Auditing and Assurance and

Internal Review
Lecture 1

1-1
Definition of Auditing

Auditing is the accumulation and evaluation

of evidence about information to determine
and report on the degree of correspondence
between the information and established criteria.

Auditing should be done by a competent,

independent person.

1-2
Types of Audits
1. Financial Statement Audits
➢ Evaluates correspondence between
financial statements and GAAP/IASs/IFRSs
2. Operational Audits
➢ Evaluates correspondence between org’s
procedures and methods and criteria of
efficiency and effectiveness
3. Compliance Audits
➢ Evaluates correspondence between org’s
operations and specific procedures or rules
4. Comprehensive Audits
1-3
Accounting vs. Auditing
1. Accounting
➢ Recording, classifying and summarizing of
economic events for the purpose of
providing financial information for decision
making
➢ Requires understanding of GAAP/IASs/IFRSs
2. Auditing
➢ Determining whether recorded information
properly reflects the economic events of the
period
➢ Requires understanding of GAAP/IASs of
accumulation and interpretation of audit
evidence 1-4
Financial Statement Audit
Objectives
The objective of the audit of
financial statements is to express an Opinion
opinion whether the financial
statements present fairly, in all Fairly
material respects, the financial
position, results of operations and Materiality
changes in financial position in
accordance with generally GAAP
accepted accounting principles.

1-5
FUNDAMENTAL CONCEPTS

• Materiality
• Something is material if, in auditor’s judgment, its
omission or misstatement would probably affect a user’s
decision.
• Audit risk
• The risk that the auditor may unknowingly provide a
“clean” opinion on financial statements that are
materiality misstated. “Presents fairly” means that this
risk is at an appropriately low level.

1-6
So, an audit opinion…
• is NOT an assurance as to the future viability of an entity
• is NOT an opinion as to the efficiency or effectiveness with
which its operations, including internal control, have been
conducted
• Is NOT a guarantee that the financial statements are free of
error

1-7
Benefits of Being Audited
1. Operational Audits
➢ Improves efficiency and effectiveness
2. Compliance Audits
➢ Reduces cost of non-compliance
➢ Reassures external parties
3. Financial Statement Audits
➢ May be mandatory
➢ Reduces cost of capital. Why?…….

1-8
Who Performs Audits?
1. Public Accounting Firms
• Independent as external to audit client
• Primarily f/s audits, but can be hired to perform other types
of audits
2. Internal Auditors
• Employees of org. Less independent:depends on org
structure
• Primarily operational and compliance audits

1-9
Who Performs Audits?
3. Government Auditors
• Often perform comprehensive audits, but depends on
mandate
4. Revenue Authority Auditors
• Compliance audits

1 - 10
What makes external auditors
credible?
• Legal Liability
• Quality Control Adopted by Firm
• Provincial Securities Commissions
• Members of a Profession (usually ACCA, CIMA …. have power
to perform external financial statement audits)

1 - 11
International Standards on
Auditing
• In an audit of financial statements, the auditor
complies with generally accepted auditing
standards (International Standards on Auditing)
• ISAs are issued by International Federation of
Accountants (IFAC) through the International
Auditing and Assurance Standards Board (IAASB)

1 - 12
Information and Established
Criteria
To do an audit, there must be information in a
verifiable form and some standards (criteria)
by which the auditor can evaluate the information.

1 - 13
Accumulating Evidence and
Evaluating Evidence
Evidence is any information used by the auditor
to determine whether the information being
audited is stated in accordance with the
established criteria.

1 - 14
Audit Report

The final stage in the auditing process is

preparing the Audit Report, which is the
communication of the auditor’s findings to users.

1 - 15
Audit of a Tax Return Example
Information
Competent, Federal tax
independent returns filed
person by taxpayer

Internal Report on results

Revenue
agent Determines Report on tax
correspondence deficiencies
Accumulates and
evaluates evidence Established criteria

Examines cancelled Internal Revenue

checks and other Code and all
supporting records interpretations

1 - 16
Economic Demand
for Auditing
Information risk reflects the possibility that
the information upon which the business
risk decision was made was inaccurate.

Auditing can have a significant effect

on information risk.

1 - 17
Causes of Information Risk

➢ Remoteness of information

➢ Biases and motives of the provider

➢ Voluminous data

➢ Complex exchange transactions

1 - 18
Reducing Information Risk

➢ User verifies information

➢ User shares information risk with management

➢ Audited financial statements are provided

1 - 19
Assurance Services

An assurance service is an independent

professional service that improves the
quality of information for decision makers.

Assurance services can be performed by

CPAs or by a variety of other professionals.

1 - 20
Attestation Services

An attestation service is a type of assurance

service in which the CPA firm issues a
report about the reliability of an assertion
that is the responsibility of another party.

1 - 21
Attestation Services

1. Audit of historical financial statements

2. Attestation of internal control over financial
reporting
3. Review of historical financial statements
4. Attestation services on information technology
5. Other attestation services

1 - 22
Relationships Among Auditors,
Client, and External Users

Client or audit Auditor Auditor issues

committee hires report relied
auditor upon by users

External
Client
Users

1 - 23
Other Assurance Services

Most of the other assurance services that CPAs

provide do not meet the formal definition
of attestation services.

The CPA is not required to issue a written report.

The assurance does not have to be about the

reliability of another party’s assertion about
compliance with specified criteria.
1 - 24
Nonassurance Services
Provided by CPAs
1. Accounting and bookkeeping services
2. Tax services
3. Management consulting services

1 - 25
Other Assurance Services
Examples
Controls over and risks related to investments,
including policies related to derivatives…

assessing the processes in a company’s

investment practices to identify risks and to
determine the effectiveness of those processes.

1 - 26
Other Assurance Services
Examples
Assess risks of accumulation, distribution,
and storage of digital information…

assessing security risks and related

controls over data and other information
stored electronically, including the
adequacy of backup and off-site storage.
1 - 27
Other Assurance Services
Examples
Fraud and illegal acts risk assessment…

developing fraud risk profiles and assessing the

adequacy of company systems and policies in
preventing and detecting fraud and illegal acts.

1 - 28
 Other Assurance Services
Examples
➢ Compliance with trading policies and procedures

➢ Compliance with entertainment royalty agreements

➢ ISO 900 certification

➢ Environmental audit

1 - 29
Assurance, Attestation, and
Nonassurance Services
ASSURANCE SERVICES

ATTESTATION SERVICES

Audits Reviews
Internal Control Certain
over Financial Reporting Management
Consulting
Other Attestation Services
(e.g., WebTrust, SysTrust)

Other Assurance Services

1 - 30
Assurance, Attestation, and
Nonassurance Services
NONASSURANCE SERVICES

Other Management
Consulting

Certain
Accounting and
Management
Consulting Bookkeeping

Tax
Services

1 - 31
Types of Audits

➢ Operational

➢ Compliance

➢ Financial Statement

1 - 32
 Operational Audit

Evaluate computerized payroll system

Example
for efficiency and effectiveness
Number of records processed, costs of
Information
the department, and number of errors
Established Company standards for efficiency and
Criteria effectiveness in payroll department
Available Error reports, payroll records, and
Evidence payroll processing costs
1 - 33
 Compliance Audit

Determine whether bank requirements

Example
for loan continuation have been met

Information Company records

Established
Loan agreement provisions
Criteria
Available Financial statements and
Evidence calculations by the auditor
1 - 34
 Audit of Historical Financial
Statements
Annual audit of Boeing’s financial
Example
statements

Information Boeing's financial statements

Established
IASs/IFRSs
Criteria
Available Documents, records, and outside
Evidence sources of evidence
1 - 35
External vs. Internal Auditing
• External auditing is often called independent
auditing because it is done by certified public
accountants who are independent of the
organization being audited.
• External auditors represent the interests of third-
party stakeholders in the organization, such as
stockholders, creditors, and government
agencies.
• Because the focus of external audit is on
financial statements, this type of audit is called
financial audit
36 1 - 36
External vs. Internal Auditing
• Institute of Internal Auditors defines internal auditing as an
independent appraisal function established within an
organization to examine and evaluate its activities

37 1 - 37
External vs. Internal Auditing
• Internal auditors perform a wide range of activities
on behalf of the organization,
• including conducting financial audits, examining an
operation’s compliance with organizational policies,
• reviewing the organization’s compliance with legal
obligations, evaluating operational efficiency,
• detecting and pursuing fraud within the firm, and
conducting IT audits.

38 1 - 38
External vs. Internal Auditing
• While external auditors represent outsiders,
internal auditors represent the interests of the
organization.
• Internal auditors often cooperate with and assist
external auditors in performing financial audits.
• This is done to achieve audit efficiency and
reduce audit fees. For example, a team of
internal auditors can perform tests of computer
controls under the supervision of a single
external auditor.
39 1 - 39
External vs. Internal Auditing
• While external auditors represent outsiders,
internal auditors represent the interests of the
organization.
• Internal auditors often cooperate with and assist
external auditors in performing financial audits.
• This is done to achieve audit efficiency and
reduce audit fees. For example, a team of
internal auditors can perform tests of computer
controls under the supervision of a single
external auditor.
40 1 - 40
Information Technology (IT) Audit
• Focus on the computer-based aspects of an organization’s
information system
• This includes assessing the proper implementation, operation,
and control of computer resources

41 1 - 41