Audit Evidence - CCH Testing Center

advertisement
1
MODULE 1 — CHAPTER 1
Audit Evidence
LEARNING OBJECTIVES
At the completion of this chapter, the reader should:
Understand the new definition of audit evidence, as well as the concepts
of sufficiency and appropriateness of audit evidence.
Understand the concept of relevant assertions.
Be able to use relevant assertions in planning an audit.
Be able to design audit procedures for obtaining audit evidence.
INTRODUCTIION
Statement on Auditing Standards No. 106, Audit Evidence, (SAS 106)
significantly expands and recategorizes the assertions for account balances,
transaction classes and disclosures that are used in audits, and requires a
closer correlation between those assertions and the audit procedures used in
gathering audit evidence. It provides new definitions of several terms including audit evidence and the sufficiency and appropriateness of that evidence. It
also creates significant new guidance for using relevant assertions to assess
risk and design audit procedures; assessing the reliability of various types of
audit evidence; risk assessment’s place in the body of audit evidence; and
uses and limitations of inquiry. Finally, it describes the risk assessment procedures of inquiry, analytical procedures, observation, and inspection. SAS
106 supersedes SAS 31, Evidential Matter.
UNCONDITIONAL AND PRESUMPTIVELY
MANDATORY REQUIREMENTS
SAS 106 contains numerous unconditional and presumptively mandatory
requirements. These requirements are summarized below for convenience,
in order to present them in the same order that they are discussed within
the original text of SAS 106, to highlight their importance, and to assist readers in focusing on their application in practice. For clarity and
purposes of analysis, this Course groups them into four unconditional
requirements and 24 presumptively mandatory requirements. Discussion
of each requirement appears throughout the text under various headings in topical format, rather than in the order that they appear in the
original pronouncement.
Top_Aud_08_book.indb 1
8/30/2007 3:14:42 PM
2
TOP AUDITING ISSUES FOR 2008 CPE COURSE
Unconditional Requirements
These requirements are identified in the Standards by the word “must,” and are
required to be performed in all circumstances where they are applicable.
1. The auditor must obtain sufficient appropriate audit evidence by performing audit procedures to afford a reasonable basis for the audit opinion.
2. The auditor must not be satisfied with evidence that is less than persuasive.
3. The auditor must perform risk assessment procedures to provide a satisfactory basis for the assessment of risks at the financial statement and
relevant assertion levels.
4. Risk assessment procedures must be supplemented by further audit
procedures in the form of substantive procedures and, when relevant or
necessary, tests of controls.
Presumptively Mandatory Requirements
These requirements are identified in the Standards by the words “should”
or “should consider.” Following is a recap of the “should” statements. They
are required to be performed in all applicable circumstances unless the auditor can justify in the audit documentation a reason for not doing so, and
demonstrate how other audit procedures have met their objectives. SAS 106
states that the auditor should:
1. Obtain audit evidence by testing the accounting records.
2. Obtain other audit evidence because accounting records alone do not provide sufficient appropriate audit evidence on which to base an opinion.
3. Consider the sufficiency and appropriateness of audit evidence to be
obtained when assessing risks and designing further audit procedures.
4. Consider the reliability the information to be used as audit evidence.
5. Obtain audit evidence about the accuracy and completeness of clientprepared information when using that information to perform further
audit procedures.
6. Consider the accuracy of price information and the completeness and
accuracy of sales volume data when standard prices are applied to records
of sales volume for purposes of auditing revenue.
7. Determine what additional audit procedures are necessary to resolve
inconsistencies in audit evidence obtained from different sources.
8. Use professional judgment in evaluating the quantity and quality of
audit evidence.
Top_Aud_08_book.indb 2
8/30/2007 3:14:42 PM
MODULE 1 — CHAPTER 1 — Audit Evidence
3
9. Exercise professional skepticism in evaluating the quantity and quality
of audit evidence.
10. Use relevant assertions for classes of transactions, account balances and
presentation and disclosure in sufficient detail to form a basis for assessing the risk of material misstatement and designing and performing
further audit procedures
11. Use relevant assertions in assessing risks by considering the types of
misstatements that might arise and designing further audit procedures
to respond to those risks.
12. Determine the relevance of each of the financial statement assertions for
each significant class of transactions, account balance, and presentation
and disclosure.
13. Determine the source of likely potential misstatements in each significant
class of transactions, account balance, and presentation and disclosure,
in order to identify relevant assertions.
14. Evaluate the nature of the assertion, volume of transactions or data, and
the nature and complexity of systems in determining whether particular
assertions are relevant to a significant account balance or disclosure.
15. Obtain evidence upon which to base an opinion by performing certain
specified audit procedures.
16. Test controls when the risk assessment includes an expectation of their
operating effectiveness.
17. Perform tests of controls to obtain audit evidence about their effectiveness
when substantive procedures alone do not provide sufficient appropriate
audit evidence.
18. Plan and perform substantive procedures to be responsive to related
planned levels of detection risk.
19. Design and perform substantive procedures for all relevant assertions
related to each significant class of transactions, account balance, and
disclosure, regardless of the risk of material misstatement.
20. Use one or more of the types of audit procedures, such as inspection
of documents, records or tangible assets, observation, inquiry, etc., as
described in this Statement.
21. Perform procedures to establish the continuing relevance of evidence
obtained in previous audits, where that evidence is to be used in the
current audit.
Top_Aud_08_book.indb 3
8/30/2007 3:14:42 PM
4
TOP AUDITING ISSUES FOR 2008 CPE COURSE
22. Obtain replies to inquiries in the form of written management representations.
23. Perform additional audit procedures to resolve significant inconsistencies
in the information obtained.
24. Perform audit procedures in addition to the use of inquiry to obtain
sufficient appropriate evidence.
STUDY QUESTIONS
1. Which of the following is an unconditional requirement of SAS 106?
a The auditor must perform additional audit procedures to resolve
significant inconsistencies in the information obtained.
b. The auditor must perform tests of internal controls.
c. The auditor must perform risk assessment procedures to provide
a satisfactory basis for the assessment of risks at the financial
statement and relevant assertion levels.
d. The auditor must perform substantive procedures for all relevant
assertions related to each class of transactions, account balance,
and disclosure, regardless of their significance.
2. All of the following are presumptively mandatory requirements of
SAS 106 except:
a. The auditor should perform additional audit procedures to resolve
significant inconsistencies in the information obtained.
b. The auditor should perform risk assessment procedures to provide
a satisfactory basis for the assessment of risks at the financial
statement and relevant assertion levels.
c. The auditor should consider the sufficiency and appropriateness
of audit evidence to be obtained when assessing risks and designing further audit procedures.
d. The auditor should determine the source of likely potential misstatements in each significant class of transactions, account balance, and
presentation and disclosure, in order to identify relevant assertions.
NEW DEFINITIONS
SAS 106 introduces or re-defines four key terms in auditing literature.
Audit Evidence
SAS 106 defines audit evidence as “all the information used by the auditor
in arriving at the conclusions on which the audit opinion is based and includes the information contained in the accounting records underlying the
Top_Aud_08_book.indb 4
8/30/2007 3:14:42 PM
MODULE 1 — CHAPTER 1 — Audit Evidence
5
financial statements and other information.” Previous Standards contained
no definition of this term.
Sufficient, Appropriate Audit Evidence
SAS 106 use two key terms to describe audit evidence: sufficient and appropriate. The term appropriate replaces competent in previous Standards.
Its meaning is essentially the same. The change was made to move U.S.
terminology into closer conformity with International Standards of Auditing.
Sufficient refers to the quantity of the evidence, while appropriate refers to
its quality. It is difficult to define sufficient audit evidence because the term
refers simply to the amount of evidence collected. Nevertheless, the auditor must exercise considerable judgment when determining whether audit
evidence is sufficient. SAS 106 offers the following guidance:
An auditor can never reduce audit risk to zero. Therefore, the accumulation of evidence should be persuasive rather than conclusive.
An auditor must work within economic limits but cost cannot be the
sole basis for the quantity or quality of audit procedures. The difficulty
or expense of a test is not a valid reason for omitting it.
An auditor should not form an opinion on the entity’s financial statements until he or she has obtained sufficient appropriate audit evidence
to remove any substantial doubt about a material assertion. Otherwise,
the auditor should express a qualified opinion or a disclaimer of opinion
on the financial statements.
SAS 106 states that audit evidence is appropriate when it is both reliable and
relevant but it does not define either term. It does, however, indicate that
evidence is more reliable when it is:
Obtained from an independent knowledgeable source outside the entity.
Created under more effective internal controls.
Obtained directly by the auditor rather than indirectly or by inference.
In documentary form.
In the form of original documents rather than photocopies or facsimiles.
Audit evidence should be capable of proving or disproving an assertion made
by the client in its financial records. Therefore, evidence must pertain to or
be relevant to the audit objective or the assertion the auditor is testing before
it can be persuasive. Relevance can be considered only in terms of specific
audit objectives or assertions and evidence may be relevant to one specific
audit objective or assertion but not to another.
Top_Aud_08_book.indb 5
8/30/2007 3:14:42 PM
6
TOP AUDITING ISSUES FOR 2008 CPE COURSE
EXAMPLE
Assume that an auditor is concerned with whether all shipments made to
customers are being billed by the client (completeness assertion). Selecting a
sample of duplicate sales invoices, using the sales invoices as the population
and tracing them to the related shipping documents, does not provide relevant
evidence for the completeness assertion. Selecting a sample of shipping
documents, using the shipping documents as the population and comparing
them to the related duplicate sales invoices to determine if the customers had
been billed, does. In this example, tracing from the duplicate sales invoices to
the related shipping documents provides relevant evidence for the existence
or occurrence assertion, but not the completeness assertion.
Relevant Assertions
SAS 106 defines relevant assertions as those which have a meaningful bearing on
whether an account is fairly stated. This is a new term in the auditing lexicon,
and is used frequently throughout SAS 106. This term draws attention to the
need, as discussed in the example immediately above, for audit procedures to
be relevant to a particular assertion in order to be appropriate.
Risk Assessment Procedures
Risk assessment procedures are defined as procedures performed on all audits to:
Obtain an understanding of:
The entity
Its environment
Its internal controls
Assess the risk of material misstatement at:
The financial statement level
The relevant assertion level
Risk assessment procedures, according to SAS 106, are necessary to provide
a basis for assessing the risk of material misstatement. Their results, combined with the results of further audit procedures, provide audit evidence
that ultimately supports the auditor’s opinion on the financial statements
taken as a whole.
STUDY QUESTIONS
3. Audit evidence does not include the information contained in the accounting records underlying the financial statements. True or False?
Top_Aud_08_book.indb 6
8/30/2007 3:14:42 PM
MODULE 1 — CHAPTER 1 — Audit Evidence
7
4. All of the following statements apply to audit evidence except:
a. The results of risk assessment procedures, combined with the
results of further audit procedures, provide audit evidence that
ultimately supports the auditor’s opinion.
b. Audit evidence should be capable of proving or disproving an assertion made by the client in its financial records.
c. In order to express an unqualified opinion on financial statements,
the accumulation of evidence must be conclusive.
d. Sufficiency refers to the quantity of the evidence, while appropriateness refers to its quality.
5. Which of the following statements best applies to the reliability of audit
evidence as discussed in SAS 106?
a. Audit evidence in the form of an oral representation is equally reliable as documentary evidence.
b. The reliability of audit evidence is independent of the effectiveness
the internal controls.
c. Audit evidence obtained indirectly or by inference generally is
equally reliable as evidence obtained directly by the auditor.
d. Audit evidence is more reliable if it is obtained from an independent knowledgeable source outside the entity.
6. Which of the following auditing procedures is likely to be most effective
in providing relevant audit evidence to prove or disprove the client’s completeness assertion that all shipments to customers have been billed?
a. Selecting a sample of shipping documents, using the shipping
documents as the population and comparing them to the related
duplicate sales invoices to determine if the customers had been
billed.
b. Selecting a sample of duplicate sales invoices, using the sales
invoices as the population and confirming them with the customer.
c. Selecting a sample of duplicate sales invoices, using the sales invoices as the population and tracing them to the related shipping
documents.
d. Comparing the number of shipping documents over a period of
time with the number of invoices for the same period.
RELEVANT ASSERTIONS
Assertions are implied or expressed representations by management about the
recognition, measurement, presentation, and disclosure of information in
the financial statements and related disclosures. One of the first steps in the
audit process is to identify management’s assertions regarding each material
component of the financial statements. Auditors must test these assertions
by gathering evidence to support or refute them. Professional literature
Top_Aud_08_book.indb 7
8/30/2007 3:14:42 PM
8
TOP AUDITING ISSUES FOR 2008 CPE COURSE
previously identified five assertions: completeness, occurrence, rights and
obligations, valuation/allocation, and presentation and disclosure. SAS 106
identifies 13 assertions which it sorts into three broad categories. Some of
these assertions, such as accuracy and cutoff, are really different ways of
viewing previously existing assertions. The new category for presentation
and disclosure reflects increased emphasis on the importance of this area to
the users of financial statements, and highlights the necessity for auditors
to seriously address the content of the financial statements.
Auditors are now required to determine the relevance of each of the assertions and the source of likely potential misstatements for each significant
class of transactions, account balance, and presentation and disclosure, and
to use the assertions in assessing risks by considering the types of misstatements that might arise and designing further audit procedures to respond to
those risks. The term linkage appears often in current professional literature.
This term refers to the connection between assessed risks and the nature
and extent of audit procedures. The increased emphasis on the concept of
“linkage” is a new philosophical direction in auditing that will significantly
re-direct audit practice in the future.
OBSERVATION
The Public Company Accounting Oversight Board (PCAOB) conducts inspections of all firms that audit SEC issuers. These inspections have cited
recurring failures to correlate the nature and extent of audit procedures to the
degree of assessed risk. This often resulted, it says, in overauditing of areas
of lower risk, and underauditing of some high risk areas. Such an approach is
inefficient at best. At worst, it may cause the audit to be ineffective. Anecdotal
observations of the AICPA’s practice monitoring programs suggest that this
problem is not confined to audits of SEC issuers. SAS 106 compels auditors
to think more critically about the relationship between audit risk and audit
procedures. Doing so should lead the profession to audit more efficiently
by applying greater effort and more intensive procedures to areas of greater
risk, while spending fewer audit resources in low risk areas.
Classes of Transactions and Events
Assertions about classes of transactions and events for the period under audit
address whether recorded transactions and events:
Have in fact occurred and relate to the entity (occurrence).
Include all transactions and events that should have been recorded
(completeness).
Have been properly recorded based on appropriate amounts and other
data (accuracy).
Have been recorded in the correct accounting period (cutoff).
Have been recorded in the proper accounts (classification).
Top_Aud_08_book.indb 8
8/30/2007 3:14:43 PM
MODULE 1 — CHAPTER 1 — Audit Evidence
9
Previous auditing Standards did not have explicit assertions for accuracy or cutoff,
although these matters have always been addressed in financial statement audits.
Accuracy was addressed through a combination of considerations related to all five
of the previously existing assertions. Cutoff was addressed through considerations
of completeness and occurrence. The new cutoff assertion is a logical outgrowth
of the increased emphasis in SAS 99 on fraudulent revenue recognition, and
reflects the need for auditors to give explicit consideration to the risk of cutoff
errors or manipulations giving rise to improper revenue recognition.
Account Balances
Assertions about account balances at the period end address whether:
Assets, liabilities, and equity interests exist (existence).
The entity holds or controls the rights to assets and liabilities are the
obligations of the entity (rights and obligations).
All assets, liabilities, and equity interests that should have been recorded
have been recorded (completeness).
Assets, liabilities, and equity interests are included in the financial statements at appropriate amounts and any resulting valuation or allocation
adjustments are appropriately recorded (valuation and allocation).
This category of assertions has not changed, and thus will not likely cause
significant changes to existing audit practices.
Presentation and Disclosure
Assertions about presentation and disclosure address whether:
Disclosed events and transactions have occurred and relate to the entity
(occurrence and rights and obligations).
All disclosures that should have been included in the financial statements
have been included (completeness).
Financial information is appropriately presented and described and disclosures are clearly expressed (classification and understandability).
Financial and other information is disclosed fairly and at appropriate
amounts (accuracy and valuation).
Consistent with the philosophical direction of the new risk assessment
model, which increases emphasis on the accuracy and clarity of disclosures,
it is significant that SAS 106 has carved out a separate category for financial
statement presentation and disclosure. This has several important practical
implications for the ways in which auditors view their responsibilities relating to financial statement disclosures.
Disclosure checklists will continue to be important tools in assuring the
completeness of disclosures.
Auditors will increasingly need to look past their disclosure checklists to
the quality and substance of the disclosures. Checklists, when properly
Top_Aud_08_book.indb 9
8/30/2007 3:14:43 PM
10
TOP AUDITING ISSUES FOR 2008 CPE COURSE
designed and used, are an effective tool for determining the presence or
absence of a particular disclosure. However, this determination may, when
not thoughtfully made, be a binary decision in which the mere presence
of a footnote captioned, say, “Inventory” may lead to a facile conclusion
that all of the necessary disclosures about inventory are present and are
clearly expressed. Auditors will need to carefully read and evaluate each
disclosure to determine if it is truly adequate. This will be especially critical in areas that require management to make quantitative or qualitative
judgments affecting the content of particular disclosures.
Disclosure omissions or inadequacies often arise when a client experiences
a significant unusual event or transaction, or has significant changes in
its business, such as entering or discontinuing a line of business. Any
such events should cause auditors be increasingly alert to the need for,
and content of, new disclosures.
Data in the footnotes will need to be closely correlated to the audit documentation. This includes non-financial data. This does not mean that every
number in every footnote needs to be cross-referenced to a specific workpaper within the audit documentation, although some firms have adopted
this practice as a matter of their own quality control policies. What it does
mean is that if a footnote asserts, for example, that a significant operating
lease has a five year term, the audit documentation should contain a copy
or an abstract of the lease agreement that supports this assertion.
OBSERVATION
Not every assertion applies to every material component of the financial
statements. There are, however, many areas where most of the assertions
are relevant. There will be a significant increase in the number of assertions that need to be addressed on each audit. Auditors should be mindful
of the increased time this will create for each audit. This has implications
for the scheduling of the firm’s personnel, and should also be discussed
with clients when scheduling audit engagements. The “Risk Assessment
Standards” as a group will likely also create new demands on the time
and resources of clients’ accounting staffs. Auditors should also consider
discussing fee increases with clients during the transition period, in order
to give them a chance to budget for the increase and to avoid the distress
of “sticker shock” in the year of implementation. Some firms have estimated that the new Standards, as a whole, might add 20%-25% to audit
time. “Learning curve” costs are certain to be a part of this in the initial
years of implementation. Firms should begin now to consider how to treat
“learning curve” costs for billing purposes; to consider all or part of them
as “educational” costs that the firm will absorb, to bill them all out to the
client during the year of implementation, or to spread them over current
and future years’ billings.
Top_Aud_08_book.indb 10
8/30/2007 3:14:43 PM
MODULE 1 — CHAPTER 1 — Audit Evidence
11
EXAMPLE
If an entity’s financial statements show cash of $50,000, this means that
management asserts that cash of $50,000 exists, is owned by the entity,
and includes funds at all locations, funds with custodians, and deposits
in transit as of the balance-sheet date. Furthermore, unless otherwise
disclosed in the financial statements or notes thereto, management also
asserts that the cash was unrestricted and available for the entity’s general
operating purposes.
It is important to note that SAS 106 allows auditors some discretion in how
they express these assertions in their work. They may use them as described
above, or they may characterize them differently, as long as all of the aspects
have been covered. As a practical matter, auditors who choose to express
the relevant assertions differently are well-advised to document in explicit
fashion how those assertions cover all aspects of those outlined in SAS 106.
This can be efficiently done, to some extent, through the use of uniformly
structured practice aids that specify the connection between the assertions as
used and those presented in the SAS. However, because of the wide variety
of situations that may be encountered in real-world auditing, the need to
supplement standardized practice aids with narrative comments should be
considered on an engagement-by engagement basis.
EXAMPLE
The cutoff assertion under “classes of transactions and events” is one of
the new assertions created by SAS 106. The concept of assuring proper
cutoffs has long been addressed by auditors, and is not in itself a new
idea. Under previous Standards, a receiving cutoff issue would have
been addressed through a combination of the completeness and occurrence assertions. If goods were received in a period but not recorded,
the client had a problem with the completeness assertion. If, on the other
hand, receipt of goods was recorded in a period but the actual receipt
did not occur in that period, there was a problem with the occurrence
assertion. This continues to be a valid conceptual approach in this case.
SAS 106 explicitly states that there may not be a separate cutoff assertion for transactions and events when the completeness and occurrence
assertions include appropriate consideration of recording transactions
in the proper accounting period. In this case, it is probably wise for the
audit documentation to state that the cutoff assertion for receiving is
adequately addressed by the combined consideration of completeness
and occurrence.
Top_Aud_08_book.indb 11
8/30/2007 3:14:43 PM
12
TOP AUDITING ISSUES FOR 2008 CPE COURSE
STUDY QUESTIONS
7. SAS 106 identifies 13 assertions which it groups into which of the following broad categories?
a. Classes of transactions and events, account balances,
presentation and disclosure.
b. Completeness, occurrence, rights and obligations, valuation/
allocation, and presentation and disclosure.
c. Completeness, classification and understandability, accuracy and
valuation.
d. Occurrence, completeness, accuracy, cutoff, and classification.
8. Which of the following statements best applies to the new cutoff assertion discussed by SAS 106?
a. This assertion may be adequately addressed through consideration of the completeness assertion alone.
b. This assertion may be adequately addressed through consideration of the occurrence assertion alone.
c. This assertion reflects the need for auditors to give explicit
consideration to the risk of cutoff errors or manipulations giving
rise improper revenue recognition.
d. This assertion must be expressly characterized as such in the
audit documentation.
9. In addressing the assertions about presentation and disclosure, auditors
will need to consider all of the following except:
a. The clarity and understandability of the disclosures.
b. Management’s quantitative or qualitative judgments affecting the
content of particular disclosures.
c. The need to gather evidence supporting significant non-financial
information contained in the disclosures.
d. The requirement to cross-reference all numbers within the
disclosures to the audit documentation.
USING ASSERTIONS IN OBTAINING AUDIT EVIDENCE
SAS 106 requires auditors to determine the relevance of each of the
financial statement assertions for each significant class of transactions,
account balance, and for presentation and disclosure. Auditors should
use the relevant assertions to assess the risks of material misstatements
in the financial statements and to design audit procedures to respond to
the assessed risks. To determine whether a particular assertion is relevant,
they should evaluate:
The nature of the assertion.
The volume of transactions or data related to the assertion.
Top_Aud_08_book.indb 12
8/30/2007 3:14:43 PM
MODULE 1 — CHAPTER 1 — Audit Evidence
13
The nature and complexity of the systems the entity uses to process and
control information supporting the assertion.
Developing Audit Tests and Procedures
To determine what type of evidence to collect, auditors develop specific
objectives related to each relevant assertion. Auditors should evaluate each
relevant assertion as it relates to the particular account balance, class of
transactions, or presentation and disclosure when determining audit objectives. Having identified specific audit objectives, they should then develop
methods to achieve them.
Deciding upon the nature, timing, and extent of procedures to achieve
the audit objectives involves the following types of procedures:
Risk assessment procedures. These are performed to obtain an understanding of the entity and its environment, including its internal control,
to assess the risks of material misstatement at the financial statement and
relevant assertion levels. Risk assessment procedures must be performed
in all audits.
Tests of controls (when relevant or necessary). These are performed
to test the operating effectiveness of controls in preventing or detecting
material misstatements at the relevant assertion level. Auditors should
perform tests of controls when the risk assessment includes an expectation
of the operating effectiveness of controls, or when substantive procedures
alone do not provide sufficient appropriate audit evidence.
EXAMPLE
Substantive procedures alone often do not provide sufficient appropriate
evidence for businesses that conduct a large volume of transactions in
electronic form, for which a paper trail is not generated. These transactions
are typically of a similar, repetitive nature and can be effectively controlled
by a single system of internal control. When this is the case, testing the
operating effectiveness of the controls over the transactions is often both
effective and necessary to provide sufficient appropriate evidence.
Substantive procedures. These are performed to detect material misstatements at the relevant assertion level and include tests of details of
classes of transactions, account balances, and disclosures, and substantive
analytical procedures. Regardless of the assessed risk of material misstatement, substantive procedures should be performed in all audits for all
relevant assertions related to each material class of transactions, account
balance, and disclosure.
Top_Aud_08_book.indb 13
8/30/2007 3:14:43 PM
14
TOP AUDITING ISSUES FOR 2008 CPE COURSE
STUDY QUESTIONS
10. To determine whether a particular assertion is relevant for purposes of
assessing the risks of material misstatements in financial statements
and designing responsive audit procedures, auditors should evaluate
all of the following except:
a. The nature and complexity of the systems the entity uses to process and control information supporting the assertion.
b. The nature of the assertion.
c. The materiality of the assertion.
d. The volume of transactions or data related to the assertion.
11. Tests of the operating effectiveness of internal controls would most likely
be necessary in which of the following circumstances?
a. For a single, large real estate transaction occurring outside of the
normal course of the entity’s business.
b. For occupancy costs such as rent, utilities and property taxes in a
stable business entity.
c. For developing an understanding of the entity and its environment,
including its internal control.
d. For large volumes of repetitive electronic transactions.
12. Which of the following statements best describes the requirements of
SAS 106 related to substantive procedures?
a. Substantive procedures should be performed in all audits for all
relevant assertions related to each class of transactions, account
balance, and disclosure regardless of materiality.
b. Substantive procedures should be performed in all audits for all
relevant assertions related to each material class of transactions,
account balance, and disclosure regardless of the assessed risk of
material misstatement.
c. Substantive procedures performed on each material class of
transactions, account balance, and disclosure must include tests
of details and substantive analytical procedures.
d. Substantive procedures are performed to detect material misstatements down to the transaction class, account balance and
disclosure level.
Types of Audit Procedures
The auditor should use one or more types of the audit procedures described
below when performing risk assessment procedures, tests of controls, or
substantive procedures:
Inspection of records and documents. This is usually applied to
documents such as lease agreements, debt agreements, contracts, and
minutes of meetings of the board of directors. Inspection addresses all
Top_Aud_08_book.indb 14
8/30/2007 3:14:43 PM
MODULE 1 — CHAPTER 1 — Audit Evidence
15
of the financial statement assertions because of the variety of documents
the auditor may inspect.
Inspection of tangible assets. This is most often associated with cash,
securities, inventory, and property and equipment. The primary audit
assertion tested by physical inspection is existence; however, it can also
provide evidence about the valuation or allocation and rights and obligations assertions.
Observation. Observation focuses on client activities to understand
who performs them or how or when they are performed. It satisfies all
financial statement assertions but it is rarely sufficient by itself. Other
kinds of corroborative evidence are usually necessary.
Inquiry. Inquiries are useful in testing all of the financial statement
assertions. Although considerable evidence is obtained from client
inquiries, they usually cannot be regarded as sufficient to detect
material misstatements at the relevant assertion level. Normally
it is necessary for the auditor to obtain further corroborating evidence through other procedures. In some cases, the auditor should
obtain replies to inquiries in the form of written representations
from management.
Confirmation. Confirmation procedures include primarily written,
and sometimes oral, responses from third parties regarding particular
items affecting the financial statements. The primary assertions tested
by confirmation are existence and rights and obligations, although confirmation can also provide evidence about the other financial statement
assertions. To be considered reliable, confirmations must be controlled
by the auditor from the time of their preparation until they are returned
to the auditor.
Recalculation. Recalculation involves testing the mechanical accuracy
and rechecking of computations and transfers of information made by
the client.
Reperformance. Reperformance is the auditor’s independent execution
of procedures or controls that were originally performed as part of the
entity’s internal control.
Analytical procedures. Analytical procedures use comparisons and
relationships to determine whether account balances appear reasonable.
Analytical procedures satisfy all assertions and are so important that they
are required on all audits, in the planning and final evaluation stages. For
certain audit objectives or small account balances, analytical tests alone
may be sufficient evidence. In most cases, however, additional evidence
beyond analytical procedures is necessary to satisfy the requirement for
sufficient appropriate evidence.
Top_Aud_08_book.indb 15
8/30/2007 3:14:43 PM
16
TOP AUDITING ISSUES FOR 2008 CPE COURSE
Additional Considerations for Audit Evidence and Procedures
SAS 106 contains several additional requirements and considerations
concerning audit evidence and audit procedures. Most have to do with sufficiency and appropriateness of evidence. Some of these requirements seem
so obvious as to beg the question of why they need to have been stated. The
fact that the Auditing Standards Board chose to codify them in so explicit
a fashion presumably signals a perception that they are important and are
under-observed in practice.
SAS 106 states a presumptively mandatory requirement to obtain
evidence by testing the accounting records. This seems an obvious course
of action for any audit. It goes on, however, to make the point that
accounting records do not, by themselves, provide sufficient appropriate evidence on which to base an opinion. This is because accounting
records are internally prepared, and thus provide no external corroboration. For this reason, SAS 106 also imposes a presumptively mandatory
requirement to obtain other audit evidence, from sources outside the
accounting records.
Another set of requirements that seem obvious are the requirements to use
professional judgment and professional skepticism in evaluating the quantity
and quality of audit evidence. These requirements speak to the need to critically evaluate audit evidence for both sufficiency and appropriateness.
A set of requirements deals with client-prepared information. These
requirements essentially codify and expand the existing practice of “footing
the PBCs”. They state that auditors should obtain audit evidence about the
accuracy and completeness of client-prepared information when using that
information to perform further audit procedures, and, especially where electronic documentation is involved, should consider its reliability, including
the controls over its preparation and maintenance. There is also a specific
requirement, which is presented in the form of an example, that auditors
should consider the accuracy of price information and the completeness and
accuracy of sales volume data when applying standard prices to records of
sales volume to audit revenue.
Yet another set of requirements deals with audit responses to inconsistencies in audit evidence. Auditors should determine what additional audit
procedures are necessary to resolve inconsistencies in audit evidence obtained
from different sources. Especially when inconsistencies involve evidence
obtained through inquiry, additional audit procedures should be performed
to resolve the inconsistencies.
Finally, a newly-explicit requirement deals with the long-established
practice of “rolling forward” audit evidence from one period to the next.
Auditors are now required to perform procedures to establish the continuing
relevance of such evidence when it is used in the current audit.
Top_Aud_08_book.indb 16
8/30/2007 3:14:43 PM
MODULE 1 — CHAPTER 1 — Audit Evidence
17
ILLUSTRATION 1-1
Relationship Of Audit Procedures To Relevant Assertions,
Account Balances, Transaction Classes, Disclosures,
and The Financial Statements As A Whole
This illustration demonstrates four levels of consideration in a financial
statement audit, and how the individual procedures provide evidence to
support each of the relevant assertions for a particular balance, in this case
for property and equipment. The accumulation and proper evaluation of
sufficient appropriate audit evidence for the relevant assertions attaching to
each material balance, transaction class and disclosure provide the building
blocks for assurance at the financial statement level.
For the sake of brevity, the illustration is truncated after property and
equipment, and is expanded down to the relevant assertion and audit
procedures level only for property and equipment. In an actual engagement, all balance sheet captions (i.e., account balances) and income
statement captions (transaction classes) along with significant disclosures,
would be listed in the second column, and expanded in the third and
fourth columns.
Financial
Statement
Level
Balance/Transaction
Class/Disclosure Level
Relevant
Assertion Level
Audit Procedures
Cash
Accounts Receivable
Inventory
Property & Equipment
Existence
Inspection of assets
Completeness
Inspection of assets
Completeness
Analytical procedures
Completeness
Valuation
Inspection of records and
documents
Inspection of documents of
title, debt instruments
Inspection of purchase
invoices
Recalculation of depreciation
Valuation
Analytical procedures
Rights/
obligations
Valuation
One way to think of this illustration is to visualize the planning process as
going from left to right on the matrix, and the actual gathering and evaluation of audit evidence as going from right back to left. The planning starts
at the financial statement level, identifies the significant account balances,
transactions classes, and presentation and disclosure aspects of the statements.
It then considers the assertions relevant to each of those, and the attendant
risks, and designs and performs audit procedures to address those risks and to
Top_Aud_08_book.indb 17
8/30/2007 3:14:43 PM
18
TOP AUDITING ISSUES FOR 2008 CPE COURSE
support—or disprove—the assertions. Performing further audit procedures
starts to build back up from right to left. Each procedure provides support
for one or more assertion, which in turn leads to the ability to conclude
whether the balance, transaction class or disclosure has sufficient support,
and whether the financial statements as a whole are fairly presented.
ILLUSTRATION 1-2
Risk Assessment Matrix
This illustration demonstrates the application of the concepts discussed above
in a practical situation. Like Illustration 1-1, it is truncated to show detail
only for property and equipment. Separate worksheets for the transactions
classes and presentation and disclosure would list across the top their own
relevant assertions, e.g., for transaction classes; occurrence, completeness,
accuracy, cutoff and classification, rather than the assertions for account
balances shown in this worksheet.
Some auditors have suggested that it will be efficient to combine risk
assessment with preliminary analytical review in the planning process.
This worksheet demonstrates one possible format for documenting these
processes.
Column 1 lists the account balance, transaction class or disclosure
Column 2 shows the auditor’s determination of whether the line item is
significant or not by indicating a “Y” for yes, or “N” for no.
Columns 3-5 give the current and prior years’ balances and the change,
for preliminary analytical review purposes.
Columns 6-10 list the relevant assertions for inherent risk. High risk is
designated by “H”, moderate by “M” and low by “L.”
Columns 11-15 list the relevant assertions for control risk, similarly to
columns 6-10
Column 16 shows the risk of material misstatement.
Column 17 shows whether tests of controls are contemplated or not.
Column 18 provides space for narrative comment for the preliminary
analytical review
Column 19 lists audit responses for each of the relevant assertions.
XYZ Company is a small manufacturer that has experienced an increase in
sales due to acquisition of new and more productive machinery.
Top_Aud_08_book.indb 18
8/30/2007 3:14:44 PM
Top_Aud_08_book.indb 19
25,000 L
250,000 225,000
10,000 11,000
500,000 475,000
Inventory y
Prepaids n
Prpty/
Equip
y
Prpty/
Equip
Prpty/
Equip
Prpty/
Equip
Prpty/
Equip
Prpty/
Equip
Prpty/
Equip
Prpty/
Equip
Prpty/
Equip
Prpty/
Equip
25,000 M
(1,000)
150,000 120,000
y
90,000
A/R
100,000
y
Cash
6
7
8
9
10
11
12
13
14
15
16
17
18
19
30,000 M
10,000 L
M
H
M
L
M
H
M
L
L
H
H
L
L
M
L
L
L
M
M
L
M
M
M
L
M
H
M
L
L
H
H
L
L
M
L
L
M
H
M
L
no
yes
no
yes
Planned
additions
Increase
consistent
w/sales
Increase
consistent
w/sales
Disclosure checklist
Inspection of assets
& docs, analytical
Insp of purchase
invoices, recalc
depr, analytical
Inspection of assets
Inspection
of documents
Disclosure checklist
Inspection
of assets
Inspection
of documents
Inspection of assets
& docs, analytical
Insp of purchase
invoices, recalc
depr, analytical
Further audit prcdrs
not listed to reduce
size of illus.
Further audit prcdrs
not listed to reduce
size of illus.
See I/C section
of planning docs.
Further audit prcdrs
not listed to reduce
size of illus.
Inherent Risk
Control Risk
Val/
Risk of Material Cntrl Analyt Review Further Audit
Rights/
Val/
Rights/
Tests? Comments
Procedures
Change Exist Oblig
Complete Alloc Discl Exist Oblig
Complete Alloc Discl Misstatemt
5
Signif? Current Prior
4
Acct
Balance
3
2
1
XYZ Company Combined Preliminary Analytical Review and Risk Assessment FYE 12/31/07
MODULE 1 — CHAPTER 1 — Audit Evidence
19
8/30/2007 3:14:44 PM
20
TOP AUDITING ISSUES FOR 2008 CPE COURSE
Not all of the audit procedures listed in this illustration would necessarily
have to be applied. For example, column 19 shows “inspection of assets” as a
procedure that could be used to support the existence assertion for property
and equipment. Inherent and control risk for existence, however, are both
assessed at low risk. Under these circumstances, an auditor might decide
that an inspection of documents, specifically purchase invoices, which is
contemplated to obtain support for the valuation assertion anyway, would
also be sufficient to support existence.
STUDY QUESTIONS
13. Which of the following audit procedures would be likely to provide the
most persuasive evidence in support of the existence assertion related
to inventory?
a.
b.
c.
d.
Inquiry.
Inspection of tangible assets.
Analytical procedures.
Recalculation.
14. Substantive analytical procedures are required on all audits. True or
False?
15. The primary assertions tested by confirmation are:
a.
b.
c.
d.
Top_Aud_08_book.indb 20
Existence and rights and obligations.
Valuation.
Classification and understandability.
Accuracy.
8/30/2007 3:14:44 PM
21
MODULE 1 — CHAPTER 2
Audit Risk and Materiality in
Conducting an Audit
LEARNING OBJECTIVES
At the completion of this chapter the reader should:
Understand the concepts of audit risk and materiality.
Be able to determine materiality and apply it in conducting an audit.
Be able to evaluate audit findings in light of assessed risks and
materiality.
Be able to communicate audit findings to appropriate levels of
management.
INTRODUCTION
Statement on Auditing Standards No. 107, Audit Risk and Materiality in
Conducting an Audit (SAS 107) supersedes SAS 47 (AU Section 312), of
the same title. Among the most sweeping changes that it makes to current
auditing practice are:
The introduction of the concept of considering risk of misstatement not
only at the level of the financial statements taken as a whole, and at the
level of individual account balance or class of transactions, but also at
the disclosure level
The requirement for the auditor to have an appropriate basis for all
risk assessments and elimination of the concept of assessing risk “at the
maximum” without support
This Statement is effective for audits of financial statements with periods
beginning on or after December 15, 2006. Thus, for full-year audits, December 31, 2007 year ends will be the first round of audits in which application
is required. Earlier implementation is permitted.
UNCONDITIONAL AND PRESUMPTIVELY
MANDATORY REQUIREMENTS
SAS 107’s seventy-one paragraphs are densely packed with requirements.
These requirements are summarized below, for convenience, to segregate
them out into one place in the same order that they are presented within the
original text of SAS 107, to highlight their importance, and to assist readers in focusing on their application in practice. For clarity and purposes of
Top_Aud_08_book.indb 21
8/30/2007 3:14:44 PM
22
TOP AUDITING ISSUES FOR 2008 CPE COURSE
analysis, this Course groups them into eight unconditional requirements and
50 presumptively mandatory requirements. Some of these are groupings of
related requirements. Discussion of each appears throughout the text under
various headings in topical format, rather than in the order that they appear
in the original pronouncement.
Unconditional Requirements
These requirements are identified in the Standards by the word “must,” and
are required to be performed in all circumstances where they are applicable.
SAS 107 states that the auditor must:
1. Consider audit risk and materiality.
2. Determine a materiality level for the financial statements taken as a
whole for four specific purposes listed in the Standard.
3. Perform the audit to obtain reasonable assurance of detecting misstatements that could be large enough either individually or in the
aggregate, in the auditor’s judgment, to be quantitatively material to
the financial statements.
4. Accumulate all known and likely misstatements identified in the audit,
other than trivial amounts, and communicate them to the appropriate
level of management.
5. Consider the effects, both individually and in the aggregate, of known
and likely misstatements that are not corrected in evaluating whether
the financial statements are fairly presented.
6. Evaluate whether the financial statements taken as a whole are free of
material misstatement.
7. Determine the implications for the auditor’s report if management
refuses to make necessary corrections.
8. Determine the implications for the auditor’s report if he or she concludes that, or is unable to conclude whether, the financial statements
are materially misstated.
Presumptively Mandatory Requirements
These requirements are identified in the Standards by the words “should”
or “should consider.” They are required to be performed in all applicable
circumstances unless the auditor can justify in the audit documentation a
reason for not doing so, and demonstrate how other audit procedures have
met their objectives. They state that the auditor should:
Top_Aud_08_book.indb 22
8/30/2007 3:14:44 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
23
1. Consider the implications for the integrity of management or employees
and the possible effects on other aspects of the audit, when he or she
encounters evidence of potential fraud, even if immaterial.
2. Consider audit risk in relation to the relevant assertions at both the financial
statement and account balance, transaction class and disclosure levels.
3. Perform risk assessment procedures at both the financial statement and
relevant assertion levels.
4. Perform the audit to reduce audit risk to an appropriately low level for
expressing an opinion.
5. Consider the risks of material misstatement that relate pervasively to
the financial statements as a whole and that potentially affect many
relevant assertions, when considering audit risk at the overall financial
statement level.
6. Consider the knowledge, skill and abilities of personnel assigned significant engagement responsibilities, the need for specialists, and the
appropriate level of supervision for assistants when developing responses
to the risk of material misstatement at the financial statement level.
7. Consider the extent to which it is necessary to perform procedures at
selected locations or components of an entity with multiple locations
or components, based on several factors including judgments about risk
and materiality.
8. Design audit procedures to obtain reasonable assurance of detecting
material misstatements.
9. Consider audit risk at the individual account balance, transaction class
and disclosure level.
10. Seek to reduce audit risk at the individual account balance, transaction class and disclosure level so as to enable the auditor to express an
opinion on the financial statements as a whole at an appropriately low
level of audit risk.
11. Assess the risk of material misstatement at the relevant assertion level as
a basis for further audit procedures.
12. Have an appropriate basis for that assessment.
13. Perform substantive tests for all relevant assertions related to material
account balances, transaction classes and disclosures.
14. Determine a materiality level for the financial statements taken as a
whole when establishing an overall strategy for the audit.
Top_Aud_08_book.indb 23
8/30/2007 3:14:44 PM
24
TOP AUDITING ISSUES FOR 2008 CPE COURSE
15. Consider the following factors when determining materiality:
a. Prior periods’ financial statements.
b. Current period’s budgets or forecasts.
c. Significant changes in the client’s circumstances.
d. Relevant changes of conditions in the client’s industry or the general
economy.
16. Consider materiality the same way regardless of the client’s inherent
business characteristics.
17. Consider whether misstatements of particular items that are less than
materiality level for the statements as a whole could reasonably be expected to influence users’ decisions, in light of several specific factors.
18. Allow for the possibility that misstatements lower than the materiality
levels could result in a material misstatement when aggregated.
19. Determine one or more levels of tolerable misstatement lower than the
materiality level.
20. Be alert for misstatements that could be qualitatively material, even though
it is not usually practical to design audit procedures to detect them.
21. Reconsider tolerable levels of misstatement and the appropriateness
of the nature, timing and extent of further audit procedures when a
materiality level lower than initially determined is appropriate.
22. Consider whether, in the face of identified misstatements, the overall
audit strategy and audit plan need to be revised.
23. Not assume that a misstatement is an isolated occurrence.
24. Consider whether the risk of undetected misstatements is unacceptably
high, if the aggregate known and likely misstatements approach the
materiality level.
25. Reconsider the nature and extent of further audit procedures if the aggregate known and likely misstatements approach the materiality level.
26. Communicate all known and likely misstatements to the appropriate
level of management on a timely basis. (Communication is an unconditional requirement. Timeliness of the communication is presumptively
mandatory.)
27. Distinguish between known and likely misstatements in communicating
the details of misstatements.
28. Request management to correct all known misstatements, including the
effects of prior misstatements.
Top_Aud_08_book.indb 24
8/30/2007 3:14:44 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
25
29. Request management to examine an account balance, transaction class
or disclosure to identify and correct misstatements therein when a likely
material misstatement is identified in a sample.
30. Request management to review the assumptions and methods used in
developing accounting estimates, when likely misstatements are identified involving differences in estimates.
31. Reevaluate the amount of likely misstatement after management has
examined an account balance, transaction class or disclosure, or reviewed
the assumptions and methods used in developing accounting estimates,
and corrected misstatements therein. This includes performing further
audit procedures if necessary.
32. Obtain an understanding of management’s reasoning for not correcting
some or all of the known or likely misstatements identified by the audit,
and take that into account when considering qualitative aspects of the
client’s accounting practices, and implications for the audit report.
33. Consider the size and nature of uncorrected misstatements and the
particular circumstances of their occurrence and determine their effects
on the financial statements as a whole.
34. Consider and aggregate both likely and known misstatements.
35. Aggregate misstatements in a way that facilitates assessment of their
effects on individual amounts, subtotals or totals within the financial
statements in relation to the financial statements as a whole.
36. Consider and evaluate each uncorrected misstatement separately, before
considering the aggregate effects of all uncorrected misstatements.
37. Consider the effects of prior period misstatements on current period
financial statements.
38. Consider the aggregate effects of uncorrected misstatements in determining whether the financial statements are free of material misstatement.
39. Request that management investigate and if necessary expand audit
procedures when substantive analytical procedures indicate that a misstatement might exist, but not its approximate amount.
40. Project the amount of known misstatement identified in sampling to
the balance or class from which the sample was taken.
41. Treat the difference between estimated amounts in the financial statements and the closest reasonable estimate that is supported by audit
evidence as a likely misstatement.
Top_Aud_08_book.indb 25
8/30/2007 3:14:44 PM
26
TOP AUDITING ISSUES FOR 2008 CPE COURSE
42. Consider whether the difference between estimates that are best supported by audit evidence and individually reasonable estimates in the
financial statements indicate a possible management bias.
43. Consider whether apparent use of estimates to “smooth over” earnings
or otherwise manipulate financial statements should be communicated
to those charged with governance.
44. Consider the implication of misstatements that may be the result
of fraud in relation to other aspects of the audit, even if the fraud is
immaterial.
45. Consider, in evaluating whether the statements as a whole are free of
material misstatement, the evaluation of known and likely misstatements
and certain qualitative factors.
46. Consider, when evaluating whether the misstatements are material
individually or in the aggregate, the nature and amount of the misstatements in relation to the nature and amount of items in the financial
statements.
47. Request that management make the necessary corrections when the auditor believes that the statements as a whole are materially misstated.
48. Consider the effects of undetected misstatements in concluding whether
the financial statements are materially misstated.
49. Perform additional audit procedures or satisfy himself or herself that the
statements have been adjusted to reduce audit risk to an appropriately
low level.
50. Document the following:
a. Levels of materiality, including any changes made during the audit.
b. All known and likely misstatements that have been corrected by the
client, other than those deemed to be trivial.
c. With respect to uncorrected misstatements:
i. A conclusion as to whether the uncorrected misstatements,
individually or in the aggregate, cause a material misstatement,
and the basis for that conclusion.
ii. A summary of uncorrected misstatements that allows the auditor
to consider the effects of known and likely misstatements, both
separately and in aggregate, as well as the qualitative aspects of
misstatements.
Top_Aud_08_book.indb 26
8/30/2007 3:14:44 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
27
STUDY QUESTIONS
1. SAS 107 lists which of the following as an unconditional requirement?
a. Performing risk assessment procedures at both the financial
statement and account balance, transaction class and disclosure
levels.
b. Evaluating whether the financial statements taken as a whole are
free of material misstatement.
c. Having an appropriate basis for the assessment of the risk of
material misstatement at the relevant assertion level.
d. Determining a materiality level for the financial statements taken
as a whole.
2. SAS 107 lists which of the following as a presumptively mandatory
requirement?
a. Accumulating all known misstatements.
b. Communicating all known and likely misstatements, other than
trivial amounts, to the appropriate level of management.
c. Determining one or more levels of tolerable misstatement lower
than the materiality level.
d. Considering the effects, individually and in the aggregate, of
known and likely misstatements that are not corrected.
3. Auditors should consider all of the following factors when determining
materiality except:
a.
b.
c.
d.
Prior period’s budgets or forecasts.
Significant changes in the client’s circumstances
Prior periods’ financial statements.
Changes of conditions in the client’s industry.
4. Auditors should consider audit risk in relation to the relevant assertions
at:
a. Both the financial statement level and the account balance, transaction class and disclosure level.
b. Both the financial statement materiality level and the tolerable misstatement level.
c. Only the account balance, transaction class and disclosure level.
d. Only the tolerable misstatement level.
Top_Aud_08_book.indb 27
8/30/2007 3:14:44 PM
28
TOP AUDITING ISSUES FOR 2008 CPE COURSE
DEFINITIONS
Audit Risk
SAS 107 defines audit risk as “the risk that the auditor may unknowingly
fail to appropriately modify his or her opinion on financial statements that
are materially misstated” and, therefore, the risk that financial statements
will include material misstatements. The auditor addresses both materiality and audit risk at an overall financial statement level to develop an audit
strategy that will provide sufficient evidence to enable him or her to reasonably evaluate whether the financial statements are materially misstated.
At the individual account balance, class of transactions, relevant assertion,
or disclosure level, audit risk is made up of inherent risk, control risk, and
detection risk. The concept of audit risk recognizes that auditors are able to
obtain reasonable, but not absolute, assurance that material misstatements
are detected.
Inherent risk. This is the susceptibility of a relevant financial statement as-
sertion to a material misstatement, either individually or when aggregated
with other misstatements, assuming there are no related controls.
Control risk. This is the risk that a material misstatement that could occur
in a relevant financial statement assertion, either individually or when aggregated with other misstatements, will not be prevented or detected on a
timely basis by the entity’s internal control.
OBSERVATION
One way to think of inherent risk and control risk is to think of dynamite.
Dynamite is an inherently risky substance, due to its physical properties.
Those properties do not change, no matter who has control of it. This is
dynamite’s inherent risk. It is a constant. Control risk is a variable, depending
on possession. When the hazardous materials squad of the fire department
has the dynamite, the control risk, that is the risk that it will do damage,
is low because of their special training and equipment, and their intention
to protect public safety. When a group of terrorists has the dynamite, the
control risk is high because of their intention to do harm, and their possible
lack of proper training and equipment.
Detection risk. This is the risk that the auditor will not detect a material
misstatement that exists in a relevant financial statement assertion, either
individually or when aggregated with other misstatements. Detection risk
can be disaggregated into additional components of tests of details risk and
substantive analytical procedures risk.
Inherent and control risk are always the client’s risks. They exist independently of the audit. Detection risk is the auditor’s risk.
Top_Aud_08_book.indb 28
8/30/2007 3:14:45 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
29
The combined assessment of inherent risk and control risk is termed the
“risk of material misstatement.” The new model for describing audit risk is:
AR = RMM x DR
where AR is audit risk, RMM is risk of material misstatement and DR
is detection risk. It is a matter of professional judgment as to how these
components are expressed. Some auditors express them in quantitative
terms such as percentages. Many others use qualitative terms such as high,
moderate or low.
OBSERVATION
Risk assessment is not an exact science. Like materiality, it does not lend
itself to strict formulaic calculation. It is more like building a board fence, in
which one could possibly allow differences of several inches, as compared
to an engineering tolerance for an aircraft part, in which machining a part to
within fractions of a millimeter is required. For this reason, broader qualitative
terms, or percentages expressed in fairly wide ranges, are often the most
useful approach to expressing levels of risk assessment. Precise quantitative expressions, such as pinpoint percentage calculations, may imply a
greater degree of precision than this process actually intends or is capable
of providing. In addition, by “putting too fine a point on it” at this stage of
the engagement, the auditor may be setting a standard so high as to make
it impossible to conduct the engagement efficiently or economically.
Materiality
SAS 107 does not change the basic definition of materiality. It cites the definition that is set forth in Financial Accounting Standards Board (FASB) Statement of Financial Accounting Concepts No. 2, Qualitative Characteristics
of Accounting Information. This pronouncement defines materiality as “the
magnitude of an omission or misstatement of accounting information that,
in light of surrounding circumstances, makes it probable that the judgment
of a reasonable person relying on the information would have been changed
or influenced by the omission or misstatement.”
Trivial Misstatement
A footnote to SAS 107 defines “trivial” as “amounts designated by the auditor
below which misstatements need not be accumulated. This amount is set
so that any such misstatements, individually or when aggregated with other
such misstatements, would not be material to the financial statements, after
the possibility of further undetected misstatements is considered.”
Top_Aud_08_book.indb 29
8/30/2007 3:14:45 PM
30
TOP AUDITING ISSUES FOR 2008 CPE COURSE
OBSERVATION
Auditors are required to summarize uncorrected misstatements and to
communicate them to management. In most cases management agrees,
in the representation letter, that they are not material. Trivial misstatements
as designated by the auditor would not be posted to this summary. This
is done for convenience or economy, otherwise auditors would have to
communicate every misstatement, no matter how small, to management.
Auditors should be careful, however, in determining this threshold, so that
the concept of “trivial misstatement” does not become an expedient for
disposing of misstatements that may have individual or collective significance on a qualitative basis.
STUDY QUESTIONS
5. Which of the following risks is the auditor’s risk, as opposed to the client’s risk?
a.
b.
c.
d.
The risk of material misstatement.
Control risk.
Inherent risk.
Detection risk.
6. A trivial misstatement as defined by SAS 107 is best described as:
a. An amount determined by the auditor such as makes it
probable that the judgment of a reasonable person relying on
the information would have been changed or influenced by the
misstatement.
b. An amount designated by management such that any such
misstatements, individually or in the aggregate, would not be
material to the financial statements.
c. An amount designated by the auditor below which misstatements
need not be accumulated.
d. An amount agreed upon by management and the auditor such
that any such misstatements, individually or in the aggregate,
would not be material to the financial statements.
CONSIDERING AUDIT RISK AND MATERIALITY
Audit risk and materiality are considered both at the financial statement
level, and in more detailed fashion at the individual account balance,
transaction class or disclosure level. Assessing the risk of material misstatement is treated in greater detail in SAS 109, Understanding the Entity and
Its Environment, and Assessing the Risks of Material Misstatement, which is
discussed later in this Course.
Top_Aud_08_book.indb 30
8/30/2007 3:14:45 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
31
Considerations at the Financial Statement Level
SAS 107 requires auditors to consider audit risk and to determine a materiality level for the financial statements taken as a whole. This assists them in:
Determining the extent and nature of risk assessment procedures.
Identifying and assessing the risks of material misstatement.
Determining the nature, timing and extent of further audit procedures.
Evaluating whether the financial statements are fairly presented.
Considering audit risk is a matter of professional judgment. It can be assessed
in quantitative or nonquantitative terms. At the financial statement level,
this consideration includes general planning decisions such as staffing, extent
of review, and degree of professional skepticism. The auditor is required to
perform the audit to reduce audit risk to a low level that is appropriate for
expressing an opinion on the entity’s financial statements.
At this level, the auditor is concerned with risks of material misstatement that cut across many relevant assertions, and relate pervasively to
the statements as a whole. These risks often attach to the overall control
environment, and may not be linked to a particular relevant assertion
at the account balance, transaction class or disclosure level. Identifying
these risks is particularly important in terms of assessing the risk of fraud
as a result of management override of controls.
OBSERVATION
Almost every audit has at least one significant risk. Most have only a few,
one of which may stand out as the most significant. A mental exercise to help
identify that risk is called “the one hour audit.” In this exercise, there are as
many hours available as are reasonably necessary to plan the audit, including performing necessary risk assessment procedures and developing an
understanding of controls, and to draft and review the financial statements
and do other necessary “wrap-up” work. But the substantive test work in
the field is limited to only a very short time; say an hour for a small audit,
or a day for a large audit. Consider what the first thing to be tested would
be. Then, if there is time left over, or if another hour was allotted, consider
what would be tested next. This will usually identify the one or two most
significant risks in the audit. This exercise works well in the brainstorming
session that is required as a part of all audit planning. Give every participant
a slip of paper, and ask them to write down how they would spend their
hour. Collect all the responses and read them aloud, anonymously. Let the
discussion begin.
Top_Aud_08_book.indb 31
8/30/2007 3:14:45 PM
32
TOP AUDITING ISSUES FOR 2008 CPE COURSE
Considerations at the Account Balance,
Transaction Class, or Disclosure Level
SAS 107 requires the auditor to consider audit risk at the individual account
balance, class of transactions, or disclosure level. At this level, the auditor’s
objectives are to:
Determine the nature, timing, and extent of further audit procedures.
Reduce audit risk at the individual balance, class, or disclosure level so
that the auditor can express an opinion on the statements as a whole at
an appropriately low level of audit risk.
In determining the nature, timing, and extent of audit procedures to
be applied to a specific account balance, class of transactions, or disclosure, the auditor should design audit procedures to obtain reasonable
assurance of detecting misstatements that could be material, when aggregated with misstatements in other balances, classes, or disclosures,
to the financial statements taken as a whole. Regardless of the audit
approach or methodology, SAS 107 requires the auditor to assess the
risk of material misstatement at the relevant assertion level as a basis
for further audit procedures.
OBSERVATION
The requirement to assess the risk of material misstatement at the relevant assertion level as a basis for further audit procedures effectively
eliminates the auditor’s ability to default to “maximum control risk” without having a basis for that assessment. This is a significant departure
from existing practice. This does not mean that controls must always
be tested. It does, however, mean that the auditor must have understanding of controls sufficient to support an assessment of maximum
control risk. The intended result of this shift in audit thinking is that audit
effort will be more effectively concentrated in areas of highest risk; in
other words, that audit procedures will be more closely correlated to
assessed risks.
OBSERVATION
The requirement to assess the risk of material misstatement at the disclosure level is new as an explicit requirement in the auditing literature. This is
important because it underscores the fact that disclosures are more than
just a mass of fine print appended to the basic financial statements. They
are an integral part of those statements, and share equal importance to
users, and thus are of equal concern to the auditor.
Top_Aud_08_book.indb 32
8/30/2007 3:14:45 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
33
STUDY QUESTION
7. The requirement of SAS 107 to assess the risk of material misstatement
at the relevant assertion level as a basis for further audit procedures:
a. Intends that audit procedures be performed in all areas without
regard to assessed risks.
b. Effectively eliminates the auditor’s ability to default to “maximum
control risk” without having a basis for that assessment.
c. Means that the auditor need not develop an understanding of controls sufficient to support an assessment of maximum control risk.
d. Requires that controls always be tested.
DETERMINING AND USING MATERIALITY
Some matters are more important for the fair presentation of financial
statements than others. Auditors are concerned with matters that either by
themselves or combined with others, could be important, or material, to the
financial statements. Auditors are responsible for planning and performing
the audit to obtain reasonable, but not absolute, assurance that material
misstatements, whether they are caused by error or by fraud, are detected.
SAS 107 discusses materiality at three levels:
The financial statements as a whole.
Tolerable misstatement at the account balance, transaction class or
disclosure level.
Other particular items that are less than the materiality amount for the
financial statements as a whole.
Once materiality is established, it should be considered the same way—
although not necessarily in the same amounts—in planning and evaluating,
regardless of the client’s inherent business characteristics.
EXAMPLE
User expectations may differ depending on the degree of inherent uncertainty associated with particular financial statement items. The Standard cites
as examples the provision for insurance claims in an insurance company,
or for legal claims in the course of any entity’s business. The fact that these
statement items are based on estimates that may contain a high degree
of uncertainty may influence users’ assessments of materiality. This does
not, however, cause the auditor to use different procedures for planning,
or for evaluating misstatements in these areas.
Top_Aud_08_book.indb 33
8/30/2007 3:14:45 PM
34
TOP AUDITING ISSUES FOR 2008 CPE COURSE
Considering the Needs of Users
Financial statement users are a diverse group that may include management,
owners, employees, and creditors, among many others. Auditors consider the
needs and perceptions of intended users of the financial statements in making judgments about materiality. SAS 107 make two important comments
about financial statement users. The first is that auditors consider the needs
of users as a group, rather than individually, when considering the possible
effects of a misstatement. Because the needs of individual users may vary
greatly, it is not feasible for the auditor to consider, or to try to anticipate
the individual needs of every user.
The second is that financial statement users need to take responsibility
for intelligent use of the financial statements. SAS 107 states that users are
assumed to:
Have appropriate knowledge of business and economic activities and
accounting.
Have a willingness to study the information in the statements with an
appropriate degree of diligence.
Understand that financial statements are prepared and audited to levels
of materiality.
Recognize that there are uncertainties inherent in the accounting estimates and judgments used in preparing the financial statements, and in
future events.
Make appropriate economic decisions based on the financial statement
information.
OBSERVATION
One of the major philosophical thrusts of the new Risk Assessment Standards
as a whole is to differentiate the auditor’s responsibilities from those of management and other financial statement users. This is part of a comprehensive
campaign to educate the public as to who is responsible for what in the
process. Stories abound in which an auditor is sued by a financial statement
user who failed to read or understand the statements, and made a decision
that they would not have made if they had actually read the statements, or for
something that the auditor could not reasonably have foreseen as a need. This
Standard puts forth clear language that aims to head off these types of claims
by making users responsible for putting forth reasonable effort to understand
the statements and making reasonable judgments based upon them.
Nature and Causes of Misstatements
Known and likely misstatements. SAS 107 defines two types of misstatements: known and likely. The concept of known misstatements is unchanged
from previous literature. They are simply the “hard differences” identified in
Top_Aud_08_book.indb 34
8/30/2007 3:14:45 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
35
the audit process. The concept of likely misstatements is not new, but it has
taken on more importance. Likely misstatements are those that are identified either by projecting the results of a sampling application to an entire
population, or by quantifying a difference between a recorded estimate and
the auditor’s best judgment. These are often referred to in practice as “soft
differences.” Previous Standards did not seem to take them as seriously as
does SAS 107. Under the new Standard, likely misstatements need to be
considered and evaluated, aggregated, and when not corrected by the client,
carried forward to the summary of uncorrected misstatements.
EXAMPLE
The most common example of determining likely misstatements is in audit
sampling. If the auditor sampled 20% of the accounts receivable balance
and found total misstatements of $2,000 (the known misstatements), the
auditor could project this misstatement to the account balance as $10,000
(the likely misstatements)—$2,000 divided by 20%. The likely misstatements
of $10,000 include the known misstatements of $2,000 because the known
misstatements are projected to the total accounts receivable balance.
However, if the client corrects the known misstatements of $2,000, then
the likely misstatements would be only $8,000 ($10,000 - $2,000).
EXAMPLE
Another example of determining likely misstatements is in accounting estimates. When the client records depreciation expense at $ 25,000, but the
auditor determines that a more reasonable range for this estimate should
be $28,000 to $30,000, the likely misstatement is $3,000 ($28,000-$25,000)
which is the difference between the recorded amount and the closest
amount in the reasonable range calculated by the auditor.
OBSERVATION
SAS 107 seems to place more responsibility on the auditor to critically
evaluate what have been thought of as “soft differences.” In the past,
these misstatements were often given slight consideration, and dismissed
as acceptable differences in judgment, or in the case of sampling differences as abstract statistics that the auditor “can’t really prove.” Implicit
in this philosophical shift is a perception that auditors, in the past, might
have allowed significant misstatements to pass without comment, simply
for lack of giving them full consideration. SAS 107 aims to plug this gap by
requiring that “likely misstatements” be considered both individually and in
the aggregate, and qualitatively as well as quantitatively.
Top_Aud_08_book.indb 35
8/30/2007 3:14:45 PM
36
TOP AUDITING ISSUES FOR 2008 CPE COURSE
Misstatements may consist of:
Inaccuracies in gathering or processing the data from which the statements are prepared.
Differences between recorded amounts, classifications, or presentations
and those that should reported under GAAP.
Omissions of:
Financial statement elements, accounts or items.
Information required to be disclosed under GAAP.
Disclosures that are not prepared in conformity with GAAP.
Incorrect accounting estimates arising from oversight or misinterpretation of facts.
Judgments by management in the selection or application of accounting
policies or in accounting estimates that the auditor may consider inappropriate or unreasonable.
Causes of misstatements.
Misstatements arise either unintentionally, that is, by error, or intentionally
by fraud. Misstatements caused by fraud come in two categories: fraudulent
financial reporting and misappropriation of assets. These are discussed in
detail in SAS 99, Consideration of Fraud in a Financial Statement Audit:
Qualitative Aspects of Materiality
SAS 107 discusses both quantitative and qualitative aspects of materiality.
Some misstatements are more important than others, regardless of their
amount. One of the most important qualitative aspects to be considered is the
possibility of fraud. When an auditor uncovers evidence that suggests fraud,
the implications for the integrity of management or employees and effects on
other aspects of the audit should be considered regardless of the quantitative
materiality of the misstatement. This often implies that further audit procedures will need to be performed. Other qualitative aspects of misstatements
that can make them material even though they do not meet the quantitative
threshold are those that cause a change in a key measure within the financial
statements, such as small misstatement that changes net income to a net
loss, or that changes a key ratio such that the client is in violation of a loan
covenant. While auditors have no responsibility to design or perform audits
to detect immaterial misstatements, they do have a responsibility to evaluate
detected misstatements for qualitative as well as quantitative aspects.
Qualitative aspects of materiality cannot be evaluated until a misstatement
is detected. This is because of the wide range of possible qualitative implications for any misstatement, depending not only upon the misstatement
itself, but upon circumstances and user perceptions. For this reason, while
auditors always consider the qualitative aspects of detected misstatements,
it is not usually feasible to design procedures specifically to detect misstatements that are qualitatively material.
Top_Aud_08_book.indb 36
8/30/2007 3:14:45 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
37
Methods of Determining Materiality
Like previous Standards, SAS 107 avoids prescribing any particular formula or method for determining materiality. It discusses the quantitative
determination as a process that usually involves applying a percentage to
a chosen benchmark within the financial statements. It offers as examples
of benchmarks:
Total revenues.
Gross profit.
Pre-tax profit from continuing operations.
Net assets.
Selection of an appropriate benchmark or percentage involves a great degree
of professional judgment, taking into account such factors as:
The elements of the particular financial statements, and the financial
statement measures defined in GAAP.
Particular financial statement items that may be the focus of users’ interest.
The client’s industry and environment.
The client’s size, nature of ownership and the way it is financed.
EXAMPLES
In most profit-making businesses, some measure related to revenue is usually an appropriate benchmark for the materiality determination, because
users of the financial statements are most concerned with revenue and
profitability. However, an auditor of a company that is running near breakeven or at a loss would not usually choose a measure like pre-tax profit
for the materiality benchmark because it would create an artificially low
materiality level. This would cause an inefficient audit because audit tests
would be scoped at a very low dollar amount and therefore would likely take
in many more test items than necessary. A more appropriate benchmark in
this case might be gross revenues or total assets.
In privately-held corporations, it is common practice for owners to draw out
significant amounts of profit in salary. Using pre-tax profit as a materiality
benchmark would, in this case, create the same problems as in a break-even
corporation. In this case, it might be better to add owners’ compensation
back to the pre-tax profit to arrive at a benchmark.
Some businesses are in volatile industries or economic environments, and
may routinely experience marked swings in profitability. Using a benchmark
based on current year’s profits may lead to a materiality level that is either
so low as to create an inefficient audit, or so high that it fails to reduce the
auditor’s detection risk to an acceptably low level, and thus renders the
audit ineffective. In this case, an auditor might decide that a benchmark
based upon an average profit over several years is more representative of
the client’s true activity levels.
Top_Aud_08_book.indb 37
8/30/2007 3:14:45 PM
38
TOP AUDITING ISSUES FOR 2008 CPE COURSE
Some business entities, such as real estate investment companies or
mutual funds are more concerned with total assets or net assets than
with revenue. An asset-based materiality benchmark may work better for
these businesses.
In non-business entities, such as governments or nonprofit organizations,
generating a profit is not the entity’s objective. Auditors of these types of
entities often choose gross revenues or total assets as a benchmark.
Materiality for the Financial Statements as a Whole
Materiality for the financial statements as a whole is the maximum amount
that the financial statements could be misstated and still fairly present the
overall financial statements. The auditor’s estimate of materiality requires
professional judgment, based on the understanding of the client’s business
and the specific circumstances of the engagement. When establishing the
overall audit strategy, the auditor should determine materiality for the financial statements taken as a whole.
OBSERVATION
The subjectivity that surrounds materiality determination has led some to
draw parallels between it and pornography:
It is impossible to codify a definition or standard that covers all possible
circumstances.
Well-intentioned people may have widely differing opinions of what it is
or is not in any particular circumstance.
Individuals immediately recognize what it is or is not according to their
own standards in any particular circumstance.
This observation is not offered gratuitously. As a part of the Risk Assessment Standards’ general philosophical thrust, SAS 107 attempts to carve
out distinctions between the responsibilities of auditors and financial statement users. One point, discussed earlier in this Course, is that users need
to understand that financial statements are prepared and audited to levels
of materiality. The author has found that this comparison, however frivolous
it may initially sound, often helps de-mystify the concept of materiality for
non-accountants.
Common misconceptions. One prevalent misconception under SAS 47 has
been that establishing a materiality level in the planning stages of the audit
sets a threshold below which misstatements are always considered to be immaterial. This is was not the case under that previous Standard and is not
the case under SAS 107. As discussed in “Qualitative Aspects of Materiality”
Top_Aud_08_book.indb 38
8/30/2007 3:14:45 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
39
above, some identified misstatements may be deemed to be material even
when they are below established thresholds.
Another common misconception under SAS 47 was that once an
auditor sets materiality levels in the planning phase, they must be used in
evaluating the audit results at the end of the engagement. This was not
true under SAS 47 and is not true under SAS 107. Because auditing is a
process of discovery, an auditor’s judgment about what is material may
well change in light of unanticipated circumstances between the planning and final stages of an engagement. If a lower level of materiality
than that envisioned in audit planning is deemed appropriate by the end
of the audit, the auditor should reconsider the related levels of tolerable
misstatement and the adequacy of the nature, timing and extent of the
audit procedures performed.
Tolerable Misstatement
Tolerable misstatement (sometimes called tolerable error) is the maximum
monetary misstatement the auditor can accept at the account balance or
class of transactions level without causing the financial statements to be
materially misstated. Tolerable misstatement is the next level of materiality
below the financial-statement-as-a-whole level. The underlying theory is that
misstatements less than the materiality amount determined at the financial
statement level could possibly exist, and could lead, in the aggregate to material misstatement at the financial statement level. For this reason, auditors set
one or more levels of tolerable misstatement, lower than the materiality level
for the statements as a whole. Many auditors calculate these as percentages
of materiality, and may apply different percentages for significant classes of
transactions, account balances, disclosures or other components of financial
statements. The objective of “fragmenting” the overall materiality amount is
to set the precision levels for the significant financial statement components
low enough that the risk that the total of undetected misstatements, detected
misstatements, and judgmental differences from all audit areas will exceed
materiality is acceptably low.
EXAMPLE
An auditor may set materiality for the financial statements as a whole at
$100,000. Seeing that sales and costs of sales are the largest items in the
statements, and considering them to be at a relatively high risk of misstatement, the auditor might set tolerable misstatement for these transaction
classes at $25,000, based upon his or her judgment about the level of risk
and possible nature of misstatements. Tolerable misstatement for other
significant financial statement areas might be set at different levels.
Top_Aud_08_book.indb 39
8/30/2007 3:14:46 PM
40
TOP AUDITING ISSUES FOR 2008 CPE COURSE
Materiality for Other Lesser Amounts
Auditors should also consider whether misstatements of particular items of
lesser amounts than the materiality level determined for the financial statements as a whole could reasonably be expected to influence users’ decisions
about the financial statements. These amounts represent lower materiality
levels to be considered in relation to those particular items. The views of
management or those charged with governance may be taken into account
in making this determination. Other factors to consider include:
Accounting Standards, laws and regulations, and the effect they might
have on users’ expectations about the measurement or disclosure of particular items. SAS 107 cites related party transactions and management
compensation as examples.
Key industry-related disclosures, such as research and development costs
for a pharmaceutical company.
Whether the financial performance of a particular segment of the business, such as a subsidiary or division that is separately disclosed, is of
special concern to users.
STUDY QUESTIONS
8. SAS 107 makes all of the following assumptions relating to financial
statement users except:
a. Financial statement users are willing to study the statements with
appropriate diligence.
b. They have appropriate knowledge of business and economic
activities and accounting.
c. The individual needs of all financial statement users have been
considered by the auditor.
d. Financial statement users recognize that there are uncertainties
inherent in the accounting estimates and judgments used in preparing the financial statements.
9. The materiality levels that the auditor sets in the planning phase of the audit must also be used in evaluating the audit results. True or False?
10. Which of the following benchmarks would likely be the most appropriate to use in determining materiality for a consistently profitable,
closely-held corporation in which the owners draw out substantial
amounts of compensation?
a.
b.
c.
d.
Top_Aud_08_book.indb 40
Pre-tax income before owners’ compensation.
Pre-tax income.
Average net income over the past three years.
Total assets.
8/30/2007 3:14:46 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
41
COMMUNICATING MISSTATEMENTS TO MANAGEMENT
SAS 107 places increased emphasis on auditor-client communication about
misstatements. The best way to understand this emphasis is to look at the
list of requirements that it imposes.
Auditors have an unconditional requirement under SAS 107 to communicate all known and likely misstatements to the appropriate level of
management, other than those that are trivial. While this requirement is
not new, it adds emphasis to the concept of communicating likely as well
as known misstatements.
This Standard also imposes a host of presumptively mandatory requirements which, when taken together, signify the importance that the Auditing
Standards Board places on auditor-client communication.
Communication should take place on a timely basis.
This communication should distinguish between known and likely
misstatements.
The auditor should request that management correct all known misstatements, including the effects of prior period misstatements.
The auditor should request that management examine a class of transactions, balance or disclosure to identify misstatement when the audit
identifies material likely misstatements from a sample.
The auditor should request that management reevaluate the assumptions
and methods used in developing an accounting estimate when the audit
identifies a likely misstatement involving estimates.
Once management has examined transaction classes, balances or disclosure, and challenged the assumptions and methods used in developing
estimates, as required in the two previous points, the auditor should
reevaluate the amount of likely misstatement and, if necessary, perform
further audit procedures.
The auditor should obtain an understanding of management’s reasons
for not correcting known and likely misstatements, and should take
that understanding into account when considering the qualitative
aspects of the client’s accounting practices, and the implications for
his or her report.
Top_Aud_08_book.indb 41
8/30/2007 3:14:46 PM
42
TOP AUDITING ISSUES FOR 2008 CPE COURSE
OBSERVATION
SAS 107 places emphasis on more comprehensive and in-depth communication between the auditor and management on the subject of misstatements. Part of the reason for this is to educate or inform clients more
thoroughly, so that they can take responsibility for the misstatements, and
for correcting them. Note, for example, that the Standard requires the auditor to request management to examine and reevaluate, rather than simply
to calculate an audit adjustment and give it to the client. Clearly, under
the new Standard, it would not be acceptable, except perhaps in audits
of very small entities with very few adjustments, to do nothing more about
misstatements than to hand the client a sheet of adjusting entries at the
end of the audit. This fosters the notion that it is the auditor, and not the
client who “owns” the adjustments, which is contrary to the philosophical
direction that the Risk Assessment Standards as a whole are taking.
STUDY QUESTION
11. SAS 107 requires auditors to communicate only “hard differences” or
known misstatements to management. True or False?
EVALUATING AUDIT FINDINGS
Audit findings are evaluated at the level of individual findings, adjustments
and differences, which generally takes place at the “workpaper” level, and
at the level of the financial statements taken as a whole.
Evaluating Audit Findings, Adjustments, and Differences
Evaluating the findings of the audit procedures and documenting conclusions are important aspects of the audit process. A major step in this process
is summarizing the misstatements and judgmental differences uncovered in
the audit. Misstatements should be summarized in a way that enables the
auditor to consider their effects on individual amounts, subtotals, or totals
in the statements, in order to help the auditor consider whether their effects,
either individually or in the aggregate, materially misstate the financial statements. This is a two-step process. Before considering the misstatements in
the aggregate, the auditor considers them individually to evaluate:
Their effect on individual balances, transaction classes or disclosures.
Whether it is appropriate to offset misstatements.
The effects of prior period uncorrected misstatements.
Top_Aud_08_book.indb 42
8/30/2007 3:14:46 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
43
OBSERVATION
Considering the effects of prior period misstatements is important because
they can affect current period income or can accumulate on the balance
sheet over time. There are three acceptable methods of doing this for nonSEC issuer clients:
Considering the effect of all current and prior period misstatements that
flow through the current period’s income statement.
Considering the cumulative effect on the ending balance sheet.
Applying both approaches and recording adjustments if either indicates
the need to do so.
Auditors of SEC issuers should be aware, however, that the SEC requires
the use of the third method.
During evaluation, the auditor’s judgment about whether misstatements are
material may be influenced by two factors.
Types of misstatements. Misstatements can result from errors or fraud
and may consist of differences in amounts, classifications or presentation,
omissions, improper estimates or accounting policies, or inaccurate data.
Auditors should consider not only the nature and amounts of the misstatements corrected by management but also the uncorrected misstatements and
misstatements in accounting estimates. SAS 107 cautions auditors to be alert
for patterns in the types of misstatements discovered and the circumstances
of their occurrence, and to consider whether other material misstatements
might exist. Material misstatements do not usually occur in a vacuum, and
auditors should avoid drawing facile conclusions that detected misstatements
are isolated occurrences.
Qualitative characteristics. The auditor should not rely exclusively on
quantitative benchmarks to determine whether an item is material. A numerical threshold may provide the basis for a preliminary assumption that
an amount is unlikely to be material; however, it is not a substitute for a
full analysis. Certain misstatements may have significance even though the
dollar amount may not be as large as the auditor typically would assume to
be material. Therefore, the nature of the misstatement will help the auditor
determine the potential for additional misstatements of a similar type and
the need for changes in audit procedures. Some of these qualitative factors
may include errors versus fraud, considerations of contractual obligations,
and effects on earnings trends. An illegal payment of an otherwise immaterial
amount may take on significance if there is a reasonable possibility that it
Top_Aud_08_book.indb 43
8/30/2007 3:14:46 PM
44
TOP AUDITING ISSUES FOR 2008 CPE COURSE
could lead to a material contingent liability or loss of revenue. It also may
have implications for management’s integrity.
The sheer volume of qualitative considerations that SAS 107 lists, 16 in
all, is a clear indication that they are important in evaluating audit findings.
Those factors are:
1. The potential effect of a misstatement on trends such as profitability.
2. A misstatement that changes a net income to a net loss or vice versa.
3. The potential effect of the misstatement on contractual compliance,
such as loan covenants, or regulatory provisions.
4. Regulatory or statutory reporting requirements that affect materiality
thresholds.
5. A misstatement that masks a change in important trends such as earnings,
especially in the context of industry or general economic conditions.
6. A misstatement that affects management’s compensation, such as bonuses.
7. Misstatements involving sensitive circumstances such as fraud or illegal
acts, violations of contracts or conflicts of interest.
8. The significance of the financial statement element that is misstated.
9. The effects of misclassifications, such as between operating and nonoperating income, or current and non-current assets or liabilities.
10. The significance of the misstatement to a reasonable user, such as earnings to an investor or equity to a creditor.
11. The definitive character of the misstatement, such as an error that is
objectively determinable versus a misstatement that involves uncertainty
or subjective judgment.
12. Management’s motivations with respect to misstatements, such as a
pattern of bias, unwillingness to correct weaknesses in the accounting
process or intentional decisions not to follow GAAP.
13. The existence of material, but different, offsetting misstatements.
14. The likelihood of a currently immaterial misstatement becoming material
over time through cumulative effects, such as deferred rent over several
periods.
15. The cost-benefit considerations in making the correction.
16. The risk that further undetected misstatements exist that might influence the auditor’s evaluation.
Top_Aud_08_book.indb 44
8/30/2007 3:14:46 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
45
As noted earlier in this Course, judgment about materiality for planning
purposes may differ from the judgment used in evaluating the audit findings. As the audit progresses, the auditor may find it necessary to reconsider
the levels of materiality initially established to set the overall scope of the
audit. This may be particularly important when significant misstatements
are discovered.
Evaluating the Financial Statements as a Whole
SAS 107 requires the auditor to evaluate whether the financial
statements as a whole are free of material misstatement. This involves
both quantitative and qualitative considerations and requires the use of
professional judgment.
As the aggregate effect of uncorrected misstatements approaches materiality, the auditor should consider whether further undetected misstatements
exist. If this risk is unacceptably high, the auditor should perform additional
procedures to support the audit opinion or should satisfy himself or herself
that the entity has adjusted the financial statements to reduce audit risk to
an appropriately low level.
If the auditor believes that the financial statements taken as a whole are
materially misstated, the auditor should request that management make the
necessary corrections. If management refuses to make the corrections, the
auditor must determine the implications for the auditor’s report.
STUDY QUESTIONS
12. Which of the following statements best applies, under SAS 107, to the
auditor’s consideration of the effects of prior period misstatements in
audits of non-SEC issuers?
a. Auditors must consider the effect of all current and prior period
misstatements that flow through the current period’s income
statement.
b. Auditors consider primarily the cumulative effect on the ending
balance sheet.
c. Auditors must consider both the income statement and ending
balance sheet effects of prior period misstatements.
d. Auditors may consider either the income statement or the ending
balance sheet effects of prior period misstatements, or may take
both into account.
Top_Aud_08_book.indb 45
8/30/2007 3:14:46 PM
46
TOP AUDITING ISSUES FOR 2008 CPE COURSE
13. Which of the following statements best applies, under SAS 107, to the auditor’s consideration of the qualitative characteristics of misstatements?
a. Auditors may rely solely on quantitative benchmarks to assess
whether an item is material.
b. Certain misstatements may have significance even though they do
not exceed quantitative thresholds for materiality.
c. The likelihood of a currently immaterial misstatement becoming
material to future periods through cumulative effects should not be
considered.
d. A misclassification between current and non-current assets is not
a qualitatively significant misstatement.
DOCUMENTATION
The performance requirements of SAS 107 carry with them both explicit and
implicit documentation requirements. These requirements have significant
implications both for audit efficiency and for systems of quality control for
audit engagements.
Materiality and Tolerable Misstatement
Auditors should document the levels of materiality and tolerable misstatement used in the audit, the basis on which these levels were determined, and
any changes that they make to them during the audit. Simply recording
numbers for materiality and tolerable misstatement does not meet this requirement because it does not show the basis for determining those numbers.
As a practical matter, many firms will find that the easiest way to satisfy this
requirement is to use structured audit practice aids such as those offered by
CCH or by other reputable publishers.
Summary of Uncorrected Misstatements
Auditors should summarize uncorrected misstatements, other than those
that are trivial. This summary should facilitate:
Separate consideration of the effects of known and likely misstatements,
including uncorrected misstatements from prior periods.
Consideration of the aggregate effects of misstatements.
Consideration of qualitative aspects of misstatements that are relevant
to the consideration of whether they are material.
The documentation should contain a conclusion as to whether the uncorrected misstatements are material individually or in the aggregate, and a
basis for that conclusion.
Top_Aud_08_book.indb 46
8/30/2007 3:14:46 PM
MODULE 1 — CHAPTER 2 — Audit Risk and Materiality in Conducting an Audit
47
The summary of uncorrected misstatements is also important as a client
communication device. Auditors are required to obtain management’s written
representation that uncorrected misstatements are immaterial individually
and in the aggregate. Auditors are also required to communicate these items
to those charged with governance. Many find that attaching this summary
from the audit workpapers, and referencing it in the management representation letter or the written communication to those charged with governance,
is an efficient way to communicate these items.
OBSERVATION
A likely effect of this new emphasis on uncorrected misstatements is that
auditors, particularly when working with smaller entities, may be “passing”
fewer adjustments, and urging clients to correct all known misstatements
other than trivial ones.
Known and Likely Misstatements
Audit documentation should record all known and likely misstatements
identified by the auditor that have been corrected by management, other
than those considered to be trivial.
SAS 107 introduces of the concept of “trivial” misstatements both in the
context of corrected and uncorrected misstatements. This implies documentation requirements that are not explicitly stated.
This suggests that a threshold for triviality should be documented, and
that a basis for that determination should be stated. Some auditors set this
threshold with reference to their planning materiality documentation, usually
by stating some percentage of tolerable misstatement below which misstatements need not be aggregated.
OBSERVATION
Some documentation requirements, such as documenting levels of materiality and tolerable misstatement, are “fixed costs” in the sense that it
takes an audit firm about the same amount of time to fill out its materiality
worksheet no matter the size of the client. Like all fixed costs, they weigh
the heaviest at the lowest levels of activity. This poses a challenge for all
auditors, but especially those of smaller entities, to become more efficient
in producing audit documentation. To meet this challenge, many are finding
that their quality control systems need to move toward two goals:
Increased standardization, often in the form of
More reliance on published practice aids.
Standardized indexing and workpaper set-up.
Top_Aud_08_book.indb 47
8/30/2007 3:14:46 PM
48
TOP AUDITING ISSUES FOR 2008 CPE COURSE
Increased use of electronic aids and documentation, which may for
example,
Automatically link specific accounts workpapers to adjusted trial
balances to financial statements.
Facilitate the standardization of documentation and production of
repetitive types of documents.
STUDY QUESTIONS
14. Which of the following statements best applies to the documentation
requirements of SAS 107?
a. Auditors should document the basis on which materiality was
determined.
b. Auditors should not document materiality at levels below the
financial statements taken as a whole.
c. Auditors should avoid documenting changes made to materiality
levels during the audit.
d. Audit documentation may exclude uncorrected misstatements
from prior periods.
15. According to SAS 107, the summary of uncorrected misstatements
should:
a. Include consideration only of known misstatements.
b. Exclude separate consideration of known and likely misstatements.
c. Include consideration of their aggregate effects.
d. Exclude a conclusion as to their materiality.
Top_Aud_08_book.indb 48
8/30/2007 3:14:46 PM
49
MODULE 1 — CHAPTER 3
Planning and Supervision
LEARNING OBJECTIVES
At the conclusion of this chapter, the reader should:
Understand the requirements of SAS 108 for planning an audit.
Understand the requirements of SAS 108 for supervising an audit.
Be able to properly execute and document the planning and supervision of an audit.
INTRODUCTION
Statement on Auditing Standards No.108, Planning and Supervision, (SAS
108) supersedes SAS 22 of the same title, and “Appointment of the Independent Auditor” of SAS 1. The guidance included in these Standards has
been combined into SAS 108. This Statement is primarily a codification
of existing best practices. It changes little in terms of the actual conduct
of audit engagements. Like many of the provisions of the Risk Assessment
Standards, it takes existing practices that were intuitive or at least informal,
and gives them conceptual structure.
This Statement is effective for audits of financial statements with periods beginning on or after December 15, 2006. Thus, for full-year audits,
December 31, 2007 year ends will be the first round of audits in which
application is required. Earlier implementation is permitted.
UNCONDITIONAL AND PRESUMPTIVELY
MANDATORY REQUIREMENTS
SAS 108’s requirements are summarized below, for convenience, to segregate
them out into one place in the same order that they are presented within the
original text of SAS 108, to highlight their importance, and to assist readers in focusing on their application in practice. For clarity and purposes of
analysis, this Course gr oups them into four unconditional requirements and
18 presumptively mandatory requirements. Some of these are groupings of
related requirements. Discussion of each appears throughout the text under
various headings in topical format, rather than in the order that they appear
in the original pronouncement.
Unconditional Requirements
These requirements are identified in the Standards by the word “must,” and are
required to be performed in all circumstances where they are applicable.
Top_Aud_08_book.indb 49
8/30/2007 3:14:46 PM
50
TOP AUDITING ISSUES FOR 2008 CPE COURSE
SAS 108 states that the auditor must:
1. Adequately plan the audit.
2. Properly supervise any assistants.
3. Plan the audit so that it is responsive to the assessment of the risk of
material misstatement, based on the auditor’s understanding of the client
and its environment, including its internal control.
4. Develop an audit plan which documents the audit procedures that are
expected to reduce audit risk to an acceptably low level.
Presumptively Mandatory Requirements
These requirements are identified in the Standards by the words “should”
or “should consider.” They are required to be performed in all applicable
circumstances unless the auditor can justify in the audit documentation a
reason for not doing so, and demonstrate how other audit procedures have
met their objectives. They state that the auditor should:
1. When accepting an audit engagement at or near the close of the
fiscal year:
a. Ascertain whether circumstances are likely to permit an adequate
audit and the expression of an unqualified opinion.
b. If an unqualified opinion is not likely, then discuss with the client
the possibility of a qualified opinion or disclaimer.
2. Evaluate, as the successor in a change of auditors, certain communications.
3. Establish and document in a written engagement letter an understanding
with the client for each engagement, which should include:
a. The objectives of the engagement.
b. Management’s responsibilities.
c. The auditor’s responsibilities.
d. The limitations of the engagement.
4. Perform procedures on both client continuance and the auditor’s ethical
requirements, including independence, before performing other significant audit activities.
5. In establishing the overall audit strategy:
a. Determine the characteristics of the engagement that define its
scope, such as basis of reporting, industry reporting requirements,
and locations.
b. Ascertain reporting objectives such as deadlines.
Top_Aud_08_book.indb 50
8/30/2007 3:14:46 PM
MODULE 1 — CHAPTER 3 — Planning and Supervision
51
c. Consider factors that will focus the audit effort, such as materiality,
areas of high risk, the need to test internal control, and industryspecific requirements.
d. Consider the results of preliminary engagement activities and experience gained on other engagements with the client.
6. Update and document specific revisions to the audit strategy to respond
to changes in circumstances.
7. Include in the audit plan descriptions of:
a. The nature, timing and extent of planned risk assessment procedures.
b. The nature, timing and extent of planned further audit procedures
at the relevant assertion level for each material account balance,
transaction class or disclosure.
c. Other audit procedures to be performed, for example, direct communication with the organization’s legal counsel.
8. Document changes to the original audit plan.
9. Consider whether specialized skills are needed to perform the audit
and, if so:
a. Seek assistance from a professional with those skills.
b. Determine whether that professional will function effectively as a
part of the audit team.
c. Have sufficient knowledge to communicate the objectives and
evaluate the results of the specialist’s work.
d. Consider a number of specific factors relative to the need to engage
an information technology (IT) specialist.
10. Take care not to compromise the effectiveness of the audit in discussing
the audit strategy or plan with those charged with governance, such
as by disclosing details about the nature, timing or extent of planned
audit procedures.
11. Before starting an initial audit, perform certain client and engagement
acceptance procedures, and communicate with the predecessor auditor,
if there has been a change.
12. Consider a number of specific factors in planning an initial audit.
13. Communicate to audit team members the susceptibility of the financial
statements to material misstatement due to fraud or error.
14. Emphasize to audit team members the need for professional skepticism
and a questioning mind.
Top_Aud_08_book.indb 51
8/30/2007 3:14:47 PM
52
TOP AUDITING ISSUES FOR 2008 CPE COURSE
15. Inform assistants about:
a. Their responsibilities.
b. The objectives of the audit procedures they are to perform.
c. Matters that may affect the nature, extent and timing of the audit
procedures they are to perform.
16. Direct assistants to:
a. Bring significant accounting or auditing issues to the engagement
partner’s attention.
b. Bring difficulties encountered in performing the audit to the attention of appropriate individuals in the firm.
17. Review the work performed by each assistant to determine that it was
adequately performed and documented and to evaluate its results.
18. Be aware of the firm’s procedures for addressing differences of professional opinion among the audit team, including documenting those
disagreements and their resolution.
STUDY QUESTIONS
1. One of SAS 108’s unconditional requirements is that the auditor must:
a. Update and document specific revisions to the audit strategy to
respond to changes in circumstances.
b. Review the work performed by each assistant to determine that
it was adequately performed and documented and to evaluate
its results.
c. Develop an audit plan which documents the audit procedures that
are expected to reduce audit risk to an acceptably low level.
d. Consider whether specialized skills are needed to perform the audit
2. SAS 108 contains a presumptively mandatory requirement stating that
the auditor should:
a. Properly supervise any assistants.
b. Plan the audit so that it is responsive to the assessment of the risk
of material misstatement, based on the auditor’s understanding of
the client and its environment, including its internal control.
c. Establish and document in a written engagement letter an understanding with the client for each audit.
d. Refrain from accepting an audit engagement at or near the close
of the fiscal year.
Top_Aud_08_book.indb 52
8/30/2007 3:14:47 PM
MODULE 1 — CHAPTER 3 — Planning and Supervision
53
PLANNING
SAS 108 places significant importance on audit planning, such that all four
of its unconditional requirements apply to this function.
Audit planning entails developing an overall audit strategy for the engagement. Audit strategies will vary according to the client’s size and complexity,
and the auditor’s experience and understanding of the client and its environment, including its internal control. The auditor with final responsibility
for the audit (hereinafter referred to as the “audit partner”) may delegate
portions of the planning process to other firm personnel.
Planning is an ongoing process throughout the engagement. Because
auditing is a process of discovery, it is not always possible to anticipate a
full range of appropriate audit procedures. Therefore, the audit strategy,
and the more detailed audit plan should change to respond to changed
circumstances in the audit.
Appointment of the Independent Auditor
SAS 108 requires the auditor to obtain an understanding of the client, its
environment, and its internal control in connection with planning the audit.
However, before accepting an audit engagement the auditor should:
Determine whether circumstances are likely to allow an adequate audit and
the expression of an unqualified opinion on the financial statements, and
If not, discuss with the client that it might be necessary to issue a qualified opinion or a disclaimer on the financial statements.
SAS 108 voices a strong preference for early appointment of the auditor, because
it allows for audit planning before the balance sheet date. This creates a wider
range of possibilities for the nature, timing and extent of audit procedures.
SAS 84, Communication Between Predecessor and Successor Auditors,
describes communications that a successor auditor should evaluate before
accepting a new audit.
Establishing an Understanding with the Client
SAS 108 requires the auditor to establish a written understanding with the
client regarding the services to be performed. It lists four required elements
for an engagement letter, and numerous others that are either “generally
included” or that “may also be included.”
Required elements. The four presumptively mandatory elements of an
audit engagement letter are:
The objectives of the engagement.
Management’s responsibilities.
The auditor’s responsibilities.
Limitations of the engagement.
Top_Aud_08_book.indb 53
8/30/2007 3:14:47 PM
54
TOP AUDITING ISSUES FOR 2008 CPE COURSE
SAS 108 notes that the objectives of some engagements may differ, and that
the understandings for these engagements should reflect the effects of those
objectives on the responsibilities of both management and the auditor, and
on the limitations of the engagement.
EXAMPLE
SAS 108 cites as examples of engagements with differing objectives:
Audits of recipients of governmental financial assistance.
Application of agreed upon procedures to specified elements, accounts
or items of a financial statement.
Engagements to examine the effectiveness of internal control over
financial reporting.
OBSERVATION
SAS 108 does not indicate a specific person with whom the auditor is
required to establish an understanding. Generally, it is best to have one or
two members of senior management sign the engagement letter to confirm
that an understanding has been established. If there is reason to believe
that an understanding has not been established, the auditor should decline
to accept or to perform the engagement.
The following elements are not required
content, but they may reduce the risk that either the client or the auditor
might misinterpret the other’s needs or expectations in the audit. Consistent
with one of the Risk Assessment Standards’ general philosophical objectives,
they also help to define a brighter line between client responsibility and
auditor responsibility.
Management is responsible for:
The financial statements and the selection and application of accounting policies.
Establishing and maintaining effective internal control over financial
reporting.
Designing and implementing programs and controls to prevent and
detect fraud.
Identifying and assuring compliance with applicable laws and regulations.
Making all financial records and related information available to the
auditor.
Providing a written representation letter at the end of the audit.
Adjusting the financial statements to correct material misstatements.
Affirming in the representation letter that uncorrected misstatements
are immaterial.
Generally included elements.
Top_Aud_08_book.indb 54
8/30/2007 3:14:47 PM
MODULE 1 — CHAPTER 3 — Planning and Supervision
55
The auditor is responsible for:
Expressing an opinion on the financial statements.
Conducting the audit in accordance with generally accepted auditing
standards (GAAS), including the facts that:
Those standards require that the auditor obtain reasonable but not
absolute assurance about whether the statements are free of material
misstatement due either to fraud or error.
Material misstatements may remain undetected.
The audit is not designed to detect immaterial errors or fraud, or to
detect significant deficiencies in internal control or to provide assurance on internal control.
The auditor may decline to express an opinion or issue a report if for
any reason the audit cannot be concluded or an opinion formed.
Obtaining an understanding of the client and its environment sufficient
to assess the risk of material misstatement and plan the audit.
Communicating significant deficiencies in internal control to those
charged with governance.
Other elements. In addition to the required and “generally included” element,
the understanding with the client also may include, among other matters:
The overall audit strategy.
The involvement of specialists, internal auditors or a predecessor auditor.
Fee and billing arrangements.
Limitations on liability or indemnification for liability arising from
knowing misrepresentations by management.
Conditions under which others may be allowed access to audit documentation.
Additional services related to regulatory requirements.
Additional services such as non-attest services for accounting assistance
or tax preparation, subject to the limitations of Ethics Interpretation No.
101-3, “Performance of Nonattest Services.”
OBSERVATION
The placement of the “fees and billing” provision within this hierarchy seems
odd. The author cannot imagine an engagement letter in which fees and
billing arrangements (or the lack of fees or billings, in the case of pro bono
services) is not discussed. One would think that a misunderstanding about
fees and billings would be as fatal to the engagement as would misunderstandings about many of the other matters that SAS 108 delineates.
Top_Aud_08_book.indb 55
8/30/2007 3:14:47 PM
56
TOP AUDITING ISSUES FOR 2008 CPE COURSE
OBSERVATION
Many auditors include a provision about record retention in their engagement letters, stating the firm’s policy as to the retention period (which is
usually either the five years specified by SAS 103, or a longer period if
required by statute or regulation) and its policy for the disposition of the
audit documentation after the expiration of the retention period.
STUDY QUESTION
3. The audit engagement letter, according to SAS 108, generally includes
which of the following elements as a responsibility of the auditor?
a. Communicating significant deficiencies in internal control to those
charged with governance.
b. Adjusting the financial statements to correct material misstatements.
c. Establishing and maintaining effective internal control over financial reporting.
d. Designing and implementing programs and controls to prevent
and detect fraud.
Preliminary Engagement Activities
At the beginning of the audit engagement, the auditor should perform procedures relating to the continuance of the client relationship and the specific
audit engagement, and should evaluate the auditor’s compliance with ethical
requirements. These procedures include consideration of:
Independence.
Management integrity.
Whether an understanding about the terms of the engagement has been
reached.
Ordinarily these initial procedures should be performed before other significant audit activities. As conditions and circumstances change during
the course of the audit, the auditor should continue to consider the client
continuance and ethical requirements.
Overall Audit Strategy and the Audit Plan
The overall audit strategy is the broad approach regarding how the audit will
be conducted. The audit plan is a more detailed map that describes the nature,
timing, and extent of audit procedures to be performed. The overall audit
strategy and developing the audit plan are not necessarily separate activities.
Changes in one may result in changes to the other.
Top_Aud_08_book.indb 56
8/30/2007 3:14:47 PM
MODULE 1 — CHAPTER 3 — Planning and Supervision
57
OBSERVATION
Overall audit strategy and audit plan are new terms in professional literature.
Previous Standards referred to them as the audit approach and the audit
program. Their meaning is unchanged.
Overall audit strategy. Developing an audit strategy helps the auditor
determine audit staffing, including the timing and management of audit
activities. In connection with establishing the overall audit strategy for the
audit, SAS 108 requires the auditor to address:
Characteristics of the engagement, including:
The basis of reporting.
Industry-specific reporting requirements.
Client locations.
Reporting objectives of the engagement, including:
Deadlines.
Dates for expected communications with management and those
charged with governance.
Significant factors affecting the audit team’s efforts, including:
Materiality levels.
Audit areas with higher risks of material misstatement.
Material locations.
Material account balances.
Evaluation of the planned extent of internal control tests, if any.
Recent significant entity-specific, industry, financial reporting, or
other relevant developments.
Results of preliminary engagement activities, such as:
Issues with management integrity.
Ethical and independence requirements.
Changes in circumstances that could require significant revisions to the
overall audit strategy.
OBSERVATION
SAS 108 notes that small audits do not require a complex strategizing
exercise or document, and states that a brief narrative memorandum
is sufficient.
The appendix to SAS 108 contains useful examples of matters that an auditor
may consider in establishing an audit strategy, including those affecting the
scope of the audit, reporting objectives, timing and communication.
Top_Aud_08_book.indb 57
8/30/2007 3:14:47 PM
58
TOP AUDITING ISSUES FOR 2008 CPE COURSE
STUDY QUESTION
4. The overall audit strategy is the detailed map that describes the nature, timing, and extent of audit procedures to be performed. True
or False?
Audit plan. After establishing an audit strategy, the auditor is ready to
develop a more detailed audit plan to address the matters identified in the
audit strategy and to achieve audit objectives. SAS 108 requires the audit
plan to include descriptions of:
The nature, timing, and extent of planned risk assessment procedures
sufficient to assess the risks of material misstatement, as discussed in
SAS 109.
The nature, timing, and extent of planned further audit procedures at
the relevant assertion level for each material class of transactions, account
balance, and disclosure, as discussed in SAS 110. The auditor should
provide a clear linkage between the understanding of the entity, the risk
assessments, and the design of further audit procedures.
Other audit procedures to be performed to comply with GAAS, such as
direct communication with the company’s attorney.
The auditor should update and document any significant revisions to the
original audit plan to respond to changes in circumstances.
STUDY QUESTION
5. Which of the following statements best applies to SAS 108’s requirements for the audit plan?
a. The original audit plan must not be altered or revised once it has
been established.
b. The audit plan should include a description of the nature, timing,
and extent of planned risk assessment procedures.
c. The audit plan should not discuss linkage between the understanding of the entity, the risk assessments, and the design of
further audit procedures.
d. The audit plan should include a description of the nature, timing,
and extent of planned further audit procedures to be applied only
at the level of the financial statements taken as a whole.
Involvement of Specialists
It may be necessary to consult a specialist in situations requiring specialized
knowledge. Examples include using a diamond expert when evaluating the
replacement cost of diamonds and an actuary for determining the appropriateness of the recorded value of insurance loss reserves.
Top_Aud_08_book.indb 58
8/30/2007 3:14:47 PM
MODULE 1 — CHAPTER 3 — Planning and Supervision
59
Specialists in general. The auditor should have a sufficient understanding
of the client’s business to recognize the need for a specialist. Proper planning
is necessary to make sure that a competent, and preferably an independent
specialist is available when needed. SAS No. 73, Using the Work of a Specialist,
establishes the requirements for selecting specialists and reviewing their work.
SAS 108 requires the auditor to consider whether specialized skills are
needed in performing the audit. If a specialist is to be used, the auditor should
determine whether the specialist will effectively function as a member of the
audit team. The auditor should supervise specialists that are part of the audit
team consistently with the auditor’s responsibilities for supervising other audit
assistants. In addition, in such circumstances, the auditor should:
Have sufficient knowledge and understanding of the scope and objectives
of the specialist’s work.
Evaluate whether the specified audit procedures will meet the audit
objectives.
Evaluate the results of the audit procedures performed as they relate to
the nature, timing, and extent of further planned audit procedures.
Information technology specialists. A client’s use of information technology
(IT) may affect any of the five components of internal control relevant to
the achievement of the entity’s financial reporting, operations, or compliance
objectives, and its operating units or business functions. The auditor should
consider whether specialized skills are needed to determine the effect of IT
on the audit, to understand the IT controls, or to design and perform tests
of IT controls or substantive tests. Considerations in determining whether
to engage an IT specialist include:
The complexity of the client’s systems and IT controls and how they are
used in the business.
Whether changes are made to existing systems and the significance of
such changes.
Whether new systems have been implemented.
The nature and extent of data shared among systems.
The nature and extent of the client’s participation in electronic commerce.
Whether the client uses emerging technologies.
The significance of audit evidence that is available only in electronic form.
Examples of audit procedures that might be assigned to an IT specialist
include:
Making inquiries about how data and transactions are initiated, authorized, recorded, processed and reported.
Making inquiries about how IT controls are designed.
Inspecting system documentation.
Observing the operation of IT controls.
Planning and performing tests of IT controls.
Top_Aud_08_book.indb 59
8/30/2007 3:14:47 PM
60
TOP AUDITING ISSUES FOR 2008 CPE COURSE
STUDY QUESTION
6. The responsibility for supervision of specialists that are part of the audit
team is consistent with the responsibility for supervising other audit
assistants. True or False?
Discussions with Management and Those Charged with Governance
SAS 108 permits and encourages the auditor to discuss certain elements of
audit planning with the client’s management and with those charged with
governance. These discussions generally include the overall audit strategy,
timeline for performing the audit and issuing the audit report, coordination of certain procedures (e.g., inventory observation) with the client’s
personnel, and preparation of audit schedules by the client. While this
communication facilitates the conduct of the audit, SAS 108 cautions the
auditor to not divulge sensitive detailed audit procedures that might jeopardize audit effectiveness by making audit procedures too predictable.
Additional Procedures for Initial Audits
Because the auditor generally lacks any previous experience with the client,
management, and those charged with governance, new audits require additional procedures. Before starting an initial audit SAS 108 requires the
auditor to:
Perform procedures regarding the acceptance of the client relationship
and the specific audit engagement.
Establish controls for deciding whether to accept a client relationship
and perform a specific engagement, in order to:
Minimize the likelihood of association with a client whose management lacks integrity.
Provide reasonable assurance that the firm undertakes only those
engagements that can be completed with professional competence.
Assure that the auditor considers the risks associated with providing
professional services in the particular circumstances.
Communicate with the previous auditor, where applicable. In evaluating a potential client that has been audited previously, the predecessor
auditor is a primary source of information about the client. SAS No. 84,
Communications Between Predecessor and Successor Auditors, requires the
successor auditor to communicate with the predecessor auditor. If the
successor auditor cannot obtain required information from the predecessor auditor because of client restrictions, the successor auditor should
consider the implications of such restrictions in evaluating whether to
accept the engagement.
Top_Aud_08_book.indb 60
8/30/2007 3:14:47 PM
MODULE 1 — CHAPTER 3 — Planning and Supervision
61
In developing the overall audit strategy and audit plan for an initial audit,
the auditor should consider additional matters including:
Arrangements to be made with the predecessor auditor.
Any major issues discussed with management or those charged with
governance involving the initial selection as auditors and how these issues
affect the overall audit strategy and audit plan.
The planned procedures to obtain audit evidence regarding opening
balances.
The assignment of personnel possessing the appropriate characteristics
and qualifications to enable them to perform competently and to successfully execute the engagement.
Other procedures required by the firm’s quality control system for initial
audit engagements.
EXAMPLE
Although not specifically dictated by SAS 108, the following are examples
of audit procedures that the auditor typically performs for initial audit
engagements:
Prepare or obtain a summary of shareholders’ equity or proprietary accounts, from inception if practicable, with particular attention to prior
reorganizations, revaluations of assets, issuance of stock for other than
cash, and other unusual equity transactions.
Establish the reasonableness of beginning balances for significant balance sheet accounts. For example, the auditor determines the basis
of the property accounts (both book and tax) and examines evidence
of title to at least the principal real estate. The auditor also determines
the propriety of the classifications used, the reasonableness of the accumulated allowances for depreciation and amortization, and whether
any significant amounts of properties are not used in operations.
Determine the origin of other continuing accounts, such as intangibles
and deferrals.
Review income tax returns and revenue agents’ reports for several years
to determine the adequacy of the recorded liability for taxes.
Review the articles of incorporation or partnership agreements and
related amendments.
Review the minutes of meetings of shareholders and directors for prior
years (e.g., the previous three years, and prior years, if it is considered
necessary).
Top_Aud_08_book.indb 61
8/30/2007 3:14:47 PM
62
TOP AUDITING ISSUES FOR 2008 CPE COURSE
STUDY QUESTION
7. Before starting an initial audit, SAS 108 requires the auditor to do all of
the following except:
a. Communicate with the previous auditor, where applicable.
b. Perform procedures regarding the acceptance of the client relationship and the specific audit engagement.
c. Consider the implications of client restrictions on communication
with the predecessor auditor.
d. Inspect the predecessor auditor’s audit documentation.
SUPERVISION
Assigning the appropriate staff to the engagement and directing the efforts
of assistants are important to meet GAAS and to promote audit efficiency.
Supervision also involves reviewing the audit effort and related audit
judgments made by assistants to determine whether they are appropriate.
SAS 108 indicates that elements of supervision include:
Instructing assistants.
Staying abreast of significant issues encountered during the audit.
Reviewing the work performed by assistants to determine that it is
adequate and that the results are consistent with the conclusions to be
presented in the auditor’s report.
Dealing with differences of opinion among firm personnel.
The timing and nature of supervision provided to assistants will vary greatly
depending upon the assistants’ experience and training, and the characteristics of the engagement.
Discussions and Communications with Assistants
SAS 108 requires certain communications with assistants in every audit. The
engagement partner should communicate to members of the audit team:
The susceptibility of the entity’s financial statements to material misstatement due to error or fraud, with special emphasis on fraud.
The need to maintain a questioning mind and to exercise professional skepticism in gathering and evaluating audit evidence throughout the audit.
The need to bring to the attention of the engagement partner accounting
and auditing issues raised during the audit that the assistant believes are
significant to the financial statements or auditor’s report.
The need to bring to the attention of appropriate individuals in the firm
difficulties encountered in performing the audit, for example:
Missing documents.
Limits on access to information sought by the audit team.
Client refusal to respond to auditor inquiries, or similar clientimposed restrictions.
Top_Aud_08_book.indb 62
8/30/2007 3:14:47 PM
MODULE 1 — CHAPTER 3 — Planning and Supervision
63
Their responsibilities and the objectives of audit procedures to be
performed.
Matters that may affect the nature, timing, and extent of audit procedures to be performed, such as the nature of the entity’s business and
possible accounting and auditing issues.
OBSERVATION
Reviews of audit documentation and financial statements are indispensable supervisory procedures. It is difficult, however, to supervise effectively
without the engagement partner’s involvement in all phases of the audit. This
involvement keeps the audit team focused on the big picture and significant
audit issues, helps avoid inefficient or ineffective auditing procedures, and
compensates for overauditing or underauditing tendencies on the part of
the assistants.
Reviewing the Work of Assistants
SAS 108 requires the work performed by each assistant, including the audit
documentation, to be reviewed to determine whether it was adequately
performed and documented and to evaluate the results relative to the conclusions that will be presented in the auditor’s report.
SAS 108 provides only general guidance on this subject. Therefore,
practices for reviewing engagements will vary depending on the size of
the firm and the complexity of the engagement. The review of work performed by assistants is ordinarily conducted by the engagement partner.
However, SAS 108 indicates that parts of the review may be delegated to
other assistants.
The primary objectives of the review are to determine whether:
The audit has been appropriately planned.
The scope of the audit is sufficient to support the auditor’s opinion on
the financial statements.
The audit has been conducted in accordance with firm and professional
standards.
Technical differences of opinion are addressed and documented in accordance with professional standards.
The accounting and auditing issues have been evaluated properly and
the financial statements meet accepted standards of presentation and
disclosure.
The firm’s audit report is appropriate.
SAS No. 103, Audit Documentation (SAS 103) provides additional guidance
on documenting the review of audit documentation.
Top_Aud_08_book.indb 63
8/30/2007 3:14:47 PM
64
TOP AUDITING ISSUES FOR 2008 CPE COURSE
OBSERVATION
Supervisory auditors often ask whether they need to initial every workpaper
in the file as evidence of their review. Neither SAS 108 nor SAS 103 make
this specific requirement. However, the documentation should specify which
workpapers were reviewed and by whom. There are many methods of doing
this. The documentation might take the form of a narrative memorandum
stating for example, that,
the detail workpapers for assets were reviewed by senior auditor
George Waterman, and the detail workpapers for liabilities and
equity by senior auditor Annette Proffitt. Audit Manager Edward
Forrest reviewed the lead sheets and adjustments for the balance
sheet as a whole, including the documentation of a significant
matter concerning inventory valuation.
Another efficient method of documenting supervisory review would be a
sign-off on the workpaper index, indicating which sections were reviewed
by whom.
STUDY QUESTIONS
8. Which of the following matters should the engagement partner communicate to audit assistants under the requirements of SAS 108?
a. The assistant’s responsibility to bring to management’s attention accounting issues raised during the audit that the assistant
believes are significant to the financial statements.
b. The need to bring to the engagement partner’s attention client-imposed restrictions on access to information necessary to perform
the audit.
c. The need to maintain a questioning mind and to exercise professional skepticism in gathering and evaluating audit evidence
throughout the audit.
d. The time budget for performing assigned audit procedures.
9. Which of the following statements best applies to the engagement
partner’s responsibility for reviewing the work of audit assistants?
a. The firm’s practice for reviewing engagements will vary depending
on the size of the firm and the complexity of the engagement.
b. The review of work performed by each assistant must be conducted by the engagement partner.
c. Each workpaper in the audit documentation file should contain a
sign-off indicating that it has been reviewed.
d. Audit assistants should not review each other’s work.
Top_Aud_08_book.indb 64
8/30/2007 3:14:48 PM
MODULE 1 — CHAPTER 3 — Planning and Supervision
65
Differences of Opinion
During an audit, differences of opinion may occur regarding the significance or implications of accounting and auditing issues. These differences
may surface during the course of the audit, including the supervision phase
of the engagement. Each assistant has a professional responsibility to voice
concerns about, and bring to the attention of appropriate individuals in the
firm, any disagreements or concerns the assistant might have with respect
to accounting and auditing issues he or she believes are significant to the
financial statements or auditor’s report.
Both the engagement partner and assistants should be aware of the
procedures to be followed when such differences of opinion exist. SAS 108
specifically states that procedures should allow assistants to document their
positions if they disagree with the way a particular accounting or auditing
issue was resolved. When such differences of opinion remain and an assistant
decides to disassociate from the resolution, SAS 108 requires that the basis
for the final resolution be documented.
Once this is done, an assistant who disagrees with the resolution of a particular accounting or auditing issue has met the requirements of professional
standards and, therefore, has no further responsibility for related decisions
made by supervisory personnel. The ability to dissociate is a key protection
that professional standards provide for professionals who have unresolved
differences of opinion.
OBSERVATION
In the wake of the well-publicized audit failures of the last decade, methods
of handling differences of professional opinion within an audit team have
come to the forefront as a serious concern from a personnel management
as well as an engagement performance standpoint in an audit firm’s quality
control system. In the past, some audit firms maintained an informal culture,
often at odds with the formal statements in their quality control policies and
procedures, that actively discouraged divergent opinions within an audit
team, and even informally sanctioned dissenters. It is now more important
than ever that firms maintain a positive “tone at the top,” which holds as
honorable the expression of differences of professional opinion, and which
protects those who express such differences from reprisal. Many firms, particularly larger ones, have gone so far as to establish special communication
channels outside their normal “chains of command,” similar to some of the
federal whistleblower hotlines, to enable audit assistants who believe that
their differences of opinion have not been satisfactorily resolved to communicate their concerns directly to senior firm management.
Top_Aud_08_book.indb 65
8/30/2007 3:14:48 PM
66
TOP AUDITING ISSUES FOR 2008 CPE COURSE
STUDY QUESTION
10. All of the following statements apply to the resolution of differences of
professional opinion under SAS 108 except:
a. Audit firms should have procedures to allow assistants to document their positions if they disagree with the resolution of a particular accounting or auditing issue.
b. Audit assistants have a professional responsibility to bring to the
attention of appropriate individuals in the firm any disagreements
or concerns they might have with respect to significant accounting
and auditing issues.
c. Assistants who dissent from the final resolution of disagreement
continue to have professional responsibility for the related decisions made by supervisory personnel.
d. Both the engagement partner and assistants should be aware of
the procedures to be followed when differences of professional
opinion exist in an audit.
DOCUMENTATION REQUIREMENTS
Unlike some of the other Risk Assessment Standards, SAS 108 does not
gather all of its documentation requirements into a single section. For the
sake of convenience and clarity those requirements, although discussed
in individual detail earlier in this chapter, are summarized below. SAS
108 requires:
A written engagement letter.
Documentation of significant revisions to the overall audit strategy to
respond to changes in circumstances.
A written audit plan.
Documentation of changes to the original audit plan.
Documentation of significant disagreements among the audit team, if
any, and their resolution.
OBSERVATION
Just because this Standard, or any other, does not state an explicit
requirement that a particular procedure or matter be documented
does not mean that documentation is not necessary. SAS 103, Audit
Documentation, contains detailed requirements and guidance on this
subject. One of its general presumptions is that audit documentation
should “stand on its own.” This is to say that another experienced auditor, without previous involvement in the engagement, should be able
to understand the audit methodology, procedures and conclusions by
reading the audit documentation, without additional oral explanations.
Top_Aud_08_book.indb 66
8/30/2007 3:14:48 PM
MODULE 1 — CHAPTER 3 — Planning and Supervision
67
The implication of this is clear: that all matters necessary for a complete
understanding of the engagement need to be presented in documentary
form. As a result, audit documentation in the future will likely contain a
great deal more narrative comments and memoranda.
CPE NOTE: When you have completed your study and review of chapters
1-3, which comprise this Module, you may wish to take the Quizzer for
the Module.
For your convenience, you can also take this Quizzer online at www.
cchtestingcenter.com.
Top_Aud_08_book.indb 67
8/30/2007 3:14:48 PM
171
TOP AUDITING ISSUES FOR 2008 CPE COURSE
Answers to Study Questions
MODULE 1 — CHAPTER 1
1. c. Correct. SAS 106 imposes an unconditional requirement to perform
risk assessment procedures to provide a satisfactory basis for the assessment
of risks at the financial statement and relevant assertion levels.
a. Incorrect. SAS 106 creates a presumptively mandatory, but not an
unconditional requirement for the auditor to perform additional audit
procedures to resolve significant inconsistencies in the information
obtained.
b. Incorrect. SAS 106 does not create an unconditional requirement for
the auditor to perform tests of internal controls. It does, however create
presumptively mandatory requirements to test internal control in two
circumstances: when the risk assessment includes an expectation of their
operating effectiveness, and when substantive procedures alone do not
provide sufficient appropriate audit evidence.
d. Incorrect. SAS 106 creates a presumptively mandatory, but not
an unconditional requirement for the auditor to perform substantive
procedures for all relevant assertions related to each significant class of
transactions, account balance, and disclosure. There is no requirement to
perform substantive procedures on insignificant classes of transactions,
account balances, or disclosures.
2. b. Correct. SAS 106 creates an unconditional requirement, rather than
a presumptively mandatory requirement, that the auditor perform risk
assessment procedures to provide a satisfactory basis for the assessment of
risks at the financial statement and relevant assertion levels.
a. Incorrect. Performing additional audit procedures to resolve significant
inconsistencies in the information obtained is a presumptively mandatory
requirement of SAS 106.
c. Incorrect. Consideration of the sufficiency and appropriateness of audit
evidence to be obtained when assessing risks and designing further audit
procedures is a presumptively mandatory requirement of SAS 106.
d. Incorrect. Determining the source of likely potential misstatements in
each significant class of transactions, account balance, and presentation
and disclosure, in order to identify relevant assertions is a presumptively
mandatory requirement of SAS 106.
Top_Aud_08_book.indb 171
8/30/2007 3:14:56 PM
172
TOP AUDITING ISSUES FOR 2008 CPE COURSE
3. False. Correct. The information contained in underlying accounting records
is not in itself sufficient to support an opinion on the financial statements, but
it nonetheless is included in as a component of audit evidence.
True. Incorrect. SAS 106 states that audit evidence includes the information
contained in the accounting records underlying the financial statements.
In order to express an unqualified opinion on financial
statements, SAS 106 requires only that the accumulation of evidence be
persuasive, not conclusive. A requirement to provide conclusive evidence
for an audit opinion would in most cases be unattainable and uneconomical
because it would require reducing audit risk to zero, and would ignore
economic limits.
a. Incorrect. While risk assessment procedures by themselves are not
sufficient evidence to support an opinion, SAS 106 states that when
combined with the results of further audit procedures, they provide audit
evidence that ultimately supports an opinion.
b. Incorrect. SAS 106 states that audit evidence should be capable of
proving or disproving an assertion that the client makes in its financial
records. Evidence that was capable of neither would not be relevant.
d. Incorrect. SAS 106 correlates the term “sufficient” with the quantity of
the evidence, and “appropriate” with its quality.
4. c. Correct.
5. d. Correct. Audit evidence obtained from an independent knowledgeable
source outside the entity, such as a confirmation from an independent third
party, is usually considered more reliable than evidence obtained from
within the entity.
a. Incorrect. Audit evidence in that exists in documentary form is usually
considered to be more reliable that an oral representation.
b. Incorrect. Audit evidence that is developed under effective internal
controls is usually considered to be more reliable than evidence developed
under ineffective internal controls.
c. Incorrect. Audit evidence obtained indirectly or by inference generally is
considered less reliable than evidence obtained directly by the auditor.
6. a. Correct. Selecting a sample of shipping documents, using the shipping
documents as the population and comparing them to the related duplicate
sales invoices to determine if the customers had been billed provides relevant
evidence about the completeness assertion because it directly correlates
shipping to invoicing.
b. Incorrect. Depending on how the sample was selected and how the
confirmation was designed, selecting a sample of duplicate sales invoices,
using the sales invoices as the population and confirming them with the
customer might or might not be effective in proving or disproving the
Top_Aud_08_book.indb 172
8/30/2007 3:14:56 PM
ANSWERS TO STUDY QUESTIONS — Module 1 — Chapter 1
173
completeness of invoicing. A random sample by invoice number, for
example, would be ineffective for this purpose because it would not give
the customer a complete list of invoices, and would not effectively address
the question of whether the customer had received shipments that had
not been invoiced. On the other hand, confirmations based on a sample
of invoices by customer, listing all invoices for a period, and asking the
customer to verify that no uninvoiced shipment had occurred could be
effective. In either case, however, other procedures would likely be more
effective for this purpose.
c. Incorrect. Selecting a sample of duplicate sales invoices, using the
sales invoices as the population, and tracing them to the related shipping
documents is ineffective for this purpose because it asks the wrong question.
This procedure asks whether sales that have been invoiced were in fact
shipped, and would be appropriate for addressing the cutoff assertion. Since
it starts with sales that the auditor already knows have been invoiced, it
does nothing to prove or disprove that all shipments have been invoiced.
d. Incorrect. Comparing the number of shipping documents over a period
of time with the number of invoices for the same period would be unlikely
to provide relevant evidence in this case for two reasons: first, shipping and
invoicing may not necessarily occur within the same period, and second,
multiple shipments may be invoiced on the same invoice.
7. a. Correct. SAS 106 groups the 13 assertions into three broad categories:
classes of transactions and events, account balances, presentation and
disclosure.
b. Incorrect. Completeness, occurrence, rights and obligations, valuation/
allocation, and presentation and disclosure are the relevant assertions that
were identified in previous auditing Standards. All of these assertions
reappear in SAS 106 under one or more of three broad categories.
c. Incorrect. Completeness, classification and understandability, accuracy
and valuation are the relevant assertions listed by SAS 106 under the broad
category of account balances.
d. Incorrect. Occurrence, completeness, accuracy, cutoff, and classification
are the relevant assertions listed by SAS 106 under the broad category of
classes of transactions and events.
8. c. Correct. Consistent with the emphasis placed on the consideration
of revenue recognition by SAS 99, the cutoff assertion reflects the need for
auditors to pay close attention to the risk of cutoff errors or manipulations
giving rise improper revenue recognition.
a. Incorrect. Consideration of completeness will not effectively address the
cutoff assertion unless it is paired with consideration of occurrence.
Top_Aud_08_book.indb 173
8/30/2007 3:14:56 PM
174
TOP AUDITING ISSUES FOR 2008 CPE COURSE
Consideration of occurrence will not effectively address the
cutoff assertion unless it is paired with consideration of completeness.
d. Incorrect. SAS 106 give auditors some discretion in how they characterize
the relevant assertions in their audit documentation. It does not require
that any of the assertions be expressly characterized in particular terms, as
long as all of their aspects have been covered.
b. Incorrect.
9. d. Correct. While all material numbers contained in the disclosures
should have support within the audit documentation, there is no specific
requirement to cross-reference each of them to the audit documentation.
a. Incorrect. SAS 106 places renewed emphasis on the importance of
clarity and understandability in financial statement disclosures. Auditors
will therefore be required to consider these matters in connection with
evaluating financial statement presentation and disclosures.
b. Incorrect. Because management’s quantitative or qualitative judgments
affecting the content of particular disclosures are particularly sensitive areas,
auditors will need to give them increased consideration.
c. Incorrect. Non-financial information contained in the disclosures
may be important to the users of those statements. The auditor therefore
needs to gather evidence supporting significant non-financial information
contained in the disclosures.
10. c. Correct. Auditors evaluate materiality in connection with account
balances, transaction classes, and issues of presentation and disclosure, as
well as at the financial statement level. An assertion can be either relevant
or irrelevant regardless of the materiality of the particular account balance,
transaction class, or disclosure. For this reason, determining whether
an assertion is relevant is independent of whether the related balance,
transaction class or disclosure is material.
a. Incorrect. In determining whether a particular assertion is relevant,
SAS 106 requires the auditor to evaluate the nature and complexity of the
systems used to process and control information supporting the assertion.
b. Incorrect. SAS 106 requires the auditor to evaluate the nature of an
assertion in determining whether it is relevant.
d. Incorrect. SAS 106 states that an auditor should evaluate the volume of
transactions or data related to the assertion in determining if the assertion
is relevant.
11. d. Correct. Large volumes of repetitive electronic transactions lend
themselves to processing under a uniform set of IT controls. Thus, testing
of these controls would likely be an effective audit procedure. In addition,
this type of transaction may not always generate a paper trial that would
lend itself to detail testing. Under this circumstance, testing of controls
would be necessary to provide sufficient audit evidence.
Top_Aud_08_book.indb 174
8/30/2007 3:14:56 PM
ANSWERS TO STUDY QUESTIONS — Module 1 — Chapter 1
175
Large real estate transactions typically generate a great deal
of documentation. When there are few such transactions, substantive tests
of details, in the form of inspection of those documents, would usually be
the most effective audit approach. Tests of controls would thus not usually
be necessary.
b. Incorrect. Occupancy costs such as rent, utilities and property taxes are
usually predictable between periods within a stable business entity. These
transactions would most likely lend themselves to testing with substantive
analytical procedures such as trend analyses. For this reason, it would not
usually be necessary to test internal controls over these transactions.
c. Incorrect. Developing an understanding of the entity and its
environment, including its internal control is a risk assessment procedure.
Testing of internal controls, if necessary, would ordinarily occur after an
understanding of the controls had been developed.
a. Incorrect.
12. b. Correct. SAS 106 states as a presumptively mandatory requirement
that substantive procedures should be performed in all audits for all relevant
assertions related to each material class of transactions, account balance,
and disclosure regardless of the assessed risk of material misstatement.
a. Incorrect. There is no requirement to apply substantive procedures to
immaterial classes of transactions, account balances or disclosures.
c. Incorrect. Substantive procedures performed on each material class of
transactions, account balance, and disclosure may include tests of details
and substantive analytical procedures. There is no requirement, however,
that both be performed when only one is necessary to provide sufficient
appropriate evidence.
d. Incorrect. Substantive procedures are performed to detect material
misstatements down to the relevant assertion level, which is below the
transaction class, account balance and disclosure level.
13. b. Correct. Inspection of actual items of physical inventory provides
persuasive evidence as to the existence of those items.
a. Incorrect. Absent other corroborative evidence, inquiry does not by
itself provide persuasive evidence about any of the financial statement
assertions.
c. Incorrect. Analytical procedures might, in combination with other audit
procedures, provide useful evidence about valuation or completeness of
inventory. They would not likely provide evidence about its existence.
d. Incorrect. Recalculation would normally be used to provide evidence
about such assertions as accuracy or valuation. It would not usually provide
support for the existence assertion.
Top_Aud_08_book.indb 175
8/30/2007 3:14:57 PM
176
TOP AUDITING ISSUES FOR 2008 CPE COURSE
14. False. Correct. There is no requirement to use substantive analytical
procedures in audits.
True. Incorrect. Analytical procedures must be used in the planning and
final evaluation stages of all audits. These analytical procedures, however,
should not be confused with substantive analytical procedures, which may
be used in combination with tests of details or tests of controls to provide
audit evidence about balances, transactions or disclosures.
Because confirmations involve obtaining statements from
third parties, they are most effective in providing information about
assertions that those parties are likely to have knowledge about, such as the
existence of a receivable or a quantity of consigned inventory, and rights
and obligations of that party.
b. Incorrect. Third party vendors or customers would likely have good
information about the cost of an item or the face amount of a receivable
or payable, but this is not the same as its valuation. Questions of valuation
usually require information from within the entity, thus, confirmations
would not ordinarily be used as evidence for this assertion.
c. Incorrect. Confirmations may provide information that helps auditors
evaluate classification and understandability. However, this assertion would
more often be addressed through gathering and evaluating information
from with the entity.
d. Incorrect. While confirmations may contain information that helps
auditors evaluate accuracy, this assertion would more often be tested
primarily by such procedures as recalculation or inspection of documents.
15. a. Correct.
MODULE 1 — CHAPTER 2
1. b. Correct. Evaluating whether the financial statements taken as a whole
are free of material misstatement is the most important aspect of any audit,
and is listed in SAS 107 as an unconditional requirement.
a. Incorrect. Performing risk assessment procedures at both the financial
statement and account balance, transaction class and disclosure levels is
listed in SAS 107 as a presumptively mandatory requirement rather than as
an unconditional requirement.
c. Incorrect. Having an appropriate basis for the assessment of the risk of
material misstatement at the relevant assertion level is listed in SAS 107 as
a presumptively mandatory requirement rather than as an unconditional
requirement.
d. Incorrect. Determining a materiality level for the financial statements
taken as a whole is listed in SAS 107 as a presumptively mandatory
requirement rather than as an unconditional requirement.
Top_Aud_08_book.indb 176
8/30/2007 3:14:57 PM
ANSWERS TO STUDY QUESTIONS — Module 1 — Chapter 2
177
Determining one or more levels of tolerable misstatement
lower than the materiality level is a presumptively mandatory requirement
of SAS 107.
a. Incorrect. SAS 107 does not require the auditor to accumulate all
known misstatements, because this could lead to an aggregation of many
trivial misstatements that would have no practical significance to the audit.
It does, however, state an unconditional requirement to accumulate all
known and likely misstatements other than trivial amounts.
b. Incorrect. Communicating all known and likely misstatements,
other than trivial amounts, to the appropriate level of management is an
unconditional requirement of SAS 107.
d. Incorrect. Considering the effects, individually and in the aggregate, of
known and likely misstatements that are not corrected is an unconditional
requirement of SAS 107.
2. c. Correct.
3. a. Correct. Prior period’s budgets or forecasts would not likely be relevant
to the current audit for purposes of determining materiality, and therefore
would not ordinarily be considered.
b. Incorrect. Significant changes in the client’s circumstances can affect
perceptions of materiality. SAS 107 lists this as a factor that should be
considered when determining materiality.
c. Incorrect. Prior periods’ financial statements may contain benchmarks
that are useful in determining materiality. SAS 107 lists this as a factor that
should be considered.
d. Incorrect. Changes of conditions in the client’s industry may provide
information that influences perceptions about materiality. SAS 107 lists
this as a factor that should be considered.
SAS 107 states a presumptively mandatory requirement to
consider audit risk in relation to the relevant assertions at both the financial
statement level and the account balance, transaction class and disclosure
level.
b. Incorrect. The financial statement materiality level and the tolerable
misstatement level relate to the determination of materiality rather than to
the consideration of audit risk.
c. Incorrect. SAS 107 requires consideration of audit risk in relation to the
relevant assertions at the financial statement level as well as at the account
balance, transaction class and disclosure level.
d. Incorrect. The tolerable misstatement level relates to the determination
of materiality, not the assessment of risk.
4. a. Correct.
Top_Aud_08_book.indb 177
8/30/2007 3:14:57 PM
178
TOP AUDITING ISSUES FOR 2008 CPE COURSE
5. d. Correct. Detection risk is the auditor’s risk because it is the auditor’s
responsibility to detect material misstatements.
a. Incorrect. The risk of material misstatement is the combined assessment
of inherent and control risk. Both inherent and control risks are client risks,
therefore the risk of material misstatement is also a client risk.
b. Incorrect. It is the client’s responsibility to implement and maintain
systems of internal control. Control risk therefore is the client’s risk.
c. Incorrect. Inherent risk is a product of many factors that influence the
client’s business, such as its industry, and general economic conditions. The
property of inherent risk attaches to the client’s financial statements and
components of the financial statements regardless of control risk. It is the
client’s risk, not the auditor’s.
6. c. Correct. SAS 107 states that a trivial misstatement is an amount designated
by the auditor below which misstatements need not be accumulated.
If it is probable that the judgment of a reasonable person
relying on the information would have been changed or influenced by the
misstatement, it is a material misstatement.
b. Incorrect. It is the auditor’s role, not management’s, to designate an
amount below which such misstatements, individually or in the aggregate,
would not be material to the financial statements.
d. Incorrect. It is the auditor’s role, not management’s, to designate an
amount below which such misstatements, individually or in the aggregate,
would not be material to the financial statements. Auditors are required
to summarize uncorrected misstatements and to communicate them to
management. In most cases management agrees, in the representation letter,
that they are not material, however, trivial misstatements as designated by
the auditor would not be posted to this summary.
a. Incorrect.
7. b. Correct. Even when planning not to rely on a control, and to assess
control risk at maximum, the auditor must have sufficient understanding
of the control to have a basis for that assessment.
a. Incorrect. SAS 107 intends that audit procedures to be performed be
specifically linked to assessed risks.
c. Incorrect. Regardless of the auditor’s intention to rely or not to rely on
controls, the auditor should develop an understanding of controls sufficient
to support an assessment of maximum control risk.
d. Incorrect. Controls need not be tested unless the auditor plans to rely
on them.
8. c. Correct. SAS 107 states that it is not ordinarily feasible for the auditor
to consider the individual needs of all financial statement users, because
their needs may vary so greatly.
Top_Aud_08_book.indb 178
8/30/2007 3:14:57 PM
ANSWERS TO STUDY QUESTIONS — Module 1 — Chapter 2
179
a. Incorrect. SAS 107 makes a number of assumptions about the competence
and diligence of financial statement users, one of which is their willingness
to study the statements with appropriate diligence.
b. Incorrect. SAS 107 assumes that financial statement users have appropriate
knowledge of business and economic activities and accounting.
d. Incorrect. Under SAS 107, financial statement users are assumed to
recognize that there are uncertainties inherent in the accounting estimates
and judgments used in preparing the financial statements.
9. False. Correct.
Since auditing is a process in which misstatements
may be discovered, the benchmarks used for determining materiality in
the planning phase may change during the audit. Thus, perceptions
of materiality may change, and different levels may be appropriate for
evaluating audit results.
True. Incorrect. The materiality levels that the auditor sets in the planning
phase of the audit need not be used in evaluating the audit results.
In profit-making businesses, a benchmark based on results
of operations is usually appropriate for determining materiality. However
in this case, if that benchmark included the expense for the owners’
compensation, it would likely result in a lower amount than necessary to
provide reasonable assurance of detecting material misstatement, and thus
cause an inefficient audit. Pre-tax income before owners’ compensation
would therefore be a more appropriate benchmark.
b. Incorrect. Pre-tax income in such a corporation may be artificially
low due to the owners’ compensation. This would cause materiality levels
determined based on this benchmark to be artificially low, and could lead
to an inefficient audit.
c. Incorrect. Using any benchmark of income that includes owners’
compensation expense could lead to artificially low materiality levels and
an inefficient audit. Also, in a consistently profitable business, a benchmark
based on current year operations would likely be more relevant than one
that includes prior years.
d. Incorrect. In most cases, a benchmark based on results of operations, rather
than on assets, is the most useful for determining materiality in a profitmaking business. This is because results of operations are usually the most
important financial statement component to the users of the statements.
10. a. Correct.
11. False. Correct. SAS 107 requires auditors to communicate both known
and likely misstatements to management.
True. Incorrect. Communicating only known misstatements to management
would frustrate one of the purposes of the Risk Assessment Standards, which
is to create more responsibility on management’s part for evaluating and
correcting misstatements.
Top_Aud_08_book.indb 179
8/30/2007 3:14:57 PM
180
TOP AUDITING ISSUES FOR 2008 CPE COURSE
12. d. Correct. SAS 107 allows auditors to consider either the income
statement or the ending balance sheet effects of prior period misstatements,
or to take both into account.
a. Incorrect. SAS 107 contains no unconditional requirement for auditors
to consider the effect of all current and prior period misstatements that
flow through the current period’s income statement.
b. Incorrect. It is true that auditors may consider the cumulative effect on
the ending balance sheet. However, SAS 107 also states that the income
statement approach or a combined consideration of both balance sheet
and income statement effects are acceptable methods. Therefore, it is not
correct to say that the cumulative effect on the ending balance sheet is the
auditor’s primary focus.
c. Incorrect. Under SEC requirements, auditors must consider both
the income statement and ending balance sheet effects of prior period
misstatements. This is not true under SAS 107.
Certain misstatements may have significance even though
they do not exceed quantitative thresholds for materiality. This is particularly
true of misstatements that involve potential fraud or illegal acts, or that
cause misstatement of items that are known to be of particular concern to
financial statement users.
a. Incorrect. SAS 107 states that auditors may not rely solely on quantitative
benchmarks to assess whether an item is material. While quantitative
thresholds may provide a basis for a preliminary assumption about whether
an item is material, they are not a substitute for full analysis.
c. Incorrect. SAS 107 requires auditors to consider the likelihood of a
currently immaterial misstatement, such as an accrual or deferral, becoming
material to future periods through cumulative effects.
d. Incorrect. Misclassifications between current and non-current assets are
potentially significant misstatements, from a qualitative standpoint, even
when they are lower than quantitative materiality thresholds, because they
may affect working capital and the related ratios. This information is often
significant if, for example, it causes a violation of a loan covenant.
13. b. Correct.
SAS 107 contains a requirement for auditors to document
the basis on which materiality, as well as tolerable misstatement, were
determined.
b. Incorrect. Auditors are required to document materiality at the tolerable
misstatement level, which applies to account balances, transactions classes
and disclosures.
c. Incorrect. Auditors are required to document changes made to materiality
levels during the audit.
14. a. Correct.
Top_Aud_08_book.indb 180
8/30/2007 3:14:57 PM
ANSWERS TO STUDY QUESTIONS — Module 1 — Chapter 3
181
d. Incorrect. Audit documentation should include consideration of the
effects of uncorrected misstatements from prior periods on the current
period’s financial statements.
15. c. Correct. The summary of uncorrected misstatements should include
consideration of their aggregate effects, including impact on significant
financial statement totals or subtotals, such as current assets and liabilities,
working capital, gross sales or gross margin.
a. Incorrect. Auditors are required under SAS 107 to consider both known
and likely uncorrected misstatements.
b. Incorrect. Auditors are required under SAS 107 to summarize uncorrected
misstatements in a way that facilitates separate consideration of known and
likely misstatements.
d. Incorrect. Auditors are required under SAS 107 to document a conclusion
as to the materiality of uncorrected misstatements, both individually and
in the aggregate.
MODULE 1 — CHAPTER 3
1. c. Correct. SAS 108 states as an unconditional requirement that the
auditor must develop an audit plan which documents the audit procedures
that are expected to reduce audit risk to an acceptably low level.
a. Incorrect. SAS 108’s requirement for the auditor to update and
document specific revisions to the audit strategy to respond to changes in
circumstances is a presumptively mandatory, rather than an unconditional
requirement.
b. Incorrect. The requirement to review the work performed by each
assistant to determine that it was adequately performed and documented
and to evaluate its results is presumptively mandatory, not unconditional.
d. Incorrect. The requirement to consider whether specialized skills
are needed to perform the audit is presumptively mandatory, not
unconditional.
SAS 108 states as a presumptively mandatory requirement
that the auditor must establish and document in a written engagement
letter an understanding with the client for each audit.
a. Incorrect. The requirement to properly supervise any assistants is an
unconditional requirement.
b. Incorrect. SAS 108’s requirement for the auditor to plan the audit so that
it is responsive to the assessment of the risk of material misstatement based
on the auditor’s understanding of the client and its environment, including
its internal control is an unconditional, rather than a presumptively
mandatory requirement.
2. c. Correct.
Top_Aud_08_book.indb 181
8/30/2007 3:14:57 PM
182
TOP AUDITING ISSUES FOR 2008 CPE COURSE
SAS 108 does not require the auditor to refrain from
accepting an audit engagement at or near the close of the fiscal year. It does
state, however, that the auditor should perform certain procedures before
accepting an audit engagement at or near the close of the fiscal year.
d. Incorrect.
3. a. Correct. Communicating significant deficiencies in internal control
to those charged with governance is one of the auditor responsibilities that
is generally included in an engagement letter.
b. Incorrect. Adjusting the financial statements to correct material
misstatements is management’s responsibility. The auditor, however, is
required to communicate to management known and likely misstatements
discovered in the audit.
c. Incorrect. Establishing and maintaining effective internal control over
financial reporting is management’s responsibility. The auditor, however,
is required to gain an understanding of the client’s internal control over
financial reporting.
d. Incorrect. Designing and implementing programs and controls to
prevent and detect fraud is a management responsibility. However, as a part
of gaining an understanding of the client’s environment and controls, the
auditor considers programs and controls to prevent and detect fraud.
4. False. Correct. A detailed map describing the nature, timing, and extent
of audit procedures to be performed is the definition of the audit plan,
rather than the overall audit strategy.
True. Incorrect. The overall audit strategy is the broad approach regarding
how the audit will be conducted.
SAS 108 requires the audit plan to include a description of
the nature, timing, and extent of planned risk assessment procedures.
a. Incorrect. SAS 108 actually requires the opposite; that the original audit
plan be revised to respond to changes in circumstances.
c. Incorrect. The audit plan should provide a clear linkage between the
understanding of the entity, the risk assessments, and the design of further
audit procedures.
d. Incorrect. The audit plan should include a description of the nature,
timing, and extent of planned further audit procedures to be applied down
to the relevant assertion level.
5. b. Correct.
SAS 108 requires that specialists on an audit team be
supervised in a manner consistent with other audit assistants.
False. Incorrect. SAS 108 does not make a distinction between
specialists and other members of the audit team in terms of their need for
supervision.
6. True. Correct.
Top_Aud_08_book.indb 182
8/30/2007 3:14:57 PM
ANSWERS TO STUDY QUESTIONS — Module 1 — Chapter 3
183
There is no specific requirement in SAS 108 or elsewhere
in professional Standards to inspect the predecessor auditor’s audit
documentation. Many successor auditors, however, request to view or
make copies or abstracts of certain pieces of the predecessor’s workpapers,
to facilitate the performance of the audit.
a. Incorrect. Communication with the previous auditor, where applicable,
is a specific requirement of SAS 108.
b. Incorrect. SAS 108 requires the auditor to perform procedures
regarding the acceptance of a new client relationship and the specific audit
engagement.
c. Incorrect. When a prospective audit client places restrictions on
communication between predecessor and successor auditors, the successor
should consider the implications in evaluating whether to accept the
engagement.
7. d. Correct.
8. c. Correct. The engagement partner should emphasize to audit assistants
the need to maintain a questioning mind and to exercise professional
skepticism in gathering and evaluating audit evidence throughout the
audit, both in the planning stage and throughout the engagement.
a. Incorrect. Audit assistants should bring accounting issues raised during
the audit that the assistant believes are significant to the financial statements
to the attention of the engagement partner. Significant accounting issues
impacting the financial statements should also be communicated to
management, although the channel for this communication is a matter of
firm policy. Ordinarily, assistants would be expected to bring the matter to
the engagement partner’s attention before it is communicated to the client.
b. Incorrect. Audit assistants should be reminded of the need to bring
client-imposed restrictions on access to information necessary to perform
the audit to the attention of appropriate persons within the firm. Ordinarily
this would be a person on the level of a field supervisor. Such matters would
not ordinarily be brought directly to the engagement partner’s attention as
a first resort except in small engagements.
d. Incorrect. Although it would be unusual for the engagement partner
not to communicate the time budget for performing an engagement to
assistants, there is no requirement in professional Standards to do so.
The firm’s practice for reviewing engagements will vary
depending on the size of the firm and the complexity of the engagement.
For complex engagements, large firms ordinarily have three tiers of review,
at the senior audit staff, audit manager and engagement partner level.
In smaller firms, the engagement partner may work one-on-one with an
assistant, or may have no assistants.
9. a. Correct.
Top_Aud_08_book.indb 183
8/30/2007 3:14:57 PM
184
TOP AUDITING ISSUES FOR 2008 CPE COURSE
b. Incorrect. SAS 108 permits the engagement partner to delegate the
review of portions of the work of assistants. The engagement partner
nonetheless has final responsibility to see that the work of assistants has
been properly reviewed.
c. Incorrect. There is no specific requirement in SAS 108 for each
workpaper in the audit documentation file to be signed-off as an indication
that it has been reviewed.
d. Incorrect. Since SAS 108 permits the engagement partner to delegate
the review of portions of the work of assistants, it is incorrect that audit
assistants should not review each other’s work.
10. c. Correct. Assistants who dissent from the final resolution of a
disagreement have no further responsibility for related decisions made by
supervisory personnel once their dissent is documented.
a. Incorrect. Audit firms are required under SAS 108 to have procedures
that allow assistants to document their positions if they disagree with the
resolution of accounting or auditing issues in an engagement.
b. Incorrect. Audit assistants are responsible under SAS 108 to make known
to appropriate individuals in the firm any disagreements or concerns they
might have concerning significant accounting and auditing issues.
d. Incorrect. The engagement partner and assistants should all be aware
of the firm’s procedures for resolving differences of professional opinion in
an audit.
MODULE 2 — CHAPTER 4
Consistent with the overall philosophical goals of the Risk
Assessment Standards as a whole, auditors are required under SAS 109 to
use the results of their risk assessment in determining the nature, timing
and extent of further audit procedures.
a. Incorrect. Auditors need to perform tests of controls only when the risk
assessment is based on an expectation that they are operating effectively.
b. Incorrect. Analytical procedures are more often used as part of the
auditor’s risk assessment process itself in the planning stages of an audit.
Their results, as a part of that process, might be used in designing substantive
analytical procedures to be used as further audit procedures.
d. Incorrect. Inquiry about business risks that management has identified is
ordinarily included as a part of the risk assessment procedures themselves.
1. c. Correct.
Ordinarily an audit concerns itself primarily with those
internal controls that are relevant to the financial reporting process.
Internal controls over production scheduling, according to SAS 109, do
not normally fall into this category. Auditors would not usually obtain an
understanding of these controls unless they were deemed relevant to the
financial reporting or auditing process.
2. b. Correct.
Top_Aud_08_book.indb 184
8/30/2007 3:14:57 PM
219
TOP AUDITING ISSUES FOR 2008 CPE COURSE
Quizzer Questions: Module 1
Answer the True/False questions by marking a “T” or “F” on the Quizzer
Answer Sheet. Answer Multiple Choice questions by indicating the appropriate letter on the Answer Sheet.
1.
Which of the following is an unconditional requirement of SAS 106?
The auditor must determine the relevance of each of the financial
statement assertions for each significant class of transactions, account balance, and presentation and disclosure.
b. Risk assessment procedures must be supplemented by further audit
procedures in the form of substantive procedures and, when relevant
or necessary, tests of controls.
c. Relevant assertions must be used in assessing risks by considering
the types of misstatements that might arise and designing further
audit procedures to respond to those risks.
d. The auditor must determine the source of likely potential misstatements in each significant class of transactions, account balance, and
presentation and disclosure, in order to identify relevant assertions.
a.
2.
Which of the following is a presumptively mandatory requirement of
SAS 106?
The auditor should evaluate the nature of the assertion, volume of
transactions or data, and the nature and complexity of systems in
determining whether particular assertions are relevant to a significant account balance or disclosure.
b. The auditor should obtain sufficient appropriate audit evidence
by performing audit procedures to afford a reasonable basis for the
audit opinion.
c. The auditor should perform risk assessment procedures to provide
a satisfactory basis for the assessment of risks at the financial statement and relevant assertion levels.
d. The auditor should not be satisfied with evidence that is less than
persuasive.
a.
Top_Aud_08_book.indb 219
8/30/2007 3:15:00 PM
220
TOP AUDITING ISSUES FOR 2007 CPE COURSE
3.
All of the following statements apply to audit evidence except:
Audit evidence includes the information contained in the accounting records underlying the financial statements.
b. Audit evidence should be capable of proving or disproving an assertion made by the client in its financial records.
c. In order to express an unqualified opinion on financial statements,
the accumulation of evidence must be persuasive.
d. Sufficiency refers to the quality of audit evidence.
a.
4.
The results of risk assessment procedures provide audit evidence that
supports the auditor’s opinion, without the need for further auditing
procedures. True or False?
5.
Which of the following statements best applies to the reliability of audit
evidence as discussed in SAS 106?
Audit evidence obtained by inquiry is equally reliable as evidence
obtained by the auditor’s direct observation.
b. The reliability of audit evidence is independent of the internal
controls under which it developed.
c. Original documents are more reliable than photocopies.
d. Controls over the preparation and maintenance of electronic documentation do not affect its reliability.
a.
6.
Which of the following audit procedures is likely to be most effective
in providing relevant audit evidence to prove or disprove the client’s
rights and obligations assertions concerning a lease agreement?
a.
b.
c.
d.
7.
Inspection of the leased premises
Substantive analytical procedures
Inspection of the lease agreement
Inquiry of management
All of the following assertions fall under the “presentation and disclosure” category of assertions except:
a.
b.
c.
d.
Top_Aud_08_book.indb 220
Completeness
Occurrence and rights and obligations
Existence
Classification and understandability
8/30/2007 3:15:00 PM
QUIZZER — Module 1
8.
221
Which of the following statements best applies to the auditor’s use of
the relevant assertions described in SAS 106?
The assertions should be used exactly as described in SAS 106.
Auditors may substitute other assertions at their discretion.
Auditors may express relevant assertions differently provided that
all the aspects described by SAS 106 are covered.
d. The assertions should be combined when feasible.
a.
b.
c.
9.
Which of the following assertions falls under the “classes of transactions
and events” category?
a.
b.
c.
d.
10.
To determine whether a particular assertion is relevant for purposes of
assessing the risks of material misstatements in financial statements,
auditors should evaluate which of the following factors?
a.
b.
c.
d.
11.
Cutoff
Existence
Valuation and allocation
Clarity and understandability
The susceptibility of the assertion to fraud.
The likelihood that the assertion is misstated.
The materiality of the assertion.
The volume of transactions or data related to the assertion.
Tests of the operating effectiveness of internal controls would likely be
unnecessary in which of the following circumstances?
For large volumes of repetitive electronic transactions that leave no
paper trail.
b. For occupancy costs such as rent, utilities and property taxes in a
stable business entity.
c. When the risk assessment includes an expectation of the operating
effectiveness of controls.
d. When substantive procedures alone do not provide sufficient appropriate audit evidence.
a.
Top_Aud_08_book.indb 221
8/30/2007 3:15:00 PM
222
TOP AUDITING ISSUES FOR 2007 CPE COURSE
12.
According to SAS 106, substantive procedures must be performed in
all audits for all relevant assertions related to:
Each material class of transactions, account balance, and disclosure.
All classes of transactions, account balances, and disclosures.
All classes of transactions, account balances, and disclosures where
controls are not tested.
d. Each material class of transactions, account balance, and disclosure that is assessed at more than moderate risk of material
misstatement.
a.
b.
c.
13.
Which of the following audit procedures would be likely to provide the
most persuasive evidence in support of the existence assertion made by
the client in the mortgage debt disclosure to the financial statements?
a.
b.
c.
d.
Inspection of the mortgage note
Inquiries of management
Written confirmation with the creditor
Completion of a comprehensive disclosure checklist
14.
Analytical procedures alone may provide sufficient evidence to support
small account balances. True or False?
15.
Which of the following statements best applies to the use of inquiry as
an audit procedure?
Inquiries are not useful in testing presentation and disclosure
assertions.
b. Client inquiries usually cannot be regarded as conclusive evidence.
c. Replies to client inquiries in the form of written management representations are no more reliable than representations made orally.
d. All inconsistencies in information obtained through inquiry should
be resolved.
a.
16.
SAS 107 lists which of the following as an unconditional requirement?
Performing the audit to obtain absolute assurance that the financial
statements taken as whole are free of material misstatement.
b. Having an appropriate basis for the assessment of the risk of material misstatement at the relevant assertion level.
c. Performing substantive tests for all relevant assertions related to
material account balances, transaction classes, and disclosures.
d. Determining the implications for the audit report when the auditor
is unable to conclude whether the financial statements are materially
misstated.
a.
Top_Aud_08_book.indb 222
8/30/2007 3:15:00 PM
QUIZZER — Module 1
17.
223
SAS 107 lists which of the following as a presumptively mandatory
requirement?
Requesting that management correct all known misstatements,
including the effects of prior misstatements.
b. Requesting that management correct all likely misstatements, including the effects of prior misstatements.
c. Requesting that management correct all known misstatements,
excluding the effects of prior misstatements.
d. Requesting that management correct all known and likely misstatements, excluding the effects of prior misstatements.
a.
18.
All of the following statements apply, under SAS 107, to the auditor’s
consideration and determination of materiality except:
Consideration of the possibility that misstatements lower than materiality levels could aggregate to a material amount is not necessary.
b. Consideration of matters that might be material to every individual
group of users is not necessary.
c. Prior periods’ financial statements should be considered.
d. Materiality should be considered by the same method regardless of
the client’s inherent business characteristics.
a.
19.
Auditors should perform risk assessment procedures at:
Both the financial statement level and the tolerable misstatement
level.
b. Both the financial statement level and the account balance, transaction class and disclosure level.
c. Only the account balance, transaction class and disclosure level.
d. Only the tolerable misstatement level.
a.
20.
Inherent and control risks are the client’s risks, and exist independently
of the audit or the auditor. True or False?
Top_Aud_08_book.indb 223
8/30/2007 3:15:01 PM
224
TOP AUDITING ISSUES FOR 2007 CPE COURSE
21.
Which of the following statements best matches the definition of materiality found in SAS 107?
Materiality is an amount agreed upon by users of the financial statements, above which misstatements, individually or in the aggregate,
would change or influence their judgment.
b. Materiality is an amount designated by the auditor, below which
misstatements need not be accumulated.
c. Materiality is an amount of an omission or misstatement such as
makes it probable that the judgment of a reasonable person relying
on the information would have been changed or influenced by the
omission or misstatement.
d. Materiality is an amount agreed upon by management and the auditor, above which misstatements, individually or in the aggregate,
would change or influence their judgment.
a.
22.
SAS 107 adds to the auditing literature the new concept of considering
the risk of misstatement:
a.
b.
c.
d.
23.
At the level of the financial statements taken as a whole
At individual account balance or class of transactions level
At the disclosure level
At the individual user level
The requirement of SAS 107 to assess the risk of material misstatement
at the relevant assertion level as a basis for further audit procedures:
Intends that audit procedures be more effectively concentrated in
areas of highest risk.
b. Means that the auditor need not develop an understanding of controls sufficient to support an assessment of maximum control risk.
c. Requires that controls always be tested.
d. Intends that substantive tests be performed in all areas without
regard to assessed risks.
a.
Top_Aud_08_book.indb 224
8/30/2007 3:15:01 PM
QUIZZER — Module 1
24.
225
Which of the following statements best applies to the auditor’s use of
materiality in an audit?
Establishing a materiality level in the planning stages sets a threshold
below which misstatements are always considered immaterial.
b. Materiality levels set by the auditor in the planning stage of the
audit must also be used in evaluating audit results.
c. If a lower level of materiality than the one set in audit planning is
considered appropriate at the end of the audit, the auditor should
reconsider related levels of tolerable misstatement.
d. Some misstatements may be deemed immaterial even when they
are above established thresholds.
a.
25.
Which of the following would likely be the most appropriate benchmark to use in setting materiality for a small, service oriented nonprofit
organization?
a.
b.
c.
d.
26.
In considering a likely misstatement of depreciation expense, which is
stated at $150,000 in the financial statements, the auditor’s best estimate of an acceptable range of depreciation expense is from $149,000
to $154,000. The likely misstatement is:
a.
b.
c.
d.
27.
Gross revenues
Pre-tax income
Gross profit
Net income
$4,000 understatement
Zero
$1,000 overstatement
Not material to the financial statements taken as a whole
When a non-public client is in a lease agreement with significant scheduled escalations over its term, and the client has not recorded deferred
rent in the previous year:
The auditor should consider only the cumulative effect of the uncorrected rent deferral on the ending balance sheet.
b. The auditor should consider only the current and prior period rent
expense that flows through the current period’s income statement.
c. The auditor may consider both the income statement and ending
balance sheet effects of the prior period misstatements.
d. The auditor must consider both the income statement and ending
balance sheet effects of the prior period misstatements.
a.
Top_Aud_08_book.indb 225
8/30/2007 3:15:01 PM
226
TOP AUDITING ISSUES FOR 2007 CPE COURSE
28.
Which of the following statements best applies, under SAS 107, to the
auditor’s consideration of the qualitative characteristics of misstatements?
Indications of possible fraud on the part of management or key
employees may be considered qualitatively immaterial if they fall
beneath quantitative tolerable misstatement levels.
b. Misstatements affecting management’s compensation may have
qualitative significance even though they do not exceed quantitative
thresholds for materiality.
c. A misclassification between current and non-current liabilities is
not considered a qualitatively significant misstatement.
d. Previous years’ earnings trends are not qualitatively relevant to misstatements in the current year’s financial statements.
a.
29.
Audit documentation should contain a basis for the conclusion as to
whether uncorrected misstatements are material individually but not
in the aggregate. True or False?
30.
According to SAS 107, audit documentation should record all of the
following except:
All known and likely misstatements that have been identified
by the auditor and corrected by management, except for trivial
amounts.
b. Separate consideration of known and likely uncorrected misstatements.
c. Consideration of the aggregate effects of misstatements.
d. A statement as to basis for determining that certain misstatements
are trivial.
a.
31.
All of the following are unconditional requirements in SAS 108 except:
Properly supervise any assistants.
Communicate to audit team members the susceptibility of the financial statements to material misstatement due to fraud or error.
c. Adequately plan the audit.
d. Develop an audit plan which documents the audit procedures that
are expected to reduce audit risk to an acceptably low level.
a.
b.
Top_Aud_08_book.indb 226
8/30/2007 3:15:01 PM
QUIZZER — Module 1
32.
227
SAS 108 contains a presumptively mandatory requirement which states
that the auditor should:
Plan the audit so that it is responsive to the assessment of the risk
of material misstatement, based on the auditor’s understanding of
the client and its environment, including its internal control.
b. Document in a written engagement letter an understanding
with the client for each engagement, which should include fee
arrangements.
c. Refrain from accepting an audit engagement after the close of the
fiscal year.
d. Consider whether specialized skills are needed to perform the audit.
a.
33.
The audit engagement letter, according to SAS 108, generally includes all
of the following elements as responsibilities of management except:
Establishing and maintaining effective internal control over financial
reporting.
b. The selection and application of accounting policies.
c. Providing reasonable assurance that the statements are free of material misstatement.
d. Identifying and assuring compliance with applicable laws and
regulations.
a.
34.
The audit plan is the detailed map that describes the nature, timing,
and extent of audit procedures to be performed. True or False?
35.
Which of the following elements is required by SAS 108 to be contained
in the audit plan?
Other audit procedures to be performed to comply with GAAS.
The nature, timing, and extent of planned further audit procedures
at the financial statement level for all classes of transactions, account
balances, and disclosures.
c. Linkage between the results of internal control tests, the understanding of the entity, and the determination of materiality.
d. Reporting deadlines and recent industry-specific accounting
developments.
a.
b.
36.
The auditor need not evaluate the results of audit procedures performed
by specialists as long as those specialists are both competent and independent. True or False?
Top_Aud_08_book.indb 227
8/30/2007 3:15:01 PM
228
TOP AUDITING ISSUES FOR 2007 CPE COURSE
37.
Before starting an initial audit, SAS 108 indicates that the auditor
should:
Perform preliminary analytical procedures.
Perform procedures regarding the acceptance of the client relationship and the specific audit engagement.
c. Inspect the predecessor auditor’s audit documentation.
d. Review the articles of incorporation.
a.
b.
38.
Under the requirements of SAS 108, the engagement partner is required
to communicate to audit assistants all of the following matters except:
Their responsibilities and the objectives of audit procedures to be
performed.
b. The assistant’s responsibility to bring to the attention of the client’s
management accounting issues raised during the audit that the assistant believes are significant to the financial statements.
c. Matters that may affect the nature, timing, and extent of audit procedures to be performed, such as the nature of the entity's business
and possible accounting and auditing issues.
d. The susceptibility of the entity’s financial statements to material misstatement due to error or fraud, with special emphasis on fraud.
a.
39.
Which of the following requirements applies to the review of work
performed by audit assistants?
The review of work performed by assistants should be delegated to
others by the engagement partner.
b. Each workpaper in the audit documentation file must be signed off
by a supervisor to indicate that it has been reviewed.
c. The firm’s practice for reviewing the work of assistants should be
the same regardless of the characteristics of the engagement.
d. The work performed by each assistant, including the audit documentation, should be reviewed to determine whether it was adequately performed and documented.
a.
Top_Aud_08_book.indb 228
8/30/2007 3:15:01 PM
QUIZZER — Module 1
40.
229
Which of the following statements applies to the resolution of differences of professional opinion under SAS 108?
Assistants who dissent from the final resolution of disagreement
continue to have professional responsibility for the related decisions
made by supervisory personnel.
b. Audit firms should not retain documentation of disagreements of
professional opinion among the engagement team over particular
accounting or auditing issues once was resolution is reached.
c. Both the engagement partner and assistants should be aware of the
procedures to be followed when differences of professional opinion
exist in an audit engagement.
d. Audit assistants have a professional responsibility to bring to the
attention of appropriate individuals in the client’s management disagreements concerning significant accounting and auditing issues.
a.
Top_Aud_08_book.indb 229
8/30/2007 3:15:01 PM
Download