01 Overview of Audit

Assurance is the practitioner’s satisfaction as to reliability of an assertion; Assurance engagement is an engagement when a practitioner
expresses a conclusion and enhance the decision making of users; and Assurance services is an independent professional service in which
a practitioner issues a written communication that expresses a conclusion.

Assurance Engagement Non-assurance Engagement ● Assertion-based engagements (Attestation

Output: assurance in the Output: recommendation engagement) evaluation or measurement
form of an opinion of the subject matter made available to the
To improve the quality or To provide comments, users;
enhance credibility of the suggestions, or ● Direct-reporting engagements the
subject matter recommendations practitioner either directly performs the
Three-party contract Two-party contract evaluation or measurement or obtains a
Independence is required Independence is not representation from the responsible party,
required not made available to the users.
Examples: Audit, review, AUP, compilations, tax, Source: REO Handouts
and examination Consulting

Elements of Assurance Engagement:

4. Sufficient appropriate evidence - Substantiation by the RP
1. Three-party relationship (involving a practitioner [who verifies
(1) Professional Skepticism (2) Materiality (3) Assurance
assertions], a responsible party, and intended users)
Engagement Risk (4) Cost-benefit Relationship
2. Appropriate subject matter (ex. F/S, operational performance,
Sufficiency - quantity of evidence.
compliance matters). It must be identifiable with consistent
Appropriateness - quality of evidence.
evaluations.
5. Written assurance report (Audit Report)
3. Suitable criteria (PFRS, Laws and Regulations, Quality Standards) CR-
*RP and IU may be from the same entity or diff entities.
RUN: Completeness, Relevance. Reliability Neutrality, Understandability
*IU may include RP.

Professional Skepticism: Auditor assumes that management is neither honest nor dishonest.

Typical engagements:
Audit - enabling an auditor to express an opinion Review - enabling an auditor to state whether anything comes to their
whether FS are prepared in accordance with attention that causes them to believe that the FS are not prepared in
appropriate criteria. Reasonable Assurance: “Internal accordance with appropriate criteria. Limited Assurance: “Nothing has come to
Controls are effective.” our attention.” PDF
Relationships among Auditing, Attestation, and Assurance Services:
● Similarity: they encompass the same decision-process
● Main difference/distinction: Scope of services
○ Assurance > Attestation > Audit
○ Auditing, particularly FS audit, is a type of assurance and attestation service that involves examination
of historical FS prepared in accordance with GAAP.
● Auditor ultimately determines the scope of audit for him to be more effective.
● Management is primarily responsible for the financial statements.

Source: CPAR Handouts

Standards Application
Philippine Standards on Auditing Audit of historical financial
(PSAs) information
Philippine Standards on Review Review of historical financial
Engagement (PSREs) information
Philippine Standards on Assurance engagements dealing
Assurance Engagement (PSAEs) with subject matters other than
historical financial information
Philippine Standards on Related Compilation, AUP, other related
Services (PSRSs) services

(According to nature of assertions)

Theoretical Framework of Audit (VIC BPI)
Data are Verifiable Auditor’s Independence
No long-term Conflict between auditor and management
Audit benefits the public Effective internal control system

1. Gross Sales, Earnings and Receipts that exceed 3M shall

have their books of account audited yearly by independent
CPA.

2. Submit Annual FS if TA/TL is >600,000.

 ASSURANCE ENGAGEMENTS NON-ASSURANCE ENGAGEMENTS
AUDIT REVIEW AGREED-UPON COMPILATION
(e.g. audit of FS) (e.g. review of FS) PROCEDURES ENGAGEMENT
References PSAs and PAPS PSREs and PREPS PSRSs and PRSPS PSRSs and PRSPS
Objective Express an Express a conclusion Perform procedures as agreed Use accounting
opinion whether the FS whether material upon with the client and third expertise to
are prepared in modifications are to be made to the parties and report on collect, classify and
accordance with PFRS FS to conform with PFRS factual findings summarize FS
Ethical Independence Independence plus
Fundamental ethical Fundamental ethical
requirement plus fundamental ethical fundamental ethical
Principles (no independence) principles
principles principles
Level of High but not absolute Moderate (limited) No assurance (to the extent of
assurance No assurance
(reasonable) Limited to Inquiry & AR agreed only)
Procedures are Exclusively by the May or may not be
Exclusively by the auditor Agreed-upon by parties
determined by auditor agreed by the parties
Report Independent Auditor’s
Report on Factual and Summary of
Provided Report (positive form) – Review Report (negative form) Compilation Report
Findings
(End Product) RP
Availability of
To all users To all users For limited use only To all users
report
✓ Comparing FS with budgets and forecasts ✓ Consulting or advisory services
✓ Studying relationships of FS
Procedures ✓ Inquiring mngt about actions at BOD
✓ readers will give their own
meetings conclusions

AUDIT PROCESS: GENERAL APPROACH Assurance Engagement Risk Factor:

1. Use of selective testing
2. Inherent limitations of IC
3. Evidence is persuasive that conclusive
4. Use of judgement
02 System of Quality Control
• Firm responsibility to: DESIGN, IMPLEMENT AND OPERATE a system of quality management. This applies to
all services fall under the AASC’s engagement standards. (1) compliance to relevant standards, laws and
regulations and (2) issue an appropriate report.
• A system of quality control refers to quality control policies and procedures adopted by CPA. QC policies are
the objectives and goals to be achieved. QC procedures are steps/procedures to be taken.
• The evaluation shall be undertaken as of a point in time and performed at least annually.

Components of System of Quality Control (LEAHEM)

1. Leadership responsibilities for quality within the firm - promote an internal culture/firm environment.
2. Ethical requirements, including independence – follows, complies and fulfills the CoE + independence
3. Acceptance and continuance of client relationships and specific engagements - continue with client that has
Client Integrity; Firm’s Competence; Ethical Compliance
4. Human resources - personnel have capabilities, competence, and commitment to ethical principles necessary
to perform the engagement; appropriate allocation & assignment of resources.
5. Engagement performance - engagements are performed in accordance with professional standards; review
6. Monitoring - quality controls are relevant, adequate and operating effectively and complied with; inspection.
7. Firm’s risk assessment – (a) establish quality objectives, (b) quality risks and (c) designing and implementing
responses to address quality review.
8. Information and communication

Fraud - intentional misstatements while Errors - Unintentional misstatements.

● Fraudulent financial reporting ( or in general, management fraud) - manipulation, falsification, or alteration, misrepresentation or
intentional misapplication (there is concealment); when 3P is involved; Failure to discover is greater here.
● Misappropriation of assets ( or in general, employee fraud) - Misappropriating collections of AR, Stealing inventory, using the
entity’s assets as collateral

Fraud risk factors

The Fraud Triangle

1. Fraud Prevention – reduce opportunities for fraud

2. Fraud Deterrence – persuade individual to commit fraud
Responsibility in detecting fraud:
Auditor
Management & TCWG
with direct effect without direct effect
It is both Management (CEOs) and those Charged with
obtain SAAE regarding understanding specific procedures
Governance (Board and Committees) to prevent fraud and error,
compliance to identify non-compliance
as well as be well within compliance of regulations

Noncompliance - acts which are contrary to the prevailing laws or regulations, commission or omission by individual.
Common examples of non-compliance Result of non-compliance with laws and regulations
(1) Violation of tax laws and environmental laws,
(1) Fines/penalties, (2) Damages (3) Threat of expropriation of assets,
(2) Occupational safety and health, and
(4) Enforced discontinuation of operations, and (5) Litigation
(3) Inside trading of securities
Responsibility of auditor to compliance Responsibility of the auditor
It is the responsibility of management, with the oversight of (1) Understand the nature of the act in which it has occurred and (2)
TCWG, to ensure the conduct in accordance with laws and obtain further information to evaluate the possible effects. (3) intent
regulations to deceive must be established by auditor

Communication:
● To management: Upon detecting fraud or non-compliance, report to superiors Audit procedures:
at least one level higher. 1. Auditor
● To TCWG: Communicate the matter in writing or orally asap; discussing a. understands the nature
material weaknesses in internal control and collusion among the employees; b. further information to evaluate the
possible effect
and adjustments suggested by auditor (regardless of materiality) 2. discuss with appropriate level of management
● To Regulatory and Enforcement Authorities: The auditor must consult with 3. seek legal advice
legal experts and professionals to determine the appropriate course of action 4. evaluate the effect of lack of SAE
if they are to consider reporting the fraud or non-compliance to the appropriate 5. evaluate the implications
regulatory entities. Confidentiality may be overridden by statute or by the
courts.

● Overall response to fraud risk identified: use less predictable audit procedures.
03 Agreeing the Terms of Audit Engagement
The objective of the auditor is to accept or continue an audit engagement only when:

Preconditions of confirming that there is a common understanding

the audit is present between the auditor and management

Engagement letter
- is written to avoid misunderstandings regarding the engagement.
- It is not always required; applied to all assurance engagements.
- Common responsibilities of auditor and management.

If the auditor is unable to agree to a change in terms of the audit

engagement and is not permitted to continue:
1. Withdraw from engagement; and
2. Determine whether there is any obligation, either contractual or
otherwise, to report the circumstances to other parties, such as
TCWG, owners or regulators.

Changes in Nature of Engagement:

● Assurance to non-assurance - not allowed
● Reasonable Assurance to Limited assurance (lower) - Generally, not allowed
unless justified (diagram)

Planning Activities: In order to reduce audit risk to an acceptably low level:

1. Establish an overall audit strategy
2. Develop an audit plan
a. NTE of Risk Assessment Procedures
b. NTE of Final Assessment Procedures
i. TOC - operating effectiveness
ii. ST - ToD and AP

Factors affecting the NTE of planning activities: (SECTa)

1. Size and complexity of the entity
2. Experience of engagement team (new client = new papers)
3. Changes in circumstances (significant changes in M&A)
4. Timing of the appointment of auditor
04 Audit Risk
Audit Risk is the risk that the auditor expresses an inappropriate opinion; auditor unknowingly fails to modify an opinion on materially
misstated financial statement.
Risk of material misstatement (RMM) Risk of not material misstatement
1. INHERENT RISK - you haven’t done any, but there is already 3. DETECTION RISK - is the risk that the auditor’s ST will not
risk. Generally, beyond the auditor or management’s control, detect a misstatement that exists. DR and ST are inverse. If
this is subjective. acceptable level of DR is low, ST is high:
a. Nature – Provide more effective Procedures (Use Proof of
2. CONTROL RISK – mostly controlled by management, MM will Cash instead of Simple Reconciliation)
not be prevented or detected by client’s internal control. b. Timing – Closer or nearer to Year-end (Revenue and Receipt
Cycles)
c. As to Extent – Use a Larger Sample Size (Sales and
Purchases)
Control risk at a high level when:
(1) The entity’s internal control system is not effective;
(2) Evaluating the operating effectiveness of the entity’s controls would not be efficient.
5 overall responses to address the risk of material misstatements:
Making general changes to the NTE Assigning more experienced staff or those with special skills Provide more supervision
Unpredictability (more effective) e.g. cash count Emphasize the need to maintain professional skepticism

05 Internal Controls
Internal control (IC) - to provide reasonable assurance about the achievement of an entity’s objectives. It is a process.
Used to achieve entity’s objective regarding: Responsibilities:
1. Reliability of financial reporting Management: to design, implement and maintain internal control
2. Effectiveness and efficiency of operations TCWG/BOD: to ensure the integrity of accounting and financial reporting systems
3. Compliance with laws and regulations Staff personnel: to perform their respective functions
Inherent limitations: COC CHA Classification of internal control
1. Cost-benefit relationship 1. By objectives: (control - achieve)
2. Management Overriding the internal control. a. Financial reporting controls - reliability of financial reporting objectives.
3. Collusion among employees. b. Operational effectiveness controls - operational effectiveness objective.
4. Changes in conditions, and compliance with c. Compliance controls - compliance.
procedures may deteriorate. 2. According to functions
5. Human error (mistakes in judgement) a. Preventive controls - to deter problems
6. Most internal controls tend to be directed at b. Detective controls - to discover problems
Anticipated types (routine transactions) c. Corrective controls - to remedy problems
Components of Internal Control: (CRIME)
Control Activities
1. Control environment - the overall tone of the organization.
APIPS
Examples are: (IM CPA HO)
a. Integrity and ethical value Authorization
Performance Review
b. Management’s philosophy and operating style
Information Processing
c. Commitment to competence Physical Controls
d. Participation by those charged with governance Segregation of duties
e. Assignment of authority and responsibility
ARICE
f. Human resource policies and procedures
Authority over Transactions
g. Organizational structure Record over transactions
2. Risk assessment - management’s basis to determine the risks to Independent Checks &
be managed. To do that: (IAM) Balances
a. Identify business risks Custody over Assets
b. Assess the likelihood of their occurrence Execution of Transactions
c. Decide how to Manage them. C/R/M Indirect controls (pervasive) CR at FS level
3. Information and communication systems – initiate, record,
I/E Direct control (transaction-specific) CR at assertion level
process and report transactions
4. Monitoring - assessing the quality of internal control performance over time.
a. Ongoing – day-to-day operations (transaction authorization)
b. Separate evaluation: periodic (internal audits)
5. Existing control activities – includes human resource policies and practices relative to recruitment, orientation, training,
evaluating, counseling, promoting, compensating and remedial actions.
General authorization applies to routine transactions, whereas specific Tests of controls - are tests performed to test the operating effectiveness (at
authorization applies to non-routine transactions. least every third audit). Unlike substantive tests of details, tests of controls are
not required audit procedure.
At a minimum, CAR should be segregated. But to have an optimum
✓ Analytical Procedure is never in Test of Controls.
segregation of duties, ARICE should be segregated.

When are they Necessary? – These are tests performed to check and gather evidence as to the operating effectiveness of relevant controls
if they expect the controls to be effective and or if they expect that substantive tests alone cannot provide sufficient appropriate audit
evidence at the assertion level.

Required Documentation – no particular form of documentation is necessary. (e.g client’s organization structure).
INTERNAL CONTROL NARRATIVES – understanding of the information system or FLOWCHARTS –
QUESTIONNAIRE specific control policies or procedures. auditor’s understanding of the system.
Compensating control – a control that reduces the risk that an existing or potential control weakness will result in a failure to meet a control
objective.
AUDIT PROCEDURES: RESPONSE TO ASSESSED RISKS
Risk Assessment Procedures Further Audit Procedures:
1 When obtaining an understanding of relevant internal control: Perform tests of controls
1. Evaluate the design. Objective: to obtain SAAE as to the operating effectiveness:
2. Determine whether it is implemented. 1. auditor intends to rely on Internal control to reduce
Substantive Test
Specific audit procedures include: 2. substantive Test will not provide SAAE
1. Inquiring of entity personnel
2. Observing the application of specific controls Specific audit procedures:
3. Inspecting documents and reports 1. Inquiry 3. Inspection
4. Analytical Procedures 2. Observation 4. Reperformance
2 Make an initial assessment of control risk (high or less than high) Make a re-assessment of control risk
Perform substantive tests
3 Identify relevant controls
• Irrespective of the assessed risk of material misstatement

Audit Procedures according to Types (specific procedures):

Risk Test of Substantive
Procedure Definition
assessment control Test
Inspection examining records ✓ ✓ ✓
Observation looking at a process to confirm the information given to us ✓ ✓ ✓
Inquiry seeking info of knowledgeable persons ✓ ✓ ✓
External Confirmation received by auditor as a direct response to the auditor ✓
Recalculation mathematical accuracy ✓
Reperformance redoing the same control procedure ✓
Analytical Procedures Evaluate the reasonableness of FI ✓ ✓

Re-assessment of
Audit approach Effect on substantive tests
control risk
• Less effective procedures
Assessment remains at Reliance
• Interim testing may be appropriate.
less than High approach
• Smaller sample size
• More effective procedures
Assessment is changed Switch to no
• Tests moved to nearer or at year-end.
to High reliance approach
• Larger sample size
 TEST OF CONTROL SUBSTANTIVE TESTS

The auditor shall design and perform Test of Control to obtain ST procedures are performed in order to detect material
sufficient appropriate audit evidence when: misstatements at the assertion level, and include (1) Test of Details
• Expectations that the controls are operating effectively; and of classes of transactions, account balances and disclosures and (2)
• Substantive procedures alone cannot provide. Substantive Analytical Procedures.

TOC is concerned primarily with each of the ff: When the auditor has determined that an assessed risk of material
• How were the controls applied? misstatement at the assertion level is a significant risk, the auditor
• Were the necessary controls consistently performed? shall perform substantive procedures that are specifically
• By whom were the controls applied? responsive to that risk.

OVERALL RESPONSES

• Emphasizing to the audit team the need to maintain professional skepticism;

• Assigning more experienced staff or those with special skills or using experts;
• Providing more supervision;
• Incorporating additional elements of unpredictability in the selection of further audit procedures to be performed; and
• Making general changes to the nature, timing, or extent of audit procedures.

Summary of Responses at the assertion level

Factor Test of Control Substantive Test
1. Nature
Purpose: To test the operating effectiveness of control To detect material misstatement (always required)
Test of Details, Transactions & Test of Balances &
Types: Inquiry, Observation, Inspection, Reperformance
Analytical Review Procedures
At a period in time Interim, ↓ RoMM (more detailed)
2. Timing
In period of time Year-end, ↑ RoMM
More extensive, ↓ CR (more evidence needed) Less extensive, ↓ RoMM
3. Extent
Less extensive, ↑ CR More extensive, ↑ RoMM
↑ RMM means internal control has issues. Source: CPAR Notes
06 Audit Planning and Assessing the Risk of Material Misstatement
● The overall audit strategy sets the scope, timing and direction of the audit and guides the development of audit plan.
● Audit Planning Memorandum – shows the summary of overall audit strategy.

1 In making a decision whether to accept or reject an engagement, the auditor’s firm should consider the following:

• Integrity examples:
Competence Independence Integrity of the Client a. The client’s standing in the business community.
Ability to Serve the Client Properly (Auditability) b. The client’s relations with its previous CPA firm.

Perform procedures regarding acceptance

2
or continuance of the client relationship.

3 Establish an understanding of the terms of the engagement 4 Understanding the entity and its environment

○ Nature of the entity, purpose and nature of FS, laws - To identify and assess RoMM
and regulations • Review of prior year’s WP & a tour
• Discussion with people within and outside the entity
The auditor develops an overall strategy for the audit, • Reading books, periodicals and other publications
5 including engagement staffing and specialists.
• Reading corporate documents/internal audit reports

Matters to consider in audit strategy:

1. Important characteristics of entity;
2. Conditions needing attention; RPT
3. Setting of materiality levels.
07 Materiality in Planning & Evaluation of Misstatement
- is the amount of threshold or cut-off point; is flexible and can be revised throughout the audit but must be documented.
- Is applied to both (a) planning & performing an audit and (b) evaluation the effect of identified misstatement.

Matter of professional judgement Affected by size and nature of entity Based on a consideration of the financial
information needs of users of the FS

Levels of Materiality:
1. Materiality at financial statement as a whole (overall materiality, general materiality)
- applicable to entire set of FS and no specific account in the standards; it is the smallest aggregate level.
- It helps us to determine whether the proposed audit adjustment is significant or not; matched to PAJE.
- the auditor considers the following factors:
Component of FS Focus on the users Nature of entity
Ownership structure Volatility of the benchmark Laws and regulations

2. Materiality applied to specific classes of transactions, account balance or disclosures (specific or individual materiality)
- materiality level for individual or particular class of transactions
- lower than overall materiality
- the auditor considers the following factors:
Laws and regulations Key industry Disclosures Understanding of the view of those
Financial Reporting Framework Particular aspect of business charge with governance

3. Performance materiality
- calculated as a certain percentage of overall materiality to capture any uncorrected misstatements.
- Used in scoping of FS line items to be tested by the auditor

Risk Responses to Materiality

● In the presence of Inherent and Control Risk, more intense substantive testing is required = smaller Detection risk
● Smaller Materiality levels = more intense Substantive Testing = most reasonable assurance
● Materiality is inversely related to Audit Risk, and is directly related with Detection risk

These may affect the auditor’s judgement: If management refuses to correct some misstatement:
1. Nature of entity’s business and transactions • Obrain understanding of management reasons; and
2. Risk Assessment Procedures • Take the understanding where evaluated whether
3. Nature and extent of misstatements identified in previous financial statements as a whole are free from MM
audit
Evaluation of Misstatements
- The objective of the auditor is to evaluate:
The effect of identified misstatements on the audit The effect of uncorrected misstatements, if any, on the financial statements

- The audit documentation shall include:

a) The amount below which misstatements would be regarded as clearly trivial;
b) All misstatements accumulated during the audit and whether they have been corrected; and
c) The auditor’s conclusion as to whether uncorrected misstatements are material, individually or in aggregate, and the basis
for that conclusion.

Analytical Procedures
- means evaluations of financial information through analysis of plausible relationships among both financial and nonfinancial
data.
- The auditor shall design and perform analytical procedures near the end of the audit.
- The objectives of the auditor are:
to obtain relevant and reliable audit evidence when to design and perform analytical procedures near the end of the audit
using substantive analytical procedures that assist the auditor when forming an overall opinion conclusion

Related Party
- The auditor shall inquire of management regarding:

- During the audit, the auditor shall remain alert, when inspecting records or documents, for arrangements or other information
that may indicate the existence of related party relationships or transactions and the auditor shall evaluate:
Whether the identified related party relationships Whether the effects of the related party relationships and transactions:
and transactions have been appropriately accounted i. Prevent the financial statements from achieving fair presentation (for fair
for and disclosed in accordance with the applicable presentation frameworks); or
financial reporting framework. ii. Cause the financial statements to be misleading (for compliance frameworks).

Using the Work of Internal Auditors

The external auditor shall determine whether the work of the internal audit can be used for audit by evaluating the following:
a. The extent to which the internal audit function’s organizational status and relevant policies and procedures support the
objectivity of the internal auditors;
b. The level of competence of the internal audit function; and
c. Whether the internal audit function applies a systematic and disciplined approach, including quality control.
08 Audit Evidence
Audit Evidence refers to An Audit Program is detailed are the means for
all the information used listing of NTE of planned audit obtaining sufficient
by the auditor in arriving Audit procedures (ToC/ST) that appropriate audit
at the conclusions on the auditor will perform to evidence to satisfy
which the audit opinion is gather appropriate evidence. financial statement
based. assertions.

Audit Procedures for obtaining Audit Evidence:

1. RISK ASSESSMENT PROCEDURES – to obtain an understanding of the entity and its
environment to assess the RoMM at the FS and assertions level.
2. FURTHER AUDIT PROCEDURES – to design and perform audit procedures whose NTE
are responsive to the assessed RMM.
i. Tests of Controls – to test the operating effectiveness of relevant controls.
ii. Substantive Testing – to detect material misstatements at the assertion level.
1. Tests of details examining or obtaining audit evidence on the actual details
of account balance
a. Test of transactions - testing of the transaction that leads to EB.
b. Tests of balances - direct testing of accounts ending balance
2. Substantive analytical procedures (Analytic review procedure) are used to
evaluate the reasonableness of financial info.
• Accordingly, the extent of Substantive Testing depends on the level of Detection Risk determined by the auditor.

Analytical Review Objective Outcome Required?

1. Planning (Risk Assessment - To identify deficiencies; To determine the
Identification of risk areas YES
Procedures) NTE of audit; Identify specific risks
2. Substantive
a. Analytical Procedures - To detect materials misstatements Identify relationships that lead to
NO
b. Test of details - To obtain corroborative evidence inquiry or reperformance

3. Completion Stage/Final - To assess the validity of conclusion Check if Relationship of accounts are
Review YES
consistent or not
Source: CPAR Notes
Assertions (or management assertions) are representations by SFP Assertions SCI Assertions
Completeness Completeness
management, explicit or not. These assertions relation to the fairness of
Rights and Obligations Occurrence
presentation of the FS; thus, they are directly related to applicable Existence Cut-off
reporting framework. Valuation and allocation Accuracy
Presentation and Disclosure Classification
Classification of audit evidence:
1. Examples of Accounting records (Underlying data):
a. Records of initial accounting entries.
b. Supporting records, such as checks and records of electronic fund
transfers, invoices, and contracts.
c. General and subsidiary ledgers.
d. Journal entries and other adjustments to the financial statements
that are not reflected in formal journal entries.
e. Records such as worksheets and spreadsheets supporting cost
allocations, computations, reconciliation, and disclosures.

2. Examples of Source Documents (Other information):

a. Documents (such as checks bank statements, contracts, and
minutes of meetings).
b. Information/evidence Nature Its purpose (TOC/ST), its type
c. Information obtained by the auditor. Timing when to perform the audit procedure
d. Other information developed by, or available to, the auditor. Extent quantity to be performed or the extent of testing

DIRECTION
OF TESTING

The auditor may need to rely on audit

evidence that is persuasive rather
than conclusive.

Most reliable – purely external; Least reliable – purely internal

Management Expert
A management expert is an individual or organization possessing expertise in a field other than accounting or auditing.
Auditor’s use of work of an expert: Among his services:
1. Assess the appropriateness of the expert’s work as audit evidence 1. Valuation of certain types of assets
2. If it does not provide SAAE, then auditor should resolve the matter. 2. Legal opinions regarding interpretation of statutes
3. When issuing unmodified, the auditor should not refer to his work. 3. Determination of accounting methods in inventory

External Confirmations (PSA 505)

Positive Confirmation Request Negative Confirmation Request
Reply if agree or disagree Reply only if disagree
Individually large Small number, high value
Balances are individually large Balances are individually small
ICS is weak, inadequate ICS is effective & adequate
IR ↑ CR ↑, DR ↓ IR ↓, CR ↓, DR ↑
Customer is unlikely to respond Customer is likely to respond
Substantial Small number of accounts maybe in dispute
1. Send a 2nd request.
2. Perform alternative procedures Non-response means agreeing to the item confirmed
a. examination of sub cash collections by the auditor
b. examination of source documents

Accounting estimate should be: Accounting estimate audit procedures

1. Objective and not susceptible to bias 1. Review and test the process
2. Consistent with historical patterns 2. Use an independent estimate
3. Consistent with industry guidelines 3. Review subsequent events and confirm the estimate

Audit Documentation (PSA 230)

● Also known as Audit Working Papers; provide the principal support for the auditor’s report; 60d after the date of auditor’s report
is the limit to complete the assembly of final audit file;
● The working papers should ideally be cross-referenced to facilitate navigation.
● Working papers are the property of the auditor, but rights to own these are subject to ethical standards (auditor may not disclose
it without client’s consent.
● Retained for 5 years before deletion, under the SRC, increased to 7 Years; assembly: 60 days after the date of the auditor’s report.
● For Tax purposes, the retention period is extended to 10 years per RR 15 2010.
Specific considerations for selected items:
INVENTORY LITIGATIONS AND CLAIMS
• When inventory is material to the financial statements • Inquiry of management and others within the entity;
o Attendance at physical inventory counting Reviewing minutes of meetings of TCWG; and reviewing
o Performing audit procedures over the entity’s final legal expense accounts.
inventory records • The auditor shall seek direct communication with the
• the auditor shall make or observe some physical counts on entity’s external legal counsel through a letter of general
an alternative date; if impracticable, the auditor shall inquiry.
perform alternative audit procedures to obtain sufficient • The auditor considers the status of legal matters up to the
appropriate audit evidence regarding the existence and date of the audit report.
condition of inventory. • Auditor not permitted to communicate → scope limitation
• If under the custody of third party, (Q or D)
o Request confirmation from the third party as to the
quantities and condition; and AUDITING ACCOUNTING ESTIMATES (PSA 540)
o Perform inspection or other audit procedures • Management is responsible for making accounting
appropriate in the circumstances estimates and disclosures included in financial statements;
• Inventory Tags → Inventory List: Doc to Record: RoMM is greater.
Completeness • Accounting estimates should be (a) Reasonable in the
• Inventory List → Inventory Tags: Records to Doc: Vouching circumstances and (b) Properly accounted for and
appropriately disclosed as required.

07 Audit Sampling
Sampling is testing of less than 100% of the items. Audit sampling applying audit procedures to less than 100% of the items.
Sampling plan refers to the procedures an auditor applies to accomplish a sampling application.

Responses of the auditor:

Generally, the more an auditor relies If the auditor is willing to tolerate more If the auditor is willing to impose more risk
on the controls, the sample size risk (tolerable deviation rate), the on the population (expected deviation rate),
should increase. sample size should decrease. the sample size should increase.

Sampling risk the possibility that the auditor’s conclusion based on a sample may be different. To reduce:
Sample selection method Sample Size Projection

Non-sampling risk: all aspects of audit risk that are not due to sampling.
Approaches to audit sampling
TOC ST
Tolerable Error Amount Tolerable Deviation Amount
It is the maximum rate of It is the maximum total error in
Tolerable Error
deviation from the prescribed population that the auditor is willing
control procedure. to accept

Expected Error Amount Expected Deviation Amount

Expected
It is the auditor's best estimate of It is the auditor's best estimate of the
Error
the rate of deviation amount of error
Pinnacle HOs

Types of Sampling Risks: (I Alpha RHUI)

Type TOC ST Sacrificed
Risk of assessing CR too High Risk of incorrect Rejection
Efficiency
Alpha Risk Sample: CR ↑ Sample: xx is incorrect (Under reliance)
Type I error Population: CR ↓ Population: xx is correct

DR ↑ – ST ↑ IC is not reliable. Control Risk is higher than Materially misstated, when in fact it is not
it actually is. materially misstated.

Risk of assessing CR too low Risk of incorrect acceptance

Effectiveness
Beta Risk Sample: CR ↓ Sample: xx is correct (over reliance)
Type II error Population: CR ↑ Population: xx is incorrect

DR ↓ – ST ↓ IC is reliable. Control Risk is lower than it Not materially misstated, when in fact
actually is. materially misstated.

Applicable Sampling Attribute sampling – used to test an entity’s Variables sampling - numerical quantity of a
Approaches rate of deviation (or rate of occurrence) population.
 Test of Control Sample 100%
TOO HIGH SDR > TDR = CR↑ = DR↓ (more sub) Actual DR < TDR = CR↓ = DR↑ (you do a lot more)
Nature = More detailed less detailed
Efficiency is being questioned here. Timing= Year-end interim
Extent = More extensive less extensive
TOO LOW SDR < TDR = CR↓ = DR↑ Actual DR > TDR = CR↑ = DR↓
Nature = less detailed more detailed
Effectiveness is being questioned Timing = interim year-end balances
here. Extent = less extensive (less SZ) more extensive
SDR = Sample Deviation Rate Source: CPAR notes

Three classical variables sampling:

1. Mean-per-unit estimation - estimate = average sample value x number of items in population
2. Ratio estimation - uses the ratio of the audited (correct) values of items to their book values
3. Difference estimation - uses the average difference between the audited (correct) values of items and their book values.

The Sample Size is determined by considering the following factors:

TOC ST Relationship to SZ
Risk of Assessing control too low Acceptable Sampling Risk Inverse
• Sampling Risk – inverse relationship between the risk and
the sample size.
Tolerable Deviation Rate Tolerable misstatement/error Inverse
• This is the maximum deviation rate that the auditor is
willing to accept.
Expected population DR Expected Population M/E Direct
• The rate of deviation from prescribed control procedure
the auditor expects to find in the population.

● Substantive Procedures – more intense substantive tests will mean that less sampling will be necessary (i.e., the less the sample, the
larger the substantive tests must compensate)
● Anomalous error – those that arise from isolated events.
● Missing – do additional audit procedure or treat it as deviation; Void – select the next number
Principal sample selection methods:
1. Random-number sampling – each item in the population has an equal chance and nonzero probability selection.
2. Systematic selection - the number of sampling units in the population is divided by the sample size to get the sampling interval.
3. Block selection (or cluster sampling) - involves selecting a block(s) of contiguous items from within the population.
4. Haphazard selection - selects the sample without regard to their size, source or other distinguishing characteristics (no bias)
5. Stratification - grouping of items of similar size and each group is treated as a separate population; least desirable by auditor.
6. Value-weighted selection - high value, less chances
7. Discovery sampling – for suspicion of fraud. The auditor is concerned that a population may contain exceptions; at least one such
exception is okay.
8. Stop-or-go (Sequential sampling)- auditor expects few errors. Until we get sufficient evidence from sample, we continue to add.

08 Completing the Audit

PROCEDURES Description/Concerns Management’s Responsibility Auditor’s Responsibility
1. Identifying The auditor should be satisfied Identify and disclose the RP Obtain written representation on:
Related Party about purpose, nature, extent and RPTs; BOD’s approval of (1) completeness of information; and
Transaction and effect of the RPT. the transaction (2) adequacy of disclosure in FS
2. Review of Events occurring between BS Inform the auditor of facts (1) Review management’s procedures
Subsequent date and date of the auditor’s discovered after the date of (2) Read MOM of stockholders, directors and
Events Review report; and auditor’s report committees
(PSA 560) Facts become known after the (3) Read the entity’s latest interim FS
auditor’s report (not found) (4) Obtain a letter of representation
3. Inquiries of Events that may have a material List down all the legal issues (1) Identify existence of L/C/A expense
Client’s Legal effect on FS about L/C (not prepared by (2) Communicate directly with the entity’s
Counsel attorney) lawyers.
Letter of Inquiry (sort of (3) Corroborates the information furnished
confirmation request) – Will serve as the primary source by management thru LoI.
prepared by management, sent of the auditor’s information (4) Inquiry of management including in-
by auditor, received by auditor asking the client to send letters house legal counsel
of audit inquiry to lawyers

4. Performing Overall review of procedures (1) Identify unusual fluctuations or

Wrap-up done at the end of audit that transactions (FAP)
Procedures generally cannot be performed (2) Addressing required disclosures
before the other audit work is (3) Overall review of the audit engagement
complete. and formation of audit opinion
 5. Assessing A/L are recorded on the basis (1) assess the ability to (1) Evaluate the appropriateness of the
going concern that the entity will be able to continue as a GC; and assumption & adequacy of disclosure.
assumption realize its assets and discharge (2) Its disclosure (2) Identify material uncertainties.
(PSA 570)– its liabilities (3) Consider if there are conditions that may
cast significant doubt.
entity is viewed as continuing (4) Consider report modifications (extension
business for foreseeable future. of assessment period)
6. Management RL - Management has To provide written (1) Confirms the oral representation given by
Representatio acknowledged that it has representations: management to the auditor
n Letter (PSA fulfilled its responsibility for the ● Management believes that (2) Remind management of its primary resp
580) - These preparation and presentation of the uncorrected (3) Should be addressed to the auditor
complement fair financial statements. misstatement is immaterial (4) Should be dated as of the audit report
audit evidence, ● Management has made (5) Should be signed by the CEO and CFO.
but are not If not given, then Scope available all evidence that (6) Is not a substitute of other necessary
evidence per se,
Limitation (Q or D) the team needs procedures.
signed by CEO &
CFO

Writing A Management Letter

The auditor writes a management letter for two reasons:
a. to encourage a better relationship between the auditor and management
b. to suggest additional tax and management services that the auditor can provide

A management letter is OPTIONAL and there is no standard format or approach for writing management letters.

Type of subsequent events:

Those requiring disclosure (Type II event) - indicative of conditions that
Those requiring adjustment (Type I event) - evidence of
arose after. No adjustments needed. Ex. (1) issuance of bonds, (2) major
conditions that existed at the date of financial statements.
purchase of business, (3) loss on inventory due to fire, (4) loss of plant due
Ex. (1) Settlement of litigation and (2) loss on uncollectible
to flood (5) loss on uncollectible receivable because of a major
accounts.
catastrophe.

• Effect of Adjusting Events – FS adjusted, but auditor will keep original date of report (condition existing before balance sheet
date, but not in subsequent event)
• Requiring disclosure – change date to date of subsequent event or dual date
o This in effect will make the auditor responsible to the reliability of the report up to that date.
 o Dual Dating and Redating – Done after fieldwork and issue of Audit Report but before issue of FS. This extends audit
responsibility (Dual Dating is limited to a specific matter, while redating applies when the subsequently discovered fact
is pervasive.)

Audit Procedures that may cast a doubt to SE: Signatory of MRL:

1. Analytical Procedures 1. Owner-manager
2. Subsequent event reviews 2. Chief/Senior Executive Officer
3. Review of compliance with debt and loan agreements 3. Chief/Senior Financial Officer
4. Reading MoMs 4. Other members of the management
5. Inquiry of legal counsel
6. Confirmation with related and third parties

TYPES OF OPINION:
Unmodified Audit Report Adverse Disclaimer
1. Reasonable Assurance of Going concern Inappropriate use of Multiple Uncertainties
2. No Reasonable assurance of going concern and adequately assumption and not adequately
disclosed (with emphasis on a matter paragraph) disclosed

● Evaluating audit findings and preparing adjusting entries

○ Management Accepts Correcting Entries – Unmodified Audit Report
○ Management Refuses Correcting Entries – Qualified or Adverse Opinion
○ Management is unwilling to make or extend its assessment – Qualified or Disclaimer opinion
● Important dates in audit
○ Date of FS – end of the latest period covered by the FS (12/31/2023)
○ Date of approval of FS – FS are prepared with recognized authorities (02/05/2024)
○ Date of auditor’s report – auditor’s date in accordance with PSA (02/10/2024)
○ Date of FS issuance – FS are made available to third parties.

Letters in Audit:
1. Engagement Letter - contract between client and audit team
2. Confirmation Letter - done in ST, to confirm the balance.
3. Management Letter - improvements in IC, suggestion to management
4. Letter of Audit Inquiry - corroborate info furnished by management about L/C
5. Management Representation Letter - to emphasize its ultimate responsibility in the FS.
6. Review of Adequacy of disclosure - disclosure checklists
7. Check of Working Paper - final checking before archiving
8. Forming an Opinion
Procedures in Wrap up audit engagement:
1. Search for unrecorded liabilities
2. Make inquiries of a client’s legal counsel Omitted Procedures:
3. Review of related party transactions 1. The auditor should assess the importance of the omitted
4. Perform final review stage audit procedures procedure.
5. Review of subsequent events 2. The auditor determines if there are compensating procedures.
6. Obtain management representation letter 3. If yes, no need for further procedures. If there are none, the
7. Review adequacy of disclosure using a checklist auditor shall undertake to apply the omitted procedures or
8. Form an opinion alternatives.

OVERVIEW OF THE AUDIT PROCESS:

1. Preliminary Engagement (Sept) 4. Test of Controls
o Know its competitors, organizational structure ○ Test the operating effectiveness
o Know its revenue sources ○ Assess control risk
o This process would require evaluation not only of the ○ Identify internal control that has direct effect of the
auditor’s qualification, but also the client’s auditability FS (I, I, O, R)
and integrity. 5. Substantive Testing (Dec-Mar)
2. Planning (Sept) ○ I, I, O, R, R, C, AP
○ Overall audit strategy ○ Audit balances comparison
○ Firm will meet the client ○ Documentation, referencing and indexing (promotes
○ Audit program on each line item cross-referencing and simplify supervisory review)
○ Set materiality level & set desired level of audit risk ○ Apply sampling
○ This phase is where the auditor gathers a detailed i. Sampling technique
knowledge of the client’s business and industry in ii. Sampling size
order to understand the transactions and vents iii. Projection to population
affecting the financial statements. This also involves ○ They are either in the form of Substantive
the initial assessment of risk and materiality Analytical Procedures, Tests of Details, or Tests
3. Understanding Internal Control (Oct-Nov) of Balances. This is always required to be
○ Design and implementation of walkthrough performed.
○ Manual of procedures 6. Completing the audit (Apr)
○ Fieldwork ○ Wrap-up procedures are performed.
○ Know the departments of the client 7. Issuance of Report
○ The consideration of internal control is interwoven ○ states the auditor’s conclusions regarding the
into the reliability of the records of the entity, and fairness of the financial statements
directly affects the financial statements 8. Post-audit Phase – identify areas for improvement in the
current and future engagement.
09 Forming an Opinion and Auditor’s Report
Types of opinions:
1. Unmodified - assured that everything is in
accordance with the FRS (FS is reliable)
2. Qualified - FS is presented fairly, except for
“something”.
3. Adverse - misstated, worst opinion
4. Disclaimer - no opinion given
2, 3, & 4 belong to modified opinions.

Nature of matter Material but NOT pervasive Material AND pervasive

FS are materially misstated Q A
“Except for” “Do not fairly present”
Inability to obtain SAAE (Scope limitation)
Modified opinion
Management imposed or Q Resign or D*
“Possible effects” “Except for” “No opinion”
“We do not express an opinion”
Other limitations** Q D

*(1) multiple uncertainties and (2) lacks independence

**unable to determine the amounts associated with NOC acts (REO PW) Disclaimer of opinion – basis of OS
● Material Misstatement/Departure from PFRS ✓ Reference to the section of the auditor’s report
○ Arises from Inappropriate accounting policy used or misapplication thereof Not include: where the auditor’s responsibilities are
○ Inadequate or Inappropriate Disclosure described.
● Scope Limitations ✓ Statement where the audit evidence is sufficient
○ The auditor is prevented by the client or any other forces
○ If imposed by client, the auditor must request to remove the limitation Description of auditor’s responsibility:
○ May depend on which phase this scope limitation is imposed ✓ To conduct an audit of the entity’s FS
■ Earlier, resign; close to completion, disclaim ✓ Not able to obtain SAAE
Auditor’s independence and other ethical requirement

Auditor’s Responsibility
● DO NOT MODIFY FOR UNQUALIFIED, QUALIFIED, or ADVERSE OPINIONS
● Modification on the Auditor’s Responsibility is only done when there is a DISCLAIMING OPINION
Elements of Auditor’s Report (TARA Ba KoREA O RESA D)
1. Title 6. Management’s Responsibilities
To clearly indicate that it is a report of independent Fair presentation of FS in accordance with PFRS:
auditor’s report, “Independent Auditor’s Report” TCWG is responsible for overseeing the company.
2. Addressee (Receiver) 7. Auditor’s Responsibilities
Parties whom it is prepared, either SHs or TCWG “Our objectives are to obtain reasonable assurance…”
3. Auditor’s Report 8. Other Reporting Responsibilities
“In our opinion, the accompanying FS present fairly, in all BIR requirements; legal & regulatory requirements
material respects, the FP of the company as of …” 9. Engagement partner’s Name
4. Basis for Opinion 10. Signature of the auditor
Audit is conducted with PSAS, “we have obtained is Name of the audit firm & auditor, as appropriate`
sufficient/appropriate evidence to provide a basis.” 11. Auditor’s Address
Location in the jurisdiction where the office is
5. Key Audit Matters (omitted if disclaimer is issued)
For audits of complete sets of GPFS of listed companies; 12. Date of the Auditor’s Report
Most significant aspects - discuss why they are significant Date when the fieldwork is completed

Modification to Auditor’s Report:

Emphasis of Matter Paragraph – doesn’t affect the opinion, just to highlight some of the items. It indicates that the auditor’s opinion is
not modified.
1. Significant Uncertainties, adequately disclosed & accounted for (contingencies, going concern)
2. Early Application of New Accounting Standards in advance of its effective date (IFRS 17)
3. A major catastrophe that has a significant effect on the entity’s FS
4. A subsequent discovery of facts affecting the previously issued opinion.
5. FS prepared using a Special Purpose Framework

Other matter paragraph - matter neither presented nor disclosed in the FS

1. Restriction or distribution or use of report
2. If the FS of the prior period were audited by the other auditor.
● The comparative information agrees with the amounts
● The accounting policies are consistent
Corresponding Figures and Comparative Financial Statements (PSA 710)
CORRESPONDING FIGURES COMPARATIVE FINANCIAL STATEMENTS
Amount and other disclosure for the prior period are included. amounts or other disclosures included in the financial statements
in respect of one or more prior periods
The auditor’s opinion does not refer to the corresponding figures When comparative financial statements are presented, the
because the auditor’s opinion is on the current period financial auditor’s opinion shall refer to each period for which financial
statements as a whole including the corresponding figures. statements are presented.

If the financial statements of the prior period were audited by a

If the financial statements of the prior period were audited by a
predecessor auditor and the auditor is permitted by law or
predecessor auditor, in addition to expressing an opinion on the
regulation to refer to the predecessor auditor’s report on the
current period’s financial statements, the auditor shall state in an
corresponding figures and decides to do so, the auditor shall state
Other Matter paragraph:
in an Other Matter paragraph in the auditor’s report:
• That the financial statements of the prior period were
• That the FS of the prior period were audited by the
audited by the predecessor auditor;
predecessor auditor;
• The type of opinion expressed by the predecessor auditor
• The type of opinion expressed by the predecessor auditor
and, if the opinion was modified, the reasons therefore; and
and, if the opinion was modified, the reasons therefore; and
• The date of that report.
• The date of that report.

If the prior period financial statements were not audited, the auditor shall state in an Other Matter paragraph in the auditor’s report
that the corresponding figures/comparative financial statements are unaudited.

SPECIAL CONSIDERATIONS—Audits of Financial Statements Prepared in Accordance with Special Purpose Frameworks
Special Purpose Framework - a financial reporting framework designed to meet the financial information of specific users.
1. Apply PSA 700 (Revised) – Forming an Opinion and Reporting on Financial Statements.
2. The auditor’s report shall describe the purpose for which the FS are prepared and, if necessary, the intended users.
3. The auditor’s report on special purpose financial statements shall include an Emphasis of Matter paragraph.

SPECIAL CONSIDERATIONS—Audits of Single Financial Statements and Specific Elements, Accounts or Items of A Financial Statement
1. Apply PSA 700 (Revised), adapted as necessary in the circumstances of the engagement
2. If report on a single financial statement or on a specific element of a financial statement, the auditor shall express a separate
opinion for each engagement.
10 Auditing in an IT Environment
• An IT environment exists when a computer of any type or size is involved in the processing by the entity of financial information
of significance to the audit, whether the computer is operated by the entity or by a third party.
• The overall objective and scope of an audit does not change in an IT environment.
• An IT environment may affect:
a. The procedures followed in obtaining a sufficient understanding of the accounting and internal control systems.
b. The consideration of the inherent and control risk.
c. The design and performance of tests of controls and substantive procedures
• If specialized skills are needed, the auditor would seek the assistance of a professional possessing such skills, who may be
either on the auditor’s staff or an outside professional.

Characteristics of CIS: Benefits of IT Risk of IT

1. Lack of visible audit trail - paperless 1. Consistent 1. Inaccurate processing of
2. Consistency of performance - CIS function exactly as 2. Timeliness, availability, data
programmed accuracy 2. Unauthorized access to data
3. Additional analysis 3. Unauthorized changes to
3. Concentration of duties - A, R, & C are properly segregated
4. Monitor the performance data, systems and programs
4. Ease of access to date & computer programs 5. Reduce the risk that controls 4. Potential loss of data
5. System-generated transactions are circumvented
6. Vulnerability of data & program storage 6. Effective segregation of duties

Effect on audit: The same on objectives, responsibilities, and stages

Internal Control in CIS environment:

1. General Controls – to establish a framework of overall control over the IT activities.
a. Organizational controls - clear assignment of responsibilities

b. Development and maintenance controls – systems are developed or acquired in an

authorized manner.
c. Delivery and support controls – designed to control the delivery of IT services
d. Monitoring of controls – designed to ensure that IT controls are working effectively and as planned.
 i. Parity check – a bit is added to each character
ii. Echo check – information transmitted is stored and retransmitted to the sender
iii. Diagnostic routines – designed to detect hardware malfunctions.

2. Application controls – relate to the specific use of the system

a. Key verification - data is entered twice to confirm.
b. Field/Validity check - characters are matched with the field (e.g. Invoice – numeric, due date - format is date)
c. Check Digit - add a code for every supplier. 75302616 (7+5+3+0+2+6+1+6 = 24, 2+4 = 6)
d. Hash total - adding numbers without meaning.
e. Limit checks - ex. 50,000 limit and you try it (reasonableness check)

DISASTER RECOVERY PLANS HISTORICAL AUDIT TECHNIQUES (CAAT)

1. Internally provided back-up (on-site) - separate dept, expansion 1. Test Data – sets a dummy transaction specifically
option designed to test the control activities.
2. Externally provided back-up (off-site) - outsourced and back-up 2. Integrated Test Facility – allows fictitious and real
a. HOT SITE (Recovery Operating Center) – hardware facilities are transactions to be processed together without client
fully configured and ready to operate within several hours. operating personnel being aware of the testing process.
b. WARM SITE- not as equipped & riskier, costly 3. Parallel Simulation – the client’s software should generate
c. COLD SITE (Empty Shell) - least readily available & least costly the same exceptions as the auditor’s software; should be
ideally performed on a surprise basis.
AUDIT APPROACHES: TEST OF CONTROLS TYPES OF ONLINE COMPUTER SYSTEMS
1. Auditing around the computer - inputs are reconciled with 1. On-line/Real Time Processing – data are assembled from
outputs, simple; Blackbox approach – we don’t know the inside more than one location and records that are updated
2. Auditing with the computer – the computer is used as an audit immediately.
tool. 2. On-line/Batch Processing – transactions are entered,
3. Auditing through the computer (CAAT) - Client’s computer subjected to certain validation checks and added to a
program is being audited; Whitebox approach – examine the transaction file during the period.
computer directly

IT Department – conversion of data & processing of data Auditor’s responsibility:

1. Managers 4. Operators 1. Auditor should have sufficient knowledge of the IT
2. System analysis 5. Data encoders 2. Seek the assistance of a professionals possessing such skills
3. Programmer 6. Data controllers 3. Obtain an understanding of the significance and complexity of
the IT Activities
4. Consider IT environment in designing audit procedures
Code of Ethics for Professional Accountants
Code of Ethics
- Revised international code of ethics for Professional Accountants
- International Ethics Standards for Accountants (IESBA)
- Implemented by BOA in Philippines
- A distinguishing mark of the accounting profession is the acceptance of its responsibility to the public.
Part 1 Part 3
● Compliance with the code - responsibility to act in public ● CPAs in Public Practice
interest
● Fundamental principles Part 4
● Conceptual framework ● 4A – independence for audit review engagement
● Works for all PAs ● 4B – independence for audit assurance engagements
Part 2
● CPAs in Business

To eliminate the threats:

1. Identify the threats
2. Evaluate the effect
3. Address (either eliminate or reduce) thru safeguard
○ If there are no available safeguard, then reject the engagement

Fundamental Principles:
Integrity straightforward and honest, fair-dealing and truthfulness
Objectivity fair, intellectually honest, free of conflicts
Professional Competence and Due attain and maintain professional knowledge, act diligently in accordance with standards
Care (PSA)
Confidentiality respect of confidential information acquired
Professional behavior comply with relevant laws/regulations, avoid misconduct that might discredit the
profession
 Contingent fees are acceptable in non-assurance Cross border activities – choose the stricter of the two ethical
engagements, but not in assurance. requirements for prudence and conservatism.
Advertising - communication to the public to procure Publicity - communication of facts about the PA not designed for the
professional business. NOT ACCEPTABLE. promotion of PA. ACCEPTABLE.
Independence of mind - mental attitude or state of Independence in Appearance - from the perspective of 3rd person
mind
Threats to compliance with fundamental principles:
1. Self-interest threats - there is a financial or other interest.
2. Self-review threat - PA will appropriately evaluate the
results of a previous judgment made.
3. Advocacy threat - promoting an assurance client’s position,
acting as an advocate on behalf of an audit client.
4. Familiarity threat - too sympathetic to the client’s interests
5. Intimidation threat - PA will be deterred from acting
objectively because of actual or perceived pressures.

In the new provisions, the Time-on period for:

Engagement Professionals (Effective on or before 12/31/2023) 3 years
Key Audit Personnel 5 years
The Engagement Quality Control Reviewer is required to have a cooling-off period of 3 years;
while KAPs are required to have a cooling-off of 2 years.
12 RA 9298 The Accountancy Law
1. Objectives
○ Standardization and regulation of accounting education
○ Examination for registration of CPAs
○ Supervision, control, and regulation of practice of accountancy in the Philippines
2. Scope of practice
○ Public accountancy - own audit firm
○ Commerce/industry - private practice
○ Education/Academe - colleges, universities
○ Government
3. Board of Accountancy
○ Chairman + 6 members (total of 7), appointed by the president of PH
○ PICPA submits 5 nominees, narrowed in 3 by PRC, then submit the recommendation to the president of Ph
○ TERM: 3 years, but no more than 12 years (filling in is for unexpired portion only)
○ Grants the license to practice as a CPA
○ Secretary of Justice – will serve as the adviser of PRC and BOA

(5) Powers and Functions

(4) Qualification of BOA member
1. Prescribe and adopt rules (6) Grounds for Suspension
1. Natural-born
2. Supervise the registration, CPALE 1. Neglect of duty or incompetence
2. CPA with 10 years exp in ANY scope
3. Administer Oaths 2. Violation of toleration of any
3. GMC
4. Issue, suspend, revoke, or reinstate certificates violation
4. Do not have pecuniary interest,
5. Adopt its own seal. 3. Final judgements of crimes
directly or indirectly to any
6. Prescribe and adopt CoE 4. Manipulation or rigging of results
university
7. Conduct an oversight into the quality of audits

8. Qualification of the applicants

○ Filipino Citizen Refresher course; CPA is required if:
○ GMRC 1. Only to accredited by CHED APIC – 5M
○ BSA grad 2. PR: 10%, at least 10 examinees for at Revenues – 10M
○ Not been convicted of any criminal offense least 5 years (10-10-5 rule)
○ 3. Renewed every 5 years
9. Scope of Exam (MAS, AUD, TAX, RFBT, FAR, AFAR)
10. Ratings in CPALE
Pass 75% ave, no grade below 65%
Fail Opposite of pass
Conditional 75% ave, majority of subs is 75%

11. Successful examinees

○ Issued with Regulatory Documents (1) certificate of registration (no expiry) and (2) professional Identification Card (3
yrs. expiry)
12. Suspension and Revocation
○ Reinstatement for 2 years by BOA
13. Penal provisions
○ fine of not less than 50k or imprisonment of 2 years or both

CPD Council
Chairperson (BOA) – 1
1st member: officer of PICPA – 1
2nd member: academician – 1
TOTAL : 3 members