Chapter 02

Professional Standards

McGraw-Hill/Irwin Copyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.

Three sets of auditing standards

1. AICPA (Auditing Standards Board) for nonpublic companies in US. (non-issuers)

2. PCAOB for public companies in US (issuers)

3. International Auditing Standards with differing authorities in various countries Likely be acceptable within five years in all countries

involving multinational security offerings.

Three Sets of Auditing Standards

2-2

2-3

1. Public Company Accounting Oversight Board Auditing, Attestation, Quality Control, Independence, Ethical

Standards for audits of public companies (issuers)

2. American Institute of Certified Public Accountants Auditing, Attestation, Quality Control, Independence Ethical,

Accounting and Review Standards for engagements involving nonpublic companies (non-issuers)

3. International Auditing & Assurance Standards Board Within the next 5 years, IAASB standards will likely be

acceptable in every country for multinational security offerings

4. State Boards of Accountancy License CPAs and CPA firms to practice in jurisdictions

Authority of Audit-RelatedOrganizations

Regulation of the Public Accounting Profession

2-4

Principles Underling a GAAS Audit 1/6

FIVE Brand New Principles (apply to audits of nonpublic entities):

1. Purpose of an audit

2. Premise of an audit

3. Personal responsibilities of the auditor

4. Auditor actions in performing the audit

5. Reporting results of an audit

2-5

Principles Underling a GAAS Audit 2/6

1. Purpose of an audit—Provide an opinion on financial statements are in accordance with the applicable financial reporting framework. The framework is ordinarily GAAP. The applicable framework corresponds to the

“suitable criteria” of an attest engagement.

2-6

Principles Underling a GAAS Audit 3/6

2. Premise of an audit—Management (and those charged with governance) have responsibility to: Prepare financial statements in accordance

with applicable financial reporting framework. Provide auditor with needed information and

unrestricted access to those in the entity.

2-7

Principles Underling a GAAS Audit 4/6

3. Personal responsibility of the auditor—Appropriate competence and capabilities to perform audit in accordance with standards, including maintaining professional skepticism and exercising professional judgment throughout the audit. Professional skepticism—A questioning mind

and a critical assessment of audit evidence.

2-8

What Sherlock Holmes and Auditors Have in Common: Evaluating Evidence

with Professional Skepticism

A Healthy Dose of Skepticism

Eight-year old Ashley Bauer has Williams

Syndrome

The Gullibility Region of the Brain

(called in inferior supra-credulus)

Just

Kidding

!!

Forensic Accountants/Auditors

Jorge Barcelo2008 WWU business

grad Manager of Deloitte’s LA Office of

Forensic Services

Who Me?

Neither:“The auditor neither assumes that management is dishonest

nor assumes unquestioned honesty.”

Your Attitude Towards Clients: Which is it?

INNOCENT UNTIL

PROVEN GUILTY

1 2

In a review of audit firms, the PCAOB found that auditors relied too heavily on

what their clients told them . . . and did not sufficiently test or challenge

management’s forecasts, views, or representations.

In cases where the SEC has brought fraud-related charges against auditors, insufficient

professional skepticism was found in a majority of cases.

Some Reasons for Concern

CAUGHT OR TAUGHT

How is Professional Skepticism Acquired?

Characteristics of Skeptics

Holmes and his sidekick Watson

Confident in ability to prove others wrongCynical about what others sayAttentive to details (even unrelated minutia)Tests each hypothesis carefullyDoesn’t jump to conclusionsPersistent as a bloodhound

Examination of Evidence1. Questioning mind2. Suspension of judgment3. A persistent and perceptive

search for knowledgeUnderstanding Evidence Providers4. A desire and ability to understand peopleCharacteristics to Act on the Evidence5. Self-confidence6. Self-determination

Characteristics of Skeptics

A Survey to Test Skepticism

Over time, Dr. Hurd has developed a survey to measure innate levels of skepticism.

It has been completed by thousands of auditors in a variety of settings, with very consistent results

PROFESSIONAL SKEPTICISM SURVEY* GCAS Seminar 2010

NOTE: This survey should be done anonymously. Please do not put your name on it.

Gender: Female Male

Age:

Years of auditing experience:

Professional Certifications: CPA CMA CIA CA Other:

Highest Degree: Bachelors Masters Doctorate Other:

Have discovered fraud before: Yes No

Please indicate how you feel about each statement below.

Scale: 1=Strongly Disagree

6=Strongly Agree

1. I usually reject what somebody says until I have proof that it is true. 1 2 3 4 5 6

2. I have confidence in myself and my abilities. 1 2 3 4 5 6

3. Discovering new information is fun. 1 2 3 4 5 6

4. I am interested in what causes people to behave the way they do. 1 2 3 4 5 6

5. My friends tell me that I often question things I see or hear. 1 2 3 4 5 6

6. I feel pretty good about myself. 1 2 3 4 5 6

7. I wait to decide on issues until I can get more information. 1 2 3 4 5 6

8. I tend to be cynical about what others tell me. 1 2 3 4 5 6

9. I enjoy learning new things. 1 2 3 4 5 6

10. I prefer to be very methodical and take my time when making decisions. 1 2 3 4 5 6

11. I like researching information and getting the details down. 1 2 3 4 5 6

12. Since I’m usually right, it irks me when others disagree with me. 1 2 3 4 5 6

13. I like trying to prove that what someone said is false. 1 2 3 4 5 6

14. I don’t like it when I have to make a decision too quickly. 1 2 3 4 5 6

15. I am confident that I can do a job as good or better than others can. 1 2 3 4 5 6

16. I prefer to look at a situation from all angles before I make a decision. 1 2 3 4 5 6

17. Being very knowledgeable about certain subjects is important to me. 1 2 3 4 5 6

18. The actions people take and the reasons for those actions are fascinating. 1 2 3 4 5 6

19. I typically notice inconsistencies in explanations. 1 2 3 4 5 6

20. I like to ponder all available information before making a decision. 1 2 3 4 5 6

21. I like to speculate on why people behave the way they do. 1 2 3 4 5 6

22. I try to learn all I can about a subject that I’m interested in. 1 2 3 4 5 6

Reverse Scale: 1=Strongly AGREE

6=Strongly DISAGREE 23. I often accept other people’s explanations without further thought. 1 2 3 4 5 6

24. Why people do the things they do doesn’t interest me very much. 1 2 3 4 5 6

25. I usually believe what other people tell me. 1 2 3 4 5 6

26. I seldom contemplate why someone behaves in a certain way. 1 2 3 4 5 6

27. Since I don’t like be disagreeable, it is easy for others convince me. 1 2 3 4 5 6

28. I usually don’t feel very sure of myself. 1 2 3 4 5 6

29. I typically accept things I see, read, or hear at face value. 1 2 3 4 5 6

30. I generally agree with the conclusions made by the others in my group. 1 2 3 4 5 6

Add up all your scores and enter here ► TOTAL SCORE =

SEE NEXT PAGE FOR INTERPRETATION OF RESULTS

* Adapted from Hurtt, R. K., M. Eining, and R.D. Plumlee, 2003. “Development of an Instrument to Measure Professional Skepticism.” University of Wisconsin.

Score Range30 - - - - - - - - - 130 - 140- - - - - - - - -

180Low Avg High

TRUE OR FALSE:1. Men usually score higher than women2. Those with children score higher than those without3. Divorced people score higher4. New auditors have scores higher than experienced

auditors5. An audit manager’s emphasis on professional

skepticism increases the skepticism of juniors6. Auditors with more fraud-training have higher scores

Principles Underling a GAAS Audit 5/6

4. Auditor actions To express an opinion, auditors obtain

reasonable assurance about whether financial statements are free from error or fraud.

The auditor is unable to obtain absolute assurance due to:• Nature of financial reporting.• Nature of audit procedures.• Need to conduct audit within a reasonable period

of time and cost.

2-20

Principles Underling a GAAS Audit 6/6

5. Reporting the results of an audit—Express in a written report an opinion on findings (or statement that opinion cannot be expressed). The opinion is on whether the financial

statements are in accordance, in all material respects, with the applicable financial reporting framework.

2-21

The 10 Generally Accepted Auditing Standards

General Standards Standards of Field Work Reporting Standards

NOTE: These standards only apply to audits conducted according to PCAOB standards. The preceding “Principles” replaced the 10 GAAS standards for nonpublic company audits.

2-22

The Ten Commandments of Auditing (GAAS)

1.Training2.Indepen

dence3.Professio

nal Care

1.Planning2.Internal

Control3.Evidenc

e

1.GAAP2.Consiste

nt3.Disclosu

re4.Opinion

General

Field Wor

k

Reporting

More Detailed Statements: Statements on Auditing

Standards (SASs)

2-24

Generally Accepted Auditing Standards (GAAS)

--General Standards T = Adequate technical training and

proficiency I = Independence in mental attitude is to

be maintained P = Due professional care is to be

exercised

2-25

Generally Accepted Auditing Standards--Standards of Field Work

P = Auditor must adequately plan and properly supervise work

I = Auditor must obtain a sufficient understanding of entity, and its environment, including internal control to assess risk of material misstatement and to design further audit procedures

E = Auditor must obtain sufficient appropriate audit evidence to afford a reasonable basis for the opinion

2-26

Generally Accepted Auditing Standards--Standards of Reporting

G = State whether the financial statements are presented in accordance with GAAP

C = Identify circumstances in which such principles have not been consistently applied

D = Informative disclosures are adequate unless otherwise stated in the report

O = Report should clearly state the degree of responsibility being assumed by the auditors by expressing an opinion or stating that one cannot be expressed, and the reason

Terminology in Auditing Standards (Figure 2.3)

ResponsibilityLevel

Meaning Words Used to Indicate Responsibility

UnconditionalResponsibility

Auditor must fulfill responsibilities “Must”“Shall” (PCAOB only)“Is required” (PCAOB only)

Presumptively Mandatory

Auditor must comply with requirements unless auditor demonstrates and documents that alternative actions were sufficient to achieve the objectives of the standards

“Should”

Responsibility to Consider

Auditor should consider; whether the auditor complies with the requirements depends on the exercise of professional judgment in the circumstances

“May”“Might”“Could”Other phrases indicating a responsibilities to consider

2-27

The GAAS Hierarchy (Figure 2.3)

2-28

Principles come FIRST

2-29

Auditor Responsibility for the Detection of Errors and Fraud

Errors/irregularities are unintentional misstatements, but fraud is intentional.

Not all errors/irregularities are equal (materiality and nature) Obtain information to assess the inherent risks and fraud risks

Information about the company and its environment, discussion among audit team members, inquiries of management and others, and planning analytical procedures, including those involving revenue

Assess the risk of errors and fraud that may cause the financial statements to contain a material misstatement.

Based on that assessment, plan and perform the audit to obtain reasonable assurance that material misstatements, whether caused by errors or fraud, will be detected.

Exercise due care in planning, performing and evaluating the results of audit procedures, and the proper degree of professional skepticism to achieve reasonable assurance that material misstatements due to error or fraud will be detected.

2-30

Auditor Responsibility for the Detection of Illegal Acts

Those that could have a direct and material effect on financial statement amounts--same as for errors and fraud (e.g. cheat on taxes payable). An audit obtains reasonable assurance of detecting these types of illegal acts.

Those with an indirect effect on financial statement amounts (e.g. Form I-9 failures):

Be aware of possible occurrence. If information comes to the auditor’s attention, apply audit

procedures directed at determining whether an illegal act has occurred. An audit does not provide assurance that indirect-effect illegal acts will be detected.

2-31

The Standard Auditors’ Report for Nonpublic Companies

TYPES Unmodified (unqualified)

everything is ok or clean Qualified

everything ok except for … Adverse

Everything is bad (kicked off exchange) Disclaimer

Wasn’t able to complete enough work to know

Model Audit Report

The Shareholders:

We have eyeballed the ball park figures on the statement of lies, retained deficits and source and application of executive petty cash. Our examination included a general rationalization of the accounting standards and such test of the accounting records and other unsupported entries as we considered unavoidable, subject to the constraints of our time budget and audit fee.

Our gut feeling is that these ball park figures are solid numbers and we are fit to roll with them, having been prepared in accordance with generally accepted corporate memos applied randomly on a basis consistent with that of producing a satisfactory profit.

Yours in haste,Aurthor Unknown, CPASiberiaFebruary 30, 2014

The Standard Auditors’ Report for Nonpublic Companies

Title Addressee Content Sections (4 paragraphs)

Introductory (“We have audited”) Management’s responsibility Auditor’s Responsibility Opinion Paragraph

Signature (firm name; not partner) City and state of office issuing audit report Date

2-33

We have audited the accompanying consolidated balance sheets of ABC Company and its subsidiaries, as of December 31, 20X1 and 20X0, and the related consolidated statements of income, retained earnings, and cash flows for the years then ended.

The AICPA Standard Auditors’ Report--Introductory Paragraph

2-34

Management is responsible for the preparation and fair presentation of these consolidated financial statements in accordance with accounting principles generally accepted in the United States of America; this includes the design, implementation, and maintenance of internal control relevant to the preparation and fair presentation of consolidated financial statements that are free from material misstatement, whether due to fraud or error.

The AICPA Standard Auditors’ Report—Management’s Responsibility Paragraph

2-35

The AICPA Standard Auditors’ Report:Auditors’ Responsibility Paragraphs

Our responsibility is to express an opinion on these consolidated financial statements based on our audits. We conducted our audits in accordance with auditing standards generally accepted in the United States of America. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the consolidated financial statements are free of material misstatement.

 

An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the consolidated financial statements. The procedures selected depend on the auditor's judgment, including the assessment of the risks of material misstatement of the consolidated financial statements, whether due to fraud or error. In making those risk assessments, the auditor considers internal control relevant to the entity's preparation and fair presentation of the consolidated financial statements in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the entity's internal control An audit also includes evaluating the appropriateness of accounting policies used and the reasonableness of significant accounting estimates made by management, as well as evaluating the overall presentation of the consolidated financial statements.

 

We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion.

2-36

In our opinion, the consolidated financial statements referred to above present fairly, in all material respects, the financial position of ABC Company and its subsidiaries as of December 31, 20X1 and 20X0, and the results of their operations and their cash flows for the years then ended in accordance with accounting principles generally accepted in the United States of America.

The AICPA Standard Auditors’ Report--Opinion Paragraph

2-37

REPORT OF INDEPENDENT PUBLIC ACCOUNTANTSTo the Shareholders and Board of Directors of Enron Corp.: We have audited the accompanying consolidated balance sheet ofEnron Corp. (an Oregon corporation) and subsidiaries as ofDecember 31, 2000 and 1999, and the related consolidatedstatements of income, comprehensive income, cash flows andchanges in shareholders' equity for each of the three years inthe period ended December 31, 2000. These financial statementsare the responsibility of Enron Corp.'s management. Ourresponsibility is to express an opinion on these financialstatements based on our audits. We conducted our audits in accordance with auditing standardsgenerally accepted in the United States. Those standards requirethat we plan and perform the audit to obtain reasonable assuranceabout whether the financial statements are free of materialmisstatement. An audit includes examining, on a test basis,evidence supporting the amounts and disclosures in the financialstatements. An audit also includes assessing the accountingprinciples used and significant estimates made by management, aswell as evaluating the overall financial statement presentation.We believe that our audits provide a reasonable basis for ouropinion. In our opinion, the financial statements referred to abovepresent fairly, in all material respects, the financial positionof Enron Corp. and subsidiaries as of December 31, 2000 and 1999,and the results of their operations, cash flows and changes inshareholders' equity for each of the three years in the periodended December 31, 2000, in conformity with accounting principlesgenerally accepted in the United States. As discussed in Note 18 to the consolidated financialstatements, Enron Corp. and subsidiaries changed its method ofaccounting for costs of start-up activities and its method ofaccounting for certain contracts involved in energy trading andrisk management activities in the first quarter of 1999.Arthur Andersen LLPHouston, TexasFebruary 23, 2001

Advice from Arthur

Anderson:Be careful

what you say

GAAP

FASB issues GAAP for nongovernmental entities Authoritative: FASB Codification and Accounting

Standards Updates Nonauthoritative Pronouncements:

• Widely recognized practices• FASB concepts Statements• AICPA Issues Papers• International Financial Reporting Standards• Various others

Other sources of GAAP GASB--State and local governments FASAB--Federal government

2-39

Other Types of Auditors’ Reports

Standard unmodified report (unqualified per PCAOB standards) Financial statements follow GAAP and auditor does not add additional

commentary for any issue Other reports

Unmodified with emphasis of matter (or other emphasis)• Example: A lack of consistency in application of accounting

principles Qualified opinion

• Scope limitation or departure from GAAP Adverse opinion

• Departure from GAAP so significant that financial statements as a whole are misleading

Disclaimer of opinion• Unable to arrive at an opinion due to a very significant scope

limitation

2-40

Public Company Audit Report

Title is “Report of Registered Independent Public Accounting Firm.”

Refers to standards of the PCAOB rather than GAAS.

Includes a paragraph that refers to report on internal control.

Somewhat more brief than the nonpublic company report.

2-41

Public Company Audit ReportAuditor's ReportREPORT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRMTo the Board of Directors and Stockholders of Microsoft Corporation: We have audited the accompanying consolidated balance sheets of Microsoft Corporation and subsidiaries (the "Company") as of June 30, 2012 and 2011, and the related consolidated statements of income, cash flows, and stockholders' equity for each of the three years in the period ended June 30, 2012. These financial statements are the responsibility of the Company's management. Our responsibility is to express an opinion on these financial statements based on our audits. We conducted our audits in accordance with the standards of the Public Company Accounting Oversight Board (United States). Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation. We believe that our audits provide a reasonable basis for our opinion. In our opinion, such consolidated financial statements present fairly, in all material respects, the financial position of Microsoft Corporation and subsidiaries as of June 30, 2012 and 2011, and the results of their operations and their cash flows for each of the three years in the period ended June 30, 2012, in conformity with accounting principles generally accepted in the United States of America. We have also audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States), the Company's internal control over financial reporting as of June 30, 2012, based on the criteria established in Internal Control – Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission and our report dated July 26, 2012, expressed an unqualified opinion on the Company's internal control over financial reporting./s/   DELOITTE & TOUCHE LLPSeattle, WashingtonJuly 26, 2012

Applicability of SSAEs

2-43

Elements of Quality Control

1. Leadership responsibilities for quality within the firm (“tone at the top”)

2. Relevant ethical requirements

3. Acceptance and continuance of clients and engagements

4. Human Resources

5. Engagement performance

6. Monitoring

2-44

QC Element 1: Leadership responsibilities for quality within the firm

Firm’s internal culture recognizes that quality is essential in performing engagements and recognizes the need to

perform work that complies with professional standards and regulatory and legal requirements and

issue reports that are appropriate in the circumstances.

Example: Assign management responsibilities so that money considerations do not override the quality of work performed.

2-45

QC Element 2: Relevant ethical requirements

Firm and its personnel comply with relevant ethical requirements.

Example: At least annually, the firm should obtain written confirmation of compliance with its independence policies and procedures from all firm personnel who are required to be independent.

2-46

QC Element 3: Acceptance and Continuance

Firm will undertake to continue relationships and engagements only where the firm:1. Has considered client integrity.

2. Is competent to perform the engagement.

3. Can comply with legal and ethical requirements. Example: Background information is gathered on all

prospective audit clients, including the attitude of principal owners, key management, and those charged with governance on matters such as aggressive accounting and internal control over financial reporting.

2-47

QC Element 4: Human Resources

Firm has personnel with the capabilities, competence, and commitment to ethical principles to:1. Perform engagements in accordance with professional

standards and regulatory and legal requirements.

2. Enable the firm to issue reports that are appropriate in the circumstances.

Example: Design effective recruitment processes and procedures to help the firm select individuals meeting minimum academic requirements established by the firm, and maturity, integrity and leadership.

2-48

QC Element 5: Engagement Performance

Firm’s engagements are consistently performed in accordance with professional standards and regulatory and legal requirements, with policies and procedures addressing:

1. Engagement performance.

2. Supervision responsibilities.

3. Review responsibilities. Example: Design policies and procedures that address

the tracking of progress of each engagement.

2-49

QC Element 6: Monitoring

Firm’s policies and procedures established for each of the elements are suitably designed and effectively applied.

Example: Working papers, reports, and client financial statements are reviewed to assess compliance with the firm’s quality control policies and procedures.

2-50

Quality Control Procedures

Depend on size of firm, number of offices and nature of firm’s practices.

Every CPA firm should have quality control procedures applicable to every aspect of its practice.

Establish controls to provide assurance that the CPA firm meets its responsibilities to clients and public.

2-51

Regulation of the Public Accounting Profession

Sarbanes-Oxeley (SOX) created the PCAOB to regulate CPA firms who did public company audit

• Registration of public accounting firms that audit public companies

• Conduct inspections of public company practice of registered public accounting firms

For a brief summary of SOX, click here. Nonpublic Companies

AICPA & State Boards of Accountancy• Peer review for nonpublic practice segments

2-52

PCAOB

Composed of 5 members – only two may be CPAs

Members appointed by SEC and may serve no more than two five-year terms

All accounting firms that audit SEC registrants must register with PCAOB

Pledge to cooperate with PCAOB inquiries PCAOB can impose monetary damages, suspend

firms or make referrals to Justice Department

2-53

Peer Reviews Members of AICPA Conducted by CPAs or other CPA firms Two types of peer reviews

System review• Study of CPA firms’ system of quality control• Select sample of firms’ engagements and examine related

working paper files

Engagement review• Sample of CPA work including reports to evaluate

appropriateness• Less in scope than system review

Report: pass, pass with deficiencies, or fail

2-54

PCAOB Inspections

Conducted by PCAOB staff Focus

Primarily evaluating performance of sample of individual audit and review engagements; a risk based approach to selection and inspection is used.

Selected quality control and management issues only. This differs from a peer review.

Report Written report to SEC, part of which is made

public2-55

International Accounting Standards

International Financial Reporting Standards (IFRS) Developed by International Accounting

Standards Board (IASB) SEC accepts IFRS for foreign companies that

issue securities in US markets

2-56

International GAAP (iGAAP)

International Accounting Standards Board (IASB), based in England, creates International Financial Reporting Standards (IFRS).

IFRS has already been, or in the process of being, adopted by over a hundred countries, including the U.S.

SEC is hoping that IFRS will be followed by U.S. public companies soon but it remains to be seen how quickly this will happen. When IFRS are fully adopted, US GAAP for public companies will cease to exist. Early adoption of IFRS was allowed in the U.S. starting in 2009.

IFRS differ from U.S. GAAP in many ways. In general, IFRS are principle-based while U.S. GAAP is much more prescriptive. Click here for more details.

FASB will likely still produce GAAP for U.S. private companies, which will result in Big GAAP and Little GAAP.

2-57

2-58

Principle-based Application-based

59

The world’s two big accounting standard bodies

FASB (Norwalk, Connecticut)http://www.fasb.org/jsp/FASB/Page/SectionPage&cid=1218220131802

Russell GoldenChair of FASB Hans Hoogervorst,

Chair of IASB

IASB (London ,England)http://www.ifrs.org/The-organisation/Members-of-the-IASB/Pages/Members-of-the-IASB.aspx

International Audit Report

Similar to AICPA’s nonpublic company audit report. Contains expanded description of management’s responsibility and explanation of the audit process similar to the nonpublic company audit report

May state “present fairly, in all material respects” or “give a true and fair view”

Report may indicate that the financial statements comply with the provisions of the country’s relevant statutes or laws

May be signed using the personal name of the auditor or the audit firm or both

Likely be acceptable within five years in all countries involving multinational security offerings.

2-60