Glossary of Audit and Assurance Terms
31
Click here to load reader
description
Auditing Terms and Definitions
Transcript of Glossary of Audit and Assurance Terms
‘Aud-lish”: A Glossary of Audit, Assurance & Accounting Terminology[ Prof. TMock, UC Riverside, Updated Jan. 2012 ]
Term[Alphabetical]
Definitions Source[see list at end]
Accounting Is the process by which information about an activity or enterprise is identified, recorded, classified, aggregated and reported.
2
Accuracy audit objective
Deals with whether the various detailed ledgers and journals are properly aggregated and agree with the balances in the general ledger.
2
AJE Adjusting Journal Entry: Adjusting entries used to correct entries that were determined not be accurate or correct..
Anchoring and adjustment heuristic
When an auditor bases decisions about sample size or time allocations in the prior audit, and makes adjustments for new conditions in the current year.
2
Assurance Activities of an auditor that improve the relevance or reliability of business information. 2 An Audit
Integrated Audit
F/S Auditing
Auditing
“An audit is a systematic process of objectively obtaining and evaluating evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between these assertions and established criteria and communicating the results to interested users.” [AAA ASOBAC, 1974]An audit includes: Integrated audit of financial statements and internal control over financial reporting: Planning and performing the audit to obtain reasonable assurance about whether the company maintained, in all material respects, effective internal control over financial reporting as of the date specified in management's assessment. The auditor is also responsible for obtaining an understanding of internal control sufficient to plan the financial statement audit and to determine the nature, timing, and extent of audit procedures to be performed [PCAOB: AU Section 310]Financial Statement Auditing is the process of providing assurance about the reliability of the information contained in a financial statement prepared in accordance with GAAP.Auditing: Assurance/attestation about the output of the financial accounting process.
AAA
2
2
Compliance assurance [auditing]
Assurance about compliance with laws and regulations. 2
Limited assurance A review engagement provides some assurance about the quality of information included in the 2
financial statements but does not provide as much assurance as an audit, nor does it require the same burden of evidence as obtained for an audit.
Negative assurance Auditor’s opinion meaning that the accountant states that he or she is unaware of any errors or omissions based on the required procedures.
2
Operational auditing
Assurance related to the quality of processes can address broader issues than just system reliability. Operational auditing often referred to as management auditing or performance auditing, examines the general effectiveness and efficiency of processes on an organization.
2
Performance auditing
See operational auditing
Assurance Engagement
Assurance engagement means an engagement in which a practitioner (professional accountant or auditor), expresses a conclusion (in report form) that is designed to enhance the degree of confidence users have about the evaluation of a subject matter against identified criteria.
Hayes et al.# 13.
Assurance: Levels Absolute Where the evidence is conclusive and reliable because the subject matter is determinate, the criteria
definitive and the process applied comprehensive. 7
High Subject matter conforms in all material respect with identified suitable criteria. 7 Low Having preformed evidence gathering procedures that were reasonable given the characteristics of
the subject matter and other relevant engagement circumstances described in the assurance report, the practitioner has obtained sufficient appropriate evidence to reduce assurance engagement risk to an acceptable low level.
7
Moderate Subject matter is plausible in the circumstances. 7 Negative Evidence gathering procedures are at least sufficient to obtain a meaningful level of assurance as a
basis for a negative form of expression. 7
Positive Level of satisfaction sufficient to provide a positive expression of opinion that the assumptions are free of material misstatements.
7
Reasonable Reasonable assurance, while not ‘absolute’, is intended to provide ‘high’ assurance. 7 LimitedAssurance services Independent professional services that improve the quality of information, or its context, for
decisions makers.6
[AICP
Services to enable the professional accountant to report in relation to a subject matter that is the responsibility of another party, by evaluating that subject against identified suitable criteria and expressing a conclusion about that subject matter.
A] & 2a
7Attestation Process of providing assurance about the reliability of any information provided by one party to
another.2a
Audit evidence Any information that gives the auditor an indication as to whether an assertion is true or not can be obtained by:
2
Accuracy Computational evidence obtained by verifying summary totals, for example, adding individual transaction amounts to arrive at the total account balance. This evidence is often referred as “footing” or “running a tape”.
2
Analytical evidence
Evidence obtained by logical evaluation of facts and circumstances related to an account or transaction.
2
Client inquiry Evidence obtained from written and oral representations made by management or client personnel 2 Confirmation Written evidence received from third parties that are independent of the client. 2 Documentation Evidence obtained from the examination of the client’s written records. 2 Observations Visual evidence obtained by the auditor by inspecting client activities while they are in progress. 2 Physical
examinationEvidence obtained from the firsthand inspection of tangible assets by the auditor. 2
Audit failure Material misstatements whether or not auditors have obtained sufficient audit information. 4Audit Opinion / Audit Reports
[See Reports]
Audit Program [Plan] Standard AP Customized AP
The documented plan of the evidence gathering and generation procedures to be conducted by the audit team to insure that sufficient, competent evidence is collected.
A standard audit program [SAP] is a standard set of procedures for testing various accounts and transaction streams.
A Customized audit program [SAP] is a set of audit procedures customized for each client for testing various accounts and transaction streams
Authorization:General authorization: Allows an individual to execute all tasks or transactions that meet certain criteria. For example, a 2
sales clerk may be allowed to accept a customer’s check for up to $500 upon presentation of a major credit card and driver’s license.
Specific authorization Should be required for any actions that are not subject to general authorization. For example, a check is excess of $500 may need approval by a store manager or purchase orders for a new item of inventory may require approval by a senior marketing manager.
2
Bank reconciliation Identification of any discrepancies between the cash balance recorded on the books at a point in time and the balance according to the bank as of the same point of time.
2
Bankruptcy [InvestorWords.com] A proceeding in a federal court in which an insolvent debtor's assets are liquidated and the debtor is relieved of further
liability. Chapter 7 of the Bankruptcy Reform Act deals with liquidation, while Chapter 11 deals with reorganization.
InvestorWords.com
Block sampling Examining groups (blocks) of sequential transactions but the selection of each block will be random.
2
Bounded rationality Models of bounded rationality are those in which some aspect of the process of choice is explicitly modeled.
3
Chart of accountants Lists and describes the acceptable ledger accounts to be used for recording transactions and is useful for proper classification of transactions occurring with a process.
2
Code of Professional Conduct
Principles, Rules of Conduct, Interpretations and Ethics Rulings. 6
Principles Guiding philosophy of the profession and providing a framework of the Rules Rules of Conduct Enforceable portion of the Code of Professional Conduct and dictate, in broad terms, the types of
actions by an accountant that is forbidden or encouraged. Interpretations Provide guidelines for applying the Rules but are not intended to limit the scope of the Rules Ethics Ruling Set of moral values or principles upon which an individual bases decisions about his or her
behavior.Comfort letter Accountants indicate that they are not aware of any errors, omissions or misleading information
related to the financial statements.Compensating controls Controls that operate at a level of precision that would result in the prevention or detection of a
misstatement that was more than inconsequential or material, as applicable, to annual or interim financial statements. The level of precision should be established considering the possibility of further undetected misstatements.
1
Competence of Evidence
Description for the strength of audit evidence. 2
Competitive benchmarking
Comparison of client’s performance to outside organizations. 2
Completeness assertion
Statement that all assets, liabilities, or transactions have been properly identified and recorded. 2
Confirmations Written evidence received from third parties that are independent of the client. 2 Bank confirmation A standardized request from an auditor to a client’s bankers for the confirmation of checking or
other deposit accounts. 2
Negative confirmation
Response is only when the customer disagrees with the reported balance. 2
Positive confirmation
Response is expected and will evaluate the evidence value of the information received based on the nature of the response (i.e., agreement or disagreement with the balance).
2
Control total In computer science it means: The sum of the numbers in a specified record field of a batch of records [i.e. a hash total],
Controls Actions taken by a company or an individual to reduce the likelihood to reduce risk. 2 Complementary
controlsControls that function together to achieve the same control objective 1
Control deficiency A deficiency in the design or operation of a control that does not allow management or employees, in the normal course of performing their assigned functions, to prevent or detect misstatements on a timely basis.
A deficiency in design exists when (a) a control necessary to meet the control objective is missing or (b) an existing control is not properly designed so that, even if it operates as designed, the control objective is not always met.
A deficiency in operation exists when a properly designed control does not operate as designed, or when the person performing the control does not possess the necessary authority or qualifications to perform the control effectively.
1
Control environment
The control environment sets the tone of an organization, influencing the control consciousness of its people. It is the foundation for all other components of internal control, providing discipline and structure. Control environment factors include the integrity, ethical values and competence of the entity's people; management's philosophy and operating style; the way management assigns authority and responsibility, and organizes and develops its people; and the attention and direction provided by the board of directors
5
Control objective The objective(s) related to internal control over financial reporting to achieve the assertions that underlie a company’s financial statements.
1
Control weakness A deficiency in the design or operation of a control procedure. Control weaknesses can potentially result in risks relevant to the area of activity not being reduced to an acceptable level (relevant risks are those that threaten achievement of the objectives relevant to the area of activity being examined). Control weaknesses can be material when the design or operation of one or more control procedures does not reduce to a relatively low level the risk that misstatements caused by illegal acts or irregularities may occur and not be detected by the related control procedures.
6
General controls Pertain the manner in which a process is designed and managed. For example, procedures related to defining steps and tasks within a process, authorizing decisions, implementing systems changes, establishing processing schedules, updating system documentation and assuring software and data integrity.
2
Internal control A process, affected by an entity’s board of directors, management, and other personnel, designed to
provide reasonable assurance regarding the achievement of objectives in the following categories:
• Effectiveness and efficiency of operations
• Reliability of financial reporting
• Compliance with applicable laws and regulations
Internal control consists of five interrelated components. These are derived from the way management runs a business, and are integrated with the management process:
Control Environment: see control environment Risk Assessment: Involves the identification and analysis by management—not the internal
5
auditor—of relevant risks to achieving predetermined objectives. Control Activities: policies, procedures, and practices that ensure management objectives
are achieved and risk mitigation strategies are carried out. Information and Communication: support all other control components by communicating
control responsibilities to employees and by providing information in a form and time frame that allows people to carry out their duties.
Monitoring: covers the external oversight of internal controls by management or other parties outside the process; or the application of independent methodologies, like customized procedures or standard checklists, by employees within a process.
Management controls
Activities undertaken by senior management to mitigate strategic risks to the organization and to promote the effectiveness of decision-making and the efficiency of business activities.
Process controls Refers to the control activities that are performed as part of the various processes within the organization by staff employees and low-level management. Also, process controls primarily deal with the reliability of accounting information and compliance with the rules and regulations.
2
Redundant controls
Controls that achieve the same control objective. 2
Tests of controls Tests of system reliability to assess the quality of transaction processing and measure the risk that transactions may be processed incorrectly.
2
Cycles [Transaction Cycles, Business Processes ]
Revenue, Purchasing, Production, Financing, Human Resources, …
DiagnosticityDisclosure audit objective
Deals with whether all pertinent and significant information related to a transaction or account has been presented in the basic financial statements or in the footnotes to the financial statements.
2
Engagement Agreed-upon
procedures engagement
Involves issuing a report on specific findings obtained by performing specific procedures agreed to by all parties prior to the start of the engagement.
2
Assurance engagement
An engagement conducted to provide 1. a high level of assurance that the subject matter conforms in all material respect with
identified suitable criteria, or
7
2. a moderate level of assurance that the subject matter is plausible in the circumstances. Attest engagement When a practitioner is engaged to issue or does issue a written communication that expresses a
conclusion about the reliability of a written assertion that is the responsibility of another party.6
Audit engagement An assurance engagement to provide a high level of assurance that financial statements are free of material misstatement, such as an engagement in accordance with Internal Standards on Auditing.
7
Examination engagement
An accountant expresses positive assurance about an assertion being examined; that is, the assertion is presented in accordance with established criteria in all material aspects.
2
Review engagement
Provides less assurance that an examination because the auditor expresses only negative assurance about the assertion; that is, the accountant is not aware of any reasons to conclude the assertions are not conformity with established criteria.
2
Errors Unintentional misstatements or omissions of financial information. 2Evidence Gathering information that supports or refutes audit objectives [or management assertions] that
have been identified.2
Expected error level Reflects the likelihood that an error occurs in a sample unit and is detected by the sample. 2External threat analysis
Technique to identify and categorize external risks as part of the strategic risk analysis. 2
Financial accounting Refers to the specific process of identifying, recording, classifying, aggregating and reporting the information that is required for external purposes by generally accepted accounting principles (GAAP)
2
Financial statement assertions
Decomposing financial statements by focusing on five broad categories of assertions: 2
Completeness States that all assets, liabilities or transactions have been properly identified and recorded. 2 Disclosure and
presentationDeal with the classification, description and full disclosure of information pertinent to assets, liabilities and transactions.
2
Existence or occurrence
States that an asset or liability actually exists or that recorded transactions have actually occurred during the period.
2
Rights and obligations
Deal with the ownership and the rights of usage that are associated with an assets as well as the obligations that arise in conjunction with a liability.
2
Valuation and allocation
Deal with the values that are assigned assets, liabilities or transactions and imply that they are recorded at their exchange price adjusted for any cost allocations (e.g., depreciation, amortization or value impairments).
2
Foreign Corrupt Practices Act
Public companies must establish accounting and control systems that provide adequate information about the transactions and events affecting the organization.
2
Forensic accountants Forensic accountants use a unique blend of education and experience to apply accounting, auditing, and investigative skills to uncover truth, form legal opinions, and assist in investigations. Forensic accountants may be involved in both litigation support (providing assistance on legal cases) and investigative accounting (looking into illegal activities).
American
Board of
Forensic
Accountinghttp://abfa.us
/
Forensic audit procedures; forensic evidence
Application of auditing methods [procedures] to the tracking and collection of forensic evidence, usually for investigation and prosecution of criminal acts such as embezzlement or fraud.Evidence usable in a court, specially the one obtained by scientific methods such as ballistics, blood test, and DNA test
Fraudulent financial reporting
If the fraudulent misstatement involves management or other parties intentionally manipulating information in the financial statements.
2
Fraudulent misstatements
Intentional falsifications or omissions of financial information. 2
Generally Accepted Accounting Principles (GAAP)
GAAP are the accounting rules used to prepare financial statements for publicly traded companies and may private companies in the US. Conceptual framework:
Historical cost principle: requires companies to report and account based on acquisition costs rather than fair market value for most assets and liabilities.
Revenue recognition principle: requires to report when revenue is realized or realized and earned.
Matching principle: expenses have to be matched with revenues as long as it is reasonable doing so.
8
Full disclosure principle: Information disclosed should be enough to make judgment while keeping costs reasonable.
Generally Accepted Auditing Standards (GAAS)
GAAS are the generally accepted auditing standards that provide the principles and rules for the auditing profession. They include:1. General standards:
The examination is to be performed by a person or persons having adequate technical training and proficiency as an auditor
Independence in mental attitude is to be maintained by the auditor. Due professional care is to be exercised in the performance of the audit and the preparation
of the report.2. Standards of Fieldwork:
The work is to be adequately planned and assistants, if any, are to be properly supervised. A sufficient understanding of internal control is to be obtained to plan the audit and to
determine the nature, timing and extent of tests to be performed. Sufficient competent evidential matter is to be obtained through inspection, observation,
inquiries and confirmations to afford a reasonable basis for an opinion regarding the financial statements under audit.
3. Standards of Reporting: The report shall state whether the financial statements are presented in accordance with
GAAP. The report shall identify those circumstances in which such principles have not been
consistently observed in the current period relation to the preceding period. Informative disclosures in the financial statements are to be regarded as reasonable
adequate unless otherwise stated in the report. The report shall either contain an expression of opinion regarding the financial statements,
taken as a whole, or an assertion to the effect that an opinion cannot be expressed.
6
Gross exposure A worst-case estimate of the magnitude of amounts or transactions exposed to the deficiency with regard to annual or interim financial statements, without regard to the upper limit deviation rate or likelihood of misstatement, and before considering complementary, redundant, or compensating controls. Factors affecting gross exposure include:
1
The annual or interim financial statement amounts or total transactions exposed to the deficiency.
The volume of activity in the account balance or class of transactions exposed to the deficiency that has occurred in the current annual or interim period or that is expected in future periods
Hash Total A control total that has no meaning in itself except for control, e.g., total of social security numbers of employees paid.
Illegal acts Violations of laws or government regulations committed by individuals on behalf of the company. 6Impairment charge
A specific reduction on a company's balance sheet that adjusts the value of a company's goodwill. Due to accounting rules, a company must monitor and test the value of its goodwill, to determine if it is overvalued. If it is, the company must issue an impairment charge on its balance sheet, to take into account the reduced value of the goodwill.
15
Inconsequential Potential misstatements equal to or greater than 20% of overall annual or interim financial statement materiality are presumed to be more than inconsequential.
Potential misstatements less than 20% of overall annual or interim financial statement materiality may be concluded to be more than inconsequential as a result of the consideration of qualitative factors, as required by AS2.
1
Independence Having a position to take an unbiased viewpoint in the performance of audit tests, analysis of results, and attestation in the audit reports.
Hayes, et al. p.85
Independence in fact
… ability to maintain an unbiased attitude throughout the audit … Hayes, et al. p.85
Independence in appearance
The result of others’ interpretations … is the ability to maintain the appearance of an unbiased attitude throughout the audit
Hayes, et al. p.85
Independence Risk Independence risk is the risk that threats to auditor independence, to the extent that they are not mitigated by safeguards, compromise or can reasonably be expected to compromise, an auditor’s ability to make unbiased audit decisions
ISB 2000
Information Imbalance of information between two parties, for example, management and interested external 2
asymmetry stakeholders.Integrity A professional accountant should be should be straightforward and honest in performing
professional services. [see also Rule 102 of AICPA Code of Professional Conduct]. 7
Internal control over financial reporting or ICoFR
A process designed by, or under the supervision of, the company’s principal executive and principal financial officers, or persons performing similar functions, and affected by the company’s board of directors, management, and other personnel, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles.
12PCAO
B (Auditi
ng standar
d 2)Internal threat analysis Identification and categorization of external risk. 2International Financial Reporting Standards (IFRSs)
The term International Financial Reporting Standards (IFRSs) has both a narrow and a broad meaning. Narrowly, IFRSs refers to the new numbered series of pronouncements that the IASB is issuing, as distinct from the International Accounting Standards (IASs) series issued by its predecessor. More broadly, IFRSs refers to the entire body of IASB pronouncements, including standards and interpretations approved by the IASB and IASs and SIC interpretations approved by the predecessor International Accounting Standards Committee. [On this website, consistent with IASB policy, we abbreviate International Financial Reporting Standards (plural) as IFRSs and International Accounting Standards (plural) as IASs.]
Judgment Process by which the individual thinks about the relevant aspects of the decision problem. 2Judgment sampling The consideration of truncation attributes negates the possibility of random sampling. The auditor
may be able to increase the effectiveness and efficiency of the audit process by using judgmental selection to focus on transactions that are more likely to have problems or have a material impact on the financial statements.
2
Key verification The same data may be input twice and then compared to check for disagreements. The item entered will be flagged as an error if the two entries do not agree.
2
Legal letter Confirmations obtained from attorney as evidence related to contingent losses. 2Levels of Assurance See Assurance: LevelsManagement assertions
See financial statements assertion
Management auditing See operational auditingManagement fraud See fraudulent financial reportingManagement letter The auditor may also note other situations that do not constitute reportable conditions but of which
the client may wish to be informed. These circumstances are usually communicated in form of a management letter and often include suggestions on how business processes can be improved or redesigned to be more effective and efficient.
2
Material weakness A significant deficiency, or combination of significant deficiencies, that results in more than a remote likelihood that a material misstatement of the annual or interim financial statements will not be prevented or detected.
An internal control material weakness is a significant deficiency, or aggregation of deficiencies, that does not reduce to a relatively low level the risk that material misstatements in financial statements will be prevented or detected on a timely basis by employees in the normal course of their work.
1
12
Material Misstatement … an error or fraud in the financial statements that could cause the users of the financial statements to change their decisions about the company. [Stuart, p. 29]
16
Materiality {Accounting}
The magnitude of an omission or misstatement of accounting information that, in light of surrounding circumstances, makes it probable that the judgment of a reasonable person relying on the information would have been changed or influenced by the omission or misstatement.
8
Objectivity A professional accountant (auditor) should be fair and should not allow prejudice and bias, conflicts of interests or influence of others to override objectivity.
7
Performance indicators
Measures of performance to asses whether process risks are an immediate threat. 2
Potential misstatement An estimate of the misstatement that could result from a deficiency with a more than remote likelihood of occurrence.
2
Primary processes Set of activities most directly associated with the creation of value with the organization. Manufacturing, marketing and delivering a product or service are common examples of primary processes.
2
Principles-based [vs. rules-based] standards
Principles-based: creates a robust structure of principles within which the auditor has to justify his or her actions.
10
Rule-based: governed by a large number of detailed rules that are supplemented or amended on an ongoing basis.
Problem solving/thinking skills: Analytical
Problem SolvingThe ability to break a problem into smaller more manageable parts for more in depth understanding.
Creative Problem Solving
The ability to use creativity tools to develop unique solutions to a problem.
Critical Thinking The ability to ask insightful questions, to make logical inferences, and to assess the credibility of information.
Systemic Thinking The ability to understand how the interrelationships between the parts of a system impact its performance.
Ethical Problem Solving
Professional Skepticism
International Standard on Auditing 200(IAASB 2009, Paragraph 13(l)): “an attitude that includes a questioning mind, being alert to conditions which may indicate possible misstatement due to error or fraud, and a critical assessment of audit evidence.”
AS 200
Receiving report Subsequent delivery of materials is evidenced by a receiving report. 2Registration statement Required by the Securities and Exchange Commission, including financial statements and related
information, whenever a company wishes to offer new securities to the public. 2
Regulation: The Sarbanes-
Oxley Act of 2002 The 8th DirectiveReports, Opinions: Agreed-upon
procedures reportSee agreed-upon procedures engagement
Attest report See attest engagement Examination report See examination engagement Review report See review engagement
Modified unqualified report
The auditor concludes that the financial statements are fairly presented but there are circumstances that the auditor may wish to bring to the attention of the reader.
2
Standard unqualified Report
The auditor concludes that financial statements are fairly presented and issues a standards unqualified report. This report normally assumes that the company is issuing comparative financial statements, which consist of the current- and prior-year balance sheets along with related statements of income, retained earnings and cash flow.
2
Qualified Opinion/ Qualified Report
Adverse OpinionRemote likelihood The chance of the future event or events occurring is slight. 1Representation letter The purpose of the letter is to document management’s responses to a number of critical inquired
(e.g., the nature of related parties, commitments and contingencies, asset valuations)., ensure that those inquiries have been correctly understood and impress on management its responsibility for all information included in the financial statements.
2
Risk A threat to an organization that reduces the likelihood that the organization will achieve one or more of its objectives [Knechel et al. textbook, p. 29].
Acceptable risk of incorrect acceptance
Reflects the maximum likelihood the auditor is willing to accept that he or she will reach an incorrect conclusion about an account that materially misstated.
2
Acceptable risk of over reliance
Is a measure of the risk that the auditor will conclude that the actual deviation rate is low. ARO measures the risk that the auditor will reduce residual risk for a process or control risk for an assertion when such reduction is not appropriate.
2
Audit risk The risk that the auditor may unknowingly fail to appropriately modify his opinion on financial statements that are materially misstated.
6(AICPA; AU
Section 312.02) Audit Risk
[Model]A mathematical formulation of audit risk is known as the ARM [audit risk model]AR = IR * CR * DR = RMM * DR = RMM * [APR * TDR ]
7 (IAASB, ISA
200) Business risk Any external (strategic) or internal (process) threat that could impact the ability of an organization
to achieve its objectives.2
Control risk [CR] The risk t hat a material misstatement that could occur in an assertion will not be 6
prevented or detected on a timely basis by the entity’s internal control. (AICPA, AU Section
312.20b) Detection risk
[DR]The risk that the auditor will not detect a material misstatement that exists in an assertion. 6
(AICPA, AU Section
312.20a) Engagement risk The possibility that an audit & assurance firm will suffer loss [financial, reputation or other] due to
association with a client.2
Independence Risk 1. Independence in appearance:The avoidance of facts and circumstances that are so significant that a reasonable and informed third party, having knowledge of all relevant information, including safeguards applied, would reasonable conclude a firm’s, or a member of the assurance team’s, integrity, objectivity or professional skepticism had been compromised2. Independence in factThe state of mind that permits the provision of an opinion without being affected by influences that compromise professional judgment, allowing an individual to act with integrity, and exercise objectivity and professional skepticism.
7
Information risk The risk that information used in decision-making is inaccurate or insufficient. 2 Inherent risk [IR] The susceptibility of an assertion to a material misstatement, assuming that there are no related
internal controls.6
(AICPA; AU Sec.
312.20a)
Risk if Material Misstatement [RMM]
RMM = IR*CR
Residual risk A strategic or process risk that is either uncontrolled by the organization and/or exhibits quantifiable warning signals that the risk is an immediate problem.
2
Substantive The risk that the auditor will not detect a material misstatement that exists in an assertion while 2
analytical procedures risk
performing substantive analytical procedures.
Test of details risk The risk that the auditor will not detect a material misstatement that exists in an assertion while performing direct tests of transactions or account balance details.
2
SEC Act of 1933 Applies to companies that issue new securities for public trading. Section 11 of the Act imposes liability on parties, including underwriters and auditors, who are
associated with misstatements or omissions in a registration statement prepared in conjunction with an initial public offering of securities.
Section 12 imposes liabilities if a prospectus is omitted or contains incorrect information. Section 17 and 24 cover fraudulent actions occurring in conjunction with an initial public
offering.
SEC
SEC Act of 1934 Extends to auditor’s liability to any information that is required to be filed with the SEC, most specifically, annual financial statements.
12
SIC Codes Standard Industry Classification (SIC) and North American Industry Classification (NAICS) codes are federally defined numerical designations used to define and index industries.
Significant deficiency A control deficiency, or combination of control deficiencies, that adversely affects the company's ability to initiate, authorize, record, process, or report external financial data reliably in accordance with generally accepted accounting principles such that there is more than a remote likelihood that a misstatement of the company's annual or interim financial statements that is more than inconsequential will not be prevented or detected.
An internal control significant deficiency, or aggregation of deficiencies, is one that could result in a misstatement of the financial statements that is more than inconsequential.
1
12
Skepticism [Professional Skepticism]
“ … a state of mind that helps auditors remain objective, and requires a questioning mind and a critical assessment of evidence”
Text, p. 109
Statements on standards for accounting and review Services (SSARs)
The standards applicable to compilation engagements are discussed in SSARs. The accountant must be familiar with the client and its business, as well as the appropriate accounting standards, especially if the organization is subject to industry-specific variations in GAAP.
6(AICPA, AR Sectio
n 100)Strategic management Involves setting the direction of the organization; making key decisions about products, markets,
and internal activities; monitoring the external environment for threats, reacting to performance results; and guiding continuous improvement.
2
Strategic management process
Is part of the infrastructure component of a value chain and compromises the activities used by management to set the direction of the company, to select the products and markets to focus on, and to manage the risks that threaten the organization’s success.
2
Substantive audit tests Tests of assertions: Performing procedures to understand the client’s environment Assessing the internal control and measuring its performance Substantive analytical procedures Tests of transactions Direct tests of account details
2
Substantive audit procedure
is a direct test of a financial statement balance designed to detect material misstatements at the assertion level. Substantive procedures comprise tests of details (classes of transactions, account balances, and disclosures), and substantive analytical procedures.
Suitable Criteria Are the benchmarks (standards, objectives or set of rules) used to evaluate evidence to measure the subject matter of an assurance engagement
7
Sustainability Report Sustainability reporting is an organization’s public account of its economic, environmental, and social performance in relation to it operations, products, and services
14
Test objective The design of the test of a control activity to determine whether the control is operating as designed, giving consideration to: The frequency with which the control operates The desired level of assurance in combination with the reliability of the control, for example,
whether the control is designed to achieve the control objective alone or in combination with other controls
The number of exceptions expected
1
Tolerable error The amount of materiality assigned to individual accounts, which refers to the amount of error that 2
an auditor can tolerate in a specific account before it is considered to be materially misstated.Tolerable error level Reflects the maximum size of a misstatement that could exist before the auditor concludes that the
account is materially misstated.2
Upper error limit Can be interpreted as the maximum amount of error that is contained in the account with no more than XX percent change that there is more error.
2
Upper limit deviation rate
The statistically derived estimate of the deviation rate based on the sample results, for which there is a remote likelihood that the true deviation rate in the population exceeds this rate (refer to AICPA Audit and Accounting Guide, Audit Sampling).
1
Valuation audit objective
For management’s assertion about valuation, the auditor addresses three separate objectives, reflecting three different dimensions:
2
Valuation Refers to the value or amount assigned to a transaction or account. 2 Timing Deals with whether transactions are recorded in proper time period. 2 Accuracy Deals with whether the various detailed ledgers and journals are properly aggregated and agree
with the balances in the general ledger.2
Value Refers to the results of an organization’s efforts that are considered to be of benefit t o its customers.
2
Sources:1. BDO Seidman, and 8 other audit firms. Oct. 28, 2004. A Framework for Evaluating Process/Transaction-Level Exceptions and
Deficiencies [Version 1].2. Knechel, W. Robert (2001), Auditing – Assurance and Risk.
a. Knechel, Salterio & Ballou , 2008, Auditing – Assurance and Risk3. Rubinstein, Ariel (1998). Modeling Bounded Rationality. 4. Palmrose, Zoe-Vonna (1988). An analysis of auditor litigation and audit service quality. Journal of Accounting Research.5. COSO. The Committee of Sponsoring Organizations of the Tread way Commission. http://www.coso.org.6. AICPA. American Institute for Certified Public Accountants. http://www.aicpa.org7. IFAC. The International Federation of Accountants. http://www.ifsc.org.8. FASB. Financial Accounting Standards Board. http://www.fasb.org9. SEC. Securities and Exchange Commission. http://www.sec.gov.10. EU. European Union. http://www.eu.org11. ISACA. Informations System Audit and control association. http://www.isaca.org
12. PCAOB. Public Company Accounting Oversight Board. http://www.pcaobus.org13. Global Reporting Initiative (GRI). http://www.globalreporting.org14. Hayes, R., R. Dassen, A. Schilder & P. Wallage. 2005. Principles of Auditing. Pearson Education. [2nd Edition]. 15. InvestorWords.com [ [email protected]. Stuart, I. 2012 [ textbook]. Auditing and Assurance Services.
