Add to collection(s) Add to saved
  1. Business
  2. Accounting
  3. Managerial Accounting

Module 6 – External Auditors

advertisement 
School Board Audit Committee Training
Module 6
External Auditors
1
Session objectives
After completing this session you will:
o Understand the responsibilities of the Auditors’, Management and the Audit Committee
as it relates to the financial statement audit
o Understand the external audit process
o Understand key areas of interaction with the external auditor
2
Duties related to Board’s External Auditor
[ON Regulation 361/10 9(4)]
•
•
•
•
•
•
To review the performance of the external auditor and make
recommendations to the Board on the appointment, replacement or
dismissal of the external auditor and on the fee and fee adjustment for the
external auditor
To review the external auditor’s audit plan
To review and confirm the independence of the external auditor
To meet on a regular basis with the external auditor and discuss important
matters
To resolve any disagreements between management and the external
auditor about financial reporting
To recommend to the Board a policy designating services that the external
auditor may perform for the Board and, if the Board adopts the policy, to
oversee its implementation (i.e. independence issues)
Source: ON regulation 361/10
3
Financial Reporting Responsibilities
Audit Committee/ Board of
Trustees
1.
•
Meet with the external auditors to
review the Audit Plan
•
Meet with the external auditors to
discuss the results of the audit and
review the Report on the Results of
the Audit
•
Review and recommend for
approval, the annual
financial statements and
disclosures
•
Follow up on audit
recommendations
•
Maintain oversight of the
systems of internal control
•
Understand, discuss and
address fraud and error
risks with management
•
Oversight in managing and
monitoring financial risks
•
Review external financial
communications
School Board Management
External Auditors
• Maintain appropriate
controls and accurate
financial records
• Perform an audit in accordance
with Canadian generally accepted
auditing standards.
• Report financial results on a
fair, consistent and timely
basis in accordance with
GAAP
• Understand key management
internal control systems and
processes and assess audit risk
• Select appropriate
accounting and disclosure
policies
• Evaluate the appropriateness of
accounting policies and
reasonableness of accounting
estimates
• Maintain compliance with
legislative and regulatory
requirements
• Obtain audit evidence for material
amounts and disclosures in the
financial statements
• Identify principal risks and
establish and maintain a
cost-effective control
environment
• Report any significant deficiencies
noted in internal controls
• Prepare financial
statements
• Provide management
representations
• Express an opinion on the
fairness of presentation of the
financial statements including
significant disclosures
• Provide industry expertise to
support the risk-based audit
approach
4
Objective of External Audit
Statement of
Financial Position
Objective:
Express an
opinion on…
Statement of
Operations
Statement of Change in Net
Debt
Statement of Cash
Flows
Summary of significant
accounting policies and other
explanatory information
5
Responsibilities of External Auditor Related to Internal
Controls
•
In assessing audit risk, internal controls relevant to the preparation
and fair presentation of the financial statements must be assessed
by the auditor
•
The review and testing of internal controls is carried out in order to
assess risk and design relevant and appropriate audit procedures
and not to express an opinion on the effectiveness of internal
controls
•
Internal control deficiencies identified during the course of the audit,
which are considered significant, must be communicated to
management and the Audit Committee
•
An audit designed and executed in accordance with Canadian
Auditing Standards may not detect material fraud
6
Generally Accepted Auditing Standards (GAAS)
• A set of systematic standards and guidelines now referred to as
Canadian Auditing Standards (CASs)
• Audit performed in accordance with GAAS is designed to provide
reasonable assurance that the Financial Statements, taken as a whole,
are free from material misstatement
• CAS’s do not impose responsibilities on management or those
charged with governance and do not override laws and regulations that
govern their responsibilities. However, an audit in accordance with
CAS’s is conducted on the premise that management and, where
appropriate, those charged with governance have acknowledged
certain responsibilities that are fundamental to the conduct of the audit.
The audit of the financial statements does not relieve management or
those charged with governance of their responsibilities.
7
Generally Accepted Auditing Standards GAAS (continued)
GAAS
Audit Committee Oversight
Engagement team must have the
appropriate competence and capabilities to
perform the audit in accordance with
professional standards
Review experience of the lead partner and
senior members of audit team and assess
their qualifications
Audit should be perform with due care and
objective state of mind
Monitor auditor’s independence
The work should be adequately planned
Discuss and review the proposed audit plan
A sufficient understanding of internal control Review and understand the extent of
should be obtained in order to assess audit
auditor’s reliance on internal control in the
risk and design appropriate audit procedures proposed audit plan
Sufficient appropriate audit evidence should
be obtained
Ask the auditor whether management has
placed any restrictions on the audit
8
Generally Accepted Auditing Standards GAAS (continued)
GAAS
Audit Committee Oversight
The independent auditors’ report (the report)
should identify the title of each statement that
comprises the financial statements and reference
the summary of accounting policies and notes and
should distinguish between responsibilities of
management and the responsibilities of the auditor
Review the formal written
representations that management
has provided to the external auditor
The report should describe the scope of auditor’s
examination
Ensure that the scope as set out in
the plan is reflected in the report
Report should contain an expression of opinion or
an assertion that an opinion cannot be expressed
Review and understand the auditor’s
opinion
The opinion should indicate that the financial
statements present fairly, in all material respects,
the financial position, results of operations and
cash flows in accordance with the appropriate
financial reporting framework
Understand the critical accounting
policies, significant estimates and
judgments made by management as
well as the applicable financial
reporting framework under which
management has prepared the
financial statements
9
SAMPLE - INDEPENDENT AUDITORS' REPORT
To the Board of Trustee
We have audited the accompanying financial statements of XXX DSB, which comprise the statement of
financial position as at August 31, 2011, and the statements of operations, change in net financial assets and
cash flows for the year then ended, and a summary of significant accounting policies and other explanatory
information.
Management's Responsibility for the Financial Statements
Management is responsible for the preparation and fair presentation of these financial statements in accordance
with Canadian public sector accounting standards, and for such internal control as management determines is
necessary to enable the preparation of financial statements that are free from material misstatement, whether
due to fraud or error.
Auditors' Responsibility
Our responsibility is to express an opinion on these financial statements based on our audit. We conducted our
audit in accordance with Canadian generally accepted auditing standards. Those standards require that we
comply with ethical requirements and plan and perform the audit to obtain reasonable assurance about whether
the financial statements are free from material misstatement.
An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the
financial statements. The procedures selected depend on the auditor's judgment, including the assessment of
the risks of material misstatement of the financial statements, whether due to fraud or error. In making those
risk assessments, the auditor considers internal control relevant to the entity's preparation and fair presentation
of the financial statements in order to design audit procedures that are appropriate in the circumstances, but not
for the purpose of expressing an opinion on the effectiveness of the entity's internal control. An audit also
includes evaluating the appropriateness of accounting policies used and the reasonableness of accounting
estimates made by management, as well as evaluating the overall presentation of the financial statements.
We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our
audit opinion.
10
SAMPLE - INDEPENDENT AUDITORS' REPORT (CONTINUED)
Opinion
In our opinion, the financial statements present fairly, in all material respects, the financial position of
XXX DSB as at as at August 31, 2011, and the results of its operations and its cash flows for the year
then ended in accordance with Canadian public sector accounting standards.
(To be signed by Auditor)
Chartered Accountants
Licensed Public Accountants
[City, Province or City, Canada]
[Date of the auditors' report]
11
Canadian Auditing Standards (CASs)
• The Auditing and Assurance Standards Board (AASB) recently
adopted, as Canadian Auditing Standards (CASs), the complete set
of international standards on auditing issued by the International
Auditing and Assurance Standards Board
• The CASs are effective for audits of financial statements for periods
ending on or after December 14, 2010
12
Changes in Canadian Auditing Standards (CASs)
Highlights of some of the changes :
• Auditor’s report must be dated no earlier than when those
responsible for the financial statements have approved them
• The new CASs includes a new structure and wording of the
standard report intended to make the report clearer
• The new CASs require auditors to enhance the rigor of testing and
reporting on related parties and management estimates
• The new CASs require external auditors to request management to
adjust all differences (above a trivial amount). Should differences
remain unadjusted, the auditors must request the Audit Committee
to ask management to adjust the financial statements
13
Key Phases of the External Audit
Phase
Audit Committee Deliverable
• Agreement on engagement terms
Annual engagement letter
• Initial Planning
− Understand business and
accounting processes (including
IT)
− Identify engagement risks
− Determine materiality
− Identify material accounts,
transactions and disclosures
− Identify and assess risk of
material misstatement (including
fraud risk)
− Coordinate activities with
external parties
Audit plan document
14
Key Phases of the External Audit (continued)
Phase
Audit Committee Deliverable
• Perform audit plan
−
−
−
−
−
Testing of internal controls
Substantive audit procedures
Obtain appropriate audit evidence
Reviews of accounting policies
Test financial statement disclosures
• Conclude and report
− Evaluate results of audit work
− Assess impact of current and prior
year’s errors, if any
− Consider disclosure deficiencies
− Determine sufficiency of audit scope
− Obtain management representations
− Auditors’ report on financial
statements
− Audit results document
− Independence letter
15
Engagement Terms
• GAAS requires that the terms of the audit be agreed with management
or those charged with governance
• Engagement letter should include:
– Objective and scope of the audit of the financial statements
– Responsibilities of the auditor
– Responsibilities of management
– Responsibilities of the audit committee and auditor communications
– Identification of applicable financial reporting framework for
preparation of the financial statements
– Reference to expected form and content of report to be issued
– A statement that there may be circumstances in which report may
differ from expected form and content
• Separate engagement letters are also required for special reports (i.e.
specified audit procedures reporting required by the Ministry)
16
Auditors’ Independence
• Why important?
– Essential component of an audit relationship
– Fundamental to accountability
– Required by the Canadian Auditing Standards
Source: Integrity in the spotlight, 2nd edition
17
What may Impair Independence?
• Threats
– Self Interest
– Self Review
– Advocacy
– Familiarity
– Intimidation
• Safeguards can be applied
• There are specific prohibited services for publicly listed entities
• For other entities any services/activities, where the auditor is acting
in a “management decision making capacity”, are specifically
prohibited.
Source: The Canadian Institute of Chartered Accountants, guide to the Canadian independence standard, (2009 update)
18
Audit Plan
• Auditors meet with the Audit Committee to present and discuss the
audit plan
• Examples of elements of the audit plan:
― Planned scope and timing of audit
― Financial reporting responsibilities
― Materiality
― Significant audit risks
― Internal control matters
― Consideration and discussion on the risk of fraud
― Use of experts (internal or external)
― New accounting, assurance and regulatory requirements
19
Materiality
• Materiality is the magnitude of a misstatement (including an
omission) in the financial statements or related disclosures that
would affect the judgment of a reasonable person using those
statements
• Auditor is responsible for providing reasonable assurance that the
financial statements are free from material misstatement
• In approving the audit plan, Audit Committee should consider both
the qualitative and quantitative aspects of materiality
20
Risk of Fraud
Specific inquiries to be addressed by the Audit Committee
• What are Audit Committee’s views about the risks of fraud in the
entity?
• Knowledge of any actual, suspected or alleged fraud affecting the
entity?
• What role, if any, does the Audit Committee exercise in the oversight
of management’s antifraud programs?
21
Fraud: Relevant Definitions
Fraud
an intentional act by one or more individuals among management,
those charge with governance, employees, or third parties, involving
the use of deception to obtain an unjust or illegal advantage.
Fraud risk factors:
events or conditions that indicate an incentive or pressure to commit
fraud or provide an opportunity commit fraud
Fraudulent financial reporting:
involves intentional misstatements, including omissions of amounts or
disclosures in financial statements, to deceive financial statement
users.
(Source: CICA Assurance Handbook)
22
Fraud versus Error
The distinguishing factor between fraud and error is whether
the underlying action that results in the misstatement of the
financial statements is intentional or unintentional.
Although fraud is a broad legal concept, for purposes of the
auditing standards, the auditor is concerned with fraud that
causes a material misstatement in the financial statements.
Two types of intentional misstatements are relevant to the
auditor — misstatements resulting from fraudulent financial
reporting and misstatements resulting from misappropriation of
assets. Although the auditor may suspect or, in rare cases,
identify the occurrence of fraud, the auditor does not make
legal determinations of whether fraud has actually occurred.
23
Types of Fraud
There are three main types of fraud.
Financial
statement fraud
Asset
Asset
misappropriati
misappropriation
on
Corruption
Includes intentional misstatements in or omissions from
financial statements
May include cheque forgery, theft of money, inventory theft,
payroll fraud, or theft of services
May include schemes such as kickbacks, or bribes to
influence decision-makers, or manipulation of contracts
Corruption
24
The Fraud Triangle
INCENTIVE/PRESSURE
25
Incentive/Pressure
• Pressure may be real or perceived.
• Pressure is usually created by circumstances the perpetrator is either
subject to or perceives him/herself to be subjected to (e.g., personal
financial pressures such as a spouse who loses a job, or market
pressures to meet financial targets or goals).
Examples:
– Status-seeking or status-maintaining needs (lifestyle pressures).
– Financial problems (debt).
– Need to meet unrealistic goals set by organization.
– Need to meet earnings to sustain investor confidence (in a public
company environment).
– Need to meet budget targets.
• There may also be incentives that increase the likelihood of fraud (e.g.,
management’s bonus structure).
26
Rationalization
• The process by which a person committing a fraud legitimizes or
justifies the crime is rationalization
• This often includes an attitude or feeling of entitlement and/or a
belief that “the organization can afford it.”
• For example, a perpetrator may rationalize a theft by saying
– I was only borrowing the money.
– I deserve it for all of the extra hours I work
– My employer has been cheating me
– This is only a temporary solution to fix the problem
– I’ll pay it back when I can
27
Opportunity
•
•
•
•
•
•
Opportunities to commit fraud can manifest themselves in different ways
If internal controls are inadequate surrounding financial reporting or
safeguarding assets, it may be relatively easy for a perpetrator to record
fraudulent transactions or steal assets
Some employees (often within management) may be in a position to
override controls which may create opportunities to commit fraud
There is another consideration for opportunities that is often overlooked -low
perception of detection or meaningless consequences to inappropriate
behavior within the organization may allow for greater opportunities for fraud
to occur than if there is the deterrent element of a high likelihood of
detection and severe consequences
Further, collusion may enable perpetrators to bypass existing controls,
rendering those controls ineffective
Most traditional internal preventative controls are not effective at addressing
collusive fraud. Collusive fraud is generally found by detective controls
coupled with an understanding of the business and operating environment
28
Initial Detection of Occupational Frauds
(Source: 2010 Report to the Nations on Occupational Fraud and Abuse)
29
Discussion - fraud
• Discuss at your tables possible fraud risk factors in a school board
environment
• What might be done to address the fraud risk factors identified.
30
Audit Results Document
• Auditors meet with the Audit Committee to present findings
• Examples of elements of an Audit Results Document:
– Status of audit, its scope and representations
– Audit opinion
– Matters to be communicated to the Audit Committee (see tool kit)
– Results of audit work on significant risk areas
– Review of areas of judgement and management estimates
– Summary of adjusted and unadjusted differences
– Confirmation of Auditor independence
31
Related documents
Evolution of an Automated Internal Audit Management System
Evolution of an Automated Internal Audit Management System
Audit Poster - BSG Colonoscopy Audit
Audit Poster - BSG Colonoscopy Audit
LGFMA Presentation - Internal Audit Program Model
LGFMA Presentation - Internal Audit Program Model
QUALITY ASSURANCE: Obstetrics Auditing, Records & Reports
QUALITY ASSURANCE: Obstetrics Auditing, Records & Reports
Getting to Know Internal Auditing - The Institute of Internal Auditors
Getting to Know Internal Auditing - The Institute of Internal Auditors
grp-2
grp-2
Electronic Data Processing * Audit Sistem Informasi
Electronic Data Processing * Audit Sistem Informasi
Chapter 8: Preliminary Survey & Internal Control Review
Chapter 8: Preliminary Survey & Internal Control Review
Download
advertisement