ACC 450 Ch 6

Audit Strategy

-high-level course of actionthe -details the scope, timing, and direction for auditing -each relevant assertion based on the results of the audit risk model

What is the "rule of thumb" materiality for total equity?

1 percent

What is the "rule of thumb" materiality for net income before taxes

5 percent to 10 percent of net income before taxes

Tests of controls are needed when the auditors' risk assessment includes

an expectation that controls are operating effectively, or when substantive procedures alone do not provide sufficient appropriate audit evidence

audit trail (chart in notes)

consists of source documents, journal entries, and ledger entries.

audit risk is a combo of

inherent and control risk

When designing further audit procedures, auditors consider the

nature, timing, and extent of appropriate procedures.

Significant risks often relate to

nonroutine transactions and estimation transactions

While assessing risks, the auditors should determine which of the identified risks require

special audit consideration (aka significant risks)

Understanding business risk can also help an auditor..

understand where a business might have material misstatements

The auditors' consideration of risks of material misstatement from fraud recognizes that there are two distinct types:

(1) misstatements arising from fraudulent financial reporting (management fraud) and (2) misstatements arising from misappropriation of assets (defalcations)

6. Form an opinion and issue the audit report.

-final step in the process is issuance of the audit report based on the conclusions reached in the preceding steps

AICPA AU-C 240 and PCAOB AS 2401 require

a discussion ("brainstorming session") on susceptibility to fraud.

Potential successor auditors should attempt to communicate with the predecessor auditors

before accepting the engagement (AICPA AU-C 210; PCAOB AS 2610)

Fraud Triangle

incentive/pressure, opportunity and rationalization; have to have all of them for fraud to happen

These inquiries are important because fraud often is uncovered through

information received in response to inquiries.

reviewing work papers of predecessor

not required but helpful

With respect to the auditors' consideration of fraud, the requirements are similar in that auditors should document

(1) the discussion among engagement team personnel about fraud risks; (2) the procedures performed to identify fraud risks; (3) the fraud risks identified and the response to those risks; (4) any other conditions that caused the auditors to perform additional fraud-related procedures; and (5) the nature of any communications made to management, the audit committee, or others about fraud.

Some examples of small mistatements that are significant:

-A misstatement of the financial statements that would affect a company's compliance with a contractual agreement might be material regardless of its amount (ex: long-term debt agreements that say firm can't go over $xx.) -A misstatement that would cause a company not to make the consensus earnings-per-share estimate of financial analysts might be considered material even though it is somewhat less than what would normally be considered material.

Concerning the overall attractiveness of the industry, auditors consider such factors as

-Barriers to entry. -Strength of competitors. -Bargaining power of suppliers of raw materials and labor. -Bargaining power of customers

Examples of Financial Statement Level Risks

-Risks related to an ineffective control environment and weaknesses in general information technology controls -A lack of sufficient capital to continue operations. -A declining industry. -Risks related to the selection and application of significant accounting policies.

Evaluation Materiality

-at end of the audit - we found misstatements, now we are trying to determine if they are material -evaluation materiality can be quantitative or qualitative (qualitative meaning the misstatement is a small number but something aobut it is going to change the judgement of a reasonable person) ex: we find a $500 misstatement which is not big but what if that $500 separted the CEO from getting a bonus - now material)

Making Inquiries Related to Fraud (pg 219)

-auditors are required to inquire of members of management as to their knowledge of fraud and alleged fraud, their understanding of the risks of fraud, and programs or controls that have been implemented to mitigate those risks -auditors also inquire about how management monitors operating units or business segments in other locations and how management communicates its views about ethical behavior to employees.

"Brain-Storming" discussion procedures:

-discussion also will review errors that are expected to occur based on the results of prior audits -should involve the auditor with final responsibility for the audit (the engagement partner) and key members of the audit team -happens during the planning/rsik assessment

2. Obtain an understanding of the client and its environment

-gathering background info to assess the risks of material misstatements -perform risk assessment procedures -design further audit procedures

Risk Assessment Procedures

-inquiries of management and others within the entity -analytical procedures -observation and inspection of activities, operations -inquiries of others outside the company (legal, valuation experts)

risk assesment procedures

-inquiries of management and others within the entity. -Analytical procedures. -Observation and inspection relating to client activities, operations, documents, reports, and premises. -Other procedures, such as inquiries of others outside the company (e.g., legal counsel, valuation experts) and reviewing information from external sources (e.g., analysts, banks, rating organizations, and business and industry publications).

further audit procedures

-is based on the materiality of the account balances, transactions, and disclosures being audited and the assessed risks of material misstatement -substantive procedures for all relevant assertions and, if needed, tests of controls.

Materiality

-recognizes that some matters are important to the fair presentation of financial statements, while others are not -is the maximum aggregate value of misstatement that can exist without affecting the audit opinion, given the desired level of audit risk.

What increases engagement risk?

-when the client company is in a weak financial position or is greatly in need of additional capital.

shopping for accountants

-where a company will ditch hteir current auditor to find another that will agree with their practices; this led to AICPA AU-C 915 (PCAOB AS 6105) which provides guidance to public accountants when they get a request for a written or oral report on the accounting treatment of a prospective or completed transaction from a company that is audited by another CPA firm.

questions to ask predecessing auditor

1) integrity of client management 2) reasons for auditor change 3) was there disagreements 4)internal control weaknesses 5) any communications with govt or legal -second communication relates primarily to the contents of the predecessor auditors' working papers related to opening balances and the consistency of application of accounting principles.

Relevant assertion

A financial statement assertion that has a reasonable possibility of containing a misstatement or misstatements that would cause the financial statements to be materially misstated; based on inherent risk (how much of org do we understand/ depends on the type of org)

Test of Controls

An audit procedure designed to evaluate the operating effectiveness of controls in preventing, or detecting and correcting, material misstatements, typically at the assertion level. -Notice that a test of a control measures the effectiveness of a particular control in preventing or detecting a misstatement; it does not substantiate the dollar amount of Page 199an account balance

5. Complete the Audit

Auditors perform a number of procedures: -search for unrecorded liabilities, review of minutes of meetings, performing final analytical procedures, search to identify loss contingencies and subsequent events, and obtaining a representation letter from management -overall findings are evaluated to arrive at a conclusion as to whether the financial statements follow GAAP

Even after all dollar amounts have been substantiated, the auditors should perform procedures to ensure that the financial statement presentation conforms to the requirements of authoritative accounting pronouncements and the general principle of adequate disclosure.

Procedures falling into this category include the review of subsequent events; search for related party transactions; investigation of loss contingencies; review of disclosure of such items as accounting policies, leases, compensating balances, and pledged assets; and consideration of the classification and description of items in the financial statements.

engagement risk

The risk that the auditor is exposed to financial loss or damage to his or her professional reputation from litigation, adverse publicity, or other events arising in connection with financial statements audited and reported on - audit firm can inquire information from third parties to help assess this risk ex: Pornhub and Grant Thorton

PCAOB AS 2105 points out that in interpreting the federal securities laws, the Supreme Court of the United States has held that a fact is material if there is

a substantial likelihood that the . . . fact would have been viewed by the reasonable investor as having significantly altered the "total mix" of information made available.

Auditing standards require that auditors determine materiality for the financial statements as

a whole (also referred to as overall financial statement materiality, or overall materiality).

To verify the client's cutoff of transactions, the auditors should review transactions recorded shortly before and

after the balance sheet date to ascertain that these transactions are assigned to the proper period.

For a public company client, the auditors should record the terms of the engagement..

annually in an engagement letter to the audit committee.

Arrangements for the audit should be made through contact with the company's

audit committee

To make sure that the plan addresses all potential misstatements, auditors often develop

audit objectives for each significant account balance and class of transactions.

materially misstated financial statements should result in

audit opinion modification, while immaterially misstated financial statements should not.

If the auditors' objective is to detect unsupported financial statement amounts, they should follow the stream of evidence

back to its source.

Most audit firms organize much of the substantive portion of their audit plans around the

balance sheet accounts.

overall audit stratedgy

considers scope, such as industry reporting requirements, client locations, and the basis of reporting followed by the client -timing of the audit, deadlines for reporting, and key dates that information will be received from management will be determined. -auditors will make preliminary judgments on areas of high risk of material misstatement, material locations, and accounts; determine the expected approach to considering internal control; and consider recent significant client and industry factors. -after this comes the audit plan

increases in the amount of materiality result in

decreases in the scope of audit procedures; For example, all things being equal, auditors will gather less audit evidence if materiality is $500,000 as compared to $100,000.

representation letter

explicitly explains what auditor's and managements responsibilities are; given at the end of an audit; responsibility of a the management

Materiality judgments depend both upon the

financial reporting framework being used and on the auditors' professional judgment.

Audit procedures should be designed to detect only material misstatements of the

financial statements so that the auditors do not waste time searching for clearly immaterial misstatements that cannot affect the auditors' report.

Material misstatement is the maximum aggregate value of misstatement that can exist without affecting the audit opinion,

given the desired level of audit risk.

o identify fraud risks, the auditors perform a number of procedures, including

having discussions with engagement personnel, making inquiries of management and others within the organization, performing analytical procedures, and considering fraud risk factors.

Relating to generally accepted accounting principles, FASB Statement of Financial Accounting Concepts No. 8 states that

information is material if omitting it or misstating it could influence decisions that users make on the basis of the financial information of a specific reporting entity.

A tentative audit plan is developed based on the auditors

initial risk assessments

During the course of the audit, the auditors will discuss with the audit committee

matters such as 1) weaknesses in internal control 2) proposed audit adjustments 3) disagreements with management as to accounting principles 4) the quality of accounting principles used by the company, and 5) indications of management fraud or other illegal acts by corporate officers.

In order to improve their financial picture, some clients may "hold their records open"

o include in the current year cash receipts and revenue from the first part of the next period.

Auditors consider materiality both in

planning the audit and in evaluating audit findings.

AICPA AU-C 240 and PCAOB AS 2401

provide lists of such factors organized around the three fundamental conditions outlined by the fraud risk triangle for the commission of fraud: (1) some type of incentive or pressure, (2) an opportunity to commit the fraud, and (3) an attitude that allows the individual to rationalize the act.

planning materiality is mostly

quanititative

Regulations of the SEC require companies subject to its jurisdiction to file a Form 8-K

reporting changes in independent auditors and the reasons therefore -must report details of any significant disagreement over the past three years

AICPA AU-C 315 and PCAOB AS 2110

require that auditor have a discussion with the audit team members about the susceptibility of the client's financial statements to material misstatements

What is a basic unit of measurement for audit fees?

staff time

Financial Statement Level Risks

those that relate to the overall financial statements and potentially affect many individual assertions.

tolerable misstatement

when an auditor uses the performance materiality concept; Tolerable misstatement may be the same amount or lower than performance materiality depending upon the audit sampling technique being used and the number of audit procedures affecting the relevant assertions.

when evaluating audit findings auditors use materiality to evaluate

whether idetified uncorrected misstatements (plus an allowance for undetected misstatements) are material to the financial statements.

What is the "rule of thumb" materiality for total assets?

½ percent to 1 percent of total assets.

What is the "rule of thumb" materiality for total revenues?

½ percent to 1 percent of total revenues.

Fraud risk factors do not necessarily indicate fraud; however, they often are present where

fraud exists

when planning the audit, auditors use materiality as an...

input into determining the proper scope of audit procedures to obtain reasonable assurance of detecting material misstatements

Because of their importance to financial reporting, the auditors' consideration of

internal control often is organized around the client's major transaction cycles.

The existence of accounts receivable normally is verified by

confirming with customers the amounts receivable.

The term cutoff refers to the process of

determining that transactions occurring near the balance sheet date are assigned to the proper accounting period.

When assets are in the custody of others, such as cash in banks and inventory on consignment, the appropriate audit procedure may be

direct confirmation with the outside party.

The concept of materiality often allows auditors to

"pass over" certain conceptual accounting errors, such as charging low-cost items like small tools or business machines directly to expense accounts.

How do the auditors respond to fraud risks?

(1) a modification in approach having an overall effect on how the audit is conducted; (2) an alteration in the nature, timing, and extent of the procedures performed; and (3) performance of procedures to further address the risk of management override of internal control.

For the risk assessment, the auditors should document (pg 224)

(1) the discussion of the audit team concerning the risk of material misstatements due to error or fraud, (2) the key elements of the understanding of the entity and its environment, (3) the assessment of the risk of material misstatement at both the financial statement level and the relevant assertion level, and (4) the risks identified.

Because of the characteristics of financial statement level risks, an overall response by the auditor is often appropriate, such as:

-Assigning to the audit more experienced staff or individuals with specialized skills. -Providing more supervision for the audit staff and emphasizing the need for them to maintain professional skepticism. -Incorporating additional elements of unpredictability in the selection of further audit procedures to be performed. -Increasing the overall scope of audit procedures.

In responding to significant risks, the auditors should

-Carefully consider the design and implementation of the related controls. -Not rely on evidence about the operating effectiveness of the related controls that has been gathered in prior periods. -Not rely solely on analytical procedures to obtain audit evidence about the related financial statement assertions.

General approach to risk assessment:

-Identify risks. -Relate the identified risks to what can go wrong at the relevant assertion level. -Consider whether the risks are of a magnitude that could result in a material misstatement. -Consider the likelihood that the risks could result in a material misstatement -Use all of these risks assessments to plan and perform audit

Reasons for revising engagement letter

-Indication that management misunderstands the objective and scope of the audit. -A change of senior management. -A significant change in the nature or size of the client. -A change in reporting requirements.

How do auditors modify their overall appraoch to the audit in response to fraud rsik?

-Professional skepticism and audit evidence: they may bring in a specialist or speak to third parties to corroborate managements explanations -Assigning personnel and supervision: assigning additional staff with specialized skill and knowledge -Accounting principles:auditors may decide to further consider management's selection and application of significant accounting principles, particularly those related to subjective measurements and complex transactions -Predictability of auditing procedures:may use differing sampling techniques, adjust the timing of testing from what otherwise would be expected, or perform procedures at locations on an unannounced basis.

Audit Plan

-a list of the audit procedures auditors need to perform to gather sufficient appropriate evidence on which to base their opinion on the financial statements -very detailed -covers all procedures(risk assessment, test of controls and substantive)

First Year Considerations of an Audit

-auditors should obtain sufficient appropriate evidence about whether the opening balances for the various accounts contain misstatements that materially affect the current period's financial statements -required to determine whether the prior period's closing balances were properly brought forward to the current period, and whether those balances reflect the application of appropriate accounting policies. (AICPA AU-C 510; PCAOB 2610) -successor auditors will contact predecessor auditors for these working papers -in cases in which no satisfactory recent audit has been performed, an extensive analysis of transactions of prior years will be necessary to establish account balances as of the beginning of the current year.

What circumstances would make the client less auditable?

-can't perform an independent audit (ex: my cousin works at client org) -competency (we can't handle this large of a client fi we are small auditting firm) -services currently provided (we are already their consutling firm)

4. Perform further audit procedures

-combo of tests of controls and substantive procedures

Analytical Procedures

-comparisons of financial statement balances and ratios for the period under audit with auditor expectations developed from sources such as the client's prior years' financial statements, published industry statistics, and budgets. -for risk assessment: assist the auditors in planning the nature, timing, and extent of audit procedures that will be used for the specific accounts;approach used is one of obtaining an understanding of the client's business and transactions and identifying areas that may represent higher risks -Auditors perform analytical procedures as a part of the risk assessment process for every audit.

time budget

-constructed by estimating the time required for each step in the audit plan for each of the various levels of auditors and totaling those estimated amounts -time budget also communicates areas the manager or partner believes are of high risk and require more time -important tool of the audit senior, who uses it to measure the efficiency of the staff and to determine at each stage of the engagement whether the work is progressing at a satisfactory rate

1. Plan the Audit

-develop an understanding with client (services to be done and responsibilities of each party) -audit strategy, audit plan and audit program are made -includes determining the analytical and other procedures to be applied as risk assessment procedures, the level of materiality, and the likely need for specialists -use a risk-based approach always considering possible financial misstatements -depending on if the client is new, the audit may need to first get a sufficient understanding of the client before planning can begin

In determining whether a risk is a significant risk, the auditors ignore the effects of the client's controls and consider

-the nature of the risk. -the likely magnitude of the potential misstatement(s) that may occur. -the likelihood of the misstatement occurring.

3. Assess the risks of misstatement and design further audit procedures.

-understanding of the client and its environment to identify account balances, transactions, and disclosures that might be materially misstated. -auditors consider What could go wrong? How likely is it that it will go wrong? What are the likely amounts involved? -procedures provide the auditors with evidence on inherent and control risks for significant assertions.

Client Acceptance

1) Audit risk vs engagement risk: is it too risky (regarding either failure to find material misstatements or reputation); circumstances that would make the client less auditable 2) Determine reason for audit 3)Communication with previors auditor *required* 4) establish understanding with client regarding services to be performed: must include - 1) objective 2) what management is responsible for 3) audit of financials includes understanding ICS but not designed to provide assurance on ICs or their deficiencies *PRIVATE COMPANIES* 4) engagement letter

Circumstances the make a client less auditable?

1) competence issues - audit firm doesn't have the skill set or resources to do that audit; the client is specialized and we don't have the experience to do the audit 2) independence issues- family relationships on both sides of audit and client 3) services- if our firm is already doing consulting, we cannot do auditing services

Reponding to risks of material misstatements (two things)

1) fianancial statement risks: risks that apply to the whole financial statements (managers aren't trustworthy) -we use more experienced staff -increase supervision on our staff and workpapers -unpredicatble procedures (we don't want them to know what we are are going to do and when) -increase our scope (broader and deeper audit) -increased emphasis professional skepticism 2) relevant assertion level risks: risks that apply to a particular account (ex: they way our client records cash) -adjust nature, timing and extent of audit procedures in identified risk areas

What are manangements' responsibilites?

1) financial statements 2) effective internal controls over financial reporting 3) compliance with laws and regs 4) providing a representation letter to auditor at conclusion of audit 5) adjusting financial statements for material misstatemnts

Questions asked by new auditor to old auditor (client acceptance)

1) integrity of the client management - do they seem ethical? 2)reasons for the auditor change 3) significant disagreements that the old auditor and the client had 4) internal control weaknesses that the client had 5) any communications with governance that the prior auditor had

When establishing an understanding with a client regarding services performed, what must be included?

1) the objective of the audit is an expression of opinion 2)management responsibilities 3) audit of financial statements includes obtaining and understanding of ICs - not to be performed to provide assurance on ICs or to identify significant deficiencies

plannning an audit materiality steps (helps with scope):

1)consider materiality at the level of the financial statements as a whole 2)Then, for accounts, classes of transactions and disclosures for which misstatements of a lesser amount could influence the decisions of users, they determine lower materiality levels.

Stages of an Audit

1. Plan the audit 2.Obtain understanding of client, its environment, and internal control 3. Assess the risks of misstatement and design further audit procedures. 4. Perform further audit procedures. 5. Complete the audit. 6. Form an opinion and issue the audit report.

substantive procedures

Tests of account balances and transactions designed to detect any material misstatements in the financial statements. -test details of transactions, account balances and disclosures -the nature, timing, and extent of substantive procedures are determined by the auditors' assessment of risks and their considerations of the client's internal controls -remember this is the accounting data that sits under the test of controls -performed to restrict detection risk, the risk that auditors will not detect a material misstatement

audit plan

a high-level description of the nature, timing, and extent of 1) Planned risk assessment procedures sufficient to assess the risks of material misstatement. 2) Planned further audit procedures for each material class of transactions, account balance, and disclosure. This includes tests of controls and substantive procedures. 3) Other audit procedures in order to comply with generally accepted auditing standards.

Engagement Letter

legally binding/ executory contract; includes 1) timing, client assistance (the scope) 2) assurance per GAAS or PCAOB *not guaranteed* 3) arrangements with predecessor auditor 4) fees and billing arrangements 5) specialists to be used 6) limitations of liability 7) other services provided if applicable (ex: tax returns)

Audit Program

list of audit procedures for an audit area or an entire audit; the audit program always includes audit procedures and may also include sample sizes, items to select, and timing of the tests

SOX 2002 says that audit committee members should not

receive any consulting, advisory, or other compensatory fee from the company, or be in any way affiliated with the company

communication with predecesssing auditor is..

required. -important because helps us to assess engagement risk -need to get permission from potential client first; if they say no then it is a deal-breaker; if previous auditor says no then red-flag

dual-purpose procedures

serve as both a test of controls and a substantive test of the details of the transactions that occurred during the year.

Audit Committees are required by

the New York Stock Exchange, the American Stock Exchange, and NASDAQ.

For a nonpublic client, if the terms of the audit engagement do not need to be revised for the current year audit,

the auditors should decide whether they wish to issue an engagement letter for the current year.

To verify the client's rights to plant assets,

the auditors should inspect documentary evidence such as property tax bills, purchase documents, and deeds.

he relationship is that as materiality increases,

the auditors will need less evidence because their audit is based on a less precise measure.

The first step in substantiating an asset is to verify

the existence of the item

Performance Materiality

the materiality amount(s) for segments of the audit, set by the auditor at less than materiality for the financial statements as a whole (introduced by SAS and IAS); it was brought about because some areas require lower amounts of materiality - its more of a concept

The appropriate financial statement base for computing materiality will vary based on

the nature of the client's business.

Audit Committee

the outside, independent board of director members responsible for financial reporting, regulatory compliance, internal control, and hiring and overseeing internal and external auditors -must have at least three independent directors; members must be financially literate and at least one must be a financial expert -audit committee must be responsible for appointment, compensation, and oversight of the auditors.

the scope of the auditors' procedures for an account is directly related to

the risk of material misstatement of that account; auditors will perform extensive procedures on an account with a high risk of material misstatement

transaction cyle

the sequence of procedures applied by the client in processing a particular type of recurring transaction.

When the auditors are testing the completeness of assets,

they are looking for assets that have been acquired but not recorded in the accounting records.