chapter 4 an auditor s servicesinternational standards on auditing chapter 4 ... other assurance and...

Hayes, Gortemaker and Wallage, Principles of Auditing PowerPoints on the Web, 3rd edition © Pearson Education Limited 2014

Slide 4.1

Principles of Auditing: An Introduction to

International Standards on Auditing

Chapter 4 – An Auditor’s Services

Rick Hayes, Hans Gortemaker

and Philip Wallage


Slide 4.2

Besides the International Framework for Assurance

Engagements, ISAs, ISREs and ISAEs, practitioners

who perform assurance engagements are governed by

• The IESBA Code of Ethics for Professional

Accountants

• International Standards on Quality Control (ISQCs).


Slide 4.3

What services does an independent audit firm

offer their clients?


Slide 4.4

IAASB’s Engagement Standards

• Some engagement standards are based on ‘International Framework for Assurance Engagements’ (assurance engagements), and others result from the ‘Related Services Framework’ (related services engagements).

• Three sets of standards (ISAs, ISREs (historical financial) and ISAEs (not based on historical f/s) share the assurance engagement framework and one standard set (ISRS) is based on the related services framework.

• ISAs, ISREs, ISAEs and ISRSs are collectively referred to as the IAASB’s Engagement Standards.


Slide 4.5


Slide 4.6

Assurance Engagements on Subject Matters Other

than Historical Financial Information (ISAEs)

The ISAE standards are divided into two parts:

1. ISAEs 3000–3399 which are topics that apply to all

assurance engagements.

2. ISAEs 3400–3699 which are subject specific standards,

for example standards relating to examination of

prospective financial information.


Slide 4.7

Not all engagements performed by

practitioners are assurance engagements

Frequently performed engagements that are not

covered by the Assurance Framework are:

• Engagements covered by International Standards

for Related Services (ISRS), such as agreed-upon

procedures and compilations.

• The preparation of tax returns where no conclusion

conveying assurance is expressed.

• Consulting (or advisory) engagements such as tax

consulting and being an expert witness.


Slide 4.8

Related Services Framework (ISRSs)

Standards under this framework, International Standards on Related Services (ISRSs), are applied currently to two related services:

• Agreed-upon procedures (ISRS 4400) Agreed-upon procedures are based on audit procedures in a very limited ‘agreed upon’ area with a proscribed set of users.

• Compilations (ISRS 4410) Compilations offer no assurance whatsoever.


Slide 4.9

Assurance engagements

Assurance engagement means an engagement

in which a practitioner expresses a conclusion

designed to enhance the degree of confidence

of the intended users (other than the

responsible party) about the outcome of the

evaluation or measurement of a subject

matter against criteria.


Slide 4.10

Five elements that all assurance

engagements exhibit

1. A three party relationship involving a

practitioner, a responsible party, and the

intended users

2. An appropriate subject matter

3. Suitable criteria

4. Sufficient appropriate evidence

5. A written assurance report.


Slide 4.11

Illustration 4.2 Context Data Flow Diagram of Assurance Engagement Elements


Slide 4.12

Three-party relationship

1. The practitioner (e.g. auditor, accountant, expert) gathers

evidence to provide a conclusion to the intended users

about whether a subject matter (e.g. financial statements)

conforms, in all material respects, with identified criteria.

2. The responsible party may or may not be the party

who engages the practitioner (the engaging party).

The responsible party ordinarily provides the practitioner

with a written representation that evaluates or measures

the subject matter against the identified criteria.

3. The intended users are the person, persons or class of

persons for whom the practitioner prepares the assurance

report.


Slide 4.13

Illustration 4.3 Data Flow Diagram Assurance Engagement Elements and

Engagement Sub-Processes


Slide 4.14

According to the glossary of the textbook, a subject matter of an assurance is the topic about which the assurance is conducted. Subject matter can be financial statements, statistical information, etc.

The assurance framework uses the term ‘subject matter information’ to mean the outcome of the evaluation or measurement of a subject matter.

Subject matter and subject matter

information


Slide 4.15

Subject matter information –The outcome of

the evaluation or measurement of a subject

matter. It is the subject matter information

about which the practitioner gathers sufficient

appropriate evidence to provide a reasonable

basis for expressing a conclusion in an

assurance report.


Slide 4.16

The subject matter, and subject matter

information, of an assurance engagement can

take many forms, such as:

• Financial performance or conditions (for example,

historical or prospective financial position, financial

performance and cash flows)

– for which the subject matter information may be the

recognition, measurement, presentation and

disclosure represented in financial statements.

• Non-financial performance or conditions (for

example, performance of an entity)

– for which the subject matter information may be key

indicators of efficiency and effectiveness.


Slide 4.17

Subject matter of an engagement

• Physical characteristics (for example, capacity of a

facility)

– for which the subject matter information may be a

specifications document.

• Systems and processes (for example, an entity’s

internal control or IT system)


statement of effectiveness.

• Behaviour (for example, corporate governance,

compliance with regulation, human resource practices)


statement of compliance or a statement of effectiveness.


Slide 4.18

Suitable criteria

Suitable criteria are the benchmarks (standards, objectives or set of rules) used to evaluate the subject matter of an assurance engagement.

– International Financial Reporting Standards

– US Generally Accepted Accounting Principles

– National standards

– Global Reporting Initiative

– PCAOB internal control report criteria

– Applicable law, regulation or contract

– An agreed level of performance

– Internal control framework


Slide 4.19

Characteristics of suitable criteria

a. Relevance

b. Completeness

c. Reliability

d. Neutrality

e. Understandability


Slide 4.20

Sufficient appropriate audit evidence

• Sufficiency is the measure of the quantity of

evidence.

• The quantity of evidence needed is affected by

the risk of the subject matter information being

materially misstated (the greater the risk, the

more evidence is likely to be required) and also

by the quality of such evidence (the higher the

quality, the less may be required).

• Appropriateness is the measure of the quality of

evidence; that is, its relevance and its reliability.


Slide 4.21

Assurance report

The auditor provides a written report that

conveys the assurance obtained from the

subject matter information.

– ISAs, ISREs and ISAEs establish basic

elements for assurance reports.


Slide 4.22

Reasonable and limited assurance

engagements

• ‘Reasonable assurance engagement’ and ‘limited assurance engagement’ distinguish between the two types of assurance engagement.

• In a reasonable assurance engagement the practitioner expresses the conclusion in the positive form. E.g. ‘In our opinion internal control is effective in all material respects based on XYZ criteria’.

• In a limited assurance engagement the practitioner expresses the conclusion in the negative form. E.g. ‘Based on the work described in this report, nothing has come to our attention that causes us to believe that internal control is not effective, in all material respects, based on XYZ criteria’.


Slide 4.23

Reasonable assurance engagement

Illustration 4.4


Slide 4.24

Limited assurance agreement

Illustration 4.4 (Continued)


Slide 4.25

Assurance report standard elements

The standard elements of the report include the title,

addressee, the identification of the subject matter

information, identification of the criteria, identification

of the responsible party and their responsibilities, the

practitioner’s responsibilities, a statement that the

engagement was performed in accordance with

ISAEs, summary of the work performed, practitioner’s

conclusion, assurance report date, practitioner’s

name and specific location, and, if appropriate, a

description of any significant inherent limitations, or

a statement restricting the use to certain intended

users.


Slide 4.26

Basic elements on the assurance report

• A title that clearly indicates the report is an

independent assurance report.

• An addressee identifies the party or parties to

whom the assurance report is directed.

• A statement to identify the responsible party and

to describe the responsible party’s and the

practitioner’s responsibilities.

• The assurance report refer specifically to being

performed in accordance with that specific

ISAEs.

• The name of the firm or the practitioner, and a

specific location.


Slide 4.27

Assurance report basic elements

Illustration 4.5

Illustration 4.5 Assurance Report Basic Elements


Slide 4.28

Qualified conclusions, adverse conclusions

and disclaimers of conclusion

The practitioner should not express unqualified

conclusion when the following circumstances exist

and, the effect of the matter is or may be material:

• There is a limitation on the scope of the

practitioner’s work preventing gathering sufficient

appropriate audit evidence.

• In those cases where the responsible party’s

assertion is not fairly stated and the subject

matter information is materially misstated.


Slide 4.29

Professional judgement

• The nature of the International Standards requires

the professional accountant to exercise professional

judgement in applying them.

• Professional judgement is the application of relevant

training, knowledge and experience, within the

context provided by auditing, accounting and ethical

standards, in making informed decisions about the

courses of action that are appropriate in the

circumstances of the audit engagement.


Slide 4.30

Professional judgement required for

• The critical elements of auditing including criteria,

independence of mind, sufficient appropriate

audit evidence, determining and communicating

significant deficiencies in internal control and

determination of whether an audit objective has

been achieved requires professional judgement.

• The assessment of risks is a matter of professional

judgement, rather than a matter capable of precise

measurement.

• Professional judgement is required in determination

of the level of supervision of the engagement team.


Slide 4.31

Documenting professional judgement

The auditor is required to prepare audit

documentation sufficient to enable an experienced

auditor, having no previous connection with the

audit, to understand the significant professional

judgements made in reaching conclusions on

significant matters arising during the audit.


Slide 4.32

Professional scepticism

• The ISAs require that the auditor’s professional

actions including planning and performing an

assurance engagement must be carried out with

an attitude of professional scepticism recognising

that circumstances may exist that cause the

subject matter information to be materially

misstated.

• Professional scepticism is an attitude that includes

a questioning mind, being alert to conditions which

may indicate possible misstatement due to error or

fraud, and a critical assessment of audit evidence.


Slide 4.33

International Standard on Quality Control #1

(ISQC #1)

• ISQC #1 applies to all firms of professional

accountants in respect to audits and reviews,

other assurance and related services

engagements.

• ISQC #1 gives the requirements designed to

enable the firm to meet the objective of quality

control. In addition, it contains related guidance

in the form of application and other explanatory

material.

• ISA 220 deals with quality control procedures for

audits of financial statements.


Slide 4.34

The audit firm must establish, maintain, document and

communicate to their personnel a system of quality control

that includes policies and procedures that address each of

the following elements:

• Leadership responsibilities for quality within the firm

• Relevant ethical requirements

• Acceptance and continuance of client relationships and

specific engagements

• Human resources

• Engagement performance

• Monitoring.


Slide 4.35

Thank you for your attention

Any Questions?

chapter 4 an auditor s servicesinternational standards on auditing chapter 4 ... other assurance and...

Documents