What is the primary duty of an auditor?
An auditor provides users of financial information with reasonable assurance that the financial statements are not materially misstated.
See more @ another71.com/flashcards
What is the auditor’s responsibility for detecting theft or fraud?
Auditors are NOT responsible for detecting theft or fraud.
Instead, they are responsible for providing REASONABLE ASSURANCE that the financial statements are not materially misstated.
When should an auditor be hired in relation to the balance sheet date for optimum audit planning and efficiency?
The earlier the auditor is hired, the better for audit planning and efficiency.
When can audit procedures be performed at interim dates?
If control risk for the accounts and/or transactions is low, audit procedures can be performed at interim dates. The auditor then reviews changes in the balances at year-end.
When can an auditor accept an engagement offered after the year is already closed?
The auditor can take the engagement if they are able to overcome the limitations of the engagement.
For what does an auditor use professional skepticism?
An auditor uses professional skepticism to:
- plan the scope of the audit
- plan the objectives of the audit
How can analytical procedures be performed in audit planning?
The auditor can compare actual versus forecasted numbers.
What must an auditor have in order to discuss issues relating to a predecessor auditor’s work?
If issues relating to predecessor auditor’s work on previous financial statements come up during the current audit, auditor must have client’s permission to discuss the issue.
What questions must an auditor ask with respect to procedures carried out by assistants?
The questions that auditor can ask regarding procedures performed by assistants are:
- Were they adequately performed? (Review the working papers)
- Are the results consistent with the audit report?
How is audit strategy mapped out?
To map out an audit strategy, the auditor needs to:
- determine what the reporting objectives are.
- determine the scope of the audit.
Describe the key components of maintaining auditor independence.
- Auditor must be independent in fact and appearance.
- Honesty
- No direct financial interest
- No indirect material financial interest
Describe: Due Professional Care
- Technical abilities mirror those held by peers in the profession
- Follow GAAS standards
- Obtain a reasonable level of assurance
- Maintain a reasonable level of skepticism
- Supervise audit staff
- Review judgment at every level
What should an auditor do prior to accepting an audit engagement?
- Review the previous financial statements.
- Speak to third parties.
- Contact predecessor auditor to evaluate whether engagement should be accepted (must have client permission).
What questions should be asked by an auditor prior to taking an engagement?
NOTE: must have permission of client to contact predecessor auditor (no permission = no engagement)
- Why the auditor change?
- Any serious discussions with audit committee?
- How is management integrity?
- Disagreements?
- How was internal control?
Understand industry or be willing to learn.
Consider scope limitation.
Limited evidence available = no engagement
What should be included in an audit engagement agreement?
NOTE: Must be written
- Objectives of engagement
- Limitations of engagement
- Responsibilities of management - provide written assertions
- Responsibilities of auditor - limited error/fraud responsibility
- Expectations of access to records
- Financial statements (and disclosures) are management’s responsibility
- Compliance with laws
- Internal control
What is management’s responsibility with respect to the financial statements?
Management is responsible for financial statements and adequacy of disclosures.
- Presentation & Disclosure
- Existence (Tests Overstatements)
- Rights & Obligations
- Completeness (Tests Understatements)
- Valuation & Allocation
What is the purpose of the audit committee?
- Responsible for hiring auditor
- Oversees internal control
- Must agree with auditor on responsibility of the parties, audit fee, timing of the audit, and audit plan
- Acts as liaison between the auditor and the Board of Directors
- Communicates concerns about internal control deficiencies, errors, fraud, and iIlegal activities
How is audit risk calculated?
Inherent Risk x Control Risk x Detection Risk
- Risk that material mistakes, errors, omissions, or fraud will result in an inaccurate audit report
- Based on auditor judgment
- Measured in both qualitative and quantitative
Describe: Control Risk
Control risk is the risk that internal control will not detect error or fraud.
An auditor cannot control this.
Describe: Inherent Risk.
Some transactions inherently have a higher level of risk.
Auditor CANNOT control.
Describe: Detection Risk.
Will the auditor fail to detect a material misstatement?
- Auditor CAN control
- Do testing at year-end
- Increase substantive testing
- Run more effective tests
What responses should an auditor take based on different levels of acceptable detection risk (DR)? What type of tests should be performed?
Less Acceptable DR = Run More Substantive Tests
More Acceptable DR = Run Less Substantive Tests
More Substantive Tests (DR down) = Less Audit Risk; (AR = IR x CR x DR)
Less Substantive Tests (DR up) = More Audit Risk; (AR = IR x CR x DR)
What are quantitative measurements versus non-quantitative measurements with respect to risk?
Quantitative Measurements:
- Inherent - Control - and Detection Risk can all be measured in terms of percentages.
Non-Quantitative Measurements:
- Inherent - Control - and Detection Risk can all be measured in terms of acceptable ranges.
Whose responsibility is it to FIND and PREVENT fraud?
It’s management’s responsibility.
What is the auditor’s responsibility with respect to fraud and illegal acts?
- Assess the RISK that such things will lead to material misstatements
- Design the AUDIT to provide reasonable assurance against fraud—illegal acts that directly and materially affect the financial statements
- Report all management fraud to the audit committee (minor fraud by low-level employees not reported to committee)
- Perform required inquiries and procedures (management inquiries - analytical procedures - discussions with audit personnel about fraud)
What are the three factors that affect/influence fraud?
Fraud is born out of RIO:
- Rationalization
- Incentive
- Opportunity
What is the difference between fraud and errors?
Errors are unintentional.
Fraud is intentional.
What red flags may indicate higher risk in an audit?
- Management compensation tied to stock
- Aggressive financial forecasting
- Former auditor disagreed with management
- Records not available for audit
- Current audit procedures may need to be reconsidered if red flags exist.
Describe the characteristics of a fraud risk factor.
- Has been observed in similar situations
- Does NOT necessarily mean that there is a material weakness in internal control
- Leads to an auditor taking action
What does an examination of internal control accomplish with respect to illegal acts?
Internal control analysis can result in the conclusion that IC is weak, but probably won’t identify illegal acts.
What is the purpose of adjusting audit procedures in light of fraud risk factors identified during an audit?
- Strives to make audit engagement procedures less patterned and predictable
- Re-evaluates management’s application of accounting procedures
- Finds and assigns audit personnel with relevant skills in this area
What should be documented with respect to fraud risk factors in an audit?
- Any fraud risks identified that could lead to material misstatement
- Audit procedures performed to assess risks
- Nature of communication made to audit committee and company management
- Disclosure to third parties regarding fraud not normally the auditor’s responsibility
- Fraud by management should normally be reported to the audit committee, NOT the SEC.
What was the effect of the SOX Act of 2002?
The SOX Act of 2002 created the PCAOB. It:
- Designates officer responsibility for internal control
- Must disclose significant internal control weaknesses to auditor and audit committee
- Must disclose any level of fraud discovered by employees with internal control responsibilities
What is the Auditing hierarchy of Authoritative Literature?
- Statements on Auditing Standards (SAS)
- Auditing Interpretations - AICPA Guides & SOPs
- Industry Articles (no authority)
What quality control activities are undertaken by CPA firms with audit practices?
- Firm leadership exhibits quality and leads by example and sets the tone for the organization.
- Firm should monitor and document that its policies and procedures are being followed.
- Firm should have relevant ethical requirements.
- Acceptance and continuance of client engagements should continue to be evaluated for client integrity, auditor competency, and legality.
- Firm should have competent and ethical personnel.
- Firm engagements are performed, supervised, and reviewed in accordance with professional standards and regulations.
Which literature governs compilation services?
SSARS - Statements on Standards for Accounting and Review Services. These govern reporting for non-public entities only.
What is the independence requirement for compilations?
- Independence is not required for compilations.
- No internal control work allowed
- No assurance given
What type of assurance is provided by a compilation?
Compilation is not an assurance service. No assurance is provided.
What type of assurance is provided by review services?
Reviews provide negative assurance.
What is the independence requirement for a review?
- Reviews require independence.
- No internal control work allowed
- Performs analytical procedures
- No material indirect financial interest allowed
- No immaterial direct financial interest allowed
For compilations and reviews, what knowledge must a service provider have?
Service provider must have an understanding of the client industry.
What are attestation services?
CPA expresses a conclusion about an assertion.
- Compliance with laws
- NOT considered a consulting engagement
- Independence required
What is the independence requirement for consulting services?
Independence is not required for consulting services.
Describe the limitations on prospective financial statements?
Limitations on prospective financial statements:
- Report is restricted to specified users.
- Agreed-upon procedures are implemented.
What is the role of the group engagement team?
- Develop audit strategy
- Communicate with component auditors
- Perform work on the consolidation process
- Evaluate audit conclusions
- Understand work of component auditors
Who is on the group engagement team?
The group engagement team comprises:
- Firm partners
- Group engagement partner
- Audit staff
Who establishes the materiality threshold for the Component Auditor?
The Group Engagement Team establishes the materiality threshold for the Component Auditor.
The materiality threshold must be lower than the group materiality threshold.
What is the group engagement partner responsible for?
The group engagement partner is responsible for:
- Group audit engagement direction
- Supervision
- Performance
- Audit Report
What is the role of a component auditor?
A component auditor audits a component of the entity.
What should the group engagement team do if a component auditor audits a significant component due to financial materiality?
Audit the financial information
What should the group engagement team do if a component auditor audits a significant component due to the risk of material misstatement?
Perform audit procedures
What should the group engagement team do if a component auditor audits a non-significant component?
Analytical procedures performed at group level
What does an auditor do if they suspect legal proceedings could contribute to a material misstatement?
Contact client external counsel through a letter of inquiry.
