Chapter 3 Flashcards Preview

External Auditing > Chapter 3 > Flashcards

Flashcards in Chapter 3 Deck (37):

gaining an understanding of the client, identifying risk factors, developing an audit strategy, and assessing materiality

Planning stage


information that impacts the decision-making process of the users of the financial statements



a strategy that sets the scope, timing, and direction of the audit and provides the basis for developing a detailed audit plan

Audit strategy


detailed testing of controls and substantive testing of transactions and accounts

Execution stage


evaluating the results of the detailed testing in light of the auditor's understanding of their client and forming an opinion on the fair presentation of the client's financial statements

Reporting stage


the quantity and quality of the evidence that has been gathered

Sufficient appropriate evidence


the viability of a company to remain in business for the foreseeable future

Going concern


an intentional act through the use of deception to obtain an unjust or illegal advantage



the rules, systems, and processes within companies used to guide and control

Corporate governance


processes used by a client when finalizing the books for an accounting period

Closing procedures


At the outset of every audit, an auditor must gain an understanding of their client. The purpose of this procedure is to assess the risk that the financial statements contain a material misstatement due to:

the nature of the client's business

the industry in which the client operates

the level of competition within that industry

the client's customers and suppliers

the regulatory environment in which the client operates.


Some examples of related party transactions that require disclosure are listed below:

purchase and sales transactions between companies under common control or when one party has significant influence over another

rent paid from one related party to another

loans made to shareholders or senior management

loan guarantees provided by a shareholder of the company.


CAS 550 Related Parties requires the auditor to do the following:

discuss with the engagement team the susceptibility of the financial statements to material misstatement due to fraud or error that could result from the entity's related party relationships and transactions

ask management to identity all related parties and to provide an explanation as to the nature, type, and purpose of transactions with these entities

obtain an understanding of the processes and procedures management has in place to ensure all related party transactions are identified, authorized, accounted for, and disclosed in accordance with the chosen financial reporting framework

remain alert when inspecting documents such as bank confirmations, unusual sales and purchase invoices, minutes of board of director and shareholder meetings, and contracts for indicators that related party transactions may not have not been identified or disclosed to the auditor

identify and assess the risk that transactions may not be in the normal course of operations. For such transactions, inspect any underlying documents and determine the business rationale for such transactions to ensure that they are not an attempt to fraudulently misstate the financial results.


maintaining an attitude that includes a questioning mind, being alert to conditions that may indicate possible misstatement due to error or fraud, and a critical assessment of audit evidence

Professional scepticism


An auditor can use red flags to alert them to the possibility that a fraud may have occurred. Red flags include:

a high turnover of key employees

key finance personnel refusing to take leave

overly dominant management

poor compensation practices

inadequate training programs

a complex business structure

no (or ineffective) internal auditing staff

a high turnover of auditors

unusual transactions

weak internal controls.


Financial reporting frauds

• Improper asset valuations
• Unrecorded liabilities
• Timing differences—bringing forward the recognition of revenues and delaying the recognition of expenses
• Recording fictitious sales
• Understating expenses
• Inappropriate application of accounting principles


Misappropriation of assets frauds

• Using a company credit card for personal use
• Employees remaining on the payroll after ceasing employment
• Unauthorized discounts or refunds to customers
• Theft of inventory by employees or customers
• Using a company car for unauthorized personal use


Examples of incentives and pressures that increase the risk of a client committing fraud include:

• operation in a highly competitive industry
• a significant decline in demand for products or services
• falling profits
• a threat of takeover
• a threat of bankruptcy
• ongoing losses
• rapid growth
• poor cash flows combined with high earnings
• pressure to meet market expectations
• planning to list on a stock exchange
• planning to raise debt or renegotiate a loan
• about to enter into a significant new contract
• a significant proportion of remuneration tied to earnings (that is, bonuses, options)


Examples of opportunities that increase the risk that a fraud may have been perpetrated include:

• accounts that rely on estimates and judgement
• a high volume of transactions close to year end
• significant adjusting entries and reversals after year end
• significant related party transactions
• poor corporate governance mechanisms
• poor internal controls
• a high turnover of staff
• reliance on complex transactions
• transactions out of character for a business (for example, if a client leases its motor vehicles it should not have car registration expenses).


Examples of attitudes and rationalizations used to justify a fraud include:

• a poor tone at the top (that is, from senior management)
• the implementation of an effective internal control structure not seen as a priority
• an excessive focus on maximization of profits and/or share price
• a poor attitude to compliance with accounting regulations
• rationalization that other companies make the same inappropriate accounting choices.


the use of computers to store and process data and other information

Information technology


When gaining an understanding of the client, the auditor will identify the geographic location of the client because:

more spread-out clients are harder to control.
the auditor will need to visit the various locations to assess processes and procedures at each site.
the auditor will plan to use staff from affiliated offices to visit overseas locations.


When gaining an understanding of the client's sources of financing, the auditor:

will assess if the client is meeting interest payments when they are due.


When gaining an understanding of the client at the industry level the auditor:

will not ignore information about the client's industry.


The CSA's Corporate Governance Guidelines are designed to help companies:

improve their corporate structure.
improve performance.
enhance their accountability to shareholders and other interested third parties.


An attitude of professional scepticism means:

any indicator of fraud is properly investigated.


An example of an incentive or pressure that increases the risk of fraud is:

the client operates in a highly competitive industry.
the client has a history of making losses.
a significant percentage of management remuneration is tied to earnings.


The auditor must consider whether it is appropriate to assume that the client will remain as a going concern:

because this means that assets are valued on the basis that they will continue to be used for the purposes of conducting a business.


The planning stage of an audit does not include:

executing and reporting on an audit.


When gaining an understanding of the client, the auditor will consider:

related party identification.
the appropriateness of the client's system of internal controls to mitigate identified business risks.
controls over the technology used to process and store data electronically.


Client closing procedures:

are the responsibility of those charged with governance who must ensure that transactions are recorded in the correct accounting period.


the risk that an auditor expresses an inappropriate audit opinion when the financial statements are materially misstated

Audit risk


the susceptibility of the financial statements to a material misstatement without considering internal controls

Inherent risk


statement made by management regarding the recognition, measurement, presentation, and disclosure of items included in the financial statements



an identified and assessed risk of material misstatement that, in the auditor's judgement, requires special audit consideration

Significant risk


When classifying risks as being significant, consideration is given to whether the risk:

• involves fraud
• is related to significant economic or accounting developments
• involves complex transactions
• involves significant related party transactions
• involves significant subjectivity in measurement of financial information
• involves significant transactions outside the client's normal course of business.


the risk that a client's system of internal controls will not prevent or detect a material misstatement

Control risk