auditing is the accumulation and evaluation of evidence about information to determine and report on the degree of correspondence between information and criteria; must be done by a competent and independent person and give an unbiased opinion
accounting is the recording of information and auditing is the checking over the work to make sure its recorded and presented fairly
auditors can do accounting, but not all accountants have the knowledge to complete auditing tasks
information risk is the risk that the information used to make business decisions is inaccurate or misrepresented
auditing is done to give reasonable assurance that information is accurately represented in order to reduce information risk
what are causes of information risk?
remoteness - information gathered is often relied on others, when it is obtained from others, the likelihood of it being intentionally or unintentionally misstated increases
bias and motives of providers - information by someone whose goals are inconsistent with those of the decision maker can result in inadequate or incomplete disclosures of information
voluminous data - in larger organizations, the volume of exchange transactions is fairly large, Increases the probability that there is improperly recorded data in the record
complex exchange transactions - exchange transactions between organizations have become more and more complex; acquisitions, combining and disclosing results of operations in different industries, and properly valuing and disclosing derivative financial instruments
how can information risk be reduced?
list and describe assurance services
assurance service: Is an independent professional service that improves the quality of information for decision makers
list the types of assurance services
attestation services: a type of assurance service in which the CPA firm issues a report about a subject matter or assertion that is made by another party
List the types of attestations services.
audit of historical financial statements: a form of attestation service in which the auditor issues a written report stating whether the financial statements are in material conformity with accounting standards
internal control over financial reporting: an engagement in which the auditor reports in the effectiveness of internal control over financial reporting; such reports are required for accelerated filer public companies under SOX 404
review of historical financial statements: management asserts that the statements are fairly stated in accordance wiht accounting standards, the same as an audit, but a lower level of assurance is needed
what are the three main types of audits?
describe the three types of audits.
operational audits - can evaluate the organizational structure, computer operations, production, marketing or any other area auditor is qualified in, effective and efficiency must meet established criteria, more like management consulting rather than auditing
compliance audits - determine whether personnel are following specific procedure set forth by controller, wage rates in compliance with min. wage laws, contractual agreements, mortages in compliance with governmental regulations, results are typically reported to management rather than outsiders
financial statement audits - looking for stated in accordance to accounting standards and regulations, gathers evidence to look for material errors or misstatements, must have extensive knowledge of company
identify the primary types of auditors.
what are the requirements to become a CPA?
meet state requirements, pass the uniform CPA exam, keep up with continuing education
\
what are the 8 distinct parts of a standard unmodified opinion under AICPA standards?
Report Title: requires title, must include the word independent; independent auditors report or opinion; coveys that report was completed by an unbiased opinion
audit report address: addressed to who the report was prepared for; company, stockholders, or board of directors
opinion section: states the auditor’s conclusion based on results of the audit, under heading opinion, indicates firm that completed audit, lists documents audited, wording of financial statements should match the titles used in by management, stated as opinion, not a statement of fact, refers to framework used to complete audit
basis for opinion: states the audit was completed in accordance with GAAP, and refers to additional responsibilities taken on by firm, affirmation that firm is independent from the company, includes that auditor believes sufficient evidence has been obtained
management responsibility: describes management responsibility of the financial statements, includes selecting the appropriate principles and maintaining internal controls over financial reporting, free of material misstatements due to fraud or error
auditor’s responsibility: three paragraphs
signature and address of CPA firm: Identifies the cpa firm or practitioner who performed the audit, city and state included
audit report date: date of which the auditor completed the procedures, indicates the last day of auditors responsibility for the review of significant events that occured after the date of statements
what conditions are required to meet to issue an unmodified opinion?
what are the 5 circumstances where an emphasis of matter is required
what kind of opinions can be given if a standard unmodified opinion is not justified?
Examples of Modified Wording
Lack of consistency (changing depreciation methods, changing from LIFO to FIFO, cash to accrual basis) - unmodified opinion with explanatory paragraph
Substantial Doubt About Going Concern (worry of company going bankrupt) - unmodified opinion with explanatory paragraph
Auditor Agrees with Departure from GAAP (smaller private companies, legislation requiring new way of recording something) - unmodified opinion with explanatory paragraph
Emphasis of Matter (contingencies, date of opinions something happened between financial statement date to audit date) - unmodified opinion with explanatory paragraph
Reports Involving Other Auditors (foreign auditor did work that was material) unmodified opinion with a reference to other auditors in opinion and basis for opinion)
materiality: a misstatement in the financial statements can be considered material if knowledge of the misstatement will affect a decision of a user of statements
what are the three levels of materiality?
US public companies are required to prepare financial statements that are filed with SEC compliance
Foreign companies listed on US exchanges are allowed to report under IFRS
Auditor’s basis for opinion must state what standards were used to conduct the audit
ethics: set of moral principles or values
unethical behavior: differs than from what they believe is appropriate given the circumstances
Ethical Framework (RIAACA)
professionals - expected to conduct themselves at a higher level than most members of society, responsibility for conduct that extends beyond satisfying individual responsibilities and beyond requirements of society laws and regulations
public confidence - reassurance to the public that work is being done right, trust
Accountants work is used to make important business decisions and it is expected that they provide accurate and complete information
What is the purpose and the content layout of the code of conduct?
The code consists of principles and rules, in addition to interpretations, provide the framework for the rules that govern the CPA’s performance of professional responsibilities, interpretations address circumstances that members may face that are threats to compliance with rules of conduct
what are the parts of the code?
preface - all members, principles of professional conduct
part I - members in public practice, conceptual framework, rules and interpretations
part II - members in business, conceptual framework, rules and interpretation
part III - other members, rules and interpretations
what are the principles of the code?
responsibilities: in carrying out thier responsibilities as professional , members should exercise sensitive professional and moral judgements in all their activities
public interest: members should accept the obligation to act in a way that will serve the public interest, honor the public trust, and demonstrate a commitment to professionalism
integrity: to maintain and broaden public confidence, members should perform all professional responsibilities with the highest sense of integrity
objectivity and independence: a member should maintain objectivity and to be free of conflicts of interest in discharging professional responsibilities. a member in public practice should be independent in FACT AND APPEARANCE when providing auditing and other attestation services
due care: a member should observe the professions technical and ethical standards, strive continually to improve competence and quality of services, and discharge professional responsibility to the best of the members ability
scope and nature of services: a member in public practice should observe the principles of the code of conduct in determining the scope and nature of services to be provided
adverse interest: the threat that a member will not act with objectivity because the members’ interests are opposed to the attest client’s interests
advocacy: the threat that a member will promote an attest client’s interest or position to the point that his or her objectivity or independence is compromised
familiarity: the threat that, due to a long or close relationship with an attest client, a member will become too sympathetic to the clients interests or too accepting of the clients work or product
management participation: the threat that a member will take on the role of an attest client management or otherwise assume management responsibilities, such as may occur during an engagement to provide nonattest services
self interest: the threat that a member could benefit, financially or otherwise, from an interest in, or relationship with, an attest client or persons associated with the client
self-review: the threat that a member will not appropriately evaluate the results of a previous judgement or service performed or supervised by the member or an individual in the member’s firm and that the member will rely on that service in forming a judgement as part of another service
undue influences: the threat that a member will subordinate his or her judgement to an individual associated with a client or any relevant third party due to that individual’s reputation or expertise, aggressive or dominant personality, or attempts to coerce or exercise excessive influence over the members
integrity and objectivity: free of conflicts of interest, not knowingly misrepresent facts or subordinate his or her judgement to others
independence: independent in the performance of professional services as required by standards promulgated by bodies of teh council
general standards: undertake only assignments they can complete with professional competency and accuracy and completion, exercise due professional care, plan and supervise all engagements, obtain sufficient and relevant data to afford a reasonable basis for all conclusions or recommendations
compliance with standards: a member who performs any accounting services shall comply with standards designated by the council
accounting principles: follow standards by council in issuing reports about entities compliance with GAAP
acts discreditable: a member shall not commit an act discreditable to the profession
contingent fees: shall not perform for a contingent fee any professional service of the member also performs for the client an audit, review or certain compilations of financial statements or an examination of prospective financial statements, also shall not prepare an original or amended tax return or claim for a tax refund for a contingent fee for any client
commissions and referral fees: member shall not receive or pay a commission or referral fee for any client an audit, review or certain compilations of financial statements or an examination of prospective financial statements, non prohibited commissions or ref fees must be disclosed of such fees to the client
advertising and solicitation: shall not seek to obtain clients by advertising false, deceptive, or misleading information, solicitation by the use of coercion overreaching or harassment is prohibited
confidential client informations: shall not disclose confidential client information without specific consent of the client
form of organization and name: shall not practice under a nape that is misleading, all partners must be cpas to have cpa in the firm names
independence of mind: state of mind that permits the audit to be performed with an unbiased attitude (independent in fact, independence in appearance)
independence rule: a member in public practice shall be independent in the performance of profession services as required by standards promulgated by bodies designated by the council
Non audit services - SOX and SEC restrict but don’t eliminate all non-audit services
CPA firms are not prohibited from performing services for private companies and public companies as long as the public company is not their audit client
\
Other regulations to be followed:
what are the three primary objections of effective internal control?
reliability of reporting - management has a legal and professional responsibility to be sure the information they provide is correct and fairly presented; to fulfill these financial reporting responsibilities
efficiency and effectiveness of operations - controls encourage efficient and effective use of its resources to optimize the company’s goals; accurate financial and nonfinancial information about companies operation for decision making
compliance with laws and regulations - sox 404 requires all public companies to issue a report over their internal controls; as well as many other laws and regulation regarding all aspects of the business
What do management responsibilities consist of?
what is the auditors responsibilities relating to internal controls?
what does the CRIME acronym stand for?
\
Control environment: actions, policies, procedures reflecting overall attitudes of top management, directors, and owners
Risk Assessment: identifying and analysing risks that may prevent
Information and Communication: initiate, record, process, and report entities transactions and to maintain accountability for related assets
Monitoring: ongoing or periodic assessment of quality of internal control by management to determine controls are operating as they should be
Existing Control Activities: policies and procedures to ensure necessary actions are taken to address risks to achieve objectives
general controls: apply to all aspects of the IT functions, including IT administration; separation of IT duties; system development; physical and online security over access to hardware, software, and related data; apply to entire entity and affect many different software applications
application controls: typically operate at the business process level and apply to processing transactions, such as controls over the processing of sales or cash receipts; only effective when general controls are effective
what are some examples of general controls?
what are some examples of application controls?
what are the types of IT systems and what do they do for internal controls
LANS: networks that connect computer equipment, data files, software within a local area such as a building
WANS: networks that connect computer equipment, files, software across different geographical locations, businesses with offices around the world
database management systems: hardware and software systems that allow clients to establish and maintain databases shared by multiple applications
ERPS: systems that integrate numerous aspects of an organization’s activities into one accounting information systems
\