McGraw-Hill/Irwin
Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

 Public Company Accounting Oversight Board

Auditing, Attestation, Quality Control, Independence,
Ethical Standards for audits of public companies
 American Institute of Certified Public
Accountants

Auditing, Attestation, Quality Control, Independence
Ethical, Accounting and Review Standards for engagements involving nonpublic companies
 State Boards of Accountancy

License CPAs and CPA firms to practice in jurisdictions
2-2

Regulation of the Public Accounting Profession
2-3

 Purpose of an audit
 Premise of an audit
 Personal responsibilities of the auditor
 Auditor actions in performing the audit
 Reporting results of an audit
2-4

 Purpose of an audit —Provide an opinion on financial statements are in accordance with the applicable financial reporting framework.

The framework is ordinarily GAAP.

The applicable framework corresponds to the
“suitable criteria” of an attest engagement.
2-5

 Premise of an audit —Management (and those charged with governance) have responsibility to:

Prepare financial statements in accordance with applicable financial reporting framework.

Provide auditor with needed information and unrestricted access to those in the entity.
2-6

 Personal responsibility of the auditor —
Appropriate competence and capabilities to perform audit in accordance with standards, including maintaining professional skepticism and exercising professional judgment throughout the audit.

Professional skepticism—A questioning mind and a critical assessment of audit evidence.
2-7

 Auditor actions in performing the audit

Obtain reasonable assurance about whether financial statements are free from error or fraud.

The auditor is unable to obtain absolute assurance due to:
• Nature of financial reporting.
• Nature of audit procedures.
• Need to conduct audit within a reasonable period of time.
2-8

 Reporting the results of an audit —
Express in a written report an opinion on findings (or statement that opinion cannot be expressed).

The opinion is on whether the financial statements are in accordance, in all material respects, with the applicable financial reporting framework.
2-9

 General Standards
 Standards of Field Work
 Reporting Standards
NOTE: These standards only apply to audits conducted according to PCAOB standards. The preceding “Principles” replaced the 10 GAAS standards for nonpublic company audits.
2-10

 Adequate technical training and proficiency
 Independence in mental attitude is to be maintained
 Due professional care is to be exercised
2-11

 Auditor must adequately plan and properly supervise work
 Auditor must obtain a sufficient understanding of entity, and its environment, including internal control to assess risk of material misstatement and to design further audit procedures
 Auditor must obtain sufficient appropriate audit evidence to afford a reasonable basis for the opinion
2-12

 State whether the financial statements are presented in accordance with GAAP
 Identify circumstances in which such principles have not been consistently applied
 Informative disclosures are adequate unless otherwise stated in the report
 Report should clearly state the degree of responsibility being assumed by the auditors by expressing an opinion or stating that one cannot be expressed, and the reason therefor
2-13

Responsibility
Level
Meaning Words Used to
Indicate Responsibility
Unconditional
Responsibility
Auditor must fulfill responsibilities “Must”
“Shall” (PCAOB only)
“Is required” (PCAOB only)
Presumptively
Mandatory
Auditor must comply with requirements unless auditor demonstrates and documents that alternative actions were sufficient to achieve the objectives of the standards
Responsibility to
Consider
Auditor should consider; whether the auditor complies with the requirements depends on the exercise of professional judgment in the circumstances
“Should”
“May”
“Might”
“Could”
Other phrases indicating a responsibilities to consider
2-14

2-15

Auditor Responsibility for the
Detection of Errors and Fraud (1 of 2)


Obtain information to assess the inherent risks and fraud risks

Information about the company and its environment


Discussion among audit team members
Inquiries of management and others

Risk assessment analytical procedures, including those involving revenue
Assess the risk of errors and fraud that may cause the financial statements to contain a material misstatement.
2-16

Auditor Responsibility for the
Detection of Errors and Fraud (2 of 2)
 Based on that assessment, plan and perform the audit to obtain reasonable assurance that material misstatements, whether caused by errors or fraud, will be detected.
 Exercise due care in planning, performing and evaluating the results of audit procedures, and the proper degree of professional skepticism to achieve reasonable assurance that material misstatements due to error or fraud will be detected.
2-17

Auditor Responsibility for Client
Identifying Noncompliance with Laws


Noncompliance with laws that could have a direct and material effect on financial statement amounts and disclosures--same as for errors and fraud. An audit obtains reasonable assurance of detecting noncompliance with these laws.
Other Laws (no direct effect on financial statement amounts):


Specific procedures:
• Inquire of management as to compliance
• Inspect correspondence with licensing or regulatory authorities
Be aware of possible occurrence.

If information comes to the auditor’s attention, apply audit procedures directed at determining whether noncompliance with a law has occurred. An audit does not provide assurance that noncompliance with these laws will be detected.
2-18

 Title
 Addressee
 Content Sections (paragraphs)

Introductory (“We have audited”)



Management’s responsibility
Auditor’s Responsibility
Opinion Paragraph
 Signature (firm name)
 City and state of office issuing audit report
 Date
2-19

We have audited the accompanying consolidated balance sheets of ABC Company and its subsidiaries, as of December 31, 20X1 and 20X0, and the related consolidated statements of income, retained earnings, and cash flows for the years then ended.
2-20

The AICPA Standard Auditors’ Report—
Management’s Responsibility Paragraph
Management is responsible for the preparation and fair presentation of these consolidated financial statements in accordance with accounting principles generally accepted in the United States of America; this includes the design, implementation, and maintenance of internal control relevant to the preparation and fair presentation of consolidated financial statements that are free from material misstatement, whether due to fraud or error.
2-21

The AICPA Standard Auditors’ Report:
Auditors’ Responsibility Paragraphs
Our responsibility is to express an opinion on these consolidated financial statements based on our audits. We conducted our audits in accordance with auditing standards generally accepted in the United States of America. Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the consolidated financial statements are free of material misstatement.
An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the consolidated financial statements. The procedures selected depend on the auditor's judgment, including the assessment of the risks of material misstatement of the consolidated financial statements, whether due to fraud or error. In making those risk assessments, the auditor considers internal control relevant to the entity's preparation and fair presentation of the consolidated financial statements in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the entity's internal control An audit also includes evaluating the appropriateness of accounting policies used and the reasonableness of significant accounting estimates made by management, as well as evaluating the overall presentation of the consolidated financial statements.
We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion.
2-22

In our opinion, the consolidated financial statements referred to above present fairly, in all material respects, the financial position of
ABC Company and its subsidiaries as of
December 31, 20X1 and 20X0, and the results of their operations and their cash flows for the years then ended in accordance with accounting principles generally accepted in the United States of America.
2-23

 FASB issues GAAP for nongovernmental entities


Authoritative: FASB Codification and Accounting
Standards Updates
Nonauthoritative Pronouncements:
• Widely recognized practices
• FASB concepts Statements
• AICPA Issues Papers
• International Financial Reporting Standards
• Various others
 Other sources of GAAP

GASB--State and local governments

FASAB--Federal government
2-24



Standard unmodified report (unqualified per PCAOB standards)

Financial statements follow GAAP and auditor does not add additional commentary for any issue
Other reports

Unmodified with emphasis of matter (or other emphasis)
• Example: A lack of consistency in application of accounting principles


Qualified opinion
• Scope limitation or departure from GAAP
Adverse opinion
• Departure from GAAP so significant that financial statements as a whole are misleading

Disclaimer of opinion
• Unable to arrive at an opinion due to a very significant scope limitation
2-25

 Title is “Report of Registered Independent
Public Accounting Firm.”
 Refers to standards of the PCAOB rather than GAAS.
 Includes a paragraph that refers to report on internal control.
 Somewhat more brief than the nonpublic company report.
2-26

2-27

 Leadership responsibilities for quality within the firm (“tone at the top”)
 Relevant ethical requirements
 Acceptance and continuance of clients and engagements
 Human Resources
 Engagement performance
 Monitoring
2-28

 Firm’s internal culture recognizes that quality is essential in performing engagements and recognizes the need to

 perform work that complies with professional standards and regulatory and legal requirements and issue reports that are appropriate in the circumstances.
 Example: Assign management responsibilities so that commercial considerations do not override the quality of work performed.
2-29

 Firm and its personnel comply with relevant ethical requirements.
 Example: At least annually, the firm should obtain written confirmation of compliance with its independence policies and procedures from all firm personnel who are required to be independent.
2-30

 Firm will undertake to continue relationships and engagements only where the firm:
1. Has considered client integrity.
2. Is competent to perform the engagement.
3. Can comply with legal and ethical requirements.
 Example: Background information is gathered on all prospective audit clients, including the attitude of principal owners, key management, and those charged with governance on matters such as aggressive accounting and internal control over financial reporting.
2-31

 Firm has personnel with the capabilities, competence, and commitment to ethical principles to:
1. Perform engagements in accordance with professional standards and regulatory and legal requirements.
2. Enable the firm to issue reports that are appropriate in the circumstances.
 Example: Design effective recruitment processes and procedures to help the firm select individuals meeting minimum academic requirements established by the firm, and maturity, integrity and leadership.
2-32

 Firm’s engagements are consistently performed in accordance with professional standards and regulatory and legal requirements, with policies and procedures addressing:
1.
2.
3.
Engagement performance.
Supervision responsibilities.
Review responsibilities.
 Example: Design policies and procedures that address the tracking of progress of each engagement.
2-33

 Firm’s policies and procedures established for each of the elements are suitably designed and effectively applied.
 Example: Working papers, reports, and client financial statements are reviewed to assess compliance with the firm’s quality control policies and procedures.
2-34

 Depend on size of firm, number of offices and nature of firm’s practices.
 Every CPA firm should have quality control procedures applicable to every aspect of its practice.
 Establish controls to provide assurance that the CPA firm meets its responsibilities to clients and public.
2-35

Regulation of the Public Accounting
Profession
 Public Companies

Public Company Accounting Oversight Board
• Registration of public accounting firms that audit public companies
• Conduct inspections of public company practice of registered public accounting firms
 Nonpublic Companies

AICPA & State Boards of Accountancy
• Peer review for nonpublic practice segments
2-36

 Composed of 5 members – only two may be CPAs
 Members appointed by SEC and may serve no more than two five-year terms
 All accounting firms that audit SEC registrants must register with PCAOB


Pledge to cooperate with PCAOB inquiries
PCAOB can impose monetary damages, suspend firms or make referrals to Justice Department
2-37

 Members of AICPA
 Conducted by CPAs or other CPA firms
 Two types of peer reviews

System review
• Study of CPA firms’ system of quality control
• Select sample of firms’ engagements and examine related working paper files

Engagement review
• Sample of CPA work including reports to evaluate appropriateness
• Less in scope than system review

Report: pass, pass with deficiencies, or fail
2-38

 Conducted by PCAOB staff
 Focus

Primarily evaluating performance of sample of individual audit and review engagements; a risk based approach to selection and inspection is used.

Selected quality control and management issues only. This differs from a peer review.
 Report

Written report to SEC, part of which is made public
2-39

 International Financial Reporting
Standards (IFRS)

Developed by International Accounting
Standards Board (IASB)

SEC accepts IFRS for foreign companies that issue securities in US markets
2-40





Contains expanded description of management’s responsibility and explanation of the audit process similar to the nonpublic company audit report
May state “present fairly, in all material respects” or
“give a true and fair view”
Report may indicate that the financial statements comply with the provisions of the country’s relevant statutes or laws
May be signed using the personal name of the auditor or the audit firm or both
2-41