AUD CH 1 - Auditing Standards & Engagement Planning Flashcards Preview

CPA AUDIT > AUD CH 1 - Auditing Standards & Engagement Planning > Flashcards

Flashcards in AUD CH 1 - Auditing Standards & Engagement Planning Deck (115):

Basic Types of Audits

1. Compliance Audit

2. Operational Audit

3. Financial Statement Audit (AFRF: Gen / Special Purpose)


What were are the clarity standards designed to do?

- Make the GAAS easier to follow & understand

- Increase convergence with ISA (int'l Standards on Auditing)


Which entities do the clarity standards apply to?

Non-Issuers (non-public)

* PCAOB (public) has NOT adopted the clarity standards


Who issued the clarity standards?

Auditing Standards Board (ASB) of the AICPA


What are the two levels of requirements for audits under GAAS?

1. Unconditional Requirement ("must", "is required to")

2. Presumptively Mandatory Requirement ("Should".... if depart, must document reason)

*apply to both issuers and non-issuer audits


Clarity Project new terminology


2. Emphasis of Matter paragraph

3. Other Matter paragraph

4. Group Financial audits (division of responsibility)


Clarity Project new requirements

1. evaluate the acceptability of the AFRF (needs of users, meeting those needs, if most app. Framework)

2. apply Quality Control procedures at engagement level

3. Mgmt now has 2 major responsibilities


Clarity Project new format for each standard

1. Introduction (purpose & scope)

2. Objectives (what req. are expected to achieve, plan/performing audit, eval if obtained SA evidence)

3. Definitions

4. Requirements (presumptively mandatory & unconditional requirements)

5. Applications and Other Explanatory Material (further guidance, ICORRIIA)


Significant Finding

the inability to achieve an audit objective, which the auditor must document


The only exceptions for requirements under clarity standards

1. an entire section of GAAS does not apply (i.e. no internal audit dept.)

2. no audit evidence because it does not exist (i.e. req. to communication SD and MW's)


Which entities do the 10 GAAS apply to?

Public Entities (issuers) – PCAOB

* 10 GAAS were integrated into the AICPA clarity project's "objectives" (non-issuers)


What are the categories of the 10 GAAS?

1. General Standards (apply from acceptance to completion "TIP")

2. Fieldwork Standards (apply only to planning/gathering evidence "PIC")

3. Reporting Standards (apply only to manner for writing the audit report "ANOE")


What are the 10 GAAS considered?

the overall measure of the quality of the auditor's performance





T- Training and proficiency

I – Independence (immaterial indirect is OK // I&O)

P – due Professional Care


P - Planning and supervision

I - Internal controls (RMM & det. N,T, E of Audit Procedures)

C - Corroborative audit evidence


A - Accounting principles conform with GAAP

N - No new accounting principles applied (consistency)

O - Omitted Informative Disclosures – None

E – Expression of an Opinion


What is the purpose of the 2nd Fieldwork Standard – Internal Control?

auditor must obtain sufficient understanding of the entity and the environment (I/C) to:

1. assess RMM (fraud or error)

2. design the nature, timing, and extent of further audit procedures


Reporting Standards (10 GAAS) overall definition

- preparation and content of the audit report

- GAAS audit to check for GAAP


Which standards are implicit or explicit in the Reporting Standards (10 GAAS)?

1. Accounting Principles in conformity with GAAP (EXPLICIT)

2. No new accounting principles applied – consistent (IMPLICIT)

3. Omitted informative Disclosures – adequate? (IMPLICIT)

4. Expression of an Opinion (EXPLICIT)


General Standards (10 GAAS) overall definition

qualification of the auditor and quality of the work (TIP)


Fieldwork Standards (10 GAAS) overall definition

1. how audit is planned

2. how evidence is accumulated and evaluated


Statements on Auditing Standards (SAS)

SAS are interpretations of GAAS issued by the Auditing Standards Board (ASB) of the AICPA


Attestation Engagements


C – Complications (unless lack of independence is indicated)

A – Agreed Upon Procedures (or other leading to findings)

R – Reviews

E – Examinations (Audits)

S – Special Reports

*are all considered ASSURANCE services as well


Engagements in which independence is not required

- Compilations (when lack of Independence is indicated)

- Taxes

- Consultations

- Other non attest services such as bookkeeping or payroll

* these are not considered assurance services either


Circumstances in which audit can be performed WITHOUT independence

1. GAAS allows auditor to accept the engagement


2. Auditor is required by law or regulation to accept the engagement


Assurance Services (defined by AICPA Special Committee on Assurance Services)

aka Elliott Committee

- INDEPENDENT professional services that improve the quality of information, or its context, for decision makers


Assurance Services (definition)

an engagement in which an accountant issues a report designed to enhance the degree of confidence of third parties and management about the outcome of an evaluation or measure of F/S (subject matter) against an AFRF (criteria)

*all attestation engagements (ERAS) are considered assurance services


2 Key preconditions for an audit

1. Acceptability of the financial reporting framework being applied (adequate accounting records for evidence)

2. Management accepts responsibility (integrity, fair pres., DIM, & no client-imposed scope limit)


What should an auditor look for during a reaudit or first-year audit?

Read most recent F/S And the Predecessors report:

Opening balances

Disclosures (Contingencies And Commitments)



What should an auditor request if there is a predecessor auditor?

The auditor should request that management authorize the predecessor to allow the successor to:

1. review PA's documentation (If modified opinion, evaluate effect on current period Financial statements)

2. respond to inquiries by the successor (RID-C)



*Inquiries of predecessor Auditor*

Reasons for change of Auditor

Integrity of management

Disagreements during audits

Communication with Management for those charged with governance (DISAPPROVE)



*Should be communicated to those charged with governance – (rid-C)*

Disagreements with management

Illegal acts (Noncompliance)

Significant accounting policies

Adjustments (Adjusting JE's & Reclassifying JE's)

Prior discussions with management Before acceptance

Problems during audit (Obtaining evidence & Employee cooperation)

Responsibilities Of the auditor under GAAS

Other info regarding responsibilities

Views of other accountants (Contacted by management)

Estimates (& Process Used)


DISAPPROVE (Explanation)

- Certain matters should be communicated to those charged Governance

- May be oral or in writing (During audit or after the Audit report is issued)

- If oral, Auditor should document

- No need to repeat matters notified in previous audits


What shouldn't The Auditor discuss with management or Governance?

The detailed audit plan


specific audit procedures

(might reduce the effectiveness of the audit)


PCAOB Requirements for communication with the audit committee

1. Significant issues discussed with managementAbout appointment or retention of the auditor

2. Overall audit strategy And timing

3. Audit results And Auditors evaluation of the results

4. New Accounting pronouncements

5. Outside consultation sought by the auditor

6. Going concern issues



Overall strategy Communicated with governance

Knowledge/Specialized skill

Internal auditor usage

Principal auditor basis

Info about other accounting firms expected to perform audit procedures


What is the difference between communication with governance under GAAS versus PCAOB?

Under PCAOB, will be the auditors is REQUIRED to submit the communication to governance prior to issuance of the auditors report


Engagement letter

When the auditor has made the decision to accept the engagement, the AUDITOR IS REQUIRED to send a written engagement letter (Or comparable written agreement) to client

*Engagement letter form is recommended - Not required*

- Confirms the Scope and nature of the engagement

- confirms the Responsibilities Of the various part



Auditors responsibilities (Engagement letter)

- accordance with GAAS audit (Doesn't guarantee that errors And fraud will be detected)

- informing the client of Any improvements


Clients responsibility (Engagement letter)

- Making available all records

- Not limiting the scope

- paying agreed-upon fee



*Elements of an engagement Letter*

F – Fees

A – Auditor's responsibility (GAAS)

C - Confirmation of engagement

S - Scope and objectives engagement (Statements auditing // Objective=Opinion on F/S)

I - Internal control (SD & MW in I/C)

M - Managements Responsibility (fair pres, DIM, info access)

I – Irregularities – Fraud

L – iLlegal Acts

E - Errors


Break down the engagement letter (paragraphs)

1. Objective and scope of the audit (Statements audited and to give opinion on F/S)

2. Auditor responsibilities (Reasonable assurance, Fraud or error, Inherent Limitations of audit and I/C, D.Risk)

3. Management responsibilities and ID AFRF

4. Other Relevant information (List of schedules, Fees)

5. Reporting (Expected form versus actual form of report)

*Signed by both parties


What does audit planning involve?

Developing overall strategy with the expected conduct and scope of the audit

- To be responsive to the assessment of RMM Based on the auditors understanding (entity & enviro)


Auditor Appointment

- Early appointment is preferred And advantageous

-Maybe appointed at or near year end as well


Why does the nature, extent ,and timing of planning an audit vary?

- Size and complexity of the entity

- Auditors experience with Entity

- Knowledge of the entity's Business and industry

- Knowledge of the entity and its environment including Internal control


What are the preliminary engagement activities?

1. Acceptance

2. Ethics

3. Engagement letter (understanding with client)


What is the importance of a detailed audit plan/audit program?

It is required (GAAS) in order to achieve the objectives of the audit, which relate to management's assertions

- Step by step list Necessary for procedures to Support Opinion)

- Describes the nature, timing, and extent of

1. RMM

2. Further audit procedures (list of sub. tests)

3. Other procedures in order to comply with GAAS


What are key considerations In the development of the audit program?

1. Materiality (Smallest Aggregate dollar amount Selected)

2. RMM – prelim. Assessment (IR x CR)

3. Business and industry considerations (diff biz/diff transactions, reg, acctg)



- Smallest aggregate dollar amounts Selected

- Based on Auditor's judgment

- Quantitative and qualitative considerations

- INVERSE relationship between audit risk And the Materiality consideration

--- higher materiality level, lower risk of auditor overlooking material misstatement


Inherent risk (IR)

RMM due to the NATURE OF AN ELEMENT of the financial Statements

- Cannot be affected by the actions of the client or the Auditor


Control risk (CR)

Risk THAT material misstatement will NOT be prevented or detected and corrected on a timely basis Due to ineffective internal controls

- Affected by the Actions Of The client but not the auditor


Detection risk (DR)

Risk THAT material misstatement will NOT be detected by the AUDITOR

- Determines the amount and types of substantive testing With the goal of reducing detection risk acceptable

(the higher the RMM, the lower the auditor will wish to reduce detection risk)

- The only risk component that the owner has the ability to effect (ICORRIIA)


RMM Preliminary assessment

- F/S, account balance, class of transaction, & disclosure levels

- Assessed in order to determine the acceptable level of detection risk

- based on Prior experience with the client or the audits of predecessors


RMM Final assessment

- Takes place when the Auditor gains and understanding of the client Entity and environment including Internal control Structure

- If it is different from the preliminary assessment of RMM, MODIFY the audit program to increase or decrease sub. Testing To be performed


AICPA Accounting trends and techniques

Annual publication summarizing Disclosures of 600 industrial and merchandising corporations

- Useful source of Information When evaluating disclosures


Audit Planning considerations

1. Entity accountant Policies and procedures

2. Materiality levels

3. AR & pre-assessed lvl of RMM

4. Entity business and industry Matters (effect on F/S)

5. Processing accounting info methods (influences I/C design)

6. F/S Items like to require adjustment

7. Conditions that may require extension/modification of the audit test

8. Nature of reports EXPECTED to be issued


Steps in planning an Audit (Planning procedures)



B - Basic discussions With the Client (overal strategy & client biz/industry)

R - Review of Previous Audit documentation

A - Ask about recent developments in the company (differ from last year)

I - Interim financial statements (Analytical Procedures are MANDATORY)

N – Non-audit Personnel of acctg firm (ID and CONSULT for more client info)

S – Staffing for the audit (& engagement meeting)

T - Timing of audit procedures determined

O - Outside assistance needs (specialist & extent of internal auditor involvement)

P – Pronouncements (new acctg/auditing standards reviewed)

S – Scheduling with the client (to coordinate activities)



Steps in planning an Audit (Planning procedures)


B - Basic discussions With the Client (overal strategy & client biz/industry)

R - Review of Previous Audit documentation

A - Ask about recent developments in the company (differ from last year)

I - Interim financial statements (Analytical Procedures are MANDATORY)

N – Non-audit Personnel of acctg firm (ID and CONSULT for more client info)

S – Staffing for the audit (& engagement meeting)

T - Timing of audit procedures determined

O - Outside assistance needs (specialist & extent of internal auditor involvement)

P – Pronouncements (new acctg/auditing standards reviewed)

S – Scheduling with the client (to coordinate activities)


Supervision by the Auditor

Make certain results are in line with the expected overall audit conclusion

1. Instructing assistants

2. Reviewing the work performed

3. Dealing with differences of opinion among firm personnel

- (document difference and ask to be disassociated from the matter's resolution)


Audit risk (AR)

The risk of the auditor may unknowingly fail to appropriately modify the opinion on F/S that are materially misstated

- Auditor will not detect or properly understand I'm resulting in issuance of an inappropriate Report

- Risk of giving A clean opinion on Dirty numbers

- Composed of the product of RMM and DR


Components of Detection risk

- Test of details risk

- Substantive Analytical procedures Risk


When does misstatement Occur?

When the client fails to detect and the auditor fails to detect


Audit risk formula

(IR x CR) x (DR)


Acceptable Detection risk formula



Detection risk relationship with RMM

Inverse relationship

- The greater the risk of material misstatement the Auditor believes exist, the less detection risk that can be accepted and vice versa


How does RMM differ from Detection Risk?

That exists independently of the audit

- Detection risk relates to the Auditor's procedures and can be altered (I/C)

- Detection risk is a function of the nature timing and extent Of audit procedures

- Inherent risk is associated with the financial statement Elements


What are the steps for determining Detection risk?

1. Determining acceptable level of audit risk (consider cost/benefit)

2. Assess the risk of material misstatement (IR & CR)

3. Determine the level detection risk that is necessary to achieve the desired Audit risk (solve for DR)


Relationship between audit risk and materiality?

Inverse relationship

- If audit risk is Increases, Aggregate materiality level decreases... (& Audit SCOPE Increases)


How is the assessment of risk of material misStatement measured by the Auditor?

-Professional judgment Rather than Precise measurement of risk, But the auditor should have an appropriate basis for that assessment


What does a “misstatement” refer to?

Error or fraud caused by:

1. Difference reported on F/S vs reported with GAAP

2. Omission (Disclosure or Element)

3. Inadequate disclosure


Should misstatements be evaluated?




(Trends, Losses, segment information, & Compliance)


How do estimates Affect RMM?

Estimates increase RMM

- Human Error

- Susceptible to manipulation


Where the two types of fraud?

1. Fraudulent financial reporting

2. Misappropriation of assets (Defalcation Schemes)


Where the two types of statements resulting from Errors or Fraud?

1. Known misstatements (ID'd during audit)

2. Likely misstatements (based on sample assumption or disagreement with mgmt judgement)


Likely misstatements

- Considered likely to exist based on:

1. Audit evidence obtained. (Projecting sample population)

2. Due to difference between management and Auditor judgments

- Auditor knowledge of the entity, industry, or environment & And disparity with info in F/S


In relation to misstatements what MUST be communicated?

- All known and likely misstatements (Even Immaterial)

* Except those that the AUDITOR BELIEVES are trivial

- All knowledge or suspicion of fraud

- Knowledge or suspicion of noncompliance with applicable laws and regulations (illegal acts) to GOVERNANCE

*Except those that are clearly inconsequential

- Communicated (orally or in writing) to appropriate level of management on a Timely basis (MUST DOCUMENT)

(If senior management is involved, Communicate to Governance)


What are the Three conditions For successful Fraud? (FRAUD TRIANGLE)

1. Reason or motivation (Incentive/Pressure)

2. Opportunity (I/C)

3. Rationalization (Unaware/No choice)


Was the direct effect of the illegal acts?

Result in Adjusting entries (nonpayment of payroll taxes or license fees)


What is the indirect effects of illegal acts?

Result in contingencies (anti-trust violations, price fixing, bribes)


Pervasiveness of information

Affecting the financial statements as a whole or specific account balances or classes of transactions And related assertions


Professional judgment applied to Consideration of fraud

1. Type of risk

2. Sufficient magnitude

3. Likelihood of material misstatement


Management Override of controls and revenue recognition in relation to Fraud considerations?

1. Override is NOT enough evidence

2. Presume Revenue recognition represents risk of material Misstatement


The steps for fraud Consideration in a financial statement Audit?

1. Understand nature of fraud

2. Brainstorm Session

3. Obtain the information (ICORRIIA)

4. Identify risks

5. Evaluate those risk (consider I/C)

6. Determine the nature, timing, and, extent of SUB Testing

7. Evaluate the audit evidence obtained

*( if material, additional procedures to verify, implications, communicate, legal counsel)

If risk very high, consider withdrawing

8. Communicate to management and governance (if senior mgmt), third party (if appropriate)

* at least one level above

9. Document The consideration fraud


Fraudulent financial reporting fraud risk factors

Relating to motivation

1. Financial stability or profitability

2. Pressure (third-party)

3. Personal financial situations

4. Pressure (Financial goals)


Fraudulent financial reporting fraud risk factors

Relating to Opportunity

1. Due to the nature of the entity or industry

2. Management Not monitored Effectively

3. Organizational structure complex or unstable

4. Deficiencies in internal control


Fraudulent financial reporting fraud risk factors

Relating to Attitudes/Rationalization

1. No ethical standards

2. Non-financial management Inappropriately managing accounting

3. Excessive interest in stock/forecasts

4. Failing to correct significant deficiencies on timely basis

5. Strained relationships with Current or predecessor auditor


Misappropriation of assets fraud risk factors

Relating to motivation

1. Pressure Created by personal financial Obligations With access to assets

2. Bad relationship b/w entity & employees with access to assets


Misappropriation of assets fraud risk factors

Relating to Opportunity

1. Susceptible assets (Cash, Marketable inventory, liquid assets)

2. Inadequate internal controls


Misappropriation of assets fraud risk factors

Relating to Attitudes/Rationalization

Behavior of those employees with access to assets

(no regard for guidelines/consequence)


Statements on quality control standards

- SQCS Issued by the ASB

- Required for application to a firm's accounting And auditing practice

- Place to engagement governed by the standards set by ASB or ARSC (AICPA)



Auditing Standards Board (ASB) Is senior technical body of the AICPA designated to issue pronouncements on auditing matters applicable to preparation and issuance of audit reports for NON-ISSUERS



Accounting and review services committee


What do Accounting firm Quality control procedures depend on?

1. Size of the firm

2. Nature of the practice

3. Organizational structure Considerations

4. Cost-benefit considerations



Six elements of CPA firm quality control

H - Human resources (Personnel management)

E - Ethical requirements (Independence)

A - Acceptance and continuance of client relationships/engagements (only accept with mgmt integrity)

L - Leadership responsibilities for quality within the firm ("Tone of the top")

M – Monitoring

E - Engagement performance

*Polices/procedures (engagement team Disagreements & Audit Documentation controls)


Six elements of CPA firm quality control


H - Human resources (Personnel management)

E - Ethical requirements (Independence)

A - Acceptance and continuance of client relationships/engagements (only accept with mgmt integrity)

L - Leadership responsibilities for quality within the firm ("Tone of the top")

M – Monitoring

E - Engagement performance

*Polices/procedures (engagement team Disagreements & Audit Documentation controls)


Peer Review programs for Auditors of Issuers

PCAOB Reviews and critiques the Firm's policy & procedures to evaluate the quality control

* written communications is recommended (not required)


Peer review programs for Auditors of Non-Issuers

- Another CPA professional Review and Critique the firm's policy and procedures to Evaluate the quality control

*Written communication is recommended (NOT Required)


Quality control versus GAAS

- QC: Conduct of all professionals within CPA firm on ALL engagements (HEAL ME)

- GAAS: Each individual AUDIT engagement (TIPPICANOE)


Quality control and GAAS

CPA is required to implement quality control at the engagement Level for reasonable Assurance of:

1. Compliance With professional standards & Laws and regulations

2. Appropriate report issued


What is the engagement partners responsibility of the Engagement?

The overall quality of the engagement

- Direction, supervision, and performance of the engagement in compliance

- Firm policies and procedures

- Appropriate Report issued

- Reviewing results of the engagement (evidence & issuance)

- Consultation among engagement team (differences/disagreements procedure followed)

- Making sure quality review is perform


Research TBS

How are single digit Reference numbers formatted?

Formatted as two-digit response

ie. if paragraph 3, enter "03"



US auditing standards (Clarified)



Auditing standards (AS) Of the PCAOB (nonprofit corp. established by Congress) for ISSUERS



Attestation Services (AT) --- (assurance)


- Examinations

- Reviews

- Agreed-upon procedures

(no compilations, no assurance)


Primary objective of Attestation standards

To provide a general framework and said reasonable boundaries around the attest function



Statements on standards for Attestation engagements (AICPA issued)



Statements on standards for accounting and review services (AR)

- Applied to compilations and reviews of NON-ISSUERS F/S

- Does NOT Cover: (trial balance, adjustment assist, consulting, tax matters, manuals, & processing fin. data)


What do SSARS Apply to?


2. Reviews

3. Comparative financial statements

4. Pro forma financial information

5. Personal financial statement (Written personal financial plans)



AICPA code of professional conduct

- Guidance and rules to all members in the performance of professional responsibilities

(Public practice, In industry, in government, Education)



Bylaws of the AICPA

- Governs matters of membership governance of the AICPA

- Contained In the same publication as the ET



American Institute of Certified Public Accountants



Statements on standards for valuation services of the AICPA

- Standards for AICPA members were engaged to estimate the value of a business, business ownership interest, security, or tangible asset



Statement on standards for consulting services of the AICPA

- Behavioral standards

- Claim interest

- Understanding with the client

- Communication with the client


What is expressed in a consulting service?

- Practitioner develops the findings, conclusions, and recommendations presented

* Nature and scope is determined solely by agreement between practitioner And The client

* Work is performed only for the use and benefit of the Client (Generally)



Personal financial planning

- AICPA statement and responsibilities and personal financial planning practice



Continuing professional education

- AICPA statement on standards for continuing professional education programs

*Framework for the development, presentation, measurement, and reporting of CPE programs (for quality programs)



AICPA quality control standards do NOT address the quality control ramifications of the Sarbanes-Oxley act & PCAOB standards