Description
TABLE OF CONTENTS
1 Introduction and Overview of Audit and Assurance 1-1
1.1 Auditing and Assurance Defined 1-4
1.2 Demand for Audit and Assurance Services 1-6
1.2.1 Financial Statement Users 1-6
1.2.2 Sources of Demand for Audit and Assurance Services 1-7
1.2.3 Theoretical Frameworks 1-8
1.2.4 Demand in a Voluntary Setting 1-9
1.3 Different Assurance Services 1-10
1.3.1 Financial Statement Audits 1-10
1.3.2 Compliance Audits 1-12
1.3.3 Performance Audits 1-12
1.3.4 Comprehensive Audits 1-13
1.3.5 Internal Audits 1-13
1.3.6 Corporate Social Responsibility (CSR) Assurance 1-13
1.4 Different Levels of Assurance 1-14
1.4.1 Reasonable Assurance 1-14
1.4.2 Limited Assurance 1-17
1.4.3 No Assurance 1-17
1.5 Different Audit Opinions 1-20
1.6 Preparers and Auditors 1-22
1.6.1 Preparer Responsibility 1-22
1.6.2 Auditor Responsibility 1-23
1.6.3 Assurance Providers 1-24
1.7 The Role of Regulators and Regulations 1-25
1.7.1 Regulators, Standard Setters, and Other Bodies 1-25
1.7.2 Legislation 1-26
1.7.3 Regulation 1-27
1.8 The Audit Expectation Gap 1-29
2 Ethics, Legal Liability, and Client Acceptance 2-1
2.1 The Fundamental Principles of Professional Ethics 2-3
2.1.1 The Fundamental Ethical Principles 2-4
2.1.2 Specific Rules Incorporating the Principles of Professional Ethics 2-5
2.1.3 Framework for Ethical Dilemmas 2-6
2.2 Professional Judgement and Professional Scepticism 2-7
2.2.1 A Decision-Making Framework for Applying Professional Judgement 2-7
2.2.2 Improving Professional Scepticism 2-8
2.3 Independence 2-9
2.3.1 Threats to Independence 2-10
2.3.2 Safeguards to Independence 2-13
2.4 The Auditor’s Relationships with Others 2-17
2.4.1 Auditors and Shareholders 2-17
2.4.2 Auditors and the Board of Directors 2-17
2.4.3 Auditors and the Audit Committee 2-18
2.4.4 Auditors and Internal Auditors 2-18
2.5 Legal Liability 2-19
2.5.1 Legal Liability to Clients 2-20
2.5.2 Contributory Negligence 2-21
2.5.3 Legal Liability to Third Parties 2-21
2.5.4 Avoidance of Litigation 2-23
2.6 Client Acceptance and Continuance Decisions 2-24
3 Audit Planning I 3-1
3.1 Phases of an Audit 3-4
3.1.1 Risk Assessment Phase 3-4
3.1.2 Risk Response Phase 3-6
3.1.3 Concluding and Reporting on an Audit 3-6
3.2 Gaining an Understanding of the Client 3-6
3.2.1 Entity Level 3-7
3.2.2 Industry Level 3-9
3.2.3 Economy Level 3-10
3.3 Related Parties 3-11
3.4 Fraud Risk 3-13
3.4.1 Incentives and Pressures to Commit a Fraud 3-14
3.4.2 Opportunities to Perpetrate a Fraud 3-14
3.4.3 Attitudes and Rationalizations to Justify a Fraud 3-15
3.4.4 Audit Procedures Relating to Fraud 3-16
3.5 Going Concern 3-17
3.5.1 Going Concern Risk—Indicators 3-17
3.5.2 Going Concern Risk—Mitigating Factors 3-18
3.6 Auditing Estimates and Related Disclosures 3-19
3.6.1 Risk Assessment and Estimation Uncertainty 3-19
3.6.2 Estimates and the Entity Level Risk Assessment 3-20
3.7 Corporate Governance 3-21
3.8 Information Technology 3-22
3.9 Financial Reporting and Closing Procedures 3-24
4 Audit Planning II 4-1
4.1 Audit Risk 4-3
4.1.1 The Audit Risk Model and Its Components 4-5
4.1.2 Quantification of the Audit Risk Model 4-11
4.2 Materiality 4-12
4.2.1 Qualitative and Quantitative Factors 4-12
4.2.2 Materiality and Audit Risk 4-16
4.3 Audit Strategy 4-17
4.4 Client Approaches to Measuring Performance 4-21
4.4.1 Profitability 4-21
4.4.2 Liquidity 4-22
4.5 Analytical Procedures 4-22
4.5.1 Comparisons 4-24
4.5.2 Trend Analysis 4-24
4.5.3 Common-Size Analysis 4-25
4.5.4 Ratio Analysis 4-25
4.5.5 Analysis with Technology 4-28
4.5.6 Factors to Consider when Conducting Analytical Procedures 4-29
5 Audit Evidence 5-1
5.1 Assertions 5-4
5.2 Types of Audit Evidence 5-7
5.2.1 Sufficient Appropriate Audit Evidence 5-7
5.2.2 External Confirmations 5-9
5.2.3 Documentary Evidence 5-13
5.2.4 Representations 5-14
5.2.5 Verbal Evidence 5-17
5.2.6 Computational Evidence 5-17
5.2.7 Physical Evidence 5-18
5.2.8 Electronic Evidence 5-18
5.3 Persuasiveness of Audit Evidence 5-19
5.3.1 Internally Generated Evidence 5-19
5.3.2 Externally Generated Evidence Held by the Client 5-20
5.3.3 Externally Generated Evidence Sent Directly to the Auditor 5-20
5.4 Using the Work of an Expert 5-21
5.4.1 Assessing the Need to Use an Expert 5-21
5.4.2 Determining the Scope of the Work to Be Carried Out 5-21
5.4.3 Assessing the Competence and Capability of the Expert 5-22
5.4.4 Assessing the Objectivity of the Expert 5-22
5.4.5 Assessing the Expert’s Report 5-22
5.4.6 Responsibility for the Conclusion 5-22
5.5 Using the Work of Another Auditor 5-23
5.6 Evidence-Gathering Procedures 5-24
5.7 Drawing Conclusions 5-26
5.8 Documentation—Audit Working Papers 5-27
5.8.1 Permanent File 5-28
5.8.2 Current File 5-29
6 Sampling and Overview of the Risk Response Phase of the Audit 6-1
6.1 Audit Sampling 6-3
6.2 Sampling and Non-Sampling Risk 6-4
6.2.1 Sampling Risk and Tests of Controls 6-4
6.2.2 Sampling Risk and Substantive Procedures 6-5
6.2.3 Non-Sampling Risk 6-6
6.3 Statistical and Non-Statistical Sampling 6-7
6.4 Sampling Techniques and Factors Affecting Sampling 6-8
6.4.1 Sampling Techniques 6-8
6.4.2 Factors to Consider when Selecting a Sample 6-10
6.5 Factors that Influence the Sample Size—Testing Controls 6-12
6.6 Factors that Influence the Sample Size—Substantive Testing 6-13
6.6.1 Factors that Influence Sample Size when Performing Substantive Tests 6-13
6.6.2 Techniques for Performing Substantive Tests 6-14
6.7 Evaluating Sample Test Results 6-16
6.8 Tests of Controls and Substantive Procedures 6-18
6.8.1 Tests of Controls 6-19
6.8.2 Substantive Procedures 6-20
6.9 Nature, Timing, and Extent of Audit Testing 6-22
6.9.1 Nature of Audit Testing 6-22
6.9.2 Timing of Audit Testing 6-23
6.9.3 Extent of Audit Testing 6-24
7 Understanding and Testing the Client’s System of Internal Controls 7-1
7.1 The System of Internal Control Defined 7-4
7.2 Objectives of Internal Controls 7-5
7.3 System of Internal Controls 7-6
7.3.1 The Control Environment 7-7
7.3.2 The Entity’s Risk Assessment Process 7-10
7.3.3 Information Systems and Communication 7-11
7.3.4 Control Activities 7-12
7.3.5 Monitoring of Controls 7-14
7.3.6 Internal Control in Small Entities 7-15
7.4 Types of Controls 7-16
7.4.1 Preventive and Detective Controls 7-17
7.4.2 Manual and Automated Controls 7-20
7.5 Selecting and Designing Tests of Controls 7-24
7.5.1 Which Controls Should Be Selected for Testing? 7-24
7.5.2 How Much Testing Does the Auditor Need to Do? 7-25
7.6 Documenting and Testing Internal Controls 7-29
7.6.1 Documenting Internal Controls 7-29
7.6.2 Testing Internal Controls 7-30
7.7 Results of the Auditor’s Testing 7-33
7.8 Documenting Conclusions 7-35
7.9 Identifying Strengths and Weaknesses in a System of Internal Controls 7-37
7.10 Management Letters 7-38
8 Execution of the Audit—Performing Substantive Procedures 8-1
8.1 Overview of Substantive Procedures 8-3
8.1.1 Substantive Procedures and Assertions 8-3
8.1.2 Definition of Substantive Procedures 8-6
8.2 Relationship Between Risk Assessment and the Nature, Timing, and Extent of Substantive Procedures 8-8
8.3 Substantive Audit Procedures 8-10
8.3.1 Tests of Details 8-10
8.3.2 Analytical Procedures 8-12
8.3.3 Performing Substantive Testing Using Technology 8-15
8.4 Levels of Evidence 8-16
8.4.1 Persuasive 8-16
8.4.2 Corroborative 8-17
8.4.3 Minimal 8-18
8.4.4 General 8-19
8.5 Auditing Accounting Estimates 8-19
8.6 Evaluating and Documenting Substantive Analytical Procedures’ Results 8-21
8.6.1 Evaluating Errors Identified in Testing 8-22
8.6.2 Concluding and Documenting the Results of Substantive Procedures 8-22
9 Audit Data Analytics 9-1
9.1 What Are Data Analytics? 9-3
9.1.1 How Audit Data Analytics Are Used 9-4
9.1.2 When Audit Data Analytics Are Used 9-5
9.1.3 Techniques Used for Audit Data Analytics 9-6
9.2 Data Considerations 9-8
9.2.1 Types of Data 9-9
9.2.2 Data Access 9-9
9.2.3 Data Quality 9-9
9.2.4 Data Relevance and Reliability 9-10
9.2.5 Documentation 9-12
9.2.6 The Data Life Cycle 9-12
9.3 The Audit Data Analytic (ADA) Five-Step Process 9-13
9.3.1 Plan the ADA 9-14
9.3.2 Access and Prepare the Data 9-15
9.3.3 Consider the Data’s Relevance and Reliability 9-16
9.3.4 Perform the ADA 9-16
9.3.5 Evaluate the Results 9-17
9.3.6 Additional Issues to Consider when Performing an ADA as a Risk Assessment Procedure 9-18
9.4 Audit Data Analytics as a Substantive Analytical Procedure 9-24
9.4.1 Regression Analysis 9-24
9.5 Audit Data Analytics as a Substantive Test 9-27
9.5.1 Substantive Testing 9-27
9.5.2 ADA Example of Accounts Receivable and Revenue 9-28
9.5.3 ADA Example of Payroll 9-30
9.6 Features of a Good Visualization 9-33
10 Auditing Sales and Receivables 10-1
10.1 Audit Objectives 10-3
10.2 The Process for Credit Sales Transactions 10-6
10.2.1 Credit Sales Transactions 10-6
10.2.2 Cash Receipts Transactions 10-9
10.2.3 Sales Adjustment Transactions 10-11
10.3 Audit Strategy 10-12
10.3.1 Understanding the Entity and Its Environment 10-12
10.3.2 Analytical Review 10-13
10.3.3 Inherent Risk Assessment 10-13
10.3.4 Internal Controls 10-15
10.3.5 Final Assessment 10-20
10.4 Determining an Acceptable Level of Detection Risk 10-21
10.5 Designing Substantive Procedures 10-23
10.5.1 Initial Procedures 10-25
10.5.2 Analytical Procedures 10-25
10.5.3 Tests of Details of Transactions 10-26
10.5.4 Tests of Details of Balances 10-27
10.5.5 Evaluating Adequacy of the Allowance for Doubtful Accounts 10-31
10.5.6 Disclosure 10-31
11 Auditing Purchases, Payables, and Payroll 11-1
11.1 Audit Objectives 11-3
11.2 The Process for Purchase Transactions 11-6
11.2.1 Purchase Transactions 11-6
11.2.2 Payment Transactions 11-10
11.3 The Process for Payroll Transactions 11-11
11.3.1 Hiring Employees 11-12
11.3.2 Authorizing Payroll Changes 11-13
11.3.3 Preparing Attendance and Timekeeping Data 11-13
11.3.4 Preparing the Payroll 11-13
11.3.5 Recording the Payroll 11-13
11.3.6 Paying the Payroll and Protecting Unclaimed Wages 11-14
11.4 Audit Strategy 11-15
11.4.1 Understanding the Entity and Its Environment 11-15
11.4.2 Analytical Review 11-16
11.4.3 Inherent Risk Assessment 11-16
11.4.4 Internal Controls 11-17
11.4.5 Final Assessment 11-23
11.5 Determining an Acceptable Level of Detection Risk 11-24
11.6 Designing Substantive Procedures 11-26
11.6.1 Initial Procedures 11-27
11.6.2 Analytical Procedures 11-28
11.6.3 Tests of Details of Transactions 11-28
11.6.4 Tests of Details of Balances 11-29
11.6.5 Disclosure 11-31
12 Auditing Inventories and Property, Plant, and Equipment 12-1
12.1 Audit Objectives: Inventory 12-4
12.2 Custody of Inventory and Maintenance of Inventory Records 12-5
12.2.1 Maintaining Inventory Records 12-6
12.2.2 Physical Comparison of Inventory with Inventory Records 12-7
12.2.3 Determining and Recording Inventory Costs 12-9
12.3 Audit Strategy: Inventory 12-10
12.3.1 Inherent Risk Assessment 12-10
12.3.2 Control Risk Assessment 12-12
12.4 Substantive Procedures for Inventories 12-14
12.4.1 Initial Procedures 12-16
12.4.2 Analytical Procedures 12-16
12.4.3 Tests of Details of Transactions 12-17
12.4.4 Tests of Details of Balances 12-17
12.4.5 Testing Inventory Pricing 12-20
12.4.6 Confirming Inventories at Locations Outside the Entity 12-21
12.4.7 Examining Consignment Agreements and Contracts 12-22
12.4.8 Disclosure 12-22
12.5 Audit Objectives: Property, Plant, and Equipment 12-23
12.6 Audit Strategy 12-25
12.7 Designing Substantive Procedures for Property, Plant, and Equipment 12-26
12.7.1 Initial Procedures 12-28
12.7.2 Analytical Procedures 12-29
12.7.3 Tests of Details of Transactions 12-29
12.7.4 Tests of Details of Balances 12-30
12.7.5 Disclosure 12-31
13 Auditing Cash and Investments 13-1
13.1 Audit Objectives for Cash 13-4
13.2 Audit Strategy for Cash 13-5
13.2.1 Bank Reconciliations 13-6
13.2.2 Imprest Accounts 13-6
13.3 Substantive Procedures for Cash Balances 13-9
13.3.1 Initial Procedures 13-9
13.3.2 Analytical Procedures 13-9
13.3.3 Tests of Details of Transactions 13-9
13.3.4 Tests of Balances 13-12
13.3.5 Disclosure 13-16
13.4 Special Considerations for Cash Balances 13-17
13.4.1 Detecting Lapping 13-17
13.4.2 Auditing Imprest Petty Cash Funds 13-19
13.4.3 Auditing Imprest Bank Accounts 13-19
13.5 Audit Objectives for Investments 13-20
13.6 Audit Strategy for Investments 13-21
13.6.1 Control Environment 13-22
13.6.2 Functions and Related Controls 13-22
13.7 Substantive Procedures for Investments 13-23
13.7.1 Initial Procedures 13-24
13.7.2 Analytical Procedures 13-25
13.7.3 Tests of Details of Transactions 13-25
13.7.4 Tests of Details of Balances 13-25
13.7.5 Disclosure 13-26
13.8 Auditing Consolidated Financial Statements 13-27
13.8.1 Audit Strategy for Consolidated Financial Statements 13-28
13.8.2 Substantive Procedures 13-28
14 Completing and Reporting on the Audit 14-1
14.1 Engagement Wrap-Up 14-5
14.1.1 Sufficient Appropriate Audit Evidence 14-7
14.1.2 Evaluating Audit Evidence 14-7
14.2 Going Concern 14-8
14.3 Contingent Liabilities 14-10
14.4 Subsequent Events 14-11
14.4.1 Type 1 Subsequent Events 14-12
14.4.2 Type 2 Subsequent Events 14-12
14.4.3 Procedures Used When Conducting a Subsequent Events Review 14-12
14.4.4 Auditor Responsibility for Subsequent Events 14-14
14.5 Misstatements 14-15
14.5.1 Current-Year Misstatements 14-16
14.5.2 Prior-Year Misstatements 14-17
14.5.3 Qualitative Considerations 14-18
14.6 Evaluating the Conclusions and Forming an Opinion 14-19
14.7 Components of the Audit Report 14-20
14.8 Identification of the Types of Modifications to an Audit Report 14-22
14.8.1 Emphasis of Matter and Other Matters 14-23
14.8.2 Inability to Obtain Appropriate Audit Evidence 14-24
14.8.3 Material Misstatement of Financial Statements 14-27
14.9 Communication with Those Charged with Governance 14-30
14.9.1 Audit Matters of Governance Interest to Be Communicated 14-30
14.9.2 Documentation Considerations 14-31
14.10 Other Engagements 14-32
14.10.1 Reports Prepared in Accordance with a Special Purpose Framework 14-32
14.10.2 Reports on a Component of the Financial Statements 14-33
14.10.3 Review Engagements 14-33
14.10.4 Review Engagements on Interim Financial Statements 14-34
14.10.5 Assurance Engagements 14-35
14.10.6 Compliance Engagements 14-36
14.10.7 Reporting on Controls 14-37
14.10.8 Reports on Supplementary Matters 14-37
14.10.9 Reports on the Results of Applying Specified Procedures to Financial Information Other Than Financial Statements 14-37
14.10.10 Reports on the Application of Accounting Principles 14-38
14.10.11 Reports Used in an Offering Document or Designated Document 14-38
Appendix A Cloud 9 Ltd. A-1
Cloud 9 Ltd. Company Background A-1
Personnel A-2
Financial Information A-2
Glossary G-1
Index I-1
