Chapter 2 Audit of Financial Statements: An Introduction

Auditing Defined

Auditing is “a systematic process of objectively obtaining and evaluating evidence regarding assertions about economic
actions and events to ascertain the degree of correspondence between these assertions and established criteria and
communicating the results to interested users”.

Auditing encompasses two processes: an investigative process and a reporting process. Investigation involves the
systematic gathering and evaluation of evidence as a basis for determining whether assertions or representations made
by a responsible person in a company’s financial statements, correspond with the established financial reporting criteria,
such as generally accepted accounting principles (GAAP). Reporting involves communicating an evaluation or opinion in
an audit report to interested users...

Table 2-1
Key Phrases in the Definition of Audits
A systematic process An audit follows a logical sequence of procedures
Objectivity means a combination of impartiality, intellectual honesty and a
freedom from conflicts of interest. An audit requires the gathering and
Objectively obtaining and
evaluation of evidence, which may come in the form of oral representations,
evaluating evidence
written documents, electronic media, etc. A CPA cannot express an opinion
without supporting evidence to back up the opinion.
Assertions are representations of management, explicit or otherwise, that are
Assertions about economic embodied in financial statement components, records, or systems. The CPA’s
actions and events job is to obtain and evaluate evidence, which may support, or contradict, the
assertions of management.
Auditors use standards or benchmarks (criteria) for purposes of expressing an
Degree of correspondence
opinion on the assertions of management. In the case of audits of financial
between these assertions and
statements, the established criteria are generally accepted accounting
established criteria
principles.
After the audit has been completed, a CPA prepares a report which contains, in
Communicating the results to writing, the opinion (or disclaimer of opinion) of the CPA. In financial
interested users statement audits, the opinion is on the fairness of the presentation of financial
statements for the period under audit.

Auditing and Accounting Distinguished

Contrary to the layman’s opinion, auditing is not a branch of accounting. Accounting is the process of recording,
classifying and summarizing economic events in logical manner for the purpose of providing financial information (i.e.,
financial statements) for decision making. It is a service activity, the purpose of which is to provide financial information
which is quantitative in nature to help management in decision making. To be able to provide relevant quantitative and
financial information, accountants must have a thorough understanding of the principles and rules to make sure that the
entity’s economic events are properly recorded on a timely basis and at a reasonable cost.

Auditing is concerned with the determination of whether the recorded accounting information for the entity properly
reflects the economic events that occurred during the accounting period. An auditor, must possess, not only an
understanding of the accounting rules, but also an expertise in the accumulation and interpretation of audit evidence.
This skill is the major characteristic that distinguishes auditors from accountants.
As an old saying goes, “auditing begins where accounting ends”.

Assurance Services and Audit Services Distinguished

Assurance services encompass assertion-based engagements. Assurance services is one where a professional accountant
will evaluate a subject matter that is the responsibility of another party against a suitable criteria, and expresses an
opinion which provides the intended users with a level of assurance about that particular subject matter. In other words,
it is an engagement to express an opinion giving assurance to users of such reports on information which is the
responsibility of others. Both assurance and assertion-based engagements encompass audits.

Exhibit 2-1
The Relationship Between Assurance Engagements, Assertion-based Engagements and Audit Engagements

ASSURANCE ENGAGEMENTS

ATTESTATION
ENGAGEMENT DIRECT
ENGAGEMENT
F.S.
AUDITS

All three services follow the same process: the evaluation of evidence to determine the correspondence of some
information to a set of criteria, and the issuance of a report to indicate the degree of correspondence.
The difference between these three engagements lies in the scope of services. Assurance service is the broadest
concept, while audit is the narrowest. Historically, audits have arisen first, followed by assertion-based engagements,
and finally by assurance engagements.

Table 2-2
Side-by-Side Comparison: Audits, Assertion-based Engagements and Assurance Engagements
Service Value Added to Information Reported On
Audit engagements Reliability, Credibility
Assertion-based engagements
Reliability, Credibility
(attestations)
Assurance engagements Reliability, Credibility, Relevance, Timeliness

Types of Audits

Financial Statement Audits

This refers to the gathering of evidence on the assertions embodied in the financial statements of an entity and using
the evidence to determine whether the assertions adhere to generally accepted accounting principles (GAAP) or another
comprehensive and authoritative financial reporting framework. This type of audit requires a Certified Public Accountant
(CPA).
Operations Audits
Operational audits involve “a systematic review of an organization’s activities in relation to specified objectives for the
purposes of assessing performance (the efficiency, and developing economy of operations), identifying opportunities for
improvement, and developing recommendations for improvement or further action”. Operational audit is a future-
oriented, systematic and independent evaluation of organizational activities. In Operational audit financial data may be
used, but the primary sources of evidence are the operational policies and achievements related to organizational
objectives.

An example would be a company’s audit of its computerized accounting system, with the aim of assessing the system’s
efficiency and reliability; and recommending any improvements to the present system.

Compliance Audits
This type of audit is used to determine whether a person or entity has adhered to law and regulations. Results of
compliance audits are generally reported to a specific user within the organization. Examples include audits conducted
to determine whether violations of labor laws have occurred and audits performed by government auditors to
determine adherence to rules and regulations currently in force.

Table 2-3
Types of Audit According to Nature of Data or Assertion Being Audited
Type Assertions Criteria Report
Audit report on the fairness of
Financial statements Financial statements Identified financial financial statements. Interested
audit are fairly presented reporting framework users include investors,
creditors, etc.
Report on efficiency and
effectiveness, including
Operational or constructive suggestions.
Operational audit Management objectives
performance data Interested users include
management and the board of
directors.
Compliance with Degree of compliance report.
Laws, rules and
applicable laws and Interested users include
Compliance audit regulations, or
regulations or management and the board of
management policy
management policy directors

External Audits

These are audits performed by CPAs who are independent of the organizations whose assertions are being audited.
These CPAs are also known as independent auditors or external auditors. The audits performed by external auditors
comprise mainly of financial statement audits, though compliance audits and operational audits may also be performed
by them.

Internal Audits

An internal audit is “an independent appraisal function established within an organization to examine and evaluate its
activities as a service to the organization”. The internal auditing staff often reports to the audit committee of the board
of directors, and also to the president or another high executive. Regardless of the reporting level, however, internal
auditors are not independent in the same sense as external auditors (because internal auditors are employees of the
organizations whose activities they appraise). Internal audits comprise mainly of operational audits and compliance
audits.

Government Audits

Government auditing involves the determination of whether government funds are being handled properly and in
compliance with existing laws and whether the government programs of a particular agency are being conducted
efficiently and economically. The Commission on Audit is recognized as the Supreme Audit Institution in the Republic of
the Philippines. Government audit (or State Audit) has been classified into three main divisions:
1. Compliance audit – the examination, audit and settlement in accordance with laws and regulations.
2. Financial audit – audit of the accounting and financial system and controls to ensure reliability of recorded
financial data.
3. Performance audit – an objective examination of the financial and operational performance of an organization,
program, activity or function and is oriented towards opportunities for greater economy, efficiency and
effectiveness.
a. Economy and efficiency audit – also known as management audit. This is the appraisal of management
performance from a least cost point of view and the analysis of the cost-benefit relationship.
b. Effectiveness audit – also known as program results audit. This is the evaluation of programs, projects and
activities to determine the extent of achievement of previously set goals and objectives.

The Objective and Scope of a Financial Statement Audit

Objective
The objective of an audit of financial statements is the expression of an opinion on the fairness of such financial
statements. The auditor’s report is the medium through which he expresses his opinion or, if circumstances require,
disclaims an opinion. In either case, he states whether his examination has been made in accordance with Philippine
Standards on Auditing or PSAs.
PSAs require the auditor to state whether in his/her opinion, the financial statements are presented in conformity with
generally accepted accounting principles.

Scope
The auditor normally determines the scope of an audit in accordance with the requirements of legislation, regulations or
relevant professional bodies.
In observance of PSAs, the auditor must exercise his judgment in determining which auditing procedures are necessary
in the circumstances to afford a reasonable basis for his opinion. His judgment is required to be the informed judgment
of a qualified professional person.
The audit should be organized to cover adequately all aspects of the entity as far as they are relevant to the financial
statements being audited.

Information Risk

The risk that information is misstated or misleading is known as information risk. Several factors contribute to the
existence of information risk, including the following:
 1. Remoteness of information users from information provider. Decision makers in most cases, do not get first-hand
knowledge about the business enterprise with which they do business because in many cases owners are
different from management, and they are not involved in day-to-day operations or decisions.
2. Potential bias and motives of information provider. A conflict of interest may be assumed to exist between
management (the information provider) and information users (decision-makers) regarding the financial
statements. Information may possibly be biased in favor of the provider when his goals are inconsistent with the
decision maker.
3. Voluminous data. As businesses grow, a large number of exchange transactions are processed daily. This
increases the likelihood that errors may occur in recording and reporting these transactions.
4. Complex exchange transactions. New and complicated business relationships and transactions may lead to
innovative accounting and reporting problems. Certain transactions are so complex and therefore more difficult
to record properly.

Illustration of the Concept of Information Risk

ABC Corporation is negotiating a badly needed loan with the DEF Bank. Jim, DEF’s loan officer, required ABC to furnish
the bank with its most recent financial statements. Jim is particularly interested in the credit-worthiness of ABC
Corporation. He wishes to check ABC’s current ratio and other measures of liquidity and solvency. ABC Corporation’s
management understands that favorable ratios (such as a high current ratio) are required in order to obtain loan
approval. ABC’s management might resort to misstating the financial statements in order to convince DEF Bank to grant
the loan.

Information risk and its reduction is a serious matter for decision-makers because they know that unreliable financial
statements may result in less effective decisions, with negative or adverse economic consequences (such as bankruptcy)
to the decision-maker.

Reducing Information Risk

To reduce information risk, management of businesses and the users of their financial statements may adopt any or all
of the following approaches:
1. Allow users to verify information. The user may go to the business establishment to examine records and obtain
information about the reliability of the statement. A major problem with this portion is that not all users of
financial statements are professionally competent to verify the information presented in the financial
statements. In addition, most financial statement users cannot directly assess the quality of information due to
time and distance constraints.
2. User shares information risk with management. Management has the primary responsibility of providing reliable
information to users. If users rely on inaccurate financial statements and as a consequence incurs a financial
loss, a lawsuit may be brought against management to recover part of such loss.
3. Have the financial statements audited. To obtain reliable information, the user can have an independent audit
performed. The audited information is then used in the decision-making process.

The most common option selected is to have the financial statements audited.
The Audit Report

The audit report is the means through which the auditor provides reasonable assurance that the financial statements
are fairly stated. This report is uniform in format and suitably titled to avoid confusion regarding the level of assurance
being provided and to differentiate it from other reports which client management might include with the financial
statements.

Limitations of an Audit

An audit is not a guarantee of the exactness of accuracy of assertions in the financial statements. An audit is undertaken
to enhance the degree of confidence of intended users in the financial statements. Based on the conclusions drawn from
the audit evidence obtained, the auditor expresses an opinion on the financial statements. However, an audit is not
intended to, and cannot, provide a guarantee or absolute assurance (i.e., certainty) that the financial statements are
free from material misstatement due to fraud or error. This is because there are inherent limitations of an audit arising
from:
 The nature of financial reporting. The preparation of financial statements involves judgment by management in
applying the applicable financial reporting framework; and subjective decisions or assessments (such as
estimates) by management involving a range of acceptable interpretations or judgments.
 The nature of audit procedures. Audit procedures, however well designed, will not detect every misstatement.
Any sample of less than 100% of a population introduce some risk that a misstatement will not be detected;
 Nature of audit evidence available. Most of the auditor’s work in forming the auditor’s opinion consists of
obtaining and evaluating audit evidence. This evidence tends to be persuasive in character rather than
conclusive.
 Timeliness and financial reporting. Users of financial statements expect that the auditor will form his or her
opinion within a reasonable period of time and at a reasonable cost. Consequently, it is impracticable to address
all information that may exist, or to pursue every matter exhaustively on the assumption that information is in
error or fraudulent until proved otherwise.