Auditing - Test 1
Terms in this set (104)
Two parts of independence?
Fact and Appearance to 3rd Parties
2 Parts of materiality
Dollars and qualitative factors
National Accounting Organization?
State Accounting Organization
Facts about SEC
- Law of 1933 & 1934
-Sets Code of Ethics
-Statutory authority for issuing accounting rules
What does the state board of CPAs of LA do?
-Issue CPA Cert
-Has code of ethics
- Requires 120 hours of CPE every three years
-Requires peer reviews
-Grants and takes away CPA Cert
How many member of PCAOB?
What does PCAOB set and enforce?
-Quality Control Standards
What is the PCAOB generally responsible?
-Set and enforce auditing standards
-Inspect auditing operations
-Require rotation of lead audit partner and reviewing every 5 years
-Extend statute of limitations for discover of fraud to 2 years from date of fraud discovery and 5 years after fraud
What are the two attest options for a Public Co?
1. Attest to fairness of F/S
2. Attest to Mgmt's assertion of effective internal control
They both must be issued by the same firm
What is Sarbanes Oxley 302?
Deals with the F/S.
States CEOs and CFOs must personally certify that:
-They are responsible for disclosure controls and procedures
- The report is accurate, complete, and fairly presented
-Have disclosed to the audit committee significant control deficiencies and material weaknesses, acts of fraud, and significant changes in financial reporting internal controls
What is Sarbanes Oxley Section 404?
Deals with Internal Controls
-The company must perform an annual evaluation of IC over the financial reporting.
-An independent auditor must issue an opinion on the effectiveness of the IC over financial reporting
What are the accounting rule making bodies?
FASB - Constitute GAAP and F/S footnotes
PCAOB - rule of public companies
AICPA Auditing Standards Board - issue SASs
What are the auditor's objectives?
Obtain assurance that F/S are free from material misstatments.
Report on F/S in accordance with CPA's findings
When do you issue a modified opinion?
When F/S are not fairly presented
-You discuss this with management
-If they don't change the F/S, issue modified opinion
-Unable to obtain sufficient appropriate audit evidence.
See Chart for the types of opinions
What are the parts of the audit report?
-Mgmt's responsibilities for F/S
Other Reporting Responsibilities
-Signature of Auditor
-Date of Audit Report
-If modified opinion, reason for opinion
What is CPA mobility?
The ability of a licensee to practice outside their principle place of business
What are the broad principles of the AICPA Code of Ethics?
-Professional and moral judgement
-Objectivity & Independence
- Scope and nature of services
Who is a covered member by AICPA Code of Ethics?
-Auditors on attest engagements
-individual in position to influence the engagement
-partner or manager providing no-attest services of 10 or more hours
-partner in local/lead attest office
-The firm, including its employee benefit plan
-Entitiy whose operating financial, or acct. policies can be controlled by those above
What qualifies as a covered members immediate family?
-Dependent - whether related or not
What does a covered member have to do to remain independent during an engagement?
-Direct or material indirect financial interest in client
-Trustee or executor that has or is committed to acquiring a direct or material indirect financial interest in a client
-Joint, closely held business investment material to the covered member
-Loan to or from client, officer, director, or stockholder owning 10% or more
-Partner or professional employee, his family, or a group acting together cannot own more than 5% of the clients stock
-During the F/S period of the professional engagement a partner/professional employee cannot be a director, officer or employee; promoter, underwriter, or voting trustee; or a trustee for pension or profit-sharing trust of client
When are there exceptions to the personal loan ethics rule for an existing client?
-Loans fully collateralized by cash deposits at same financial institution
-Unpaid credit card balances not exceeding $10,000
-Insurance policy loans fully callateralized by policy surrender value
When are there exceptions to the personal loan ethics rule for a pre-existing client?
You can accept a new financial institution as a cli9ent even if member of the CPA firm have existing:
-fully collateralized secured loans
-immaterial loans with the institution
What is the period of the professional engagement?
Begins with the signing of the engagement letter or when the attest engagement begins, whichever come first. It last the entire professional relationship. It does not end with the issuing of the report, but when formal or informal notification of the termination of the engagement by the member or client
Who is considered a close relative?
Immediate family cannot work for the client except when?
-If the immediate family is not in key position
-If the partner or manager provides less than 10 hours of non-attest services to the client
When can close relatives impair independence?
-When they hold a key position with a client
-When they have material financial interest in a client and the auditor know about it
-When they can exercise significant influence over the client
What qualifies as a key position?
-Being responsible for significant accounting functions in the F/S
-Primary responsibility for preparing F/S
-Ability to exercise influence over F/S contents
-If attest not involving F/S
Is it okay to do book keeping and attest service for the same company?
It is not okay if the client is governed by the SEC. For non-SEC clients a "missatement entry" can be made with the note "To correct a mistake made by _______"
What type of book keeping is not okay when auditing non SEC clients?
-Authorizing, executing or consummating a transaction
-Preparing source documents
-Supervising client employees in their normal recurring duties
-Having custody of client assets
-Determining which recommendation to implement
-Reporting to the board of directors on behalf of management
-Serving as a client's stock transfer or escrow agent, registrar, general counsel or its equivalent
What kind of functions can not be performed for public clients?
-Information systems design
-Appraisals or valuation services
-Management and HR
-Broker / dealer and investment services
-Requires pre-approval of audit committee of tax services on a case by case basis
What does AICPA rule 202 have to do with?
Compliance with standards
What does AICPA rule 203 deal with?
What does AICPA rule 101 deal with?
What does the AICPA rule 102 deal with?
Integrity and Objectivity
What does AICPA rule 201 deal with?
General standards such as:
-Planning and Supervision
-Sufficient relevant data
What does AICPA rule 301 deal with?
Confidential client information
What are exceptions to rule 301?
-To comply with rule 202 and 203
Are contingent fees allowed for tax return prep?
Are contingent fees allowed for nonattest services?
Are referral fees allowed?
If you disclose that you get the referral fee
What is an audit?
Formalized process designed to obtain reasonable assurance that F.S are free of any material misstatement whether caused by errors, frauds, and/or illegal acts with respect to the management assertions embodied in a F/S
What does RMM stand for?
Risk of material misstatement
What are the factors of sufficient appropriate audit evidence?
-Sufficient - quantity
-Appropriate - quality
-relevant - logical connection to audit
-reliable - based on source docs
-Use of a specialist
-Absence of information
-Information from previous audits
Cumulative in nature
What are risk assessment procedures?
Sources of audit evidence
-inspection of documents and assets
-inquiries of mgmt
Further audit procedures
-test of controls
What are the tests of controls?
-The design of the controls
-The operating efficiency (are they being used)
What are substantive procedures?
-Doing substantive anlytical proceudres (ratios)
How can the audit team respond after the RMM test?
-Changing level of substantive testing
-Changing experience level of audit staff
Changing the level of professional e
What do you design and perform substantive testing for?
-All relevant assertions related to each material class of transactions, account balances, and disclosures
-Irrespective of the assessed risk of material misstatement
-If assessed RMM is significant, should perform substantive procedures related to that risk
-Interim testing needing to brought forward for YTD
**What are the audit assertion?
Classes of transactions
-rights & obligations
-valuation or allocation
Presentation & disclosure
-occurrence, rights, and obligations
-classification and understandably
-accuracy and valuation
What is the audit risk?
Risk that CPA will express and inappropriate opinion when F/S are materially mistated
What is the risk of material misstatements?
F/S RMM=IR X CR
-Inherent risk - risk of material misstatement in an account or balance before considering internal control
- Control Risk - risk of material error or fraud not being caught by audit client's internal controls
What do you issue you are unable to obtain sufficient appropriate audit evidence?
Qualified or disclaim an opinion on F/S
What is the RMM formula?
RMM = IR X CR
What is the audit risk formula?
AR = RMM X DR
-DR - risk CPA will not detect material misstatement on audit
What type of relationship do RMM and DR have?
What type of relationship do DR and substantive testing?
What constitutes materiality?
a misstatement that could reasonably influence the decison of users of the F/S
What are benchmarks used in determining materiality?
-percentages of total
-Items of importance to F/S users
-Nature of business or industry ownership structure (finance & debt)
-relative volitility of the benchmark
-use of professional judgement
-governmental entity - total cost, assets
What is performance materiality?
amounts set by CPA which is less than F/S materiality for classes of transaction, account balance, or disclosure
What do you need to document for materiality?
-document materiality as a whole
-document materiality of each class
-document performance materiality
-document revisions of any of the above
What types of sampling are there?
Review Alph and Beta Chart
Assessing control risk to high is alpha or beta?
Assessing control risk too low is alpha or beta?
What can a company do that results in less substantive testing?
Have better internal controls
What must you consider about the entity and the environment when testing internal controls?
- industry, regulation, and other external factors
-nature of the entity and its corporate governance
-the objectives, strategies, and related business risk that may result in material misstatements in the F/S
-how the company measures and reviews its financial performance and how they reward management for meeting objectives
-selection and application of accounting principles
What are internal controls designed to do?
help a company reach its objectives regarding:
- reliable financial reporting
-effectiveness and efficiency of operations
-Compliance with laws and regulations
help a company safeguarding assets against:
-unauthorized acquisition, use, or disposition
-related to both reliable financial reporting and effectiveness
*** What are the components of internal control?
-entity's Risk assessment process
-Information & communication
What has to be reviewed to assess risk related to the F/S?
-changes in operating envirnment
-new IT systems
-new business products
-expanded foreign operations
-new accounting pronouncements
List control activities
-segregation of duties
-information processing IT (general and application based)
What are the required substantive procedures?
performing substantive tests for all relevant assertions related to each material:
-class of transactions
-regardless of RMM
-analytical procedures alone is not enough
Agreeing F/S and notes to the accounting recortds
Examining material journal entries made in preparing F/S
* what happens if you can't obtain sufficient appropriate evidence of internal controls?
What should be communicated to management about internal controls?
-significant deficiencies, even if corrected during the audit
Who must weaknesses in internal controls be reported to?
Mgmt who have the power to take remedial action
How soon must internal control weaknesses be reported to mgmt?
no later than 60 days after the F/S is released
Can you state that no significant deficiencies were found?
No - You may state no material weaknesses were found
What is a control deficiency?
Deficiency in the design of operation or I/C that does not allow mgmt or employees to prevent or detect and correct a misstatement
What is a material weakness in controls?
Deficiency that results in a reasonable possibility that a material misstatement in F/S will not be prevented or detected
What is a significant control deficiency?
deficiency that is less severe than a material weakness yet important enough to merit attention by those in charge of governance.
Rate the control deficiencies from least severe to most severe
1. control deficiency 2 significant deficiency 3. jmaterial weakenss
List some indicators of material weaknesses
- fraud by senior mgmt, whether material or not
- Restatement of prior F/S due to material error or fraud
- CPA identified material misstatements that were were not identified by entity's IC
- ineffective oversight of FR and I/C by governance
List some examples of control deficiencies in the design process
-design over F/S
-design over significant accountor process
-Control consciousness (tone from the top down)
-No segregation of duties
-no safeguarding of assets
-Poor IT controls
-no monitoring of controls
-no timely reporting of control deficiencies
-lack of training and qualification in the risk assessment process
List examples of control deficiencies in the operations process
-lack of dual authorization for disbursements
-failure to obtain timely info
-no timely or accurate reconciliations
-bias in acct. decisions (to help the bottom line)
-misrepresentation by client to CPA
-mgmt override controls
Look over the last page of slides from internal controls
What are the terms of an engagement?
The precondition on which an audit is done. This includes:
-agreement with mgmt on its responsibilities
-acceptable financial reporting framework
-fair presentation of F/S
-provide CPOA with all relevant information and unrestricted access to persons
When should you not accept an engagement?
-If mgmt imposes limit that will result in disclaimer
-financial reporting framework is not acceptable
- agreement about mgmt's responsibilities is not reached
-If mgmt will not allow their previous auditor to respond to inquiries
What actions should be taken if mgmt wants to change the agreement of their responsibilities?
If it is without reasonable justification you can withdraw, communicate with corporate governance, and determine if legal or contractual obligation to report to other parties exist.
List some scope limitations that might hinder rendering a clean opinion
-any limits imposed that mgmt that might cause the auditors to issues a disclaimer
-limitation imposed by mgmt that might result in a qualified opinion
-limitations that arise that beyond mgmt's control
-if an audit of employee benefit plans required by law allow a disclaimer, then the CPA cannot accept
What is included in an engagement letter?
-The audit objective
-CPA audit is in accordance with GAAS
-CPA understands entity, its environment, and I/C enough to assess risk of material misstatements
-List any use of a specialist
-List any use of internal auditors
-the ability to contact the previous auditor
-the restrictions of a CPA's liability when prohibited
-When CPA will provide documentation to other parties (peer review)
-services related to regulatory requirements
-further agreements/services by CPAs
-arrangements for audits of components (subsidiaries)
-nonattest services, tax returns
What should the auditor obtain when contacting the previous auditor?
-integrity of mgmt
-fraud and noncompliance
-significant deficiencies and material weakness in I/C
-reasons for the change of auditor
-if previous auditor cannot legally speak to you, then indicate the response was limited
Before starting an audit on a new client, what should you do first?
Contact the previous auditor
What are the general purpose accounting frameworks?
You must select which framework will be used before starting audit
What is involved in the planning stage of an audit?
-stating ethical standards and Independence
-Do preliminary planing such as engagement letters, budgets, audit strategy, materiality determination, and putting together audit program
-assess the risk of material misstatment and document
-document risk of errors, fraud, direct illegal acts
-complete audit programs
What do you do when you find clearly trivial misstatements during audit?
do not accumulate them
What do you do when you find misstatements that are not individually material?
What do you consider when you find misstatements to help decide what you should do?
-is the misstatement an isolated occurrence?
-is there a breakdown in IC?
-is it inappropriate assumptions or valuation methods that are widely used?
-Does it approach materiality?
-consider undetected ones due to sampling risk and nonsampling risk
What are the two options when you find material misstatements?
1. tell mgmt who has authority to take actions
2. when laws might restrict you from taking to mgmt, consult your attorney
What should you ask Mgmt to correct upon discovery during and audit?
-All factual misstatements
-projections from sampling
-differences in estimates
-consider getting them to correct quantitative
-material mistakes that the entity would not have otherwise detected due to material weaknesses
List some qualitative factors that affect materiality
-affects regulatory compliance
-affects compliance with debt covenants or contracts
-immaterial in current period but material in future
masks changes in earnings or trends
-affects a significant segment
-increases mgmts compensation
-affects earnings forecasts
-involves certain parties related to mgmt
-important to financial results
-misclassifies and item (operating vs. non operating)
-offsets individually significant but different misstatements
-too costly to correct
-risk of possible additional undetected misstatements
-changes loss to income or vice versa
-involves violations of contracts
-involves conflicts of interest
-has significant relative to user needs
-precision of the estimates
-indicated bias by mgmt
What must be communicate b/w the auditor and the company governance?
1. auditor's responsibilities
2. overview of the planned scope and timing of the audit
3. significant findings or issues from the audit
4. uncorrected misstatements
Over what do disagreements with mgmt arrise?
-application of accounting principles
-basis for mgmt's judgement about estimates
-scope of the audit
-disclosures to be included in the entity's F/S
-wording of the audit report
What can the auditor do if items are not resolved through communication with governance?
-modify audit opinion on basis of scope limitation
-obtain legal advice
-communicate with regulators, ownership, or gov. agencies
-withdraw from the engagement