INTRODUCTION TO AUDITING AND ASSURANCE...

Ch

apter 2

33

R E L E V A N T A C C O U N T I N G A N DA S S U R A N C E P R O N O U N C E M E N T S

CICA Handbook, section 5025, Standards forassurance engagementsCICA Handbook, section 5095, Reasonableassurance and audit riskCICA Handbook, section 5100, Generally acceptedauditing standardsCICA Handbook, section 5101, Internationalstandards on auditingCICA Handbook, section 5130, Materiality inconducting an auditCICA Handbook, section 5200, Understanding theentity and its environment and assessing the risk ofmaterial misstatement CICA Handbook, section 5300, Audit evidenceCICA Handbook, section 5400, The auditor’sstandard reportAssurance and Related Services Guideline AuG-41, Applying the concept of materiality inconducting an audit

L E A R N I N G O B J E C T I V E S

Upon completion of this chapter, you will be able to

[1] Explain the standards governing assuranceengagements.

[2] Outline the eight generally accepted auditingstandards (GAAS).

[3] Discuss the International Federation ofAccountants and International Statements onAuditing.

[4] Explain generally accepted accountingprinciples as audit criteria.

[5] Describe the relationships among financialstatements, management assertions, and auditobjectives.

[6] Explain why the auditor must be a business andindustry expert.

[7] Develop a preliminary understanding of howthe concepts of materiality, audit risk, andevidence apply to the audit process.

[8] Describe the conceptual basis for auditing.

[9] Identify the major phases of the audit process.

[10] Grasp the basic elements of audit reporting.

C h a p t e r 2An Overview of Financial Statement Auditing

P a r t IINTRODUCTION TO AUDITING AND ASSURANCE SERVICES

• generally accepted accounting principles as an auditcriterion

• management assertions• the auditor as a business and industry specialist• three fundamental concepts in conducting an audit• sampling: inferences based on limited observations• the conceptual basis for auditing

The last two sections of the chapter present an overviewof the audit process and an introduction to audit reporting. 3

This chapter provides an overview of a financial statementaudit. For those readers who have relatively little knowledgeabout the conduct of an audit engagement, this overview is in-tended to introduce the important concepts and material pre-sented in subsequent chapters. References to chapters wherethe concepts and material are covered in more depth are pro-vided throughout this chapter.

The chapter covers the following topics:

• standards for assurance engagements• generally accepted auditing standards

34 Part I Introduction to Auditing and Assurance Services

Standards Governing Professional Practice

In keeping with the broader scope of activities represented by the term “as-surance services,” the CICA has issued section 5025 of the Handbook,“Standards for Assurance Engagements.” The Assurance Standards, con-sisting of general standards, performance standards, and reporting stan-dards, do not supercede the previously established standards for engage-ments such as audits, reviews, and value-for-money audits, but rather“establish a framework for all assurance engagements performed by prac-titioners and for the on-going development of related standards.” Thusthey provide broad guidance for the performance of assurance, attest, andaudit engagements (see Figure 1–2). The standards for assurance engage-ments are reproduced in Table 2–1. Chapter 20 covers assurance engage-ments in more detail.

Auditing standards are the measures of the quality of the auditor’s perfor-mance. The CICA first issued generally accepted auditing standards(GAAS) approximately 30 years ago and has periodically modified them tomeet changes in the auditor’s environment. GAAS are composed of threecategories of standards: the general standard, examination standards, andreporting standards. Table 2–2 contains the eight GAAS.

General Standard The general standard is concerned with the audi-tor’s qualifications and the quality of his or her work. The first part of thegeneral standard recognizes that an individual must have adequate train-ing and proficiency as an auditor. This is gained through formal educa-tion, continuing education programs, and experience. It should be recog-nized that this training is ongoing with a requirement on the part of theauditor to stay up-to-date with current accounting and auditing pro-nouncements. Auditors should also be aware of developments in the busi-ness world that may affect the auditing profession.

Due care is the focus of the second part of the general standard. Insimple terms, due care means that the auditor plans and performs his orher duties with a degree of skill commonly possessed by others in the pro-fession. The requirement of due care imposes an obligation on the mem-bers of the audit team to observe the standards of field work and report-ing, and to perform the work at the same level as any other professionalauditor who offers such services to clients.

The second part of the general standard also requires that the auditoralways maintain an attitude of independence on an engagement. Indepen-dence precludes relationships that may impair the auditor’s objectivity. Adistinction is often made between independence in fact and independence inappearance. An auditor must not only be independent in fact but also avoidactions that may appear to affect independence. If an auditor is perceived

GenerallyAcceptedAuditing Standards

Standards forAssuranceEngagements

C [LO 1]

C [LO 2]

Chapter 2 An Overview of Financial Statement Auditing 35

General StandardsThe practitioner should seek management’s acknowledgment of responsibility for the subject matter as it relates to the objective

of the engagement. If the practitioner does not obtain management’s acknowledgment, the practitioner should:

• obtain other evidence that an accountability relationship exists, such as a reference to legislation or a regulation.

• consider how the lack of management’s acknowledgment might affect his or her work and conclusion; and

• disclose in his or her report that acknowledgment of responsibility has not been obtained.

The assurance engagement should be performed with due care and an objective state of mind.The practitioner and any other persons performing the assurance engagment should have adequate proficiency in such

engagements.The practitioner should identify or develop criteria that are suitable for evaluating the subject matter.In no circumstances should the practitioner perform the engagement using criteria which, in his or her judgement, would result in

a report that would be misleading to intended users.

Performance StandardsThe practitioner should consider the concept of significance and the relevant components of engagement risk when planning and

performing the assurance engagement.Sufficient, appropriate evidence should be obtained to provide the practitioner with a reasonable basis to support the conclusion

expressed in his or her report.The practitioner should document matters that in his or her professional judgement are important in providing evidence to

support the conclusion expressed in his or her report.

Reporting StandardsAs a minimum the practitioner’s report should:

• identify to whom the report is directed;

• describe the objective of the engagement and the entity or portion thereof, the subject matter and the time period coveredby the engagement;

• in an attest report, identify management’s assertion;

• describe the responsibilities of management and the practitioner;

• identify the applicable standards in accordance with which the engagement was conducted;

• identify the criteria against which the subject matter was evaluated;

• state a conclusion that conveys the level of assurance being provided and/or any reservations the practitioner may have;

• state the date of the report;

• identify the name of the practitioner (or firm); and

• identify the place of issue.

A reservation should be expressed when the practitioner:

• is unable to obtain sufficient appropriate evidence to evaluate one of more aspects of the subject matter’s conformity withthe criteria;

• in a direct reporting engagement, concludes that the subject matter does not conform with the criteria; or

• in an attest engagement concludes that (i) the assertion prepared by mangement does not present fairly the criteria used,(ii) the assertion prepared by management does not present fairly the subject matter’s conformity with the criteria, or (iii)essential information has not been presented or has been presented in an inappropriate manner.

A reservation should provide an explanation of the matter giving rise to the reservation and, if reasonably determinable, its effecton the subject matter.

TABLE 2–1 Standards for Assurance Services


as not being independent, users may lose confidence in the auditor’s abilityto report truthfully on financial statements. For example, an auditor mighthave a financial interest in an auditee but still conduct the audit in an ob-jective manner. Third parties, however, may assume that the auditor wasnot independent because the financial interest could have prevented the au-ditor from maintaining objectivity during the audit. Public confidence isimpaired if an auditor is found to lack independence. The Code of Profes-sional Conduct identifies actions, such as financial or managerial interestsin clients, that are believed to impair the auditor’s appearance of indepen-dence.

Examination Standards The examination standards relate to the ac-tual conduct of the audit. These three standards provide the conceptualbackground for the audit process. The first standard of field work dealswith planning and performance. Proper planning can lead to a more effec-tive audit that is more likely to detect material misstatements if they exist.Proper planning also assists in completing the engagement in a reasonableamount of time.

The second examination standard requires that the auditor gain suffi-cient understanding of the auditee’s environmental internal controls to planan audit and to properly assess the risks that fraud or error could lead tothe risk of a material misstatement. Internal control is a process, effected

General StandardThe examination should be performed and the report prepared by a person or persons having adequate technical training andproficiency in auditing, with due care and with an objective state of mind.

Examination Standards1. The auditor should plan and perform the audit to reduce audit risk to an acceptable low level that is consistent with the

objective of an audit.

2. The auditor should obtain an understanding of the entity and its environment, including its internal control, sufficient toidentify and assess the risks of material misstatement of the financial statements whether due to fraud or error, andsufficient to design and perform further audit procedures.

3. The auditor should obtain sufficient appropriate audit evidence to be able to draw reasonable conclusions on which to basethe audit opinion.

Reporting Standards1. The report should identify the financial statements and distinguish between the responsibilities of management and the

responsibilities of the auditor.

2. The report should describe the scope of the auditor’s examination.

3. The report should contain either an expression of opinion on the financial statements or an assertion that an opinion cannotbe expressed. In the latter case, the reasons therefore should be stated.

4. Where an opinion is expressed, it should indicate whether the financial statements present fairly, in all material respects, thefinancial position, results of operations and cash flows in accordance with an appropriate disclosed basis of accounting,which except in special circumstances should be generally accepted accounting principles. The report should provideadequate explanation with respect to any reservation contained in such opinion.

TABLE 2–2 Generally Accepted Auditing Standards


by an entity’s board of directors, management, and other personnel, that isdesigned to provide reasonable assurance regarding the achievement ofthe following objectives: (1) optimization of the use of resources, (2) pre-vention and detection of fraud and error, (3) safeguarding assets, and (4)maintaining a reliable information system. If the auditor decides to rely onthe entity’s system of internal control he or she must document the evi-dence on which that decision is based.

Sufficient, appropriate, audit evidence is the focus of the third exami-nation standard. Most of the auditor’s work involves the search for andevaluation of evidence to support management’s assertions in the financialstatements. The auditor uses various audit procedures to gather this evi-dence. For example, if the balance sheet shows an amount for accounts re-ceivable of $1.5 million, management asserts that this amount is the netrealizable value, or the amount expected to be collected from customers,for those receivables. The auditor can send confirmations to customersand examine subsequent payments by customers as audit procedures togather sufficient appropriate audit evidence on the proper value of ac-counts receivable.

Reporting Standards The four reporting standards specify what is tobe contained in the auditor’s report: (1) the financial statements reportedupon, and the responsibilities of management and the auditor, (2) thescope of the auditor’s examination, (3) the requirement to either expressand opinion or to explain why an opinion cannot be expressed, and (4) theopinion should state whether the financial statements are in accordancewith “an appropriate disclosed basis of accounting” which, except in rarecircumstances, is GAAP. Chapter 17 will cover in detail the auditor’s report.

The globalization of business and the influence of international organiza-tions such as the North American Free Trade Agreement (NAFTA) and theEuropean Economic Union (EU) have all increased the pressure to harmo-nize auditing standards internationally. An increasingly influential organi-zation in the development and harmonization of world-wide auditing stan-dards is the International Federation of Accountants (IFAC). The CICA,CGA-Canada, and SMAC are all members of IFAC. The International Au-diting and Assurance Standards Board (IAASB) of IFAC develops and is-sues International Standards on Auditing (ISAs), authoritative pronounce-ments for the guidance of auditors in member organizations. The AASB isactively engaged in projects to promote the convergence of standards pro-posed by the IAASB with the existing Canadian standards.1 The IFACHandbook is organized into sections—introduction and framework (100s),auditing principles and procedures (200s to 600s), auditors’ reports (700s),other engagements (800s and 900s), and special topics such as audits ofcomputer systems, consideration of environmental matters, etc. (1000s). Italso includes a section providing guidance on ethical requirements. Sec-tion 5101 of the CICA Handbook provides a table of concordance betweenthe International Standards on Auditing of IFAC and the standards of the

InternationalStandards onAuditing

C [LO 3]

1See also L.R Quinn, “Closing the GAAP,” CAMagazine (August 2003), pp.16–22.


CICA Handbook, highlighting similarities and differences. Canadian gener-ally accepted accounting principles should be followed, except when the fi-nancial statements:

• are prepared as described in CICA Handbook, paragraph 5600.09, or• are financial statements of a federal, provincial, territorial, or local

government, and the auditor is required to express an opinion . . . inaccordance with a disclosed basis of accounting, when the auditorwould refer to audit of government financial statements, section PS 5200, for guidance.

The report should provide adequate explanation with respect to any reser-vation contained in such opinion.

In audits of domestic companies, Canadian auditors must follow thestandards of the CICA Handbook in all matters of procedure and reporting.The ISAs are an ongoing process and are still incomplete. As a result theCICA Handbook is much more comprehensive and in many cases, its re-quirements are more rigorous than those of the ISAs. The ISAs tend to bemore procedural in many areas and provide guidance which, while not asrigorous in principle, is more procedurally detailed than is the approach ofthe Canadian auditing profession.

Nevertheless, the trend towards international harmonization of audit-ing standards is increasing. A Canadian auditor may be engaged to con-duct an examination in accordance with International Standards on Audit-ing. In such cases he or she should consult the most current version of theIFAC Handbook for the complete ISAs. Many large firms having an inter-national practice possess extensive libraries of documentation reflectinginternational practice.

The Assurance and Related Services Recommendations are classified as:

5000 General Assurance and Auditing6000 Specific Items7000 Specialized Areas8000 Review Engagements9000 Related Services

The bulk of this text will deal with the topics in section 5000, General As-surance and Auditing; however, each of the other sections listed will becovered in more detail in later chapters.

Generally Accepted Accounting Principles as an Audit Criterion

The demand for auditing arises from the potential conflict of interest thatexists between owners (shareholders) and managers. The contractualarrangement between these parties normally requires that managementissue a set of financial statements that purports to show the financial posi-tion and results of operations of the entity. In order to properly evaluate thefinancial statements, the parties to the contract must agree on a benchmark

C [LO 4]

The Structure of the Assurance and Related Services RecommendationsSection of the CICA Handbook


or criterion to measure performance. Without an agreed-upon criterion, itis impossible to measure the fair presentation of the financial statements.

Generally accepted accounting principles (GAAP) have, over time, be-come the primary criteria used to prepare financial statements. As theterm implies, these principles are generally accepted by the diverse usersof financial statements. The authority for using GAAP as the benchmarkcomes from generally accepted auditing standards (GAAS). The fourth re-porting standard requires that the auditor’s report indicate whether the fi-nancial statements are presented in accordance with GAAP. The auditor’sstandard audit report states that “the financial statements . . . presentfairly . . . in accordance with generally accepted accounting principles.”In making this statement in the audit report, the auditor judges whether(1) the accounting principles have general acceptance, (2) the accountingprinciples are appropriate in the circumstances, (3) the financial state-ments, including the footnotes, contain adequate disclosure, (4) the infor-mation in the financial statements is classified and summarized in a rea-sonable manner, and (5) the financial statements reflect the underlyingtransactions and events in a manner that presents the financial position,results of operations, and cash flows stated within a range of acceptablelimits.

In judging the proper accounting treatment for a transaction or event,the auditor should always consider whether the substance of the transac-tion differs from its form. Transactions should be recorded to reflect theireconomic substance. For example, if a company enters into a lease transac-tion in which the substance of the transaction is the purchase of the assetwith debt, the transaction should be recorded as a capital lease rather thanan operating lease.

It is important to consider how GAAP and GAAS are related in theaudit function. Figure 1–3 in Chapter 1 presented an overview of the auditfunction for a financial statement audit. Management and their accoun-tants record business transactions through the entity’s accounting systemin accordance with GAAP. Therefore, the financial statements that are pre-pared based on the entity’s operations should also be in accordance withGAAP. GAAS, on the other hand, guide the auditor on how to gather evi-dence to test management’s assertions to determine if they are in accor-dance with GAAP. If the auditor has gathered sufficient evidence to pro-vide reasonable assurance that the financial statements present fairly inaccordance with GAAP, an unqualified report can be issued.

In May 2003, the Canadian Securities Administrators (CSA) an-nounced that, effective for fiscal years beginning January 1, 2004 or later,Canadian firms registered with the US Securities Exchange Commission(there are approximately 500 Canadian companies registered with USstock exchanges) will be able to apply for an exemption to permit them tofile their financial statements for Canada using US GAAP. In order for afirm to qualify, the firm must demonstrate that it has the necessary exper-tise to prepare US GAAP financial statements and must also show that thefirm’s auditor is knowledgeable about US GAAS.2

2Source: www.accountingweb.com, “Canadian Regulators Okay Use of US GAAP.”


Financial Statements, Management Assertions, and Audit Objectives

Financial statements issued by management contain assertions about thecomponents of those financial statements (refer to Figure 1–3). For exam-ple, when the financial statements contain a line item that inventory is$2,500,000, management asserts among other things that inventory exists,that the entity owns the inventory, and that it is properly valued. Similarly,if the financial statements contain a line item that states accounts payableare $750,000, management asserts among other things that the accountspayable are obligations of the entity and the amount for accounts payablecontains all such obligations (an assertion as to completeness).

In CICA Handbook, paragraph 5300.17, management assertions areclassified into the following categories:

• existence (assets and liabilities) • occurrence (revenues and expenses)• completeness• ownership• valuation (assets and liabilities)• measurement (revenues and expenses)• statement presentation

Table 2–3 summarizes and explains management assertions.The auditor’s work consists of searching for and evaluating evidence

concerning assertions. Operationally, this is accomplished by developingaudit objectives that relate to management’s assertions. In the previous ex-ample, management asserted that accounts payable of $750,000 were com-plete (all accounts payable were included). The completeness assertion canbe divided into two audit objectives: completeness and cutoff. By disaggre-gating the assertions into more specific audit objectives, the auditor is bet-ter able to design audit procedures for obtaining sufficient appropriate evi-dence to test management assertions. In our example, the audit objectivefor completeness is tested to determine if all accounts payable were in-cluded in the account, while the audit objective for cutoff tests whether all

C [LO 5]

• Existence

• Occurrence

• Completeness

• Ownership

• Valuation

• Measurement

• Statement presentation

TABLE 2–3 Summary of Management Assertions

The assets and liabilities exist at a given date.

The recorded revenue and expense transactions have occurred as of a given date.

There are no unrecorded assets, liabilities, revenues, or expenses.

The assets (liabilities) are owned (owed) by the entity at a given date.

The assets and liabilities are appropriately valued.

The revenues and expenses are appropriately measured and are allocated to theproper accounting period.

Amounts shown in the financial statements are properly presented and disclosed.


accounts payable were recorded in the proper accounting period. One auditprocedure that would provide evidence about the completeness objectivewould be a search for unrecorded liabilities. One step in this search wouldbe to examine vendor bills recorded in the period after year-end to deter-mine if those liabilities relate to the current period. Once the auditor hassufficient evidence that the audit objective is met, he or she has reasonableassurance that the assertion is appropriate.

Figure 2–1 graphically represents the relationships among manage-ment assertions, audit objectives, audit procedures, and audit evidence.Chapter 4 contains more detailed coverage.

The Auditor as a Business and Industry ExpertThe auditor must have extensive knowledge about the nature of the client’sbusiness and industry in order to determine whether financial statementassertions are valid. The auditor must also understand the strategic busi-ness risks faced by the client in addition to understanding the risks that af-fect the traditional processing and recording of transactions.

A paradigm that is becoming dominant amongst the large public ac-counting firms is the strategic systems approach (SSA) to auditing. UsingSSA, the auditor seeks to understand and document: (1) management’sstrategies to achieve its objectives, (2) management’s analysis of the risks

C [LO 6]

F I G U R E 2–1

The Relationships amongManagement’s Assertions,Audit Objectives, Audit Procedures, and AuditEvidence

Management’s assertionsare contained in thefinancial statements.

Auditor developsaudit objectives based onmanagement’s assertions.

Audit evidence isdeveloped to support

management’s assertions.

Audit procedures areconducted to test the

audit objectives.

ValidityCompleteness

CutoffOwnership AccuracyValuation

ClassificationDisclosure

ExistenceOccurrence

CompletenessOwnershipValuation

MeasurementStatement presentation


the business faces, and (3) the business processes that management has putin place to manage those risks. This in-depth analysis allows the auditor toobtain a thorough understanding of the business risks facing the client, theinherent risk factors in the audit and the control risks associated with themajor processes management has developed for the operation of the busi-ness. The ultimate objective of this detailed analysis is to assist the auditorin designing an effective, efficient audit of the client’s financial statements.A recent KPMG monograph contained the following observation:3

As the global economy, the business organizations operating within it, and or-ganizations’ business strategies become increasingly complex and interdepen-dent, we believe more attention should be paid to the development of auditingmethods and procedures that focus on assertions at the entity level—methodsand procedures that promise greater power to detect material misstatementsas they allow the auditor to ground key judgements in a more critical andholistic understanding of the client’s systems dynamics (p. 12).

Consideration of an entity’s business risks requires that the auditor knowthe client’s business strategy and how it plans to respond to, or control,changes in its business environment. Numerous rapid or momentouschanges have significantly affected an industry or an entity within that in-dustry. For example, the sale of books over the Internet by Amazon.comthrough a “virtual” bookstore significantly affected the retail book indus-try. Traditional bookstores (like Chapters) had to respond to this new com-petitor or lose sales and customers. Similarly, rapid and significant techno-logical changes in telecommunications and in computers and peripheralequipment increase the business risks for entities that operate in those in-dustries. Lastly, deregulation in banking and utilities has significantly in-creased the risks for entities that operate in those industries.

This focus on the client’s business risks leads to a more strategic andsystematic approach to the audit. The auditor uses knowledge of the client’sbusiness and industry to develop a more efficient and effective audit. Theauditor places less emphasis on routine transactions that are likely to betightly controlled through the client’s internal control system. Instead, thefocus shifts to identifying nonroutine transactions, accounting estimates,and valuation issues that are much more likely to lead to misstatements inthe financial statements. A detailed discussion of the strategic systems ap-proach to auditing is found in Chapter 3.

Three Fundamental Concepts in Conducting an AuditA financial statement audit requires an understanding of three fundamen-tal concepts: materiality, audit risk, and evidence. The auditor’s judgementof materiality and audit risk establishes the type and amount of the auditwork to be performed (referred to as the scope of the audit). In establish-ing the scope of the audit, the auditor must make decisions about the na-

C [LO 7]

3T. B. Bell, F. O. Marrs, I. Solomon, and H. Thomas, Auditing Organizations Through a Strategic-Systems Lens: The KPMG Business Measurement Process (New York: KPMG Peat Marwick LLP,1997).


ture, extent, and timing of evidence to be gathered. This section briefly dis-cusses each of these concepts. The next two chapters cover these conceptsin greater depth.

Materiality Assurance and Related Services Guideline AuG-41, “Applying the conceptof materiality in conducting an audit,” suggests using quantitative guide-lines for the initial assessment of materiality. For example, for a profit-ori-ented entity, AuG-41 suggests 5 percent of after-tax income from continu-ing operations, for a not-for-profit entity, 1/2 percent to 2 percent of totalrevenues or total expenses. However, AuG-41 and Handbook, section 5130,“Materiality in conducting an audit,” both stress that the auditor’s consid-eration of materiality should be a matter of professional judgement and isaffected by what the auditor perceives as the view of a reasonable personwho is relying on the financial statements. Paragraph 5130.04 of the CICAHandbook defines materiality as follows:

A misstatement or the aggregate of all misstatements in financial statements isconsidered to be material if, in light of surrounding circumstances, it is proba-ble that the decision of a person who is relying on the financial statements,and who has a reasonable knowledge of business and economic activities (theuser), would be changed or influenced by such misstatement or the aggregateof all misstatements.

The focus of this definition is on the users of the financial statements.In planning the engagement, the auditor assesses the magnitude of a mis-statement that may affect the users’ decisions. This is sometimes referredto as accounting materiality. The auditor uses accounting materiality as astarting point for determining an amount that will be used for establishingthe preliminary judgement about materiality. This assessment is some-times referred to as auditing materiality. Auditing materiality is generallyassessed to be less than accounting materiality because the auditor needsto allow for the difficulty in assessing what is material to the diversegroups of financial statement users. When “materiality” is used in the re-mainder of this text, it refers to auditing materiality.

The earlier example of an inventory balance of $2,500,000 is used todemonstrate this approach. Suppose the auditor assesses that the inven-tory component of the financial statements can be misstated by $50,000before users’ decisions will be affected. The $50,000 is accounting materi-ality. The auditor may set auditing materiality at a lower amount, say$40,000, to provide for any uncertainty that may be present in his or herassessment of accounting materiality. The $40,000 is used by the auditorto design the planned audit work. This amount would also be used to eval-uate the auditor’s findings. By establishing an auditing materiality levelsuch as $40,000, the auditor is focusing on material misstatements, where amisstatement is the difference between what management asserts is thebalance and the balance based on the auditor’s findings.

As you shall see later in this chapter, the wording of the auditor’sstandard audit report includes the phrase “the financial statements pre-sent fairly in all material respects.” This is the manner in which the audi-tor communicates the notion of materiality to the users of the auditor’sreport. Further, there is no guarantee that the auditor will uncover all ma-


terial misstatements. The auditor can only provide reasonable assurancethat all material misstatements are detected. The notion of reasonable as-surance leads to the second concept.

Audit Risk The second major concept involved in auditing is audit risk.

Audit risk is the risk that the auditor expresses an inappropriate audit opinionwhen the financial statements are materially misstated.4

As mentioned previously, an audit does not guarantee or provide ab-solute assurance that all misstatements will be detected. The auditor’sstandard report states that the audit provides only reasonable assurancethat the financial statements do not contain material misstatements. Theterm reasonable assurance implies some risk that a material misstatementcould be present in the financial statements and the auditor will fail to de-tect it. In conducting an audit, the auditor decides what level of audit riskhe or she is willing to accept and plans the audit to achieve that level ofaudit risk. The auditor controls the level of audit risk by the effectivenessand extent of the audit work conducted. The more effective and extensivethe audit work, the less the risk that the misstatement will go undetectedand the auditor will issue an inappropriate report. However, as discussedpreviously, an auditor could conduct an audit in accordance with GAASand issue an unqualified opinion, and the financial statements might stillcontain material misstatements. The auditor’s responsibility with respectto misstatements that might arise from fraudulent activity or illegal acts iscovered in detail in Chapter 3.

Evidence Most of the auditor’s work in arriving at an opinion on the financial state-ments consists of obtaining and evaluating evidence. Evidence supportingthe financial statements consists of the underlying accounting records andsource documents available to the auditor.

In designing an audit program to obtain evidence about manage-ment’s assertions contained in the financial statements, the auditor devel-ops specific audit objectives that relate to each management assertion(see Figure 2–1). The audit objectives, in conjunction with the assessmentof materiality and audit risk, are used by the auditor to determine the na-ture, extent, and timing of evidence to be gathered. Because the audit ob-jectives are derived from management’s assertions, once the auditor hasobtained sufficient appropriate evidence that the audit objectives are met,reasonable assurance is provided that the financial statements are fairlypresented.

In searching for and evaluating evidence, the auditor is concerned withthe relevance and reliability of the evidence. Relevance refers to whetherthe evidence relates to the specific audit objective being tested. If the audi-tor relies on evidence that relates to a different audit objective from theone being tested, an incorrect conclusion may be reached about a manage-

4CICA Handbook, paragraph 5095.08.


ment assertion. For example, suppose the auditor wants to test whetherthe client owns certain property. If the auditor physically examines theproperty, this would not be relevant evidence. It is possible, for example,that the client is leasing the property the auditor examined.

Reliability refers to the diagnosticity of the evidence. In other words,can a particular type of evidence be relied upon to signal the true state ofthe assertion or audit objective? Suppose an auditor has the choice ofgathering evidence from an independent, competent source outside theclient or from a source inside the client. For example, evidence provided bya lawyer on the likely outcome of a lawsuit against the client would beconsidered more reliable than the controller’s assessment of the likely out-come. In this instance, the external source, the lawyer, would be chosenbecause evidence from the outside source would be viewed as independentand thus more reliable.

The auditor seldom has convincing evidence about the true state of anaudit objective and, therefore, the related management assertion. In mostsituations, the auditor obtains only enough evidence to be persuaded thatthe audit objective is fairly stated. The nature of the evidence obtained bythe auditor seldom provides absolute assurance about an audit objectivebecause the types of evidence have different degrees of reliability. Addi-tionally, for many parts of an audit, time and cost constraints mean thatthe auditor can examine only a sample of the transactions processed dur-ing the period. Chapter 8 details the use of sampling techniques by the au-ditor to obtain audit evidence.

Conceptual Basis of the AuditThis section provides a brief introduction to the conceptual approach theauditor employs in the performance of the audit examination. The steps inthat process are detailed in the section following. This section describesthe risk-based approach that guides those steps. The risk-based approach isconsistent with the concepts of the Strategic Systems Approach toauditing,5 and with the increased emphasis on audit risk in the professionalliterature, for example, CICA Assurance and Related Services GuidelineAuG-41, “Applying the concept of materiality in conducting an audit,”CICA Handbook, sections 5095, “Reasonable assurance and audit risk,”5200, “Understanding the entity and its environment and assessing therisks of material misstatement,” and 5210, “Auditor’s procedures in re-sponse to assessed risks.”

An Overview The auditor should plan and conduct an audit so that audit risk (the riskthat the auditor may unknowingly fail to appropriately modify his or heropinion on financial statements that are materially misstated) will be limitedto an acceptable level. Figure 2–2 presents an overview of the audit process.

C [LO 8]

5Ibid., see also T.B. Bell, and I. Solomon (eds.), Cases in Strategic Systems Auditing (Univer-sity of Illinois: KPMG and University of Illinois at Urbana-Champaign Business Measurementand Case Development Program, 2002).


F I G U R E 2–2

An Overview of the Audit Process

Obtain and support an understandingof the entity and its environment

Identify risks that may result inmaterial misstatements

in the financial statements

Evaluate the entity’s responses tothose risks and obtain evidence of

their implementation

Assess the risk of material misstatementat the assertion level and determine the

audit procedures that are necessarybased on that risk assessment

Higher risk assertionsLower risk assertions related

to significant accounts orclasses of transactions

Evaluate whethersufficient auditevidence wasobtained and if

the assessmentsof risk wereappropriate

Design and performnormal procedures

Design and performspecific procedures

Issueaudit report


Obtain and Support an Understanding of the Entity and ItsEnvironment The auditor starts by obtaining an understanding of theentity and its environment sufficient to plan the audit and to determine thescope (nature, timing, and extent) of the audit procedures to be performed(see Figure 2–2). The auditor’s understanding of the entity and its environ-ment should include information on each of the following categories:

• nature of the entity

• industry, regulatory, and other external factors

• management

• governance

• objectives and strategies

• measurement and performance

• business processes

Because the understanding of the entity and its environment is used to as-sess the risk of material misstatement and to set the scope of the audit, theauditor should perform appropriate procedures to support that under-standing. Such procedures might include inquiry of client personnel, ob-servation of activities, analytical procedures, reading business plans andstrategies, and other procedures considered necessary in the circum-stances.

Identify Risks That May Result in Material MisstatementBusiness risks are threats to the entity’s ability to achieve its objectives.Most entities face a collection of business risks that may result in materialmisstatement in the financial statements. Some examples of conditionsthat may indicate the existence of business risks include significantchanges in the entity such as a major reorganization, significant changesin the entity’s industry, or significant changes in the information technol-ogy (IT) environment. To demonstrate how such risks can result in mater-ial misstatements in the financial statements, consider the effect ofchanges in an entity’s industry. Suppose that the entity’s industry is subjectto rapid technological product changes. If the entity does not managechanging product technology well, its valuation of inventory on the bal-ance sheet may be overstated due to obsolescence. Based on the auditor’sknowledge of the entity and its environment, the auditor should identifyrisks that may result in material misstatement whether due to error orfraud.

Evaluate the Entity’s Response to Risks Management has a re-sponsibility to strive to attain the entity’s objectives. Therefore, manage-ment should establish a risk assessment process that identifies, analyzes,assesses, and manages risks that may affect the entity’s objectives. Thiswas emphasized in the discussion of the accountability cycle in Chapter 1.For those risks identified as possibly resulting in material misstatement,the auditor should evaluate the entity’s responses to those risks and obtainevidence of their implementation. The auditor should perform this step be-cause the entity’s responses, or nonresponses, affect audit risk. As dis-


cussed in Chapter 6, this evaluation may provide a basis for the auditor’splanned level of control risk.

Assess the Risk of Material Misstatement While the auditor ex-presses an opinion on the financial statements taken as a whole, the audi-tor needs to assess audit risk at the individual account balance level (e.g.,accounts receivable, inventory, etc.). The auditor assesses audit risk at theaccount balance level because it assists with determining the scope of theaudit procedures. Based on the knowledge obtained in evaluating the enti-ty’s responses to business risks, the auditor assesses the risk of materialmisstatement at the assertion level (refer to the earlier discussion of man-agement assertions) and determines the specific audit procedures that arenecessary based on that risk assessment. Thus, when considering the risksfaced by the entity, the auditor should use a “top-down” approach to riskassessment. Figure 2–3 graphically presents this approach. Risks identifiedat the entity level may “filter” down and affect the accounts contained inthe financial statements. The type of risk identified at the account balancelevel is likely to affect specific assertions in the account balance. As dis-cussed later in the text, the auditor normally has to test individual transac-tions that make up the account balance in order to obtain evidence on theassertions. Consider the industry example present above. At the entitylevel, the risk was changing technology in the industry. That risk trans-lated into possible misstatements in inventory due to obsolescence. Thepotential inventory obsolescence of inventory affects the valuation asser-tion.

Design and Perform Audit Procedures In Figure 2–3, a distinc-tion is made between high-risk and low-risk assertions. For high-risk asser-tions, the auditor should consider how material misstatements may occurand design and perform specific audit procedures to specifically addressthe potential misstatements. Examples of items that may require specificaudit procedures include nonroutine or unsystematically processed trans-actions, significant accounting estimates and judgements, or highly com-plex transactions. Such specific procedures should be designed to reducethe risk of undetected material misstatements to a low level. For low-riskassertions, the auditor should design and perform procedures to addressthe normal risks of material misstatement. Usually, low-risk assertions re-late to routine processing of significant transactions whose characteristicsoften allow highly automated processing by IT with little or no manual in-tervention. Such transactions are likely to be recurring, objectively mea-surable, and processed in a similar way.

Evaluate Results and Issue Report The auditor’s goal at the com-pletion of the audit is to ensure that the risk of material misstatement isreduced to an acceptable level such that the overall financial statementspresent fairly. At the completion of the audit work, the auditor should de-termine if the assessments of risks were appropriate and whether suffi-cient evidence was obtained. The auditor should then aggregate the totaluncorrected misstatements that were detected and determine if they cause


the financial statements to be materially misstated. If the auditor con-cludes that the total misstatements cause the financial statements to bematerially misstated, the auditor should request management to eliminatethe material misstatement. If management does not eliminate the materialmisstatement, the auditor should issue a qualified or adverse opinion (seethe last section of this chapter). On the other hand, if the uncorrected totalmisstatements do not cause the financial statements to be materially mis-stated, the auditor should issue an unqualified report.

Phases of the Audit ProcessThis section discusses the major phases of a financial statement audit. Thepresentation provides you with an overall picture of the steps necessary to

C [LO 9]

F I G U R E 2–3

A Top-Down Approach toRisk Analysis and RelatedAudit Procedures

Identify risksat the entity level

Identify risks that increase therisk of material misstatement at

the account balance level

Identify risks that increase therisk of material misstatement

at the assertion level

Design normalaudit procedures

Design specificaudit procedures

Determine audit procedures bydistinguishing between

high- and low-risk assertions

Highrisk

Lowrisk


complete an audit engagement. While these steps are presented as separatephases, on many engagements some of these steps may be conducted con-currently. Note also that there is important feedback among the variousphases about the results of the audit work conducted. For example, whentesting an accounts receivable balance, the auditor sets the scope of thetests based on the assessment of the internal controls over the revenuecycle. If the auditor detects more misstatements than expected when audit-ing the accounts receivable account, it may provide evidence that the inter-nal controls in the revenue cycle are not operating as effectively as origi-nally assessed. In this case, the auditor should revise the internal controlassessment for the revenue cycle and adjust other planned audit tests thatmay be affected by the revenue cycle.

The phases of the audit are shown in Figure 2–4. The first phase, clientacceptance and continuance, is covered in some detail below. This is fol-lowed by a brief discussion of the other phases shown in Figure 2–4. Sub-sequent chapters cover the other phases in more detail.

F I G U R E 2–4

Overview of the MajorPhases in an Audit

Establish the terms of the engagement(Chapter 5)

Plan the audit, including assessingmaterality and risk(Chapters 3 and 5)

Client acceptance and continuance(Chapters 2 and 5)

Consider internal control(Chapters 6 and 7)

Audit business processes and relatedaccounts (e.g., revenue generation)

(Chapters 9–15)

Fee

dbac

k on

the

resu

lts o

f the

aud

it w

ork

in th

ese

phas

es

Complete the audit(Chapter 16)

Issue audit report(Chapter 17)


Prudence requires that public accounting firms establish policies and pro-cedures for deciding whether to accept new clients or retain currentclients. The purpose of such policies is to minimize the likelihood that anauditor will be associated with clients who lack integrity. If an auditor isassociated with a client who lacks integrity, material misstatements mayexist and not be detected by the auditor. This can lead to lawsuits broughtby users of the financial statements.6 In discussing this issue, a distinctionis made between evaluating a prospective client and continuing a currentclient. In the case of a continuing client, the auditor has more firsthandknowledge about the entity’s operations and management’s integrity.

Prospective Client Acceptance Public accounting firms should in-vestigate a prospective client prior to accepting an engagement.7 Table 2–4lists procedures that a firm might conduct to evaluate a prospective client.Performance of such procedures would normally be documented in amemo or by completion of a client acceptance questionnaire or checklist.

When the prospective client has previously been audited, the successorauditor is required by provincial and national codes of conduct, and byacts of incorporation such as the CBCA, to make certain inquiries of thepredecessor auditor before accepting the engagement. The successor audi-tor should request permission of the prospective client before contactingthe predecessor auditor. Because the Rules of Professional Conduct do notallow an auditor to disclose confidential client information without theclient’s consent, the prospective client must authorize the predecessor

ClientAcceptance andContinuance

6See Z. Palmrose, “Litigation and Independent Auditors: The Role of Business Failure andManagement Fraud,” Auditing: A Journal of Practice & Theory (Spring 1987), pp. 90–103, for adiscussion of the impact of management fraud on litigation against auditors.7See H. F. Huss and F. A. Jacobs, “Risk Containment: Exploring Auditor Decisions in the En-gagement Process,” Auditing: A Journal of Practice and Theory (Fall 1991), pp. 16–32, for a de-scription of the client acceptance process of the Big 5 firms.

1. Obtain and review available financial information (annual reports, interim financial statements, income tax returns, etc.).

2. Inquire of third parties about any information concerning the integrity of the prospective client and its management. (Suchinquiries should be directed to the prospective client’s bankers and lawyers, credit agencies, and other members of thebusiness community who may have such knowledge.)

3. Communicate with the predecessor auditor about whether there were any disagreements about accounting principles, auditprocedures, or similar significant matters.

4. Consider whether the prospective client has any circumstances that will require special attention or that may representunusual business or audit risks, such as litigation or going-concern problems.

5. Determine if the firm is independent of the client and able to provide the desired service.

6. Determine if the firm has the necessary technical skills and knowledge of the industry to complete the engagement.

7. Determine if acceptance of the client would violate the Rules of Professional Conduct.

TABLE 2–4 Procedures for Evaluating a Prospective Client


auditor to respond to the successor’s requests for information. The succes-sor auditor’s communications with the predecessor auditor should includequestions related to the integrity of management; disagreements withmanagement over accounting and auditing issues; communications withaudit committees or an equivalent group regarding fraud, illegal acts, andinternal-control-related matters; and the predecessor’s understanding ofthe reason for the change in auditors. Such inquiries of the predecessorauditor may help the successor auditor determine whether to accept theengagement. The predecessor auditor should respond fully to the succes-sor’s requests unless an unusual circumstance (such as a lawsuit) exists. Ifthe predecessor’s response is limited, the successor auditor must be in-formed that the response is limited.

In the unusual case where the prospective client refuses to permit thepredecessor to respond, the successor auditor should have reservationsabout accepting the client. Such a situation should raise serious questionsabout management’s motivations and integrity.

After accepting the engagement, the successor auditor may need infor-mation on beginning balances and consistent application of GAAP in orderto issue an unqualified report. The successor auditor should request thatthe client authorize the predecessor auditor to permit a review of his orher working papers. In most instances, the predecessor auditor will allowthe successor auditor to make copies of any working papers of continuinginterest (for example, details of selected balance sheet accounts).

If the client has not previously been audited, the public accountingfirm should complete all the procedures listed in Table 2–4, except for thecommunication with the predecessor auditor. The auditor should reviewthe prospective client’s financial information and carefully assess manage-ment integrity by communicating with the entity’s bankers and lawyers, aswell as other members of the business community. In some cases, the pub-lic accounting firm may even hire an investigative agency to check onmanagement’s background.

Client Continuance Public accounting firms need to evaluate period-ically whether to retain their current clients. This evaluation may takeplace at or near the completion of an audit or when some significant eventoccurs. Conflicts over accounting and auditing issues or disputes over feesmay lead a public accounting firm to disassociate itself from a client.

The auditor should establish an understanding with the client regardingthe services to be performed. For small, privately held entities, the auditornormally negotiates directly with the owner-manager. For larger private orpublic entities, the auditor will normally be appointed by a vote of theshareholders after recommendation by the audit committee of the boardof directors. In all cases, an engagement letter should document the termsagreed to by the auditor and client. Such terms would include, for exam-ple, the responsibilities of each party, the assistance to be provided byclient personnel and internal auditors, and the expected audit fees. Chap-ter 5 provides an example of an engagement letter and discusses the auditcommittee and internal auditors.

Establish the Terms of theEngagement


Preplanning There are generally two preplanning activities: (1) determining the auditengagement team requirements and (2) ensuring the independence of theaudit team and audit firm. The engagement partner or manager should en-sure that the audit team is composed of team members who have the ap-propriate audit and industry experience for the engagement. The partneror manager should also determine whether the audit will require IT orother types of specialists (e.g., actuaries or appraisers). The second issuethat needs to be addressed during preplanning is independence of theteam members and the firm from the client. Chapter 5 addresses thisphase of the audit process in more detail.

In order to properly plan the audit, the audit team must establish a prelim-inary judgement about materiality and make a preliminary assessment ofthe client’s business risks. The materiality judgement and risk assessmentare used to set the scope for the audit. Chapter 3 explains both of theseconcepts in detail.

Plan the Audit Proper planning of an audit is important to ensure that the audit is con-ducted in an effective and efficient manner. The steps taken during thisphase include (1) gaining knowledge of the client’s business and industryso that the auditor understands events, transactions, and practices thatmay affect the financial statements, particularly important in the StrategicSystems Approach to auditing, and (2) conducting preliminary analyticalprocedures (such as ratio analysis) to identify specific transactions or ac-count balances that should receive special attention because they may con-tain material misstatements. In many instances, audit planning may in-clude a preliminary consideration of the client’s internal control system.Based on this initial work, an overall audit strategy is developed. This in-cludes the preliminary assessment of materiality and audit risk, as well asa written audit plan which sets out the nature, extent, and timing of auditwork. The audit plan serves as a starting point for the engagement, but ad-justments may be required as the audit progresses. As part of the planningprocess, the audit partner or manager should also discuss with the othermembers of the audit team the susceptibility of the entity to material mis-statements due to error or fraud. Chapter 3 discusses the auditor’s respon-sibility for fraud and error in more detail.

Internal control is a process affected by an entity’s board of directors, man-agement, and other personnel that is designed to provide reasonable assur-ance regarding the achievement of objectives such as: (1) optimizing theuse of resources, (2) prevention and detection of error and fraud, (3) safe-guarding assets, and (4) maintaining a reliable information system. The au-ditor must sufficiently understand the client’s internal controls in order todetermine which controls exist within the entity. The auditor then evaluatesthe internal controls in order to assess the risk that they will not prevent ordetect a material misstatement in the financial statements. In consideringinternal control, the auditor focuses on how the entity’s use of IT and man-ual procedures may affect the controls relevant to the audit. This risk (re-ferred to as control risk) directly impacts the scope of the auditor’s work.

ConsiderInternal Control

EstablishMateriality andAssess Risks


When the auditor assesses control risk at less than the maximum, ex-amination standard (ii) of GAAS requires that the internal controls shouldbe tested. The auditor’s tests are intended to ensure that the internal con-trols are operating in the manner intended and therefore are effective inpreventing or detecting misstatements. The evidence gathered from testingthe internal controls is used to arrive at a final assessment on the level ofcontrol risk. When control risk is assessed low, based on tests of the inter-nal controls (referred to as tests of controls), less audit work is required toaudit the account balances (referred to as substantive tests) because the au-ditor has evidence that the accounting systems are generating materiallyaccurate financial information. Conversely, if control risk is high, the audi-tor has to conduct more extensive audit work in the account balances be-cause the evidence about internal controls suggests that material misstate-ments could occur because controls do not exist or are not operatingeffectively. Chapter 6 provides detailed coverage of internal control in a fi-nancial statement audit. Later chapters apply this process to various busi-ness processes; for example, see Chapters 9 to 15.

In implementing the top-down risk assessment process (Figure 2–3), theauditor typically assesses the risk of material misstatement by examiningthe entity’s business processes or accounting cycles (e.g., production anddistribution processes or sales and post-sales services). Based on theknowledge of the entity and its environment, the auditor determines theaudit procedures that are necessary to reduce the risk of material misstate-ment to an acceptably low level for the financial statement accounts af-fected by a particular business process. The individual audit proceduresare then directed toward specific assertions in the account balance that arelikely to be misstated. For example, the auditor may identify the valuationassertion for inventory as one where there is risk of misstatement and con-duct lower-of-cost-or-market tests to determine if the inventory on hand isproperly valued. On most engagements, this phase comprises most of thetime spent on the audit. Later chapters in the text discuss procedures forbusiness processes and related accounts.

After the auditor has completed testing the account balances, the suffi-ciency of the evidence gathered needs to be evaluated. The auditor musthave sufficient appropriate audit evidence in order to reach a conclusion onthe fairness of the financial statements. In this phase, the auditor also as-sesses the possibility of contingent liabilities, such as lawsuits, and searchesfor any events subsequent to the balance sheet date that may impact the fi-nancial statements. Chapter 16 covers each of these issues in detail.

The final phase in the audit process is choosing the appropriate audit re-port to issue. When the auditor has gathered sufficient appropriate auditevidence and complied with GAAS, and the financial statements conformto GAAP, the auditor can issue a standard unqualified audit report. Whensufficient evidence is not gathered or the financial statements are not inaccordance with GAAP, the auditor will issue a different type of report.The remainder of this chapter presents coverage of the auditor’s standard

Issue the Report

Complete the Audit

Audit BusinessProcesses andRelatedAccounts


unqualified audit report and an overview of the exceptions to the unquali-fied report. Audit reporting is covered early in the text so that the readerhas a better understanding of how the results of the evidence-gatheringprocess affect the auditor’s choice of audit reports. Chapter 17 provides de-tailed coverage of audit reporting.

Audit ReportingThe auditor’s report is the main product or output of the audit. This reportcommunicates the auditor’s findings to the users of the financial state-ments. It is the culmination of a process of collecting and evaluating suffi-cient appropriate evidence concerning the fair presentation of manage-ment’s assertions in the financial statements. The audit report adds valueto the financial statements because of the auditor’s objective and indepen-dent opinion on the fairness of the financial statements. Figure 2–5 pro-vides an overview of audit reporting.

C [LO 10]

F I G U R E 2–5

Overview of Audit Reporting

Immaterial

Effect of Materiality Type of Audit Report

Unqualified

Qualified

Denial*

*An auditor may also issue a denial for a lack of independence and, in some cases, for going concern.

Adverse

Scope limitation: • Client-imposed • Condition-imposed

Scope limitation: • Client-imposed • Condition-imposed

• Reports prepared under statutory requirements e.g., AuG-10, AuG-14• Inclusion of unaudited comparative financial statements

Not GAAP

Not GAAP

Unqualified withmodified wording or

explanatory paragraph

Material

Pervasivelymaterial

Qualified

56 Part I Introduction to Auditing and Assurance Services56 Part I Introduction to Auditing and Assurance Services56 Part I Introduction to Auditing and Assurance Services

The most common type of audit report issued is the standard unqualifiedaudit report because management’s assertions about the entity’s financialstatements are usually found to conform to generally accepted accountingprinciples. Such a conclusion can be expressed only when the audit wasperformed in accordance with generally accepted auditing standards. Sec-tion 5400 of the CICA Handbook, “The auditor’s standard report,” providesauthoritative guidance for situations where a standard, unqualified auditreport is appropriate.

Exhibit 2–1 presents an audit report for Molson Inc., a well-knownCanadian company. This report is for the consolidated entity and coverstwo years of balance sheets, statements of earnings, retained earnings, andcash flows. This is the standard type of report issued for publicly tradedcompanies. The auditor’s standard unqualified report can also cover a sin-gle year only. The Molson Inc. report contains a number of important ele-ments.

The Auditor’sStandardUnqualifiedAudit Report

E X H I B I T 2–1 The Auditor’s Standard Unqualified Audit Report—Comparative Financial Statements

Title: Auditors’ Report

Addressee: The Shareholders of Molson Inc.

Introductory We have audited the consolidated balance sheets of Molson Inc. paragraph: at March 31, 2004 and 2003, and the consolidated statements of earn-

ings, retained earnings, and cash flows for each of the years thenended. These financial statements are the responsibility of the Corpora-tion’s management. Our responsibility is to express an opinion on thesefinancial statements based on our audits.

Scope paragraph: We conducted our audits in accordance with Canadian generally ac-cepted auditing standards. Those standards require that we plan andperform the audit to obtain reasonable assurance whether the financialstatements are free of material misstatement. An audit includes exam-ining, on a test basis, evidence supporting the amounts and disclosuresin the financial statements. An audit also includes assessing the ac-counting principles used and significant estimates made by manage-ment, as well as evaluating the overall financial statement presentation.

Opinion paragraph: In our opinion, these consolidated financial statements present fairly, inall material respects, the financial position of the Corporation at March31, 2004 and 2003, and the results of its operations and its cash flowsfor the years then ended, in accordance with Canadian generally ac-cepted accounting principles.

Name of the auditor: PricewaterhouseCoopers LLPChartered Accountants

Date of report: Canada, May 5, 2004

Chapter 2 An Overview of Financial Statement Auditing 57Chapter 2 An Overview of Financial Statement Auditing 57Chapter 2 An Overview of Financial Statement Auditing 57Chapter 2 An Overview of Financial Statement Auditing 57Chapter 2 An Overview of Financial Statement Auditing 57Chapter 2 An Overview of Financial Statement Auditing 57Chapter 2 An Overview of Financial Statement Auditing 57Chapter 2 An Overview of Financial Statement Auditing 57

Title Auditing standards require that the report be entitled “Auditor’sReport.”

Addressee The audit report is addressed to the individual or groupthat engaged the auditor. In the normal situation, the report is addressedto the entity’s shareholders.

Introductory Paragraph The introductory paragraph contains threeimportant facts. First, it states that an audit was conducted and indicateswhich financial statements are covered by the audit report. Second, it con-tains a statement that the financial statements are the responsibility ofmanagement. Third, it identifies the auditor’s responsibility—to express anopinion on the financial statements.

Scope Paragraph The second, or scope, paragraph communicates tothe users, in very general terms, what an audit entails. In addition to indi-cating that the audit was conducted in accordance with Canadian generallyaccepted auditing standards, it emphasizes the fact that the audit providesonly reasonable assurance that the financial statements contain no materialmisstatements. The scope paragraph also discloses that an audit involvesexamining evidence on a test basis, an assessment of accounting principlesused and significant estimates, and an overall evaluation of financial state-ment presentation. The overall evaluation is in terms of the agreed-uponcriteria. In Exhibit 2–1, GAAP are the criteria used to evaluate the fairnessof the financial statements.

Opinion Paragraph The third paragraph contains the auditor’s opin-ion concerning the fairness of the financial statements based on the auditevidence. Two important phrases contained in this paragraph require fur-ther explanation. First, the phrase “present fairly . . . in accordance withCanadian generally accepted accounting principles” is the wording usedby the auditor to comply with the fourth reporting standard. Second, theopinion paragraph also contains the phrase “in all material respects.” Asmentioned earlier, this phrase is included in the report to stress the con-cept of materiality.

Name of the Auditor This is the manual or printed signature of theauditor.

Date of Report Generally, the auditor’s report is dated as of the dateon which the auditor has completed all significant auditing procedures.The audit report date indicates to the user the last day of the auditor’s re-sponsibility for the review of significant events that have occurred after thedate of the financial statements.



In the remaining sections, departures from an unqualified audit reportand other types of audit reports are covered briefly so that the reader willunderstand the auditor’s reporting options when a standard unqualifiedreport is not appropriate. Chapter 17 provides detailed coverage, includingexamples of the other types of reports.

There are two basic reasons why an auditor may be unable to express anunqualified opinion (see Figure 2–5):

1. A departure from GAAP. The financial statements are not inconformity with GAAP. This may occur when there is:• inappropriate accounting treatment, e.g., accounting for a capital

lease as an operating lease; failure to record depreciation on afixed asset.

• inappropriate valuation, e.g., inadequate provision for inventoryobsolescence; inadequate provision for bad debts.

• failure to disclose essential information, e.g., no or inadequateexplanation of a contingency; no or inadequate explanation of achange in the estimated useful life of a fixed asset.

2. Scope limitation. A scope limitation may arise because of:• circumstances related to the timing of the auditor’s work, e.g., the

auditor is appointed during the year and is therefore unable toobserve the inventory count at the beginning of the year.

• circumstances beyond the control of the enterprise or the auditor,e.g., destruction of the accounting records in a fire.

• a limitation imposed or created by the enterprise, e.g., refusal toallow confirmation of certain accounts receivable balances; failureto maintain adequate accounting records.

Depending on the underlying reason and the severity of the accounting orauditing problem, there are three different types of alternative reports thatthe auditor might issue. These departures from an unqualified report areknown as reservations. They are as follows:

1. Qualified. If the auditor concludes that the overall financialstatements present fairly, the auditor’s opinion may be qualified fora departure from GAAP with material consequences or for a scopelimitation. In a qualified report, the reader is informed of the eventor item and its effects by the phrase “except for . . .” in the opinionparagraph.

2. Adverse. In the opinion paragraph, the auditor briefly describes thecircumstances and states that “these financial statements do notpresent fairly” in accordance with GAAP. In this case, the departurefrom GAAP is so significant that in the auditor’s opinion, the overallfinancial statements may not be fairly presented.

3. Denial. When issuing a denial, the auditor states that he or she “isunable to express an opinion” on the financial statements becauseof a lack of sufficient appropriate evidence to form an opinion on

Reservations in the Auditor’sReport

Departuresfrom anUnqualifiedAudit Report

the overall financial statements. In this case, the scope limitation isso significant that the overall financial statements may not be fairlypresented.

The choice of which audit report to issue depends on the conditionand the materiality of the departure (see Figure 2–5). Reservations in theauditor’s report and the effect of materiality are discussed in more detail inChapter 17.

REVIEW QUESTIONS

[LO 1] 2-1 What is the objective of the CICA in establishing “Standards for As-surance Services”?

[2] 2-2 List the three categories of GAAS.[2] 2-3 Why are objectivity and independence such important standards

for auditors? How do objectivity and independence relate to theagency relationship between owners and managers?

[4] 2-4 The auditor normally uses GAAP as a benchmark to measure man-agement’s reporting of economic activity and events. The auditor’sreport states that “the financial statements . . . present fairly . . . inaccordance with generally accepted accounting principles.” Inmaking this statement, what judgements does the auditor makeconcerning GAAP?

[5] 2-5 How do management assertions relate to the financial statements?To audit objectives?

[6,7] 2-6 What is meant by client business risk, and why is it important forthe auditor to properly assess this risk?

[7] 2-7 Define materiality. How is this concept reflected in the auditor’s report?[7] 2-8 Define audit risk. How is this concept reflected in the auditor’s report?[7] 2-9 Describe what is meant by the relevance and reliability of audit

evidence.[7] 2-10 Briefly describe why on most audit engagements an auditor tests

only a sample of transactions that occurred.[8] 2-11 What types of inquiries about a prospective client should an audi-

tor make to third parties?[10] 2-12 What is the purpose of the fourth reporting standard?[10] 2-13 Identify the elements of the auditor’s standard unqualified report.[10] 2-14 What three important facts are contained in the introductory para-

graph of the standard unqualified audit report?[10] 2-15 What is the significance of the audit report date?

MULTIPLE-CHOICE QUESTIONS FROM PROFESSIONAL EXAMINATIONSUnless otherwise indicated, these multiple-choice questions were adapted from the CPA examinations, courtesyof the American Institute of Certified Public Accountants.

[2] 2-16 Which of the following best describes what is meant by the termgenerally accepted auditing standards?



a. Procedures to be used to gather evidence to support financialstatements.

b. Measures of the quality of the auditor’s performance.c. Pronouncements issued by the Auditing and Assurance Stan-

dards Board.d. Rules acknowledged by the accounting profession because of

their universal application.[2] 2-17 The general standard states that due care is to be exercised in the

performance of an examination. This standard means that a CA whoundertakes an engagement assumes a duty to perform each audita. As a professional possessing the degree of skill commonly pos-

sessed by others in the field.b. In conformity with generally accepted accounting principles.c. With reasonable diligence and without fault or error.d. To the satisfaction of governmental agencies and investors who

rely upon the audit.[2] 2-18 Which of the following is not required by the generally accepted

auditing standard that states that due professional care is to be ex-ercised in the performance of the examination?a. Observance of the standards of field work and reporting.b. Critical review of the audit work performed at every level of

supervision.c. The degree of skill commonly possessed by others in the

profession.d. Responsibility for losses because of errors of judgement.

[2] 2-19 To exercise due professional care, an auditor shoulda. Attain the proper balance of professional experience and formal

education.b. Design the audit to detect all instances of illegal acts.c. Critically review the judgement exercised by those assisting in

the audit.d. Examine all available corroborating evidence supporting man-

agement’s assertions.[2] 2-20 What is the general character of the three generally accepted audit-

ing standards classified as examination standards?a. The competence, independence, and professional care of per-

sons performing the audit.b. Criteria for the content of the auditor’s report on financial state-

ments and related footnote disclosures.c. Criteria for audit planning and evidence gathering.d. The need to maintain an independence of mental attitude in all

matters relating to the audit.[6,7] 2-21 Prior to beginning the field work on a new audit engagement in

which a CA does not possess expertise in the industry in which theclient operates, the CA shoulda. Reduce audit risk by lowering the preliminary levels of materiality.b. Design special substantive tests to compensate for the lack of in-

dustry expertise.c. Engage financial experts who are familiar with the nature of the

industry.d. Obtain a knowledge of matters that relate to the nature of the

entity’s business.

[9] 2-22 Before accepting an audit engagement, a successor auditor shouldmake specific inquiries of the predecessor auditor regarding thepredecessor’sa. Awareness of the consistency in the application of generally ac-

cepted accounting principles between periods.b. Evaluation of all matters of continuing accounting significance.c. Opinion of any subsequent events occurring since the predeces-

sor’s audit report was issued.d. Understanding as to the reasons for the change of auditors.

[10] 2-23 The auditor’s report should be dated as of the date on which thea. Report is delivered to the client.b. Field work is completed.c. Fiscal period under audit ends.d. Review of the working papers is completed.

[10] 2-24 An auditor’s responsibility to express an opinion on the financialstatements isa. Implicitly represented in the auditor’s standard report.b. Explicitly represented in the opening paragraph of the auditor’s

standard report.c. Explicitly represented in the scope paragraph of the auditor’s

standard report.d. Explicitly represented in the opinion paragraph of the auditor’s

standard report.[4,10] 2-25 For an entity’s financial statements to be presented fairly in accor-

dance with generally accepted accounting principles, the principlesselected shoulda. Be applied on a basis consistent with those followed in the prior

year.b. Be approved by the Auditing Standards Board.c. Reflect transactions in a manner that presents the financial

statements within a range of acceptable limits.d. Match the principles used by most other entities within the enti-

ty’s particular industry.[10] 2-26 An auditor may not issue a qualified opinion when

a. A scope limitation prevents the auditor from completing an im-portant audit procedure.

b. The auditor’s report refers to the work of a specialist.c. An accounting principle at variance with generally accepted ac-

counting principles is used.d. The auditor lacks independence with respect to the audited

entity.[4,10] 2-27 The management of Hill Company has decided not to account for

a material transaction in accordance with GAAP. In setting forthits reasons in a note to the financial statements, management hasargued that due to unusual circumstances the financial state-ments presented in accordance with GAAP would be misleading.The auditor does not agree with management’s treatment. The au-ditor’s report should contain a(n)a. Qualified opinion.b. Denial.c. Adverse opinion.d. Unqualified opinion with a separate explanatory paragraph.



[7] 2-28 Analysis is a technique that is often used in the planning phase ofan audit. In what other phases of the audit could the auditor useanalysis?a. The testing phase.b. The final review phase.c. Analysis can be used in all phases of the audit.d. Analysis is not useful in any other phase of the audit.

(CGA-Canada, adapted))

[10] 2-29 The use of standardized wording has been the subject of consider-able debate among auditors. Which of the following is thestrongest argument in favour of using standardized wording?a. It facilitates the international harmonization of auditing stan-

dards.b. Standardized wording is not confusing to readers of the audi-

tor’s report.c. It is more informative than a non-flexible standard.d. The type of opinion is less likely to be misinterpreted by readers

when standardized wording is used.

( CGA-Canada, adapted)

PROBLEMS

[7] 2-30 Sheri Shannon was recently hired by the CA firm of Honson &Hansen. Within two weeks, Sheri was sent to the first-year stafftraining course. The instructor asked her to prepare answers forthe following questions:a. How is audit evidence defined?b. How does evidence relate to assertions or audit objectives, and

to the audit report?c. What characteristics of evidence should an auditor be con-

cerned with when searching for and evaluating evidence?[9] 2-31 John Josephs, an audit manager for Tip, Acanoe, & Tylerto, was

asked to speak at a dinner meeting of the local Small Business Ad-ministration Association. The president of the association has sug-gested that he talk about the various phases of the audit process.John has asked you, his trusted assistant, to prepare an outline forhis speech. He suggests that you answer the following:a. List and describe the various phases of an audit.b. Describe how the results of work completed in certain phases

provide feedback to earlier completed phases. Give an example.c. One of the phases involves understanding an entity’s internal

control. Why might the members of the association be particu-larly interested in the work conducted by auditors in this phaseof the audit?

[10] 2-32 The auditor’s standard report consists of an “introductory” para-graph describing the financial statements and management andauditor responsibilities; a “scope” paragraph describing the natureof the examination; and an “opinion” paragraph expressing the au-

ditor’s opinion. In some circumstances the auditor’s standard re-port is modified by changing the wording of one or more of theparagraphs included in the report and/or adding one or more ex-planatory paragraphs.

For this question, assume the auditor is independent and has ex-pressed an unqualified opinion on the prior year’s financial state-ments.

Required:Identify the circumstances necessitating modification of the audi-tor’s standard report. For each circumstance, indicate the type ofopinion that would be appropriate. Organize the answer as indi-cated in the following example:

[10] 2-33 The following auditors’ report was drafted by Moore, a staff ac-countant of Tyler & Tyler, CAs, at the completion of the audit ofthe financial statements of Park Publishing Company, Inc., for theyear ended September 30, 2003. The report was submitted to theengagement partner, who reviewed the audit working papers andproperly concluded that an unqualified opinion should be issued.In drafting the report, Moore knew that Tyler & Tyler had previ-ously audited the financial statements for the year ended Septem-ber 30, 2002, and expressed an unqualified opinion.

Independent Auditor’s ReportTo the Board of Directors of Park Publishing Company, Inc.:

We have audited the accompanying balance sheet of Park PublishingCompany, Inc., as of September 30, 2003, and the related statements ofincome and cash flows for the year ended then. These financial state-ments are the responsibility of the company’s management.

We conducted our audits in accordance with generally accepted au-diting standards. Those standards require that we plan and performthe audit to obtain reasonable assurance about whether the financialstatements are fairly presented. An audit includes examining, on a testbasis, evidence supporting the amounts and disclosures in the finan-cial statements. An audit also includes assessing significant estimatesmade by management, as well as evaluating the overall financial state-ment presentation. We believe that our audits provide a basis for de-termining whether any material modifications should be made to theaccompanying financial statements.

In our opinion, the financial statements referred to above presentfairly, in all material respects, the financial position of Park Publish-ing Company, Inc., as of September 30, 2003, and the results of its op-erations and its cash flows for the year then ended in conformity withgenerally accepted accounting principles.

Tyler & Tyler, CAsNovember 5, 2003


Circumstances Types of Opinion

1. The financial statements are materially 1. The auditor should express a qualifiedaffected by a departure from generally opinion or an adverse opinion.accepted accounting principles.


Required:Identify the deficiencies in the auditors’ report as drafted byMoore. Group the deficiencies by paragraph and in the order inwhich the deficiencies appear. Do not redraft the report.

(AICPA, adapted)

[2] 2-34 Dale Baker, the owner of a small electronics firm, asked SallySmith, CA, to conduct an audit of the company’s records. Bakertold Smith that the audit was to be completed in time to submitaudited financial statements to a bank as part of a loan applica-tion. Smith immediately accepted the engagement and agreed toprovide an auditor’s report within one month. Baker agreed to paySmith her normal audit fee plus a percentage of the loan if it wasgranted.

Smith hired two recent accounting graduates to conduct theaudit and spent several hours telling them exactly what to do. Shetold the new hires not to spend time reviewing the internal con-trol but instead to concentrate on proving the mathematical accu-racy of the general and subsidiary ledgers and summarizing thedata in the accounting records that supported Baker’s financialstatements. The new hires followed Smith’s instructions, andafter two weeks gave Smith the financial statements excludingfootnotes. Smith reviewed the statements and prepared an un-qualified auditor’s report. The report, however, did not refer togenerally accepted accounting principles. Additionally, no auditprocedures were conducted to verify the year-to-year applicationof such principles.

Required:Briefly describe each of the generally accepted auditing standardsand indicate how the action(s) of Smith resulted in a failure tocomply with each generally accepted auditing standard.

(AICPA, adapted)

[1,2,6,8] 2-35 The role of the auditor is changing. Increasingly, financial state-ment users want more from auditors that just a GAAS audit ofGAAP financial statements. They want assurances as to whetheran enterprise has met its stated corporate and social objectives,complied with codes of conduct, and used its resources effec-tively.

Required:Discuss the implications for external auditors of expanding the au-ditor’s role to include the kind of assurances identified above.

(ICABC, adapted)

[7,8,9] 2-36 It has been stated that “internal and external auditors serve differ-ent clients and operate from different perspectives. With mutualunderstanding and discussion they can make allowances for theirdifferences and realize their potential for reliance.”

Required:a. Analyze the above statement, pointing out areas of agreement

and disagreement.b. An entity’s internal auditors often provide assistance to the ex-

ternal auditors in the annual financial statement audit. Giventhat the competence and independence of the internal auditorshas been established, what kinds of matters should the internaland external auditors discuss prior to the internal auditors com-mencing work? Why?

(ICABC, adapted)

[10] 2-37 For each of the following independent situations, identify whetherit is an accounting (GAAP) problem or auditing (scope) problem,the specific type of problem and the appropriate form of reserva-tion in the auditor’s report.a. The client has stated that since the market value of its main of-

fice building is increasing, they are not going to record deprecia-tion on it.

b. The client has ceased to consolidate the financial statements ofits majority-owned subsidiaries. The company argues that sincethere are substantial (but not controlling) minority interests, itis appropriate to account for these results under the costmethod.

c. The auditor was appointed on July 25 of the fiscal year (fiscalyear-end December 31) under audit. Last year the client did nothave audited financial statements. The auditor is able to verifyall components of the year’s fiscal operations except for thevalue of opening inventory.

d. The client has requested the auditor not to confirm certain ac-counts receivable with the client’s customers because they areafraid of damaging customer relations, which were strained by arecent computer error resulting in double and triple billing ofsome accounts. The error has now been rectified but not beforeit caused some bad business feelings between the client andsome customers.

e. The auditor has found serious deficiencies in the client’s ac-counting records, specifically the client’s system of internal con-trol.

f. As a result of communicating with the client’s lawyer, the audi-tor has become aware of a pending product liability lawsuitagainst the client. The client claims the suit has no foundationand has not disclosed it in their financial statements.

g. The client is a manufacturer of computer components. Due totechnological advances, a competitor has developed a superiorversion of one of the products that the company sells and, in theauditor’s opinion, a portion of their inventory has been madeobsolete. The client does not agree and has not written down thevalue of inventory.



DISCUSSION CASES

[4,10] 2-38 The opinion paragraph of the standard auditor’s report uses thephrase “present fairly in accordance with Canadian GAAP.” How-ever, the idea that following GAAP produces fairness in reportinghas been questioned by some. The Handbook recognizes this po-tential dilemma by stating “the auditor should exercise profes-sional judgement as to the appropriateness of the selection and ap-plication of principles to the particular circumstances of an entityand as to the overall effect on the financial statements of separatedecisions made in their preparation.”

Required:a. Provide examples of circumstances that you feel might cause a

conflict between reporting according to GAAP and fair presenta-tion.

b. What other sources of information might the auditor consult inattempting to resolve this conflict.

(CICA, adapted)

[1,5,8,10] 2-39 It has been suggested that the audit report of future years mightlook something like the following:The accompanying balance sheet of XYZ Company as of December31, 2003 and the related statements of earnings, retained earnings,and cash flows for the year then ended, including the notes, wereprepared by XYZ Company’s management, as explained in the re-port by management.

In our opinion, those financial statements, in all material re-spects, present the financial position of XYZ Company as at De-cember 31, 2003 and the results of its operations and changes in fi-nancial position for the year then ended in accordance withCanadian generally accepted accounting principles appropriate inthe circumstances.

We audited the financial statements and the accounting recordsand documents supporting them in accordance with generally ac-cepted auditing standards. Our audit included a study and evalua-tion of the company’s accounting system and the controls over it.We obtained sufficient evidence through a sample of the transac-tions and other events reflected in the financial statement amountsand analysis of the information presented in the statements. Webelieve our auditing procedures were adequate in the circum-stances to support our opinion.

Based on our study and evaluation of the accounting system andthe controls over it, we concur with the description of the systemand controls in the report by management. Nevertheless, in theperformance of most control procedures, errors can result frompersonal factors. Also, control procedures can be circumvented bycollusion or overridden. Furthermore, projection of any evaluationof internal accounting control to future periods is subject to therisk that changes may cause procedures to become inadequate andthe degree of compliance with them to deteriorate.

We reviewed the information appearing in the annual reportother than the financial statements, compared it to the statements,and found no material disagreement between them.

We reviewed the process used by the company to prepare thequarterly information released during the year. Our reviews wereconducted each quarter (or times as explained). (Any other infor-mation reviewed such as replacement cost data would be identifiedhere also.) Our reviews consisted primarily of enquiries of manage-ment, analysis of financial information, and comparisons of thatinformation to information and knowledge about the company ob-tained during our audits and were based on our reliance on thecompany’s internal control system. Any adjustments or additionaldisclosures that we recommended have been reflected in the infor-mation.

We reviewed the company’s policy statement on employee con-duct described in the report by management, and reviewed andtested the related controls and internal audit procedures. While nocontrols or procedures can prevent or detect all individual miscon-duct, we believe the controls and internal audit procedures havebeen appropriately designed and applied.

We met with the audit committee of XYZ Company sufficientlyoften to inform it of the scope of our audit and to discuss any sig-nificant accounting or auditing problems encountered and anyother services provided to the company.

Test, Check & Co. Chartered AccountantsCanada, March 1, 2004

Required:Contained in the above audit report is an implied level of responsi-bility for auditors and/or an implied duty to report the discharge ofthat responsibility different from that presently existing for audi-tors in Canada. Discuss.Do you agree or disagree with such an expanded style of report?Explain your position.

(CICA, adapted)

INTERNET ASSIGNMENTS

2-40 Visit EarthWear Clothiers’ website (www.mcgrawhill.ca/college/messier/earthwear) and become familiar with the type of informa-tion contained there.

2-41 Willis & Adams are the auditors of EarthWear. Visit Willis & Adams’website (www.mcgrawhill.ca/college/messier/willisandadams) andbecome familiar with the information contained there.

2-42 Use an Internet search engine to do the following:a. Visit the websites of Rogers Communications (www.rogers.ca)

(listed on the TSE), Microsoft (www.microsoft.com) (listed onNASDAQ), and Nortel (www.nortel.com) (cross-listed on boththe TSE and NASDAQ) and review their financial statements,



including auditors’ reports. Prepare a brief analysis of their sim-ilarities and differences.

b. Search for the website of a non-Canadian company and reviewits financial statements, including its auditor’s report. For exam-ple, BMW’s website (www.bmw.com) allows a visitor to down-load the financial statements as a pdf file. The auditor’s reporton BMW’s financial statements is based on German auditingstandards.

c. Compare the standard Canadian report with the audit report forthe non-Canadian company from part (b). Prepare a brief analy-sis of their similarities and differences.

INTRODUCTION TO AUDITING AND ASSURANCE...

Documents

Transcript of INTRODUCTION TO AUDITING AND ASSURANCE...