ACC 401: Audit Final Exam

Ace your homework & exams now with Quizwiz!

Audit Testing Hierarchy

*evidence decision process for testing classes of transactions or significant balances -risk assessment procedures -test of controls -substantive analytical procedures -Remaining assurance needed from tests of details

LO 6-5: 5 Components of COSO Framework

-Control environ -risk assessment -control activities -info and comm -monitoring activities

Examples of Type II Events

-Loss of the entity's manufacturing facility or assets results from a casualty such as a fire or flood that occurred after the balance sheet date but prior to issuance of the financial statements -Purchase or disposal of a business by the entity after the balance sheet date but prior to issuance of the financial statements -Capital stk or bond issuance by the entity after the balance sheet date but prior to issuance of the financial statements -Losses on receivables caused by conditions such as a business failure arising subsequent to the balance sheet date

"Assurance Bucket"

-Must be filled with sufficient appropriate evidence to obtain the level of assurance necessary to support the auditor's opinion -top down audit testing hierarchy

Ex. of Engagement Letter Order

-addressed to audit committee chair, address, date -integrated audit of the financial statements and internal control over financial reporting-services and related report -our responsibilities and limitations -mgmt's responsibilities -Document retention -other documents -timing and fees -signed by audit partner, approved with signature by audit committee chair, date of approval

Examples of Type I Events

-an uncollectible AR resulting from deterioration in a customer's financial condition prior to year end, about which the holder of the receivable is unaware. The customer declares bankruptcy after the balance sheet date but prior to the issuance of the financial statements -settlement of a lawsuit after the balance sheet date but prior to issuance of the financial statements for an amt different from the amt recorded in the year end financial statements as a contingent liability

Trend Analysis

-analysis of changes in an account over time -compares last year's account balance (expectation) w/ the current balance -can encompass multiple time periods including comparing trends with budget amounts and with competitor and industry info -number of time periods used is a function of predictability and desired precision

Assess Compliance with Ethical and Independence Requirements

-annual independence questionnaire: auditor's financial or business relationships w/ clients -at engagement level, partner-in-charge should ensure all individuals assigned to engagement are independent from the entity by reviewing the annual independence reports from each member of the audit team or through the firm's independent database -unpaid client fees: firms adopt policy of not completing the current audit until all of the prior year's fees are paid -consulting services for client: does not impair independence but audit team must remain objective; under SOX the auditor is not permitted to provide certain types of consulting services for audit clients

Additional items the engagement letter might include

-arrangements involving the use of specialists or internal auditors -any limitation of the liability of the auditor or client, such as indemnification to the auditor for liability arising from knowing misrepresentations to the auditor by mgmt or alternative dispute resolution procedures -additional services to be provided relating to regulatory requirements -arrangements regarding other services (ex. assurance, tax, consulting services)

Substantive Analytical Procedures

-develop an expectation -define a tolerable difference -compare the expectation to recorded amt -investigate differences greater than the tolerable difference -conduct other audit procedures or propose an audit adjustment or accept the amount if the explanation and corroborative evidence is adequate

Analytical Procedures

-evaluations of financial info made through analysis of plausible relationships among both financial and nonfinancial data -auditing standards require the auditor to perform analytical procedures as risk assessment procedures (aka planning/preliminary analytical procedures) -such procedures assist the auditor in understanding the entity and its environment and in identifying areas that may represent specific risks relevant to the audit -helpful in identifying the existence of unusual transactions or events and amounts, ratios and trends that might have implications for audit planning -ex. revenue

Assertions about account balances, and related disclosures, at the end of the period: (6)

-existence -rights and obligations -completeness -accuracy, valuation, and allocation -classification -presentation

Reasonableness Analysis

-forming an expectation using a model -because it forms an explicit expectation, reasonableness analysis typically forms a more precise expectation than trend or ratio analysis

Inquiries the successor auditor should ask from the predecessor auditor

-info that might bear on the integrity of mgmt -disagreements w/ mgmt -communications to audit committees or others w/ equivalent authority and responsibility regarding fraud, illegal acts by clients and internal control related matters -predecessor auditor's understanding for the reasons for the change of auditors -predecessor auditor's understanding of the nature of the company's relationship and transactions w/ related parties and significant unusual transactions

Audit Procedures for Subsequent Events (from ppt slides, see textbook info on google doc.)

-inquire of mgmt -Reading meeting minutes -inquiry of legal council -examine the books of the original entries -read interim financial statements -evaluating entity's policies and procedures to properly record subsequent events as part of its internal control over financial reporting

Final Analytical Procedures

-objective is to assist the auditor in assessing the conclusions reached and evaluating the overall financial statement presentation -requires reviewing the trial balance, financial statements and footnotes in order to: 1. judge the adequacy of the evidence gathered in order to support any unusual or unexpected balances investigated during the audit 2. determine if any other unusual balances or relationships have not been investigated

Assertions about classes of transactions and events, and related disclosures for the period under audit: (7)

-occurrence -completeness -authorization -accuracy -cutoff -classification -presentation

Difference between analytical procedures used as risk assessment procedures (planning) and as final analytical procedures

-planning: auditor is not required to obtain corroborative evidence because planning analytical procedures are not intended to provide substantive audit evidence regarding specific assertions. The auditor normally determines whether the planned audit procedures need to be revised due to the results of the preliminary analytical procedures -final: auditor investigates unexpected differences by first going to the working papers to determine if sufficient appropriate evidence has already been gathered to explain the difference. If no sufficient evidence is found in the working papers, auditor would formulate possible explanations, conduct additional testing and seek an explanation from the entity's personnel

LO 3-3 Establish an Understanding with the Entity

-reduces risk of misinterpretation -the terms of the engagement (in engagement letter) should include: objectives of engagement, mgmt's responsibilities, auditor's responsibilities, and the limitations of the engagement -Topics discussed: (i) engagement letter, (ii) using the work of the internal auditors, (iii) role of the audit committee

Ratio Analysis

-the comparison across time or to a benchmark of relationships between financial statement accounts or between an account and nonfinancial data -includes "common size" analysis which is the conversion of financial statement amounts to percentages -industry or competitor ratios are often used to benchmark the entity's performance -more effective at identifying risks and potential misstatements than trend analysis because comparisons of relationships between accounts and operating data are more likely to identify unusual patterns than is an analysis only focused on an individual account

Documentation Requirements when substantive analytical procedures are used

-the expectation and how it was developed -results of the comparison of the expectation to the recorded amounts or ratios developed from recorded amounts -any additional auditing procedures performed in response to any significant differences identified

Dual Date

-when a subsequent event occurs after the date where the auditor has obtained appropriate audit evidence but before financial statements are issued. -ex. "feb. 15, 2019 except for Note 10, which is as of March 1, 2019" *limits auditor's responsibility

Phases of the Audit that Relate to Audit Planning

1. Client Acceptance and Continuance 2. Preliminary Engagement Activities 3. Plan the Audit

Control Environment-Principles #1-5

1. Org demonstrates a commitment to integrity and ethical values 2. BOD demonstrates independence from mgmt and exercises oversight of the development and performance of internal control 3. Mgmt est. w BOD oversight, structures, reporting lines, and appropriate authorities and responsibilities in the pursuit of objectives 4. Org. demonstrates a commitment to attract, develop, and retain competent individuals in alignment w/ objectives 5. Org holds individuals for their internal control responsibilities in the pursuit of objectives

Examples of procedures that can help the auditor identify contingent liabilities include:

1. Reading the min of meetings of the BOD, committee of the board and stockholders 2. Reviewing contracts, loan agreements, leases and correspondence from gov. agencies 3.Reviewing tax returns, IRS reports and schedules supporting the entity's income tax liability 4. Confirming or otherwise documenting guarantees and letters of credit obtained from financial institutions or other lending agencies 5. Inspecting other docs for possible guarantees or other similar arrangements

Under current auditing standards, mgmt assertions fall into 2 categories:

1. assertions about classes of transactions and events, and related disclosures for the period under audit 2. assertions about account balances, and related disclosures at the end of the period

LO 3-2 Preliminary Engagement Activities

1. determining audit engagement team requirements 2. ensuring the audit team and audit firm are in compliance with ethical and independence requirements 3. Est. an understanding with the entity

Specific additional steps to identify contingent liabilities (should be done near the completion of the engagement)

1. inquiry of and discussion w/ mgmt regarding the entity's policies and procedures for identifying, evaluating, and accting for contingent liabilities 2. Examining docs in the entity's records such as correspondence and invoices from attorneys for pending or threatened lawsuits 3. Obtaining a legal letter that describes and evaluates any litigation, claims or assessments 4. Obtaining a written representation from mgmt that all litigation, asserted and unasserted claims, and assessments have been disclosed in accordance w/ FASB ASC Topic 450 "Contingencies"

3 categories for the likelihood that the future event will result in a loss when a contingent liability exists are:

1. probable 2. reasonably possible 3. remote

8 Elements for the Standard Unqualified audit report for public companies:

1. report title 2. addressee 3. "Opinion" 4. "Basis for Opinion" 5. "Critical Audit Matters" 6. Name/signature of the audit firm 7. Indication of how long the auditor has served as the company's auditor 8. Audit report location and date

3 Types of Analytical Procedures

1. trend analysis 2. ratio analysis 3. reasonableness analysis

Control Activities-Principles #10-12

10. Org. selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives and acceptable levels 11. Org. selects and develops general control activities over tech to support the achievement of objectives 12. Org. deploys control activities through policies that est. what is expected and procedures that put policies into action

Info and Comm-Principles #13-15

13. Org. obtains or generates and uses relevant, quality info to support the functioning of the other components of internal control 14. Org. internally communicates info including objectives and responsibilities for internal control, necessary to support the functioning of other components of internal control 15. Org. communicates w/ external parties regarding matters affecting the functioning of other components of internal control

Monitoring Activities-Principles #16-17

16. Org. selects, develops and performs ongoing and/or separate evals to ascertain whether the components of internal control are present and functioning 17. Org. evals and communicates internal control deficiencies in a timely manner to those parties responsible for taking corrective action, including senior mgmt and BOD if appropriate

Risk Assessment-Principles #6-9

6. Org. specifies objectives w/ sufficient clarity to enable the ID and assessment of risks relating to objectives 7. Org. identifies risks to the achievement of its objectives across the entity and analyzes risks as a basis for determining how the risks should be managed 8. Org. considers the potential for fraud in assessing risks to the achievement of objectives 9. Org. ID's and assesses changes that could significantly impact the system of internal control

Control Activities

Actions est. by policies and procedures to help ensure that mgmt directives to mitigate risks to the achievement of objectives are carried out; performed at all levels of the entity and at various stages w/n business processes & tech. enviro; 4 types: (i) performance reviews, (ii) physical controls, (iii) segregation of duties, (iv) info. processing controls, including authorization and document based controls

Completeness (end of period)

All assets, liabilities and equity interests that should have been recorded have been recorded, and all related disclosures that should have been included in the financial statements have been included

Authorization (during the period)

All transactions and events have been properly authorized

Completeness (during the period)

All transactions and events that should have been recorded have been recorded, and all related disclosures that should have been included in the financial statements have been included

Accuracy (during the period)

Amounts and other data relating to recorded transactions and events have been recorded appropriately, and related disclosures have been appropriately measured and described

When can the auditor determine the size of the assurance bucket?

An auditor can determine the size after the auditor has determined the risks associated with the assertions for an account balance

Presentation (end of period)

Assets, liabilities and equity interests are appropriately aggregated or disaggregated and clearly described, and related disclosures are relevant and understandable in the context of the requirements of the applicable financial reporting framework

Existence (end of period)

Assets, liabilities and equity interests exist

Classification (end of period)

Assets, liabilities and equity interests have been recorded in the proper accounts

Accuracy, valuation and allocation (end of period)

Assets, liabilities, and equity interests have been included in the financial statements at appropriate amounts, and any resulting valuation or allocation adjustments have been appropriately recorded, and related disclosures have been appropriately measured and described

LO 4-4 Auditor's Risk Assessment Process

Auditor's objective is to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement and relevant assertion levels through understanding the entity and its environment, including their internal controls

Remote

Chance of the future event occurring is slight

Reasonably Possible

Chances of the future event occurring is more than remote but less than likely

Probable

Future event is likely to occur

LO 5-2 Management Assertions

In representing the financial statements are in accordance with the applicable financial reporting framework, mgmt implicitly or explicitly makes assertions regarding recognition, measurement and presentation of classes of transactions and events, account balances, and disclosures

Info & Comm

Info is necessary for the entity to carry out internal control responsibilities in support of achievement of its objectives; Communication occurs both internally and externally and provides the org w/ the info needed to carry out day to day internal control activities; Comm enables personnel to understand internal control responsibilities and their importance to the achievement of objectives and allow for upward flow of operating info to mgmt

Who is responsible for the fair presentation of the financial statements?

Management

Monitoring Activities

Ongoing evals, separate evals, or some combo of the two are used to ascertain whether each of the 5 components of internal control, including controls to effect the principles w/n each component, are present and functioning; findings are evaluated and deficiencies are communicated in a timely manner, w/ serious matters reported to senior mgmt and to the BOD

Prospective Client Acceptance

Public accounting firm must consider these issues before accepting a new client: -has the capabilities to perform the engagement -complies with legal and relevant ethical requirements -has considered the integrity of the client

Control Environment

Set of standards, processes and structures that provide the basis for carrying out internal control across the organization; BOD and senior mgmt est. the tone regarding the importance of internal control and expected standards of conduct

COSO's Internal Control-Integrated Framework

System of internal control is designed and carried out by an entity's BOD, mgmt and other personnel to provide reasonable assurance about the achievement of the entity's objectives in the following categories: 1. reliability, timeliness and transparency of internal and external financial and nonfinancial data 2. Effectiveness and efficiency of ops, including safeguarding assets 3. Compliance w/ applicable laws and regs

Rights and Obligations (end of period)

The entity holds or controls the rights to assets, and liabilities are the obligations of the entity

Presentation (during the period)

Transactions and events are appropriately aggregated or disaggregated and clearly described, and related disclosures are relevant and understandable in the context of the requirements of the applicable financial reporting framework

Cutoff (during the period)

Transactions and events have been recorded in the correct accounting period

Classification (during the period)

Transactions and events have been recorded in the proper accounts

Occurrence (during the period)

Transactions and events that have been recorded or disclosed have occurred, and such transactions and events pertain to the entity (aka validity)

T/F: appropriate evidence in the working papers should support any differences from the auditor's expectations?

True

T/F: The successor auditor should request permission of the prospective client before contacting the predecessor auditor?

True; the Code of Professional Conduct doesn't allow an auditor to disclose confidential client info without the client's consent

2 types of subsequent events require consideration by mgmt and evaluation by the auditor:

Type I Type II

If event is reasonably possible or the amount cannot be estimated it is recorded as...

a disclosure of the contingency is made in the footnotes to the financial statements

If event is probable and the amount of loss can be reasonably estimated, the loss associated with the contingency is recorded as...

accrued by a charge to income

Contingent Liability

an existing condition or set of circumstances involving uncertainty as to possible loss that will ultimately be resolved when some future event occurs or fails to occur; ex. litigation

For lower risk, well controlled accounts

assurance bucket may be entirely filled with tests of controls and substantive analytical procedures

Management assertions also guide the auditor in designing

audit procedures to collect the needed evidence, as well as assisting the auditor in evaluation the appropriateness and sufficiency of evidence

Size of assurance bucket can vary depending on

auditor's risk assessment and the assertion being tested; certain assertions will be more important/present greater risks for some accounts than others; ex. largest bucket for AP is completeness assertion

How can an entity achieve effective internal control?

by applying all 17 principles underlying the components of internal control

Transaction related and balance related assertions help the auditor

conceptualize, plan and perform audit procedures

what type of relationship exists between objectives, components, and the structure of the entity

direct relationship

Auditing standards definition of analytical procedures

evaluations of financial info through analysis of plausible relationships among both financial and nonfinancial data; can facilitate an effective audit by helping the auditor understand the entity's business, directing attention to high risk areas, identifying audit issues that might not be otherwise apparent, providing audit evidence, and assisting in the evaluation of audit results

Subsequent Events

events that occur after the balance sheet date but before the issuance of the financial statements that materially affect the financial statements; require recognition/disclosure

Type I (recognized events)

events that provide additional evidence about conditions that existed at the date of the balance sheet and that affect the amounts or est. involved in the financial statement prep process; require adj. of the numbers in the financial statements

Type II (unrecognized events)

events that provide evidence about conditions that did not exist at the date of the balance sheet but that arose subsequent to that date; usually require disclosure in the notes of the financial statements; sometimes if the effect is very significant, pro forma financial statements may be required in order to prevent the statements from being misleading

Determine the Audit Engagement Team Requirements

factors include: engagement size and complexity, level of risk, special expertise, personnel availability, and timing of work to be performed

Purpose of Framework

help mgmt better achieve the orgs. objectives and provide BOD an added ability to oversee internal control

Size of the assurance bucket means

how much assurance is needed

the auditor is mainly concerned with

how the 5 components, evaluated individually and in terms of how they operate together, affect the external financial reporting objective

Entity's Risk Assessment Process

involves a dynamic and iterative process for identifying and analyzing risks to achieving the entity's objectives, thereby forming a basis for determining how risks should be managed; mgmt considers possible changes in the external enviro and w/n its own business model that may impede its ability to achieve its objectives

Structure of the entity

operating units, legal entities and other

Client Continuance

public accounting firms should evaluate periodically whether to continue with their current clients; must take place at or near the end of an audit or when a significant event occurs

What type of assurance that the risk of not achieving an entity objective is reduced to an acceptable level does an effective system provide?

reasonable assurance

In performing analytical procedures:

the auditor should develop expectations about plausible relationships that are expected to exist, based on the understanding of the entity and its environment

If event is remote..

then neither accrued on the financial statements nor disclosed in the footnotes

Analytical procedures are commonly used to gather substantive evidence because

they are effective at detecting misstatements, inexpensive to perform, ability for audit teams to perform a wide range of analytics that both identify client risk and provide evidence regarding mgmt's assertions

LO 3-4 The Engagement Letter

used to formalize the arrangements reached between the auditor and the entity; contract outlining responsibilities of both parties and preventing misunderstandings

objectives

what an entity is striving to achieve

Components

what the entity needs to do in order to achieve the objectives

After accepting client, new auditors should request entity to allow old auditors to send their working papers to new auditors

working papers are reviewed by new auditors and they need info about beginning balances and consistent application of GAAP


Related study sets

MGMT 5320 Exam 3 - Short Essay Study Guide

View Set

Risk Management & Insurance Exam 4: Chapters 18, 19, 25, 26 Rejda

View Set

Med micro chapter 12 pages 337-346

View Set