Auditing Exam #1
What is the difference between factual, judgmental, and projected misstatements?
"Factual misstatements These are misstatements about which there is no doubt. For example, an auditor may test a sales invoice and determine that the prices applied to the products ordered are incorrect. Once the products are correctly priced, the amount of misstatement is known. In such cases, the auditor knows the exact amount of the misstatement. Judgmental misstatements These are misstatements that arise from the judgments of management, including those concerning recognition, measurement, presentation, and disclosure in the financial statements (including the selection or application of accounting policies) that the auditor considers unreasonable or inappropriate. Projected misstatements These are the auditor's best estimate of misstatements in populations, involving the projection of misstatements identified in an audit sample to the entire population from which the sample was drawn. page 109 "
List four factors that would cause the auditor to use a lower percentage for establishing tolerable misstatement
high risk of misstatement within the account balance, class of transaction, or disclosure.increased number of accounting issues that require significant judgement and/or more estimates with high estimation uncertainty.a history of material weaknesses, significant deficiencies, and/or a high number of deficiencies in internal control.high turnover of senior management or key financial reporting personnel.
While net income before taxes is frequently used for calculating overall materiality, discuss circumstances when total assets or revenues might be better bases for calculating overall materiality.
if pretax income is not stable or entity is close to breaking even or experiencing a loss
When will the assessment of internal control be more thorough?
if the client is a public company because the auditor is required to report on both the company's internal control over financial reporting and the company's financial statements
What are two examples of fraud in terms of financial statement and misappropriation of assets?
improper revenue recognition concealment of expenses or liabilities stealing cash, physical property or assets paying for goods not received
What do supervising activities consist of?
inform the engagement team members of their responsibilities direct members to bring significant accounting and auditing issues to the attention of the partner review the work
What negative consequences could information asymmetry have for the absentee owner? How do the perspectives and motives of the manager and absentee owner differ?
information asymmetry is when a day to day manager knows more about the financial position then the actual owner. Negative consequences could be conflict of interest- manager has self interest as well as the owner so goals do not coincide and can lead to information risk information risk is what happens when the information is manipulated and is fabricated
Explain the relationship between sample size and materiality and sample size and desired level of assurance.
inverse- smaller materiality percentage requires more samples to be more precise and look for more errors direct- desired level increases the sample size necessary to test becomes greater
What is the nature and purpose of a "letter of representations"? comment on the quality or strength of the audit evidence yielded by a letter of representations.
necessary to make management teams accountable for the audit evidence and documentation that they present to their auditors when they are testing the reliability of the information on the financial statements. duty of an auditor to trust their client so that they do not offend them but to verify everything thatis claimed. Thus, an auditor must perform professional skepticism.
Discuss the scope and nature of an auditor's responsibility during a review of a client's quarterly financial statements.
"The objective of a review of interim financial information is to provide the accountant with a basis for communicating whether he or she is aware of any material modifications that should be made to the interim financial information for it to conform with generally accepted accounting principles. conformity with generally accepted accounting principles. A review consists principally of performing analytical procedures and making inquiries of persons responsible for financial and accounting matters." -A change in expense accrual estimating methodology as described in the case does have a material impact on reported financials and under Generally Accepted Accounting Principles (GAAP) the change should be disclosed along with supplemental information detailing the impact of the change and the reason for the change.
At the assertion level audit risk consists of:
"The risk that the relevant assertions related to the class of transaction, account balance, or disclosure contain misstatements that could be material to the financial statements (risk of material misstatement). The risk that the auditor will not detect such misstatements (detection risk)." so basically audit risk is just when the fs contain errors and the auditor fails to detect the errors
Explain what it means by a low AR, High RMM, and a Low DR. What happens if AR is low, RMM is low, and DR is high?
"the auditor has determined that a very low level of audit risk is appropriate for this account because of its importance to the financial statements. The auditor has assessed the risk of material misstatement as high, indicating that there is a high risk of a material misstatement that was not prevented, or detected and corrected, by the internal control system. The auditor would then set detection risk as low. A low assessment for detection risk implies that the auditor will conduct a more careful or thorough investigation of this account than if the assessment of detection risk were high." there is a low chance that there is material misstatement in the financial statements and as a result the auditor needs to gather less evidence so detection risk would be higher. (risk that the procedures will not detect misstatements)
In setting audit risk, what are the four factors that an auditor needs to take into consideration when determining engagement or business risk?
# of financial users integrity of management industry characteristics health of the company
What are examples of restrictions imposed by AICPA for nonattest services?
-Authorizing, executing or consummating a transaction on behalf of entity -Preparing source documents evidencing the occurrence of a transaction -Having custody of entity assets -Supervising the entity's employees -Determining which recommendations of the member should be implemented -Establishing or maintaining internal controls
What are tolerable misstatements and what is their purpose?
-The amount or amounts that reduce to an appropriately low level the probability that the total of uncorrected and undetected misstatements would result in a material misstatement of the financial statements -Establish a scope for the audit procedures over individual account balances -Audit all account balances over the threshold -Assumption is errors in any account below threshold would not generate misstatements that would result in a material misstatement -Serves as a "safety net" •Typically, 50% to 75% of overall materiality depending on risk
What are the 6 principles of professional conduct?
1. Responsibilities 2. The Public Interest 3. Integrity 4. Objectivity and Independence 5. Due Care 6. Scope and Nature of Services
What 9 things did SOX accomplish? What does PCAOB do?
1. created PCAOB : firms must register, set auditing standards, conduct inspections 2. non-audit services are severely limited : no consulting or management but tax services are okay 3. second partner approval for audits 4. audit partner rotation every 5 years 5. ceo, cfo, controller cannot have been employed by the company's audit firm with a one-year period proceeding audit 6. management must assess internal controls 7. ceo and cfo certify disclosures with penalties 8. required audit on internal control effectiveness (ICFR) 9. committee must be independent
What are all of the responsibilities listed under the professional conduct?
1. responsibilities- exercise moral judgement in all activities 2. public interest 3. integrity 4. objectivity and independence 5. due care 6. scope and nature of services- observe the code of conduct when performing services
What are the three basic principles of auditor objectivity and independence that the SEC rules?
1.An auditor should not audit his or her own work 2.An auditor should not function in the role of management 3.An auditor should not serve in an advocacy role for the entity, and 4.An auditor should not have a mutual or conflicting interest with an audit client -Bookkeeping; financial information systems design and implementation; appraisal or valuation services; actuarial services; internal audit outsourcing services; management functions or human resources; broker or dealer, investment advisor, or investment banking services; legal services; expert services
What does an audit committee consist of?
3 to 6 members of independent outside directors that can not accept any consulting or advisory and can not be affiliated must contain 1 member with financial expertise (education, understanding of GAAP, typically retired audit members etc)
When must an auditor be independent (aside from all the time lol) ?
for all attestation services - financial statement audits -financial statement reviews if you are a covered member
What are the three steps involved in the auditor's use of the audit risk model at the assertion level?
set the planned level of audit risk assess the risk of material misstatement determine the appropriate level of detection risk
"What types of personal loans from a financial institution are allowed by the Rules of Conduct? What is meant by normal lending procedures, terms, and requirements within this context? "
Automobile loans and leases collateralized by the automobile. Loans fully collateralized by the cash surrender value of an insurance policy. Loans fully collateralized by cash deposits at the same financial institution. Credit cards and cash advances on checking accounts where the aggregate outstanding balance is reduced to $10,000 or less by the payment due date. Normal lending procedures, terms and requirements are those that are reasonably comparable to those relating to loans of similar character
In the practice of audit how do conducts transactions play a role as well as the preparing of financial statements.
so basically the conduct transactions act as the evidence that is needed to prove the assertions of the manager that are found when issuing the financial statements
It is difficult to assess/evaluate the quality of an audit. In fact, different stakeholders assess audit quality differently. How would you assess the quality of an audit? How might investors, regulators (e.g., the SEC or the PCAOB), and audit firms each assess the quality of an audit?
I would assess the quality of an audit based on the necessary materiality percentage as well as the degree of certainty which therefore would make sure that there has been an audit on the transactions, internal controls, and also the ending balances of different accounts even though this is the most costly. I would also ensure that the sample size of transactions is appropriate as well as ensuring the environment of the business is evaluated prior to the audit. There is compliance with the standards set by each regulator
Why is independence such an important standard for auditors? How does auditor independence relate to the agency relationship between owners and managers discussed in Chapter 1.
Independence is an important requirement for auditors because the level of owners' confidence in the auditors' work are directly related to the level of independence. If there are ties between the managers and external auditors, owners will not believe that the audit reports can reduce information risk.
do you believe that andersen's involvement in those decisions violated any professional auditing standards?
Independence- Special purpose entities (SPEs) day-to-day accounting decisions involvement ruined independence Planning and supervision- auditors should have identified possible situations (SPEs) where there was possible risk in financial reporting internal control evaluation: disclosures were vague that were approved by Andersen suggesting that the auditors did not fully understand enron's financial structures and controls
Vaughn obviously questioned walker's personal integrity. Is it possible that one can fulfill the responsibilities of a professional role while lacking personal integrity?
Professional standards in accounting and audit practices are intended to be guidelines and acceptable minimums for behavior and competence. The goal in these professions is to strive for best practices - by exceeding the professional standards whenever possible. Therefore, by meeting one's professional responsibilities (in other words meeting professional standards), one could be reasonably believed to be lacking in personal integrity by not seeking to exceed the standards.
What are the two key characteristics of audit evidence that an auditor must consider when evaluating the quality of evidence
Relevance + Reliability
Is it permissible for companies to overstate period-ending expense accruals to make their financial statements more "conservative"?
It is permissible for companies to overstate their year-end expense accruals with the goal of being conservative as long as the methodology is applied consistently over multiple periods and there is evidence to support the methodology. Year-end expense accruals should not be over-reserved to provide a cushion to "manage" earnings results from period-to-period.
Identify three of the documents required by the Securities Exchange Act of 1934 that are commonly encountered by auditors. Briefly describe the purpose of each of these documents.
The 10K, 10Q, and 8K are common documents auditors encounter. The 10K and 10Q are annual and quarterly reports that include financial statements filed with the SEC by a publicly traded company. The 8K is filed if some significant event occurs that interests investors.
What were the main takeaways from Judge in Deloite v. Flanagan statements and the judgement against ey?
Thomas Flanagan, had "obviously" been in violation of his employers' independence policies in making certain trades. - an auditor is selling its independence and integrity so the firm (deloitte) relies heavily on the honesty of its workers auditors are crucial to the public securities market which means that it is demanded they remain totally independent
How do you remember GAAS? General Standards Fieldwork Reporting
Tips (training, independence, professional care) Pie(planned, internal control, evidential) ACDO (accordance with GAAP, consistently, disclosures, opinion)
Identify four circumstances in which confidential entity information can be disclosed under the Rules of Conduct without the entity's permission.
To meet GAAP of GAAS disclosure requirements -as required by an authorised peer review body -to comply with a valid subpoena - as part of an investigative or disciplinary proceeding
For what primary purpose does the auditor obtain an understanding of the entity and its environment?
To plan the audit and determine the nature, timing, and extent of audit procedures to be performed.
List three types of consulting services that audit firms are now prohibited from providing to clients that are public companies. For each item, indicated the specific threats, if any, that the provision of the given service could pose for an audit firm's independence.
financial information systems design bookkeeping investment advisory legal services providing these services could prove to be a conflict of interest due to high consulting fees charged
If aggregate misstatements at account level > TM If remaining total aggregate misstatement for all > PM p;am
adjust fs adjust fs and consider qualitative factors for both
what is a covered member?
an individual on the attest engagement team and in a position to influence attest engagement manager who provides more than 10 hours of nonattest services to the attest entity a partner in the office in which the lead attest engagement partner primarily practices in connection with the attest engagement the firm, including the firm's employee benefits plan An entity whose operating, financial, or accounting policies can be controlled by any of the individuals or entities described above or by two or more such individuals or entities if they act together
If the firm has more than 100 clients when do they get inspections from PCAOB?
annually, less is every three years
what are ways to test for controls? what is an example?
appropriate management staff and supervisor inquiries inspections of documents walkthroughs and observations of specific controls internal control: create a separation of duties between the shipping function and the order entry and billing test of control: observe and evaluate whether shipping personnel have access to the order entry or billing activity
Auditors have several conflicting incentives. What sort of incentives do you think auditors have?
auditors want to act in a professional manner in which their opinion is trusted and verifiable but they run the possibility of experiencing audit risk and auditing is based on reasonable assurance so there is no guarantee that they will be 100% correct without misstatements in their opinion and the financial statements analyzed
what could close relatives do?
cause impairment on independence because the may have material financial interest or have say in financial stuff
The PCAOB's auditing standards identify auditors' responsibilities when addressing the possibility that fraud has materially impacted a public company's financial statements. Which of those responsibilities did the L&H auditors fail to comply with during the 2005 and 2006 LocatePlus audits? For each item that you listed, explain how the L&H auditors failed to fulfill that responsibility.
conduct professional skepticism when they received the allegations of fraudulent transactions between their client and Omni Data. In the report by the SEC, they stated that the auditors had failed to adequately test the revenue from Omni Data, failed to obtain competent evidence that backed their opinion, and failed to assess the risk of material misstatements of these allegations (Knapp, 2010). When the auditors 3 sent letters of confirmations they received an undeliverable notice. Later, they received the confirmation letter signed with no exceptions. They also were not a part of an online database that logs all the companies in that area where Omni Data was allegedly from. This should have prompted a more scrutinized audit test but instead they used confirmation letters and letter of representations from management as sufficient evidence to validate the transactions. The auditors also did not perform substantive testing on the large number of receivables. The auditors tested revenue from other channel partners by comparing amounts billed and recognized revenue to usage logs. If the company who had paid the royalties had not had any usage it would be a red flag. However, these tests were not performed to Omni Data which accounted for 75 percent of the company's receivables. Even the fraud risk assessment form was left blank in the 2005 audit.
What are examples of when independence of a CPA would be impaired?
cpa performs managerial role for an organization during time of attest engagement if an employee leaves the firm and is employed by associated unless conditions are satisfied
Which of the following best describes the general character of the three generally accepted auditing standards classified as performance?
criteria for auditing planning and evidence gathering
what are substantive procedures? what are the two categories?
designed to detect material misstatements test of details - testing for errors or fraud of individual transactions, test of account balances and disclosures substantive analytical procedures- analysis of financial information through plausible relationships among both financial and nonfinancial data
What are the steps in applying materiality?
determine overall materiality determine tolerable misstatement evaluate auditing findings
Distinguish between illegal acts that are "direct and material" and those that are "material but indirect." List five circumstances that may indicate that an illegal act has occurred. LO 3-7
direct and material--tax laws that determine amount of revenue recognized on FSmaterial but indirect--five circumstances: unauthorized transactions, investigation by government agency, a payment of unusual fines, large payments for unspecified services to consultants or employees, large cash payments, unexplained payments to government officials, failure to file tax returns.
What are examples of prohibited financial relationships?
direct- financial interest that is owned directly by an individual or is under control of an individual entity (ownership in client stock or partnership) material indirect- -when a covered member has a financial interest in an entity that is associated with an attest entity, for example an investment in a mutual fund that owns the entity's stock "I cant audit this client because my firm owns a subsidiary that owns stock in the client"
What should an auditor do if fraud is expected?
discuss with at least one level higher than level of management expected of committing the fraud, consider leaving the engagement, obtain proper evidence to determine if there is an impact, suggest to legal counsel and audit committee
why does society expect auditors to exercise due care? Although auditors have responsibility to check over for fraud etc, who is ultimately the most responsible for their financial statements?
due care=professional skepticism audits are essential to the economy ultimately management and cfo/ceo
Describe what you believe is implied by the term "engagement risk." What are the key factors likely considered by Deloitte and other audit firms when assessing engagement risk? How if at all are auditors professional responsibilities affected when a client poses a higher than normal degree of engagement risk?
engagement risk can be described as the risk associated with planning and executing the audit and the decision making and implementation of everything surrounding the audit (client, auditing firm, auditor) key factors could include the reputation of the client and their reliability in financial statement, detection risk that auditors may fail to uncover misstatements, the risk that auditor will run into trouble during the audit the auditor needs to be on higher alert and can potentially ruin the verifiability and reputation of the company they work for so their professional responsibilities are really at stake but still the same standards are required of the audit
What are the three sections to an audit report?
financial statements- opinion on the financial statement and materiality basis for opinion- how they reached this opinion and the standards they used which are explicitly stated critical audit matters- matters that must be reported to the audit committee
what are the factors for evaluating the reliability of the internal audit funciton?
objectivity- whether the internal audit function supports the ability to be objective competence whether they have a systematic and disciplined approach
In understanding the entity and its environment, what encompasses the nature of the entity?
organizational structure, management and personnel, sources of funding, investments, operating characteristics, size, and complexity, profitability of key products, customer relationships
What are the responsibilities of the audit committee?
oversee financial reporting and disclosure monitoring policies hiring of external auditors regulatory compliance internal control process risk management performance of internal audit function
What are the four major parts of the AICPA professional code of conduct?
preface- applies to all cpas defines the ideal principles of conduct principles- provide the framework and guidance for applying interpretations provide guidelines as to the scope of the code guidance starts with the conceptual level into a more detail interpretation
What are the principles underlying an audit?
purpose- opinion on FS responsibilities- competence and capabilities to perform audit and complying ethically with skepticism performance of the audit- reasonable assurance with evidence and risk materials reporting- express an opinion
describe the pcaob inspection program and explain what kinds of deficiencies or defects are included in parts 1 and 2 of the report
regular inspections of public firms with a focus on audit engagements and quality management systems to ensure complying part 1 is public but part 2 is not deficiencies in part 1 include situations without enough evidence quality management is part 2
Regarding the Ligand Pharmaceuticals case, the PCAOB imposed sanctions on Deloitte and James Fazio, the audit partner, for their audit of the 2003 Ligand financial statement audit. Explain several ways that Fazio and Deloitte failed to adequately follow the auditing standards. Specifically, describe how they did not adequately follow the standards in the "responsibilities," "performance," and "reporting" principles underlying the audit.
responsibilities- the did not ensure that fazio was competent and capable of performing the audit performance- its the auditor's responsibility to perform an effective audit and the audit was not effective without proper planning and execution in regard of the understanding of the business and the way in which they get revenue reporting- they reported incorrectly and not in compliance of when they received the revenue
What are the three general types of audit tests? Define each type of audit test and give two examples. LO 3-9
risk assessment procedures--observation & inspection, preliminary analytical procedures.test of controls--inspection of documents, reperformancesubstantive procedures--test of details and substantive analytical procedures
what does the engagement letter contain?
services to be performed and related reports objective of the audit summary of procedures limitations of the audit managements responsibilities timing and fees
If there is a misstatement of the type of account that was used and the person refuses to change their methods but everything else is material and would suggest an unqualified opinion what would the auditor do? What is an adverse opinion? What happens if there is not sufficient evidence to conclude a specific account is presented fairly? what happens if the lack of evidence is too much?
the auditor would qualify adverse is when the financial statements are not presented fairly (if the misuse was material and it affects the financial statements) the auditor would qualify the report but note that there wasn't sufficient evidence to support the one account. if the lack is too much then the auditor will release a disclaimer of opinion signifying that they cannot give a fair opinion
When is independence impaired with litigation?
the start of litigation by management alleging deficiencies in audit work for the entity -An expressed intention by management to start litigation against the CPA alleging deficiencies in audit work -The start of litigation by the CPA against management alleging management fraud or deceit
Why are financial statement assertions essential to auditing?
they are management's expressed or implied claims about the information reflecting in the financial statements and these are central to auditing because they are the focus of how and what evidence is collected
Identify the primary audit objectives for a client's year-end discretionary expense accruals.
to gather evidence to show both their existence and valuation. Auditors will want to see that the estimating methodology is applied consistently over different reporting periods and that the estimating methodology is supported by evidence (either actual experience or industry standards).
What are some of the demands for auditing?
to raise capital (stocks, bonds, etc.) to fulfil a stewardship function (managing the corporation's assets) important role in the principal (owner)- agent (manager) its literally required be the sec
What are examples of inherent risk and control risk? What is Detection risk? Is there an inverse relationship with these factors?
transaction complexity or adoption of new accounting standards creation of new controls or implementation of new ais risk that the procedures performed by the auditor to reduce risk will not detect a misstatement yes, if inherent and control are high auditor will lower detection risk
What do the principles call for?
unswerving commitment to honorable behavior even at the sacrifice of personal advantage
What are the three ethical approaches to auditing and what do they encompass?
utilitarian- recognizing decision making involves trade-offs between benefits and burdens of alternative actions (interest of all parties affected and not just one) rights based- individuals have rights that need to be respected (undertakes an action only if it does not violate the rights of individuals) justice- each person has a right to have maximum degree of personal freedom and social and economic actions should be to everyone's advantage (fairly distribute resources
When is an auditor independent in mind/fact as well as in appearance
when they are objective and unbiased in their actions and decisions when they are perceived by knowledgeable users as independent