Auditing and Assurance Services
LEARNING OBJECTIVES
| | Review Checkpoints | Exercises and Problems |
| 1. Define information risk and explain how auditing and assurance services play a role in reducing this business risk. | 1, 2, 3 | 48, 50 |
| 2. Define and contrast accounting, auditing, and assurance services. | 4, 5, 6, 7, 8 | 47 |
| 3. Describe and define the management assertions embodied in financial statements, and why auditors use them as a focal point of the audit. | 9, 10, 11 | 52, 54 |
| 4. Explain some characteristics of “professional skepticism.” | 12 | |
| 5. Describe the organization of public accounting firms and identify the various services they offer. | 13, 14 | |
| 6. Describe the audits and auditors in governmental, internal, and operational auditing. | 15, 16, 17, 18 | 49, 51 |
| 7. List and explain the requirements for becoming a certified information professional. | 19, 20, 21, 22 | 53 |
SOLUTIONS FOR REVIEW CHECKPOINTS
1.1 Business risk is the name for the collective risk faced by a company that engages in business. It includes the chance that customers will buy from competitors, that product lines will become obsolete, that taxes will increase, that government contracts will be lost, or that employees will go on strike.
1.2 The conditions of complexity, remoteness, time-sensitivity, and consequences increase demands by outside users for relevant, reliable (useful) information. They cannot produce the information for themselves because of these conditions. Company managers and accountants produce the information.
1.3 Information risk, in contrast to business risk, is the risk (probability) that the information (mainly financial) disseminated by a company will be materially false or misleading. This condition creates the demand for objective outsiders to provide assurance to decision makers.
1.4 Students can refer to the AAA and AICPA definitions in Chapter 1. Some instructors may want to extend the consideration of definitions to include the internal and governmental definitions.
In response to "what do auditors do," students can refer to Exhibit 1.1 and respond in terms of: (1) obtain and evaluate evidence about assertions management makes about economic actions and events, (2) ascertain the degree of correspondence between the assertions and GAAP, and (3) give an audit report (opinion). Students can also respond more generally in terms of "lending credibility" to financial statements presented by management (attestation).
1.5 An attest engagement is: "An engagement in which a practitioner is engaged to issue or does issue a written communication that expresses a conclusion about the reliability of a written assertion that is the responsibility of another party." To attest means to lend credibility or to vouch for the truth or accuracy of the statements that one party makes to another. The attest function is a term often applied to the activities of independent CPAs when acting as auditors of financial statements.
1.6 Assurance engagements are independent professional services that improve the quality of information, or its context, for decision makers. Since information (financial statements) are prepared by managers of an entity who have authority and responsibility for financial success or failure, an outsider may be skeptical that the information is objective, free from bias, fully informative, and free from material error, intentional or inadvertent. The services of an independent‑CPA auditor helps resolve those doubts because the auditor's success depends upon his independent, objective, and competent assessment of the information (e.g., the conformity of the financial statements with GAAP). The CPA's role is to lend credibility to the information; hence the outsider will likely seek his independent opinion.
1.7 CPAs serve as intermediaries who lend credibility to information. Hence, assurance services are natural extensions of the well-regarded audit and attest services.
CPAs can use their expertise in internal control and measurement methods.
Assurance services are natural extensions of attestation services, which earlier evolved from financial statement audit services.
Attestation and audit services are highly structured and intended to be useful for large groups of decision makers (e.g., investors, lenders). On the other hand, assurance services are more customized and intended to be useful to smaller, targeted groups of decision makers. In this sense, assurance services bear resemblance to consulting services.
1.8 There are four major elements of the broad definition of assurance services:
Professional Services. Virtually all work performed by CPAs is defined as "professional services" as long as it involves some element of judgment based in education and experience.
Improving the Quality of Information or its Context. The emphasis is on "information"-- CPAs' traditional stock in trade. CPAs can enhance quality by assuring users about the reliability and relevance of information, and these two features are closely related to the familiar credibility-lending products of attestation and audit services. "Context" is relevance in a different light. For assurance services, improving the context of information refers to improving its usefulness when targeted to particular decision makers in the surroundings of particular decision problems.
For Decision Makers. They are the "consumers" for assurance services, and they personify the consumer focus of new and different professional work. They may or may not be the "client" that pays the fee, and they may or may not be one of the parties to an assertion or other information. The decision makers are the beneficiaries of the assurance services.
1.9 Accountants record, classify, and summarize (report) a company's assets, liabilities, capital, revenue, and expense in financial statements. Auditors gather evidence related to the assertions management makes in financial statements and render a report. Accountants produce the financial statements; auditors audit them.
1.10 Five major assertions in financial statements:
Existence or Occurrence assertion:
The practical objective is to establish with evidence that assets, liabilities and equities actually exist and that sales and expense transactions actually occurred. Key questions include “Did the recorded sales transactions really occur?” and “Do the assets listed really exist?”
Completeness assertion:
The practical objective is to establish with evidence that all transactions of the period are in the financial statements and all transactions that properly belong in the preceding or following accounting periods are excluded. Another term for these aspects of completeness is cut-off. Completeness also refers to proper inclusion in financial statements of all assets, liabilities, revenue, expense and related disclosures. Key questions related to completeness include: “Are the financial statements (including footnotes) complete?” and “Were all the transactions recorded in the right period?”
Rights and Obligations assertion:
The practical objectives related to rights and obligations are to establish with evidence that assets are owned (or rights such as capitalized leases are shown) and liabilities are owed. Key questions related to this assertion include: “Does the company really own the assets? and “Are related legal responsibilities identified?”
Valuation or Allocation assertion:
The practical objective is to establish with evidence that proper values have been assigned to things (assets, liabilities, equities and related disclosures) and events (revenues, expenses and related disclosures). SAS 31 refers to the practical objective of obtaining evidence about "valuations" achieved by cost allocations such as depreciation and inventory costing methods. Key questions include “Are the accounts valued correctly?” and “Are expenses allocated to the period(s) benefited?”
Presentation and Disclosure assertion:
The practical objective is to establish with evidence that accounting principles used by management are appropriate in the circumstances and are applied properly, and that disclosures contain all information required by generally accepted accounting principles.
1.11 Auditors should think about a "compliance assertion" even though it is not explicitly listed in the auditing standards because auditors have responsibilities regarding these compliance‑type events: (1) company employees observing the company's internal control policies and procedures (see Chapter 5), (2) frauds and illegal acts (see Chapter 3), and (3) compliance with laws and regulations in government‑standard audits (see Module D).
1.12 Holding a belief that a potential conflict of interests always exists causes auditors to perform procedures to search for errors or frauds that would have a material effect on financial statements. This tends to make audits more extensive for the auditor and more expensive for the client. The situation is not a desirable one in the vast majority of audits where no errors or frauds exist. However, errors and financial reporting frauds have happened too often. Users of financial statements and audit reports expect auditors to detect material misstatements.
1.13 Some examples of assurance engagements include:
· Internet Website certification (CPA WebTrust)
· Accounts receivable review and cash enhancement
· Third-party reimbursement maximization
· Rental property operations review
· Customer satisfaction surveys
· Benchmarking/best practices
· Evaluation of investment management policies
· Fraud and illegal acts prevention and deterrence
· Information systems security reviews (SysTrust)
· Internal audit strategic review
1.14 Major areas of public accounting services:
· Assurance services (including audit services and other attestation engagements)
· Tax consulting services
· Consulting services
1.15 Operational auditing is the study of business operations for the purpose of making recommendations about the economic and efficient use of resources, effective achievement of business objectives, and compliance with company policies. The AICPA views operational auditing as a type of management advisory service offered by public accounting firms.
1.16 The elements of expanded‑scope auditing include: (1) financial and compliance audits, (2) economy and efficiency audits, and (3) program results audits.
1.17 Compliance auditing involves a study of an organization's policies, procedures, and performance in following laws, rules, and regulations. An example is a school's policies, procedures, and performance in determining eligibility for a free meal program.
1.18 Other kinds of auditors include IRS agents/auditors, state and federal bank examiners, state insurance department auditors, and fraud auditors.
1.19 The purpose of continuing education is to ensure that CPAs in practice maintain their expertise at a sufficiently high level in light of evolving business conditions and new regulations. For CPAs in public practice, 120 hours of continuing education is required every three years, with no less than 20 hours in any one year. For CPAs not in public practice, the general requirement is 120 or fewer (90 in some states) every three years.
1.20 Everything cannot be learned in the classroom, and some on‑the‑job experience is helpful before a person is foisted off on the public as a licensed professional. Also, the experience weeds out some persons who do not want to take the trouble to be involved in accounting work.
1.21 State boards administer the state accountancy laws. State boards make physical arrangements to give the CPA examination, collect the examinations, receive the grades from the AICPA grading activity, and notify candidates whether they passed or failed. After satisfying state requirements for education and experience, successful candidates are awarded the CPA certificate by a state board. At the same time, new CPAs must pay a fee to obtain a state license to practice. Thereafter, state boards of accountancy regulate the behavior of CPAs under their jurisdiction (enforcing state rules of conduct) and supervise the continuing education requirements.
1.22 After becoming a CPA licensed in one state, a person can obtain a CPA certificate and license in another state. The process is known as reciprocity. CPAs can file the proper application with another state board of accountancy, meet the state’s requirements, and obtain another CPA certificate. Many CPAs hold certificates and licenses in several states. From a global perspective, individuals must be licensed in each country. Similar to CPAs in the United States , "Chartered Accountants" (CAs) practice in Canada , Australia , and Great Britain
SOLUTIONS FOR MULTIPLE CHOICE-QUESTIONS
1.23 a. Incorrect This is an attestation to the prize promoter's claims.
b. Incorrect This is an audit engagement to give an opinion on financial statements.
c. Incorrect This is an assurance engagement on newspaper's circulation data.
d. Incorrect This is an assurance engagement on the performance of golf balls.
e. Correct Since attestation and audit engagements are subsets of assurance engagements, all are assurance engagements.
1.24 a. Correct This statement characterizes professional skepticism.
b. Incorrect "Exclusively an auditor" is not an idea that seems to speak of "skepticism."
c. Incorrect Professional obligations" is not an idea that seems to speak of "skepticism."
d. Incorrect This is more an assumption of necessity than of skepticism.
1.25 a. Incorrect While work on a forecast is covered by the attestation standards, the auditors should give assurance or a disclaimer.
b. Correct This is the basic definition of attestation--giving a report on reliability of an assertion one party makes to another.
c. Incorrect Tax work is not an attestation service.
d. Incorrect Litigation and expert witness services are not attestation services.
1.26 a. Incorrect The objective of environmental auditing is to help achieve and maintain compliance with environmental laws and regulations and to help identify and correct unregulated environmental hazards
b. Incorrect The objective of financial auditing is to obtain assurance on the conformity of financial statements with generally accepted accounting principles.
c. Incorrect The objective of compliance auditing is the entity’s compliance with laws and regulations.
d. Correct Operational auditing refers to the study of business operations for the purpose of making recommendations about the economic and efficient use of resources, effective achievement of business objectives, and compliance with company policies.
1.27 a. Incorrect While not the primary objective of an operational audit, auditors should still be concerned about compliance with financial accounting standards.
b. Correct This statement is part of the basic definition of operational auditing.
c. Incorrect An operational audit does not focus on the financial statements.
d. Incorrect Analytical tools and skills are an important part of financial auditing.
1.28 a. Correct The proper reference is to GAAP.
b. Incorrect The AICPA does not refer only to the FASB for GAAP.
c. Incorrect The reference to the SEC is wrong.
d. Incorrect This is an abstract of the AAA definition.
1.29 d. Correct While "complexity," "remoteness," and "consequences" are good answers, "skepticism," or potential conflict of interest, generally drives the demand for audited financial statements.
1.30 a. Correct Sarbanes-Oxley prohibits the provision of bookkeeping services to an audit client.
b. Correct Sarbanes-Oxley prohibits the provision of internal audit services to an audit client.
c. Correct Sarbanes-Oxley prohibits the provision of valuations services to an audit client.
d. Correct Because a, b, and c are correct responses, d (all of the above) is the best response.
1.31 a. Incorrect Auditors do not reduce or control business risk.
b. Correct While "reduce and control" are not well‑chosen words, this is the best answer because auditors give some assurance that the information risk is low.
c. Incorrect This is taken from the economics of auditing feature of demand for accounting services.
d. Incorrect Auditors only indirectly control the timeliness of financial statements.
1.32 d. Correct Answers a, b, and c refer to a financial statement audit, an internal controls attestation engagement, and an operational audit, respectively. Compliance refers to following laws, rules, regulations, and policies.
1.33 d. Correct While answers a, b, and c are true, experience, education, and successful completion of the Uniform CPA are all necessary to be licensed as a CPA.
1.34 d. Correct The mission of the U.S. Government Accountability Office is to ensure that public officials are using public funds efficiently, effectively, and economically.
1.35 b,d Correct The two categories of performance audits are economy and efficiency audit and program audits.
1.36 c. Correct Review of credit ratings of customers gives indirect evidence of the collectibility (valuation) of accounts receivable.
1.37 a. Incorrect Rhonda’s representations are not sufficient evidence to support assertions made in the financial statements.
b. Incorrect Despite Rhonda’s representations, Jones must gather additional evidence to corroborate Rhonda’s assertions.
c. Incorrect Rhonda’s representations are a form of evidence (albeit weak) that should neither be disregarded, nor blindly regarded without professional skepticism.
d. Correct Rhonda’s assertions need corroboration.
1.38 a. Incorrect Although there is a high level of risk associated with client acceptance, this phrase was created by the authors.
b. Correct Information risk is the probability that the information circulated by a company will be false or misleading.
c. Incorrect Moral hazard is the risk that the existence of a contract will change the behavior of one or both parties to the contract.
d. Incorrect Business risk is the probability an entity will fail to meet its objectives and, ultimately, fail.
1.39 a. Correct Completeness includes cutoff which refers to accounting for revenue, expense, and other transactions in the proper period (neither postponing some recordings to the next period nor accelerating next-period transactions into the current-year accounts).
1.40 d. Correct The objective related to rights and obligations is to establish with evidence that amounts reported as assets of the company represent its property rights and that the amounts reported as liabilities represent its obligations.
1.41 b. Correct Management’s existence assertion states that reported assets, liabilities, and equities actually exist.
1.42 a. Incorrect Under Sarbanes-Oxley, professional service firms are prevented from acting in a managerial decision making role for an audit client.
b. Incorrect Under Sarbanes-Oxley, professional service firms are prevented from auditing the firm’s own work on an audit client.
c. Incorrect Under Sarbanes-Oxley, professional service firms may only provide tax consulting service to an audit client with the audit committee’s approval.
d. Correct Sarbanes-Oxley prevents professional service firms from engaging in any of the above listed capacities.
1.43 d. Correct Reciprocity refers to the process through which CPAs licensed in one state can obtain a CPA certificate and license in another state.
1.44 a. Correct Auditing is a subset of attestation engagements that focuses on the certification of financial statements.
b. Incorrect Auditing is a subset of attestation that provides higher assurance than that provided by an attestation engagement.
c. Incorrect Consulting engagements focus on providing clients with advice and decision support.
d. Incorrect Assurance engagements are designed to improve the quality of information, or its context, for decision makers.
1.45 d. Correct Although auditing is a subset of attestation, and attestation is a subset of assurance, the focus of the engagements tends to be very specific.
1.46 d. Correct Credibility, advancement, and monetary rewards are all reasons to become certified.
SOLUTIONS FOR EXERCISES AND PROBLEMS
1.47 Audit, Attestation, and Assurance Services
Students may encounter some difficulty with this matching because the Special Committee on Assurance Services listed many things that heretofore have been considered "attestation services" (long before assurance services were invented). Maybe this is a good vehicle for discussing the considerable overlap between attestation services (attestation standards) and assurance services.
Real estate demand studies -- Assurance service (listed by SCAS but not in the textbook chapter)
Ballot for awards show -- Assurance service (listed by SCAS but not in the textbook chapter) [But PwC attested to the Academy Awards ballot results long before assurance services were invented]
Utility rate applications -- Attestation service (or maybe a consulting service; I'm somewhat surprised the SCAS did not list it as an assurance service.)
Newspaper circulation audits --Assurance service (listed by SCAS but not in the textbook chapter) [But this work has appeared in prior years in examples of attestation services]
Third-party reimbursement maximization -- Assurance service (listed by SCAS and listed in the textbook chapter)
Annual financial report to stockholders -- Audit service
Rental property operations review -- Assurance service (listed by SCAS and listed in the textbook chapter)
Examination of financial forecasts and projections -- Attestation service (but also listed by SCAS as an assurance service)
Customer satisfaction surveys-- Assurance service (listed by SCAS and listed in the textbook chapter)
Compliance with contractual requirements -- Attestation service (but also listed by SCAS as an assurance service)
Benchmarking/best practices -- Assurance service (listed by SCAS and listed in the textbook chapter)
Evaluation of investment management policies -- Assurance service (listed by SCAS and listed in the textbook chapter)
Information systems security reviews -- Assurance service (listed by SCAS and listed in the textbook chapter)
Productivity statistics -- Attestation service (but also listed by SCAS as an assurance service under various descriptions)
Internal audit strategic review -- Assurance service (listed by SCAS and listed in the textbook chapter)
Financial statements submitted to a bank loan officer -- Audit service
1.48 Controller as Auditor
When the CPA is hired by Hughes Corporation, he can no longer be considered independent with respect to the annual audit. The annual audit may then be unnecessary in a short‑run view and unnecessary to the extent of services exclusive of the attest opinion. It is true that the in‑house CPA can perform all the procedural analyses that would be required of an independent audit; however, it is extremely unlikely that he could inspire the confidence of users of financial statements outside the company. He cannot modify the perception of potential conflict of interest that creates demand for the independent audit. As a matter of ethics rules, this CPA would be prohibited from signing the standard unqualified attest opinion.
1.49 Operational Auditing
Bigdeal cannot hire the GAO. This government agency does not perform operational audits for private industry.
One possibility is the management advisory services department of a large CPA firm. The major advantage may be total objectivity. The CPA firm has no stake in making a report reflect favorably or unfavorably on Smalltek (provided there are no prior relations of the CPA firm with Bigdeal managers that may suggest a bias or with Smalltek). The possible disadvantage is that the CPA firm may not possess the required expertise in Smalltek's type of business.
Another possibility is the Bigdeal internal audit department. The major advantage may be a thorough appreciation of Bigdeal's managerial effectiveness and efficiency standards and a longstanding familiarity with Bigdeal's business. The possible disadvantage could be that the internal auditors may not be independent enough from internal management pressures for making or breaking the deal for reasons other than Smalltek's efficiency and effectiveness.
Another possibility is a nonCPA management consulting firm. The major advantage of objectivity would be similar to the CPA firm, and such firms often have experts in manufacturing, sales, and research and development management. The major disadvantage could be a lack of appreciation and familiarity with Bigdeal's management standards (as possessed by the Bigdeal internal auditors).
1.50 Auditor as Guarantor
The neighbor appears to be uninformed on the following points:
| According to auditors' dogma, Price Waterhouse did not prepare the Dodge Corporation financial statements, and no auditor prepares a company's statements. | Inform your neighbor that Dodge management is primarily responsible for preparing the financial statements and deciding upon the appropriate accounting principles. |
| An unqualified opinion does not mean an investment is safe. | Tell your neighbor that the financial statements are history. The value of his investment depends on future events, including the many factors that affect market prices. Tell him the opinion only means that the statements conform to GAAP (and you can add that the auditor knows of no material fraud or error). |
1.51 Identification of Audits and Auditors
The responses to this matching type of question are ambiguous. The engagement examples are real examples of external, internal and governmental audit situations. You might point out to students that the distinctions among compliance, economy and efficiency and program results audits are not always clear. The "solution" is shown below in matrix form, showing some engagement numbers in two or three cells. The required schedule follows.
| | Type of Audit | |||
Kind of Auditor | Financial Statement | Compliance | Economy, Efficiency | Program Results |
| Independent CPA | 2, 10 | | | |
| Internal Auditor | | 6, 8 | 4, 8 | |
| Governmental (GAO) | | | 1, 3 | 1, 3, 9 |
| IRS Auditor | | 5 | | |
| Bank Examiner | | 7 | | |
| 1. Proprietary school's training expenses | Economy and Efficiency Program Results | Governmental (GAO) |
| 2. Advertising agency financial statements | Financial statement | Independent CPAs |
| 3. Dept. of Defense launch vehicle | Economy and Efficiency or Program Results | Governmental (GAO) |
| 4. Municipal services | Economy and Efficiency | Internal auditors |
| 5. Tax shelters | Compliance | IRS auditors |
| 6. Test pilot reporting | Compliance | Internal auditors |
| 7. Bank solvency | Compliance | Bank examiners |
| 8. Materials inspection by manufacturer | Compliance or Economy and Efficiency | Internal auditors |
| 9. States' reporting chemical use data | Program goal | Governmental (GAO) |
| 10. Sports complex forecast | Financial statement | Independent CPAs |
1.52 Financial Assertions and Audit Objectives
The objectives for the audit of Spillane's securities investments at December 31 are to obtain evidence about the assertions implicit in the financial presentation, specifically:
1. Existence. Obtain evidence that the securities are bona fide and held by Spillane's or by a responsible custodian.
Occurrence. Obtain evidence that the loan transaction and securities purchase transactions actually took place during the year under audit.
2. Completeness. Obtain evidence that all the securities purchase transactions were recorded.
3. Rights. Obtain evidence that the securities are owned by Spillane.
Obligation. Obtain evidence that $500,000 is the amount actually owed on the loan.
4. Valuation. Obtain evidence of the cost and market value of the securities held at December 31. Decide whether any write downs to market are required by GAAP.
5. Presentation and Disclosure. Obtain evidence of the committed nature of the assets, which should mean they should be in a non‑current classification like the loan. Obtain evidence that restrictions on the use of the assets are disclosed fully and agree with the loan documents.
1.53 Internet Exercise: Professional Certification
These answers will be dependent upon the student's state. Many states have recently reduced the experience requirements, either 1) reducing or eliminating an audit experience requirement, and/or 2) reducing the experience requirement in lieu of additional education. For a quick link to each state, visit the National Association of State Boards of Accountancy .
1.54 Internet Exercise: ASB Proposed Statement on Auditing Standards on Audit Evidence
The following table describes both the existing assertions and the new assertions proposed in the Auditing Standards Board’s exposure draft.
| Assertions about events and transactions | Assertions about account balances | Assertions about footnote disclosures | |||
| Existing (PCAOB) | Proposed (ASB) | Existing (PCAOB) | Proposed (ASB) | Existing (PCAOB) | Proposed (ASB) |
| Occurrence | Occurrence | Existence | Existence | Existence or Occurrence | Occurrence |
| Completeness (includes the concept of cutoff) | Completeness Cutoff | Completeness | Completeness | Completeness | Completeness |
| Valuation and allocation | Accuracy | Valuation and allocation | Valuation and allocation | Valuation and allocation | Accuracy and valuation |
| Presentation and disclosure | Classification | Presentation and disclosure | | Presentation and disclosure | Classification and understandability |
| | | Rights and obligations | Rights and obligations | Rights and obligations | Rights and obligations |
There are a couple of significant differences that students should make note of:
1. The ASB Exposure Draft lists a number of assertions (classification, accuracy) under the heading of presentation and disclosure, while the PCAOB maintains presentation and disclosure as a separate assertion.
2. Cutoff is listed in the exposure draft as separate and distinct from existing completeness assertion.
Although not labe led as such, we have included discussions of proposed assertions in the tex
Of the eight issued exposure drafts, the reconceptualization of management’s assertions appears to be receiving the most “hate mail.” Respondents complain that the new version is too confusing compared to the existing assertions.
Hey,
ReplyDeleteReally wonderful blog. i am very impressed. thanks for sharing it.
Regards
Tax Planning