Audit Midterm Notes

17 Pages
Unlock Document

University of Waterloo
Accounting & Financial Management
AFM 201
Gary Baker

AFM 201- Midterm Notes Chapter 1: Intro to Auditing  Without effective audits modern capital markets cannot fulfill their roles , if you don’t control earnings management ( manipulation of financial info ) by auditing then the market has no real value  Auditing is the verification of information by someone else not providing it  Auditors help minimize information risk and help provide assurance to stakeholders  Auditors are key to the investment decision making process  Auditors are an independent party – three party accountability - auditors are the first party, seller is the second party ( management) and investors ( shareholders) are the third party  This accountability is not determined by who pays the fee, the client is ultimately always the shareholders even if management pays the fees for the engagement  Management is accountable to users to be fair and provide services, while auditors are accountable to users to audit and verify the info provided by management  Auditors do not produce financial reports they only provide assurance that the financial statements are presented fairly , they avoid producing them in order to stay independent and keep the three party accountability  The difference between accounting and auditing is that accountants perform financial reporting tasks while auditors only verify and provide assurance  Auditors require professional judgment as the standards they face are not black and white rules but rather principles , therefore they need to use their knowledge and ethical standards when making decisions regarding what procedures to perform or what materiality should be  Auditing has the objective of expressing whether the reports have been created in accordance to GAAP in all material respects  Information risk- possible failure of the financial statements to reflect business activities , also the risk that the statements are materially misleading, could be misleading due to accounting or audit risk  Materiality a misstatement that would affect the decision making of the user  There are two major types of risk ; accounting risk and auditing risk , accounting risk is the possibility of there being errors within the financial statements , when using forecasting or abiding by GAAP, audit risk is the possibility of not having enough evidence to express an opinion on management’s assertions  Sarbanes-Oxley-Act ; a law put in place by the Public company oversight board to increase the oversight of auditors and to punish wrong doers , essentially auditor of the auditor, has increased the monitoring of the profession and made it less self regulating  Corporate governance – how well a company operates in the interest of its shareholders and stakeholders  Internal auditing was created in order to improve the way an organization operates  Performance management auditing – studying business operations to make recommendations to increase effectiveness of resources  Independence is key in order to remain unbiased and objective especially when dealing with internal auditors  The goal of operational auditing is to help managers improve profitability  Value for money audits , finding out if your money is going towards what you paid for , usually dealing with public sector (government)  Comprehensive governmental auditing involves compliance auditing ( adhering to regulations and standards ), value for money auditing , and financial statement audits  Regulatory auditors – specialize in detecting fraud and tax evasion ,by auditing tax returns  Fraud an attempt by one party to deceive someone for gain  Fraud auditing is a proactive approach to detecting fraud  Forensic accounting – involves fraud auditing and accounting skills during investigation of legal issues  The Ontario securities commissions monitors accounting and auditing standards set by the CICA as well as those newly proposed , also publishes results of the monitoring program, filing complaints to committees also has representation on CICA boards Chapter 2: Audit, Assurance and Quality control standards  Practice standards are general guidelines of professional work there are four sets ; Generally accepted Auditing standards, assurance standards, general standards of quality control , and quality control standards as reflected by peers.  Generally Accepted auditing standards indentify the objectives and key principles of the financial statement audit , each standard provides new definitions and requirements for meeting the objective p31 includes examination and reporting standards  Objective of an audit to express an opinion of whether the F/S are prepared in all material respects done by exhibiting professional skepticism , and planning audits and conducting in accordance to Canadian Audit Standards  Auditing standards are audit quality recommendations that stay constant over time and for all audit engagements , while procedures vary with each engagement and judgment is taken into consideration when deciding when to apply them  Professional ethics requires competence, objectivity, and due professional care.  Competence is being able to do an audit in terms of education and experience level  Objectivity- auditors must remain unbiased and independent  Due professional care – being persistent and doing your job well by thoroughly investigating irregularities  Examination Standards (PLAN, UNDERSTAND, EVIDENCE)  1. Conduct of an audit of F/S- must comply with Canadian Audit Standards and Canadian Audit Practice Statements  2. Scope of an audit – professional judgment must be applied when deciding how many procedures to perform ,also in accordance with materiality level set  3. Reasonable assurance- low levels of error , 95% assurance is most common  4. Audit risk and materiality – risk facing auditors in expressing the wrong opinion , failure to detect material misstatements due to lack of evidence  5. Planning and supervision – have an audit program ( listing of procedures that will be performed ) as well as have an understanding of how auditee’s business works  Internal control assessment – being able to access the control risk of the auditee by understanding their internal control system  Sufficient appropriate evidential matter- having enough evidence that is reliable and relevant  Reporting Standards??  Two implicit elements of an audit report , if all necessary info has been disclosed , if the accounting principles of the auditee are consistent from year to year  There are four types of opinions that an auditor can express on the F/S , adverse ( qualified opinion ,not good) , unqualified opinion ( good) , or a disclaimer of opinion ( no opinion , done when audit risk is too high and not enough evidence can be gathered to express an opinion )  Professional skepticism – tendency for an auditor to not believe management assertions until enough evidence backs them up , find a balance between not trusting everything because you don’t have enough time to prove everything  Assurance standards – are very similar to audit standards , in that they require the auditor to be objective and independent , as well as to plan for the audit and gather sufficient evidence  the difference being in the competence of the auditor and internal control and reporting  Assurance standards require the auditor to have knowledge of the subject matter of the audit not necessarily of the auditee business  Also assurance standards required no understanding of the internal control systems  when reporting according to assurance standards GAAPS are not mentioned rather suitable criteria  GAAS were written first but now assurance standards are the point of departure , since assurance standards can be relevant to both financial and non financial data  Quality Control Standards are standards that the PA firm practices as a whole when evaluating other companies and their compliance with GAAS and the CICA handbook help them remain independent and objective  The international federation of accountants- has 4 elements to quality control :  1.Quality control standards should be practiced at firm and audit level  2.Implement policies to ensure compliance with ISA  3.Policies are communicated to personnel in a way that they will understand  4.Policies should be implemented in each individual audit  Quality control as accepted by peers  Audit of the auditors ;  practice inspections – audit files and other documents are reviewed by an external party to check if firm is in accordance to CICA and professional ethics ( of only certain individuals or at the firm level )done by the government  Peer reviews- another firm reviews the compliance of quality control standards, type of practice review  Quality inspections – overall review of the firm not its individuals , requires review of its quality control document and interviews with audit personnel , performed by accountability boards Chapter 6: Basic Auditing Concepts and Techniques  Materiality the largest uncorrected dollar misstatement that might exist in the financial statements while still presenting fairly and not altering any decision making ( both qualitative and quantitative ) , it is determined by the user base and the business risk facing the auditee  Performance materiality – a smaller amount than materiality left aside to be used identifying and assessing risks and determining what audit procedures should be done  Quantitative materiality – ( earnings management) if an error makes a change in earnings, hides a failure in meeting analysts forecasts, changes a loss to a profit, effects regulators standards, involves fraud, increases management compensation  Common rules of thumb to determine if a mistake is quantitatively material , if the error is 5to 10 percent of income, 5to 10 percent of net income before bonuses , or based on the industry ( non profit ½%- 2% of expenses) , mutual fund ½%-2% of net asset value, and real estate 1% of revenue  an error could be material just due to its size ( absolute size , large dollar amounts missed by management , relative size a misstatement judged on the size relative to a base #, some accounts will have lower materiality than the overall materiality for the engagement  qualitative factors – user related factors( user’s needs), nature of the item ( what did the error do , increase or decrease income , did it help meet expectations), circumstances ( smaller materiality for public companies since info needs to be highly depended on therefore needs to be accurate)  management assertions - what management say they have on the financial statements , the assertions need to be proven by :  1. Existence ( of inventory , and a/R) , requires that the transactions are valid and actually occurred  2. Completeness , that all accounts that should be in the f/s are there , cut off ( influences existence and completeness since some transaction s are processed after year end)  3. Ownership ( rights and obligation ) , ( whether the company has rights to assets or obligations for liabilities )  4. Valuation ( allocation , measurement) , have proper estimates been done , D/A, value of assets  5. Presentation ( disclosure , classification ) have all the accounts been classified correctly  Compliance – have they met all the laws and regulations  The assertions are the focus of the audit they are useful in planning , as well as to figure out the cost level of the procedures related to each assertion, risk level determines the extent to which the procedures are applied Chapter 7: Assessing Risk and Internal Control  Inherent risk – the probability that material misstatements have occurred in transactions within the accounting system , or errors in account balances, can’t be equal to zero , can’t be controlled by the auditor  Control risk - the probability that the auditee’s internal control will not catch an error , cant be controlled by the auditor  the risk of material misstatement combines both inherent risk and control risk , done together it means the risk that there will be a mistake and that it won’t be caught by internal control  Detection risk – the risk that any errors that have occurred will not be caught by the auditor , the auditor is responsible for lowering this risk by performing evidence gathering procedures  In order to lower the detection risks the auditors perform substantive ( direct ) basements of the auditee accounting procedures, testing the details of transactions and the analytical procedures to produce circumstantial evidence  Audit risk –the probability that the auditor will fail to express a reservation that the financial statements are materially misstated , this occurs when not enough evidence is gathered  Notice the difference between detection and audit risk , one is the risk of expressing the wrong opinion , the other is of not catching material misstatements  The audit risk model : AR = IR X CR x DR  The audit fails when a mistake fails to be caught by management and auditors  Audit assurance is 1-AR, this is the probability of expressing the right opinion  Internal control – is defined as the process designed , implemented, and maintained by management to provide assurance of the efficiency and effectiveness of operations  Components of internal control  1. Control environment – management’s attitudes towards the company’s internal control , whether they find it important / enforce them , what the company culture is , how ethical they are , can be preventive or corrective  2. Management’s risk assessment process- used to identify the risk when preparing f/s ,risk is influenced by personnel changes, structural changes and new accounting procedures  3. Information systems- how information is relayed, processed and stored within the company , in turn how these systems are used to make decisions  4. Control activities – two broad based groups ; general controls and application controls , both aim to detect and correct errors , general controls are generally preventive such as segregation of duties, hiring competent personnel , application controls on the other hand ensure that transactions and account balances are accurate , examples include authorization of checks prior to data entry and checking accuracy of records  5. Monitoring of controls – checking if controls are working, reviews of compliance with policies, correcting any controls that are not effective  Control activities are the most relevant to auditors where as control environment , management risk , info systems and monitoring controls are management controls that operate at the company level and have a big impact on whether objectives are met  Auditor needs knowledge of the internal control system in order to gauge the risk of material misstatements this knowledge is obtained through enquiries ( questionnaire) gaining knowledge on the flow of transactions  Which tells auditors info on : organizational structure , how auditee committee communicates authority , how they supervise accounting systems and also general info on accounting systems p.160-161 Chapter 8: Audit Evidence and assurance  Auditors obtain evidence by recalculating, observation , confirmation , enquiry , inspection and analysis  Recalculation – is redoing calculations already performed by auditee personnel , helps prove existence and valuation to the control procedures of the company redoing them to see their effectiveness  Observation – watching how personnel perform procedures , weak to reflect performance over long periods of time since they will do things well when watched  External confirmation – written enquiry to verify A/R , helps prove existence , ownership , valuation and cut off , used for banks , lenders, vendors , leasors , must be printed , mailed and received by the auditor no contact with auditee to avoid altering info by the auditee  can be positive or negative confirmations , positive requires a response even if account is right and negative only if the account balance is wrong  enquiry – asking questions to management about their procedures or assertions done orally , consistent responses by various staff increases reliability of answers  also requires management to sign a representation letter acknowledging important enquiries , requires sceptiscm and due care to be persistent and investigate inconsistencies  Inspection – looking at records and documents or assets with physical substance proves existence and valuation counting assets  When looking at documents some have more credibility than others such as official papers with seals signatures , engravings , bank statement , cancelled cheques ( documents prepared by external parties are the most credible)  Documents prepared internally for an audit are generally not reliable or authoritative they depend on the internal control procedures used to create them , they include sales invoices copies, shipping documents, transaction logs  Vouching – going back in time with a certain event / transaction to see if the recorded data is supported by source documents ( existence/ occurrence)  Tracing – selects source documents and goes forward in time , lets you know if all events were recorded ( completeness )  Scanning – looking for anything unusual , large cheques, debits in revenue account, this lowers the detection risk when using a sample since you can scan what you didn’t select , helps raise questions on what other evidence is needed to produce reassurance  Analysis – anything that doesn’t fit into the other categories , compare the f/s used to prove completeness , valuation and presentation similar to scanning more of a big picture comparing financial statement components not just the detailed records of a component , useful since it integrates evidence from a variety of sources and provides and independent way to gather evidence, compares internal data to external statistics , harder for management to manipulate  substantive procedures give direct evidence about financial amounts while risk and control tests are indirect evidence  Ways to gain evidence ; enquiry helps the auditor understand how the business works , previous audits( working papers) can also provide relevant info ; nature of organization , significant changes the firm has gone through and past misstatements , enquiry also helps the auditor fully understand the needs of the users , helps auditors decide/ set materiality  Observation can also help auditors gain an understating of the business by touring the plant / firm , getting to see day to day tasks, another way to gain more evidence is through researching data bases helps to analyze the company and the current economic conditions  Internal auditors are another source of info since they can help external auditors understand the company’s internal control and can also perform control or substantive tests under auditor supervision  If the auditee’s business is very specialized or the industry requires extensive knowledge that the auditor doesn’t posess then outside experts are hired , to help provide evidence for a particular assertion , they must remain independent and have proof of credentials  Appropriateness, The evidence that auditors gather in order to prove managements assertions must be relevant and reliable  For evidence to be relevant it must relate or prove at least one assertion , for it to be reliable it depends on the nature and source of the information  Most reliable : auditors own knowledge / evidence gained through recalculation and physical observation , independent external evidence ( confirmations) , External-internal evidence ( purchase orders , sales invoices , the reliability depends on the strength of the internal control of the auditee) , internal evidence produced by the audit ( transaction logs ,copies of documents) , analysis ( used to detect risk early on) , spoken and written evidence ( letter of representation , spoken word by management )  Sufficiency of evidence – must gather enough info that if someone else were to perform the audit they would reach the same conclusion , it depends on the audit engagement and the materiality standard and the scope and extent of it  Working Papers : their purpose is to aid in file reviews, practice and regulatory inspection s, or defend in law suits , they include a record of the auditor’s work , * they are the record of compliance of GAAS versus the audit report is record of the auditee’s compliance with GAAP  They provided valuable insight into the businesses’ risk areas , evidence relevant to current year’s financial statements and the general understanding of the business  Working papers are divided into three categories ; the permanent file ( which includes the long term info of the company , any excerpt from the company charter, continuing contracts, history of the company , schedules of accounts with continuing balances, meeting minutes on matter of long interest ), and the current file which includes administrative papers ( includes anything done early in the planning stages of the audit , such as the engagement letter , the results of analytical procedures and the initial assessments of materiality, audit plan , internal control questionnaire ) and evidence papers ( organized into sections usually balance sheet accounts , each section or account has a lead sheet that has the dollar amount reported on the F/S and the a summary of the procedures done that relate and back up the assertions made on the F/S ) relating to the audit of one year  The current audit evidence papers must show the auditors’ decision problems and conclusions , also they must record the assertions that were audited , evidence gathered about them and finally the conclusion on each assertion  * the working papers should indicate evidence that the audit work was planned and supervised, a description of the audit evidence obtained, evidence of the evaluation of misstatements, and copies of letters sent to auditee concerning audit matters ( done under GAAS)  In relation to the organization of the working papers they are expected to be ; indexed ( each paper is given an index number , so they can be taken out and put back in the proper place) , Cross-indexed( any related documents are cross listed so connections can be followed ) , heading( each paper has the name of the company , the period of the audit , and who created it auditee personnel , or auditor ) , Signatures and initial( the auditor who performs the work and the one who supervises it must sign the papers ) , date of audit work ( the date of the performance and of the review are recorded ) , Tick marks and explanations ( tick marks indicate that the work was performed, accompanied by an explanation of what was done) Chapter 9: Control Assessment and Testing  The purpose or objective of control procedures is to process transactions correctly this then produces accurate account balance which then produces accurate assertions of the F/S  There are seven control objectives ; validity – making sure all transactions that should be recorded are recorded and they exist ,( no false transactions) done by matching journal entries to documents ( vouching ) , completeness – ensuring valid transactions are not missing from records , matching documents to entries ( tracing) , authorization –ensuring that transactions are approved before they are recorded ( done for credit sales over a certain amount) , accuracy – all dollar amounts are calculated correctly , recalculating the quantities invoices to make sure they match up , classification – charged to the right account / customers ( capitalized or expensed ) , accounting – following GAAP , proper period- counting transactions in the period that they occurred ( keeping in mind cut off)  Each objective relates to one or more assertion : Control Existence Completeness Valuation Ownership Presentation Objective and Disclosure Validity X X Completeness X X Authorization X X X Accuracy X Classification X X Accounting X Proper Period X X  An assertion can have low or hig
More Less

Related notes for AFM 201

Log In


Don't have an account?

Join OneClass

Access over 10 million pages of study
documents for 1.3 million courses.

Sign up

Join to view


By registering, I agree to the Terms and Privacy Policies
Already have an account?
Just a few more details

So we can recommend you notes for your school.

Reset Password

Please enter below the email address you registered with and we will send you a link to reset your password.

Add your courses

Get notes from the top students in your class.