390 likes | 680 Views
An Auditor’s Services Principles of Auditing: An Introduction to International Standards on Auditing - Ch 4. Rick Stephan Hayes, Philip Wallage, and Hans Gortemaker.
E N D
An Auditor’s Services Principles of Auditing: An Introduction to International Standards on Auditing - Ch 4 Rick Stephan Hayes, Philip Wallage, and Hans Gortemaker
Besides the International Framework for Assurance Engagements, ISAs, ISREs and ISAEs, practitioners who perform assurance engagements are governed by • The IEASB Code of Ethics for Professional Accountants • International Standards on Quality Control (ISQCs)
What services does an independent audit firm offer their clients?
IAASB’s Engagement Standards • Some engagement standards are based on “International Framework for Assurance Engagements” (assurance engagements), and others result from the “Related Services Framework” (related services engagements). • Three sets of standards (ISAs, ISREs (historical financial) and ISAEs (not based on historical f/s) share the assurance engagement framework and one standard set (ISRS) is based on the related services framework. • ISAs, ISREs, ISAEs and ISRSs are collectively referred to as the IAASB’s Engagement Standards.
Assurance Engagements on Subject Matters Other than Historical Financial Information (ISAEs) The ISAE standards are divided into two parts: (1) ISAEs 3000 – 3399 which are topics that apply to all assurance engagements (2) ISAEs 3400 – 3699 which are subject specific standards, for example standards relating to examination of prospective financial information,
Not all engagements performed by practitioners are assurance engagements Frequently performed engagements that are not covered by the Assurance Framework are: • Engagements covered by International Standards for Related Services (ISRS), such as agreed-upon procedures and compilations. • The preparation of tax returns where no conclusion conveying assurance is expressed. • Consulting (or advisory) engagements, such as management and tax consulting.
Related Services Framework (ISRSs) Standards under this framework, International Standards on Related Services (ISRSs), are applied currently to two audit services: • Agreed-upon procedures (ISRS 4400) Agreed-upon procedures are assurance based on audit procedures in a very limited “agreed upon” area with a proscribed set of users. • Compilations (ISRS 4410 ). Compilations offer no assurance whatsoever.
Assurance Engagements Defined • Assurance engagement means an engagement in which a practitioner expresses a conclusion designed to enhance the degree of confidence of the intended users (other than the responsible party) about the outcome of the evaluation or measurement of a subject matter against criteria
five elements that all assurance engagements exhibit • a three party relationship involving a practitioner; aresponsible party; and the intended users, • appropriate subject matter, • suitable criteria, • Sufficient appropriate evidence • an written assurance report.
Three Party Relationship • The practitioner (e.g., auditor, accountant, expert) gathers evidence to provide a conclusion to the intended users about whether a subject matter (e.g., financial statements) conforms, in all material respects, with identified criteria. • The responsible party (usually management or the board of directors) is one who is responsible for the subject matter or subject matter information (assertion). • The intended users are the person or persons for whom the practitioner prepares the assurance report.
Subject Matter The assurance engagement evaluates whether the subject matter conforms to suitable criteria that will meet the needs of an intended user. A subject matter of an assurance is the topic about which the assurance is conducted
Subject matter information—The outcome of the evaluation or measurement of a subject matter. It is the subject matter information about which the practitioner gathers sufficient appropriate evidence to provide a reasonable basis for expressing a conclusion in an assurance report
The subject matter, and subject matter information, of an assurance engagement can take many forms, such as: • Financial performance or conditions (for example, historical or prospective financial position, financial performance and cash flows) • for which the subject matter information may be the recognition, measurement, presentation and disclosure represented in financial statements. • Non-financial performance or conditions (for example, performance of an entity) • for which the subject matter information may be key indicators of efficiency and effectiveness
Subject matter of an engagement (cont) • Physical characteristics (for example, capacity of a facility) • for which the subject matter information may be a specifications document. • Systems and processes (for example, an entity’s internal control or IT system) • for which the subject matter information may be a statement of effectiveness. • Behavior (for example, corporate governance, compliance with regulation, human resource practices) • for which the subject matter information may be a statement of compliance or a statement of effectiveness.
Suitable Criteria Suitable criteria are the benchmarks (standards, objectives or set of rules) used to evaluate the subject matter of an assurance engagement. • International Financial Reporting Standards • U.S. Generally Accepted Accounting Principles • national standards • Global Reporting Initiative • PCAOB internal control report criteria • Applicable law, regulation or contract • An agreed level of performance • Internal control framework
Characteristics of Suitable Criteria (a) Relevance (b) Completeness (c) Reliability (d) Neutrality (e) Understandability
Sufficient Appropriate Audit Evidence • Sufficiency is the measure of the quantity of evidence. • The quantity of evidence needed is affected by the risk of the subject matter information being materially misstated (the greater the risk, the more evidence is likely to be required) and also by the quality of such evidence (the higher the quality, the less may be required). • Appropriateness is the measure of the quality of evidence; that is, its relevance and its reliability.
Assurance Report The practitioner provides a written report containing a conclusion that conveys the assurance obtained about the subject matter information. • ISAs, ISREs and ISAEs establish basic elements for assurance reports.
Reasonable and Limited Assurance Engagements • “Reasonable assurance engagement” and “limited assurance engagement” distinguish between the two types of assurance engagement • The objective of a reasonable assurance engagement is a reduction in assurance engagement risk to an acceptably low level as the basis for a positive form of expression of the practitioner’s conclusion. E.g, “presents fairly in all material respects” • The objective of a limited assurance engagement is a reduction in assurance engagement risk to a level that is acceptable in the circumstances but greater than a reasonable assurance engagement as the basis for a negative form of expression of the practitioner’s conclusion. E.g., “nothing has come to our attention that causes us to believe that financial statements do not conform, in all material respects, with IFRS”.
Assurance Report Standard Elements The standard elements of the report include the title, addressee, the identification of the subject matter information , identification of the criteria, identification of the responsible party and their responsibilities, the practitioner’s responsibilities, a statement that the engagement was performed in accordance with ISAEs, summary of the work performed, practitioner’s conclusion, assurance report date, practitioner’s name and specific location, and, if appropriate, a description of any significant inherent limitations, or a statement restricting the use to certain intended users .
Basic Elements on the assurance report • A title that clearly indicates the report is an independent assurance report. • An addressee identifies the party or parties to whom the assurance report is directed. • A statement to identify the responsible party and to describe the responsible party’s and the practitioner’s responsibilities. • the assurance report refer specifically to being performed in accordance with that specific ISAEs. • The name of the firm or the practitioner, and a specific location
Assurance Report Basic Elements A title An addressee: A description of the subject matter. A statement restricting the use of the assurance report identification the responsible party Statement - performed in accordance with ISAEs. A summary of the work performed Identification of the criteria The practitioner’s conclusion The assurance report date. The name and location of the firm or the practitioner
Qualified Conclusions, Adverse Conclusions and Disclaimers of Conclusion The practitioner should not express unqualified conclusion when the following circumstances exist and, the effect of the matter is or may be material: • There is a limitation on the scope of the practitioner’s work preventing gathering sufficient appropriate audit evidence • In those cases where the responsible party’s assertion is not fairly stated and the subject matter information is materially misstated
Professional Judgment • The nature of the International Standards requires the professional accountant to exercise professional judgment in applying them. • Professional judgment is the application of relevant training, knowledge and experience, within the context provided by auditing, accounting and ethical standards, in making informed decisions about the courses of action that are appropriate in the circumstances of the audit engagement.
Professional Judgment required for • The critical elements of auditing including criteria, independence of mind, sufficient appropriate audit evidence,determining and communicating significant deficiencies in internal control, and determination of whether an audit objective has been achieved requires professional judgment. • The assessment of risks is a matter of professional judgment, rather than a matter capable of precise measurement. • Professional judgment is required in determination of the level of supervision of the engagement team.
Documenting Professional Judgment The auditor is required to prepare audit documentation sufficient to enable an experienced auditor, having no previous connection with the audit, to understand the significant professional judgments made in reaching conclusions on significant matters arising during the audit.
Professional Skepticism • The ISAs require that the auditor’s professional actions including planning and performing an assurance engagement must be carried out with an attitude of professional skepticism recognizing that circumstances may exist that cause the subject matter information to be materially misstated. • Professional skepticism is an attitude that includes a questioning mind, being alert to conditions which may indicate possible misstatement due to error or fraud, and a critical assessment of audit evidence.
International Standard on Quality Control 1 (ISQC 1) • ISQC 1 applies to all firms of professional accountants in respect to audits and reviews, other assurance, and related services engagements. • ISQC 1 gives the requirements designed to enable the firm to meet the objective of quality control. In addition, it contains related guidance in the form of application and other explanatory material. • ISA 220 deals with quality control procedures for audits of financial statements.
The audit firm must establish, maintain, document and communicate to their personnel a system of quality control that includes policies and procedures that address each of the following elements: • Leadership responsibilities for quality within the firm. • Relevant ethical requirements. • Acceptance and continuance of client relationships and specific engagements. • Human resources. • Engagement performance. • Monitoring.
Thank You for Your Attention Any Questions?