ATENEO DE NAGA UNIVERSITY | COLLEGE OF BUSINESS AND ACCOUNTANCY | DEPARTMENT OF ACCOUNTANCY AUDITING AND ASSURANCE - THEORY AND CONCEPTS RD DEUNA, CPA AT 001 INTRODUCTION TO AUDITING AND ASSURANCE ENGAGEMENTS Topics included: 1. Philippine Framework for Assurance Engagements; 2. Audit Engagements – Overview; 3. Review Engagements; 4. Agreed Upon Procedures Engagements; 5. Compilation Engagements; 6. Auditing and Assurance Standards Setting Bodies ASSURANCE ENGAGEMENTS – based on PHILIPPINE FRAMEWORK FOR ASSURANCE ENGAGEMENTS 1. PHILIPPINE FRAMEWORK FOR ASSURANCE ENGAGEMENTS I. The Framework does not itself establish standards or provide procedural requirements for the performance of assurance engagements. II. In addition to the Framework and PSAs, PSREs and PSAEs, practitioners who perform assurance engagements are governed by: The Philippine Code of Ethics for Professional Accountants; and Philippine Standards on Quality Control (PSQCs) The Authority Attaching to Philippine Standards Issued by the AASC STANDARDS APPLICATION 1. Philippine Standards on Auditing (PSAs) Audit of historical financial information 2. Philippine Standards on Review Review of historical financial information Engagements (PSREs) 3. Philippine Standards on Assurance Assurance engagements dealing with Engagements (PSAEs) subject matters other than historical financial information 4. Philippine Standards on Related Services Compilation engagements (PSRSs) Engagements to apply agreed-upon procedures to information Other related services engagements as specified by the AASC 1. PSAs, PSREs, PSAEs and PSRSs are collectively referred to as the AASC’s Engagement Standards. 2. Philippine standards on Quality Control (PSQC) are to be applied for all services falling under the AASC’s engagement standards. 3. Philippine Standards are applicable to engagements in the Public sector. 2. Definition: Assurance engagement means an engagement in which a practitioner expresses a conclusion designed to enhance the degree of confidence of the intended users other than the responsible party about the outcome of the evaluation or measurement of a subject matter against criteria. 3. Scope: The following are non-assurance engagements and therefore are not covered by the Framework: I. Engagements covered by the PSRSs such as agreed-upon procedures engagements and compilations of financial or other information. II. The preparation of tax returns where no conclusion conveying assurance is expressed. III. Consulting (or advisory) engagements, such as management and tax consulting. 4. Elements of an Assurance Engagements: I. A three-party relationship: i. A practitioner: - is the individual conducting the engagement; should comply with the requirements of the law, regulatory requirements, and code of ethics. ii. A responsible party: - is the party responsible for the underlying subject matter; may also be the engaging party and/or the measurer or evaluator. Page 1 of 7 iii. Intended users: - are the users of the assurance report; may be the responsible party but not the only one; may be involved in determining the requirements of the engagement. II. An appropriate subject matter; - The phenomenon that is measured or evaluated by applying criteria. “Subject matter information” refers to the outcome of the evaluation or measurement of a subject matter. III. Suitable criteria; - the benchmarks used to measure or evaluate the subject matter that are established or developed by groups composed of experts that follow due process procedures, including exposure of the proposed criteria for public comment, are ordinarily considered suitable. Characteristics of a Suitable Criteria: 1. Relevance – assists decision-making by the intended users. 2. Completeness – does not omit relevant factors that may affect decision making of decision-making of intended users. 3. Reliability – it can be consistently used in measurement of underlying subject matter. 4. Neutrality – free from bias 5. Understandability – result of subject matter information is understood by intended users. IV. Sufficient appropriate evidence; - Information used by the practitioner in arriving at the opinion, conclusion, or findings on which the practitioner’s report is based. Sufficiency of Evidence - The measure of the quantity of evidence. The quantity of the evidence needed is affected by the risks of material misstatement and also by the quality of such evidence. Appropriateness of Evidence - The measure of the quality of evidence, that is, its relevancy and reliability in providing support for the practitioner’s opinion. Ways in Gathering of Evidence: Professional Judgment - The application of relevant training, knowledge, and experience within the context provided by auditing, accounting, and ethical standards in making informed decisions about the courses of action that are appropriate in the circumstances of the audit engagement. Professional Skepticism – An attitude that includes a questioning mind, being alert to conditions that may indicate possible misstatement due to fraud or error, and a critical assessment of audit evidence. Factors that affect evidence gathering: Materiality - the magnitude of an omission or misstatement of accounting in formation that, in the light of surrounding circumstances, makes it probable that the judgment of a reasonable person relying on the information would have been changed or influenced by the omission or misstatement. Engagement Risk - is the risk that the practitioner expresses an inappropriate conclusion when the subject matter information is materially misstated. Examples of Engagement Risks: 1. Inherent Risk – The susceptibility of an assertion about a class of transaction, account balance, or disclosure to a misstatement that could be material, either individually or when aggregated with other misstatements, before consideration of any related controls. 2. Control Risk – The risk that a misstatement that could occur in an assertion about a class of transaction, account balance, or disclosure and that could be material, either individually or when aggregated with other misstatements, will not be prevented, or detected and corrected, on a timely basis by the entity’s internal control. 3. Detection Risk – The risk that the procedures performed by the auditor to reduce audit risk to an acceptably low level will not detect a misstatement that exists and that could be material, either individually or when aggregated with other misstatements. Page 2 of 7 4. Measurement or Evaluation Risk - In the case of a direct engagement, the risks associated with the practitioner’s measurement or evaluation of the underlying subject matter against the criteria V. A written assurance report in the form appropriate to a reasonable assurance engagement or a limited assurance engagement. Types of Assurance Engagement based on the level of Assurance provided in the Assurance Report: 1. Reasonable Assurance Engagement - the objective is a reduction in assurance engagement risk to an acceptably low level in the circumstances of the engagement as the basis for a positive form of expression of the practitioner’s conclusion. Limitations in Assurance Engagements: I. Use of selective testing. II. Use of selective testing III. Inherent limitations of internal control IV. Evidence available to the practitioner is persuasive rather than conclusive V. Use of professional judgment VI. Characteristics of the underlying subject matter when measured or evaluated against criteria. 2. Limited Assurance Engagement - the objective is a reduction in assurance engagement risk to a level that is acceptable in the circumstances of the engagement, but where the risk is greater than for a reasonable assurance engagement, as a basis for a negative form of expression of the practitioner’s conclusion. 5. Types of Assurance Engagement based on Form or Structure 1. Assertion-based Engagements – the evaluation or measurement of the subject is performed by the responsible party, and the subject matter information is in the form of an assertion by the responsible party that is made available to intended users. 2. Direct Reporting Engagements - the practitioner either directly performs the evaluation or measurement of the subject matter, or obtains a representation from the responsible party that has performed the evaluation or measurement that is not available to the intended users in the assurance report. 6. Parties to an Assurance Engagement Page 3 of 7 SERVICES BEING OFFERED BY A PROFESSIONAL ACCOUNTANT I. A Certified Public Accountant may perform, but not limited to, the following services: I. Assurance Engagements 1. Audit Engagement 2. Review Engagement II. Non-Assurance Engagements 1. Agreed-upon Procedures 2. Compilation of Financial Statements 3. Tax Services such as Tax Preparation and Tax Planning 4. Management Consulting II. Audit Engagements – Overview Objective: The OBJECTIVE of an audit of financial statements is to enable the auditor to express an opinion whether the financial statements are prepared, in all material respects, in accordance with an applicable financial reporting framework. Material Misstatement - A difference between the amount, classification, presentation, or disclosure of a reported financial statement item and the amount, classification, presentation, or disclosure that is required for the item to be in accordance with the applicable financial reporting framework. . Misstatements can arise from error or fraud or non-compliance. Responsibilities of Auditor: 1. The auditor should comply with relevant ethical requirements relating to audit engagements. 2. The auditor should conduct the audit in accordance with PSAs 3. The auditor should plan and perform an audit with an attitude of PROFESSIONAL SKEPTICISM recognizing that circumstances may exist that cause the financial statements to be materially misstated. 4. While the auditor is responsible for forming and expressing an opinion on the financial statements, the responsibility for the preparation and presentation of the financial statements in accordance with the applicable financial reporting framework is that of the entity’s MANAGEMENT, with oversight from those charged with governance. Level of Assurance Provided: Reasonable Assurance. Absolute assurance in auditing is not attainable as a result of such factors as: • • • • The need for judgment; The use of testing; The inherent limitations of any accounting and internal control systems; and The fact that most of the evidence available to the auditor is persuasive, rather than conclusive, in nature. Responsibilities of the Management: 1. The preparation and fair presentation of the financial statements in accordance with the applicable financial reporting framework. 2. The design, implementation, and maintenance of internal control relevant to the preparation and fair presentation of financial statements that are free from material misstatement, whether due to fraud or error; and 3. To provide the auditor with a. Access to all information of which management and, when appropriate, those charged with governance are aware that is relevant to the preparation and fair presentation of the financial statements, such as records, documentation, and other matters; b. Additional information that the auditor may request from management and, when appropriate, those charged with governance for the purpose of the audit; and Page 4 of 7 c. Unrestricted access to persons within the entity from whom the auditor determines it necessary to obtain audit evidence. Audit Process - OVERVIEW III. Review Engagements 1. The objective of a review of financial statements is to enable a practitioner to state whether, on the basis of procedures which do not provide all the evidence that would be require in an audit, anything has come to the practitioner’s attention that causes the practitioner to believe that the financial statements are not prepared, in all material respects, in accordance with an identified financial reporting framework (negative assurance) 2. A review comprises INQUIRY and ANALYTICAL PROCEDURES which are designed to review the reliability of an assertion that is the responsibility of one party for use by another party. 3. A review does not ordinarily involve an assessment of accounting and internal control systems, tests of records and of responses to inquiries by obtaining corroborating evidence through inspection, observation, confirmation and computation, which are procedures ordinarily performed during an audit. 4. The level of assurance provided in a review report is less that that given in an audit report. IV. Agreed-Upon Procedures Engagements 1. In an engagement to perform agreed-upon procedures, an auditor is engaged to carry out those procedures of an audit nature to which the auditor and the entity and any appropriate third parties have agreed and to report on FACTUAL FINDINGS. 2. The recipients of the report must form their own conclusion from the report of the auditor. 3. The report is restricted to those parties that have agreed to the procedures to be performed since others, unaware of the reasons for the procedures, may misinterpret the results. V. Compilation Engagements 1. In a compilation engagement, the accountant is engaged to use accounting expertise as opposed to auditing expertise to collect, classify, and summarized financial information. 2. It ordinarily entails reducing detailed data to manageable and understandable form without a requirement to test the assertions underlying that information. Page 5 of 7 3. The procedures performed are not designed and do not enable the accountant to express any assurance on the financial information. 4. Users of compiled financial information derived some benefit as a result of the accountant’s involvement because the service has been performed with due professional skill and care. VI. Summary Nature of service Level of Assurance Provided Report provided Audit High, but not absolute assurance Positive assurance on assertion(s) (Audit Report) Review Moderate assurance Negative assurance on assertion(s) (Review Report) Agreed-upon Procedures No assurance Factual findings of procedures Compilation No assurance Identification of information compiled (Compilation Report) AUDITING AND ASSURANCE STANDARDS – STANDARD SETTING BODIES I. II. IFAC – International Federation of Accountants 1. Mission of IFAC: “to serve the public interest by contributing to the development, adoption and implementation of high-quality international standards and guidance; contributing to the development of strong professional accountancy organizations and accounting firms, and to high quality practices by professional accountants; promoting the value of professional accountants worldwide; and speaking out on public interest issues where the accountancy profession’s expertise is most relevant.” 2. Founded: October 7, 1977, in Munich, Germany, at the 11th World Congress of Accountants. 3. Objective: It was established to strengthen the worldwide accountancy profession in the public interest by: a. Developing high-quality international standards in auditing and assurance, public sector accounting, ethics, and education for professional accountants and supporting their adoption and use; b. Facilitating collaboration and cooperation among its member bodies; c. Collaborating and cooperating with other international organizations; and d. Serving as the international spokesperson for the accountancy profession. 4. Members: a. Founding Members: 63 members from 51 countries including Philippines b. Current Members: 175 members from 130 countries 5. Boards/Committees: a. International Auditing and Assurance Standards Board (formerly the International Auditing Practices Committee) b. International Accounting Education Standards Board (formerly the Education Committee) c. International Ethics Standards Board for Accountants (formerly the Ethics Committee) d. Professional Accountants in Business Committee (formerly the Financial and Management Accounting Committee and originally established as the Management Accounting Committee) e. International Public Sector Accounting Standards Board (formerly the Public Sector Committee) f. Transnational Auditors Committee g. Compliance Advisory Panel h. Professional Accountancy Organization Development Committee (formerly Developing Nations Committee) i. Small and Medium Practices Committee IAASB - International Auditing and Assurance Standards Board 1. Function: IFAC Board has established the International Auditing and Assurance Standards Board (IAASB) to function as an independent standard-setting body under the auspices of IFAC and subject to the oversight of the Public Interest Oversight Board (PIOB). Page 6 of 7 III. 2. Objective: To serve the public interest by setting high-quality auditing, assurance, and other related standards and by facilitating the convergence of international and national auditing and assurance standards, thereby enhancing the quality and consistency of practice throughout the world and strengthening public confidence in the global auditing and assurance profession. 3. Pronouncements of IAASB: International Standards on Auditing (ISAs) and International Standards on Review Engagements (ISREs) to be applied in audit and review engagements on historical financial information. International Standards on Assurance Engagements (ISAEs) to be applied in assurance engagements other than audits or reviews of historical financial information. International Standards on Related Services (ISRSs) to be applied in related services engagements. International Standards on Quality Control (ISQCs) to be applied for all services falling within the Engagement Standards of the IAASB. AASC – Auditing & Assurance Standards Councils 1. Objective: The Auditing and Assurance Standards Council (AASC) was created in December 2005, under the Philippine Accountancy Act of 2004, by the Professional Regulation Commission upon the recommendation of the Board of Accountancy (BOA). The AASC is tasked to assist the BOA to establish and promulgate auditing standards in the Philippines. 2. Members: The AASC shall have 18 regular members with a term of three years, renewable for another term, coming from the following: 3. Pronouncements: At present, AASC pronouncements are mainly adopted from the standards and practice statements issued by the IAASB. There are currently no fundamental differences between the IAASB International pronouncements and the equivalent AASC Philippine pronouncements and no such differences are expected in the future. Philippine Standards on Quality Control (PSQCs) Philippine Standards on Auditing (PSAs) Philippine Standards on Review Engagements (PSREs) Philippine Standards on Assurance Engagements (PSAEs) Philippine Standards on Related Services (PSRSs) Philippine Auditing Practice Statements (PAPSs) Philippine Review Engagement Practice Statements (PREPSs) Philippine Assurance Engagement Practice Statements (PAEPSs) Philippine Related Services Practice Statements (PRSPSs) Page 7 of 7