Chapter 2 INTRODUCTION TO AUDITING AND ASSURANCE SERVICES P a r t I C h a p t e r 2 An Overview of Financial Statement Auditing LEARNING OBJECTIVES RELEVANT ACCOUNTING AND ASSURANCE PRONOUNCEMENTS Upon completion of this chapter, you will be able to  Explain the standards governing assurance CICA Handbook, section 5025, Standards for engagements. assurance engagements  Outline the eight generally accepted auditing CICA Handbook, section 5095, Reasonable standards (GAAS). assurance and audit risk  Discuss the International Federation of CICA Handbook, section 5100, Generally accepted Accountants and International Statements on auditing standards Auditing. CICA Handbook, section 5101, International standards on auditing  Explain generally accepted accounting CICA Handbook, section 5130, Materiality in principles as audit criteria. conducting an audit  Describe the relationships among financial CICA Handbook, section 5200, Understanding the statements, management assertions, and audit entity and its environment and assessing the risk of objectives. material misstatement  Explain why the auditor must be a business and CICA Handbook, section 5300, Audit evidence industry expert. CICA Handbook, section 5400, The auditor’s  Develop a preliminary understanding of how standard report the concepts of materiality, audit risk, and Assurance and Related Services Guideline evidence apply to the audit process. AuG-41, Applying the concept of materiality in  Describe the conceptual basis for auditing. conducting an audit  Identify the major phases of the audit process.  Grasp the basic elements of audit reporting. This chapter provides an overview of a financial statement • generally accepted accounting principles as an audit audit. For those readers who have relatively little knowledge criterion about the conduct of an audit engagement, this overview is in- • management assertions tended to introduce the important concepts and material pre- • the auditor as a business and industry specialist sented in subsequent chapters. References to chapters where • three fundamental concepts in conducting an audit the concepts and material are covered in more depth are pro- vided throughout this chapter. • sampling: inferences based on limited observations The chapter covers the following topics: • the conceptual basis for auditing • standards for assurance engagements The last two sections of the chapter present an overview • generally accepted auditing standards of the audit process and an introduction to audit reporting. 3 33 34 Part I Introduction to Auditing and Assurance Services Standards Governing Professional Practice Standards for In keeping with the broader scope of activities represented by the term “as- surance services,” the CICA has issued section 5025 of the Handbook, Assurance “Standards for Assurance Engagements.” The Assurance Standards, con- Engagements sisting of general standards, performance standards, and reporting stan- dards, do not supercede the previously established standards for engage- C [LO 1] ments such as audits, reviews, and value-for-money audits, but rather “establish a framework for all assurance engagements performed by prac- titioners and for the on-going development of related standards.” Thus they provide broad guidance for the performance of assurance, attest, and audit engagements (see Figure 1–2). The standards for assurance engage- ments are reproduced in Table 2–1. Chapter 20 covers assurance engage- ments in more detail. Generally Auditing standards are the measures of the quality of the auditor’s perfor- mance. The CICA first issued generally accepted auditing standards Accepted (GAAS) approximately 30 years ago and has periodically modified them to Auditing meet changes in the auditor’s environment. GAAS are composed of three categories of standards: the general standard, examination standards, and Standards reporting standards. Table 2–2 contains the eight GAAS. C [LO 2] General Standard The general standard is concerned with the audi- tor’s qualifications and the quality of his or her work. The first part of the general standard recognizes that an individual must have adequate train- ing and proficiency as an auditor. This is gained through formal educa- tion, continuing education programs, and experience. It should be recog- nized that this training is ongoing with a requirement on the part of the auditor to stay up-to-date with current accounting and auditing pro- nouncements. Auditors should also be aware of developments in the busi- ness world that may affect the auditing profession. Due care is the focus of the second part of the general standard. In simple terms, due care means that the auditor plans and performs his or her duties with a degree of skill commonly possessed by others in the pro- fession. The requirement of due care imposes an obligation on the mem- bers of the audit team to observe the standards of field work and report- ing, and to perform the work at the same level as any other professional auditor who offers such services to clients. The second part of the general standard also requires that the auditor always maintain an attitude of independence on an engagement. Indepen- dence precludes relationships that may impair the auditor’s objectivity. A distinction is often made between independence in fact and independence in appearance. An auditor must not only be independent in fact but also avoid actions that may appear to affect independence. If an auditor is perceived Chapter 2 An Overview of Financial Statement Auditing 35 TABLE 2–1 Standards for Assurance Services General Standards The practitioner should seek management’s acknowledgment of responsibility for the subject matter as it relates to the objective of the engagement. If the practitioner does not obtain management’s acknowledgment, the practitioner should: • obtain other evidence that an accountability relationship exists, such as a reference to legislation or a regulation. • consider how the lack of management’s acknowledgment might affect his or her work and conclusion; and • disclose in his or her report that acknowledgment of responsibility has not been obtained. The assurance engagement should be performed with due care and an objective state of mind. The practitioner and any other persons performing the assurance engagment should have adequate proficiency in such engagements. The practitioner should identify or develop criteria that are suitable for evaluating the subject matter. In no circumstances should the practitioner perform the engagement using criteria which, in his or her judgement, would result in a report that would be misleading to intended users. Performance Standards The practitioner should consider the concept of significance and the relevant components of engagement risk when planning and performing the assurance engagement. Sufficient, appropriate evidence should be obtained to provide the practitioner with a reasonable basis to support the conclusion expressed in his or her report. The practitioner should document matters that in his or her professional judgement are important in providing evidence to support the conclusion expressed in his or her report. Reporting Standards As a minimum the practitioner’s report should: • identify to whom the report is directed; • describe the objective of the engagement and the entity or portion thereof, the subject matter and the time period covered by the engagement; • in an attest report, identify management’s assertion; • describe the responsibilities of management and the practitioner; • identify the applicable standards in accordance with which the engagement was conducted; • identify the criteria against which the subject matter was evaluated; • state a conclusion that conveys the level of assurance being provided and/or any reservations the practitioner may have; • state the date of the report; • identify the name of the practitioner (or firm); and • identify the place of issue. A reservation should be expressed when the practitioner: • is unable to obtain sufficient appropriate evidence to evaluate one of more aspects of the subject matter’s conformity with the criteria; • in a direct reporting engagement, concludes that the subject matter does not conform with the criteria; or • in an attest engagement concludes that (i) the assertion prepared by mangement does not present fairly the criteria used, (ii) the assertion prepared by management does not present fairly the subject matter’s conformity with the criteria, or (iii) essential information has not been presented or has been presented in an inappropriate manner. A reservation should provide an explanation of the matter giving rise to the reservation and, if reasonably determinable, its effect on the subject matter. 36 Part I Introduction to Auditing and Assurance Services TABLE 2–2 Generally Accepted Auditing Standards General Standard The examination should be performed and the report prepared by a person or persons having adequate technical training and proficiency in auditing, with due care and with an objective state of mind. Examination Standards 1. The auditor should plan and perform the audit to reduce audit risk to an acceptable low level that is consistent with the objective of an audit. 2. The auditor should obtain an understanding of the entity and its environment, including its internal control, sufficient to identify and assess the risks of material misstatement of the financial statements whether due to fraud or error, and sufficient to design and perform further audit procedures. 3. The auditor should obtain sufficient appropriate audit evidence to be able to draw reasonable conclusions on which to base the audit opinion. Reporting Standards 1. The report should identify the financial statements and distinguish between the responsibilities of management and the responsibilities of the auditor. 2. The report should describe the scope of the auditor’s examination. 3. The report should contain either an expression of opinion on the financial statements or an assertion that an opinion cannot be expressed. In the latter case, the reasons therefore should be stated. 4. Where an opinion is expressed, it should indicate whether the financial statements present fairly, in all material respects, the financial position, results of operations and cash flows in accordance with an appropriate disclosed basis of accounting, which except in special circumstances should be generally accepted accounting principles. The report should provide adequate explanation with respect to any reservation contained in such opinion. as not being independent, users may lose confidence in the auditor’s ability to report truthfully on financial statements. For example, an auditor might have a financial interest in an auditee but still conduct the audit in an ob- jective manner. Third parties, however, may assume that the auditor was not independent because the financial interest could have prevented the au- ditor from maintaining objectivity during the audit. Public confidence is impaired if an auditor is found to lack independence. The Code of Profes- sional Conduct identifies actions, such as financial or managerial interests in clients, that are believed to impair the auditor’s appearance of indepen- dence. Examination Standards The examination standards relate to the ac- tual conduct of the audit. These three standards provide the conceptual background for the audit process. The first standard of field work deals with planning and performance. Proper planning can lead to a more effec- tive audit that is more likely to detect material misstatements if they exist. Proper planning also assists in completing the engagement in a reasonable amount of time. The second examination standard requires that the auditor gain suffi- cient understanding of the auditee’s environmental internal controls to plan an audit and to properly assess the risks that fraud or error could lead to the risk of a material misstatement. Internal control is a process, effected Chapter 2 An Overview of Financial Statement Auditing 37 by an entity’s board of directors, management, and other personnel, that is designed to provide reasonable assurance regarding the achievement of the following objectives: (1) optimization of the use of resources, (2) pre- vention and detection of fraud and error, (3) safeguarding assets, and (4) maintaining a reliable information system. If the auditor decides to rely on the entity’s system of internal control he or she must document the evi- dence on which that decision is based. Sufficient, appropriate, audit evidence is the focus of the third exami- nation standard. Most of the auditor’s work involves the search for and evaluation of evidence to support management’s assertions in the financial statements. The auditor uses various audit procedures to gather this evi- dence. For example, if the balance sheet shows an amount for accounts re- ceivable of $1.5 million, management asserts that this amount is the net realizable value, or the amount expected to be collected from customers, for those receivables. The auditor can send confirmations to customers and examine subsequent payments by customers as audit procedures to gather sufficient appropriate audit evidence on the proper value of ac- counts receivable. Reporting Standards The four reporting standards specify what is to be contained in the auditor’s report: (1) the financial statements reported upon, and the responsibilities of management and the auditor, (2) the scope of the auditor’s examination, (3) the requirement to either express and opinion or to explain why an opinion cannot be expressed, and (4) the opinion should state whether the financial statements are in accordance with “an appropriate disclosed basis of accounting” which, except in rare circumstances, is GAAP. Chapter 17 will cover in detail the auditor’s report. International The globalization of business and the influence of international organiza- tions such as the North American Free Trade Agreement (NAFTA) and the Standards on European Economic Union (EU) have all increased the pressure to harmo- Auditing nize auditing standards internationally. An increasingly influential organi- zation in the development and harmonization of world-wide auditing stan- dards is the International Federation of Accountants (IFAC). The CICA, C [LO 3] CGA-Canada, and SMAC are all members of IFAC. The International Au- diting and Assurance Standards Board (IAASB) of IFAC develops and is- sues International Standards on Auditing (ISAs), authoritative pronounce- ments for the guidance of auditors in member organizations. The AASB is actively engaged in projects to promote the convergence of standards pro- posed by the IAASB with the existing Canadian standards.1 The IFAC Handbook is organized into sections—introduction and framework (100s), auditing principles and procedures (200s to 600s), auditors’ reports (700s), other engagements (800s and 900s), and special topics such as audits of computer systems, consideration of environmental matters, etc. (1000s). It also includes a section providing guidance on ethical requirements. Sec- tion 5101 of the CICA Handbook provides a table of concordance between the International Standards on Auditing of IFAC and the standards of the 1See also L.R Quinn, “Closing the GAAP,” CAMagazine (August 2003), pp.16–22. 38 Part I Introduction to Auditing and Assurance Services CICA Handbook, highlighting similarities and differences. Canadian gener- ally accepted accounting principles should be followed, except when the fi- nancial statements: • are prepared as described in CICA Handbook, paragraph 5600.09, or • are financial statements of a federal, provincial, territorial, or local government, and the auditor is required to express an opinion . . . in accordance with a disclosed basis of accounting, when the auditor would refer to audit of government financial statements, section PS 5200, for guidance. The report should provide adequate explanation with respect to any reser- vation contained in such opinion. In audits of domestic companies, Canadian auditors must follow the standards of the CICA Handbook in all matters of procedure and reporting. The ISAs are an ongoing process and are still incomplete. As a result the CICA Handbook is much more comprehensive and in many cases, its re- quirements are more rigorous than those of the ISAs. The ISAs tend to be more procedural in many areas and provide guidance which, while not as rigorous in principle, is more procedurally detailed than is the approach of the Canadian auditing profession. Nevertheless, the trend towards international harmonization of audit- ing standards is increasing. A Canadian auditor may be engaged to con- duct an examination in accordance with International Standards on Audit- ing. In such cases he or she should consult the most current version of the IFAC Handbook for the complete ISAs. Many large firms having an inter- national practice possess extensive libraries of documentation reflecting international practice. The Structure of The Assurance and Related Services Recommendations are classified as: the Assurance and 5000 General Assurance and Auditing Related Services 6000 Specific Items Recommendations 7000 Specialized Areas Section of the 8000 Review Engagements 9000 Related Services CICA Handbook The bulk of this text will deal with the topics in section 5000, General As- surance and Auditing; however, each of the other sections listed will be covered in more detail in later chapters. Generally Accepted Accounting Principles as an Audit Criterion C [LO 4] The demand for auditing arises from the potential conflict of interest that exists between owners (shareholders) and managers. The contractual arrangement between these parties normally requires that management issue a set of financial statements that purports to show the financial posi- tion and results of operations of the entity. In order to properly evaluate the financial statements, the parties to the contract must agree on a benchmark Chapter 2 An Overview of Financial Statement Auditing 39 or criterion to measure performance. Without an agreed-upon criterion, it is impossible to measure the fair presentation of the financial statements. Generally accepted accounting principles (GAAP) have, over time, be- come the primary criteria used to prepare financial statements. As the term implies, these principles are generally accepted by the diverse users of financial statements. The authority for using GAAP as the benchmark comes from generally accepted auditing standards (GAAS). The fourth re- porting standard requires that the auditor’s report indicate whether the fi- nancial statements are presented in accordance with GAAP. The auditor’s standard audit report states that “the financial statements . . . present fairly . . . in accordance with generally accepted accounting principles.” In making this statement in the audit report, the auditor judges whether (1) the accounting principles have general acceptance, (2) the accounting principles are appropriate in the circumstances, (3) the financial state- ments, including the footnotes, contain adequate disclosure, (4) the infor- mation in the financial statements is classified and summarized in a rea- sonable manner, and (5) the financial statements reflect the underlying transactions and events in a manner that presents the financial position, results of operations, and cash flows stated within a range of acceptable limits. In judging the proper accounting treatment for a transaction or event, the auditor should always consider whether the substance of the transac- tion differs from its form. Transactions should be recorded to reflect their economic substance. For example, if a company enters into a lease transac- tion in which the substance of the transaction is the purchase of the asset with debt, the transaction should be recorded as a capital lease rather than an operating lease. It is important to consider how GAAP and GAAS are related in the audit function. Figure 1–3 in Chapter 1 presented an overview of the audit function for a financial statement audit. Management and their accoun- tants record business transactions through the entity’s accounting system in accordance with GAAP. Therefore, the financial statements that are pre- pared based on the entity’s operations should also be in accordance with GAAP. GAAS, on the other hand, guide the auditor on how to gather evi- dence to test management’s assertions to determine if they are in accor- dance with GAAP. If the auditor has gathered sufficient evidence to pro- vide reasonable assurance that the financial statements present fairly in accordance with GAAP, an unqualified report can be issued. In May 2003, the Canadian Securities Administrators (CSA) an- nounced that, effective for fiscal years beginning January 1, 2004 or later, Canadian firms registered with the US Securities Exchange Commission (there are approximately 500 Canadian companies registered with US stock exchanges) will be able to apply for an exemption to permit them to file their financial statements for Canada using US GAAP. In order for a firm to qualify, the firm must demonstrate that it has the necessary exper- tise to prepare US GAAP financial statements and must also show that the firm’s auditor is knowledgeable about US GAAS.2 2Source: www.accountingweb.com, “Canadian Regulators Okay Use of US GAAP.” 40 Part I Introduction to Auditing and Assurance Services Financial Statements, Management Assertions, and Audit Objectives C [LO 5] Financial statements issued by management contain assertions about the components of those financial statements (refer to Figure 1–3). For exam- ple, when the financial statements contain a line item that inventory is $2,500,000, management asserts among other things that inventory exists, that the entity owns the inventory, and that it is properly valued. Similarly, if the financial statements contain a line item that states accounts payable are $750,000, management asserts among other things that the accounts payable are obligations of the entity and the amount for accounts payable contains all such obligations (an assertion as to completeness). In CICA Handbook, paragraph 5300.17, management assertions are classified into the following categories: • existence (assets and liabilities) • occurrence (revenues and expenses) • completeness • ownership • valuation (assets and liabilities) • measurement (revenues and expenses) • statement presentation Table 2–3 summarizes and explains management assertions. The auditor’s work consists of searching for and evaluating evidence concerning assertions. Operationally, this is accomplished by developing audit objectives that relate to management’s assertions. In the previous ex- ample, management asserted that accounts payable of $750,000 were com- plete (all accounts payable were included). The completeness assertion can be divided into two audit objectives: completeness and cutoff. By disaggre- gating the assertions into more specific audit objectives, the auditor is bet- ter able to design audit procedures for obtaining sufficient appropriate evi- dence to test management assertions. In our example, the audit objective for completeness is tested to determine if all accounts payable were in- cluded in the account, while the audit objective for cutoff tests whether all TABLE 2–3 Summary of Management Assertions • Existence The assets and liabilities exist at a given date. • Occurrence The recorded revenue and expense transactions have occurred as of a given date. • Completeness There are no unrecorded assets, liabilities, revenues, or expenses. • Ownership The assets (liabilities) are owned (owed) by the entity at a given date. • Valuation The assets and liabilities are appropriately valued. • Measurement The revenues and expenses are appropriately measured and are allocated to the proper accounting period. • Statement presentation Amounts shown in the financial statements are properly presented and disclosed. Chapter 2 An Overview of Financial Statement Auditing 41 F I G U R E 2–1 Management’s assertions Existence are contained in the Occurrence The Relationships among Completeness financial statements. Management’s Assertions, Ownership Audit Objectives, Audit Valuation Procedures, and Audit Measurement Evidence Statement presentation Auditor develops Validity audit objectives based on Completeness management’s assertions. Cutoff Ownership Accuracy Valuation Classification Disclosure Audit procedures are conducted to test the audit objectives. Audit evidence is developed to support management’s assertions. accounts payable were recorded in the proper accounting period. One audit procedure that would provide evidence about the completeness objective would be a search for unrecorded liabilities. One step in this search would be to examine vendor bills recorded in the period after year-end to deter- mine if those liabilities relate to the current period. Once the auditor has sufficient evidence that the audit objective is met, he or she has reasonable assurance that the assertion is appropriate. Figure 2–1 graphically represents the relationships among manage- ment assertions, audit objectives, audit procedures, and audit evidence. Chapter 4 contains more detailed coverage. The Auditor as a Business and Industry Expert C [LO 6] The auditor must have extensive knowledge about the nature of the client’s business and industry in order to determine whether financial statement assertions are valid. The auditor must also understand the strategic busi- ness risks faced by the client in addition to understanding the risks that af- fect the traditional processing and recording of transactions. A paradigm that is becoming dominant amongst the large public ac- counting firms is the strategic systems approach (SSA) to auditing. Using SSA, the auditor seeks to understand and document: (1) management’s strategies to achieve its objectives, (2) management’s analysis of the risks 42 Part I Introduction to Auditing and Assurance Services the business faces, and (3) the business processes that management has put in place to manage those risks. This in-depth analysis allows the auditor to obtain a thorough understanding of the business risks facing the client, the inherent risk factors in the audit and the control risks associated with the major processes management has developed for the operation of the busi- ness. The ultimate objective of this detailed analysis is to assist the auditor in designing an effective, efficient audit of the client’s financial statements. A recent KPMG monograph contained the following observation:3 As the global economy, the business organizations operating within it, and or- ganizations’ business strategies become increasingly complex and interdepen- dent, we believe more attention should be paid to the development of auditing methods and procedures that focus on assertions at the entity level—methods and procedures that promise greater power to detect material misstatements as they allow the auditor to ground key judgements in a more critical and holistic understanding of the client’s systems dynamics (p. 12). Consideration of an entity’s business risks requires that the auditor know the client’s business strategy and how it plans to respond to, or control, changes in its business environment. Numerous rapid or momentous changes have significantly affected an industry or an entity within that in- dustry. For example, the sale of books over the Internet by Amazon.com through a “virtual” bookstore significantly affected the retail book indus- try. Traditional bookstores (like Chapters) had to respond to this new com- petitor or lose sales and customers. Similarly, rapid and significant techno- logical changes in telecommunications and in computers and peripheral equipment increase the business risks for entities that operate in those in- dustries. Lastly, deregulation in banking and utilities has significantly in- creased the risks for entities that operate in those industries. This focus on the client’s business risks leads to a more strategic and systematic approach to the audit. The auditor uses knowledge of the client’s business and industry to develop a more efficient and effective audit. The auditor places less emphasis on routine transactions that are likely to be tightly controlled through the client’s internal control system. Instead, the focus shifts to identifying nonroutine transactions, accounting estimates, and valuation issues that are much more likely to lead to misstatements in the financial statements. A detailed discussion of the strategic systems ap- proach to auditing is found in Chapter 3. Three Fundamental Concepts in Conducting an Audit C [LO 7] A financial statement audit requires an understanding of three fundamen- tal concepts: materiality, audit risk, and evidence. The auditor’s judgement of materiality and audit risk establishes the type and amount of the audit work to be performed (referred to as the scope of the audit). In establish- ing the scope of the audit, the auditor must make decisions about the na- 3T.B. Bell, F. O. Marrs, I. Solomon, and H. Thomas, Auditing Organizations Through a Strategic- Systems Lens: The KPMG Business Measurement Process (New York: KPMG Peat Marwick LLP, 1997). Chapter 2 An Overview of Financial Statement Auditing 43 ture, extent, and timing of evidence to be gathered. This section briefly dis- cusses each of these concepts. The next two chapters cover these concepts in greater depth. Materiality Assurance and Related Services Guideline AuG-41, “Applying the concept of materiality in conducting an audit,” suggests using quantitative guide- lines for the initial assessment of materiality. For example, for a profit-ori- ented entity, AuG-41 suggests 5 percent of after-tax income from continu- ing operations, for a not-for-profit entity, 1/2 percent to 2 percent of total revenues or total expenses. However, AuG-41 and Handbook, section 5130, “Materiality in conducting an audit,” both stress that the auditor’s consid- eration of materiality should be a matter of professional judgement and is affected by what the auditor perceives as the view of a reasonable person who is relying on the financial statements. Paragraph 5130.04 of the CICA Handbook defines materiality as follows: A misstatement or the aggregate of all misstatements in financial statements is considered to be material if, in light of surrounding circumstances, it is proba- ble that the decision of a person who is relying on the financial statements, and who has a reasonable knowledge of business and economic activities (the user), would be changed or influenced by such misstatement or the aggregate of all misstatements. The focus of this definition is on the users of the financial statements. In planning the engagement, the auditor assesses the magnitude of a mis- statement that may affect the users’ decisions. This is sometimes referred to as accounting materiality. The auditor uses accounting materiality as a starting point for determining an amount that will be used for establishing the preliminary judgement about materiality. This assessment is some- times referred to as auditing materiality. Auditing materiality is generally assessed to be less than accounting materiality because the auditor needs to allow for the difficulty in assessing what is material to the diverse groups of financial statement users. When “materiality” is used in the re- mainder of this text, it refers to auditing materiality. The earlier example of an inventory balance of $2,500,000 is used to demonstrate this approach. Suppose the auditor assesses that the inven- tory component of the financial statements can be misstated by $50,000 before users’ decisions will be affected. The $50,000 is accounting materi- ality. The auditor may set auditing materiality at a lower amount, say $40,000, to provide for any uncertainty that may be present in his or her assessment of accounting materiality. The $40,000 is used by the auditor to design the planned audit work. This amount would also be used to eval- uate the auditor’s findings. By establishing an auditing materiality level such as $40,000, the auditor is focusing on material misstatements, where a misstatement is the difference between what management asserts is the balance and the balance based on the auditor’s findings. As you shall see later in this chapter, the wording of the auditor’s standard audit report includes the phrase “the financial statements pre- sent fairly in all material respects.” This is the manner in which the audi- tor communicates the notion of materiality to the users of the auditor’s report. Further, there is no guarantee that the auditor will uncover all ma- 44 Part I Introduction to Auditing and Assurance Services terial misstatements. The auditor can only provide reasonable assurance that all material misstatements are detected. The notion of reasonable as- surance leads to the second concept. Audit Risk The second major concept involved in auditing is audit risk. Audit risk is the risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated.4 As mentioned previously, an audit does not guarantee or provide ab- solute assurance that all misstatements will be detected. The auditor’s standard report states that the audit provides only reasonable assurance that the financial statements do not contain material misstatements. The term reasonable assurance implies some risk that a material misstatement could be present in the financial statements and the auditor will fail to de- tect it. In conducting an audit, the auditor decides what level of audit risk he or she is willing to accept and plans the audit to achieve that level of audit risk. The auditor controls the level of audit risk by the effectiveness and extent of the audit work conducted. The more effective and extensive the audit work, the less the risk that the misstatement will go undetected and the auditor will issue an inappropriate report. However, as discussed previously, an auditor could conduct an audit in accordance with GAAS and issue an unqualified opinion, and the financial statements might still contain material misstatements. The auditor’s responsibility with respect to misstatements that might arise from fraudulent activity or illegal acts is covered in detail in Chapter 3. Evidence Most of the auditor’s work in arriving at an opinion on the financial state- ments consists of obtaining and evaluating evidence. Evidence supporting the financial statements consists of the underlying accounting records and source documents available to the auditor. In designing an audit program to obtain evidence about manage- ment’s assertions contained in the financial statements, the auditor devel- ops specific audit objectives that relate to each management assertion (see Figure 2–1). The audit objectives, in conjunction with the assessment of materiality and audit risk, are used by the auditor to determine the na- ture, extent, and timing of evidence to be gathered. Because the audit ob- jectives are derived from management’s assertions, once the auditor has obtained sufficient appropriate evidence that the audit objectives are met, reasonable assurance is provided that the financial statements are fairly presented. In searching for and evaluating evidence, the auditor is concerned with the relevance and reliability of the evidence. Relevance refers to whether the evidence relates to the specific audit objective being tested. If the audi- tor relies on evidence that relates to a different audit objective from the one being tested, an incorrect conclusion may be reached about a manage- 4CICA Handbook, paragraph 5095.08. Chapter 2 An Overview of Financial Statement Auditing 45 ment assertion. For example, suppose the auditor wants to test whether the client owns certain property. If the auditor physically examines the property, this would not be relevant evidence. It is possible, for example, that the client is leasing the property the auditor examined. Reliability refers to the diagnosticity of the evidence. In other words, can a particular type of evidence be relied upon to signal the true state of the assertion or audit objective? Suppose an auditor has the choice of gathering evidence from an independent, competent source outside the client or from a source inside the client. For example, evidence provided by a lawyer on the likely outcome of a lawsuit against the client would be considered more reliable than the controller’s assessment of the likely out- come. In this instance, the external source, the lawyer, would be chosen because evidence from the outside source would be viewed as independent and thus more reliable. The auditor seldom has convincing evidence about the true state of an audit objective and, therefore, the related management assertion. In most situations, the auditor obtains only enough evidence to be persuaded that the audit objective is fairly stated. The nature of the evidence obtained by the auditor seldom provides absolute assurance about an audit objective because the types of evidence have different degrees of reliability. Addi- tionally, for many parts of an audit, time and cost constraints mean that the auditor can examine only a sample of the transactions processed dur- ing the period. Chapter 8 details the use of sampling techniques by the au- ditor to obtain audit evidence. Conceptual Basis of the Audit C [LO 8] This section provides a brief introduction to the conceptual approach the auditor employs in the performance of the audit examination. The steps in that process are detailed in the section following. This section describes the risk-based approach that guides those steps. The risk-based approach is consistent with the concepts of the Strategic Systems Approach to auditing,5 and with the increased emphasis on audit risk in the professional literature, for example, CICA Assurance and Related Services Guideline AuG-41, “Applying the concept of materiality in conducting an audit,” CICA Handbook, sections 5095, “Reasonable assurance and audit risk,” 5200, “Understanding the entity and its environment and assessing the risks of material misstatement,” and 5210, “Auditor’s procedures in re- sponse to assessed risks.” An Overview The auditor should plan and conduct an audit so that audit risk (the risk that the auditor may unknowingly fail to appropriately modify his or her opinion on financial statements that are materially misstated) will be limited to an acceptable level. Figure 2–2 presents an overview of the audit process. 5Ibid., see also T.B. Bell, and I. Solomon (eds.), Cases in Strategic Systems Auditing (Univer- sity of Illinois: KPMG and University of Illinois at Urbana-Champaign Business Measurement and Case Development Program, 2002). 46 Part I Introduction to Auditing and Assurance Services F I G U R E 2–2 An Overview of the Audit Process Obtain and support an understanding of the entity and its environment Identify risks that may result in material misstatements in the financial statements Evaluate the entity’s responses to those risks and obtain evidence of their implementation Lower risk assertions related Higher risk assertions Assess the risk of material misstatement to significant accounts or at the assertion level and determine the classes of transactions audit procedures that are necessary based on that risk assessment Design and perform Design and perform Evaluate whether specific procedures normal procedures sufficient audit evidence was obtained and if the assessments of risk were appropriate Issue audit report Chapter 2 An Overview of Financial Statement Auditing 47 Obtain and Support an Understanding of the Entity and Its Environment The auditor starts by obtaining an understanding of the entity and its environment sufficient to plan the audit and to determine the scope (nature, timing, and extent) of the audit procedures to be performed (see Figure 2–2). The auditor’s understanding of the entity and its environ- ment should include information on each of the following categories: • nature of the entity • industry, regulatory, and other external factors • management • governance • objectives and strategies • measurement and performance • business processes Because the understanding of the entity and its environment is used to as- sess the risk of material misstatement and to set the scope of the audit, the auditor should perform appropriate procedures to support that under- standing. Such procedures might include inquiry of client personnel, ob- servation of activities, analytical procedures, reading business plans and strategies, and other procedures considered necessary in the circum- stances. Identify Risks That May Result in Material Misstatement Business risks are threats to the entity’s ability to achieve its objectives. Most entities face a collection of business risks that may result in material misstatement in the financial statements. Some examples of conditions that may indicate the existence of business risks include significant changes in the entity such as a major reorganization, significant changes in the entity’s industry, or significant changes in the information technol- ogy (IT) environment. To demonstrate how such risks can result in mater- ial misstatements in the financial statements, consider the effect of changes in an entity’s industry. Suppose that the entity’s industry is subject to rapid technological product changes. If the entity does not manage changing product technology well, its valuation of inventory on the bal- ance sheet may be overstated due to obsolescence. Based on the auditor’s knowledge of the entity and its environment, the auditor should identify risks that may result in material misstatement whether due to error or fraud. Evaluate the Entity’s Response to Risks Management has a re- sponsibility to strive to attain the entity’s objectives. Therefore, manage- ment should establish a risk assessment process that identifies, analyzes, assesses, and manages risks that may affect the entity’s objectives. This was emphasized in the discussion of the accountability cycle in Chapter 1. For those risks identified as possibly resulting in material misstatement, the auditor should evaluate the entity’s responses to those risks and obtain evidence of their implementation. The auditor should perform this step be- cause the entity’s responses, or nonresponses, affect audit risk. As dis- 48 Part I Introduction to Auditing and Assurance Services cussed in Chapter 6, this evaluation may provide a basis for the auditor’s planned level of control risk. Assess the Risk of Material Misstatement While the auditor ex- presses an opinion on the financial statements taken as a whole, the audi- tor needs to assess audit risk at the individual account balance level (e.g., accounts receivable, inventory, etc.). The auditor assesses audit risk at the account balance level because it assists with determining the scope of the audit procedures. Based on the knowledge obtained in evaluating the enti- ty’s responses to business risks, the auditor assesses the risk of material misstatement at the assertion level (refer to the earlier discussion of man- agement assertions) and determines the specific audit procedures that are necessary based on that risk assessment. Thus, when considering the risks faced by the entity, the auditor should use a “top-down” approach to risk assessment. Figure 2–3 graphically presents this approach. Risks identified at the entity level may “filter” down and affect the accounts contained in the financial statements. The type of risk identified at the account balance level is likely to affect specific assertions in the account balance. As dis- cussed later in the text, the auditor normally has to test individual transac- tions that make up the account balance in order to obtain evidence on the assertions. Consider the industry example present above. At the entity level, the risk was changing technology in the industry. That risk trans- lated into possible misstatements in inventory due to obsolescence. The potential inventory obsolescence of inventory affects the valuation asser- tion. Design and Perform Audit Procedures In Figure 2–3, a distinc- tion is made between high-risk and low-risk assertions. For high-risk asser- tions, the auditor should consider how material misstatements may occur and design and perform specific audit procedures to specifically address the potential misstatements. Examples of items that may require specific audit procedures include nonroutine or unsystematically processed trans- actions, significant accounting estimates and judgements, or highly com- plex transactions. Such specific procedures should be designed to reduce the risk of undetected material misstatements to a low level. For low-risk assertions, the auditor should design and perform procedures to address the normal risks of material misstatement. Usually, low-risk assertions re- late to routine processing of significant transactions whose characteristics often allow highly automated processing by IT with little or no manual in- tervention. Such transactions are likely to be recurring, objectively mea- surable, and processed in a similar way. Evaluate Results and Issue Report The auditor’s goal at the com- pletion of the audit is to ensure that the risk of material misstatement is reduced to an acceptable level such that the overall financial statements present fairly. At the completion of the audit work, the auditor should de- termine if the assessments of risks were appropriate and whether suffi- cient evidence was obtained. The auditor should then aggregate the total uncorrected misstatements that were detected and determine if they cause Chapter 2 An Overview of Financial Statement Auditing 49 F I G U R E 2–3 A Top-Down Approach to Identify risks at the entity level Risk Analysis and Related Audit Procedures Identify risks that increase the risk of material misstatement at the account balance level Identify risks that increase the risk of material misstatement at the assertion level Determine audit procedures by distinguishing between high- and low-risk assertions High Low risk risk Design specific Design normal audit procedures audit procedures the financial statements to be materially misstated. If the auditor con- cludes that the total misstatements cause the financial statements to be materially misstated, the auditor should request management to eliminate the material misstatement. If management does not eliminate the material misstatement, the auditor should issue a qualified or adverse opinion (see the last section of this chapter). On the other hand, if the uncorrected total misstatements do not cause the financial statements to be materially mis- stated, the auditor should issue an unqualified report. Phases of the Audit Process C [LO 9] This section discusses the major phases of a financial statement audit. The presentation provides you with an overall picture of the steps necessary to 50 Part I Introduction to Auditing and Assurance Services complete an audit engagement. While these steps are presented as separate phases, on many engagements some of these steps may be conducted con- currently. Note also that there is important feedback among the various phases about the results of the audit work conducted. For example, when testing an accounts receivable balance, the auditor sets the scope of the tests based on the assessment of the internal controls over the revenue cycle. If the auditor detects more misstatements than expected when audit- ing the accounts receivable account, it may provide evidence that the inter- nal controls in the revenue cycle are not operating as effectively as origi- nally assessed. In this case, the auditor should revise the internal control assessment for the revenue cycle and adjust other planned audit tests that may be affected by the revenue cycle. The phases of the audit are shown in Figure 2–4. The first phase, client acceptance and continuance, is covered in some detail below. This is fol- lowed by a brief discussion of the other phases shown in Figure 2–4. Sub- sequent chapters cover the other phases in more detail. F I G U R E 2–4 Client acceptance and continuance (Chapters 2 and 5) Overview of the Major Phases in an Audit Establish the terms of the engagement (Chapter 5) Feedback on the results of the audit work in these phases Plan the audit, including assessing materality and risk (Chapters 3 and 5) Consider internal control (Chapters 6 and 7) Audit business processes and related accounts (e.g., revenue generation) (Chapters 9–15) Complete the audit (Chapter 16) Issue audit report (Chapter 17) Chapter 2 An Overview of Financial Statement Auditing 51 Client Prudence requires that public accounting firms establish policies and pro- cedures for deciding whether to accept new clients or retain current Acceptance and clients. The purpose of such policies is to minimize the likelihood that an Continuance auditor will be associated with clients who lack integrity. If an auditor is associated with a client who lacks integrity, material misstatements may exist and not be detected by the auditor. This can lead to lawsuits brought by users of the financial statements.6 In discussing this issue, a distinction is made between evaluating a prospective client and continuing a current client. In the case of a continuing client, the auditor has more firsthand knowledge about the entity’s operations and management’s integrity. Prospective Client Acceptance Public accounting firms should in- vestigate a prospective client prior to accepting an engagement.7 Table 2–4 lists procedures that a firm might conduct to evaluate a prospective client. Performance of such procedures would normally be documented in a memo or by completion of a client acceptance questionnaire or checklist. When the prospective client has previously been audited, the successor auditor is required by provincial and national codes of conduct, and by acts of incorporation such as the CBCA, to make certain inquiries of the predecessor auditor before accepting the engagement. The successor audi- tor should request permission of the prospective client before contacting the predecessor auditor. Because the Rules of Professional Conduct do not allow an auditor to disclose confidential client information without the client’s consent, the prospective client must authorize the predecessor TABLE 2–4 Procedures for Evaluating a Prospective Client 1. Obtain and review available financial information (annual reports, interim financial statements, income tax returns, etc.). 2. Inquire of third parties about any information concerning the integrity of the prospective client and its management. (Such inquiries should be directed to the prospective client’s bankers and lawyers, credit agencies, and other members of the business community who may have such knowledge.) 3. Communicate with the predecessor auditor about whether there were any disagreements about accounting principles, audit procedures, or similar significant matters. 4. Consider whether the prospective client has any circumstances that will require special attention or that may represent unusual business or audit risks, such as litigation or going-concern problems. 5. Determine if the firm is independent of the client and able to provide the desired service. 6. Determine if the firm has the necessary technical skills and knowledge of the industry to complete the engagement. 7. Determine if acceptance of the client would violate the Rules of Professional Conduct. 6See Z. Palmrose, “Litigation and Independent Auditors: The Role of Business Failure and Management Fraud,” Auditing: A Journal of Practice & Theory (Spring 1987), pp. 90–103, for a discussion of the impact of management fraud on litigation against auditors. 7See H. F. Huss and F. A. Jacobs, “Risk Containment: Exploring Auditor Decisions in the En- gagement Process,” Auditing: A Journal of Practice and Theory (Fall 1991), pp. 16–32, for a de- scription of the client acceptance process of the Big 5 firms. 52 Part I Introduction to Auditing and Assurance Services auditor to respond to the successor’s requests for information. The succes- sor auditor’s communications with the predecessor auditor should include questions related to the integrity of management; disagreements with management over accounting and auditing issues; communications with audit committees or an equivalent group regarding fraud, illegal acts, and internal-control-related matters; and the predecessor’s understanding of the reason for the change in auditors. Such inquiries of the predecessor auditor may help the successor auditor determine whether to accept the engagement. The predecessor auditor should respond fully to the succes- sor’s requests unless an unusual circumstance (such as a lawsuit) exists. If the predecessor’s response is limited, the successor auditor must be in- formed that the response is limited. In the unusual case where the prospective client refuses to permit the predecessor to respond, the successor auditor should have reservations about accepting the client. Such a situation should raise serious questions about management’s motivations and integrity. After accepting the engagement, the successor auditor may need infor- mation on beginning balances and consistent application of GAAP in order to issue an unqualified report. The successor auditor should request that the client authorize the predecessor auditor to permit a review of his or her working papers. In most instances, the predecessor auditor will allow the successor auditor to make copies of any working papers of continuing interest (for example, details of selected balance sheet accounts). If the client has not previously been audited, the public accounting firm should complete all the procedures listed in Table 2–4, except for the communication with the predecessor auditor. The auditor should review the prospective client’s financial information and carefully assess manage- ment integrity by communicating with the entity’s bankers and lawyers, as well as other members of the business community. In some cases, the pub- lic accounting firm may even hire an investigative agency to check on management’s background. Client Continuance Public accounting firms need to evaluate period- ically whether to retain their current clients. This evaluation may take place at or near the completion of an audit or when some significant event occurs. Conflicts over accounting and auditing issues or disputes over fees may lead a public accounting firm to disassociate itself from a client. Establish The auditor should establish an understanding with the client regarding the services to be performed. For small, privately held entities, the auditor the Terms normally negotiates directly with the owner-manager. For larger private or of the public entities, the auditor will normally be appointed by a vote of the shareholders after recommendation by the audit committee of the board Engagement of directors. In all cases, an engagement letter should document the terms agreed to by the auditor and client. Such terms would include, for exam- ple, the responsibilities of each party, the assistance to be provided by client personnel and internal auditors, and the expected audit fees. Chap- ter 5 provides an example of an engagement letter and discusses the audit committee and internal auditors. Chapter 2 An Overview of Financial Statement Auditing 53 Preplanning There are generally two preplanning activities: (1) determining the audit engagement team requirements and (2) ensuring the independence of the audit team and audit firm. The engagement partner or manager should en- sure that the audit team is composed of team members who have the ap- propriate audit and industry experience for the engagement. The partner or manager should also determine whether the audit will require IT or other types of specialists (e.g., actuaries or appraisers). The second issue that needs to be addressed during preplanning is independence of the team members and the firm from the client. Chapter 5 addresses this phase of the audit process in more detail. Establish In order to properly plan the audit, the audit team must establish a prelim- inary judgement about materiality and make a preliminary assessment of Materiality and the client’s business risks. The materiality judgement and risk assessment Assess Risks are used to set the scope for the audit. Chapter 3 explains both of these concepts in detail. Plan the Audit Proper planning of an audit is important to ensure that the audit is con- ducted in an effective and efficient manner. The steps taken during this phase include (1) gaining knowledge of the client’s business and industry so that the auditor understands events, transactions, and practices that may affect the financial statements, particularly important in the Strategic Systems Approach to auditing, and (2) conducting preliminary analytical procedures (such as ratio analysis) to identify specific transactions or ac- count balances that should receive special attention because they may con- tain material misstatements. In many instances, audit planning may in- clude a preliminary consideration of the client’s internal control system. Based on this initial work, an overall audit strategy is developed. This in- cludes the preliminary assessment of materiality and audit risk, as well as a written audit plan which sets out the nature, extent, and timing of audit work. The audit plan serves as a starting point for the engagement, but ad- justments may be required as the audit progresses. As part of the planning process, the audit partner or manager should also discuss with the other members of the audit team the susceptibility of the entity to material mis- statements due to error or fraud. Chapter 3 discusses the auditor’s respon- sibility for fraud and error in more detail. Consider Internal control is a process affected by an entity’s board of directors, man- agement, and other personnel that is designed to provide reasonable assur- Internal ance regarding the achievement of objectives such as: (1) optimizing the Control use of resources, (2) prevention and detection of error and fraud, (3) safe- guarding assets, and (4) maintaining a reliable information system. The au- ditor must sufficiently understand the client’s internal controls in order to determine which controls exist within the entity. The auditor then evaluates the internal controls in order to assess the risk that they will not prevent or detect a material misstatement in the financial statements. In considering internal control, the auditor focuses on how the entity’s use of IT and man- ual procedures may affect the controls relevant to the audit. This risk (re- ferred to as control risk) directly impacts the scope of the auditor’s work. 54 Part I Introduction to Auditing and Assurance Services When the auditor assesses control risk at less than the maximum, ex- amination standard (ii) of GAAS requires that the internal controls should be tested. The auditor’s tests are intended to ensure that the internal con- trols are operating in the manner intended and therefore are effective in preventing or detecting misstatements. The evidence gathered from testing the internal controls is used to arrive at a final assessment on the level of control risk. When control risk is assessed low, based on tests of the inter- nal controls (referred to as tests of controls), less audit work is required to audit the account balances (referred to as substantive tests) because the au- ditor has evidence that the accounting systems are generating materially accurate financial information. Conversely, if control risk is high, the audi- tor has to conduct more extensive audit work in the account balances be- cause the evidence about internal controls suggests that material misstate- ments could occur because controls do not exist or are not operating effectively. Chapter 6 provides detailed coverage of internal control in a fi- nancial statement audit. Later chapters apply this process to various busi- ness processes; for example, see Chapters 9 to 15. Audit Business In implementing the top-down risk assessment process (Figure 2–3), the auditor typically assesses the risk of material misstatement by examining Processes and the entity’s business processes or accounting cycles (e.g., production and Related distribution processes or sales and post-sales services). Based on the knowledge of the entity and its environment, the auditor determines the Accounts audit procedures that are necessary to reduce the risk of material misstate- ment to an acceptably low level for the financial statement accounts af- fected by a particular business process. The individual audit procedures are then directed toward specific assertions in the account balance that are likely to be misstated. For example, the auditor may identify the valuation assertion for inventory as one where there is risk of misstatement and con- duct lower-of-cost-or-market tests to determine if the inventory on hand is properly valued. On most engagements, this phase comprises most of the time spent on the audit. Later chapters in the text discuss procedures for business processes and related accounts. Complete After the auditor has completed testing the account balances, the suffi- ciency of the evidence gathered needs to be evaluated. The auditor must the Audit have sufficient appropriate audit evidence in order to reach a conclusion on the fairness of the financial statements. In this phase, the auditor also as- sesses the possibility of contingent liabilities, such as lawsuits, and searches for any events subsequent to the balance sheet date that may impact the fi- nancial statements. Chapter 16 covers each of these issues in detail. Issue The final phase in the audit process is choosing the appropriate audit re- port to issue. When the auditor has gathered sufficient appropriate audit the Report evidence and complied with GAAS, and the financial statements conform to GAAP, the auditor can issue a standard unqualified audit report. When sufficient evidence is not gathered or the financial statements are not in accordance with GAAP, the auditor will issue a different type of report. The remainder of this chapter presents coverage of the auditor’s standard Chapter 2 An Overview of Financial Statement Auditing 55 unqualified audit report and an overview of the exceptions to the unquali- fied report. Audit reporting is covered early in the text so that the reader has a better understanding of how the results of the evidence-gathering process affect the auditor’s choice of audit reports. Chapter 17 provides de- tailed coverage of audit reporting. Audit Reporting C [LO 10] The auditor’s report is the main product or output of the audit. This report communicates the auditor’s findings to the users of the financial state- ments. It is the culmination of a process of collecting and evaluating suffi- cient appropriate evidence concerning the fair presentation of manage- ment’s assertions in the financial statements. The audit report adds value to the financial statements because of the auditor’s objective and indepen- dent opinion on the fairness of the financial statements. Figure 2–5 pro- vides an overview of audit reporting. F I G U R E 2–5 Overview of Audit Reporting Effect of Materiality Type of Audit Report Unqualified with Immaterial Unqualified modified wording or explanatory paragraph • Reports prepared under statutory requirements Not GAAP Scope limitation: e.g., AuG-10, • Client-imposed AuG-14 • Condition-imposed • Inclusion of unaudited comparative financial statements Material Qualified Qualified Not GAAP Scope limitation: • Client-imposed • Condition-imposed Pervasively material Adverse Denial* *An auditor may also issue a denial for a lack of independence and, in some cases, for going concern. 56 Part I Introduction to Auditing and Assurance Services The Auditor’s The most common type of audit report issued is the standard unqualified audit report because management’s assertions about the entity’s financial Standard statements are usually found to conform to generally accepted accounting Unqualified principles. Such a conclusion can be expressed only when the audit was performed in accordance with generally accepted auditing standards. Sec- Audit Report tion 5400 of the CICA Handbook, “The auditor’s standard report,” provides authoritative guidance for situations where a standard, unqualified audit report is appropriate. Exhibit 2–1 presents an audit report for Molson Inc., a well-known Canadian company. This report is for the consolidated entity and covers two years of balance sheets, statements of earnings, retained earnings, and cash flows. This is the standard type of report issued for publicly traded companies. The auditor’s standard unqualified report can also cover a sin- gle year only. The Molson Inc. report contains a number of important ele- ments. E X H I B I T 2–1 The Auditor’s Standard Unqualified Audit Report— Comparative Financial Statements Title: Auditors’ Report Addressee: The Shareholders of Molson Inc. Introductory We have audited the consolidated balance sheets of Molson Inc. paragraph: at March 31, 2004 and 2003, and the consolidated statements of earn- ings, retained earnings, and cash flows for each of the years then ended. These financial statements are the responsibility of the Corpora- tion’s management. Our responsibility is to express an opinion on these financial statements based on our audits. Scope paragraph: We conducted our audits in accordance with Canadian generally ac- cepted auditing standards. Those standards require that we plan and perform the audit to obtain reasonable assurance whether the financial statements are free of material misstatement. An audit includes exam- ining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the ac- counting principles used and significant estimates made by manage- ment, as well as evaluating the overall financial statement presentation. Opinion paragraph: In our opinion, these consolidated financial statements present fairly, in all material respects, the financial position of the Corporation at March 31, 2004 and 2003, and the results of its operations and its cash flows for the years then ended, in accordance with Canadian generally ac- cepted accounting principles. Name of the auditor: PricewaterhouseCoopers LLP Chartered Accountants Date of report: Canada, May 5, 2004 Chapter 2 An Overview of Financial Statement Auditing 57 Title Auditing standards require that the report be entitled “Auditor’s Report.” Addressee The audit report is addressed to the individual or group that engaged the auditor. In the normal situation, the report is addressed to the entity’s shareholders. Introductory Paragraph The introductory paragraph contains three important facts. First, it states that an audit was conducted and indicates which financial statements are covered by the audit report. Second, it con- tains a statement that the financial statements are the responsibility of management. Third, it identifies the auditor’s responsibility—to express an opinion on the financial statements. Scope Paragraph The second, or scope, paragraph communicates to the users, in very general terms, what an audit entails. In addition to indi- cating that the audit was conducted in accordance with Canadian generally accepted auditing standards, it emphasizes the fact that the audit provides only reasonable assurance that the financial statements contain no material misstatements. The scope paragraph also discloses that an audit involves examining evidence on a test basis, an assessment of accounting principles used and significant estimates, and an overall evaluation of financial state- ment presentation. The overall evaluation is in terms of the agreed-upon criteria. In Exhibit 2–1, GAAP are the criteria used to evaluate the fairness of the financial statements. Opinion Paragraph The third paragraph contains the auditor’s opin- ion concerning the fairness of the financial statements based on the audit evidence. Two important phrases contained in this paragraph require fur- ther explanation. First, the phrase “present fairly . . . in accordance with Canadian generally accepted accounting principles” is the wording used by the auditor to comply with the fourth reporting standard. Second, the opinion paragraph also contains the phrase “in all material respects.” As mentioned earlier, this phrase is included in the report to stress the con- cept of materiality. Name of the Auditor This is the manual or printed signature of the auditor. Date of Report Generally, the auditor’s report is dated as of the date on which the auditor has completed all significant auditing procedures. The audit report date indicates to the user the last day of the auditor’s re- sponsibility for the review of significant events that have occurred after the date of the financial statements. 58 Part I Introduction to Auditing and Assurance Services In the remaining sections, departures from an unqualified audit report and other types of audit reports are covered briefly so that the reader will understand the auditor’s reporting options when a standard unqualified report is not appropriate. Chapter 17 provides detailed coverage, including examples of the other types of reports. Departures There are two basic reasons why an auditor may be unable to express an unqualified opinion (see Figure 2–5): from an 1. A departure from GAAP. The financial statements are not in Unqualified conformity with GAAP. This may occur when there is: Audit Report • inappropriate accounting treatment, e.g., accounting for a capital lease as an operating lease; failure to record depreciation on a fixed asset. • inappropriate valuation, e.g., inadequate provision for inventory obsolescence; inadequate provision for bad debts. • failure to disclose essential information, e.g., no or inadequate explanation of a contingency; no or inadequate explanation of a change in the estimated useful life of a fixed asset. 2. Scope limitation. A scope limitation may arise because of: • circumstances related to the timing of the auditor’s work, e.g., the auditor is appointed during the year and is therefore unable to observe the inventory count at the beginning of the year. • circumstances beyond the control of the enterprise or the auditor, e.g., destruction of the accounting records in a fire. • a limitation imposed or created by the enterprise, e.g., refusal to allow confirmation of certain accounts receivable balances; failure to maintain adequate accounting records. Reservations Depending on the underlying reason and the severity of the accounting or auditing problem, there are three different types of alternative reports that in the Auditor’s the auditor might issue. These departures from an unqualified report are Report known as reservations. They are as follows: 1. Qualified. If the auditor concludes that the overall financial statements present fairly, the auditor’s opinion may be qualified for a departure from GAAP with material consequences or for a scope limitation. In a qualified report, the reader is informed of the event or item and its effects by the phrase “except for . . .” in the opinion paragraph. 2. Adverse. In the opinion paragraph, the auditor briefly describes the circumstances and states that “these financial statements do not present fairly” in accordance with GAAP. In this case, the departure from GAAP is so significant that in the auditor’s opinion, the overall financial statements may not be fairly presented. 3. Denial. When issuing a denial, the auditor states that he or she “is unable to express an opinion” on the financial statements because of a lack of sufficient appropriate evidence to form an opinion on Chapter 2 An Overview of Financial Statement Auditing 59 the overall financial statements. In this case, the scope limitation is so significant that the overall financial statements may not be fairly presented. The choice of which audit report to issue depends on the condition and the materiality of the departure (see Figure 2–5). Reservations in the auditor’s report and the effect of materiality are discussed in more detail in Chapter 17. REVIEW QUESTIONS [LO 1] 2-1 What is the objective of the CICA in establishing “Standards for As- surance Services”?  2-2 List the three categories of GAAS.  2-3 Why are objectivity and independence such important standards for auditors? How do objectivity and independence relate to the agency relationship between owners and managers?  2-4 The auditor normally uses GAAP as a benchmark to measure man- agement’s reporting of economic activity and events. The auditor’s report states that “the financial statements . . . present fairly . . . in accordance with generally accepted accounting principles.” In making this statement, what judgements does the auditor make concerning GAAP?  2-5 How do management assertions relate to the financial statements? To audit objectives? [6,7] 2-6 What is meant by client business risk, and why is it important for the auditor to properly assess this risk?  2-7 Define materiality. How is this concept reflected in the auditor’s report?  2-8 Define audit risk. How is this concept reflected in the auditor’s report?  2-9 Describe what is meant by the relevance and reliability of audit evidence.  2-10 Briefly describe why on most audit engagements an auditor tests only a sample of transactions that occurred.  2-11 What types of inquiries about a prospective client should an audi- tor make to third parties?  2-12 What is the purpose of the fourth reporting standard?  2-13 Identify the elements of the auditor’s standard unqualified report.  2-14 What three important facts are contained in the introductory para- graph of the standard unqualified audit report?  2-15 What is the significance of the audit report date? MULTIPLE-CHOICE QUESTIONS FROM PROFESSIONAL EXAMINATIONS Unless otherwise indicated, these multiple-choice questions were adapted from the CPA examinations, courtesy of the American Institute of Certified Public Accountants.  2-16 Which of the following best describes what is meant by the term generally accepted auditing standards? 60 Part I Introduction to Auditing and Assurance Services a. Procedures to be used to gather evidence to support financial statements. b. Measures of the quality of the auditor’s performance. c. Pronouncements issued by the Auditing and Assurance Stan- dards Board. d. Rules acknowledged by the accounting profession because of their universal application.  2-17 The general standard states that due care is to be exercised in the performance of an examination. This standard means that a CA who undertakes an engagement assumes a duty to perform each audit a. As a professional possessing the degree of skill commonly pos- sessed by others in the field. b. In conformity with generally accepted accounting principles. c. With reasonable diligence and without fault or error. d. To the satisfaction of governmental agencies and investors who rely upon the audit.  2-18 Which of the following is not required by the generally accepted auditing standard that states that due professional care is to be ex- ercised in the performance of the examination? a. Observance of the standards of field work and reporting. b. Critical review of the audit work performed at every level of supervision. c. The degree of skill commonly possessed by others in the profession. d. Responsibility for losses because of errors of judgement.  2-19 To exercise due professional care, an auditor should a. Attain the proper balance of professional experience and formal education. b. Design the audit to detect all instances of illegal acts. c. Critically review the judgement exercised by those assisting in the audit. d. Examine all available corroborating evidence supporting man- agement’s assertions.  2-20 What is the general character of the three generally accepted audit- ing standards classified as examination standards? a. The competence, independence, and professional care of per- sons performing the audit. b. Criteria for the content of the auditor’s report on financial state- ments and related footnote disclosures. c. Criteria for audit planning and evidence gathering. d. The need to maintain an independence of mental attitude in all matters relating to the audit. [6,7] 2-21 Prior to beginning the field work on a new audit engagement in which a CA does not possess expertise in the industry in which the client operates, the CA should a. Reduce audit risk by lowering the preliminary levels of materiality. b. Design special substantive tests to compensate for the lack of in- dustry expertise. c. Engage financial experts who are familiar with the nature of the industry. d. Obtain a knowledge of matters that relate to the nature of the entity’s business. Chapter 2 An Overview of Financial Statement Auditing 61  2-22 Before accepting an audit engagement, a successor auditor should make specific inquiries of the predecessor auditor regarding the predecessor’s a. Awareness of the consistency in the application of generally ac- cepted accounting principles between periods. b. Evaluation of all matters of continuing accounting significance. c. Opinion of any subsequent events occurring since the predeces- sor’s audit report was issued. d. Understanding as to the reasons for the change of auditors.  2-23 The auditor’s report should be dated as of the date on which the a. Report is delivered to the client. b. Field work is completed. c. Fiscal period under audit ends. d. Review of the working papers is completed.  2-24 An auditor’s responsibility to express an opinion on the financial statements is a. Implicitly represented in the auditor’s standard report. b. Explicitly represented in the opening paragraph of the auditor’s standard report. c. Explicitly represented in the scope paragraph of the auditor’s standard report. d. Explicitly represented in the opinion paragraph of the auditor’s standard report. [4,10] 2-25 For an entity’s financial statements to be presented fairly in accor- dance with generally accepted accounting principles, the principles selected should a. Be applied on a basis consistent with those followed in the prior year. b. Be approved by the Auditing Standards Board. c. Reflect transactions in a manner that presents the financial statements within a range of acceptable limits. d. Match the principles used by most other entities within the enti- ty’s particular industry.  2-26 An auditor may not issue a qualified opinion when a. A scope limitation prevents the auditor from completing an im- portant audit procedure. b. The auditor’s report refers to the work of a specialist. c. An accounting principle at variance with generally accepted ac- counting principles is used. d. The auditor lacks independence with respect to the audited entity. [4,10] 2-27 The management of Hill Company has decided not to account for a material transaction in accordance with GAAP. In setting forth its reasons in a note to the financial statements, management has argued that due to unusual circumstances the financial state- ments presented in accordance with GAAP would be misleading. The auditor does not agree with management’s treatment. The au- ditor’s report should contain a(n) a. Qualified opinion. b. Denial. c. Adverse opinion. d. Unqualified opinion with a separate explanatory paragraph. 62 Part I Introduction to Auditing and Assurance Services  2-28 Analysis is a technique that is often used in the planning phase of an audit. In what other phases of the audit could the auditor use analysis? a. The testing phase. b. The final review phase. c. Analysis can be used in all phases of the audit. d. Analysis is not useful in any other phase of the audit. (CGA-Canada, adapted))  2-29 The use of standardized wording has been the subject of consider- able debate among auditors. Which of the following is the strongest argument in favour of using standardized wording? a. It facilitates the international harmonization of auditing stan- dards. b. Standardized wording is not confusing to readers of the audi- tor’s report. c. It is more informative than a non-flexible standard. d. The type of opinion is less likely to be misinterpreted by readers when standardized wording is used. ( CGA-Canada, adapted) PROBLEMS  2-30 Sheri Shannon was recently hired by the CA firm of Honson & Hansen. Within two weeks, Sheri was sent to the first-year staff training course. The instructor asked her to prepare answers for the following questions: a. How is audit evidence defined? b. How does evidence relate to assertions or audit objectives, and to the audit report? c. What characteristics of evidence should an auditor be con- cerned with when searching for and evaluating evidence?  2-31 John Josephs, an audit manager for Tip, Acanoe, & Tylerto, was asked to speak at a dinner meeting of the local Small Business Ad- ministration Association. The president of the association has sug- gested that he talk about the various phases of the audit process. John has asked you, his trusted assistant, to prepare an outline for his speech. He suggests that you answer the following: a. List and describe the various phases of an audit. b. Describe how the results of work completed in certain phases provide feedback to earlier completed phases. Give an example. c. One of the phases involves understanding an entity’s internal control. Why might the members of the association be particu- larly interested in the work conducted by auditors in this phase of the audit?  2-32 The auditor’s standard report consists of an “introductory” para- graph describing the financial statements and management and auditor responsibilities; a “scope” paragraph describing the nature of the examination; and an “opinion” paragraph expressing the au- Chapter 2 An Overview of Financial Statement Auditing 63 ditor’s opinion. In some circumstances the auditor’s standard re- port is modified by changing the wording of one or more of the paragraphs included in the report and/or adding one or more ex- planatory paragraphs. For this question, assume the auditor is independent and has ex- pressed an unqualified opinion on the prior year’s financial state- ments. Required: Identify the circumstances necessitating modification of the audi- tor’s standard report. For each circumstance, indicate the type of opinion that would be appropriate. Organize the answer as indi- cated in the following example: Circumstances Types of Opinion 1. The financial statements are materially 1. The auditor should express a qualified affected by a departure from generally opinion or an adverse opinion. accepted accounting principles.  2-33 The following auditors’ report was drafted by Moore, a staff ac- countant of Tyler & Tyler, CAs, at the completion of the audit of the financial statements of Park Publishing Company, Inc., for the year ended September 30, 2003. The report was submitted to the engagement partner, who reviewed the audit working papers and properly concluded that an unqualified opinion should be issued. In drafting the report, Moore knew that Tyler & Tyler had previ- ously audited the financial statements for the year ended Septem- ber 30, 2002, and expressed an unqualified opinion. Independent Auditor’s Report To the Board of Directors of Park Publishing Company, Inc.: We have audited the accompanying balance sheet of Park Publishing Company, Inc., as of September 30, 2003, and the related statements of income and cash flows for the year ended then. These financial state- ments are the responsibility of the company’s management. We conducted our audits in accordance with generally accepted au- diting standards. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are fairly presented. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the finan- cial statements. An audit also includes assessing significant estimates made by management, as well as evaluating the overall financial state- ment presentation. We believe that our audits provide a basis for de- termining whether any material modifications should be made to the accompanying financial statements. In our opinion, the financial statements referred to above present fairly, in all material respects, the financial position of Park Publish- ing Company, Inc., as of September 30, 2003, and the results of its op- erations and its cash flows for the year then ended in conformity with generally accepted accounting principles. Tyler & Tyler, CAs November 5, 2003 64 Part I Introduction to Auditing and Assurance Services Required: Identify the deficiencies in the auditors’ report as drafted by Moore. Group the deficiencies by paragraph and in the order in which the deficiencies appear. Do not redraft the report. (AICPA, adapted)  2-34 Dale Baker, the owner of a small electronics firm, asked Sally Smith, CA, to conduct an audit of the company’s records. Baker told Smith that the audit was to be completed in time to submit audited financial statements to a bank as part of a loan applica- tion. Smith immediately accepted the engagement and agreed to provide an auditor’s report within one month. Baker agreed to pay Smith her normal audit fee plus a percentage of the loan if it was granted. Smith hired two recent accounting graduates to conduct the audit and spent several hours telling them exactly what to do. She told the new hires not to spend time reviewing the internal con- trol but instead to concentrate on proving the mathematical accu- racy of the general and subsidiary ledgers and summarizing the data in the accounting records that supported Baker’s financial statements. The new hires followed Smith’s instructions, and after two weeks gave Smith the financial statements excluding footnotes. Smith reviewed the statements and prepared an un- qualified auditor’s report. The report, however, did not refer to generally accepted accounting principles. Additionally, no audit procedures were conducted to verify the year-to-year application of such principles. Required: Briefly describe each of the generally accepted auditing standards and indicate how the action(s) of Smith resulted in a failure to comply with each generally accepted auditing standard. (AICPA, adapted) [1,2,6,8] 2-35 The role of the auditor is changing. Increasingly, financial state- ment users want more from auditors that just a GAAS audit of GAAP financial statements. They want assurances as to whether an enterprise has met its stated corporate and social objectives, complied with codes of conduct, and used its resources effec- tively. Required: Discuss the implications for external auditors of expanding the au- ditor’s role to include the kind of assurances identified above. (ICABC, adapted) [7,8,9] 2-36 It has been stated that “internal and external auditors serve differ- ent clients and operate from different perspectives. With mutual understanding and discussion they can make allowances for their differences and realize their potential for reliance.” Chapter 2 An Overview of Financial Statement Auditing 65 Required: a. Analyze the above statement, pointing out areas of agreement and disagreement. b. An entity’s internal auditors often provide assistance to the ex- ternal auditors in the annual financial statement audit. Given that the competence and independence of the internal auditors has been established, what kinds of matters should the internal and external auditors discuss prior to the internal auditors com- mencing work? Why? (ICABC, adapted)  2-37 For each of the following independent situations, identify whether it is an accounting (GAAP) problem or auditing (scope) problem, the specific type of problem and the appropriate form of reserva- tion in the auditor’s report. a. The client has stated that since the market value of its main of- fice building is increasing, they are not going to record deprecia- tion on it. b. The client has ceased to consolidate the financial statements of its majority-owned subsidiaries. The company argues that since there are substantial (but not controlling) minority interests, it is appropriate to account for these results under the cost method. c. The auditor was appointed on July 25 of the fiscal year (fiscal year-end December 31) under audit. Last year the client did not have audited financial statements. The auditor is able to verify all components of the year’s fiscal operations except for the value of opening inventory. d. The client has requested the auditor not to confirm certain ac- counts receivable with the client’s customers because they are afraid of damaging customer relations, which were strained by a recent computer error resulting in double and triple billing of some accounts. The error has now been rectified but not before it caused some bad business feelings between the client and some customers. e. The auditor has found serious deficiencies in the client’s ac- counting records, specifically the client’s system of internal con- trol. f. As a result of communicating with the client’s lawyer, the audi- tor has become aware of a pending product liability lawsuit against the client. The client claims the suit has no foundation and has not disclosed it in their financial statements. g. The client is a manufacturer of computer components. Due to technological advances, a competitor has developed a superior version of one of the products that the company sells and, in the auditor’s opinion, a portion of their inventory has been made obsolete. The client does not agree and has not written down the value of inventory. 66 Part I Introduction to Auditing and Assurance Services DISCUSSION CASES [4,10] 2-38 The opinion paragraph of the standard auditor’s report uses the phrase “present fairly in accordance with Canadian GAAP.” How- ever, the idea that following GAAP produces fairness in reporting has been questioned by some. The Handbook recognizes this po- tential dilemma by stating “the auditor should exercise profes- sional judgement as to the appropriateness of the selection and ap- plication of principles to the particular circumstances of an entity and as to the overall effect on the financial statements of separate decisions made in their preparation.” Required: a. Provide examples of circumstances that you feel might cause a conflict between reporting according to GAAP and fair presenta- tion. b. What other sources of information might the auditor consult in attempting to resolve this conflict. (CICA, adapted) [1,5,8,10] 2-39 It has been suggested that the audit report of future years might look something like the following: The accompanying balance sheet of XYZ Company as of December 31, 2003 and the related statements of earnings, retained earnings, and cash flows for the year then ended, including the notes, were prepared by XYZ Company’s management, as explained in the re- port by management. In our opinion, those financial statements, in all material re- spects, present the financial position of XYZ Company as at De- cember 31, 2003 and the results of its operations and changes in fi- nancial position for the year then ended in accordance with Canadian generally accepted accounting principles appropriate in the circumstances. We audited the financial statements and the accounting records and documents supporting them in accordance with generally ac- cepted auditing standards. Our audit included a study and evalua- tion of the company’s accounting system and the controls over it. We obtained sufficient evidence through a sample of the transac- tions and other events reflected in the financial statement amounts and analysis of the information presented in the statements. We believe our auditing procedures were adequate in the circum- stances to support our opinion. Based on our study and evaluation of the accounting system and the controls over it, we concur with the description of the system and controls in the report by management. Nevertheless, in the performance of most control procedures, errors can result from personal factors. Also, control procedures can be circumvented by collusion or overridden. Furthermore, projection of any evaluation of internal accounting control to future periods is subject to the risk that changes may cause procedures to become inadequate and the degree of compliance with them to deteriorate. Chapter 2 An Overview of Financial Statement Auditing 67 We reviewed the information appearing in the annual report other than the financial statements, compared it to the statements, and found no material disagreement between them. We reviewed the process used by the company to prepare the quarterly information released during the year. Our reviews were conducted each quarter (or times as explained). (Any other infor- mation reviewed such as replacement cost data would be identified here also.) Our reviews consisted primarily of enquiries of manage- ment, analysis of financial information, and comparisons of that information to information and knowledge about the company ob- tained during our audits and were based on our reliance on the company’s internal control system. Any adjustments or additional disclosures that we recommended have been reflected in the infor- mation. We reviewed the company’s policy statement on employee con- duct described in the report by management, and reviewed and tested the related controls and internal audit procedures. While no controls or procedures can prevent or detect all individual miscon- duct, we believe the controls and internal audit procedures have been appropriately designed and applied. We met with the audit committee of XYZ Company sufficiently often to inform it of the scope of our audit and to discuss any sig- nificant accounting or auditing problems encountered and any other services provided to the company. Test, Check & Co. Chartered Accountants Canada, March 1, 2004 Required: Contained in the above audit report is an implied level of responsi- bility for auditors and/or an implied duty to report the discharge of that responsibility different from that presently existing for audi- tors in Canada. Discuss. Do you agree or disagree with such an expanded style of report? Explain your position. (CICA, adapted) INTERNET ASSIGNMENTS 2-40 Visit EarthWear Clothiers’ website (www.mcgrawhill.ca/college/ messier/earthwear) and become familiar with the type of informa- tion contained there. 2-41 Willis & Adams are the auditors of EarthWear. Visit Willis & Adams’ website (www.mcgrawhill.ca/college/messier/willisandadams) and become familiar with the information contained there. 2-42 Use an Internet search engine to do the following: a. Visit the websites of Rogers Communications (www.rogers.ca) (listed on the TSE), Microsoft (www.microsoft.com) (listed on NASDAQ), and Nortel (www.nortel.com) (cross-listed on both the TSE and NASDAQ) and review their financial statements, 68 Part I Introduction to Auditing and Assurance Services including auditors’ reports. Prepare a brief analysis of their sim- ilarities and differences. b. Search for the website of a non-Canadian company and review its financial statements, including its auditor’s report. For exam- ple, BMW’s website (www.bmw.com) allows a visitor to down- load the financial statements as a pdf file. The auditor’s report on BMW’s financial statements is based on German auditing standards. c. Compare the standard Canadian report with the audit report for the non-Canadian company from part (b). Prepare a brief analy- sis of their similarities and differences.