INTRODUCTION TO AUDITING

Overview of Auditing

Auditing, Defined:
Auditing is “a systematic process of objectively obtaining and evaluating evidence regarding assertions
about economic actions and events to ascertain the degree of correspondence between those assertions and
established criteria and communicating the results to the interested users.”

Two processes of auditing:

a. Investigative process – involves the systematic gathering and evaluation of evidence as a basis for
determining whether assertions made by responsible person correspond with the established criteria
b. Reporting process – involves communicating the audit opinion to interested users

Important Concepts:
1. Systematic process – auditing involves structured/logical series of sequential steps or procedures
known as the audit process

2. Objectively obtaining and evaluating evidence – auditing involves gathering and evaluating
sufficient appropriate audit evidence that will support the auditor’s opinion
 Objectivity refers to the combination of impartiality, intellectual honesty and freedom from
conflicts of interest.
 Audi evidence is the information obtained by the auditor in arriving at the conclusions on which
the audit opinion is based.

3. Assertions about economic actions and events – assertions are the subject matter of auditing
 In the context of audit of financial statements, assertions are representations of management,
explicit or otherwise, that are embodied in the financial statements. Assertions include the
accounts, balances/amounts and disclosures appearing on the face of the financial statements
(and in the notes to financial statements) and which the management claims to be free of
misstatements.
 Audit evidence gathered and evaluated by the auditor may support or contradict the assertions
of management.

4. Established criteria – the standards or benchmarks that are needed to judge the validity of the
assertions on the financial statements
 In the context of audit of financial statements, the established criteria are the applicable financial
reporting framework (for example, the PFRS).

5. Ascertain the degree of correspondence between assertions and established criteria – The
auditor’s objective is to determine whether the assertions conform with established criteria, that is,
whether the financial statements are prepared, in all material respects, in accordance with the
applicable financial reporting framework (such as the PFRS).

6. Communicating the results to the interested users – The ultimate objective of audit is the
communication of audit findings/opinion on the fairness of the financial statements to interested
users.
 Communicating results is achieved through issuance of a written audit report which contains the
audit opinion (or disclaimer of opinion).
 Interested users are the wide variety of financial statements users who rely on the auditor’s
opinion such as the stockholders, creditors, potential investors and creditors, management,
government agencies, and the public (in general).

FS audit is an Assurance Engagement:

Financial statements audit engagement is an assurance engagement because it provides a reasonable (high
but not absolute) level of assurance that the subject matter conforms in all material respects with identified
suitable criteria. It has the elements of an assurance engagement as follows:
1. Three Party Relationship:
a. Practitioner: Independent or External auditor
b. Responsible party: Client’s management
c. Intended users: Users of financial statements
2. Subject matter: Assertions/Financial statements of the client company
3. Criteria: Applicable financial reporting framework / GAAP in the Philippines (PFRS)
4. Sufficient appropriate evidence: Auditor obtains sufficient appropriate audit evidence as a basis for
audit conclusion/opinion
 5. Written Assurance Report: Independent auditor’s report contains the audit conclusion/opinion

Basic Distinctions between Auditing and Accounting:

 Auditing involves verification of financial statements as to its fairness of presentation while accounting
involves preparation and presentation of financial statements
 Auditing begins when accounting ends. Accounting precedes auditing because without financial
statements there could be no audit of financial statements.
 The end product of the accounting process is a set of financial statements while the end product of the
audit process is an auditor’s report.
 An auditor must be proficient/expert in accounting (since the auditor will use GAAP in evaluating the
fairness of the financial statements) as well as in auditing, specifically, in accumulation and
interpretation of audit evidence. An accountant need not be proficient in auditing.
 Auditing is considered as a separate discipline or field of study.
 As to frameworks/foundations:
 Accounting – Framework for Preparation of Financial Statements
 Auditing – Philippine Framework for Assurance Engagements
 Auditing is governed by generally accepted auditing standards (GAAS) while accounting is governed by
GAAP/PFRS

Elements of Theoretical Framework of Auditing:

Auditing concepts and standards are based on the following postulates and assumptions which form part of
the elements of theoretical framework of auditing:
1. An audit benefits the public. – the primary beneficiary of reliable financial statements are the wide
variety of users (intended users)
2. Financial data and statements to be audited are verifiable. – if financial statements are not
verifiable, there can be no audit
 Financial statements or data are verifiable if two or more qualified individuals, working
independently, each reach essentially similar conclusions.
3. The auditor should always maintain independence with respect to the client whose financial
statements are subject to audit. – audit opinion and the audit report would be of little or no value if
auditor is not independent
4. Effective internal control system reduces the possibility of errors and fraud affecting the financial
statements. – Internal control affects the reliability of the financial statements. The stronger the
internal control is, the lesser the possibility of errors and fraud, and consequently, the more reliance on
internal control can be placed or assurance that it can generate reliable accounting data and financial
statements.
5. There should be no long-term conflict between the auditor and the client management. – Short-
term conflicts may exist between the management who prepare the data and auditors who examine the
data but such conflicts must be resolve since both must be interested in fairness of the financial
statements.
6. Consistent application of GAAP results in fair presentation of FS. – The criterion in financial
statement audit is an identified or applicable financial reporting framework, which is usually the PFRS.
7. What was held true in the past will continue to hold true in the future in the absence of known
conditions to the contrary. – Experience and knowledge accumulated from auditing a client in prior
years can be used to determine the appropriate audit procedures that need to be performed.

Need for Independent Audit of Financial Statements:

The market for auditing services is driven demand by external users for reliable, dependable or fairly
stated financial statements that they will use in making economic decisions. Such demand is the primary
economic reason for an audit of financial statements. Users demand for reliable financial statements because of
information risk, that is, the risk that the financial statements that will be used for decision-making are
materially misleading, unreliable or inaccurate.

Four primary factors that contribute to information risk (causes of information risk):
1. Remoteness of information users from information providers
2. Potential bias and motives of information provider
3. Voluminous data, and
4. Complex exchange transactions

Methods or ways to reduce information risk:

1. Allow users to verify information such as in case of due diligence audit
2. Let users share information risk with management
3. Have the financial statements audited – the most commonly used method

Four Conditions/Reasons that gave rise to a Demand for Independent Audit:

a. Potential conflict of interest between users and preparers of the financial information can result
in biased information – Client management may not be objective in financial reporting. It may provide
impressive but biased, unrealistic, or misleading financial statements to obtain benefits that it seeks.
 On the other hand, financial statement users need unbiased, realistic, or reliable financial statements.
b. Remoteness of users – Users do not have access to entity’s records to personally verify the reliability of
the financial information.
c. Complexity of subject matter requires expertise – Expertise is often required for information
preparation and verification. Users of financial statements are not equipped with the necessary skills,
competence, and knowledge of complexities of accounting and auditing to determine whether the
financial statements are reliable.
d. Consequence for decision making – Financial statements are used for important decisions that involve
significant amount of money. If a decision is based on misleading financial information, it could have
substantial financial or economic consequences on decision makers.

Another condition that gave rise to demand for audit of financial statements is the stewardship or
agency theory which means that management wants the credibility an audit adds to the financial
statement to enhance stewardship of the financial statement and to lessen the owner’s mistrust of the
management.

Examples of Instances Requiring Independent Financial Statements Audit:

 Application for a bank loan
 Establishing credit worthiness for purchase of merchandise, equipment, or other assets
 Reporting financial position, operating results, and cash flows to absentee owners (stockholders or
partners)
 SEC requirements:
 Issuance of securities by a corporation
 Annual financial statements by a corporation with securities listed on a stock exchange or traded
over the counter
 Sale of a business (such as merger) requires due diligence audit
 Termination of a partnership
 Preparation of income tax returns
 Establishing losses from fire, theft and burglary
 Bankruptcy and insolvency cases

Audit of Financial Statements

Audit of financial statements is the objective or independent examination of financial statements of an

entity to enable the auditor to express an opinion on thereon, that is, whether the financial statements are
prepared, in all material respects, in accordance with an applicable financial reporting framework.

In an audit of financial statements, the entity subject to audit may be profit-oriented or not, irrespective
of size and legal form.

Synonymous terms:
Audit of financial statements is sometimes called:
 Independent audit because in an audit of financial statements the auditor is independent of the
client subject to audit.
 External audit because it is performed by an external auditor who is not an employee of the
client subject to audit.
 Independent financial statement audit
 Financial statement audit
 Financial audit

Various descriptions:
Independent auditing has been described in a variety of ways, as follows:
 It involves objective examination of and reporting on financial statements prepared by
management
 It is a discipline which attests to the results of accounting and other functional operations and
data.
 It lends credibility to the financial statements.
 It provides increased assurance to users as to the fairness of the financial statements.
 Its essence is to determine whether the client’s financial statements are fairly stated.
 It enhances the degree of confidence of interested users in the financial statements.
 It provides reasonable assurance that the financial statements fairly reflect the economic
substance of the transactions and events reflected in those statements.

Purpose of an Audit of Financial Statements:

The purpose of an audit is to enhance the degree of confidence of intended users in the financial
statements. Such purpose is achieved by the expression of an opinion by the auditor on whether the financial
statements are prepared, in all material respects, in accordance with an applicable financial reporting
framework.

Objective of an Audit of Financial statements:

The objective of an audit of financial statements is to enable the auditor to express an opinion on whether
the financial statements are prepared, in all material respects, in accordance with an identified financial
reporting framework.

Overall Objectives of the Independent Auditor:

a. To obtain reasonable assurance about whether the financial statements as a whole are free from
material misstatement, whether due to fraud or error.

 Reasonable assurance means high, but not absolute, level of assurance

 Reasonable assurance is the basis for the auditor’s opinion. Reasonable assurance is achieved
when the auditor has obtained sufficient appropriate audit evidence to reduce audit risk to an
acceptably low level.

b. To report on the financial statements and to communicate such report in accordance with the auditor’s
findings.

Auditor’s opinion and reasonable assurance:

The auditor's opinion, as expressed in the auditor’s report, enhances the credibility of the financial
statements by providing a reasonable assurance that the financial statements are fairly presented or
free from material misstatement.

Audit opinion is based on whether reasonable assurance is obtained:

1. When reasonable assurance is obtained: Auditor shall express an unqualified opinion
2. When reasonable assurance cannot be obtained: The auditor is required to:
a. Express a qualified opinion in the auditor’s report
b. If qualified opinion is insufficient in the circumstances:
 Disclaim an opinion or
 Withdraw from the engagement, where withdrawal is legally permitted

Audit Opinion and Audit Report:

 Audit opinion:
 In a financial statement audit, the auditor obtains sufficient appropriate audit evidence to be able
to draw conclusions on which to base the audit opinion. The auditor’s opinion is on the fairness of
the audited financial statements.
 The auditor's opinion helps establish the credibility of the financial statements.
 Auditor’s report:
 The primary product of an audit engagement
 The end product of the audit process
 A written report that contains auditor’s opinion about the fairness of the financial statements
 The medium through which the auditor communicates the results of his or her work

Importance of audit opinion/audit report:

 It lends credibility to the financial statements.
 It provides increased assurance (reasonable assurance) to users as to the fairness of the financial
statements.

Financial statement audit (or the audit opinion and auditor’s report) is:
 NOT a certification or guarantee as to accuracy or fairness of the financial statements.
 NOT an assurance as to future viability of the entity.
 NOT an assurance as to efficiency or effectiveness of the client’s business operations.
 NOT attestation as to the financial strength of an entity, the wisdom of its management decisions,
or the risk of doing business with it.

Standard Independent Auditor’s Report (pls. refer to PSA 700)

Scope of an Audit of Financial Statements:

The auditor’s work is related to his responsibilities:
 Express an audit opinion on the financial statements: The primary responsibility of the auditor is to
express an opinion on the financial statements. The audit opinion deals with whether the financial
statements are prepared, in all material respects, in accordance with the applicable financial reporting
framework.
 Opinion on other specific matters: When an applicable law or regulation requires an auditor to
provide opinions on other specific matters (such as the effectiveness of internal control, or the
 consistency of a separate management report with the financial statements) the auditor would be
required to undertake further work if he had additional responsibilities to provide such opinions.

Financial Statements:
 Financial statements are a structured representation of historical financial information
(including related notes which comprise a summary of significant accounting policies and other
explanatory information), intended to communicate an entity’s economic resources or
obligations at a point in time or the changes therein for a period of time in accordance with a
financial reporting framework.
 The term “financial statements” ordinarily refers to a complete set of financial statements, but
can also refer to a single financial statement.

End Products of Audit Engagement:

a. Independent auditor’s report – the primary product of financial statement audit engagement
b. Certain other communication and reports – other communication and reporting responsibilities to
users, management, those charged with governance, or parties outside the entity, in relation to matters
arising from the audit (as may be required by the PSAs or by applicable laws or regulations)
Examples:
 Communication with those charged with governance
 Auditor’s responsibilities relating to fraud in an audit of financial statements

Management Responsibility for the Financial Statements:

An audit in accordance with PSAs is conducted on the premise that management and, where appropriate,
those charged with governance have acknowledged and understand that they have responsibility over the
financial statements. This responsibility includes not only the preparation and presentation of the financial
statements but also internal control and providing the auditor with information that is necessary in the conduct
of audit.

Management responsibility over the financial statements includes:

1. Responsibility for the preparation and presentation of the financial statements in accordance
with the applicable financial reporting framework which includes:
a. Identification of applicable financial reporting framework, in the context of any relevant
laws or regulations
b. Preparing the financial statements in accordance with that framework
c. Adequate description of that framework in the financial statements
d. Making reasonable accounting estimates
e. Selecting and applying appropriate accounting policies
2. Responsibility for designing, implementing and maintaining internal control that is relevant or
necessary to enable the preparation of financial statements that are free from material
misstatement, whether due to fraud or error, and
3. Responsibility to provide the auditor with:
a. All information (such as records, documentation and other matters) that are relevant to the
preparation and presentation of the financial statements
b. Any additional information that the auditor may request from management for the purpose
of the audit; and
c. Unrestricted access to persons within the entity from whom the auditor determines it
necessary to obtain audit evidence.

Auditor’s Responsibility Vs. Client Management’s Responsibility:

 The client management, with oversight from those charged with governance, has the responsibility for
the preparation and presentation of the financial statements in accordance with the applicable financial
reporting framework. In other words, the management is primarily responsible for the fairness of the
financial statements.
 The auditor’s responsibility for the financial statements is confined or limited to the expression of
opinion on them. The audit of the financial statements does not relieve management or those charged
with governance of their responsibilities over the financial statements because the auditor merely
audits the financial statements.

However, an auditor may make suggestions on the form and content of financial statements or may
draft statement.

Applicable Financial Reporting Framework:

Applicable financial reporting framework means:
 The financial reporting framework adopted by management (and, where appropriate, those charged
with governance) in the preparation of the financial statements that is acceptable in view of the nature
of the entity and the objective of the financial statements, or
 The financial reporting framework that is required by law or regulation
 Financial reporting frameworks encompass primarily the financial reporting standards established by an
organization that is authorized or recognized to promulgate standards to be used by entities for preparing
general purpose financial statements are often designed to achieve fair presentation, for example, Philippine
Financial Reporting Standards (PFRSs).

Sources of Applicable Financial Reporting Framework:

1. Main sources: The applicable financial reporting framework often encompasses financial reporting
standards established by:
 An authorized or recognized standards setting organization
 Legislative or regulatory requirements
2. Other sources:
 The legal and ethical environment (including statutes, regulations, court decisions, and
professional ethical obligations in relation to accounting matters)
 Published accounting interpretations of varying authority issued by standards setting, professional
or regulatory organizations
 Published views of varying authority on emerging accounting issues issued by standards setting,
professional or regulatory organizations
 General and industry practices widely recognized and prevalent; and
 Accounting literature

Where conflicts exist between the financial reporting framework and the sources from which direction
on its application may be obtained, or among the sources that encompass the financial reporting
framework, the source with the highest authority prevails.

Acceptability of the Financial Reporting Framework

The auditor should determine whether the financial reporting framework adopted by management in
preparing the FS is acceptable. An acceptable financial reporting framework is what is referred to as the
“applicable financial reporting framework.” The auditor determines whether the financial reporting
framework adopted by management is acceptable in view of the nature of the entity (for example, whether it is
a business enterprise, a public sector entity or a not for profit organization) and the objective of the FS.

In financial statements audit, financial reporting frameworks that are acceptable as valid criteria include:
1. Philippine Financial Reporting Standards (PFRSs)
2. Philippine Accounting Standards (PASs)
3. International Accounting Standards (IASs)
4. Other authoritative basis

Financial statements need to be prepared in accordance with one, or a combination of the above-cited
financial reporting framework.

Requirements Relating to an Audit of Financial Statements:

1. Relevant ethical requirements – The auditor shall comply with relevant ethical requirements,
including those pertaining to independence, relating to financial statement audit engagements.

Relevant ethical requirements ordinarily comprise:

a. Code of Ethics for Professional Accountants in the Philippines (the Code of Ethics)
promulgated by the Board of Accountancy

Compliance with the Code of Ethics is necessary in order to ensure the highest quality of
performance and to maintain public confidence in the profession and in the context of audit of
financial statements, maintain public confidence in the auditor’s work.

(1) Part A of the Code of Ethics – establishes the fundamental principles of professional ethics
relevant to the auditor when conducting an audit of financial statements and provides a
conceptual framework for applying those principles
The fundamental principles of professional ethics are:
a) Integrity
b) Objectivity
c) Professional competence and due care
d) Confidentiality, and
e) Professional behavior
(2) Part B of the Code of Ethics – illustrates how the conceptual framework is to be applied in
specific situations
(3) Independence requirements
 It is in the public interest that the auditor be independent of the entity subject to the audit.
 The auditor’s independence from the entity safeguards the auditor’s ability to form an
audit opinion without being affected by influences that might compromise that opinion.
  Independence enhances the auditor’s ability to act with integrity, to be objective and to
maintain an attitude of professional skepticism.
Independence requirements comprise of both:
a) Independence of mind
b) Independence in appearance
b. National requirements that are more restrictive
c. Philippine Standard on Quality Control (PSQC) – require the CPA firm to establish and maintain
its system of quality control designed to provide it with reasonable assurance that the firm and its
personnel comply with relevant ethical requirements, including those pertaining to independence

2. Professional skepticism – The auditor shall plan and perform an audit with professional scepticism
recognizing that circumstances may exist that cause the financial statements to be materially misstated.

Professional skepticism is an attitude that includes a questioning mind, a critical assessment of

validity of audit evidence, and being alert to conditions which may indicate possible misstatement due
to error or fraud.
 Professional skepticism is necessary because of the possibility that the financial statements
may be materially misstated. For example, the auditor would ordinarily expect to find
evidence to support management representations and not assume they are necessarily correct.
 In planning and performing the audit, the auditor neither assumes that the management is
honest nor assumes unquestioned honesty.

Professional skepticism is necessary to the critical assessment of audit evidence. This includes:
a. Questioning contradictory audit evidence
b. Considering the reliability of documents and responses to inquiries and other information
obtained from management and those charged with governance
c. Considering the sufficiency and appropriateness of audit evidence obtained in the light of the
circumstances (for example, in the case where fraud risk factors exist and a single document,
of a nature that is susceptible to fraud, is the sole supporting evidence for a material financial
statement amount)

Professional skepticism includes being alert to:

 Audit evidence that contradicts other audit evidence obtained.
 Information that brings into question the reliability of documents and responses to
inquiries to be used as audit evidence.
 Conditions that may indicate possible fraud.
 Circumstances that suggest the need for audit procedures in addition to those required by
the PSAs.

Maintaining professional skepticism throughout the audit is necessary to reduce the risks of:
 Overlooking unusual circumstances.
 Over generalizing when drawing conclusions from audit observations.
 Using inappropriate assumptions in determining the nature, timing and extent of the audit
procedures and evaluating the results thereof.

A belief that they are honest and have integrity does not relieve the auditor of the need to maintain
professional skepticism in conducting the audit.

3. Professional judgement – The auditor shall exercise professional judgment in planning and performing
an audit of financial statements.

Professional judgment is essential to the proper conduct of an audit. This is because interpretation of
relevant ethical requirements and the PSAs and the informed decisions required throughout the audit
cannot be made without the application of relevant knowledge and experience to the facts and
circumstances.

Professional judgment is necessary on decisions about:

 Materiality
 Audit risk
 Nature, timing and extent of audit procedures used to meet the requirements of the PSAs
and gather audit evidence
 Evaluating whether sufficient appropriate audit evidence has been obtained
 Evaluation of management’s judgments in applying the entity’s applicable financial
reporting framework.
 Drawing of conclusions based on the audit evidence obtained (for example, assessing the
reasonableness of the estimates made by management in preparing the financial
statements)
 Professional judgment needs to be exercised throughout the audit. It also needs to be
appropriately documented. In this regard, the auditor is required to prepare audit documentation
sufficient to enable an experienced auditor, having no previous connection with the audit, to
understand the significant professional judgments made in reaching conclusions on significant
matters arising during the audit.

4. Sufficiency and appropriateness of audit evidence and audit risk – To obtain reasonable assurance,
the auditor shall obtain sufficient appropriate audit evidence to reduce audit risk to an acceptably low
level and thereby enable the auditor to draw reasonable conclusions on which to base the auditor’s
opinion.

a. Sufficiency and appropriateness of audit evidence

Audit evidence includes information used by the auditor in arriving at the conclusions on
which the auditor’s opinion is based.
 Audit evidence is necessary to support the auditor’s opinion and report.
 Most of the auditor’s work in forming the auditor’s opinion consists of obtaining and
evaluating audit evidence.
 Audit evidence is cumulative in nature and is primarily obtained from audit procedures
performed during the course of the audit.
 Audit evidence comprises both information that supports and corroborates management’s
assertions, and any information that contradicts such assertions.
 Audit evidence includes both:
(a) Information contained in the accounting records underlying the financial statements
and
(b) Other information

Sufficiency is the measure of the quantity of audit evidence. Sufficiency is influenced or

affected by:
(1) The auditor’s assessment of the risks of misstatement (the higher the assessed risks, the
more audit evidence is likely to be required) and
(2) The quality of such audit evidence (the higher the quality, the less may be required)

Appropriateness is the measure of the quality of audit evidence; that is, its relevance and its
reliability in providing support for the conclusions on which the auditor’s opinion is based. The
reliability of evidence is influenced by its source and by its nature, and is dependent on the
individual circumstances under which it is obtained.

• The sufficiency and appropriateness of audit evidence are interrelated.

• Whether sufficient appropriate audit evidence has been obtained to reduce audit risk to
an acceptably low level, and thereby enable the auditor to draw reasonable conclusions on
which to base the auditor’s opinion, is a matter of professional judgment.
• Obtaining more audit evidence may not compensate for its poor quality.

Sources of audit evidence:

a. Primarily obtained from audit procedures performed during the course of the audit
b. May be obtained from other sources such as:
• Previous audits (provided the auditor has determined whether changes have
occurred since the previous audit that may affect its relevance to the current
audit) or
• A firm’s quality control procedures for client acceptance and continuance
• The entity’s accounting records
• An expert employed or engaged by the entity
• In some cases, the absence of information (for example, management’s refusal to
provide a requested representation) is used by the auditor, and therefore, also
constitutes audit evidence.

b. Audit risk
Audit risk is the risk that the auditor expresses an inappropriate opinion when the financial
statements are materially misstated. Audit risk is a function of the risks of material misstatement
and detection risk.

Audit risk does not include the risk that the auditor might express an opinion that the financial
statements are materially misstated when they are not. Audit risk is a technical term related to
the process of auditing; it does not refer to the auditor’s business risks such as loss from
litigation, adverse publicity, or other events arising in connection with the audit of financial
statements.
 Components of audit risk:
1. Risk of material misstatements is the risk that the financial statements are materially
misstated prior to audit.
Risk of material misstatement may exist at two levels:
 Overall financial statement level – refer to risks of material misstatement that relate
pervasively to the financial statements as a whole and potentially affect many assertions
 Assertion level – refer to risks of material misstatement that relate to classes of
transactions, account balances, and disclosures
Risks of material misstatement at assertion level (inherent risk and control risk) are the
entity’s risks; they exist independently of the audit of the financial statements. Such risks
are assessed in order to determine the nature, timing and extent of further audit
procedures necessary to obtain sufficient appropriate audit evidence.
Risk of material misstatement at the assertion level has two components:
(a) Inherent risk – the susceptibility of an assertion about a class of transaction, account
balance or disclosure to a misstatement that could be material, either individually or
when aggregated with other misstatements, before consideration of any related
controls
(b) Control risk – the risk that a misstatement that could occur in an assertion about a
class of transaction, account balance or disclosure and that could be material, either
individually or when aggregated with other misstatements, will not be prevented, or
detected and corrected, on a timely basis by the entity’s internal control

Control risk is a function of the effectiveness of the design, implementation and

maintenance of internal control by management to address identified risks that
threaten the achievement of the entity’s objectives relevant to preparation of the
entity’s financial statements. However, internal control, no matter how well
designed and operated, can only reduce, but not eliminate, risks of material
misstatement in the financial statements, because of the inherent limitations of
internal control. Accordingly, some control risk will always exist.

2. Detection risk is the risk that the procedures performed by the auditor to reduce audit risk to
an acceptably low level will not detect a misstatement that exists and that could be material,
either individually or when aggregated with other misstatements.

Detection risk relates to the nature, timing and extent of the auditor’s procedures that are
determined by the auditor to reduce audit risk to an acceptably low level. It is therefore a
function of the effectiveness of an audit procedure and of its application by the auditor.

5. The auditor shall conduct an audit in accordance with PSAs

 PSAs contain basic audit principles and essential procedures together with related guidance in the
form of explanatory and other material which the auditor should follow

An audit in accordance with PSAs includes:

a. Compliance with PSAs relevant to the audit
1) Compliance with all PSAs relevant to the audit (a PSA is relevant to the audit when the PSA
is in effect and the circumstances addressed by the PSA exist)
2) The use of the objectives stated in relevant PSAs in planning and performing the audit to
achieve the overall objectives of the auditor.
The auditor is required to use the objectives to evaluate whether sufficient
appropriate audit evidence has been obtained in the context of the overall objectives
of the auditor. If as a result the auditor concludes that the audit evidence is not
sufficient and appropriate, then the auditor may follow one or more of the following
approaches:
• Evaluate whether further relevant audit evidence has been, or will be,
obtained as a result of complying with other PSAs;
• Extend the work performed in applying one or more requirements; or
• Perform other procedures judged by the auditor to be necessary in the
circumstances.

3) In addition, the auditor should also consider Philippine Auditing Practice Statements (PAPSs).
PAPSs provide interpretative guidance and practical assistance to auditors in implementing
the PSAs and to promote good practice in the accountancy profession.

Departure from a relevant requirement in a PSA:

 In exceptional circumstances wherein the auditor may judge it necessary to depart from a relevant
requirement in a PSA, the auditor shall perform alternative audit procedures to achieve the aim of
that requirement.
  The need for the auditor to depart from a relevant requirement is expected to arise only where the
requirement is for a specific procedure to be performed and, in the specific circumstances of the
audit, that procedure would be ineffective in achieving the aim of the requirement.

Concept of Reasonable Assurance:

 Although an audit of financial statements in accordance with PSAs lends credibility to the financial
statements, such audit is designed to provide only reasonable assurance, rather than absolute
assurance, that the financial statements taken as a whole are free from material misstatement, whether
due to fraud or error. In other words, the level of assurance provided by an audit of detecting a
material misstatement is reasonable assurance.
 Reasonable assurance means high, but not absolute, assurance. Reasonable assurance refers to the
conclusion of the auditor or the gathering of the audit evidence necessary for the auditor to conclude
that there are no material misstatements in the financial statements, taken as a whole.
 Reasonable assurance relates to the whole audit process. Reasonable assurance is achieved when the
auditor has reduced audit risk to an acceptably low level by designing and performing audit procedures
to obtain sufficient appropriate audit evidence to be able to draw reasonable conclusions on which to
base an audit opinion.
 Absolute assurance in audit of financial statements is not attainable. Accordingly, the audit opinion is
not a guarantee or certification that the financial statements are free from material misstatements.
 Reasonable assurance recognizes the existence of audit risk. It is the complement of audit risk.

Limitations of Financial Statements Audit:

The auditor is not expected to, and cannot, reduce audit risk to zero and cannot therefore obtain absolute
assurance that the financial statements are free from material misstatement due to fraud or error because there
are inherent limitations of an audit that affect the auditor’s ability to detect material misstatements.

The inherent limitations of an audit arise from:

• Nature of financial reporting – The nature of financial reporting requires management
judgments such as those as to application of the entity’s applicable financial reporting framework
and as to making reasonable accounting estimates.
• Time and cost constraint – The audit should be conducted within a reasonable period of time and
at a reasonable cost.
• Possibility of incompleteness of information – There is the possibility that management or
others may not provide, intentionally or unintentionally, the complete information. Accordingly,
the auditor cannot be certain of the completeness of information, even though the auditor has
performed audit procedures to obtain assurance that all relevant information has been obtained.
• Undetected fraud – Fraud is specifically designed not to be detected. Fraud may involve
sophisticated and carefully organized schemes designed to conceal it. Therefore, audit procedures
used to gather audit evidence may be ineffective for detecting an intentional misstatement that
involves, for example, collusion to falsify documentation which may cause the auditor to believe
that audit evidence is valid when it is not. The auditor is neither trained as nor expected to be an
expert in the authentication of documents. Thus, there is always the possibility that fraud will not
be detected.
• Auditor has no specific legal powers – An audit is not an official investigation into alleged
wrongdoing. Accordingly, the auditor is not given specific legal powers, such as the power of
search, which may be necessary for such an investigation.
• Need for auditor’s judgment – The auditor’s work requires exercise of professional judgment
such in the following matters:
 Identifying and addressing risk factors
 Deciding what evidence to gather
 Making decisions about materiality and audit risk
 Gathering and evaluating audit evidence (for example, in deciding the nature, timing and
extent of audit procedures)
 Evaluating management’s judgments in applying the entity’s applicable financial reporting
framework.
 Assessing the sufficiency and appropriateness of audit evidence
 Drawing of conclusions based on the evidence gathered
 Forming an opinion (the phrase “in our opinion” in the auditor’s report is intended to inform
that auditors based their conclusions on professional judgment)
• Use of testing – The auditor uses testing and other means of examining populations in a manner
that provides a reasonable basis for the auditor to draw conclusions about the population. An audit
is conducted on a test basis or by examining only sample of less than 100% of a population. This
may introduce some risk that a misstatement will not be detected.
• Direction of audit work – Audit effort is directed to areas most expected to contain risks of
material misstatement, whether due to fraud or error, with correspondingly less effort directed at
other areas.
 • Possibility of occurrence of non-compliance with laws and regulations. Auditor’s
responsibility is to detect non-compliance with material direct-effect on the financial statements.
• Inherent limitations of accounting and internal control – Although the auditor performs audit
procedures to detect material misstatements, such procedures may not be effective in detecting
misstatements resulting from the possibility of:
 Management override of controls
 Circumvention of internal control
 Collusion among employees
• Reliance on management representation – Some audit evidence must be obtained by obtaining
oral or written representations from management because many financial statements assertions
cannot be audited.
• Nature of audit evidence available – This is the fact that most of the evidence available to the
auditor is persuasive, rather than conclusive, in nature.
• Availability of audit evidence – Insufficient support may be available for drawing absolute
conclusions on specific assertions such as fair value estimates.
• Other limitations may affect the persuasiveness of audit evidence available to draw
conclusions on particular assertions – For example, existence and completeness of related
parties transactions and relationships.

Note:
 Physical limitations of auditors due to fatigue and stress are not a limitation of audit.
 Because of the inherent limitations of an audit, there is an unavoidable risk that some material
misstatements of the financial statements may not be detected, even though the audit is properly
planned and performed in accordance with PSAs. Accordingly, the subsequent discovery of a
material misstatement of the financial statements resulting from fraud or error does not by itself
indicate a failure to conduct an audit in accordance with PSAs.

Concept of Materiality and Audit Risk:

The auditor obtains and evaluates audit evidence to obtain reasonable assurance about whether the
financial statements are fair or are presented fairly, in all material respects, in accordance with the applicable
financial reporting framework. The term "present fairly, in all material respects": The auditor considers only
those matters that are significant to the financial statements users.

1. Materiality – the magnitude of misstatement or omission; the ability to influence the economic
decision of reasonable financial statement user

When is information material? Information is material if it could influence the economic decision of
financial statements users. In other words, if it is probable that the judgment of a reasonable person
would have been changed or influenced by the omission or misstatement of information, then that
information is material.

2. Audit Risk – the risk that audit opinion is inappropriate when the financial statements are materially
misstated
 Specifically, audit risk is the risk that the auditor expresses an unqualified (or clean) audit opinion
when the financial statements are materially misstated.
 The concept of reasonable assurance acknowledges the existence of audit risk.

General Types of Audit

1. According to objectives or nature of assertion

a. Financial statement audit – an audit conducted to determine whether the financial statements of an
entity are fairly presented in accordance with an identified financial reporting framework (namely, the
PFRS)

An of financial statements is the type of audit most frequently performed by CPAs (due to the
widespread use of audited financial statements) on a fee basis and for more than one client.

b. Compliance audit: a review of an entity’s degree of compliance with applicable laws and
rules/regulations or contracts
 Compliance audits are usually performed by government auditors

Examples: Examination conducted by:

i) BIR examiners: compliance of taxpayers with tax law, rules or regulations
ii) BSP examiners: compliance of banks with banking laws, rules or regulations
iii) COA auditors: compliance of government transactions/expenditures with the requirements of
applicable laws, rules or regulations
 c. Operational audit involves a systematic review and evaluation of the specific operating units (or
procedures, methods or activities) of an organization in relation to specified objectives for the purpose
of measuring/assessing its performance in terms of efficiency and effectiveness of operations,
identifying opportunities for improvement and making recommendations to improve performance
(such as introduction of controls to reduce waste).
 Also called performance audit or management audit
 Example: Evaluation of a company’s computerized accounting system
 Operational audits are usually performed by internal auditors

Internal auditor's responsibilities in operational audits:

In operational audits, the company's management is responsible for setting operating standards. In
contrasts, the internal auditor's responsibilities are to determine that:
a. Management has established such standards.
b. The standards are being met.
c. Deviations from established standards are being identified and corrected.
d. Corrective action has been taken.

Objective of operational auditing:

a. To assess performance in terms of efficiency and effectiveness of operations
Efficiency relates to use of its resources, while effectiveness relates to accomplishing objectives.
(1) Effectiveness – To verify fulfillments of plans and sound business requirements
(2) Efficiency – To determine whether the entity is managing or utilizing its resources
economically and efficiently
b. To identify areas for improvement
c. To develop recommendations to improve performance (such as introduction of controls to reduce
waste)

Operational audit includes:

 Program or effectiveness audit: an audit to determine whether the entity has been effective in
achieving the desired results or benefits of the program or activity
 Economy audit: an audit to determine whether company objectives or goals are met at a cost
commensurate with the task
 Efficiency audit: whether company objectives or goals are met at the least or minimal costs or
resources

Major differences between financial and operational auditing:

 The financial audit is oriented to the past whereas an operational audit concerns performance for
the future.
 The financial audit report is distributed to many readers whereas the operational audit report goes
to a few managers.
 Financial audits are limited to matters that directly affect the financial statements whereas
operational audits cover any aspect of efficiency and effectiveness.

2. According to types of auditor or their affiliation with the entity being examined:
a. External / Independent audit: performed by practitioners or independent CPAs who offer their
professional services for a fee to various clients on a contractual basis
 Independent or external auditors are not employees of the client
 External audit complements internal audit

b. Internal audit: audit performed by entity’s own employees known as internal auditors; internal
auditors investigate and apprise the effectiveness and efficiency of operations and internal controls of
the firm

i) Internal auditing: An independent appraisal function or control or activity established within an

entity to examine and evaluate its activities or other controls as a service to the entity. It is an
independent, objective assurance and consulting activity designed to add value and improve an
organization’s operations. It helps an organization to accomplish its objectives by bringing a
systematic disciplined approach to evaluate and improve the effectiveness of risk management,
control, and governance processes.

 Internal auditing is an appraisal control that measures and evaluates other controls. The
increased complexity and sophistication of business operations have required management
to rely on this appraisal control.
 Internal auditors review the adequacy of the company's internal control system primarily
to ascertain whether the system provides reasonable assurance that the company's
objectives and goals will be achieved efficiently and economically.
 Internal auditors assist in the prevention of fraud by examining and evaluating the system
 of internal control.
 Internal auditors are required to review the means employed by the company to safeguard
its assets from various types of losses such as those resulting from fire, theft, unscrupulous
or illegal activities, and exposure to the elements.

ii) Overall objective of internal auditing: to assist the members of the organization, particularly
management and board of directors, in the effective discharge of their responsibilities; in short, to
provide assistance to or serve the needs of management or board of directors

Internal auditing includes the audit of:

a. Financial and operating information;
b. Compliance with policies, plans, procedures, laws, regulations, and contracts;
c. The means of safeguarding assets and verifying their existence;
d. The economy and efficiency with which resources are employed; and
e. Operations or programs to ascertain whether results are consistent with established objectives
and goals and whether they are being carried out as prescribed.

 Internal auditors usually perform operational audits

 Internal auditors usually focus on improving the efficiency and effectiveness of their
employer, unlike external auditors (public accounting firms) whose focus is the fairness of
the FS of their clients.

c. Government auditing: audit performed by government employees whose main concern is to

determine whether persons or entities comply with government laws, rules and regulations

Scope of government audit: may extend beyond financial statements audit to include:
i) Financial statements audit
ii) Performance audit (includes (a) program results (effectiveness) audit and (b) economy and
efficiency audit)
iii) Compliance audit

The Commission on Audit (COA) auditors perform financial audit and performance audit.
Performance audits include economy, efficiency, and program audits. Included in the scope of
financial and performance audits is determining whether the entity has complied with applicable
laws and regulations. Thus, government auditors are required to prepare a written report on the
entity's internal control and assessment of control risk made as part of a financial statement audit.

The government auditor's report should include the following:

 The scope of the auditor's work in obtaining an understanding of the entity's internal
control and in his/her assessment of control risk.
 The entity's significant controls including those that are established to ensure compliance
with laws and regulations that have a material impact on the financial statements.
 The conditions, including the identification of material weaknesses, identified/ discovered
as a result of the auditor's work.

However, the report should not give any form of assurance on the design and effectiveness of the
entity's internal control.

The audit of a government program involves obtaining information about the costs, outputs,
benefits, and effects of the program. Auditors attempt to measure the accomplishments and relative
success of the program based on the actual intent of the legislation that established the program.

Types of Auditors:
1. Independent auditors or external auditors – are CPA firms and individual practitioners who perform
audit services on contractual basis for more than one client
 Independent auditor – because the auditor is independent with respect to the client whose FS are
being audited; External auditor – the auditor is an outsider (not an employee of the client)
 Practitioners perform operational audits and compliance audits as part of consultancy services
2. Internal auditors – they are employed by the entity thus they are not independent. However, to
operate effectively, an internal auditor must be independent of the line functions of the entity. Internal
auditors perform operational and compliance audits.
3. Government auditors – employed in government agencies
 BIR examiners perform compliance audits
 BSP examiners perform compliance and operational audits
 COA auditors perform compliance and operational audits

The relationship between an external auditor and an internal auditor is that both of them use basically
an identical approach; however, there are differences in the application of auditing techniques.
The Audit Committee:
The audit committee is composed of outside directors who are independent of management. The primary
purpose is to assure that the directors are exercising due care and external and internal auditors are
independent of management.

Functions of the audit committee:

 Select the external auditors.
 Review the external auditor's overall audit plan.
 Evaluate the results of external and internal audits.
 Review the internal auditing work schedule, budget, etc.
 Meet regularly with the internal auditing director.
 The above functions should increase public confidence on the fair presentation of the company's
financial statements.

Distinctions: Types of audit according to objectives or nature of assertion/data

Point of distinction Financial Statement Audit Compliance audit Operational audit

Primary objective To enable the auditor to express To determine degree To assess entity’s
an opinion on the fairness of the of compliance performance (in terms
FS of efficiency and
effectiveness)
Subject matter Assertion that the FS are Assertion that the Assertion that the
(Assertion) presented in accordance with organization has organization’s
identified financial reporting complied with laws, activities/operations
framework (GAAP) regulations and are conducted
specific procedures effectively and
efficiently in relation to
specified objectives
Established criteria GAAP – Identified financial Applicable laws, Objectives (as set by the
reporting framework (as by regulations and board of directors)
standard setting bodies) specific procedures
(as set by
authoritative bodies)
Sufficient Audit findings whether the FS are Findings on degree Findings on assessment
appropriate evidence in accordance with Identified of compliance of performance /
/ outcome financial reporting framework operations
(GAAP)
Communication of Auditor’s report containing an Reports on the Recommendations or
results to intended opinion whether the FS are fairly degree of suggestions on how to
users presented in accordance with compliance with improve operations
identified financial reporting applicable laws,
framework (GAAP) regulations or
specific procedures
Users of audit report Different groups for different Authoritative bodies Management of the
purposes; wide variety of users that sets down the entity
(both internal and external users) regulations, rules
and procedures
Type of auditor Independent / external auditors – Government Internal auditors
performing the audit practitioners auditors