Audit Principles I Hand Out

Chapter Three
Overview of auditing process
Learning Objectives:

After studying this chapter, students should be able to:

 Plan the audit according to the first standard of fieldwork.

 Describe the activities involved in performing the fieldwork of auditing.
 Apply sampling procedures in auditing activities considering materiality and risk concepts.
 Report the finding of the audit applying the required steps.

Audit Planning & Documentation

PLANNING THE AUDIT

The first generally accepted auditing standards of fieldwork requires adequate planning to be made before
auditing is carried out.

The wok is to be adequately planned, and assistants, if any, are to be properly supervised.

Reasons for proper Audit Plan

To enable the auditor to obtain sufficient competent evidence
To help keep audit costs reasonable
To avoid misunderstanding with the client

Obtaining sufficient competent evidence is essential if the CPA firm is to minimize legal liability and
maintain a good reputation in the business community. Keeping costs reasonable helps the firm remains
competitive and thereby retains or expands its client base, assuming the firm has a reputation for doing high-
quality work. Avoiding misunderstanding with the client is important for good client relations and for
facilitating high-quality work at reasonable cost.

Admas University By: Endalkachew M. 1

Department of Accounting
 Audit Principles I Hand Out
Parts of Audit Planning
Preplan

Obtain background
information

Obtain information about

client’s legal obligations

Perform preliminary
analytical procedures

Set materiality, and assess

acceptable audit risk &
inherent risk
Understand internal control
and assess control risk

Develop overall audit plan &

audit program
As shown on the diagram above there is seven major parts of Audit planning. Each of the first parts is intended
to help the auditor develop the last part, an effective and efficient overall audit plan and audit program.

To define some new terms on the parts:

Acceptable audit risk – is a measure of how willing the auditor is to accept that the financial statements may
be materially misstated after the audit is completed and an unqualified opinion has been issued.

Inherent risk – is a measure of the auditor’s assessment of the likelihood that there are material misstatements
in an account balance before considering the effectiveness of internal control.

I. Preplan the audit

Preplanning the audit involves four things, all of which should be done early in the audit.

A decision whether to accept a new client or continue serving on existing one

Identification of why the client wants or needs an audit
Obtaining an understanding with the client about the terms of engagement to avoid misunderstandings.
Select staff for engagement

Investigation of new client and reevaluation of existing ones is important to assess the integrity of the client
and to assess the acceptable financial risk it will assume. If the CPA firm decides that acceptable risk is
extremely low, it may choose not to accept the engagement. If the CPA firm concludes that acceptable audit risk

Admas University By: Endalkachew M. 2

Department of Accounting
 Audit Principles I Hand Out
is low but the client is still acceptable, it is likely to affect the fee proposed to the client. Audits with low
acceptable audit risk will normally result in higher audit costs, which should be reflected in higher audit fees.

Identifying client’s reasons for audit will affect the auditor’s assessment of acceptable audit risk. The two
major factors affecting acceptable audit risk are the likely statement users and their intended users of the
statements. The auditor is likely to accumulate more evidence when the statements are to be used extensively.

Obtain an understanding with the client is expressed by the use of engagement letter, even though it is not
required. Engagement letter is an agreement between the CPA firm and the client for the conduct of the audit
and related services. It should specify whether the auditor will perform an audit, a review, or a compilation, plus
any other services such as tax returns or management consulting. It should also state any restrictions to be
imposed on the auditor’s work, deadlines for completing the audit, assistance to be provided for the audit, an
agreement on fees. The engagement letter is also a means of informing the client that the auditor cannot
guarantee that all acts of fraud will be discovered.

Selection of staff for engagement involves the assignment of appropriate staff to the engagement if the CPA
firm decided to accept the client and conduct the audit. Selection of audit staff is important to meet the first
requirement of generally accepted auditing standards and to promote audit efficiency. The first GAAS states
that “The audit is be performed by a person or persons having adequate technical training and proficiency as
an auditor”.

II. Obtain background information

An extensive understanding of the client’s business and industry and knowledge about the company’s
operations are essential for doing adequate audit.

There are three reasons for obtaining a good understanding of the client’s industry.

First, many industries have unique accounting requirements that the auditor must understand to evaluate
whether the client’s financial statements are in accordance with GAAP.

Second, the auditor can often identify risks in that may affect the auditor’s assessment of acceptable audit risk,
or even whether auditing companies in the industry is advisable.

Finally, there are inherent frisks that are typically common to all clients in certain industries. Understanding
those risks aids the auditor in identifying the client’s inherent risk.

Knowledge of the client’s industry can be obtained in different ways. These include:

Discussion with previous auditor

Discussion with client’s personnel
Tour the plant and office of the client
Related parties. Related companies are an affiliated company, a principal owner of the client company
or those where the client influence the management or operations of a company. Note that transactions made
between the client company and related companies be disclosed if they are material according to GAAP.
Discussion with outside specialists.

Admas University By: Endalkachew M. 3

Department of Accounting
 Audit Principles I Hand Out
III. Obtain information about client’s legal liabilities

Early knowledge of the legal documents and records enables auditors to interpret related evidence throughout
the engagement and to make sure there is proper disclosure in the financial statements.

Three closely related types of legal documents and records should be examined early in the engagement:

a. The corporate charter And the bylaws

The corporate charter is granted by the state in which the company is incorporated and is the legal
document necessary for recognizing a corporation as a separate entity. It includes the exact name of the
corporation, the date of incorporation, the kinds and amounts of capital stock the corporation is authorized to
issue, and the types of business activities the corporation is authorized to conduct. The bylaws include the
rules and procedures adopted by stockholders of the corporation. They specify such things as the fiscal year
of the corporation, the frequency of stockholder meetings, and the method of voting for directors, and the
duties and power of the corporate officers.

b. The corporate minutes – are the official records of the meetings of the board of directors and
stockholders. They include summaries of the most important decisions made by the directors and
stockholders. The auditor should read the minutes to obtain information that is relevant to performing the
audit including the authorizations and discussions by the board of directors affecting inherent risk.

c. Contracts- clients involved in different types of contracts that are interest to the auditor. These can
include such diverse items as long-term notes and bonds payable, stock options, pension plans, contracts of
manufactured products, contracts with vendors for future delivery of supplies, government contracts and
leases.

IV. Perform preliminary analytical procedure

As discussed in chapter 5, auditors are required to perform analytical procedures while planning the audit to
assist the audit in determining the nature, timing, and extent of auditing procedures. Analytical procedures made
during planning phase enhance the auditor’s understanding of the client’s business and events occurring since
the prior year’s audit. Planning analytical procedures also help the auditor identify areas that may represent
specific risks of material misstatement warranting further attention.

PERFORM THE FIELDWORKS OF AUDITING

Overview of the Audit Process

The phases of the audit include…client acceptance and retention, Establish the terms of the engagement, Plan
the audit, Consider internal control, Conduct substantive tests, Feedback on the results of the audit work in these
phases, Complete the audit and Issue audit report

Admas University By: Endalkachew M. 4

Department of Accounting
 Audit Principles I Hand Out
Client Acceptance and Retention
The Statements on Quality Control Standards require that public accounting firms establish policies and
procedures for deciding whether to accept new clients or retain current clients. The purpose of such policies is
to minimize the likelihood that an auditor will be associated with clients who lack integrity. If an auditor is
associated with a client who lacks integrity, material misstatements may exist and not be detected by the
auditor. This can lead to lawsuits brought by users of the financial statements.

In discussing this issue, a distinction is made between evaluating a prospective client and continuing a current
client. In the case of a continuing client, the auditor has more first hand knowledge about the entity’s operations
and management’s integrity.

Prospective Client Acceptance

Public accounting firms should investigate a prospective client prior to accepting an engagement. Performance
of such procedures would normally be documented in a memo or by completion of a client acceptance
questionnaire or checklist. The successor auditor’s communications with the predecessor auditor should include
questions related to the integrity of management; disagreements with management over accounting and
auditing issues; communications with audit committees or an equivalent group regarding fraud, illegal acts, and
internal-control-related matters; and the predecessor’s understanding of the reason for the change in auditors.

If the client has not previously been audited, the public accounting firm should complete all the procedures
listed below, except for the communication with the predecessor auditor.
Procedures for evaluating a prospective client:
1. Obtain and review available financial information (annual reports, interim financial statements, income tax
returns, etc.).
2. Inquire of third parties about any information concerning the integrity of the prospective client and its
management. (Such inquiries should be directed to the prospective client’s bankers and attorneys, credit
agencies, and other members of the business community who may have such knowledge.)
3. Communicate with the predecessor auditor about whether there were any disagreements about accounting
principles, audit procedures, or similar significant matters.
4. Consider whether the prospective client has any circumstances that will require special attention or that may
represent unusual business or audit risks, such as litigation or going-concern problems.
5. Determine if the firm is independent of the client and able to provide the desired service.

Admas University By: Endalkachew M. 5

Department of Accounting
 Audit Principles I Hand Out
6. Determine if the firm has the necessary technical skills and knowledge of the industry to complete the
engagement.
7. Determine if acceptance of the client would violate any applicable regulatory agency requirements or the
Code of Professional Conduct.

Continuing Client Retention

Public accounting firms need to evaluate periodically whether to retain their current clients. This evaluation
may take place at or near the completion of an audit or when some significant event occurs. Conflicts over
accounting and auditing issues or disputes over fees may lead a public accounting firm to disassociate itself
from a client.

The auditor should establish an understanding with the client regarding the services to be performed. For small,
privately held entities, the auditor normally negotiates directly with the owner-manager. For larger private or
public entities, the auditor will normally be appointed by a vote of the stockholders after recommendation by
the audit committee of the board of directors. In all cases, an engagement letter should document the terms
agreed to by the auditor and client. Such terms would include, for example, the responsibilities of each party,
the assistance to be provided by client personnel and internal auditors, and the expected audit fees.

Audit Planning
Proper planning of an audit is important to ensure that the audit is conducted in an effective and efficient
manner. The steps taken during this phase include
(1) Gaining knowledge of the client’s business and industry so that the auditor understands events, transactions,
and practices that may affect the financial statements and
(2) Conducting preliminary analytical procedures (such as ratio analysis) to identify specific transactions or
account balances that should receive special attention because they may contain material misstatements. In
many instances, audit planning will include a preliminary consideration of the client’s internal control
system.

Based on this initial work, an overall audit strategy is developed. This includes the preliminary assessment of
materiality and audit risk, as well as an audit plan involving the types of audit procedures to be performed and
the amount of evidence to be gathered. The audit plan serves as a starting point for the engagement, but
adjustments may be required as the audit progresses.

Admas University By: Endalkachew M. 6

Department of Accounting
 Audit Principles I Hand Out
Assessment of Internal Control
Internal control is a process affected by an entity’s board of directors, management, and other personnel that is
designed to provide reasonable assurance regarding the achievement of objectives in the following categories:
(1) Effectiveness and efficiency of operations,
(22) Reliability of financial reporting, and
(3) Compliance with applicable laws and regulations.

The auditor must sufficiently understand the client’s internal controls in order to determine which controls exist
within the entity. The auditor then evaluates the internal controls in order to assess the risk that they will not
prevent or detect a material misstatement in the financial statements. This risk (referred to as control risk)
directly impacts the scope of the auditor’s work. When the auditor assesses control risk at less than the
maximum, the internal controls should be tested. The auditor’s tests are intended to ensure that the internal
controls are operating in the manner intended and therefore are effective in preventing or detecting
misstatements. The evidence gathered from testing the internal controls is used to arrive at a final assessment on
the level of control risk. When control risk is assessed low, based on tests of the internal controls (referred to as
tests of controls), less audit work is required to audit the account balances (referred to as substantive tests)
because the auditor has evidence that the accounting systems are generating materially accurate financial
information. Conversely, if control risk is high, the auditor has to conduct more extensive audit work in the
account balances because the evidence about internal controls suggests that material misstatements could occur
because controls do not exist or are not operating effectively.
Conduct Substantive Tests
In this phase, the auditor conducts more analytical procedures and examines the details of the account balances.
For example, the auditor may calculate an estimate of interest expense by multiplying total debt by the average
interest rate on the entity’s debt. This estimate of interest expense can be compared to interest expense reported
in the general ledger for reasonableness. The purpose of such analytical procedures is to determine whether the
accounts contain a material misstatement. On most engagements, this phase comprises most of the time spent
on the audit.
Complete the Audit
After the auditor has completed testing the account balances, the sufficiency of the evidence gathered needs to
be evaluated. The auditor must have sufficient competent evidence in order to reach a conclusion on the fairness
of the financial statements. In this phase, the auditor also assesses the possibility of contingent liabilities, such
as lawsuits, and searches for any events subsequent to the balance sheet date that may impact the financial
statements.

Admas University By: Endalkachew M. 7

Department of Accounting
 Audit Principles I Hand Out
Issue the Audit Report
The final phase in the audit process is choosing the appropriate audit report to issue. When the auditor has
gathered sufficient competent evidence and complied with GAAS, and the financial statements conform to
GAAP, the auditor can issue a standard unqualified audit report. When sufficient evidence is not gathered or the
financial statements are not in accordance with GAAP, the auditor will issue a different type of report.

Adequate planning includes:

 Investigating a prospective client before deciding whether to accept the engagement
 Obtaining in understanding of the client business operations
 Developing an overall strategy to organize, coordinate, and schedule the activities of the audit staff (
develop overall audit strategy)
 Design a detail list of the audit procedures to be performed in the course of the examination(develop
appropriate audit programs)

Audit planning is a vital area of the audit process to help to:

- Determine the audit requirements
- Determine the time budget
- Assess the level of risk and materiality
- Perform the audit work at effective manner
- Acquire knowledge of the client's accounting systems, policies and internal control procedures
- Establish the expected degree of reliance to be placed on internal control
- Determine and program the nature, timing, and extent of the audit procedures to be performed
- Ensure that appropriate attention is devoted to important areas of the audit
- Ensure that potential problems are promptly identified
- Ensure that the work is completed expeditiously
- Utilize the assistants properly
- Co-ordinate the work done by other auditors and experts

Advantages of Audit Planning

Audit planning is a continuous process and must continue throughout the audit. A properly drawn-up audit plan
helps in the efficient and effective conduct of audit. Some of the main advantages of audit planning are:

 Audit planning helps in ensuring that adequate attention is devoted to important areas of the audit.

Admas University By: Endalkachew M. 8

Department of Accounting
 Audit Principles I Hand Out
 Audit planning helps in identifying potential problems.
 Audit planning helps in ensuring that the audit work is completed expeditiously.
 Planning helps in utilising the staff properly.
 Audit planning acts as a direction. Audit planning acts as a direction for auditors in the planning, conducting
and reporting of an audit assignment.

The major steps in planning audits are:

- Pre-plan the audit
- Obtain background information
- Obtain information about client’s legal obligations
- Set materiality and assess acceptable audit risk
- Understand internal control structure and assess control risk
- Develop the audit plan and audit program
The extent of planning will vary according to :-
 The size of the entity
 The complexity of the audit and the specific methodology of technology used by the auditor
 The auditors experience with the entity and knowledge of the business

Engagement Letter
Having decided to accept a client, the first step the auditor should take is to send the client an engagement letter
to set forth the terms of the type of engagement to be performed and to identify any understandings between the
auditor and client. By returning a signed copy of the letter, the client agrees to cooperate, render assistance, and
compensate the auditor. Many audit firms send engagement letters not only to new clients but also to continuing
clients for each engagement, whether the services performed are for audit, tax, compilation, review, or some
other special engagement. An engagement letter is a written contract between an auditor and client and
generally serves as to:
- Minimize misunderstandings between the client and auditor
- Alert the client to the purpose of the engagement and the role of the external auditor
- Help to minimize legal liability for services neither contracted for nor performed
- Indicate the work to be performed by the client’s staff and client’s responsibilities. An engagement letter
should explain in nontechnical language the nature of the services to be rendered and establish that the
financial statements are the responsibility of the client.
- Indicate the scheduled dates for performance and completion of the examination, and the basis for
computing the auditor’s fee

Admas University By: Endalkachew M. 9

Department of Accounting
 Audit Principles I Hand Out
- Provide audit staff with an understanding of the nature of the engagement.
Audit Risk
In planning the audit, the auditor should make a preliminary judgment about whether or not the financial
statements are materially misstated. Audit risk and materiality must be considered in the planning stages of the
audit so that the auditor can determine the nature, timing, and extent of audit tests.

Audit risk is the risk of giving an inappropriate opinion when financial statements are materially misstated.
Audit risk is the chance that a material misstatement exists in the financial statements and the auditors do not
detect the misstatement with their audit procedures. The auditor should use professional judgment to assess
audit risk and to design audit procedures to ensure it is reduced to an acceptably low level.

In theory, audit risk ranges anywhere from zero, here there is complete certainty of no material misstatement, to
one where there is complete certainty of a material misstatement. In practice, however, audit risk is always
greater than zero. There is always some risk of material misstatement as it is not possible, (except for the audit
of the simplest of financial statements), due to the limitations inherent in both accounting and auditing, to be
absolutely certain a material misstatement will not exist.

The auditor must plan and perform the audit to obtain reasonable assurance those material misstatements,
whether caused by errors, irregularities, or illegal acts are detected. The auditors’ concern about fraud does not
stop at the planning phase of the audit. Throughout the engagement, they should be alert for conditions that may
indicate that a fraud was committed.

When Audit Risk increase:

- Perform additional audit tests
- Modify the nature, extent and timing of the audit procedures to obtain evidence that is more reliable.
- Apply increased professional skepticism about material transactions; increase the nature and extent of
the documentation examination.
- Assign personnel with particular skill in audit areas with high risk
- Obtain additional evidence about the appropriateness of management selection and application of
significant accounting principles.
- Document the assessment of risk in working papers.
 Risk factors
 Responses

Admas University By: Endalkachew M. 10

Department of Accounting
 Audit Principles I Hand Out
 Management representation
Components of Audit risk
Inherent risk: the susceptibility of an account balance or class of transactions to material misstatement,
irrespective of related internal controls. Inherent risk is greater for some financial statement assertions and
related balances or classes of transactions than for others. For example, there is a greater risk of misstatement of
the financial presentation and disclosure assertion for complex transactions than for simple ones. Likewise, the
risk of a material misstatement of the existence assertion for cash is more likely than for an inventory of coal.
Inherent risk factors include:

Control risk: the risk that material misstatement could occur in an account balance or class of transactions with
could not be prevented or detected by the accounting or internal control systems. The auditor’s understanding
of the internal control system will allow the auditor to assess control risk and thus affect the auditor’s
assessment of the risk of material misstatements. In reviewing risk factors and the internal control systems, the
auditor should assess the risk of management misrepresentation.

Detection risk: the risk that auditor's substantive procedures do not detect a material misstatement in an
account balance or class of transactions. This risk is a function of the effectiveness of an auditing procedure and
of its application by the auditor. It arises partly from the uncertainties that exist when the auditor does not
examine all of an account balance or class of transactions to gather evidence on a particular assertion. Other
uncertainties might arise because an auditor might select an inappropriate auditing procedure, misapply an
appropriate procedure, or misinterpret the audit results. These other uncertainties can be reduced to a negligible
level through adequate planning, supervision, and conduct of a firm’s audit practices in accordance with
appropriate quality standards.

Admas University By: Endalkachew M. 11

Department of Accounting