client in a key position (such
as the CFO). A familiarity threat would also exist if a former partner or professional
employee of an audit firm joined the client as its CFO and had knowledge of the firm’s
policies and practices for the audit engagement.
• Management participation threat. A management participation threat is the
threat that a CPA will take on the role of client management or otherwise assume man-
agement responsibilities. For example, a CPA may have a small business client, and the
owner asks the CPA’s firm to do various bookkeeping services for the client. Providing
bookkeeping services may cause the CPA to make various management decisions, which
is a threat to the firm’s objectivity and independence. This may also put an accounting
firm in a position of auditing its own work.
• Self-interest threat. A self-interest threat is the threat that a CPA could benefit,
financially or otherwise, from an interest in, or relationship with, a client or persons asso-
ciated with the client. For example, a self-interest threat exists when a CPA has a financial
adverse interest threat the
threat that a CPA will not act
with objectivity because the
CPA’s interests are opposed to the
client’s interests
advocacy threat the threat that
a CPA will promote a client’s
interests or position to the point
that his or her objectivity or
independence is compromised
familiarity threat the threat
that, due to a long or close
relationship with a client, a CPA
will become too sympathetic
to the client’s interests or too
accepting of the client’s work or
product
management participation
threat the threat that a CPA
will take on the role of client
management or otherwise assume
management responsibilities
self-interest threat the threat
that a CPA could benefit, financially
or otherwise, from an interest in,
or a relationship with, a client or
persons associated with the client
Decline or
terminate
engagement
Threats
identified
Step 3
Identify
and apply
safeguards
Threats
significant
No
Yes
Proceed
with
engagement
Threats not
significant
No threats
identified
Are threats
at an acceptable
level?
Step 4
Evaluate the
efectiveness
of safeguards
Step 2
Evaluate
significance
of threats
Step 1
Identify
threats
Step 5
Document
threats and
safeguards
applied
ILLUSTRATION 2.2
Conceptual framework
flowchart
c02ProfessionalismAndProfessionalResponsibilities.indd 8 7/23/21 8:43 AM
3-18ChApteR 3 Risk Assessment part I: Audit Risk and Audit Strategy
• Significant subjectivity in measurement of financial information.
• Significant unusual transactions.
As part of risk assessment, auditors will document the identified inherent risks for the client,
including documenting which risks are considered significant. Knowing where the risks are
greatest assists the auditor in planning the best procedures for the audit.
Control RiskAfter assessing IR, the second step is to gain an understanding of the cli-
ent’s system of internal controls. The client should have controls in place to minimize the
risk of material misstatement caused by inherent risks. The auditors gain an understand-
ing of internal controls for the purpose of assessing control risk. Control risk (CR) is the
risk that a client’s internal controls will not prevent or detect a material misstatement on
a timely basis.
Illustration 3.7 shows inherent and control risks for a jewelry store. An inherent risk
for jewelry inventory is that it is susceptible to theft from both customers and employees. If
jewelry is stolen without the client knowing, the inventory account will be overstated because
stolen goods would remain recorded in the client’s records. The client knows that jewelry is
susceptible to theft; therefore, the client has put controls in place to minimize the risk of theft.
The control risk for this client would be the risk of one or more of these controls failing and
jewelry stolen without client management knowing.
control risk (CR) the risk that
a client’s system of internal con-
trols will not prevent or detect a
material misstatement on a
timely basis
Inherent Risk
3-1-8Contrl-r RContinisik-I tL8-n Rn U-STnArl-r RConOkkRsr n
1t88nL-nRl-Ci O -Nnt.nk8t-r ntinsrO1OC-nR.n U-n U-ST
Control Risk
p(ikn(oRru)krliruoEI rliIo)x rR I)nlktrIEe nERrEixrErR I)nlktrf)Enx7
hlRdr(mr(i r(nre(n r(mrk3 rI(ikn(oRrmElolifrEixrlis ik(nt
a lifrRk(o irClk3()krk3 rIol ikrdi(Clif7
ILLUSTRATION 3.7
Example of inherent and control risks
Note that IR and CR are the client’s risks and exist separately from the audit of the
financial statements. In other words, the auditors have no control over a client’s inherent
and control risks. Inherent risk is driven by industry, economic, and client factors that
are out of the control of the auditor. Control risk is impacted by the client’s design and
implementation of internal controls, which are also out of the auditor’s control. These two
risks combine to form the RMM.
c03RiskAssessmentPartI.indd 18 8/19/21 1:41 PM
The Professional Environment
Professional Environment features provide in-depth discussions
of how concepts in a chapter are applied in the business world.
5-20 CHAPTER 5 A udit Evidence
Using the Work of Internal Auditors
The role of the internal audit function was introduced in Chapter 1. Internal auditors are
employees of the client who perform assurance and consulting activities designed to evaluate
and improve the eff ectiveness of the entity’s governance, risk management, and internal con-
trol processes. Not every client will have an internal audit function. For example, small and
medium-sized companies, especially private companies, may not have the resources to staff
an internal audit function. But if the client does have an internal audit function, what role,
if any, do the internal auditors play in the fi nancial statement audit? According to AU-C 610 internal auditors employees
of the client who perform assur-
ance and consulting activities
designed to evaluate and improve
the eff ectiveness of the entity’s
governance, risk management,
and internal control processes
Cloud 9 - Continuing Case
Josh will take responsibility for obtaining a specialist’s opinion on
the derivatives. He knows that W&S Partners has other staff (who
are not part of the audit team) who can provide additional expertise.
However, because he believes the accounts are so material to the
audit and derivatives have become such a big issue in audits in recent
years, he deems an external specialist’s opinion is also required. He
has some experience of using a derivatives specialist on prior audits,
and he also plans to ask Jo Wadley (the partner) to recommend a
suitable specialist.
Josh plans to investigate any possible connections between
the specialist and Cloud 9 that could adversely impact the special-
ist’s objectivity before engaging him for this audit.
Professional Environment Working with IT Auditors
Specialist IT auditors are often used in audits of clients with com-
plex information technology (IT) environments because the eff ec-
tive audit of the IT systems contributes to overall audit quality.
Large audit fi rms usually have such specialists within the fi rm, but
smaller audit fi rms could engage external IT consultants for this
part of the fi nancial statement audit. In general, reliance on an
IT specialist is appropriate when the fi nancial statement auditor
complies with the conditions of AU-C 620.
If the IT expert and the fi nancial statement auditor do not
work well together, audit quality can be impaired. For this rea-
son, researchers have investigated the factors that aff ect the way
that fi nancial statement auditors work with specialist IT auditors.
Brazel
12
reviewed this research evidence and drew the following
conclusions. First, responses from fi nancial statement auditors in
the United States who were surveyed about their experiences with
IT auditors indicated that they believe IT auditors’ competence
levels vary in practice. Financial statement auditors also said that
IT auditors appear to be overconfi dent in their abilities in some
settings, and questioned the value provided by IT auditors to the
fi nancial statement audit.
Second, Brazel suggests the research shows that both fi nan-
cial statement auditors’ IT ability and experience and the IT audi-
tor’s competence aff ect how these two professions interact on an
audit engagement. This indicates that audit fi rms need to ensure
that staff training and scheduling produce appropriate combi-
nations of fi nancial statement auditors and IT auditors on an
engagement.
Finally, Brazel argues that the research fi ndings demon-
strated that auditors need to consider the implications of fi nding
a balance between greater software-assisted audit techniques
training for financial statement auditors and greater use of IT
specialists for overall audit effi ciency and eff ectiveness.
The role of IT audit specialists could grow to become even
more than a support function for auditors. Some researchers
suggest that in e-businesses, the external fi nancial statement
auditor’s authority will be challenged by IT audit specialists be-
cause of technological change and its impact on auditing.
13
In
e-businesses, economic transactions are captured, measured,
and reported on a real-time basis without either internal human
intervention or paper documentation.
14
Auditing is likely to be-
come more real-time and continuous to refl ect the pattern of the
transactions. If traditional auditors are unwilling or unable to
adapt to the new environment, their role could be taken over by
IT specialists.
Other developments such as reporting using XBRL (eXten-
sible Business Reporting Language) provide challenges for au-
ditors as they have to adapt their techniques and approaches to
audit fi nancial information that is disaggregated and tagged. Us-
ers can extract and analyze XBRL data directly without re-entry
and the tag provides additional information about the calculation
and source of the data. This means auditors have to recognize that
their clients are reporting fi nancial data with diff erent levels of
information and users might have greater expectations of the data.
Learn more about XBRL at www.xbrl.org.
12
J. F. Brazel. “How do fi nancial statement auditors and IT auditors work together?” The CPA Journal,
November, 2008, pages 38–41.
13
A. Kotb, C. Roberts, & S. Sian. “E-business Audit: Advisory Jurisdiction or Occupational Invasion?” Critical
Perspectives on Accounting 23, no. 6 (2012), pages 468–82.
14
Kotb et al., 2012.
c05AuditEvidence.indd Page 5-20 1/15/19 9:44 PM f-1241 /208/WB02435/9781119401810/ch05/text_s
Audit Decision-Making
Framework
Each chapter concludes with an Audit
Decision-Making Example that takes stu-
dents through specific steps of the audit
process while offering solutions to issues
presented throughout the example.
Obtain Company Background Information and Dat
a
You have been assigned to the audit of inventory for a private company that owns and operates a chain
of retail jewelers. The company’s sales revenue has grown by 300% in the last two years, primarily
by acquisitions. Seventy-eight percent of the value of the company’s inventory is in wedding rings,
diamonds, gold necklaces, and high-end watches. Because the company has grown through acqui-
sition, the company has not yet brought two acquired companies (representing 35% of sales) under
the company’s inventory system. As a result, the company is currently operating with three different
inventory-control systems. The core inventory system being used by the retail stores represents 65%
of sales. Sixty percent of inventory was tested in the prior year and controls over the existence of
inventory were effective.
The CFO’s top priority is to put all retail operations under this one inventory-control system by the
end of the fiscal year (January 31). He is particularly concerned about lower-than-expected gross margins
at some of the acquired stores, and he expects that better inventory control will improve this situation. In
addition, gold prices have risen 15% in the last 12 months, and the company is making sure it is not selling
“conflict diamonds” illegally traded to fund conflict in war-torn areas of Africa. Your responsibility is to
develop an audit strategy for testing the existence of inventory.
?What Is the Audit Problem You Are Trying to Solve?
The focus of attention in this instance is to develop an audit strategy for testing the existence of inventory.
The auditor may develop a different audit strategy for testing the valuation of that inventory.
Gather Information and Evidence
Important information includes:
• A significant portion of the inventory is high in value, small in size, and susceptible to theft.
• Although internal controls may be strong overall, there is risk they may not be operating effectively and uniformly in some locations.
• The weak gross margins in some stores may be evidence of inventory shrinkage or theft.
• Fraud risk may be high in some locations due to the opportunity offered by weak internal
controls.
• The auditor needs to determine how internal controls affect audit strategy and whether the auditor
wants one audit strategy for part of the inventory and another audit strategy for another part of the
inventory.
Perform the Analysis and Evaluate the Results
Analysis of risk:
• Inherent risk factors include valuable inventory that is subject to theft and misappropriation.
• Internal controls are not uniform. Based on the prior year’s evidence and a preliminary understand-
ing of the system in the current year, strong internal controls appear to operate over only 60% of
the inventory.
• It may be more efficient to physically inspect inventory as of one date and use one audit strategy for
all inventory testing.
• Fraud risk is considered to be high at locations where inventory controls are not strong.
!
Draw an Audit Conclusion
• Inherent risk is set at the maximum because inventory is high in value and susceptible to theft and misappropriation.
• Control risk is set at high, as 40% of inventory may not have sufficient internal controls.
• Fraud risk is considered high due to the opportunity offered by weak internal controls.
• These risk settings result in setting detection risk at low.
• Low detection risk impacts the nature, timing, and extent of substantive procedures. For exam-
ple, the auditor will plan testing of the physical existence of inventory at year-end, select a larger
number of locations to visit, and vary the extent of inventory testing at each location depending on
internal controls over the counting of inventory at each location.
Audit Decision-Making Example
Audit Decision-Making example 3-35
c03RiskAssessmentPartI.indd 35 7/23/21 8:20 AM
Real-World Illustrations
Many illustrations, such as working
papers and confirmations, present
documents that students will en-
counter in a real-world audit.
5-32 Chapter 5 a udit evidence
The trial balance is then referenced into the appropriate lead and supporting schedules where
audit work is documented for each account in the trial balance. At Bell & Bowerman, LLP,
the trial balance is referenced using the letter “A”; cash and cash equivalents in various banks
are referenced into the C Lead; accounts receivable are referenced into the E Lead; inventory
accounts are referenced into the F Lead; property, plant and equipment are referenced into
the K Lead; and so on.
The first working paper example is the cash and cash equivalents lead schedule
in Illustration 5.15. The purpose of this lead is to summarize all general ledger accounts that
are combined into the cash and cash equivalents account on the financial statements. The
lead schedule also has adjusting journal entries, if any, that are proposed by the auditor. In the
top-left corner of the lead schedule are the client name, period-end, and currency unit (in this
example, balances are rounded to the nearest thousand dollars). In the top center of the lead
schedule is section identification (C). In the top-right corner, details of the working paper pre-
parer and reviewers are documented. Next, details of the cash and cash equivalents balance
are listed. For each item listed in the lead schedule, the following are noted.
• General ledger account number, per the client records.
• General ledger account name, per the client records.
• Preadjusted balance, any adjustments, and the audit-adjusted current-year balance per
the client’s trial balance (TB).
• The prior-year balance, per the prior-year audit file (PY).
• Variance and percentage change, the calculated difference between the prior-year and
current-year balances.
• The cross-reference to the working paper where supporting documentary evidence is
kept for each balance (e.g., C02).
The final section of the lead working paper includes any relevant background information
about the account and comments based upon completed testing.
ILLUSTRATION 5.15 Working paper example: Cash lead schedule
Bell & Bowerman, LLPClient: New Millennium Ecoproducts
Period-end: 12/ 31/2025
Currency un it: $000
C–LEAD
Reference: C-Lead
Prepared by: KM 1/21/2026
Reviewed by: SO 1/22/2026
Reviewed by: MM 1/24/2026
Lead schedule:
Account
no. Account name
Pre-
adjusted
balance
12/31/2025 Adjustments
Adjusted
current-y ear
balance
12/31/2025
Prior-year
balance
12/31/2024 Variance Ref
Cash in Bank: We lls Fargo $ 11,000 $0 $ 11,000 TB PY 5% C01
Cash in Bank: U.S. Bank 134 0 134 TB PY 0% C02
Cash in Bank: Barclays 126 0 126 TB PY 0% C03
Cash in Bank: C itigroup 56 0 56TB PY 12% C0410400
10500
10100
10200
10300
Short -Term Deposits 5,796 0 5,796 TB PY 4% C05
Total Cash and Cash
Equivalents
$17,112 $0 $17,112
$ 10,500
134
126
50
5,600
$16,410
$500
0
0
6
196
$702 4%
Key to audit tick marks (TM):
TB Agrees to client’s trial balance.
PY Agrees to prior-year audit file.
Background: No si gnificant changes in banks or bank accounts from the prior period. Note: Analytical review on movements in the cash flows has
been performed on the cas h flow schedul e — see A1.1.
Comments: Cash and cash equivalents: In line with budget and c hange c onsistent with level o f activity for the period (see also our review of the
statement of cash flows referenced in A1.1). Short-term deposits : Although the balance is very consistent with previous period, inclusion of
short-term deposits within cash and cash equivalents is accept able (refer to C5).
%
Variance
c05AuditEvidence.indd 32 7/23/21 8:20 AM
Real-World Examples
Audit Reasoning Examples apply chapter
concepts in brief real-world scenarios that
students might encounter in a professional
environment. They also provide real-world
company examples of chapter concepts.
Professional Skepticism and Audit Risk 3-15
Professional Skepticism
Auditors have a responsibility to plan and perform an audit with professional skepticism.
Professional skepticism is an attitude adopted by auditors when conducting all phases of the
audit. It means that auditors remain independent of the entity, its management, and its staff
when completing the audit work. In a practical sense, professional skepticism means au-
ditors maintain a questioning mind and thoroughly investigate all evidence presented by the
client (AS 1015.07). For example, AU-C 200.A22 states auditors should be skeptical if any of
the following arise during the audit:
• Audit evidence recently gathered that is contradictory to other evidence previously gathered.
• New information that brings into question the reliability of client documents or responses
to auditor inquiries.
• Conditions that may provide evidence of possible fraud.
• Situations that indicate the need for additional audit procedures beyond what is required
by generally accepted auditing standards.
Does maintaining professional skepticism mean auditors should assume client manage-
ment is being dishonest? The answer is no. Auditors should not assume management is dis-
honest, but at the same time, auditors should not assume management is always honest or
correct. Using professional skepticism means that even if auditors believe management and
those charged with governance are being honest, they should gather reliable evidence to sup-
port management’s responses to auditor inquiries and to support amounts and disclosures
in the fi nancial statements. Throughout all phases of the audit, auditors should keep these
questions in mind when gathering audit evidence: Is this information reliable? Do we need to
perform more audit procedures? When auditors exercise professional skepticism during the
risk assessment phase, it helps to ensure they are using appropriate assumptions when devel-
oping their audit strategy that will be used in the risk response phase. In the reporting phase,
auditors use professional skepticism when evaluating the evidence gathered and forming an
opinion that the fi nancial statements are presented fairly.
professional skepticism an
attitude that includes a question-
ing mind, being alert to condi-
tions that may indicate possible
misstatement due to fraud or
error, and a critical assessment of
audit evidence
Audit Reasoning Ex ample Professional Skepticism
An auditor was auditing a recreational vehicle (RV) dealership. The auditor had obtained some
initial fi nancial information from the client showing unaudited results for the end of the third
quarter. Sales were up and profi t margins were up, making it the best year so far for the client.
Interim records showed that inventory was also up, and the client’s inventory records showed over
300 RVs on hand at the end of the third quarter. The audit senior went to talk to the audit man-
ager about the good news and the client’s performance. The audit manager asked the senior a key
question. “You did the inventory observation last year. How many RVs did the client have then?”
“I think it was about 210,” the senior replied. Then the audit manager asked, “How full was the lot
last year?” The senior replied that it was “almost overfl owing” the year before. The manager then
said, “Let’s look at this more skeptically. I don’t think they have storage capacity for another 90
RVs even though sales are up. There could be an error in the inventory records. This information
makes me believe that the existence of inventory is a very high inherent risk.”
Audit Risk
Audit risk is the risk that an auditor expresses an inappropriate audit opinion when fi nancial
statements are materially misstated (AU-C 200 Overall Objectives of the Independent Auditor
and the Conduct of an Audit in Accordance With Generally Accepted Auditing Standards and
AS 1101 Audit Risk). This means the audit report states the fi nancial statements are presented
fairly, in all material respects, when in actuality the fi nancial statements contain a material
error or fraud. While it is impossible to eliminate audit risk, auditors aim to reduce it to an
c03RiskAssessmentPartI.indd Page 3-15 24/01/19 9:35 PM F-0590 /208/WB02435/9781119401810/ch03/text_s
3-28 CHAPTER 3 Risk Assessment Part I
• Ongoing losses.
• Rapid growth.
• Poor cash fl ows combined with high earnings.
• Pressure to meet market expectations and profi t targets.
• Planning to list on a stock exchange.
• Planning to raise debt or renegotiate a loan.
• The client being about to enter into a signifi cant new contract.
• A signifi cant proportion of remuneration tied to earnings (that is, bonuses or stock options).
Audit Reasoning Ex ample Fraud at Toshiba: Part I
You may be familiar with Toshiba Corporation, a publicly traded Japanese company headquar-
tered in Tokyo that makes consumer electronics, household electronics, offi ce equipment, and more. In July 2015, the CEO of Toshiba announced he was resigning amid an accounting scandal
in which profi ts had been overstated for the past seven years by approximately $1.9 billion (224.8
billion yen). What incentives and pressures were involved that led to the fraud? The technology
industry is extremely competitive and Toshiba’s upper management set aggressive profi t targets.
The home electronics and appliances division was showing losses and the memory chip division
was feeling pressure because of decreasing demand from Chinese electronics companies.
6
As an
example, in September 2012, the head of the digital products and service division was told by the
CEO to improve a 24.8 billion yen loss into a 12 billion yen profi t in just three days!
7
Think about
how the external auditor would learn about the incentives given to lower-level management. How
might an internal auditor learn about these incentives? Opportunities to Perpetrate a Fraud
After identifying one or more incentives or pressures to commit a fraud, auditors assess
whether a client’s employees have an opportunity to perpetrate a fraud. Auditors utilize their
knowledge of how other frauds have been perpetrated to assess whether the same opportuni-
ties exist at the client. While the examples below of opportunities to commit a fraud suggest
a fraud may have been committed, their existence does not mean a fraud has defi nitely oc-
curred. Auditors must use professional judgment to assess each opportunity in the context of
other risk indicators and consider available evidence thoroughly.
Examples of opportunities that increase the risk that a fraud may have been perpetrated
include:
• Accounts that rely on estimates and judgment (discussed further in Chapter 9).
• A high volume of transactions close to year-end.
• Signifi cant adjusting entries and reversals after year-end.
• Signifi cant related-party transactions (discussed further in Chapter 4).
• Poor corporate governance mechanisms.
• Poor system of internal control (discussed further in Chapters 6 and 8).
• A high turnover of staff with accounting or internal control responsibilities.
6
E. Pfanner and M. Fujikawa, M. “Toshiba Slashes Earnings for Past Seven Years,” The Wall Street Journal,
September 7, 2015. https://www.wsj.com/articles/toshiba-slashes-earnings-for-past-7-years-1441589473
7
K. Nagata. “Pressure to show a profi t led to Toshiba’s accounting scandal,” The Japan Times, September 18,
2015. http://www.japantimes.co.jp/news/2015/09/18/business/corporate-business/pressure-to-show-a-profi t-
led-to-toshibas-accounting-scandal/#.WNJjNmQrLjA
c03RiskAssessmentPartI.indd Page 3-28 24/01/19 9:35 PM F-0590 /208/WB02435/9781119401810/ch03/text_s
Conceptual Illustrations
NEW situational art helps students
conceptualize auditing concepts.
Johnson_FM.indd 9 8/24/21 9:42 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
x
Engaging Students
The Auditing online homework system features a suite of teaching and learning resources
that were developed under close review of the authors. In the homework system, students can
access review content and practice assessment that will help them better understand course
material.
Student Practice
Each chapter includes practice questions for each learning objective that students can review to assess their understanding of chapter topics.
Data Visualization
Assignments—Tableau
and PowerBI
Tableau and NEW PowerBI visual-
izations accompanied by assessments
are available with most chapters.
IDEA Cases
Select chapters include IDEA cases and case video resources that allow students to use IDEA software to analyze data. An IDEA casebook and accompany- ing data sets, provided by Audimation Data Analytic Software and Services, is also available.
Alteryx
NEW Alteryx cases and supporting video
resources are available with some chapters.
Gradable Excel
Select chapters include gradable Excel questions that assess students’ understanding of Excel formulas.
Johnson_FM.indd 10 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Engaging Students
The Auditing online homework system features a suite of teaching and learning resources
that were developed under close review of the authors. In the homework system, students can
access review content and practice assessment that will help them better understand course
material.
Student Practice
Each chapter includes practice questions for each learning objective that students can review to assess their understanding of chapter topics.
Data Visualization
Assignments—Tableau
and PowerBI
Tableau and NEW PowerBI visual-
izations accompanied by assessments
are available with most chapters.
IDEA Cases
Select chapters include IDEA cases and case video resources that allow students to use IDEA software to analyze data. An IDEA casebook and accompany- ing data sets, provided by Audimation Data Analytic Software and Services, is also available.
Alteryx
NEW Alteryx cases and supporting video
resources are available with some chapters.
Gradable Excel
Select chapters include gradable Excel questions that assess students’ understanding of Excel formulas.
Johnson_FM.indd 10 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
ENGAGING STUDENTSxi
Relevant Accounting
Articles
Up-to-date accounting articles and videos
are posted to the Wiley accounting update
site,
www.wileyaccountingupdates.com.
Many of these updates address auditing-
related topics.
Adaptive Assignments
Adaptive Assignments ignite students’ con-
fidence to persist so that they can succeed in
their courses and beyond. By continuously
adapting to each student’s needs and providing
achievable goals with just-in-time instruction,
Adaptive Assignments close knowledge gaps
to accelerate learning.
Johnson_FM.indd 11 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Relevant Accounting
Articles
Up-to-date accounting articles and videos
are posted to the Wiley accounting update
site,
www.wileyaccountingupdates.com.
Many of these updates address auditing-
related topics.
Adaptive Assignments
Adaptive Assignments ignite students’ con-
fidence to persist so that they can succeed in
their courses and beyond. By continuously
adapting to each student’s needs and providing
achievable goals with just-in-time instruction,
Adaptive Assignments close knowledge gaps
to accelerate learning.
Johnson_FM.indd 11 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Preparing for the CPA Exam
For each chapter in the Auditing course, students can access CPAexcel videos, CPA Exam
Practice Questions in the Prometric
TM
Testing Interface, and Task-Based Simulations (TBSs),
which are the primary form of assessment used by the American Institute of Certified Public
Accountants (AICPA). These resources:
1. Reinforce understanding of course topics.
2. Demonstrate relevance to show students how the auditing content they are learning will be
assessed on the CPA exam.
3. Build student confidence with early exposure to CPA exam questions.
xii
CPA Exam Practice Questions in
the Prometric™ Testing Interface
Wiley partners with CPAexcel to provide CPA exam
practice questions for each chapter that recreate the
environment students will encounter on the CPA
exam.
Task-Based Simulation in the
Prometric™ Testing Interface
CPA simulations recreate the environment stu-
dents will see on the CPA exam.
CPA Exam Video Lessons
Each chapter includes CPA exam text discus- sions and videos that provide students with insight into auditing topics commonly ad- dressed on the CPA exams.
CPA Exam Assignment
Each chapter includes one CPA exam assign- ment that allows instructors to assign CPA multiple-choice questions. Student perfor- mance is tied to the gradebook.
Johnson_FM.indd 12 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
For each chapter in the Auditing course, students can access CPAexcel videos, CPA Exam
Practice Questions in the Prometric
TM
Testing Interface, and Task-Based Simulations (TBSs),
which are the primary form of assessment used by the American Institute of Certified Public
Accountants (AICPA). These resources:
1. Reinforce understanding of course topics.
2. Demonstrate relevance to show students how the auditing content they are learning will be
assessed on the CPA exam.
3. Build student confidence with early exposure to CPA exam questions.
xii
CPA Exam Practice Questions in
the Prometric™ Testing Interface
Wiley partners with CPAexcel to provide CPA exam
practice questions for each chapter that recreate the
environment students will encounter on the CPA
exam.
Task-Based Simulation in the
Prometric™ Testing Interface
CPA simulations recreate the environment stu-
dents will see on the CPA exam.
CPA Exam Video Lessons
Each chapter includes CPA exam text discus- sions and videos that provide students with insight into auditing topics commonly ad- dressed on the CPA exams.
CPA Exam Assignment
Each chapter includes one CPA exam assign- ment that allows instructors to assign CPA multiple-choice questions. Student perfor- mance is tied to the gradebook.
Johnson_FM.indd 12 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
xiii
Each chapter of Auditing has over 300 assessment questions that can help keep your students
engaged and on track.
End-of-Chapter Assessment
Questions and Problems
Each Auditing text chapter concludes with over 40 assessment questions and problems you can
use to gauge students’ understanding and ability to apply auditing concepts, as follows:
•
Multiple-Choice Questions—Available to quickly and effectively test students’ under -
standing of the chapter material.
• Short Answer Questions—Open-ended questions that require students to begin
thinking critically about the auditing process.
• Analysis Problems—Based on scenarios students might encounter as auditors in the business world, analysis problems assess how well students understand specific topics in a chapter.
Cases
Because no two audits are alike, Auditing uses a practical, case-based approach to help stu- dents develop professional judgment, think critically about the auditing process, and develop the decision-making skills necessary to perform a real-world audit. The best way for a student to learn auditing is to actually do auditing. To help provide real-world application, we have developed the following cases:
•
Audit Decision Cases—Three cases run through most of the text chapters and provide a broad review of the audit process (King Companies, Inc., Mobile Security, Inc., and Brookwood Pines Hospital). In addition, chapter-specific cases help you assess students’ understanding of topics that are the focus of a particular chapter.
•
Cloud 9 Continuing Case—Requires students to apply chapter concepts to the ongoing Cloud 9 case that is highlighted in the chapter.
To help you more easily identify what questions you want to assign, questions are tagged with learning objectives, professional AICPA and AACSB outcome standards, Bloom’s Taxonomy level, level of difficulty, and a recommended time of completion. You can track student performance in the gradebook found in the Wiley online homework system.
Test Bank
Over 150 NEW, more challenging application and analysis questions were added to this edi- tion’s test bank. Each chapter of the test bank has between 130 and 200 questions that you can assign to students in an exam or as graded practice. Question types include true/false, multiple-choice (NEW multiple-select), fill-in-the-blank, and short answer questions. To help you more easily identify what questions you want to assign, questions are tagged with learning objectives, professional AICPA and AACSB outcome standards, Bloom’s Taxonomy level, level of difficulty, and a recommended time of completion. You can track student performance in the gradebook.
Student Assessment
Johnson_FM.indd 13 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Each chapter of Auditing has over 300 assessment questions that can help keep your students
engaged and on track.
End-of-Chapter Assessment
Questions and Problems
Each Auditing text chapter concludes with over 40 assessment questions and problems you can
use to gauge students’ understanding and ability to apply auditing concepts, as follows:
•
Multiple-Choice Questions—Available to quickly and effectively test students’ under -
standing of the chapter material.
• Short Answer Questions—Open-ended questions that require students to begin
thinking critically about the auditing process.
• Analysis Problems—Based on scenarios students might encounter as auditors in the business world, analysis problems assess how well students understand specific topics in a chapter.
Cases
Because no two audits are alike, Auditing uses a practical, case-based approach to help stu- dents develop professional judgment, think critically about the auditing process, and develop the decision-making skills necessary to perform a real-world audit. The best way for a student to learn auditing is to actually do auditing. To help provide real-world application, we have developed the following cases:
•
Audit Decision Cases—Three cases run through most of the text chapters and provide a broad review of the audit process (King Companies, Inc., Mobile Security, Inc., and Brookwood Pines Hospital). In addition, chapter-specific cases help you assess students’ understanding of topics that are the focus of a particular chapter.
•
Cloud 9 Continuing Case—Requires students to apply chapter concepts to the ongoing Cloud 9 case that is highlighted in the chapter.
To help you more easily identify what questions you want to assign, questions are tagged with learning objectives, professional AICPA and AACSB outcome standards, Bloom’s Taxonomy level, level of difficulty, and a recommended time of completion. You can track student performance in the gradebook found in the Wiley online homework system.
Test Bank
Over 150 NEW, more challenging application and analysis questions were added to this edi- tion’s test bank. Each chapter of the test bank has between 130 and 200 questions that you can assign to students in an exam or as graded practice. Question types include true/false, multiple-choice (NEW multiple-select), fill-in-the-blank, and short answer questions. To help you more easily identify what questions you want to assign, questions are tagged with learning objectives, professional AICPA and AACSB outcome standards, Bloom’s Taxonomy level, level of difficulty, and a recommended time of completion. You can track student performance in the gradebook.
Student Assessment
Johnson_FM.indd 13 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
xiv
Acknowledgments
Auditing has benefited tremendously from the input of students who have used this text’s ma-
terial in class. We are also very appreciative of the comments and suggestions we received from
instructors who reviewed and used the first edition of this textbook, as well as the instructors
who participated in development and authoring activities for this new edition. A special thank
you to Kathleen Bakarich. We greatly appreciate her contributions to our Alteryx resources.
Sanaz Aghazadeh
Louisiana State University
Anne Albrecht
Texas Christian University
Matthew Anderson
Michigan State University
LuAnn Bean
Florida Institute of Technology
Marie Blouin
Ithaca College
A. Faye Borthick
Georgia State University
Joe Brazel
North Carolina State University
Billy Brewster
Texas State University
Rich Brody
The University of New Mexico
Melodi Bunting CPA, CMA, CGMA
Wegner CPAs
Jeffrey R. Cohen
Boston College
Emily Cokeley
Rochester Institute of Technology
Sheila Coomes
Kansas State University
Laurence DeGaetano
Montclair State University
Kristina Demek
University of Central Florida
Lisa Derouin
Wisconsin Lutheran College
Raymond Elson
Valdosta State University
Steven Ernest
Baton Rouge Community College
Reza Espahbodi
Washburn University of Topeka
Kel-Ann Eyler
Georgia College and State University
Magdy Farag
California Polytechnic University—Pomona
Dale Flesher
University of Mississippi
Paul Franklin
Purdue Global
Scott Fulkerson
University of California—Santa Barbara
Lori Fuller
West Chester University
Amber Gray
Adrian College
Abo-El-Yazeed Habib
Minnesota State University—Manka
James Hansen
Weber State University
Frederick Harmon
University of Bridgeport
Julia Higgs
Florida Atlantic University
Karen Hooks
Florida Atlantic University
Carol Jessup
University of Illinois—Springfield
Eric Johnson
University of Wyoming
Joe Johnston
Illinois State University
Bill Joyce
Bemidji State University
Brett Kawada
San Diego State University
Walied Keshk
California State University—Fullerton
Katherine Kinkela
Iona College
Milton Krivokuca
California State University—Dominguez Hills
Ellen L. Landgraf
Loyola University—Chicago
Betsy Lin
Montclair State University
Cathy Liu
University of Houston—Downtown
Joe Looney
Hofstra University
Jason MacGregor
Baylor University
Roger Martin
University of Virginia
Susanna Matson
Siena College of Taytay, Philippines
Linda McCann
Metropolitan State University
Karen McDougal
Pennsylvania State University—Brandywine
Linda McKeag
University of Dubuque
Mary Mindak
DePaul University
Ashley Minnich
Park University
Paula Mooney
Savannah State University
Anita Morgan
Indiana University
Grace Mubako
California Stata University—Sacramento
Christine Noel
Metropolitan State University of Denver
Christopher A. Nogot
Siena College of Taytay, Philippines
Connie O’Brien
Minnesota State University—Mankato
Aimee Pernsteiner
University of Wisconsin—Eau Claire
Rossen Petkov
Lehman College
Byron Pike
Minnesota State University—Mankato
Lincoln Pinto
Concordia University Chicago
Marshall Pitman
University of Texas—San Antonio
Dwayne Powell
Arkansas State University
Johnson_FM.indd 14 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Acknowledgments
Auditing has benefited tremendously from the input of students who have used this text’s ma-
terial in class. We are also very appreciative of the comments and suggestions we received from
instructors who reviewed and used the first edition of this textbook, as well as the instructors
who participated in development and authoring activities for this new edition. A special thank
you to Kathleen Bakarich. We greatly appreciate her contributions to our Alteryx resources.
Sanaz Aghazadeh
Louisiana State University
Anne Albrecht
Texas Christian University
Matthew Anderson
Michigan State University
LuAnn Bean
Florida Institute of Technology
Marie Blouin
Ithaca College
A. Faye Borthick
Georgia State University
Joe Brazel
North Carolina State University
Billy Brewster
Texas State University
Rich Brody
The University of New Mexico
Melodi Bunting CPA, CMA, CGMA
Wegner CPAs
Jeffrey R. Cohen
Boston College
Emily Cokeley
Rochester Institute of Technology
Sheila Coomes
Kansas State University
Laurence DeGaetano
Montclair State University
Kristina Demek
University of Central Florida
Lisa Derouin
Wisconsin Lutheran College
Raymond Elson
Valdosta State University
Steven Ernest
Baton Rouge Community College
Reza Espahbodi
Washburn University of Topeka
Kel-Ann Eyler
Georgia College and State University
Magdy Farag
California Polytechnic University—Pomona
Dale Flesher
University of Mississippi
Paul Franklin
Purdue Global
Scott Fulkerson
University of California—Santa Barbara
Lori Fuller
West Chester University
Amber Gray
Adrian College
Abo-El-Yazeed Habib
Minnesota State University—Manka
James Hansen
Weber State University
Frederick Harmon
University of Bridgeport
Julia Higgs
Florida Atlantic University
Karen Hooks
Florida Atlantic University
Carol Jessup
University of Illinois—Springfield
Eric Johnson
University of Wyoming
Joe Johnston
Illinois State University
Bill Joyce
Bemidji State University
Brett Kawada
San Diego State University
Walied Keshk
California State University—Fullerton
Katherine Kinkela
Iona College
Milton Krivokuca
California State University—Dominguez Hills
Ellen L. Landgraf
Loyola University—Chicago
Betsy Lin
Montclair State University
Cathy Liu
University of Houston—Downtown
Joe Looney
Hofstra University
Jason MacGregor
Baylor University
Roger Martin
University of Virginia
Susanna Matson
Siena College of Taytay, Philippines
Linda McCann
Metropolitan State University
Karen McDougal
Pennsylvania State University—Brandywine
Linda McKeag
University of Dubuque
Mary Mindak
DePaul University
Ashley Minnich
Park University
Paula Mooney
Savannah State University
Anita Morgan
Indiana University
Grace Mubako
California Stata University—Sacramento
Christine Noel
Metropolitan State University of Denver
Christopher A. Nogot
Siena College of Taytay, Philippines
Connie O’Brien
Minnesota State University—Mankato
Aimee Pernsteiner
University of Wisconsin—Eau Claire
Rossen Petkov
Lehman College
Byron Pike
Minnesota State University—Mankato
Lincoln Pinto
Concordia University Chicago
Marshall Pitman
University of Texas—San Antonio
Dwayne Powell
Arkansas State University
Johnson_FM.indd 14 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
ACKNOWLEDGMENTS xv
Sridhar Ramamoorti
University of Dayton—Ohio
Matthew Reidenbach
Pace University—New York
Maria Sanchez
Rider University
Matthew J. Sargent
University of Texas at Arlington
Gary Schneider
California State University—Monterey Bay
Dan Schrag
Baldwin Wallace University
Edward B. Seibert
Wesley College
Tim Seidel
Brigham Young University
Jamie L. Seitz
University of Southern Indiana
Suzanne Seymoure
Saint Leo University, University Campus
Margaret B. Shackell-Dowell
Ithaca College
Philip Slater
Forsyth Technical Community College
Vicki Stewart
Texas A&M University—Commerce
Jaclyn Strauss
Purdue Global
Floran Syler
Azusa Pacific University
Paula Thomas
Middle Tennessee State University
Andrea Tietjen
Caldwell College
Patricia Timm
Northwood University—Michigan
Madeline Trimble
Illinois State University
Richard Turpen
University of North Carolina—Asheville
Lisa Victoravich
University of Denver
Jim Vogt
University of Colorado—Denver
Rick Warne
University of Cincinnati
Amanda Warren
University of Tennessee—Knoxville
Barrett Wheeler
Tulane University
Angela Woodland
Montana State University
Gail E. Wright
Fengyun Wu
Manhattan College
Aleksandra Zimmerman
Florida State University
Ally Zimmerman
Northern Illinois University
We also want to thank several individuals for their help in
moving this text from concept to publication. This work would
not have come to fruition without the extensive support and
guidance of Emily Marcoux, Veronica Schram, Joel Hollen-
beck, Ed Brislin, Nicole Repasky, Natalie Munoz, Terry Ann
Tatro, and Vimal Shanmugavelu.
We appreciate suggestions and comments from users—
instructors and students alike. Please send us your thoughts
and ideas about the text.
Raymond Johnson
Laura Wiley
Sunriver, Oregon Baton Rouge, Louisiana
Johnson_FM.indd 15 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Sridhar Ramamoorti
University of Dayton—Ohio
Matthew Reidenbach
Pace University—New York
Maria Sanchez
Rider University
Matthew J. Sargent
University of Texas at Arlington
Gary Schneider
California State University—Monterey Bay
Dan Schrag
Baldwin Wallace University
Edward B. Seibert
Wesley College
Tim Seidel
Brigham Young University
Jamie L. Seitz
University of Southern Indiana
Suzanne Seymoure
Saint Leo University, University Campus
Margaret B. Shackell-Dowell
Ithaca College
Philip Slater
Forsyth Technical Community College
Vicki Stewart
Texas A&M University—Commerce
Jaclyn Strauss
Purdue Global
Floran Syler
Azusa Pacific University
Paula Thomas
Middle Tennessee State University
Andrea Tietjen
Caldwell College
Patricia Timm
Northwood University—Michigan
Madeline Trimble
Illinois State University
Richard Turpen
University of North Carolina—Asheville
Lisa Victoravich
University of Denver
Jim Vogt
University of Colorado—Denver
Rick Warne
University of Cincinnati
Amanda Warren
University of Tennessee—Knoxville
Barrett Wheeler
Tulane University
Angela Woodland
Montana State University
Gail E. Wright
Fengyun Wu
Manhattan College
Aleksandra Zimmerman
Florida State University
Ally Zimmerman
Northern Illinois University
We also want to thank several individuals for their help in
moving this text from concept to publication. This work would
not have come to fruition without the extensive support and
guidance of Emily Marcoux, Veronica Schram, Joel Hollen-
beck, Ed Brislin, Nicole Repasky, Natalie Munoz, Terry Ann
Tatro, and Vimal Shanmugavelu.
We appreciate suggestions and comments from users—
instructors and students alike. Please send us your thoughts
and ideas about the text.
Raymond Johnson
Laura Wiley
Sunriver, Oregon Baton Rouge, Louisiana
Johnson_FM.indd 15 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Table of Contents
1 Introduction and Overview of Audit
and Assurance 1-1
1.1 Assurance, Attestation, and Audit Services 1-3
Audit Services 1-4
Attestation Services 1-4
Assurance Services 1-5
1.2 Different Assurance Services 1-6
Financial Statement Audits 1-6
Compliance Audits 1-8
Operational (Performance) Audits 1-8
Internal Audits 1-8
1.3 Demand for Audit and Assurance Services 1-9
Financial Statement Users 1-9
Demand for Audit and Assurance Services 1-10
1.4 Preparers and Auditors 1-11
Preparer Responsibility 1-11
Auditor Responsibility 1-12
Auditor Skills 1-12
Assurance Providers 1-13
1.5 The Role of Regulators and Regulations 1-14
Securities and Exchange Commission (SEC) 1-14
Public Company Accounting Oversight Board (PCAOB) 1-15
American Institute of Certified Public Accountants
(AICPA) 1-16
Financial Accounting Standards Board (FASB) 1-19
Committee on Sponsoring Organizations of the Treadway
Commission (COSO) 1-19
National Association of State Boards of Accountancy
(NASBA) and State Boards of Accountancy 1-19
1.6 Audit Report on Financial Statements 1-20
Reasonable Assurance and the Financial Statements 1-20
Materiality and the Financial Statements 1-21
The Auditorʼs Report on Financial Statements 1-21
1.7 Audit Report on Internal Controls over
Financial Reporting 1-27
Reasonable Assurance and Internal Controls 1-27
The Auditor’s Report on Internal Control over Financial
Reporting 1-28
1.8 The Audit Expectation Gap 1-30
Audit Decision-Making Example 1-33
2 Professionalism and Professional Responsibilities
2-1
2.1 Professionalism and Accounting 2-3
Level of Expertise 2-3
Concern for the Public Interest 2-4
2.2 The Structure of the AICPA Code of Professional
Conduct 2-5
Purpose of the Code 2-5
Organization of the Code 2-6
2.3 Conceptual Framework for Members
in Public Practice 2-7
Steps in the Conceptual Framework 2-7
Applying the Conceptual Framework: An Example 2-10
2.4 Integrity and Objectivity 2-11
Conflicts of Interest 2-11
Subordination of Judgment 2-12
2.5 Independence 2-12
Key Individuals and Independence Requirements 2-14
Employment or Association with an Attest Client 2-18
Nonattest Services 2-19
SEC and PCAOB Independence Rules 2-22
2.6 General Standards 2-25
2.7 Other Rules of Conduct for Members in
Public Practice 2-26
Accounting Principles Rule 2-26
Fees and Other Types of Remuneration 2-27
Confidential Information 2-27
2.8 Auditor Liability Under Common Law 2-28
Liability to Clients 2-29
Liability to Third Parties 2-31
Burden of Proof and Common Law Defenses 2-34
2.9 Auditor Liability Under Statutory Law 2-35
The Securities Act of 1933 2-36
The Securities Act of 1934 2-37
The Foreign Corrupt Practices Act of 1977 2-38
The Private Securities Litigation Reform Acts of 1995 and
1998 2-38
The Sarbanes-Oxley Act of 2002 2-39
Criminal Liability 2-41
Audit Decision-Making Example 2-45
3 Risk Assessment Part I: Audit Risk and Audit Strategy
3-1
3.1 Client Acceptance and Continuance
Decisions 3-3
3.2 Phases of an Audit 3-8
Risk Assessment Phase 3-9
Risk Response Phase 3-10
Reporting Phase 3-10
3.3 Materiality 3-11
Qualitative and Quantitative Factors 3-11
Setting Materiality 3-12
xvi
Johnson_FM.indd 16 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1 Introduction and Overview of Audit
and Assurance 1-1
1.1 Assurance, Attestation, and Audit Services 1-3
Audit Services 1-4
Attestation Services 1-4
Assurance Services 1-5
1.2 Different Assurance Services 1-6
Financial Statement Audits 1-6
Compliance Audits 1-8
Operational (Performance) Audits 1-8
Internal Audits 1-8
1.3 Demand for Audit and Assurance Services 1-9
Financial Statement Users 1-9
Demand for Audit and Assurance Services 1-10
1.4 Preparers and Auditors 1-11
Preparer Responsibility 1-11
Auditor Responsibility 1-12
Auditor Skills 1-12
Assurance Providers 1-13
1.5 The Role of Regulators and Regulations 1-14
Securities and Exchange Commission (SEC) 1-14
Public Company Accounting Oversight Board (PCAOB) 1-15
American Institute of Certified Public Accountants
(AICPA) 1-16
Financial Accounting Standards Board (FASB) 1-19
Committee on Sponsoring Organizations of the Treadway
Commission (COSO) 1-19
National Association of State Boards of Accountancy
(NASBA) and State Boards of Accountancy 1-19
1.6 Audit Report on Financial Statements 1-20
Reasonable Assurance and the Financial Statements 1-20
Materiality and the Financial Statements 1-21
The Auditorʼs Report on Financial Statements 1-21
1.7 Audit Report on Internal Controls over
Financial Reporting 1-27
Reasonable Assurance and Internal Controls 1-27
The Auditor’s Report on Internal Control over Financial
Reporting 1-28
1.8 The Audit Expectation Gap 1-30
Audit Decision-Making Example 1-33
2 Professionalism and Professional Responsibilities
2-1
2.1 Professionalism and Accounting 2-3
Level of Expertise 2-3
Concern for the Public Interest 2-4
2.2 The Structure of the AICPA Code of Professional
Conduct 2-5
Purpose of the Code 2-5
Organization of the Code 2-6
2.3 Conceptual Framework for Members
in Public Practice 2-7
Steps in the Conceptual Framework 2-7
Applying the Conceptual Framework: An Example 2-10
2.4 Integrity and Objectivity 2-11
Conflicts of Interest 2-11
Subordination of Judgment 2-12
2.5 Independence 2-12
Key Individuals and Independence Requirements 2-14
Employment or Association with an Attest Client 2-18
Nonattest Services 2-19
SEC and PCAOB Independence Rules 2-22
2.6 General Standards 2-25
2.7 Other Rules of Conduct for Members in
Public Practice 2-26
Accounting Principles Rule 2-26
Fees and Other Types of Remuneration 2-27
Confidential Information 2-27
2.8 Auditor Liability Under Common Law 2-28
Liability to Clients 2-29
Liability to Third Parties 2-31
Burden of Proof and Common Law Defenses 2-34
2.9 Auditor Liability Under Statutory Law 2-35
The Securities Act of 1933 2-36
The Securities Act of 1934 2-37
The Foreign Corrupt Practices Act of 1977 2-38
The Private Securities Litigation Reform Acts of 1995 and
1998 2-38
The Sarbanes-Oxley Act of 2002 2-39
Criminal Liability 2-41
Audit Decision-Making Example 2-45
3 Risk Assessment Part I: Audit Risk and Audit Strategy
3-1
3.1 Client Acceptance and Continuance
Decisions 3-3
3.2 Phases of an Audit 3-8
Risk Assessment Phase 3-9
Risk Response Phase 3-10
Reporting Phase 3-10
3.3 Materiality 3-11
Qualitative and Quantitative Factors 3-11
Setting Materiality 3-12
xvi
Johnson_FM.indd 16 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
3.4 Professional Skepticism and Audit Risk 3-15
Professional Skepticism 3-15
Audit Risk 3-16
3.5 Audit Strategy 3-23
Reliance on Controls Approach 3-24
Substantive Approach 3-26
Where Does Data Analytics Fit In? 3-26
3.6 Fraud Risk 3-28
Incentives and Pressures to Commit a Fraud 3-30
Opportunities to Perpetrate a Fraud 3-31
Attitudes and Rationalization to Justify a Fraud 3-32
Fraud Risk Assessment Process 3-32
Audit Decision-Making Example 3-35
4 Risk Assessment Part II:
Understanding the Client 4-1
4.1 Understand the Entity and the Industry 4-3
Gain an Understanding of the Entity 4-4
Gain an Understanding of the Industry and Business
Environment 4-6
Procedures Performed to Gain an Understanding of
the Client 4-8
Compliance with Laws and Regulations 4-8
4.2 Client Approaches to Measuring Performance 4-11
Profitability 4-11
Liquidity, Solvency, and Cash Flow 4-12
4.3 Analytical Procedures 4-13
Comparisons 4-14
Trend Analysis 4-14
Common-Size Analysis 4-15
Ratio Analysis 4-16
Software Tools for Performing Analytical
Procedures 4-19
Factors to Consider When Conducting
Analytical Procedures 4-19
Audit Data Analytics During Risk Assessment 4-20
4.4 Related Parties 4-21
Risk Associated with Related Parties 4-21
Audit Procedures 4-22
4.5 Corporate Governance 4-23
Audit Committee 4-24
Public Company Requirements 4-24
4.6 Internal Control, Information Technology, and
the Client’s Digital Mindset 4-26
System of Internal Controls 4-26
Information Technology 4-26
Client’s Digital Mindset 4-27
4.7 Closing Procedures 4-28
Audit Decision-Making Example 4-31
5 Audit Evidence 5-1
5.1 Management Assertions 5-3
Assertions in the ASB Auditing Standard 5-3
Assertions in the PCAOB Standard 5-7
Relevant Assertions 5-7
5.2 Characteristics of Audit Evidence 5-8
Sufficient Audit Evidence 5-8
Appropriate Audit Evidence 5-9
Persuasive Audit Evidence 5-12
5.3 Procedures for Gathering Audit Evidence 5-13
Inspection of Documents and Assets 5-14
Observation 5-15
Inquiry 5-15
Confirmation 5-16
Recalculation 5-19
Reperformance 5-19
Analytical Procedures 5-20
Scanning 5-20
Audit Data Analytics and Automated Tools 5-20
5.4 Using the Work of Others 5-22
Using the Work of an Auditor’s Specialist 5-23
Using the Work of Internal Auditors 5-25
Using the Work of Another Auditor 5-27
5.5 Documentation—Audit Working Papers 5-29
Permanent File 5-29
Current File 5-30
Examples of Working Papers 5-31
Audit Decision-Making Example 5-36
6 Gaining an Understanding of the Client’s System of Internal Control
6-1
6.1 Internal Control Defined 6-3
The COSO Framework 6-4
Inherent Limitations 6-6
Steps for Understanding and Assessing Control Risk 6-6
6.2 Entity-Level Internal Controls 6-8
The Control Environment 6-9
Risk Assessment 6-11
Control Activities 6-13
Information and Communication 6-16
Monitoring Activities 6-17
Internal Control in Small Entities 6-19
6.3 Transaction-Level Internal Controls 6-20
Example Transaction Flows—Sales Process 6-21
6.4 Information Technology (IT) Controls 6-23
Benefits and Risks of IT Systems 6-23
IT General Controls 6-25
IT Application Controls 6-26
IT-Dependent Manual Controls 6-28
TABLE OF CONTENTS xvii
Johnson_FM.indd 17 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Professional Skepticism 3-15
Audit Risk 3-16
3.5 Audit Strategy 3-23
Reliance on Controls Approach 3-24
Substantive Approach 3-26
Where Does Data Analytics Fit In? 3-26
3.6 Fraud Risk 3-28
Incentives and Pressures to Commit a Fraud 3-30
Opportunities to Perpetrate a Fraud 3-31
Attitudes and Rationalization to Justify a Fraud 3-32
Fraud Risk Assessment Process 3-32
Audit Decision-Making Example 3-35
4 Risk Assessment Part II:
Understanding the Client 4-1
4.1 Understand the Entity and the Industry 4-3
Gain an Understanding of the Entity 4-4
Gain an Understanding of the Industry and Business
Environment 4-6
Procedures Performed to Gain an Understanding of
the Client 4-8
Compliance with Laws and Regulations 4-8
4.2 Client Approaches to Measuring Performance 4-11
Profitability 4-11
Liquidity, Solvency, and Cash Flow 4-12
4.3 Analytical Procedures 4-13
Comparisons 4-14
Trend Analysis 4-14
Common-Size Analysis 4-15
Ratio Analysis 4-16
Software Tools for Performing Analytical
Procedures 4-19
Factors to Consider When Conducting
Analytical Procedures 4-19
Audit Data Analytics During Risk Assessment 4-20
4.4 Related Parties 4-21
Risk Associated with Related Parties 4-21
Audit Procedures 4-22
4.5 Corporate Governance 4-23
Audit Committee 4-24
Public Company Requirements 4-24
4.6 Internal Control, Information Technology, and
the Client’s Digital Mindset 4-26
System of Internal Controls 4-26
Information Technology 4-26
Client’s Digital Mindset 4-27
4.7 Closing Procedures 4-28
Audit Decision-Making Example 4-31
5 Audit Evidence 5-1
5.1 Management Assertions 5-3
Assertions in the ASB Auditing Standard 5-3
Assertions in the PCAOB Standard 5-7
Relevant Assertions 5-7
5.2 Characteristics of Audit Evidence 5-8
Sufficient Audit Evidence 5-8
Appropriate Audit Evidence 5-9
Persuasive Audit Evidence 5-12
5.3 Procedures for Gathering Audit Evidence 5-13
Inspection of Documents and Assets 5-14
Observation 5-15
Inquiry 5-15
Confirmation 5-16
Recalculation 5-19
Reperformance 5-19
Analytical Procedures 5-20
Scanning 5-20
Audit Data Analytics and Automated Tools 5-20
5.4 Using the Work of Others 5-22
Using the Work of an Auditor’s Specialist 5-23
Using the Work of Internal Auditors 5-25
Using the Work of Another Auditor 5-27
5.5 Documentation—Audit Working Papers 5-29
Permanent File 5-29
Current File 5-30
Examples of Working Papers 5-31
Audit Decision-Making Example 5-36
6 Gaining an Understanding of the Client’s System of Internal Control
6-1
6.1 Internal Control Defined 6-3
The COSO Framework 6-4
Inherent Limitations 6-6
Steps for Understanding and Assessing Control Risk 6-6
6.2 Entity-Level Internal Controls 6-8
The Control Environment 6-9
Risk Assessment 6-11
Control Activities 6-13
Information and Communication 6-16
Monitoring Activities 6-17
Internal Control in Small Entities 6-19
6.3 Transaction-Level Internal Controls 6-20
Example Transaction Flows—Sales Process 6-21
6.4 Information Technology (IT) Controls 6-23
Benefits and Risks of IT Systems 6-23
IT General Controls 6-25
IT Application Controls 6-26
IT-Dependent Manual Controls 6-28
TABLE OF CONTENTS xvii
Johnson_FM.indd 17 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
xviii TABLE OF CONTENTS
6.5 Documenting Internal Controls 6-30
6.6 Identifying Strengths and Weaknesses in a
System of Internal Controls 6-33
Internal Controls and Audit Strategy 6-33
Evaluating Internal Control Weaknesses 6-33
6.7 Use of a Service Organization by an Audit Client 6-34
Significant User Entity Controls over the Service
Organization 6-35
User Auditor Obtains a Systems Organization and
Controls (SOC) 1 Report 6-36
What Is a Soc 2 Report and How Does It Differ from a
SOC 1 Report? 6-38
Audit Decision-Making Example 6-40
7 Risk Response: Performing Tests
of Controls 7-1
7.1 Identify Relevant Transaction-Level Controls and
Determine Preliminary Audit Strategy 7-3
Preventive and Detective Controls 7-4
Manual and Automated Controls 7-7
Determine Preliminary Audit Strategy 7-8
7.2 Procedures for Testing Controls 7-10
Inquiry 7-10
Observation 7-10
Inspection of Physical Evidence 7-10
Reperformance 7-11
Tests of Software Controls 7-11
7.3 Selecting and Designing Tests of Controls 7-12
Selecting the Controls for Testing 7-13
Selecting Audit Procedures 7-15
The Extent of Tests of Controls 7-16
Timing of Tests of Controls 7-20
Benchmarking 7-21
Selecting and Designing Tests of Controls—A Summary 7-22
7.4 Results of the Auditor’s Testing 7-25
Tests of Controls and Audit Strategy 7-27
Classifying Control Exceptions 7-27
7.5 Using a Soc 1, Type 2 Report 7-29
Section 1: Independent Service Auditor’s Report 7-31
Section 2: Management’s Assertion 7-34
Section 3: Management’s Description of the System 7-36
Section 4: Control Descriptions, Related Controls,
and Tests of Operating Effectiveness 7-38
7.6 Documenting Conclusions 7-41
7.7 Management Letters 7-43
Audit Decision-Making Example 7-46
8 Audit Data Analytics 8-1
8.1 Applying the Audit Decision-Making
Framework to Audit Data Analytics 8-3
Step 1: Obtain Company Background Information
and Data 8-4
Step 2: What Is the Audit Problem You Are Trying to
Solve? 8-5
Step 3: Gather Information and Evidence 8-6
Step 4: Perform the Analysis and Evaluate
the Results 8-7
Step 5: Draw an Audit Conclusion 8-8
Audit Documentation 8-9
8.2 Steps Associated with Accessing and Preparing
Data for Audit Data Analytics 8-11
Are the Data Complete? 8-11
Do the Data Need to Be Cleaned? 8-12
Key Questions to Be Addressed in Evaluating
the Relevance and Reliability of Data Used in
Audit Data Analytics 8-12
8.3 Using Audit Data Analytics as a Risk
Assessment Procedure 8-13
Understanding the Risk Analysis Decision Tree 8-14
What Do We Mean by Notable Items? 8-15
Tools for Searching for Notable Items 8-15
What to Do When ADA Identifies a Large Number of
Items for Further Consideration 8-16
8.4 Applying Audit Data Analytics as a Risk Assessment
Procedure 8-18
Cluster Analysis 8-18
Matching Information in Key Data Fields 8-26
Regression Analysis 8-31
Visualization 8-35
8.5 Using Audit Data Analytics as a Substantive
Procedure 8-38
8.6 Applying Audit Data Analytics as a Substantive
Procedure 8-39
Validating Sales Revenue and Accounts Receivable with
Subsequent Cash Receipts 8-39
8.7 Artificial Intelligence and Machine Learning 8-44
Examples from Audit Practice 8-45
The Role of Professional Judgment in the AI
Environment 8-46
Audit Decision-Making Example 8-48
9 Risk Response: Performing Substantive Procedures
9-1
9.1 Audit Risk and Substantive Procedures 9-3
9.2 Risk Response at the Financial Statement Level 9-5
Auditor’s Understanding of the Entity’s Control
Environment 9-6
Risk of Material Misstatement Due to Fraud 9-6
9.3 Nature of Substantive Procedures 9-7
Determining the Purpose of an Audit Procedure 9-7
Determining the Type of Substantive Procedure 9-8
Initial Procedures 9-9
Substantive Analytical Procedures 9-10
Tests of Details 9-14
ADA and Substantive Procedures 9-15
Johnson_FM.indd 18 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
6.5 Documenting Internal Controls 6-30
6.6 Identifying Strengths and Weaknesses in a
System of Internal Controls 6-33
Internal Controls and Audit Strategy 6-33
Evaluating Internal Control Weaknesses 6-33
6.7 Use of a Service Organization by an Audit Client 6-34
Significant User Entity Controls over the Service
Organization 6-35
User Auditor Obtains a Systems Organization and
Controls (SOC) 1 Report 6-36
What Is a Soc 2 Report and How Does It Differ from a
SOC 1 Report? 6-38
Audit Decision-Making Example 6-40
7 Risk Response: Performing Tests
of Controls 7-1
7.1 Identify Relevant Transaction-Level Controls and
Determine Preliminary Audit Strategy 7-3
Preventive and Detective Controls 7-4
Manual and Automated Controls 7-7
Determine Preliminary Audit Strategy 7-8
7.2 Procedures for Testing Controls 7-10
Inquiry 7-10
Observation 7-10
Inspection of Physical Evidence 7-10
Reperformance 7-11
Tests of Software Controls 7-11
7.3 Selecting and Designing Tests of Controls 7-12
Selecting the Controls for Testing 7-13
Selecting Audit Procedures 7-15
The Extent of Tests of Controls 7-16
Timing of Tests of Controls 7-20
Benchmarking 7-21
Selecting and Designing Tests of Controls—A Summary 7-22
7.4 Results of the Auditor’s Testing 7-25
Tests of Controls and Audit Strategy 7-27
Classifying Control Exceptions 7-27
7.5 Using a Soc 1, Type 2 Report 7-29
Section 1: Independent Service Auditor’s Report 7-31
Section 2: Management’s Assertion 7-34
Section 3: Management’s Description of the System 7-36
Section 4: Control Descriptions, Related Controls,
and Tests of Operating Effectiveness 7-38
7.6 Documenting Conclusions 7-41
7.7 Management Letters 7-43
Audit Decision-Making Example 7-46
8 Audit Data Analytics 8-1
8.1 Applying the Audit Decision-Making
Framework to Audit Data Analytics 8-3
Step 1: Obtain Company Background Information
and Data 8-4
Step 2: What Is the Audit Problem You Are Trying to
Solve? 8-5
Step 3: Gather Information and Evidence 8-6
Step 4: Perform the Analysis and Evaluate
the Results 8-7
Step 5: Draw an Audit Conclusion 8-8
Audit Documentation 8-9
8.2 Steps Associated with Accessing and Preparing
Data for Audit Data Analytics 8-11
Are the Data Complete? 8-11
Do the Data Need to Be Cleaned? 8-12
Key Questions to Be Addressed in Evaluating
the Relevance and Reliability of Data Used in
Audit Data Analytics 8-12
8.3 Using Audit Data Analytics as a Risk
Assessment Procedure 8-13
Understanding the Risk Analysis Decision Tree 8-14
What Do We Mean by Notable Items? 8-15
Tools for Searching for Notable Items 8-15
What to Do When ADA Identifies a Large Number of
Items for Further Consideration 8-16
8.4 Applying Audit Data Analytics as a Risk Assessment
Procedure 8-18
Cluster Analysis 8-18
Matching Information in Key Data Fields 8-26
Regression Analysis 8-31
Visualization 8-35
8.5 Using Audit Data Analytics as a Substantive
Procedure 8-38
8.6 Applying Audit Data Analytics as a Substantive
Procedure 8-39
Validating Sales Revenue and Accounts Receivable with
Subsequent Cash Receipts 8-39
8.7 Artificial Intelligence and Machine Learning 8-44
Examples from Audit Practice 8-45
The Role of Professional Judgment in the AI
Environment 8-46
Audit Decision-Making Example 8-48
9 Risk Response: Performing Substantive Procedures
9-1
9.1 Audit Risk and Substantive Procedures 9-3
9.2 Risk Response at the Financial Statement Level 9-5
Auditor’s Understanding of the Entity’s Control
Environment 9-6
Risk of Material Misstatement Due to Fraud 9-6
9.3 Nature of Substantive Procedures 9-7
Determining the Purpose of an Audit Procedure 9-7
Determining the Type of Substantive Procedure 9-8
Initial Procedures 9-9
Substantive Analytical Procedures 9-10
Tests of Details 9-14
ADA and Substantive Procedures 9-15
Johnson_FM.indd 18 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
TABLE OF CONTENTS xix
9.4 Timing of Substantive Procedures 9-17
During an Interim Period 9-17
During Year-End 9-18
9.5 Extent of Substantive Procedures 9-19
Auditing an Entire Population 9-20
Auditing Select Items from a Population 9-21
9.6 Auditing Accounting Estimates 9-22
Inherent Risk Factors 9-22
Possible Management Bias 9-23
Risk Assessment Procedures for
Accounting Estimates 9-24
Identifying and Assessing the Risks of Material
Misstatement 9-26
Risk Response Procedures for Accounting Estimates 9-26
Overall Evaluation and Documentation 9-28
9.7 Documenting Results of Substantive
Procedures 9-30
Audit Decision-Making Example 9-33
10 Risk Response: Audit Sampling for
Substantive Procedures 10-1
10.1 Audit Sampling versus Audit Data Analytics 10-3
10.2 Sampling Risk and Nonsampling Risk 10-4
Risk of Incorrect Acceptance 10-5
Risk of Incorrect Rejection 10-5
Nonsampling Risk 10-5
10.3 Statistical versus Nonstatistical Sampling 10-7
Population and Sampling Unit 10-7
Sampling Methods 10-8
10.4 Factors That Influence the Sample
Size—Substantive Procedures 10-10
Tolerable Misstatement 10-10
Desired Level of Assurance 10-11
Expected Misstatement in the Population 10-11
Stratification of the Population 10-12
10.5 A Basic Framework for Audit Sampling 10-12
Step 1: Determine the Objectives of the Substantive
Procedure 10-14
Step 2: Determine the Substantive Procedures to
Perform 10-14
Step 3: Determine Whether to Audit a Sample
or the Entire Population 10-14
Step 4: Define the Population and Sampling Unit 10-15
10.6 Applying Probability-Proportionate-to-Size
Sampling for Substantive Procedures 10-15
Step 5: Choose the Audit Sampling Technique 10-15
Step 6: Determine Sample Size 10-16
Step 7: Randomly Select Representative Sample 10-18
Step 8: Apply Audit Procedures 10-20
Step 9: Evaluate Results Statistically and
Judgmentally 10-20
Step 10: Document Conclusions 10-25
Summary of PPS Sampling 10-26
10.7 Applying Nonstatistical Sampling for
Substantive Procedures 10-27
Step 5: Choose the Audit Sampling
Technique 10-27
Step 6: Determine Sample Size Using
Professional Judgment 10-27
Step 7: Judgmentally Select Representative
Sample 10-28
Step 8: Apply Audit Procedures 10-28
Step 9: Evaluate Results Judgmentally 10-29
Step 10: Document Conclusions 10-31
Appendix 10A: Applying Classical Variables
Sampling for Substantive Procedures 10-32
Step 5: Apply Classical Variables Sampling 10-32
Step 6: Determine the Sample Size 10-33
Step 7: Select a Random Sample 10-37
Step 8: Apply Audit Procedures 10-37
Step 9: Evaluate the Sample Results 10-37
Step 10: Document Results 10-39
Audit Decision-Making Example 10-42
11 Auditing the Revenue Process 11-1
11.1 Understanding the Revenue Process 11-3
Understand the Nature of the Revenue Process 11-4
Revenue Transactions 11-4
11.2 How Audit Planning Decisions Affect the
Assessment of Inherent Risk 11-5
Understanding the Entity and Its
Environment 11-6
Determining Inherent Risk in the Revenue
Process 11-10
11.3 Control Activities for Credit Sales 11-14
Example Transaction Flows—Credit Sales 11-15
Evaluate What Can Go Wrong (WCGW) and Identify
Key Controls—Credit Sales and Accounts
Receivable 11-17
11.4 Control Activities for Cash Receipts 11-20
Example Transaction Flows—Cash Receipts 11-20
Evaluate WCGW and Identify Key Controls—Cash
Receipts 11-22
11.5 Control Activities in a “Paperless” Revenue
System 11-24
Initiating an ERS Transaction 11-25
Shipping Goods 11-25
Recording Sales and Receivables 11-25
Electronic Cash Receipt 11-25
Internal Controls in an ERS System 11-26
11.6 Control Activities for Sales Adjustments
and Revenue Process Disclosures 11-27
Granting Sales Returns and Allowances 11-27
Determining Uncollectible Accounts 11-28
Other Controls in the Revenue Process 11-28
Preliminary Audit Strategy 11-29
Johnson_FM.indd 19 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
9.4 Timing of Substantive Procedures 9-17
During an Interim Period 9-17
During Year-End 9-18
9.5 Extent of Substantive Procedures 9-19
Auditing an Entire Population 9-20
Auditing Select Items from a Population 9-21
9.6 Auditing Accounting Estimates 9-22
Inherent Risk Factors 9-22
Possible Management Bias 9-23
Risk Assessment Procedures for
Accounting Estimates 9-24
Identifying and Assessing the Risks of Material
Misstatement 9-26
Risk Response Procedures for Accounting Estimates 9-26
Overall Evaluation and Documentation 9-28
9.7 Documenting Results of Substantive
Procedures 9-30
Audit Decision-Making Example 9-33
10 Risk Response: Audit Sampling for
Substantive Procedures 10-1
10.1 Audit Sampling versus Audit Data Analytics 10-3
10.2 Sampling Risk and Nonsampling Risk 10-4
Risk of Incorrect Acceptance 10-5
Risk of Incorrect Rejection 10-5
Nonsampling Risk 10-5
10.3 Statistical versus Nonstatistical Sampling 10-7
Population and Sampling Unit 10-7
Sampling Methods 10-8
10.4 Factors That Influence the Sample
Size—Substantive Procedures 10-10
Tolerable Misstatement 10-10
Desired Level of Assurance 10-11
Expected Misstatement in the Population 10-11
Stratification of the Population 10-12
10.5 A Basic Framework for Audit Sampling 10-12
Step 1: Determine the Objectives of the Substantive
Procedure 10-14
Step 2: Determine the Substantive Procedures to
Perform 10-14
Step 3: Determine Whether to Audit a Sample
or the Entire Population 10-14
Step 4: Define the Population and Sampling Unit 10-15
10.6 Applying Probability-Proportionate-to-Size
Sampling for Substantive Procedures 10-15
Step 5: Choose the Audit Sampling Technique 10-15
Step 6: Determine Sample Size 10-16
Step 7: Randomly Select Representative Sample 10-18
Step 8: Apply Audit Procedures 10-20
Step 9: Evaluate Results Statistically and
Judgmentally 10-20
Step 10: Document Conclusions 10-25
Summary of PPS Sampling 10-26
10.7 Applying Nonstatistical Sampling for
Substantive Procedures 10-27
Step 5: Choose the Audit Sampling
Technique 10-27
Step 6: Determine Sample Size Using
Professional Judgment 10-27
Step 7: Judgmentally Select Representative
Sample 10-28
Step 8: Apply Audit Procedures 10-28
Step 9: Evaluate Results Judgmentally 10-29
Step 10: Document Conclusions 10-31
Appendix 10A: Applying Classical Variables
Sampling for Substantive Procedures 10-32
Step 5: Apply Classical Variables Sampling 10-32
Step 6: Determine the Sample Size 10-33
Step 7: Select a Random Sample 10-37
Step 8: Apply Audit Procedures 10-37
Step 9: Evaluate the Sample Results 10-37
Step 10: Document Results 10-39
Audit Decision-Making Example 10-42
11 Auditing the Revenue Process 11-1
11.1 Understanding the Revenue Process 11-3
Understand the Nature of the Revenue Process 11-4
Revenue Transactions 11-4
11.2 How Audit Planning Decisions Affect the
Assessment of Inherent Risk 11-5
Understanding the Entity and Its
Environment 11-6
Determining Inherent Risk in the Revenue
Process 11-10
11.3 Control Activities for Credit Sales 11-14
Example Transaction Flows—Credit Sales 11-15
Evaluate What Can Go Wrong (WCGW) and Identify
Key Controls—Credit Sales and Accounts
Receivable 11-17
11.4 Control Activities for Cash Receipts 11-20
Example Transaction Flows—Cash Receipts 11-20
Evaluate WCGW and Identify Key Controls—Cash
Receipts 11-22
11.5 Control Activities in a “Paperless” Revenue
System 11-24
Initiating an ERS Transaction 11-25
Shipping Goods 11-25
Recording Sales and Receivables 11-25
Electronic Cash Receipt 11-25
Internal Controls in an ERS System 11-26
11.6 Control Activities for Sales Adjustments
and Revenue Process Disclosures 11-27
Granting Sales Returns and Allowances 11-27
Determining Uncollectible Accounts 11-28
Other Controls in the Revenue Process 11-28
Preliminary Audit Strategy 11-29
Johnson_FM.indd 19 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
xx TABLE OF CONTENTS
11.7 Tests of Controls in the Revenue Process and
Audit Strategy 11-30
Tests of Controls in the Revenue Process 11-30
Fraud Risk Assessment 11-31
Audit Data Analytics as a Risk Assessment Procedure 11-32
The Risk of Material Misstatement and Audit Strategy 11-32
11.8 Substantive Procedures for the Revenue
Process 11-33
Initial Procedures 11-36
Substantive Analytical Procedures 11-36
Audit Data Analytics as a Substantive Procedure 11-36
Tests of Details of Transactions 11-37
Tests of Details of Balances 11-38
Tests of Details of Presentation 11-43
Draw a Final Conclusion 11-44
Audit Decision-Making Example 11-46
12 Auditing the Purchasing and
Payroll Processes 12-1
12.1 Auditing Purchase Transactions and Balances 12-2
Overview of Auditing Purchases 12-2
Understand the Nature of the Purchasing Process 12-3
Purchase Transactions 12-4
12.2 How Audit Planning Decisions Affect the
Assessment of Inherent Risk 12-5
Understanding the Entity and Its Environment 12-5
Determining Inherent Risks in the Purchasing Process 12-9
12.3 Control Activities for Purchases 12-12
Example Transaction Flows—Credit Purchases 12-12
Evaluate What Can Go Wrong (WCGW) and Identify Key
Controls—Purchases and Accounts Payable 12-15
12.4 Control Activities for Cash Disbursements 12-18
Example Transaction Flows—Cash Disbursements 12-18
Evaluate What Can Go Wrong (WCGW) and
Identify Key Controls—Cash Disbursements 12-20
12.5 Evaluated Receipt Settlement (ERS) 12-21
Initiating an ERS Transaction 12-22
Receiving Goods 12-22
Recording Payables 12-22
Electronic Payment 12-22
Internal Controls in an ERS System 12-23
12.6 Control Activities for Purchase Adjustments and
Purchasing Process Disclosures 12-24
Purchase Returns and Allowances 12-24
Other Controls in the Purchasing Process 12-25
Preliminary Audit Strategy 12-25
12.7 Tests of Controls in the Purchasing Process and
Audit Strategy 12-26
Tests of Controls in the Purchasing Process 12-26
Fraud Risk Assessment 12-27
Audit Data Analytics as a Risk Assessment Procedure 12-28
The Risk of Material Misstatement and Audit
Strategy 12-28
12.8 Substantive Procedures for the Purchasing
Process 12-29
Initial Procedures 12-30
Substantive Analytical Procedures 12-31
Audit Data Analytics as a Substantive Procedure 12-31
Tests of Details of Transactions 12-31
Tests of Details of Balances 12-33
Tests of Details of Presentation 12-33
Draw a Final Conclusion 12-34
Appendix 12A: Auditing Payroll 12-35
12.9 Explain the Nature of Payroll Transactions and
Balances 12-36
Understand the Nature of the Payroll Process 12-36
Payroll Transactions 12-36
12.10 How Audit Planning Decisions Affect
the Assessment of Inherent Risk 12-37
Understanding the Entity and Its Environment 12-37
Determining Inherent Risk in the Payroll Process 12-39
12.11 Control Activities for Payroll 12-40
Example Transactions Flows—Payroll Transactions 12-40
Evaluate What Can Go Wrong (WCGW) and Identify Key
Controls—Payroll 12-42
Preliminary Audit Strategy 12-44
12.12 Tests of Controls in the Payroll Process and Audit
Strategy 12-45
Tests of Controls for Payroll 12-45
Fraud Risk Assessment 12-46
Audit Data Analytics Used in Fraud Risk Assessment 12-46
The Risk of Material Misstatement and Audit Strategy 12-46
12.13 Substantive Procedures for the Payroll
Process 12-47
Initial Procedures 12-48
Substantive Analytical Procedures 12-49
Audit Data Analytics as a Substantive Procedure 12-49
Tests of Details of Transactions 12-49
Tests of Details of Balances 12-50
Tests of Details of Presentation 12-50
Draw a Final Conclusion 12-51
Audit Decision-Making Example 12-53
13 Auditing Cash, Inventory, and Related Income Statement Accounts
13-1
13.1 Auditing Cash and Cash Equivalents 13-3
How Audit Planning Decisions Affect the Assessment of
Inherent Risk 13-3
Understanding Internal Controls and Developing a
Preliminary Audit Strategy 13-4
Assessing Control Risk, Fraud Risk, and RMM and
Determining a Final Audit Strategy 13-5
Substantive Procedures for Cash and Cash
Equivalents 13-6
Draw a Final Conclusion 13-13
Johnson_FM.indd 20 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
11.7 Tests of Controls in the Revenue Process and
Audit Strategy 11-30
Tests of Controls in the Revenue Process 11-30
Fraud Risk Assessment 11-31
Audit Data Analytics as a Risk Assessment Procedure 11-32
The Risk of Material Misstatement and Audit Strategy 11-32
11.8 Substantive Procedures for the Revenue
Process 11-33
Initial Procedures 11-36
Substantive Analytical Procedures 11-36
Audit Data Analytics as a Substantive Procedure 11-36
Tests of Details of Transactions 11-37
Tests of Details of Balances 11-38
Tests of Details of Presentation 11-43
Draw a Final Conclusion 11-44
Audit Decision-Making Example 11-46
12 Auditing the Purchasing and
Payroll Processes 12-1
12.1 Auditing Purchase Transactions and Balances 12-2
Overview of Auditing Purchases 12-2
Understand the Nature of the Purchasing Process 12-3
Purchase Transactions 12-4
12.2 How Audit Planning Decisions Affect the
Assessment of Inherent Risk 12-5
Understanding the Entity and Its Environment 12-5
Determining Inherent Risks in the Purchasing Process 12-9
12.3 Control Activities for Purchases 12-12
Example Transaction Flows—Credit Purchases 12-12
Evaluate What Can Go Wrong (WCGW) and Identify Key
Controls—Purchases and Accounts Payable 12-15
12.4 Control Activities for Cash Disbursements 12-18
Example Transaction Flows—Cash Disbursements 12-18
Evaluate What Can Go Wrong (WCGW) and
Identify Key Controls—Cash Disbursements 12-20
12.5 Evaluated Receipt Settlement (ERS) 12-21
Initiating an ERS Transaction 12-22
Receiving Goods 12-22
Recording Payables 12-22
Electronic Payment 12-22
Internal Controls in an ERS System 12-23
12.6 Control Activities for Purchase Adjustments and
Purchasing Process Disclosures 12-24
Purchase Returns and Allowances 12-24
Other Controls in the Purchasing Process 12-25
Preliminary Audit Strategy 12-25
12.7 Tests of Controls in the Purchasing Process and
Audit Strategy 12-26
Tests of Controls in the Purchasing Process 12-26
Fraud Risk Assessment 12-27
Audit Data Analytics as a Risk Assessment Procedure 12-28
The Risk of Material Misstatement and Audit
Strategy 12-28
12.8 Substantive Procedures for the Purchasing
Process 12-29
Initial Procedures 12-30
Substantive Analytical Procedures 12-31
Audit Data Analytics as a Substantive Procedure 12-31
Tests of Details of Transactions 12-31
Tests of Details of Balances 12-33
Tests of Details of Presentation 12-33
Draw a Final Conclusion 12-34
Appendix 12A: Auditing Payroll 12-35
12.9 Explain the Nature of Payroll Transactions and
Balances 12-36
Understand the Nature of the Payroll Process 12-36
Payroll Transactions 12-36
12.10 How Audit Planning Decisions Affect
the Assessment of Inherent Risk 12-37
Understanding the Entity and Its Environment 12-37
Determining Inherent Risk in the Payroll Process 12-39
12.11 Control Activities for Payroll 12-40
Example Transactions Flows—Payroll Transactions 12-40
Evaluate What Can Go Wrong (WCGW) and Identify Key
Controls—Payroll 12-42
Preliminary Audit Strategy 12-44
12.12 Tests of Controls in the Payroll Process and Audit
Strategy 12-45
Tests of Controls for Payroll 12-45
Fraud Risk Assessment 12-46
Audit Data Analytics Used in Fraud Risk Assessment 12-46
The Risk of Material Misstatement and Audit Strategy 12-46
12.13 Substantive Procedures for the Payroll
Process 12-47
Initial Procedures 12-48
Substantive Analytical Procedures 12-49
Audit Data Analytics as a Substantive Procedure 12-49
Tests of Details of Transactions 12-49
Tests of Details of Balances 12-50
Tests of Details of Presentation 12-50
Draw a Final Conclusion 12-51
Audit Decision-Making Example 12-53
13 Auditing Cash, Inventory, and Related Income Statement Accounts
13-1
13.1 Auditing Cash and Cash Equivalents 13-3
How Audit Planning Decisions Affect the Assessment of
Inherent Risk 13-3
Understanding Internal Controls and Developing a
Preliminary Audit Strategy 13-4
Assessing Control Risk, Fraud Risk, and RMM and
Determining a Final Audit Strategy 13-5
Substantive Procedures for Cash and Cash
Equivalents 13-6
Draw a Final Conclusion 13-13
Johnson_FM.indd 20 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
13.2 Auditing Inventory 13-13
How Audit Planning Decisions Affect the Assessment of
Inherent Risk 13-14
Understanding Internal Controls and Developing a
Preliminary Audit Strategy 13-17
Assessing Control Risk, Fraud Risk, and RMM and
Determining a Final Audit Strategy 13-19
Substantive Procedures for Inventory 13-21
Audit Decision-Making Example 13-31
14 Auditing Investing and Financing
Activites 14-1
14.1 Auditing Property, Plant, and Equipment 14-2
How Audit Planning Decisions Affect the Assessment of
Inherent Risk 14-3
Understanding Internal Controls and Developing a
Preliminary Audit Strategy 14-5
Assessing Control Risk and Fraud Risk, and Determining a
Final Audit Strategy 14-7
Substantive Procedures for Property, Plant, and
Equipment 14-7
Draw a Final Conclusion 14-12
14.2 Auditing Financing Activities 14-13
How Audit Planning Decisions Affect the Assessment of
Inherent Risk 14-13
Understanding Internal Controls and Developing a
Preliminary Audit Strategy 14-16
Assessing Control Risk and Fraud Risk, and Determining a
Final Audit Strategy 14-17
Substantive Procedures for Long-Term Debt 14-18
Substantive Procedures for Stockholders’ Equity 14-21
Audit Decision-Making Example 14-25
15 Completing the Audit 15-1
15.1 Audit Procedures for Loss Contingencies 15-3
Accounting for Loss Contingencies 15-3
Auditing Loss Contingencies 15-4
Legal Letter 15-4
15.2 Subsequent Events 15-7
Accounting for Subsequent Events 15-8
Auditing Subsequent Events 15-9
15.3 Engagement Wrap-Up 15-11
Final Analytical Procedures 15-11
Final Evaluation of Audit Findings 15-12
Completion of Working Paper Review 15-17
Engagement Quality Review 15-18
Completion of Documentation 15-19
15.4 Going Concern 15-20
Management Responsibility 15-20
Auditor Responsibility 15-21
Audit Procedures to Evaluate Going Concern 15-21
15.5 Management Representation and Communication
with Those Charged with Governance 15-23
Management Representation Letter 15-23
Communication with Those Charged with Governance 15-26
Audit Decision-Making Example 15-30
16 Reporting on the Audit 16-1
16.1 Standard Unmodified/Unqualified Audit
Report 16-3
16.2 Additional Wording for the Standard Unmodified
Report 16-9
Going Concern Section 16-9
Emphasis Added at Discretion of the Auditor 16-10
Consistency of Financial Statements 16-11
16.3 Opinion Based in Part on the Report of Another
Auditor 16-13
16.4 Modifying the Audit Opinion 16-15
Departure from Applicable Financial Reporting
Framework 16-16
Scope Limitation 16-18
16.5 Subsequently Discovered Facts 16-24
Subsequently Discovered Facts That Become Known
Before the Report Release Date 16-24
Subsequently Discovered Facts That Become Known After
the Report Release Date 16-26
16.6 Reports on the Audit of ICFR 16-28
Standard Unqualified Opinion on ICFR 16-28
Modified Opinion on ICFR 16-30
Integrated Audits for Private Companies 16-32
16.7 Preparation, Compilation, and Review
Engagements 16-32
Preparation of Financial Statements 16-33
Compilation of Financial Statements 16-33
Review of Financial Statements 16-35
Audit Decision-Making Example 16-39
APPENDIX A Cloud 9 Inc. Audit A-1
Cloud 9 Inc. Company Background A-1
Personnel A-2
Financial Information A-2
Transcript of Meeting with David Collier A-4
AUDITING AND ASSURANCE STANDARDS AS-1
GLOSSARY G-1
INDEX I-1
TABLE OF CONTENTS xxi
Johnson_FM.indd 21 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
How Audit Planning Decisions Affect the Assessment of
Inherent Risk 13-14
Understanding Internal Controls and Developing a
Preliminary Audit Strategy 13-17
Assessing Control Risk, Fraud Risk, and RMM and
Determining a Final Audit Strategy 13-19
Substantive Procedures for Inventory 13-21
Audit Decision-Making Example 13-31
14 Auditing Investing and Financing
Activites 14-1
14.1 Auditing Property, Plant, and Equipment 14-2
How Audit Planning Decisions Affect the Assessment of
Inherent Risk 14-3
Understanding Internal Controls and Developing a
Preliminary Audit Strategy 14-5
Assessing Control Risk and Fraud Risk, and Determining a
Final Audit Strategy 14-7
Substantive Procedures for Property, Plant, and
Equipment 14-7
Draw a Final Conclusion 14-12
14.2 Auditing Financing Activities 14-13
How Audit Planning Decisions Affect the Assessment of
Inherent Risk 14-13
Understanding Internal Controls and Developing a
Preliminary Audit Strategy 14-16
Assessing Control Risk and Fraud Risk, and Determining a
Final Audit Strategy 14-17
Substantive Procedures for Long-Term Debt 14-18
Substantive Procedures for Stockholders’ Equity 14-21
Audit Decision-Making Example 14-25
15 Completing the Audit 15-1
15.1 Audit Procedures for Loss Contingencies 15-3
Accounting for Loss Contingencies 15-3
Auditing Loss Contingencies 15-4
Legal Letter 15-4
15.2 Subsequent Events 15-7
Accounting for Subsequent Events 15-8
Auditing Subsequent Events 15-9
15.3 Engagement Wrap-Up 15-11
Final Analytical Procedures 15-11
Final Evaluation of Audit Findings 15-12
Completion of Working Paper Review 15-17
Engagement Quality Review 15-18
Completion of Documentation 15-19
15.4 Going Concern 15-20
Management Responsibility 15-20
Auditor Responsibility 15-21
Audit Procedures to Evaluate Going Concern 15-21
15.5 Management Representation and Communication
with Those Charged with Governance 15-23
Management Representation Letter 15-23
Communication with Those Charged with Governance 15-26
Audit Decision-Making Example 15-30
16 Reporting on the Audit 16-1
16.1 Standard Unmodified/Unqualified Audit
Report 16-3
16.2 Additional Wording for the Standard Unmodified
Report 16-9
Going Concern Section 16-9
Emphasis Added at Discretion of the Auditor 16-10
Consistency of Financial Statements 16-11
16.3 Opinion Based in Part on the Report of Another
Auditor 16-13
16.4 Modifying the Audit Opinion 16-15
Departure from Applicable Financial Reporting
Framework 16-16
Scope Limitation 16-18
16.5 Subsequently Discovered Facts 16-24
Subsequently Discovered Facts That Become Known
Before the Report Release Date 16-24
Subsequently Discovered Facts That Become Known After
the Report Release Date 16-26
16.6 Reports on the Audit of ICFR 16-28
Standard Unqualified Opinion on ICFR 16-28
Modified Opinion on ICFR 16-30
Integrated Audits for Private Companies 16-32
16.7 Preparation, Compilation, and Review
Engagements 16-32
Preparation of Financial Statements 16-33
Compilation of Financial Statements 16-33
Review of Financial Statements 16-35
Audit Decision-Making Example 16-39
APPENDIX A Cloud 9 Inc. Audit A-1
Cloud 9 Inc. Company Background A-1
Personnel A-2
Financial Information A-2
Transcript of Meeting with David Collier A-4
AUDITING AND ASSURANCE STANDARDS AS-1
GLOSSARY G-1
INDEX I-1
TABLE OF CONTENTS xxi
Johnson_FM.indd 21 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Johnson_FM.indd 22 8/24/21 9:43 AMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1-1
Introduction and Overview of
Audit and Assurance
CHAPTER 1
Audit Data Analytics
(Chapter 8)
Audit Evidence
(Chapter 5)
Client Acceptance/Continuance and Risk Assessment
(Chapters 3 and 4)
Developing Responses to Risk and an Audit Strategy
Gaining an
Understanding of
the Client
Identifying Significant
Accounts and
Transactions
Setting Planning
Materiality
Making Preliminary
Risk Assessments
Gaining an Understanding
of the System of Internal Control
(Chapter 6)
Overview of Audit and Assurance
(Chapter 1)
Completing and Reporting on the Audit
(Chapters 15 and 16)
Reporting
Drawing Audit
Conclusions
Procedures Performed Near
the End of the Audit
Auditing Investing and
Financing Activities
(Chapter 14)
Auditing Cash and
Inventory
(Chapter 13)
Auditing the Purchasing
and Payroll Processes
(Chapter 12)
Auditing the
Revenue Process
(Chapter 11)
Performing Tests of Controls
(Chapter 7)
Performing Substantive Procedures
(Chapter 9)
Audit Sampling for Substantive Procedures
(Chapter 10)
Professionalism and Professional Responsibilities
(Chapter 2)
The Audit Process
c01IntroductionAndOverviewOfAuditAndAssurance.indd 1 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Introduction and Overview of
Audit and Assurance
CHAPTER 1
Audit Data Analytics
(Chapter 8)
Audit Evidence
(Chapter 5)
Client Acceptance/Continuance and Risk Assessment
(Chapters 3 and 4)
Developing Responses to Risk and an Audit Strategy
Gaining an
Understanding of
the Client
Identifying Significant
Accounts and
Transactions
Setting Planning
Materiality
Making Preliminary
Risk Assessments
Gaining an Understanding
of the System of Internal Control
(Chapter 6)
Overview of Audit and Assurance
(Chapter 1)
Completing and Reporting on the Audit
(Chapters 15 and 16)
Reporting
Drawing Audit
Conclusions
Procedures Performed Near
the End of the Audit
Auditing Investing and
Financing Activities
(Chapter 14)
Auditing Cash and
Inventory
(Chapter 13)
Auditing the Purchasing
and Payroll Processes
(Chapter 12)
Auditing the
Revenue Process
(Chapter 11)
Performing Tests of Controls
(Chapter 7)
Performing Substantive Procedures
(Chapter 9)
Audit Sampling for Substantive Procedures
(Chapter 10)
Professionalism and Professional Responsibilities
(Chapter 2)
The Audit Process
c01IntroductionAndOverviewOfAuditAndAssurance.indd 1 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1-2 Chapter 1 Introduction and Overview of Audit and Assurance
Auditing and Assurance Standards
PCAOB
Framework for Audits of Public Companies
AS 2201 An Audit of Internal Control Over Financial
Reporting That Is Integrated with An Audit of Financial
Statements
AS 3101 The Auditor’s Report on an Audit of Financial
Statements When the Auditor Expresses an Unqualified
Opinion
AUDITING STANDARDS BOARD (ASB)
Framework for Audits of Private Companies
AU-C 200 Overall Objectives of the Independent Auditor
and the Conduct of an Audit in Accordance with Generally
Accepted Auditing Standards
AU-C 700 Forming an Opinion and Reporting on
Financial Statements
Learning Objectives
LO 1 Differentiate among assurance, attestation, and
audit services.
LO 2 Describe the different types of assurance
services.
LO 3 Explain the demand for audit and assurance
services.
LO 4 Discuss the different roles of the financial
statement preparer and the auditor.
LO 5 Identify the roles of different regulators and
organizations that affect the audit profession.
LO 6 Explain the concepts of reasonable assurance and
materiality, and the nature of an unqualified/
unmodified report on the audit of financial statements.
LO 7 Explain the concept of reasonable assurance and
the nature of an unqualified report on internal controls
over financial reporting.
LO 8 Discuss the audit expectation gap.
Cloud 9 Continuing Case
Cloud 9 Inc., a listed company (publicly traded) in the United
States, is looking to expand. Stotez Shoes was seen as a potential
target.
In 1985, Ron Stotez started Stotez Shoes in Seattle, Washington,
manufacturing and retailing customized basketball shoes. Ron
borrowed from the bank to start the company, using his house as
security. Over the years, he worked very hard to establish a profit-
able niche in the highly competitive sport shoe market. Ron repaid
the bank in 1999, and he vows to never borrow again.
As the business grew, Ron’s wife and three adult children
started to work with him, with responsibility for administration,
marketing and sales, production, and distribution. By the early
2000s, Ron’s business employed 20 people full-time, most of whom
work in production. There are also several seasonal employees and
part-time staff in the retail outlet in Seattle, particularly during
busy periods.
In February 2023, Ron received a call from Chip Masters, the
senior vice president of Cloud 9. Chip expressed an interest in buy-
ing Stotez Shoes. Ron wants to retire, and his children are starting
to fight among themselves about who is going to take over their
father’s business. Ron is looking for an exit strategy, but he does not
want Chip to know that. He asks if Chip is ready to talk about the
price. Chip says he is, but first he needs to see the audited financial
statements for Stotez Shoes.
This text is designed to provide you with the opportunity to learn about auditing by using a practical, problem-based approach.
Each chapter begins with some information about an example audit client—Cloud 9 Inc. (Cloud 9). The chapter then provides the
underlying concepts and background information needed to deal with this client’s situation and the problems facing its auditor. As
you work through the chapters, you will gradually build your knowledge of auditing by studying how the contents of each chapter are
applied to Cloud 9. The end-of-chapter exercises and problems also provide you with the opportunity to study other aspects of Cloud
9’s audit, in addition to applying the knowledge gained in the chapter to other practical examples.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 2 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Auditing and Assurance Standards
PCAOB
Framework for Audits of Public Companies
AS 2201 An Audit of Internal Control Over Financial
Reporting That Is Integrated with An Audit of Financial
Statements
AS 3101 The Auditor’s Report on an Audit of Financial
Statements When the Auditor Expresses an Unqualified
Opinion
AUDITING STANDARDS BOARD (ASB)
Framework for Audits of Private Companies
AU-C 200 Overall Objectives of the Independent Auditor
and the Conduct of an Audit in Accordance with Generally
Accepted Auditing Standards
AU-C 700 Forming an Opinion and Reporting on
Financial Statements
Learning Objectives
LO 1 Differentiate among assurance, attestation, and
audit services.
LO 2 Describe the different types of assurance
services.
LO 3 Explain the demand for audit and assurance
services.
LO 4 Discuss the different roles of the financial
statement preparer and the auditor.
LO 5 Identify the roles of different regulators and
organizations that affect the audit profession.
LO 6 Explain the concepts of reasonable assurance and
materiality, and the nature of an unqualified/
unmodified report on the audit of financial statements.
LO 7 Explain the concept of reasonable assurance and
the nature of an unqualified report on internal controls
over financial reporting.
LO 8 Discuss the audit expectation gap.
Cloud 9 Continuing Case
Cloud 9 Inc., a listed company (publicly traded) in the United
States, is looking to expand. Stotez Shoes was seen as a potential
target.
In 1985, Ron Stotez started Stotez Shoes in Seattle, Washington,
manufacturing and retailing customized basketball shoes. Ron
borrowed from the bank to start the company, using his house as
security. Over the years, he worked very hard to establish a profit-
able niche in the highly competitive sport shoe market. Ron repaid
the bank in 1999, and he vows to never borrow again.
As the business grew, Ron’s wife and three adult children
started to work with him, with responsibility for administration,
marketing and sales, production, and distribution. By the early
2000s, Ron’s business employed 20 people full-time, most of whom
work in production. There are also several seasonal employees and
part-time staff in the retail outlet in Seattle, particularly during
busy periods.
In February 2023, Ron received a call from Chip Masters, the
senior vice president of Cloud 9. Chip expressed an interest in buy-
ing Stotez Shoes. Ron wants to retire, and his children are starting
to fight among themselves about who is going to take over their
father’s business. Ron is looking for an exit strategy, but he does not
want Chip to know that. He asks if Chip is ready to talk about the
price. Chip says he is, but first he needs to see the audited financial
statements for Stotez Shoes.
This text is designed to provide you with the opportunity to learn about auditing by using a practical, problem-based approach.
Each chapter begins with some information about an example audit client—Cloud 9 Inc. (Cloud 9). The chapter then provides the
underlying concepts and background information needed to deal with this client’s situation and the problems facing its auditor. As
you work through the chapters, you will gradually build your knowledge of auditing by studying how the contents of each chapter are
applied to Cloud 9. The end-of-chapter exercises and problems also provide you with the opportunity to study other aspects of Cloud
9’s audit, in addition to applying the knowledge gained in the chapter to other practical examples.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 2 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1.1 Assurance, Attestation, and Audit Services 1-3
Chapter Preview: Audit Process in Focus
The purpose of this chapter is to provide an overview of assurance, attestation, and audit
services. While the focus of this text is the audit of financial statements, in this chapter we
define assurance and attest engagements, and differentiate among the types of assurance en-
gagements. We also discuss why there is a demand for audit and assurance services, and then
identify the separate roles of the financial statement preparer and the auditors.
In addition, we introduce regulatory bodies and other organizations that impact the audit
profession. We also explain what is communicated in the auditor’s report as well as discuss
the audit expectation gap.
LEARNING OBJECTIVE 1
Differentiate among assurance, attestation, and audit services.
The terms assurance, attestation, and auditing are sometimes used interchangeably, but they
actually represent different types of services. The services have the following characteristics
in common.
•
An independent accounting firm is taking information prepared by someone else and then comparing it to an established set of criteria.
•
The independent accounting firm provides a written report about the results of the ser-
vice performed.
• The services add credibility, or integrity, to the information, which makes it more useful for decision making.
An everyday example of this process would be needing a physical exam from a medical doctor before joining a sports team. The doctor would be the independent professional. The doctor would conduct the physical exam and compare your results to standards considered accept-
able for someone of your age and height. At the completion of the physical exam, the doctor would provide you with written documentation stating that you were in good physical condi- tion to play on the sports team. The service provided by the doctor improves the “integrity” of your claim that you are in good condition to participate on the team.
The relationship of assurance, attestation, and auditing services is shown in Illustra-
tion 1.1 and resembles overlapping umbrellas. We will refer to Illustration 1.1 as we discuss the three services in more detail.
1.1 Assurance, Attestation, and Audit Services
Cloud 9 Continuing Case
Chip Masters has asked Ron Stotez for audited financial state-
ments of Stotez Shoes. Ron has never had an audit and is not sure
what it involves. He has heard about tax audits, safety audits, ef-
ficiency audits, as well as financial statement audits. Are they all
the same thing?
Ernie explains to Ron that there are several services that peo-
ple call “audits” that are different from financial statement audits.
However, all these services, including financial statement audits,
can be defined as assurance services.
Ron asks for some time. He tells Chip that he first needs to talk
to his family and will then get back to him. When Ron puts the phone down, he immediately calls his friend Ernie Black, who is a CPA. For years, Ernie has been suggesting to Ron that his business affairs need
attention. Ron is good at making deals and working hard, but he
has never bothered with sophisticated financial arrangements. He
is still running his business as a sole proprietor (not a corporation),
and his wife does all the tax returns. Ron is in a panic—he wants to
sell Stotez Shoes, but what is he going to do about Chip’s request for
audited financial statements?
c01IntroductionAndOverviewOfAuditAndAssurance.indd 3 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Chapter Preview: Audit Process in Focus
The purpose of this chapter is to provide an overview of assurance, attestation, and audit
services. While the focus of this text is the audit of financial statements, in this chapter we
define assurance and attest engagements, and differentiate among the types of assurance en-
gagements. We also discuss why there is a demand for audit and assurance services, and then
identify the separate roles of the financial statement preparer and the auditors.
In addition, we introduce regulatory bodies and other organizations that impact the audit
profession. We also explain what is communicated in the auditor’s report as well as discuss
the audit expectation gap.
LEARNING OBJECTIVE 1
Differentiate among assurance, attestation, and audit services.
The terms assurance, attestation, and auditing are sometimes used interchangeably, but they
actually represent different types of services. The services have the following characteristics
in common.
•
An independent accounting firm is taking information prepared by someone else and then comparing it to an established set of criteria.
•
The independent accounting firm provides a written report about the results of the ser-
vice performed.
• The services add credibility, or integrity, to the information, which makes it more useful for decision making.
An everyday example of this process would be needing a physical exam from a medical doctor before joining a sports team. The doctor would be the independent professional. The doctor would conduct the physical exam and compare your results to standards considered accept-
able for someone of your age and height. At the completion of the physical exam, the doctor would provide you with written documentation stating that you were in good physical condi- tion to play on the sports team. The service provided by the doctor improves the “integrity” of your claim that you are in good condition to participate on the team.
The relationship of assurance, attestation, and auditing services is shown in Illustra-
tion 1.1 and resembles overlapping umbrellas. We will refer to Illustration 1.1 as we discuss the three services in more detail.
1.1 Assurance, Attestation, and Audit Services
Cloud 9 Continuing Case
Chip Masters has asked Ron Stotez for audited financial state-
ments of Stotez Shoes. Ron has never had an audit and is not sure
what it involves. He has heard about tax audits, safety audits, ef-
ficiency audits, as well as financial statement audits. Are they all
the same thing?
Ernie explains to Ron that there are several services that peo-
ple call “audits” that are different from financial statement audits.
However, all these services, including financial statement audits,
can be defined as assurance services.
Ron asks for some time. He tells Chip that he first needs to talk
to his family and will then get back to him. When Ron puts the phone down, he immediately calls his friend Ernie Black, who is a CPA. For years, Ernie has been suggesting to Ron that his business affairs need
attention. Ron is good at making deals and working hard, but he
has never bothered with sophisticated financial arrangements. He
is still running his business as a sole proprietor (not a corporation),
and his wife does all the tax returns. Ron is in a panic—he wants to
sell Stotez Shoes, but what is he going to do about Chip’s request for
audited financial statements?
c01IntroductionAndOverviewOfAuditAndAssurance.indd 3 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1-4 Chapter 1 Introduction and Overview of Audit and Assurance
Audit Services
Audit services are the most specific and narrow of the three services; therefore, it is the smallest um-
brella in Illustration 1.1. Two primary types of audit services are an audit of financial statements
and an audit of internal controls over financial reporting (ICFR). The purpose of an audit of finan-
cial statements is to provide financial statement users with an opinion by the auditor on whether
the financial statements are presented fairly in accordance with an applicable financial reporting
framework. The purpose of an audit of ICFR is to provide financial statement users with an opinion
by the auditor on the design and operating effectiveness of ICFR. These audit services enhance the
degree of confidence that intended users can place in the financial statements (AU-C 200.04).
Some key concepts in these descriptions require further explanation.
•
The financial statements refer to historical financial statements of either a public or pri-
vate company.
• The auditor refers to an independent certified public accountant, or CPA, who is qualified
to perform the audit service. The only professional who can sign an audit report on histor-
ical financial statements and internal controls for a public or private company is a CPA.
• The applicable financial reporting framework refers to the set of standards used in prepar -
ing the historical financial statements, such as generally accepted accounting principles (GAAP) in the United States, International Financial Reporting Standards (IFRS), or gov-
ernmental accounting standards for governmental entities.
•
The intended users refer to any group that will be using the financial statements to make
decisions, such as investors and creditors.
Attestation Services
Companies produce financial information that goes beyond historical financial statements. Examples include financial forecasts and detailed schedules for specific accounts. When CPAs are hired to report on the integrity of this type of financial information, it is called an attesta- tion service. Attestation services are performed when an independent practitioner, or CPA, is engaged to issue a report on subject matter that is the responsibility of another party.
As depicted in Illustration 1.1, audit services fall under the umbrella of attestation ser-
vices, but so do other services that involve a CPA reporting on other financial information. Note the use of the term practitioner in the definition of attestation services. The term practitioner
is used rather than auditor because attestation services encompass more than just the audit of historical financial statements and internal controls.
AU-C 200
Overall Objectives of
the Independent Auditor and the
Conduct of an Audit in Accor-
dance with Generally Accepted
Auditing Standards
audit services
services by an
independent CPA that provide financial statement users with (1) an opinion on whether the financial statements are presented fairly, in all material respects, in accordance with an applicable financial reporting framework and, in some cases, (2) an opinion on the effectiveness of internal controls over financial reporting (ICFR), which enhance the de- gree of confidence that intended users can place in the financial statements
attestation services
services
performed when an independent
practitioner, or CPA, is engaged
to issue a report on subject matter
that is the responsibility of an-
other party
Assurance Services
Attestation Services
Audit Services
Agreed-upon
procedures
Historical
financial
statements
Internal
controls
Data
integrity
Examination
of financial
forecast
Risk advisory
services
Website security
System and Organization Controls (SOC) Report
Review of historical financial statements
Relationship of assurance, attestation, and auditing services
ILLUSTRATION 1.1
c01IntroductionAndOverviewOfAuditAndAssurance.indd 4 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Audit Services
Audit services are the most specific and narrow of the three services; therefore, it is the smallest um-
brella in Illustration 1.1. Two primary types of audit services are an audit of financial statements
and an audit of internal controls over financial reporting (ICFR). The purpose of an audit of finan-
cial statements is to provide financial statement users with an opinion by the auditor on whether
the financial statements are presented fairly in accordance with an applicable financial reporting
framework. The purpose of an audit of ICFR is to provide financial statement users with an opinion
by the auditor on the design and operating effectiveness of ICFR. These audit services enhance the
degree of confidence that intended users can place in the financial statements (AU-C 200.04).
Some key concepts in these descriptions require further explanation.
•
The financial statements refer to historical financial statements of either a public or pri-
vate company.
• The auditor refers to an independent certified public accountant, or CPA, who is qualified
to perform the audit service. The only professional who can sign an audit report on histor-
ical financial statements and internal controls for a public or private company is a CPA.
• The applicable financial reporting framework refers to the set of standards used in prepar -
ing the historical financial statements, such as generally accepted accounting principles (GAAP) in the United States, International Financial Reporting Standards (IFRS), or gov-
ernmental accounting standards for governmental entities.
•
The intended users refer to any group that will be using the financial statements to make
decisions, such as investors and creditors.
Attestation Services
Companies produce financial information that goes beyond historical financial statements. Examples include financial forecasts and detailed schedules for specific accounts. When CPAs are hired to report on the integrity of this type of financial information, it is called an attesta- tion service. Attestation services are performed when an independent practitioner, or CPA, is engaged to issue a report on subject matter that is the responsibility of another party.
As depicted in Illustration 1.1, audit services fall under the umbrella of attestation ser-
vices, but so do other services that involve a CPA reporting on other financial information. Note the use of the term practitioner in the definition of attestation services. The term practitioner
is used rather than auditor because attestation services encompass more than just the audit of historical financial statements and internal controls.
AU-C 200
Overall Objectives of
the Independent Auditor and the
Conduct of an Audit in Accor-
dance with Generally Accepted
Auditing Standards
audit services
services by an
independent CPA that provide financial statement users with (1) an opinion on whether the financial statements are presented fairly, in all material respects, in accordance with an applicable financial reporting framework and, in some cases, (2) an opinion on the effectiveness of internal controls over financial reporting (ICFR), which enhance the de- gree of confidence that intended users can place in the financial statements
attestation services
services
performed when an independent
practitioner, or CPA, is engaged
to issue a report on subject matter
that is the responsibility of an-
other party
Assurance Services
Attestation Services
Audit Services
Agreed-upon
procedures
Historical
financial
statements
Internal
controls
Data
integrity
Examination
of financial
forecast
Risk advisory
services
Website security
System and Organization Controls (SOC) Report
Review of historical financial statements
Relationship of assurance, attestation, and auditing services
ILLUSTRATION 1.1
c01IntroductionAndOverviewOfAuditAndAssurance.indd 4 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1.1 Assurance, Attestation, and Audit Services 1-5
Another example of an attestation service is a review of historical financial statements. Small
private companies often do not want or need a service as extensive as an audit. In a review en-
gagement, the practitioner expresses limited assurance that no material modifications need to
be made to the financial statements. So a review is a less extensive and, therefore, less expensive
service that can be very useful for smaller private companies. A more detailed discussion of a
review is presented in Chapter 16.
One final example is a System and Organization Controls Report, referred to as a SOC 1
Report. Many clients outsource key accounting functions, such as payroll, to an outside service
organization. An independent CPA can evaluate and report on the controls at the service orga-
nization. This SOC reporting helps to build trust and confidence in the services provided by the
service organization. SOC reporting is discussed further in Chapters 6 and 7.
Assurance Services
The largest umbrella in Illustration 1.1 represents assurance services. Assurance services are
independent professional services that improve the quality of information, or its context, for
decision makers. Let’s discuss some key concepts in this definition:
•
Independent. This term is common to audit, attestation, and assurance services. It im- plies that the service is performed by someone who was not involved with the creation of the information and who is objective in the evaluation of the information. (Chapter 2 covers independence in more depth.)
•
Quality. This refers to the relevance and reliability of the information.
• Information. This refers to subject matter that can be financial or nonfinancial, histori- cal or prospective, standalone or entire systems of data, internal or external to a company.
Essentially, the concept of assurance services encompasses any service that a professional pro -
vides that involves improving the quality of information that was prepared by someone else. Both attestation and audit services fall under the broad term of assurance services, and there-
fore are depicted under the assurance umbrella in Illustration 1.1.
While the audit of a company’s historical financial statements and internal controls is
the focus of this text, there are other types of audit and assurance services that warrant some discussion. The next section provides a description of these different types of services.
assurance services
indepen-
dent professional services that
improve the quality of informa-
tion, or its context, for decision
makers
Professional Environment
Becoming a CPA
Certified public accountants (CPAs) are the only licensed accounting
professionals in the United States. CPA licenses are not issued at the
national level but at the state level. To become a licensed CPA, an in-
dividual must earn the three Es—Education, Exam, and Experience.
1
The first step is meeting the education requirements set by a state
board of accountancy, which vary from state to state. All states require a
bachelor’s degree and completion of 150 hours of total college credit to
be a licensed CPA. Within the 150 hours, some states require comple-
tion of courses in specific subject areas in accounting, business, or eth-
ics. (See the discussion in this chapter on National Association of State
Boards of Accountancy (NASBA) and State Boards of Accountancy.)
The second step is passing the Uniform CPA Examination,
or CPA exam. The CPA exam is accepted for CPA licensure by all
states, which is why it is called the “uniform” CPA exam. Currently,
the CPA exam consists of four sections: Auditing and Attestation
(AUD), Business Environment and Concepts (BEC), Financial
Accounting and Reporting (FAR), and Regulation (REG). The
testing time for each section is four hours, for a total test time
of 16 hours. Each part of the exam consists of multiple-choice
questions and task-based simulations, and the BEC section also
requires written responses. CPA candidates can take one part of
the exam at a time and have 18 months to pass all four parts once
the first part has been successfully passed.
In January 2024, a new model for the CPA exam is expected to
launch. It will continue to be a four-section exam. Three sections
will cover the core topics of accounting, audit, tax, and technology.
The fourth section will be a specialty area chosen by the exam can-
didate. The specialty areas are business reporting and analysis, in-
formation systems and controls, and tax compliance and planning.
To keep up to date with these future changes to the CPA exam, visit
the CPA Evolution initiative website.
The final step is work experience. Work experience require-
ments also vary by state. In general, states require one to two years
of work experience under the supervision of a licensed CPA. The
work experience can be earned either before, during, or after sit-
ting for the CPA exam, but some restrictions may apply for when
the experience can be earned.
A state board of accountancy will only issue a license to prac-
tice after all three Es have been earned. The purpose of the entire
licensure process is to ensure that individuals possess the level of
knowledge and the skills necessary to perform the duties of a CPA
and to protect the public interest.
1
American Institute of Certified Public Accountants, The Uniform CPA Examination: Purpose and Structure (2018).
c01IntroductionAndOverviewOfAuditAndAssurance.indd 5 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Another example of an attestation service is a review of historical financial statements. Small
private companies often do not want or need a service as extensive as an audit. In a review en-
gagement, the practitioner expresses limited assurance that no material modifications need to
be made to the financial statements. So a review is a less extensive and, therefore, less expensive
service that can be very useful for smaller private companies. A more detailed discussion of a
review is presented in Chapter 16.
One final example is a System and Organization Controls Report, referred to as a SOC 1
Report. Many clients outsource key accounting functions, such as payroll, to an outside service
organization. An independent CPA can evaluate and report on the controls at the service orga-
nization. This SOC reporting helps to build trust and confidence in the services provided by the
service organization. SOC reporting is discussed further in Chapters 6 and 7.
Assurance Services
The largest umbrella in Illustration 1.1 represents assurance services. Assurance services are
independent professional services that improve the quality of information, or its context, for
decision makers. Let’s discuss some key concepts in this definition:
•
Independent. This term is common to audit, attestation, and assurance services. It im- plies that the service is performed by someone who was not involved with the creation of the information and who is objective in the evaluation of the information. (Chapter 2 covers independence in more depth.)
•
Quality. This refers to the relevance and reliability of the information.
• Information. This refers to subject matter that can be financial or nonfinancial, histori- cal or prospective, standalone or entire systems of data, internal or external to a company.
Essentially, the concept of assurance services encompasses any service that a professional pro -
vides that involves improving the quality of information that was prepared by someone else. Both attestation and audit services fall under the broad term of assurance services, and there-
fore are depicted under the assurance umbrella in Illustration 1.1.
While the audit of a company’s historical financial statements and internal controls is
the focus of this text, there are other types of audit and assurance services that warrant some discussion. The next section provides a description of these different types of services.
assurance services
indepen-
dent professional services that
improve the quality of informa-
tion, or its context, for decision
makers
Professional Environment
Becoming a CPA
Certified public accountants (CPAs) are the only licensed accounting
professionals in the United States. CPA licenses are not issued at the
national level but at the state level. To become a licensed CPA, an in-
dividual must earn the three Es—Education, Exam, and Experience.
1
The first step is meeting the education requirements set by a state
board of accountancy, which vary from state to state. All states require a
bachelor’s degree and completion of 150 hours of total college credit to
be a licensed CPA. Within the 150 hours, some states require comple-
tion of courses in specific subject areas in accounting, business, or eth-
ics. (See the discussion in this chapter on National Association of State
Boards of Accountancy (NASBA) and State Boards of Accountancy.)
The second step is passing the Uniform CPA Examination,
or CPA exam. The CPA exam is accepted for CPA licensure by all
states, which is why it is called the “uniform” CPA exam. Currently,
the CPA exam consists of four sections: Auditing and Attestation
(AUD), Business Environment and Concepts (BEC), Financial
Accounting and Reporting (FAR), and Regulation (REG). The
testing time for each section is four hours, for a total test time
of 16 hours. Each part of the exam consists of multiple-choice
questions and task-based simulations, and the BEC section also
requires written responses. CPA candidates can take one part of
the exam at a time and have 18 months to pass all four parts once
the first part has been successfully passed.
In January 2024, a new model for the CPA exam is expected to
launch. It will continue to be a four-section exam. Three sections
will cover the core topics of accounting, audit, tax, and technology.
The fourth section will be a specialty area chosen by the exam can-
didate. The specialty areas are business reporting and analysis, in-
formation systems and controls, and tax compliance and planning.
To keep up to date with these future changes to the CPA exam, visit
the CPA Evolution initiative website.
The final step is work experience. Work experience require-
ments also vary by state. In general, states require one to two years
of work experience under the supervision of a licensed CPA. The
work experience can be earned either before, during, or after sit-
ting for the CPA exam, but some restrictions may apply for when
the experience can be earned.
A state board of accountancy will only issue a license to prac-
tice after all three Es have been earned. The purpose of the entire
licensure process is to ensure that individuals possess the level of
knowledge and the skills necessary to perform the duties of a CPA
and to protect the public interest.
1
American Institute of Certified Public Accountants, The Uniform CPA Examination: Purpose and Structure (2018).
c01IntroductionAndOverviewOfAuditAndAssurance.indd 5 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1-6 Chapter 1 Introduction and Overview of Audit and Assurance
LEARNING OBJECTIVE 2
Describe the different types of assurance services.
In this section, we provide an overview of the most common types of assurance services that
a practitioner can provide. We will discuss financial statement audits, compliance audits, op-
erational (performance) audits, and internal audits.
Financial Statement Audits
As stated earlier, the purpose of an audit of financial statements is to provide financial
statement users with an opinion by the auditor on whether the financial statements are
presented fairly in accordance with an applicable financial reporting framework, which
enhances the degree of confidence that intended users can place in the financial state-
ments (AU-C 200.04). Within a U.S. context, the applicable financial reporting framework
is typically GAAP.
Public companies, or issuers, in the United States are required by the federal government
to have an annual financial statement audit. Private companies, or non-issuers, are not required
by the U.S. government to have an annual financial statement audit, but often other interested
users request that a private company provide audited financial statements. A good example
would be a lender (bank or other financial institution) requesting audited financial statements
when considering whether to lend money to the private company. Audited financial statements
add a degree of confidence that helps the lender make an informed lending decision.
Public companies are also required to prepare quarterly financial information, referred to
as interim financial statements. Although these interim financial statements are not required
to be audited, they are required to be reviewed by the company’s external auditors. Recall that
a review is less extensive than an audit. In a review, the auditor does not provide an opinion
on whether the interim financial statements are presented fairly. Instead, the auditor will only
state if there are any material modifications that should be made for the interim financial
statements to be in conformity with the appliable financial reporting framework.
In the course of your accounting studies, you have probably seen an annual report issued
by a public company. These annual reports can be found on a company’s website and
include
other information besides the company’s financial statements, such as a management discus-
sion and analysis section. Are the auditors required to audit this other information included in the annual report? The answer is no. The auditors are only required to audit the financial statements and related notes. However, the auditors have a responsibility to read the other information included in the annual report to ensure it is not inconsistent with or contradictory to information included in the financial statements.
1.2 Different Assurance Services
Before You Go On
1.1 Who are intended users of assurance services?
1.2 What does “independent” mean in the context of assurance services?
1.3 What is an example of an “applicable financial reporting framework”?
c01IntroductionAndOverviewOfAuditAndAssurance.indd 6 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
LEARNING OBJECTIVE 2
Describe the different types of assurance services.
In this section, we provide an overview of the most common types of assurance services that
a practitioner can provide. We will discuss financial statement audits, compliance audits, op-
erational (performance) audits, and internal audits.
Financial Statement Audits
As stated earlier, the purpose of an audit of financial statements is to provide financial
statement users with an opinion by the auditor on whether the financial statements are
presented fairly in accordance with an applicable financial reporting framework, which
enhances the degree of confidence that intended users can place in the financial state-
ments (AU-C 200.04). Within a U.S. context, the applicable financial reporting framework
is typically GAAP.
Public companies, or issuers, in the United States are required by the federal government
to have an annual financial statement audit. Private companies, or non-issuers, are not required
by the U.S. government to have an annual financial statement audit, but often other interested
users request that a private company provide audited financial statements. A good example
would be a lender (bank or other financial institution) requesting audited financial statements
when considering whether to lend money to the private company. Audited financial statements
add a degree of confidence that helps the lender make an informed lending decision.
Public companies are also required to prepare quarterly financial information, referred to
as interim financial statements. Although these interim financial statements are not required
to be audited, they are required to be reviewed by the company’s external auditors. Recall that
a review is less extensive than an audit. In a review, the auditor does not provide an opinion
on whether the interim financial statements are presented fairly. Instead, the auditor will only
state if there are any material modifications that should be made for the interim financial
statements to be in conformity with the appliable financial reporting framework.
In the course of your accounting studies, you have probably seen an annual report issued
by a public company. These annual reports can be found on a company’s website and
include
other information besides the company’s financial statements, such as a management discus-
sion and analysis section. Are the auditors required to audit this other information included in the annual report? The answer is no. The auditors are only required to audit the financial statements and related notes. However, the auditors have a responsibility to read the other information included in the annual report to ensure it is not inconsistent with or contradictory to information included in the financial statements.
1.2 Different Assurance Services
Before You Go On
1.1 Who are intended users of assurance services?
1.2 What does “independent” mean in the context of assurance services?
1.3 What is an example of an “applicable financial reporting framework”?
c01IntroductionAndOverviewOfAuditAndAssurance.indd 6 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Get Complete eBook Download Link below
for instant download
https://browsegrades.net/documents/286751/ebook-payment-link-for-instant-
download-after-payment
Get Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
for instant download
https://browsegrades.net/documents/286751/ebook-payment-link-for-instant-
download-after-payment
Get Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1.2 Different Assurance Services 1-7
Integrated Audit
Certain public companies in the United States are also required to have an audit of internal
control over financial reporting (ICFR). The objective in an audit of ICFR is to express an opin-
ion on the effectiveness of the company’s system of internal controls over financial reporting
(AS 2201.03). The reason for requiring an audit of ICFR is because effective internal control
provides reasonable assurance regarding the reliability of financial reporting and the prepara-
tion of financial statements for external purposes (AS 2201.02). Therefore, public companies
are required to have two audits every year, one on the financial statements and one on the
effectiveness of the company’s internal controls.
For efficiency purposes, these two audits are performed at the same time. This is called
an integrated audit. The objectives of the audits are not identical, however, and the auditor
must plan and perform the work to achieve the objectives of each audit (AS 2201.06). Private
companies are not required by the government to have an audit of ICFR. As mentioned above,
other interested users, such as a lender, may require a private company to have an audit of ICFR
along with an audit of the financial statements as a condition for being approved for a loan.
Limitations of an Audit
A financial statement audit is conducted to enhance the reliability and credibility of the
information included in the financial statements. It is not a guarantee that the financial
statements are free from error or fraud. The limitations of an audit are caused by (1) the nature
of financial reporting, (2) the nature of audit procedures, and (3) the need for the audit to be
conducted within a reasonable period of time at a reasonable cost (AU-C 200.A49).
Nature of Financial Reporting
The nature of financial reporting refers to the use of
judgment when preparing financial statements. Since you have taken financial accounting cours- es, think about the estimates that are included in preparing a set of financial statements. Can you list a few? And think about the judgment required when selecting and applying accounting methods. For example, depreciating a piece of equipment is an estimate that requires judgment in selecting a depreciation method and determining a useful life and salvage value. While an estimate may not be precise, the auditor must evaluate whether the estimate is fairly presented.
Nature of Audit Procedures The nature of audit procedures refers to the reliance on
evidence provided by the client and its management. For example, what if client management withholds or hides important documents from the auditors? If auditors are unaware of this situation, they may arrive at an inappropriate conclusion based on incomplete facts. Evidence may be withheld or modified by perpetrators of fraud. It can be difficult for an auditor to determine whether a fraud has occurred because documents altered by those committing the fraud generally hide evidence. Also, auditors often use sampling techniques when gathering audit evidence. If a sample is not representative of all items available for testing, an auditor may arrive at an incorrect conclusion.
The nature of audit procedures also refers to the concept of materiality. The Financial
Accounting Standards Board (FASB) defines materiality as follows.
Materiality is entity specific. The omission or misstatement of an item in a financial report is material if, in light of surrounding circumstances, the magnitude of the item is such that it is probable that the judgment of a reasonable person relying upon the report would have been changed or influenced by the inclusion or correction of the item. (SFAC No. 8, para QC11)
AS 2201
An Audit of Internal
Control Over Financial Reporting
That Is Integrated with An Audit
of Financial Statements
integrated audit
an audit that
combines the financial statement
audit with an audit of the effec-
tiveness of ICFR
materiality
the ability of in-
formation to influence decisions
that reasonable users make on the
basis of the financial information
of a specific reporting entity
Cloud 9 Continuing Case
Ron is not running a corporation. He operates his customized
basketball shoe business as a sole proprietor. He is aware that
big corporations have to be audited. However, because his busi-
ness is not a publicly traded company, Ron does not believe that
he has to have an audit.
Ernie agrees that Ron does not have to follow the same rules,
but he also tells him that there are auditing standards in place that
apply to a company like his. This means that although all the at-
tention is usually on corporations, sole proprietors can, and may
be required to, have their financial statements audited, too.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 7 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Integrated Audit
Certain public companies in the United States are also required to have an audit of internal
control over financial reporting (ICFR). The objective in an audit of ICFR is to express an opin-
ion on the effectiveness of the company’s system of internal controls over financial reporting
(AS 2201.03). The reason for requiring an audit of ICFR is because effective internal control
provides reasonable assurance regarding the reliability of financial reporting and the prepara-
tion of financial statements for external purposes (AS 2201.02). Therefore, public companies
are required to have two audits every year, one on the financial statements and one on the
effectiveness of the company’s internal controls.
For efficiency purposes, these two audits are performed at the same time. This is called
an integrated audit. The objectives of the audits are not identical, however, and the auditor
must plan and perform the work to achieve the objectives of each audit (AS 2201.06). Private
companies are not required by the government to have an audit of ICFR. As mentioned above,
other interested users, such as a lender, may require a private company to have an audit of ICFR
along with an audit of the financial statements as a condition for being approved for a loan.
Limitations of an Audit
A financial statement audit is conducted to enhance the reliability and credibility of the
information included in the financial statements. It is not a guarantee that the financial
statements are free from error or fraud. The limitations of an audit are caused by (1) the nature
of financial reporting, (2) the nature of audit procedures, and (3) the need for the audit to be
conducted within a reasonable period of time at a reasonable cost (AU-C 200.A49).
Nature of Financial Reporting
The nature of financial reporting refers to the use of
judgment when preparing financial statements. Since you have taken financial accounting cours- es, think about the estimates that are included in preparing a set of financial statements. Can you list a few? And think about the judgment required when selecting and applying accounting methods. For example, depreciating a piece of equipment is an estimate that requires judgment in selecting a depreciation method and determining a useful life and salvage value. While an estimate may not be precise, the auditor must evaluate whether the estimate is fairly presented.
Nature of Audit Procedures The nature of audit procedures refers to the reliance on
evidence provided by the client and its management. For example, what if client management withholds or hides important documents from the auditors? If auditors are unaware of this situation, they may arrive at an inappropriate conclusion based on incomplete facts. Evidence may be withheld or modified by perpetrators of fraud. It can be difficult for an auditor to determine whether a fraud has occurred because documents altered by those committing the fraud generally hide evidence. Also, auditors often use sampling techniques when gathering audit evidence. If a sample is not representative of all items available for testing, an auditor may arrive at an incorrect conclusion.
The nature of audit procedures also refers to the concept of materiality. The Financial
Accounting Standards Board (FASB) defines materiality as follows.
Materiality is entity specific. The omission or misstatement of an item in a financial report is material if, in light of surrounding circumstances, the magnitude of the item is such that it is probable that the judgment of a reasonable person relying upon the report would have been changed or influenced by the inclusion or correction of the item. (SFAC No. 8, para QC11)
AS 2201
An Audit of Internal
Control Over Financial Reporting
That Is Integrated with An Audit
of Financial Statements
integrated audit
an audit that
combines the financial statement
audit with an audit of the effec-
tiveness of ICFR
materiality
the ability of in-
formation to influence decisions
that reasonable users make on the
basis of the financial information
of a specific reporting entity
Cloud 9 Continuing Case
Ron is not running a corporation. He operates his customized
basketball shoe business as a sole proprietor. He is aware that
big corporations have to be audited. However, because his busi-
ness is not a publicly traded company, Ron does not believe that
he has to have an audit.
Ernie agrees that Ron does not have to follow the same rules,
but he also tells him that there are auditing standards in place that
apply to a company like his. This means that although all the at-
tention is usually on corporations, sole proprietors can, and may
be required to, have their financial statements audited, too.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 7 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1-8 Chapter 1 Introduction and Overview of Audit and Assurance
In other words, an error or misstatement in the financial statements is considered material
if it impacts, or changes, the decision-making process of those individuals or groups who are
using the financial statements. Therefore, when planning an audit, auditors select procedures
that are designed to discover material misstatements. Because of time and cost constraints, it
would be impractical for an audit to focus on finding all misstatements.
Need for a Timely Audit
The timeliness and cost of an audit refer to the pressures au-
ditors face to complete their audit within a certain time frame at a reasonable cost. While it is
important that auditors do not omit procedures in an effort to meet time and cost constraints,
they may be under some pressure to do so. This pressure will come from clients wanting to is-
sue their financial statements by a certain date, from clients refusing to pay additional fees for
additional audit effort, and from within the accounting firm because of pressures to complete
all audits on a timely basis to avoid incurring costs that may not be recovered. By taking the
time to plan the audit properly, auditors can ensure that adequate time is spent where the risks
of a material error or fraud are greatest.
Compliance Audits
A compliance audit involves gathering evidence to determine whether the person or entity
under review has followed the rules, policies, procedures, laws, and regulations with which
they must conform. One of the best examples of a compliance audit is an income tax audit.
The Internal Revenue Service (IRS) may conduct an audit of an individual or a company to
determine if tax laws have been followed and the correct amount of tax paid.
Operational (Performance) Audits
Operational (performance) audits are concerned with the economy, efficiency, and effec-
tiveness of an organization’s activities.
•
Economy refers to the cost of inputs, including wages and materials.
• Efficiency refers to the relationship between inputs and outputs, or the use of the mini- mum amount of inputs to achieve a given output.
•
Effectiveness refers to the achievement of certain goals or the production of a certain level of outputs.
From an organization’s perspective, it is important to perform well across all three
dimensions
and not allow one to dominate. For example, if buying cheap inputs results in an inefficient production process, efficiency is sacrificed to achieve economic goals. Operational audits are generally conducted by an organization’s internal auditors (discussed in the next section), or they may be outsourced to an external accounting firm.
Internal Audits
Internal audits are conducted to provide assurance about various aspects of an organi-
zation’s activities. The internal audit function is typically conducted by employees of the organization being audited but can be outsourced to an accounting firm. The purpose of an internal audit is determined by those charged with governance and management within the organization. While the purposes of internal audits vary widely from one organization to another, they are often concerned with evaluating and improving risk management, internal control procedures, and elements of the governance process.
The internal
auditors often conduct operational audits, compliance audits, internal con-
trol assessments, and reviews. Many internal auditors are members of the Institute of Internal
Auditors (IIA). The IIA is an international organization with more than 120,000 members that provides guidance and standards to aid internal auditors in their work. When conducting the financial statement audit, the external auditor may rely on the work done by internal auditors when evaluating the evidence needed to form an opinion on the financial statements or on ICFR. A more detailed discussion of how internal auditors may assist with the external audit is provided in Chapter 5.
compliance audit
an audit
to determine whether the entity
has conformed with regulations,
rules, or processes
operational (performance)
audit an assessment of
the economy, efficiency and
effectiveness of an organization’s
operations
internal audit
a unit within an
entity which generally evaluates
and improves risk management,
internal control procedures,
and elements of the governance
process
those charged with
governance
persons with
responsibility for overseeing the strategic direction of the entity and the obligations related to the accountability of the entity
c01IntroductionAndOverviewOfAuditAndAssurance.indd 8 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
In other words, an error or misstatement in the financial statements is considered material
if it impacts, or changes, the decision-making process of those individuals or groups who are
using the financial statements. Therefore, when planning an audit, auditors select procedures
that are designed to discover material misstatements. Because of time and cost constraints, it
would be impractical for an audit to focus on finding all misstatements.
Need for a Timely Audit
The timeliness and cost of an audit refer to the pressures au-
ditors face to complete their audit within a certain time frame at a reasonable cost. While it is
important that auditors do not omit procedures in an effort to meet time and cost constraints,
they may be under some pressure to do so. This pressure will come from clients wanting to is-
sue their financial statements by a certain date, from clients refusing to pay additional fees for
additional audit effort, and from within the accounting firm because of pressures to complete
all audits on a timely basis to avoid incurring costs that may not be recovered. By taking the
time to plan the audit properly, auditors can ensure that adequate time is spent where the risks
of a material error or fraud are greatest.
Compliance Audits
A compliance audit involves gathering evidence to determine whether the person or entity
under review has followed the rules, policies, procedures, laws, and regulations with which
they must conform. One of the best examples of a compliance audit is an income tax audit.
The Internal Revenue Service (IRS) may conduct an audit of an individual or a company to
determine if tax laws have been followed and the correct amount of tax paid.
Operational (Performance) Audits
Operational (performance) audits are concerned with the economy, efficiency, and effec-
tiveness of an organization’s activities.
•
Economy refers to the cost of inputs, including wages and materials.
• Efficiency refers to the relationship between inputs and outputs, or the use of the mini- mum amount of inputs to achieve a given output.
•
Effectiveness refers to the achievement of certain goals or the production of a certain level of outputs.
From an organization’s perspective, it is important to perform well across all three
dimensions
and not allow one to dominate. For example, if buying cheap inputs results in an inefficient production process, efficiency is sacrificed to achieve economic goals. Operational audits are generally conducted by an organization’s internal auditors (discussed in the next section), or they may be outsourced to an external accounting firm.
Internal Audits
Internal audits are conducted to provide assurance about various aspects of an organi-
zation’s activities. The internal audit function is typically conducted by employees of the organization being audited but can be outsourced to an accounting firm. The purpose of an internal audit is determined by those charged with governance and management within the organization. While the purposes of internal audits vary widely from one organization to another, they are often concerned with evaluating and improving risk management, internal control procedures, and elements of the governance process.
The internal
auditors often conduct operational audits, compliance audits, internal con-
trol assessments, and reviews. Many internal auditors are members of the Institute of Internal
Auditors (IIA). The IIA is an international organization with more than 120,000 members that provides guidance and standards to aid internal auditors in their work. When conducting the financial statement audit, the external auditor may rely on the work done by internal auditors when evaluating the evidence needed to form an opinion on the financial statements or on ICFR. A more detailed discussion of how internal auditors may assist with the external audit is provided in Chapter 5.
compliance audit
an audit
to determine whether the entity
has conformed with regulations,
rules, or processes
operational (performance)
audit an assessment of
the economy, efficiency and
effectiveness of an organization’s
operations
internal audit
a unit within an
entity which generally evaluates
and improves risk management,
internal control procedures,
and elements of the governance
process
those charged with
governance
persons with
responsibility for overseeing the strategic direction of the entity and the obligations related to the accountability of the entity
c01IntroductionAndOverviewOfAuditAndAssurance.indd 8 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1.3 Demand for Audit and Assurance Services 1-9
Cloud 9 Continuing Case
Ron is not concerned about internal audits—his business is too
small for a separate internal audit function. He is also not wor-
ried about compliance and operational audits. His priority at the
moment is to close the deal with Chip Masters, and he still does
not know what he will do about the financial statement audit.
Cloud 9 Continuing Case
Ron believes that his business has good, reliable financial records.
Ron’s wife helps him keep tight control of the cash and other as-
sets, and together they prepare some simple reports on a regular
basis. Ron believes he knows exactly what is happening in the
business and monitors the business’s cash flow and profit very
closely. However, he has not prepared financial statements that
comply with GAAP. Is this a problem?
Ernie explains to Ron that many businesses must apply the
accounting standards, even if they are not corporations. It all
depends on whether there are individuals or groups who are using
the financial statements for decision-making purposes. Ron is a bit
worried now—how does he know if he has these users?
Before You Go On
2.1
What is the objective of a financial statement audit?
2.2 Explain the inherent limitations of a financial statement audit.
2.3 What are the three elements of an operational audit?
2.4 What are the most common functions of the internal auditors?
LEARNING OBJECTIVE 3
Explain the demand for audit and assurance services.
In this section, we provide an overview of the primary financial statement users followed by a
description of why these users may demand an audit of the financial statements.
1.3 Demand for Audit and Assurance Services
Financial Statement Users
Financial statement users include current and potential investors, suppliers, customers, lend- ers, employees, governments, and the general public. Each of these groups will read the finan- cial statements for a slightly different reason, as described below.
Investors
Investors generally read financial statements to determine whether they should invest in the company. They are interested in the return on their investment and are concerned that the entity will remain a going concern (continue operating) into the foreseeable future.
Investors may also be interested in the capacity of the company to pay a dividend. Pro-
spective investors read financial statements to determine whether they should buy shares in the entity.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 9 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Cloud 9 Continuing Case
Ron is not concerned about internal audits—his business is too
small for a separate internal audit function. He is also not wor-
ried about compliance and operational audits. His priority at the
moment is to close the deal with Chip Masters, and he still does
not know what he will do about the financial statement audit.
Cloud 9 Continuing Case
Ron believes that his business has good, reliable financial records.
Ron’s wife helps him keep tight control of the cash and other as-
sets, and together they prepare some simple reports on a regular
basis. Ron believes he knows exactly what is happening in the
business and monitors the business’s cash flow and profit very
closely. However, he has not prepared financial statements that
comply with GAAP. Is this a problem?
Ernie explains to Ron that many businesses must apply the
accounting standards, even if they are not corporations. It all
depends on whether there are individuals or groups who are using
the financial statements for decision-making purposes. Ron is a bit
worried now—how does he know if he has these users?
Before You Go On
2.1
What is the objective of a financial statement audit?
2.2 Explain the inherent limitations of a financial statement audit.
2.3 What are the three elements of an operational audit?
2.4 What are the most common functions of the internal auditors?
LEARNING OBJECTIVE 3
Explain the demand for audit and assurance services.
In this section, we provide an overview of the primary financial statement users followed by a
description of why these users may demand an audit of the financial statements.
1.3 Demand for Audit and Assurance Services
Financial Statement Users
Financial statement users include current and potential investors, suppliers, customers, lend- ers, employees, governments, and the general public. Each of these groups will read the finan- cial statements for a slightly different reason, as described below.
Investors
Investors generally read financial statements to determine whether they should invest in the company. They are interested in the return on their investment and are concerned that the entity will remain a going concern (continue operating) into the foreseeable future.
Investors may also be interested in the capacity of the company to pay a dividend. Pro-
spective investors read financial statements to determine whether they should buy shares in the entity.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 9 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1-10 Chapter 1 Introduction and Overview of Audit and Assurance
Suppliers
Suppliers may read financial statements to determine whether the company can pay for goods
or services supplied. They are also interested in whether the company is likely to remain a
going concern (is likely to continue to be a customer of the supplier) and continue to pay its
debts when they come due.
Customers
In many business-to-business transactions, customers may read financial statements to
determine
whether a company they rely on is likely to remain a going concern and meet their needs.
Lenders
Lenders may read financial statements to determine whether an entity is sufficiently credit-
worthy to qualify for a loan and whether it can pay the interest and principal as they come due.
Employees
Employees may read financial statements to determine whether the entity can pay their wages or salaries and other benefits (for example, pensions). They may also be interested in assessing the future stability and profitability of the entity, as these affect job security.
Governments
Governments may read financial statements to determine whether the company is comply-
ing with regulations, to evaluate if the company is paying a fair amount of taxes given its reported earnings, and to gain a better understanding of the company’s activities. A company in receipt of government grants often must provide a copy of its audited financial statements
when applying for a grant and when reporting on how grant funds have been spent.
The General Public
The general public may read financial statements to determine whether they should associate with the company (for example, as a future employee, customer, or supplier) and to gain a better understanding of the company, what it does, and its plans for the future.
Demand for Audit and Assurance Services
Financial statement users and their needs are many and varied. There are a number of reasons why some or all of these users would demand an audit of financial statements:
•
Remoteness. Most financial statement users do not have access to the company under
review. This makes it difficult to determine whether the information contained in the
financial statements is a fair presentation of the entity and its activities for the relevant period.
•
Complexity. Financial statements are complex, the amounts are often affected by signifi-
cant estimates, and the disclosures often require significant knowledge and experience to evaluate. Most financial statement users do not have the accounting and legal knowledge to assess the reasonableness of complex accounting and disclosure choices being made by the company.
•
Competing incentives. Company managers have an incentive to disclose the informa- tion contained in the financial statements in a way that presents their performance in the best possible light. Users may find it difficult or impossible to identify when management is presenting biased information.
•
Reliability. Financial statement users are concerned with the reliability of the infor-
mation contained in the financial statements. Since they use that information to make decisions that have real consequences, it is very important that users can rely on the information contained in the financial statements.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 10 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Suppliers
Suppliers may read financial statements to determine whether the company can pay for goods
or services supplied. They are also interested in whether the company is likely to remain a
going concern (is likely to continue to be a customer of the supplier) and continue to pay its
debts when they come due.
Customers
In many business-to-business transactions, customers may read financial statements to
determine
whether a company they rely on is likely to remain a going concern and meet their needs.
Lenders
Lenders may read financial statements to determine whether an entity is sufficiently credit-
worthy to qualify for a loan and whether it can pay the interest and principal as they come due.
Employees
Employees may read financial statements to determine whether the entity can pay their wages or salaries and other benefits (for example, pensions). They may also be interested in assessing the future stability and profitability of the entity, as these affect job security.
Governments
Governments may read financial statements to determine whether the company is comply-
ing with regulations, to evaluate if the company is paying a fair amount of taxes given its reported earnings, and to gain a better understanding of the company’s activities. A company in receipt of government grants often must provide a copy of its audited financial statements
when applying for a grant and when reporting on how grant funds have been spent.
The General Public
The general public may read financial statements to determine whether they should associate with the company (for example, as a future employee, customer, or supplier) and to gain a better understanding of the company, what it does, and its plans for the future.
Demand for Audit and Assurance Services
Financial statement users and their needs are many and varied. There are a number of reasons why some or all of these users would demand an audit of financial statements:
•
Remoteness. Most financial statement users do not have access to the company under
review. This makes it difficult to determine whether the information contained in the
financial statements is a fair presentation of the entity and its activities for the relevant period.
•
Complexity. Financial statements are complex, the amounts are often affected by signifi-
cant estimates, and the disclosures often require significant knowledge and experience to evaluate. Most financial statement users do not have the accounting and legal knowledge to assess the reasonableness of complex accounting and disclosure choices being made by the company.
•
Competing incentives. Company managers have an incentive to disclose the informa- tion contained in the financial statements in a way that presents their performance in the best possible light. Users may find it difficult or impossible to identify when management is presenting biased information.
•
Reliability. Financial statement users are concerned with the reliability of the infor-
mation contained in the financial statements. Since they use that information to make decisions that have real consequences, it is very important that users can rely on the information contained in the financial statements.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 10 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1.4 Preparers and Auditors 1-11
Cloud 9 Continuing Case
Ron tells Ernie that he has no remote users, such as shareholders
or lenders, and his business is not very complex. He is the owner
and the manager of Stotez Shoes and therefore has no competing
incentives. For all these reasons, he has never felt the need to pur-
chase an audit to assure users of the reliability of his business’s
financial information.
Ernie agrees but points out that there is now a user who is very
interested in the reliability of the financial information: Chip Masters.
An independent third-party review of the financial statements by a team of auditors, who
have the knowledge and expertise to assess the fairness of the information being presented by
the preparers, helps users address all these issues.
Auditors have access to company records, so they are not remote. Auditors are trained
accountants and have detailed knowledge about the complex technical accounting and dis-
closure issues required to evaluate the choices made by the financial statement preparers.
Independent auditors, whose work is regularly reviewed by regulators, have little incentive
to aid the company in presenting its results in the best possible light. Auditors are concerned
with verifying the information contained in the financial statements is reliable and free from
any material misstatements.
The audit service plays a vital role in maintaining the stability of the U.S. capital markets
and instilling investor confidence. Investors in public companies consider audited informa-
tion reliable, which facilitates the trading of stocks and other financial instruments.
Before You Go On
3.1
Who are the main users of company financial statements?
3.2 Why might financial statement users demand an audit?
3.3 Explain why auditors, or CPAs, are the appropriate professionals to conduct an audit.
LEARNING OBJECTIVE 4
Discuss the different roles of the financial statement preparer and the auditor.
In this section, we explain and contrast the different responsibilities of financial statement
preparers and auditors. We provide details of the role that each group plays in ensuring the
financial statements are an accurate representation of the company. Following this discussion
is an overview of the different firms that provide assurance services.
Preparer Responsibility
As you know from your financial accounting courses, the financial statements include the
balance sheet (statement of financial position), income statement (statement of earnings),
statement of cash flows, statement of changes in equity, and accompanying notes. It is the
responsibility of management, with oversight from those charged with governance, to prepare
the financial statements. Specifically, management is responsible for the following.
1. Ensuring the information included in the financial statements is presented fairly and
complies with the applicable financial reporting framework, which in the United States is most often GAAP.
1.4 Preparers and Auditors
c01IntroductionAndOverviewOfAuditAndAssurance.indd 11 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Cloud 9 Continuing Case
Ron tells Ernie that he has no remote users, such as shareholders
or lenders, and his business is not very complex. He is the owner
and the manager of Stotez Shoes and therefore has no competing
incentives. For all these reasons, he has never felt the need to pur-
chase an audit to assure users of the reliability of his business’s
financial information.
Ernie agrees but points out that there is now a user who is very
interested in the reliability of the financial information: Chip Masters.
An independent third-party review of the financial statements by a team of auditors, who
have the knowledge and expertise to assess the fairness of the information being presented by
the preparers, helps users address all these issues.
Auditors have access to company records, so they are not remote. Auditors are trained
accountants and have detailed knowledge about the complex technical accounting and dis-
closure issues required to evaluate the choices made by the financial statement preparers.
Independent auditors, whose work is regularly reviewed by regulators, have little incentive
to aid the company in presenting its results in the best possible light. Auditors are concerned
with verifying the information contained in the financial statements is reliable and free from
any material misstatements.
The audit service plays a vital role in maintaining the stability of the U.S. capital markets
and instilling investor confidence. Investors in public companies consider audited informa-
tion reliable, which facilitates the trading of stocks and other financial instruments.
Before You Go On
3.1
Who are the main users of company financial statements?
3.2 Why might financial statement users demand an audit?
3.3 Explain why auditors, or CPAs, are the appropriate professionals to conduct an audit.
LEARNING OBJECTIVE 4
Discuss the different roles of the financial statement preparer and the auditor.
In this section, we explain and contrast the different responsibilities of financial statement
preparers and auditors. We provide details of the role that each group plays in ensuring the
financial statements are an accurate representation of the company. Following this discussion
is an overview of the different firms that provide assurance services.
Preparer Responsibility
As you know from your financial accounting courses, the financial statements include the
balance sheet (statement of financial position), income statement (statement of earnings),
statement of cash flows, statement of changes in equity, and accompanying notes. It is the
responsibility of management, with oversight from those charged with governance, to prepare
the financial statements. Specifically, management is responsible for the following.
1. Ensuring the information included in the financial statements is presented fairly and
complies with the applicable financial reporting framework, which in the United States is most often GAAP.
1.4 Preparers and Auditors
c01IntroductionAndOverviewOfAuditAndAssurance.indd 11 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1-12 Chapter 1 Introduction and Overview of Audit and Assurance
2. Designing, implementing, and maintaining internal control relevant to the preparation
and fair presentation of the financial statements.
3. Providing the auditors with access to all records, documentation, and personnel relevant
to the preparation and fair presentation of the financial statements, and any additional
information the auditors may consider relevant to complete the audit.
The preparation of financial statements requires the use of knowledge and judgment on the
part of management. Management is responsible for making estimates for some financial
statement items (e.g., allowance for doubtful accounts or a goodwill impairment) and select-
ing appropriate accounting policies within the applicable financial reporting framework, usu-
ally GAAP (AU-C 200.A2–A3).
Auditor Responsibility
The auditor’s responsibility is to provide an opinion on whether the financial statements
are presented fairly in accordance with the applicable financial reporting framework. It is
important to emphasize the auditor is not responsible for preparing the financial statements. Preparation of financial statements is management’s responsibility. Auditors are responsible for the following.
1. Conducting the audit in accordance with the appropriate auditing standards.
Auditing standards provide minimum requirements and guidance for the performance of an audit. Later in this chapter, we discuss the auditing standards that apply to financial statement audits.
2. Planning and performing the audit with professional skepticism. Professional
skepticism is an attitude adopted by auditors when conducting an audit. It means
auditors remain independent of the entity, its management, and its staff when com- pleting the audit work. In a practical sense, it means auditors maintain a question- ing mind and thoroughly investigate all evidence presented by their client. Auditors must seek independent evidence to corroborate, or confirm, information provided by their client. Auditors must be suspicious when evidence contradicts documents held by their client or inquiries made of client personnel, including management and those charged with governance.
3. Planning and performing the audit with professional judgment. Professional
judgment relates to the application of relevant training, knowledge, and experience that
auditors use while making informed audit decisions in conducting an audit. Auditors must use their judgment throughout the entire audit. For example, auditors must use judgment when determining if an information source is reliable. They must also use judgment when deciding if enough audit evidence has been gathered to support the audit opinion.
The concepts of professional skepticism and professional judgment will be addressed through- out this text as we learn about the process used by auditors to arrive at their opinion.
It is important to note that the auditor’s opinion on the financial statements is not meant
to be a predictor of the future success of the company. Also, the opinion is not a reflection of
how effectively management is performing its role of running the company. The auditor’s opinion is simply a report on whether the financial statements are fairly presented in accor-
dance with the applicable financial reporting framework (AU-C 200.A1).
Auditor Skills
Being an auditor requires a broad skill set. Most importantly, an auditor must have exten- sive knowledge of accounting and auditing standards. When you finish college, you will have a good foundation of accounting and auditing standards, but your knowledge will become deeper and more extensive with work experience.
As an auditor, most of your time is spent analyzing client data and making decisions based
on that data. Because accounting firms want to hire individuals who have good
analytical
professional skepticism an
attitude that includes a question-
ing mind, being alert to condi-
tions that may indicate possible
misstatement due to fraud or
error, and a critical assessment of
audit evidence
professional judgment
the
application of relevant training,
knowledge, and experience in
making informed decisions about
the courses of action that are
appropriate in the circumstances
of the audit engagement
c01IntroductionAndOverviewOfAuditAndAssurance.indd 12 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
2. Designing, implementing, and maintaining internal control relevant to the preparation
and fair presentation of the financial statements.
3. Providing the auditors with access to all records, documentation, and personnel relevant
to the preparation and fair presentation of the financial statements, and any additional
information the auditors may consider relevant to complete the audit.
The preparation of financial statements requires the use of knowledge and judgment on the
part of management. Management is responsible for making estimates for some financial
statement items (e.g., allowance for doubtful accounts or a goodwill impairment) and select-
ing appropriate accounting policies within the applicable financial reporting framework, usu-
ally GAAP (AU-C 200.A2–A3).
Auditor Responsibility
The auditor’s responsibility is to provide an opinion on whether the financial statements
are presented fairly in accordance with the applicable financial reporting framework. It is
important to emphasize the auditor is not responsible for preparing the financial statements. Preparation of financial statements is management’s responsibility. Auditors are responsible for the following.
1. Conducting the audit in accordance with the appropriate auditing standards.
Auditing standards provide minimum requirements and guidance for the performance of an audit. Later in this chapter, we discuss the auditing standards that apply to financial statement audits.
2. Planning and performing the audit with professional skepticism. Professional
skepticism is an attitude adopted by auditors when conducting an audit. It means
auditors remain independent of the entity, its management, and its staff when com- pleting the audit work. In a practical sense, it means auditors maintain a question- ing mind and thoroughly investigate all evidence presented by their client. Auditors must seek independent evidence to corroborate, or confirm, information provided by their client. Auditors must be suspicious when evidence contradicts documents held by their client or inquiries made of client personnel, including management and those charged with governance.
3. Planning and performing the audit with professional judgment. Professional
judgment relates to the application of relevant training, knowledge, and experience that
auditors use while making informed audit decisions in conducting an audit. Auditors must use their judgment throughout the entire audit. For example, auditors must use judgment when determining if an information source is reliable. They must also use judgment when deciding if enough audit evidence has been gathered to support the audit opinion.
The concepts of professional skepticism and professional judgment will be addressed through- out this text as we learn about the process used by auditors to arrive at their opinion.
It is important to note that the auditor’s opinion on the financial statements is not meant
to be a predictor of the future success of the company. Also, the opinion is not a reflection of
how effectively management is performing its role of running the company. The auditor’s opinion is simply a report on whether the financial statements are fairly presented in accor-
dance with the applicable financial reporting framework (AU-C 200.A1).
Auditor Skills
Being an auditor requires a broad skill set. Most importantly, an auditor must have exten- sive knowledge of accounting and auditing standards. When you finish college, you will have a good foundation of accounting and auditing standards, but your knowledge will become deeper and more extensive with work experience.
As an auditor, most of your time is spent analyzing client data and making decisions based
on that data. Because accounting firms want to hire individuals who have good
analytical
professional skepticism an
attitude that includes a question-
ing mind, being alert to condi-
tions that may indicate possible
misstatement due to fraud or
error, and a critical assessment of
audit evidence
professional judgment
the
application of relevant training,
knowledge, and experience in
making informed decisions about
the courses of action that are
appropriate in the circumstances
of the audit engagement
c01IntroductionAndOverviewOfAuditAndAssurance.indd 12 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1.4 Preparers and Auditors 1-13
Employers also want new hires to possess technology skills, especially in the area of data
analytics. You may be familiar with software like Excel, Tableau, or Power BI that is used to
manipulate data and create visualizations. These types of technologies are being used more
frequently in auditing, along with audit software such as Idea and ACL.
It is important to understand that data analytics skills are a subset of critical-thinking skills.
For example, referring to the framework in Illustration 1.2, auditors must first understand what
data are available to assist in solving an audit problem and then determine the best way to an-
alyze and evaluate the data. In some situations, auditors may analyze data without the use of
specialized software. In other instances, it may be best to use data analytics or audit software.
Throughout the text, we discuss situations when auditors may use data analytics or audit
software as a tool to help solve an audit problem. Chapter 8 will dive more deeply into the
concept of audit data analytics after you understand the key audit topics of audit risk, audit
evidence, and the reliability of data.
Assurance Providers
Assurance services are provided by accounting and other consulting firms. The largest
accounting firms in the United States are known collectively as the “Big 4” firms: Deloitte,
Ernst & Young (EY), KPMG, and PricewaterhouseCoopers (PwC). These four firms
operate internationally through a network of affiliate companies, and dominate the assurance market throughout the world.
The next tier of accounting firms is known as the mid-tier. The firms that comprise the
mid-tier have a significant presence nationally, and most have international affiliations. The mid-tier firms in the United States include, among others, Grant Thornton, BDO USA,
RSM, CBIZ/MHM, and Crowe. These firms service medium-sized and smaller clients.
The next tier of accounting firms are regional and local accounting firms. Regional
firms have a significant presence across multiple states in a geographical region. For exam- ple, a
regional firm might have offices located in the southeastern states of Georgia, Flor-
ida, Alabama, and Mississippi. The regional offices could be as large as some of the national
firms, with just as many partners and professional staff. Like the national firms, the regional firms service
medium-sized and smaller clients. Local accounting firms service clients in their
local areas and range in size from a single-partner firm to several-partner firms. Local firms
primarily service small-company clients and individuals.
Many of these accounting firms provide non-assurance (or non-audit) services as well as
assurance services. Independence is not required to provide non-assurance services. These non-assurance services include management consulting, business valuation, mergers and
acquisitions, tax, and accounting. In Chapter 2, we will discuss rules regarding what types of non-assurance services, if any, can be provided to audit clients.
Throughout the text, we will use this framework to critically analyze audit problems. At the end of
every chapter, you will find an Audit Decision-Making Example that uses the framework to walk you
through an audit issue.
Step 1:
Obtain company
background information
and data.
Step 2:
What is the audit
problem you are
trying to solve?
Step 3:
Gather
information and
evidence.
Step 4:
Perform the analysis
and evaluate the
results.
Step 5:
Draw an audit
conclusion. Audit Decision-Making Process
!?
ILLUSTRATION 1.2 Audit decision-making framework
and critical-thinking skills, one of our goals in this text is to assist in developing these skills.
Illustration 1.2 outlines a framework for audit decision making.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 13 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Employers also want new hires to possess technology skills, especially in the area of data
analytics. You may be familiar with software like Excel, Tableau, or Power BI that is used to
manipulate data and create visualizations. These types of technologies are being used more
frequently in auditing, along with audit software such as Idea and ACL.
It is important to understand that data analytics skills are a subset of critical-thinking skills.
For example, referring to the framework in Illustration 1.2, auditors must first understand what
data are available to assist in solving an audit problem and then determine the best way to an-
alyze and evaluate the data. In some situations, auditors may analyze data without the use of
specialized software. In other instances, it may be best to use data analytics or audit software.
Throughout the text, we discuss situations when auditors may use data analytics or audit
software as a tool to help solve an audit problem. Chapter 8 will dive more deeply into the
concept of audit data analytics after you understand the key audit topics of audit risk, audit
evidence, and the reliability of data.
Assurance Providers
Assurance services are provided by accounting and other consulting firms. The largest
accounting firms in the United States are known collectively as the “Big 4” firms: Deloitte,
Ernst & Young (EY), KPMG, and PricewaterhouseCoopers (PwC). These four firms
operate internationally through a network of affiliate companies, and dominate the assurance market throughout the world.
The next tier of accounting firms is known as the mid-tier. The firms that comprise the
mid-tier have a significant presence nationally, and most have international affiliations. The mid-tier firms in the United States include, among others, Grant Thornton, BDO USA,
RSM, CBIZ/MHM, and Crowe. These firms service medium-sized and smaller clients.
The next tier of accounting firms are regional and local accounting firms. Regional
firms have a significant presence across multiple states in a geographical region. For exam- ple, a
regional firm might have offices located in the southeastern states of Georgia, Flor-
ida, Alabama, and Mississippi. The regional offices could be as large as some of the national
firms, with just as many partners and professional staff. Like the national firms, the regional firms service
medium-sized and smaller clients. Local accounting firms service clients in their
local areas and range in size from a single-partner firm to several-partner firms. Local firms
primarily service small-company clients and individuals.
Many of these accounting firms provide non-assurance (or non-audit) services as well as
assurance services. Independence is not required to provide non-assurance services. These non-assurance services include management consulting, business valuation, mergers and
acquisitions, tax, and accounting. In Chapter 2, we will discuss rules regarding what types of non-assurance services, if any, can be provided to audit clients.
Throughout the text, we will use this framework to critically analyze audit problems. At the end of
every chapter, you will find an Audit Decision-Making Example that uses the framework to walk you
through an audit issue.
Step 1:
Obtain company
background information
and data.
Step 2:
What is the audit
problem you are
trying to solve?
Step 3:
Gather
information and
evidence.
Step 4:
Perform the analysis
and evaluate the
results.
Step 5:
Draw an audit
conclusion. Audit Decision-Making Process
!?
ILLUSTRATION 1.2 Audit decision-making framework
and critical-thinking skills, one of our goals in this text is to assist in developing these skills.
Illustration 1.2 outlines a framework for audit decision making.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 13 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1-14 Chapter 1 Introduction and Overview of Audit and Assurance
Finally, note that accounting firms are not the only providers of assurance services. A num-
ber of consulting firms provide assurance services in areas such as website security and envi-
ronmental sustainability reporting. Consulting firms employ staff with a variety of expertise
including, for example, engineers, accountants, IT professionals, scientists, and economists.
Before You Go On
4.1
Describe management’s responsibilities in terms of the financial statement audit.
4.2 What is professional skepticism?
4.3 What are non-audit services? Provide several examples of non-audit services provided by
accounting firms.
1.5 The Role of Regulators and Regulations
LEARNING OBJECTIVE 5
Identify the roles of different regulators and organizations that affect the audit
profession.
In this section, we discuss the regulators and other organizations that impact the audit process
and the profession.
Securities and Exchange Commission (SEC)
The SEC is a federal government agency whose mission is to protect investors, maintain fair
and efficient markets, and facilitate capital formation (www.sec.gov). A primary task of the
SEC is to enforce and interpret securities laws. Some of the key laws that impact the audit
profession are as follows.
•
The Securities Act of 1933 regulates the disclosure of financial information in a compa- ny’s initial public offering of stock and requires that the financial information be audited.
•
The Securities Exchange Act of 1934 regulates the ongoing trading of securities after the initial public offering and requires the annual audit of a public company’s financial state-
ments and the quarterly review of interim financial information.
•
The Sarbanes-Oxley Act of 2002 (SOX) was passed to help restore investor confidence after a series of corporate accounting scandals were revealed in the late 1990s and early 2000s.
Cloud 9 Continuing Case
Ernie stresses to Ron that any financial statements prepared for
Stotez Shoes are Ron’s responsibility, even if they are audited.
The auditor must be skeptical about the claims made by Ron in
the financial statements. These claims include, for example, that
the assets shown on the balance sheet exist and are valued cor-
rectly, and that the balance sheet contains a complete list of the
business’s liabilities. In other words, the auditor is not just going
to believe whatever Ron tells him or her. Auditors must gather
evidence about the financial statements before they can give an
audit opinion.
Ernie also explains to Ron that because his business is rela-
tively small, he has a choice between large and small audit firms.
Very large companies must choose a Big 4 auditor because often
the other auditors are too small to do the work and still maintain
their independence. If a small audit firm audits a large company,
it is open to the criticism that it will not be sufficiently skeptical
because it does not want to lose the fees from that client. A large
audit firm has many other clients, so the fees from any one client
are a relatively small part of its revenue. Ron likes the idea that the
smaller audit firms are generally less expensive.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 14 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Finally, note that accounting firms are not the only providers of assurance services. A num-
ber of consulting firms provide assurance services in areas such as website security and envi-
ronmental sustainability reporting. Consulting firms employ staff with a variety of expertise
including, for example, engineers, accountants, IT professionals, scientists, and economists.
Before You Go On
4.1
Describe management’s responsibilities in terms of the financial statement audit.
4.2 What is professional skepticism?
4.3 What are non-audit services? Provide several examples of non-audit services provided by
accounting firms.
1.5 The Role of Regulators and Regulations
LEARNING OBJECTIVE 5
Identify the roles of different regulators and organizations that affect the audit
profession.
In this section, we discuss the regulators and other organizations that impact the audit process
and the profession.
Securities and Exchange Commission (SEC)
The SEC is a federal government agency whose mission is to protect investors, maintain fair
and efficient markets, and facilitate capital formation (www.sec.gov). A primary task of the
SEC is to enforce and interpret securities laws. Some of the key laws that impact the audit
profession are as follows.
•
The Securities Act of 1933 regulates the disclosure of financial information in a compa- ny’s initial public offering of stock and requires that the financial information be audited.
•
The Securities Exchange Act of 1934 regulates the ongoing trading of securities after the initial public offering and requires the annual audit of a public company’s financial state-
ments and the quarterly review of interim financial information.
•
The Sarbanes-Oxley Act of 2002 (SOX) was passed to help restore investor confidence after a series of corporate accounting scandals were revealed in the late 1990s and early 2000s.
Cloud 9 Continuing Case
Ernie stresses to Ron that any financial statements prepared for
Stotez Shoes are Ron’s responsibility, even if they are audited.
The auditor must be skeptical about the claims made by Ron in
the financial statements. These claims include, for example, that
the assets shown on the balance sheet exist and are valued cor-
rectly, and that the balance sheet contains a complete list of the
business’s liabilities. In other words, the auditor is not just going
to believe whatever Ron tells him or her. Auditors must gather
evidence about the financial statements before they can give an
audit opinion.
Ernie also explains to Ron that because his business is rela-
tively small, he has a choice between large and small audit firms.
Very large companies must choose a Big 4 auditor because often
the other auditors are too small to do the work and still maintain
their independence. If a small audit firm audits a large company,
it is open to the criticism that it will not be sufficiently skeptical
because it does not want to lose the fees from that client. A large
audit firm has many other clients, so the fees from any one client
are a relatively small part of its revenue. Ron likes the idea that the
smaller audit firms are generally less expensive.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 14 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1.5 The Role of Regulators and Regulations 1-15
The SOX Act enhanced financial disclosures for public companies and placed more empha-
sis on corporate responsibility. It also created the Public Company Accounting Oversight
Board, or PCAOB, which oversees the audits of public companies.
Public Company Accounting Oversight
Board (PCAOB)
The PCAOB is a nonprofit corporation established through the SOX legislation in 2002. Its
mission is to oversee the audits of public companies to protect the interests of investors
(www.pcaobus.org). Prior to the creation of the PCAOB, the audit profession was self-
regulated. This means that audit professionals, through their own professional organization,
created the auditing standards to be followed in the conduct of an audit. The audit profession
also created a system of peer review for inspecting audit work to ensure auditors were fol-
lowing the standards, and would take enforcement action for auditors who did not perform
audits according to the standards. The audit profession is still self-regulated with respect to
the audits of private companies, but when the PCAOB was created, it took over the regulation
and standard setting for the audits of public companies.
Standards issued by the PCAOB are called Auditing Standards (AS), which provide min-
imum requirements and guidance for auditing services. When the PCAOB was created, it ad-
opted the audit profession’s standards in 2003 as its interim standards, providing a starting
point for the audits of public companies. Since then, the PCAOB has issued its own standards
that supersede, or replace, some of the interim standards.
The topical organization of the PCAOB standards is listed in Illustration 1.3. Through-
out the text, you will be learning some of the specific PCAOB standards in the different topical
categories. The beginning of each chapter will list which PCAOB
standards will be discussed
Source: www.pcaobus.org/standards/auditing.
General Auditing Standards (1000)
1000 General Principles and Responsibilities
1100 General Concepts
1200 General Activities
1300 Auditor Communications
Audit Procedures (2000)
2100 Audit Planning and Risk Assessment
2200 Auditing Internal Control Over Financial Reporting
2300 Audit Procedures in Response to Risks—Nature, Timing, and Extent
2400 Audit Procedures for Specific Aspects of the Audit
2500 Audit Procedures for Certain Accounts or Disclosures
2600 Special Topics
2700 Auditor’s Responsibilities Regarding Supplemental and Other Information
2800 Concluding Audit Procedures
2900 Post-Audit Matters
Auditor Reporting (3000)
3100 Reporting on Audits of Financial Statements
3300 Other Reporting Topics
Matters Relating to Filings Under Federal Securities Laws (4000)
Other Matters Associated with Audits (6000)
ILLUSTRATION 1.3
PCAOB Auditing Standards
topical organization
c01IntroductionAndOverviewOfAuditAndAssurance.indd 15 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
The SOX Act enhanced financial disclosures for public companies and placed more empha-
sis on corporate responsibility. It also created the Public Company Accounting Oversight
Board, or PCAOB, which oversees the audits of public companies.
Public Company Accounting Oversight
Board (PCAOB)
The PCAOB is a nonprofit corporation established through the SOX legislation in 2002. Its
mission is to oversee the audits of public companies to protect the interests of investors
(www.pcaobus.org). Prior to the creation of the PCAOB, the audit profession was self-
regulated. This means that audit professionals, through their own professional organization,
created the auditing standards to be followed in the conduct of an audit. The audit profession
also created a system of peer review for inspecting audit work to ensure auditors were fol-
lowing the standards, and would take enforcement action for auditors who did not perform
audits according to the standards. The audit profession is still self-regulated with respect to
the audits of private companies, but when the PCAOB was created, it took over the regulation
and standard setting for the audits of public companies.
Standards issued by the PCAOB are called Auditing Standards (AS), which provide min-
imum requirements and guidance for auditing services. When the PCAOB was created, it ad-
opted the audit profession’s standards in 2003 as its interim standards, providing a starting
point for the audits of public companies. Since then, the PCAOB has issued its own standards
that supersede, or replace, some of the interim standards.
The topical organization of the PCAOB standards is listed in Illustration 1.3. Through-
out the text, you will be learning some of the specific PCAOB standards in the different topical
categories. The beginning of each chapter will list which PCAOB
standards will be discussed
Source: www.pcaobus.org/standards/auditing.
General Auditing Standards (1000)
1000 General Principles and Responsibilities
1100 General Concepts
1200 General Activities
1300 Auditor Communications
Audit Procedures (2000)
2100 Audit Planning and Risk Assessment
2200 Auditing Internal Control Over Financial Reporting
2300 Audit Procedures in Response to Risks—Nature, Timing, and Extent
2400 Audit Procedures for Specific Aspects of the Audit
2500 Audit Procedures for Certain Accounts or Disclosures
2600 Special Topics
2700 Auditor’s Responsibilities Regarding Supplemental and Other Information
2800 Concluding Audit Procedures
2900 Post-Audit Matters
Auditor Reporting (3000)
3100 Reporting on Audits of Financial Statements
3300 Other Reporting Topics
Matters Relating to Filings Under Federal Securities Laws (4000)
Other Matters Associated with Audits (6000)
ILLUSTRATION 1.3
PCAOB Auditing Standards
topical organization
c01IntroductionAndOverviewOfAuditAndAssurance.indd 15 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1-16 Chapter 1 Introduction and Overview of Audit and Assurance
in that particular chapter. You will also see references to the PCAOB standards within each
chapter. The reference will begin with “AS” followed by the standard number, a decimal, and
then a paragraph number, such as “AS 2201.06.”
Accounting firms that want to audit public companies must register with the PCAOB.
Registration involves paying fees to the board, complying with the Auditing Standards, and
having their audit work inspected by the board. The PCAOB has disciplinary authority over
registered firms and can impose punishment on accounting firms that do not adhere to stan-
dards. Punishments can include revoking a firm’s registration, imposing monetary fines, and
banning an individual within a firm from auditing public companies.
American Institute of Certified Public
Accountants (AICPA)
The AICPA is a private professional membership organization of CPAs representing the
accounting profession. There are over 400,000 members in 145 countries (www.aicpa.org).
Some key activities of the AICPA include representing the profession before rule-making bod-
ies, acting as an advocate for the profession before legislative bodies, providing educational
materials to its members, and setting ethical standards for the profession. The AICPA is also
responsible for creating and grading the Uniform CPA Exam.
The AICPA accomplishes many of its activities through its system of committees. One of
the standing committees is the Auditing Standards Board, or ASB. Prior to the creation of the
PCAOB, the ASB was responsible for issuing auditing standards used for the audits of public
and private companies. Since 2003, the task of the ASB has been to issue audit standards
for the audits of private companies and not-for-profit organizations only. Auditing standards
issued by the ASB are called Statements on Auditing Standards (SAS).
The auditing standards include a comprehensive set of principles underlying an audit
conducted in accordance with generally accepted auditing standards (GAAS), which are pre-
sented in Illustration 1.4 . These principles explicitly address the concepts of materiality
Purpose of an Audit
The purpose of an audit is to provide financial statement users with an opinion by the auditor on
whether the financial statements are presented fairly, in all material respects, in accordance with
the applicable financial reporting framework. An auditor’s opinion enhances the degree of confi-
dence that intended users can place in the financial statements.
Premise Upon Which an Audit Is Conducted
An audit in accordance with generally accepted auditing standards is conducted on the premise
that management, and where appropriate, those charged with governance, have responsibility:
a. for the preparation and fair presentation of the financial statements in accordance with the
applicable financial reporting framework; this includes the design, implementation, and
maintenance of internal control relevant to the preparation and fair presentation of financial
statements that are free from material misstatements, whether due to fraud or error.
b. to provide the auditor with:
i. all information, such as records, documentation, and other matters that are relevant to
the preparation and fair presentation of the financial statements;
ii. any additional information that the auditor may request from management, and where
appropriate, those charged with governance; and
iii. unrestricted access to those within the entity from whom the auditor determines it necessary to obtain audit evidence.
Responsibilities of the Auditor
Auditors are responsible for having appropriate competence and capabilities to perform the audit;
complying with relevant ethical requirements; and maintaining professional skepticism and exer-
cising professional judgment, throughout the planning and performance of the audit.
ILLUSTRATION 1.4
Principles underlying an audit conducted in accordance with generally accepted auditing standards (GAAS)
c01IntroductionAndOverviewOfAuditAndAssurance.indd 16 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
in that particular chapter. You will also see references to the PCAOB standards within each
chapter. The reference will begin with “AS” followed by the standard number, a decimal, and
then a paragraph number, such as “AS 2201.06.”
Accounting firms that want to audit public companies must register with the PCAOB.
Registration involves paying fees to the board, complying with the Auditing Standards, and
having their audit work inspected by the board. The PCAOB has disciplinary authority over
registered firms and can impose punishment on accounting firms that do not adhere to stan-
dards. Punishments can include revoking a firm’s registration, imposing monetary fines, and
banning an individual within a firm from auditing public companies.
American Institute of Certified Public
Accountants (AICPA)
The AICPA is a private professional membership organization of CPAs representing the
accounting profession. There are over 400,000 members in 145 countries (www.aicpa.org).
Some key activities of the AICPA include representing the profession before rule-making bod-
ies, acting as an advocate for the profession before legislative bodies, providing educational
materials to its members, and setting ethical standards for the profession. The AICPA is also
responsible for creating and grading the Uniform CPA Exam.
The AICPA accomplishes many of its activities through its system of committees. One of
the standing committees is the Auditing Standards Board, or ASB. Prior to the creation of the
PCAOB, the ASB was responsible for issuing auditing standards used for the audits of public
and private companies. Since 2003, the task of the ASB has been to issue audit standards
for the audits of private companies and not-for-profit organizations only. Auditing standards
issued by the ASB are called Statements on Auditing Standards (SAS).
The auditing standards include a comprehensive set of principles underlying an audit
conducted in accordance with generally accepted auditing standards (GAAS), which are pre-
sented in Illustration 1.4 . These principles explicitly address the concepts of materiality
Purpose of an Audit
The purpose of an audit is to provide financial statement users with an opinion by the auditor on
whether the financial statements are presented fairly, in all material respects, in accordance with
the applicable financial reporting framework. An auditor’s opinion enhances the degree of confi-
dence that intended users can place in the financial statements.
Premise Upon Which an Audit Is Conducted
An audit in accordance with generally accepted auditing standards is conducted on the premise
that management, and where appropriate, those charged with governance, have responsibility:
a. for the preparation and fair presentation of the financial statements in accordance with the
applicable financial reporting framework; this includes the design, implementation, and
maintenance of internal control relevant to the preparation and fair presentation of financial
statements that are free from material misstatements, whether due to fraud or error.
b. to provide the auditor with:
i. all information, such as records, documentation, and other matters that are relevant to
the preparation and fair presentation of the financial statements;
ii. any additional information that the auditor may request from management, and where
appropriate, those charged with governance; and
iii. unrestricted access to those within the entity from whom the auditor determines it necessary to obtain audit evidence.
Responsibilities of the Auditor
Auditors are responsible for having appropriate competence and capabilities to perform the audit;
complying with relevant ethical requirements; and maintaining professional skepticism and exer-
cising professional judgment, throughout the planning and performance of the audit.
ILLUSTRATION 1.4
Principles underlying an audit conducted in accordance with generally accepted auditing standards (GAAS)
c01IntroductionAndOverviewOfAuditAndAssurance.indd 16 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1.5 The Role of Regulators and Regulations 1-17
and professional skepticism. The principles describe the responsibilities of management, and
those charged with governance of an entity, for the financial statements. The auditor responsi-
bilities also address the important concepts of compliance with ethical requirements (includ-
ing independence requirements) and the use of professional judgment. Take a few minutes to
read the principles in Illustration 1.4.
The SASs are interpretations of the principles underlying an audit conducted in accor-
dance with GAAS. The SASs explain the nature and extent of an auditor’s responsibility and
offer guidance to an auditor in performing the audit of a private company. Compliance with
the SASs is mandatory for AICPA members, who must justify any departures from the stan-
dards. The SASs are numbered in the order in which they are issued by the ASB. Then the
standards are organized by topical content using the AU numbering system. (Note that the
“AU” stands for auditing standards, but these are not to be confused with the Auditing Stan-
dards (AS) from the PCAOB.) The AU-C topical order (the “C” denotes the clarified standards)
is listed in Illustration 1.5.
ILLUSTRATION 1.4
(continued)
Performing the Audit
To express an opinion, the auditor obtains reasonable assurance about whether the financial state-
ments as a whole are free of material misstatement, whether due to fraud or error.
To obtain reasonable assurance, which is a high, but not absolute, level of assurance, the auditor:
• plans the work and properly supervises any assistants.
• determines and applies appropriate materiality level or levels throughout the audit.
• identifies and assesses risks of material misstatement, whether due to fraud or error, based
on an understanding of the entity and its environment, including the entity’s internal control.
• obtains sufficient appropriate audit evidence about whether material misstatements exist,
through designing and implementing appropriate responses to the assessed risks.
The auditor is unable to obtain absolute assurance that the financial statements are free of
material misstatement because of inherent limitations, which arise from:
• the nature of financial reporting;
• the nature of audit procedures; and
• the need for the audit to be conducted within a reasonable period of time and so as to achieve
a balance between benefit and cost.
Reporting the Results of an Audit
Based on an evaluation of the audit evidence obtained, the auditor expresses, in the form of a
written report, an opinion in accordance with the auditor’s findings, or states that an opinion can-
not be expressed.
The opinion states whether the financial statements are presented fairly, in all
material respects, in accordance with applicable financial reporting framework.
Source: AU-C Preface.
ILLUSTRATION 1.5
Auditing Standards Board AU-C topical content
Source: AICPA.
AU-C Section General Topic
AU-C 200–299 General Principles and Responsibilities
AU-C 300–499Risk Assessment and Response to Assessed Risks
AU-C 500–599Audit Evidence
AU-C 600–699 Using the Work of Others
AU-C 700–799Audit Conclusions and Reporting
AU-C 800–899 Special Considerations
AU-C 900–999 Special Considerations in the United States
c01IntroductionAndOverviewOfAuditAndAssurance.indd 17 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
and professional skepticism. The principles describe the responsibilities of management, and
those charged with governance of an entity, for the financial statements. The auditor responsi-
bilities also address the important concepts of compliance with ethical requirements (includ-
ing independence requirements) and the use of professional judgment. Take a few minutes to
read the principles in Illustration 1.4.
The SASs are interpretations of the principles underlying an audit conducted in accor-
dance with GAAS. The SASs explain the nature and extent of an auditor’s responsibility and
offer guidance to an auditor in performing the audit of a private company. Compliance with
the SASs is mandatory for AICPA members, who must justify any departures from the stan-
dards. The SASs are numbered in the order in which they are issued by the ASB. Then the
standards are organized by topical content using the AU numbering system. (Note that the
“AU” stands for auditing standards, but these are not to be confused with the Auditing Stan-
dards (AS) from the PCAOB.) The AU-C topical order (the “C” denotes the clarified standards)
is listed in Illustration 1.5.
ILLUSTRATION 1.4
(continued)
Performing the Audit
To express an opinion, the auditor obtains reasonable assurance about whether the financial state-
ments as a whole are free of material misstatement, whether due to fraud or error.
To obtain reasonable assurance, which is a high, but not absolute, level of assurance, the auditor:
• plans the work and properly supervises any assistants.
• determines and applies appropriate materiality level or levels throughout the audit.
• identifies and assesses risks of material misstatement, whether due to fraud or error, based
on an understanding of the entity and its environment, including the entity’s internal control.
• obtains sufficient appropriate audit evidence about whether material misstatements exist,
through designing and implementing appropriate responses to the assessed risks.
The auditor is unable to obtain absolute assurance that the financial statements are free of
material misstatement because of inherent limitations, which arise from:
• the nature of financial reporting;
• the nature of audit procedures; and
• the need for the audit to be conducted within a reasonable period of time and so as to achieve
a balance between benefit and cost.
Reporting the Results of an Audit
Based on an evaluation of the audit evidence obtained, the auditor expresses, in the form of a
written report, an opinion in accordance with the auditor’s findings, or states that an opinion can-
not be expressed.
The opinion states whether the financial statements are presented fairly, in all
material respects, in accordance with applicable financial reporting framework.
Source: AU-C Preface.
ILLUSTRATION 1.5
Auditing Standards Board AU-C topical content
Source: AICPA.
AU-C Section General Topic
AU-C 200–299 General Principles and Responsibilities
AU-C 300–499Risk Assessment and Response to Assessed Risks
AU-C 500–599Audit Evidence
AU-C 600–699 Using the Work of Others
AU-C 700–799Audit Conclusions and Reporting
AU-C 800–899 Special Considerations
AU-C 900–999 Special Considerations in the United States
c01IntroductionAndOverviewOfAuditAndAssurance.indd 17 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1-18 Chapter 1 Introduction and Overview of Audit and Assurance
Throughout the text, we will be learning some of the specific ASB auditing standards in
the different topical categories. The beginning of each chapter will list which ASB standards
will be discussed in that chapter. You will also see references to the ASB standards within the
text. The reference will begin with “AU-C” followed by the standard number, a decimal, and
then a paragraph number, such as “AU-C 200.05.”
The ASB also issues Statements on Standards for Attestation Engagements (SSAE) and State-
ments on Quality Control Standards (SQCS) for AICPA member firms. Another standing commit -
tee of the AICPA is the Accounting and Review Services Committee. This committee is tasked with
issuing Statements on Standards for Accounting and Review Services (SSARS). The SSARS provide
guidance for services provided on historical financial statements that are less extensive than an
audit. An example that we discussed earlier is a review of historical financial statements. A more
detailed discussion of accounting and review services is provided in Chapter 16.
To help summarize the audit standard-setting environment in the United States, Illus-
tration 1.6 provides a diagram of the current audit standard setting-structure for the audits of
public and private companies.
Professional Environment
International Auditing and Assurance Standards Board (IAASB)
In 1977, 63 accountancy bodies (including the AICPA) repre-
senting 51 countries signed an agreement creating the Interna-
tional Federation of Accountants (IFAC). The mission of IFAC
is to serve the public interest and strengthen the accountancy
profession by supporting the development and implementation
of high-quality international standards.
2
Toward this end, IFAC has established, as a standing subcom-
mittee, the International
Auditing and Assurance Standards Board
(IAASB) with the responsibility and authority to issue International Standards on Auditing (ISA). The mission of the IAASB is to estab -
lish high-quality auditing, assurance, quality control, and related services standards and to improve the uniformity of practice by pro-
fessional accountants throughout the world, thereby strengthening
public confidence in the global auditing profession and serving the public interest.
3
Today, auditing has become a global profession. Many countries
adopt IAASB standards as their own. Other countries have auditing standards that closely resemble the IAASB standards (for example, the SAS in the United States). Where differences exist between the international standards and local standards, the local member body, such as the AICPA’s ASB, is expected to give prompt consideration to such differences with a view to achieving harmonization.
In recent years, the U.S. ASB and the IAASB have worked
jointly in creating auditing standards that have global acceptance. Most of the auditing principles and practices discussed in this text are consistent with IAASB standards.
2
International Federation of Accountants website (accessed June 5, 2020), www.ifac.org.
3
International Auditing and Assurance Standards Board website (accessed June 5, 2020), www.iaasb.org.
ILLUSTRATION 1.6
Audit standard setting in the
United States
Staemns odrfmAi
EAdAga(()stu
Statements on
Standards for
Attestation
Engagements (SSAE)
Statements on
Auditing Standards
(SAS)
Statements on
Quality Control
Standards (SQCS)
Auditing Standards
(AS)
Audit Standard Setting
Qnml m)yan ftmonaos
lfhCAOB
dgd
CAdd
I•lfhABdgd
CAdd
ʼ?
ddBd
AB
S)•Cao odrfmAi
Ea(()stu
•lCAg
OghBd
CAOB
c01IntroductionAndOverviewOfAuditAndAssurance.indd 18 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Throughout the text, we will be learning some of the specific ASB auditing standards in
the different topical categories. The beginning of each chapter will list which ASB standards
will be discussed in that chapter. You will also see references to the ASB standards within the
text. The reference will begin with “AU-C” followed by the standard number, a decimal, and
then a paragraph number, such as “AU-C 200.05.”
The ASB also issues Statements on Standards for Attestation Engagements (SSAE) and State-
ments on Quality Control Standards (SQCS) for AICPA member firms. Another standing commit -
tee of the AICPA is the Accounting and Review Services Committee. This committee is tasked with
issuing Statements on Standards for Accounting and Review Services (SSARS). The SSARS provide
guidance for services provided on historical financial statements that are less extensive than an
audit. An example that we discussed earlier is a review of historical financial statements. A more
detailed discussion of accounting and review services is provided in Chapter 16.
To help summarize the audit standard-setting environment in the United States, Illus-
tration 1.6 provides a diagram of the current audit standard setting-structure for the audits of
public and private companies.
Professional Environment
International Auditing and Assurance Standards Board (IAASB)
In 1977, 63 accountancy bodies (including the AICPA) repre-
senting 51 countries signed an agreement creating the Interna-
tional Federation of Accountants (IFAC). The mission of IFAC
is to serve the public interest and strengthen the accountancy
profession by supporting the development and implementation
of high-quality international standards.
2
Toward this end, IFAC has established, as a standing subcom-
mittee, the International
Auditing and Assurance Standards Board
(IAASB) with the responsibility and authority to issue International Standards on Auditing (ISA). The mission of the IAASB is to estab -
lish high-quality auditing, assurance, quality control, and related services standards and to improve the uniformity of practice by pro-
fessional accountants throughout the world, thereby strengthening
public confidence in the global auditing profession and serving the public interest.
3
Today, auditing has become a global profession. Many countries
adopt IAASB standards as their own. Other countries have auditing standards that closely resemble the IAASB standards (for example, the SAS in the United States). Where differences exist between the international standards and local standards, the local member body, such as the AICPA’s ASB, is expected to give prompt consideration to such differences with a view to achieving harmonization.
In recent years, the U.S. ASB and the IAASB have worked
jointly in creating auditing standards that have global acceptance. Most of the auditing principles and practices discussed in this text are consistent with IAASB standards.
2
International Federation of Accountants website (accessed June 5, 2020), www.ifac.org.
3
International Auditing and Assurance Standards Board website (accessed June 5, 2020), www.iaasb.org.
ILLUSTRATION 1.6
Audit standard setting in the
United States
Staemns odrfmAi
EAdAga(()stu
Statements on
Standards for
Attestation
Engagements (SSAE)
Statements on
Auditing Standards
(SAS)
Statements on
Quality Control
Standards (SQCS)
Auditing Standards
(AS)
Audit Standard Setting
Qnml m)yan ftmonaos
lfhCAOB
dgd
CAdd
I•lfhABdgd
CAdd
ʼ?
ddBd
AB
S)•Cao odrfmAi
Ea(()stu
•lCAg
OghBd
CAOB
c01IntroductionAndOverviewOfAuditAndAssurance.indd 18 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1.5 The Role of Regulators and Regulations 1-19
Financial Accounting Standards Board (FASB)
The FASB is a privately funded organization whose mission is to establish financial account-
ing and reporting standards for nongovernmental entities with the goal of providing informa-
tion that is useful for decision making (www.fasb.org). You are probably familiar with the
FASB from your financial accounting courses.
The FASB maintains the Accounting Standards Codification (ASC), which represents the
authoritative standards of financial reporting recognized by the SEC, the PCAOB, and the
AICPA. We commonly refer to the authoritative standards as GAAP. There are seven full-time
members of the FASB who have diverse backgrounds in accounting, finance, business, and
research. Members of the FASB work closely with the AICPA, SEC, and the PCAOB when
researching and drafting financial accounting and reporting standards.
Committee on Sponsoring Organizations of the
Treadway Commission (COSO)
COSO is an independent private-sector group that focuses on providing guidance to man-
agement and expertise in the areas of internal control, enterprise risk management, and
fraud deterrence (www.coso.org). COSO was organized in 1985 and is sponsored by the fol-
lowing organizations: the American Accounting Association (AAA), the AICPA, Financial
Executives International (FEI), the Institute of Internal Auditors (IIA), and the
Institute of
Management Accountants (IMA). Because the first chairman of the commission was James C. Treadway, Jr., a former commissioner of the SEC, the group is often referred to as the “Treadway Commission.”
In 1992, COSO issued a landmark report titled Internal Control—Integrated Framework.
This report provided a comprehensive definition of internal controls and a framework that companies could use to design their own internal control systems. In 2013, the framework went through a comprehensive update and was reissued. This updated framework will be covered in depth in Chapter 6.
National Association of State Boards of
Accountancy (NASBA) and State Boards of
Accountancy
CPAs are professionals who are licensed by state governments. Each state legislature has
established a state board of accountancy to license and regulate CPAs to protect the public
interest. Some of the functions of a state board of accountancy include:
•
Issuing CPA licenses to individuals who meet all the requirements.
• Adopting and enforcing rules of professional conduct for CPAs.
• Adopting and enforcing rules regarding continuing professional education requirements.
• Investigating complaints, conducting hearings, and taking appropriate disciplinary ac- tions, such as suspension or revocation of the CPA license.
NASBA is a professional organization whose mission is to enhance the effectiveness and advance the common interests of its members, which are the state boards of accountancy (www.nasba.org). There are actually 55 jurisdictions with boards of accountancy. They in-
clude the 50 states, the District of Columbia, the Commonwealth of the Northern Mariana Islands, Guam, Puerto Rico, and the Virgin Islands.
NASBA acts as a collective voice for the boards of accountancy and works to promote the in-
terests of the state boards with legislative and regulatory bodies. NASBA also provides education and development opportunities for its members, provides technology support, and promotes ethical behavior in the profession. One of the services NASBA provides to state boards is that it serves as the application center for individuals applying to sit for the CPA exam. When you are
ready to apply to take the CPA exam, you may be asked to apply through NASBA’s website.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 19 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Financial Accounting Standards Board (FASB)
The FASB is a privately funded organization whose mission is to establish financial account-
ing and reporting standards for nongovernmental entities with the goal of providing informa-
tion that is useful for decision making (www.fasb.org). You are probably familiar with the
FASB from your financial accounting courses.
The FASB maintains the Accounting Standards Codification (ASC), which represents the
authoritative standards of financial reporting recognized by the SEC, the PCAOB, and the
AICPA. We commonly refer to the authoritative standards as GAAP. There are seven full-time
members of the FASB who have diverse backgrounds in accounting, finance, business, and
research. Members of the FASB work closely with the AICPA, SEC, and the PCAOB when
researching and drafting financial accounting and reporting standards.
Committee on Sponsoring Organizations of the
Treadway Commission (COSO)
COSO is an independent private-sector group that focuses on providing guidance to man-
agement and expertise in the areas of internal control, enterprise risk management, and
fraud deterrence (www.coso.org). COSO was organized in 1985 and is sponsored by the fol-
lowing organizations: the American Accounting Association (AAA), the AICPA, Financial
Executives International (FEI), the Institute of Internal Auditors (IIA), and the
Institute of
Management Accountants (IMA). Because the first chairman of the commission was James C. Treadway, Jr., a former commissioner of the SEC, the group is often referred to as the “Treadway Commission.”
In 1992, COSO issued a landmark report titled Internal Control—Integrated Framework.
This report provided a comprehensive definition of internal controls and a framework that companies could use to design their own internal control systems. In 2013, the framework went through a comprehensive update and was reissued. This updated framework will be covered in depth in Chapter 6.
National Association of State Boards of
Accountancy (NASBA) and State Boards of
Accountancy
CPAs are professionals who are licensed by state governments. Each state legislature has
established a state board of accountancy to license and regulate CPAs to protect the public
interest. Some of the functions of a state board of accountancy include:
•
Issuing CPA licenses to individuals who meet all the requirements.
• Adopting and enforcing rules of professional conduct for CPAs.
• Adopting and enforcing rules regarding continuing professional education requirements.
• Investigating complaints, conducting hearings, and taking appropriate disciplinary ac- tions, such as suspension or revocation of the CPA license.
NASBA is a professional organization whose mission is to enhance the effectiveness and advance the common interests of its members, which are the state boards of accountancy (www.nasba.org). There are actually 55 jurisdictions with boards of accountancy. They in-
clude the 50 states, the District of Columbia, the Commonwealth of the Northern Mariana Islands, Guam, Puerto Rico, and the Virgin Islands.
NASBA acts as a collective voice for the boards of accountancy and works to promote the in-
terests of the state boards with legislative and regulatory bodies. NASBA also provides education and development opportunities for its members, provides technology support, and promotes ethical behavior in the profession. One of the services NASBA provides to state boards is that it serves as the application center for individuals applying to sit for the CPA exam. When you are
ready to apply to take the CPA exam, you may be asked to apply through NASBA’s website.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 19 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1-20 Chapter 1 Introduction and Overview of Audit and Assurance
1.6 Audit Report on Financial Statements
Cloud 9 Continuing Case
Ernie explains that, in general, the regulators and regulations
that apply to publicly traded corporations are not relevant to
Stotez Shoes. However, any auditor Ron engages would apply the
auditing and accounting standards that are relevant to an audit
engagement when auditing a small business. Since Stotez Shoes
is a private company, the auditors would follow the auditing stan-
dards of the ASB when conducting the audit.
Before You Go On
5.1
What is the SEC and what is its role?
5.2 Which organization sets the standards for the audits of public companies? For the audits of
private companies?
5.3 What are the main functions of a state board of accountancy?
LEARNING OBJECTIVE 6
Explain the concepts of reasonable assurance and materiality, and the nature of an
unqualified/unmodified report on the audit of financial statements.
In this section, we introduce you to the independent auditor’s report, which is the “end product”
of the financial statement audit. The independent auditor’s report is used to communicate the
auditor’s opinion about a company’s financial statements to interested users. We will revisit the
independent auditor’s report in more depth in Chapter 16, but it is helpful to understand this
report from the perspective of a financial statement reader as you begin to learn the audit process.
Reasonable Assurance and the Financial
Statements
We have explained how the responsibility of the auditor is to provide an opinion on whether the
financial statements are presented fairly in accordance with the applicable financial reporting
framework. An opinion is defined as a judgment about matters that are subjective. The prepa-
ration of financial statements is considered somewhat subjective because management must
make some estimates and choose between different accounting methods. Therefore, the audi-
tor is only required to obtain reasonable assurance about whether the financial statements
as a whole are free from material misstatement, whether due to fraud or error.
•
Reasonable assurance is a high, but not absolute, level of assurance (AU-C 200.06).
• In other words, the auditor does not “guarantee” or “certify” that the financial statements
are 100% accurate because that is considered absolute assurance, which is not possible with content that is subjective.
In addition, an audit could not be completed in a reasonable amount of time if auditors had to provide absolute assurance. For some accounts and transactions, auditors use sampling techniques when gathering audit evidence and therefore do not examine 100% of a company’s transactions for the period under audit. So, how do auditors know when they have gathered enough evidence? Ultimately, that is a matter of professional judgment. Since judgment is
reasonable assurance
a high,
but not absolute, level of assurance
c01IntroductionAndOverviewOfAuditAndAssurance.indd 20 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1.6 Audit Report on Financial Statements
Cloud 9 Continuing Case
Ernie explains that, in general, the regulators and regulations
that apply to publicly traded corporations are not relevant to
Stotez Shoes. However, any auditor Ron engages would apply the
auditing and accounting standards that are relevant to an audit
engagement when auditing a small business. Since Stotez Shoes
is a private company, the auditors would follow the auditing stan-
dards of the ASB when conducting the audit.
Before You Go On
5.1
What is the SEC and what is its role?
5.2 Which organization sets the standards for the audits of public companies? For the audits of
private companies?
5.3 What are the main functions of a state board of accountancy?
LEARNING OBJECTIVE 6
Explain the concepts of reasonable assurance and materiality, and the nature of an
unqualified/unmodified report on the audit of financial statements.
In this section, we introduce you to the independent auditor’s report, which is the “end product”
of the financial statement audit. The independent auditor’s report is used to communicate the
auditor’s opinion about a company’s financial statements to interested users. We will revisit the
independent auditor’s report in more depth in Chapter 16, but it is helpful to understand this
report from the perspective of a financial statement reader as you begin to learn the audit process.
Reasonable Assurance and the Financial
Statements
We have explained how the responsibility of the auditor is to provide an opinion on whether the
financial statements are presented fairly in accordance with the applicable financial reporting
framework. An opinion is defined as a judgment about matters that are subjective. The prepa-
ration of financial statements is considered somewhat subjective because management must
make some estimates and choose between different accounting methods. Therefore, the audi-
tor is only required to obtain reasonable assurance about whether the financial statements
as a whole are free from material misstatement, whether due to fraud or error.
•
Reasonable assurance is a high, but not absolute, level of assurance (AU-C 200.06).
• In other words, the auditor does not “guarantee” or “certify” that the financial statements
are 100% accurate because that is considered absolute assurance, which is not possible with content that is subjective.
In addition, an audit could not be completed in a reasonable amount of time if auditors had to provide absolute assurance. For some accounts and transactions, auditors use sampling techniques when gathering audit evidence and therefore do not examine 100% of a company’s transactions for the period under audit. So, how do auditors know when they have gathered enough evidence? Ultimately, that is a matter of professional judgment. Since judgment is
reasonable assurance
a high,
but not absolute, level of assurance
c01IntroductionAndOverviewOfAuditAndAssurance.indd 20 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
1.6 Audit Report on Financial Statements 1-21
involved, there will always be a risk the auditors will give the wrong opinion. This is called
audit risk.
Audit risk is affected by client characteristics as well as actions of the auditor. For exam-
ple, when a client implements a new accounting standard, audit risk increases because there
is increased risk for error when implementing a new process. The internal control system of
the client also impacts audit risk. If the client has strong internal controls, it is more likely the
internal controls will prevent, or detect and correct, material misstatements, which decreases
audit risk. Auditors impact audit risk by the decisions made in how to conduct the audit. The
concept of audit risk is covered in depth in Chapter 3.
We will devote considerable attention throughout the text to the concept of audit risk and
determining how auditors make important professional judgments about collecting sufficient,
appropriate evidence to achieve reasonable assurance and support the auditor’s opinion.
Materiality and the Financial Statements
Although financial statements contain approximations, they must reflect a reasonable degree
of precision. However, accounting is not precise, or accurate, the way we might think of
Newtonian physics as being precise. If a potential misstatement of the financial statements is
significant enough to influence or make a difference in the judgment of a financial statement
user, it is considered material.
Materiality is a relative concept, and it differs from company to company and from year to year
for a given company. For example, a $25,000 misstatement of revenues may be material to a com-
pany with $200,000 of net income, while a $25,000 misstatement for a company with $5,000,000
in net income may be immaterial. In addition, qualitative characteristics influence materiality. For
example, an error in the financial statements may be a small percentage of an account balance.
This small error, however, may be considered material because it could cause an entity to breach a
loan covenant, which could result in a misclassification of current and noncurrent debt.
Auditors design an audit to provide reasonable assurance that the financial statements
are free of material misstatement. However, auditors do not design an audit to look for imma-
terial misstatements because they would not influence a financial statement user. A deeper
discussion of how auditors make materiality decisions can be found in Chapter 3.
audit risk the risk that an au-
ditor expresses an inappropriate
audit opinion when the finan-
cial statements are materially
misstated
Professional Environment Materiality
In the audit of a very large company, the amount of misstatement that would be considered immaterial might be quite large. Consider the audit of Starbucks for the year ended September 27, 2020, when Starbucks had total revenues of $23.518 billion, earnings before income taxes of $1.164 billion, net income of $928 million, and total assets of $29.374 billion at September 27, 2020. Starbucks rounds its financial statement amounts to the nearest $1 million. For the year ended September 27, 2020, Starbucks had a return on assets of 38.19%.
As an investor, would you consider a return on assets of
38.19% or 38.18% to be substantially the same? It would take ap-
proximately a $6 million misstatement to change return on assets by only 1/100 of 1% for Starbucks for the year ended September 27, 2020. Alternatively, as an investor, would you consider a return on assets of 38.19% or 38.09% to be substantially the same? It would take approximately a $60 million misstatement to change
return
on assets by only 1/10 of 1% for Starbucks for the year ended
September 27, 2020.
The Auditorʼs Report on Financial Statements
When the audit firm has determined that it has gathered sufficient, appropriate evidence to
form an opinion, then it is ready to issue the audit report. Auditing standards require a standard
format of the audit report be used for all audits. In other words, all accounting firms use the
same standard format and standard wording for reporting their audit opinions. Using a standard
format makes it easier for financial statement users to navigate the audit report.
There is a standard report for the audit of public company financial statements and a
standard report for the audit of private company financial statements. The actual process of
auditing the financial statements of public and private companies is similar, but there are also
some differences, which will be discussed throughout the text. One of the key differences is
the format of the audit reports.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 21 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
involved, there will always be a risk the auditors will give the wrong opinion. This is called
audit risk.
Audit risk is affected by client characteristics as well as actions of the auditor. For exam-
ple, when a client implements a new accounting standard, audit risk increases because there
is increased risk for error when implementing a new process. The internal control system of
the client also impacts audit risk. If the client has strong internal controls, it is more likely the
internal controls will prevent, or detect and correct, material misstatements, which decreases
audit risk. Auditors impact audit risk by the decisions made in how to conduct the audit. The
concept of audit risk is covered in depth in Chapter 3.
We will devote considerable attention throughout the text to the concept of audit risk and
determining how auditors make important professional judgments about collecting sufficient,
appropriate evidence to achieve reasonable assurance and support the auditor’s opinion.
Materiality and the Financial Statements
Although financial statements contain approximations, they must reflect a reasonable degree
of precision. However, accounting is not precise, or accurate, the way we might think of
Newtonian physics as being precise. If a potential misstatement of the financial statements is
significant enough to influence or make a difference in the judgment of a financial statement
user, it is considered material.
Materiality is a relative concept, and it differs from company to company and from year to year
for a given company. For example, a $25,000 misstatement of revenues may be material to a com-
pany with $200,000 of net income, while a $25,000 misstatement for a company with $5,000,000
in net income may be immaterial. In addition, qualitative characteristics influence materiality. For
example, an error in the financial statements may be a small percentage of an account balance.
This small error, however, may be considered material because it could cause an entity to breach a
loan covenant, which could result in a misclassification of current and noncurrent debt.
Auditors design an audit to provide reasonable assurance that the financial statements
are free of material misstatement. However, auditors do not design an audit to look for imma-
terial misstatements because they would not influence a financial statement user. A deeper
discussion of how auditors make materiality decisions can be found in Chapter 3.
audit risk the risk that an au-
ditor expresses an inappropriate
audit opinion when the finan-
cial statements are materially
misstated
Professional Environment Materiality
In the audit of a very large company, the amount of misstatement that would be considered immaterial might be quite large. Consider the audit of Starbucks for the year ended September 27, 2020, when Starbucks had total revenues of $23.518 billion, earnings before income taxes of $1.164 billion, net income of $928 million, and total assets of $29.374 billion at September 27, 2020. Starbucks rounds its financial statement amounts to the nearest $1 million. For the year ended September 27, 2020, Starbucks had a return on assets of 38.19%.
As an investor, would you consider a return on assets of
38.19% or 38.18% to be substantially the same? It would take ap-
proximately a $6 million misstatement to change return on assets by only 1/100 of 1% for Starbucks for the year ended September 27, 2020. Alternatively, as an investor, would you consider a return on assets of 38.19% or 38.09% to be substantially the same? It would take approximately a $60 million misstatement to change
return
on assets by only 1/10 of 1% for Starbucks for the year ended
September 27, 2020.
The Auditorʼs Report on Financial Statements
When the audit firm has determined that it has gathered sufficient, appropriate evidence to
form an opinion, then it is ready to issue the audit report. Auditing standards require a standard
format of the audit report be used for all audits. In other words, all accounting firms use the
same standard format and standard wording for reporting their audit opinions. Using a standard
format makes it easier for financial statement users to navigate the audit report.
There is a standard report for the audit of public company financial statements and a
standard report for the audit of private company financial statements. The actual process of
auditing the financial statements of public and private companies is similar, but there are also
some differences, which will be discussed throughout the text. One of the key differences is
the format of the audit reports.
c01IntroductionAndOverviewOfAuditAndAssurance.indd 21 8/23/21 1:55 PMGet Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Get Complete eBook Download Link below
for instant download
https://browsegrades.net/documents/286751/ebook-payment-link-for-instant-
download-after-payment
Get Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
for instant download
https://browsegrades.net/documents/286751/ebook-payment-link-for-instant-
download-after-payment
Get Complete eBook Download By email at [email protected] Get Complete eBook Download By email at [email protected]
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 120
- Slides 46
- Age 433 days
Related Slideshows
11
TLE-9-Prepare-Salad-and-Dressing.pptxkkk
MaAngelicaCanceran
32 views
12
LESSON 1 ABOUT MEDIA AND INFORMATION.pptx
JojitGueta
27 views
60
GRADE-8-AQUACULTURE-WEEKQ1.pdfdfawgwyrsewru
MaAngelicaCanceran
42 views
26
Feelings PP Game FOR CHILDREN IN ELEMENTARY SCHOOL.pptx
KaistaGlow
41 views
![Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx](https://slidepub.com/thumb/5828/284015828.jpg)
54
Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx
acecamero20
25 views
7
Jeopardy_Figures_of_Speech.pptxvdsvdsvsdvsd
acecamero20
25 views