Chapter 1

Chapter 1

I. INTRODUCTION

a. Auditing is a unique function that is licensed by the state to promote the effective functioning of the capital markets by (1) providing independent evaluations and reports assessing the reliability of an organization’s financial statements or (2) the efficiency and effectiveness of various aspects of its performance. The audit function is “special” in that it exists to serve not just the organization audited, but also third parties.

B. Understanding the Unique Challenges of the Profession.

a. Audit procedures must be designed to detect material fraud and assure users that the statements are free from fraud.

b. Accounting is highly complex

i. Its complexity is driven largely by the increasingly complex transactions and organizational structures.

c. Computer systems are complex

i. When used properly, opportunities for control exist

ii. When used improperly, additional risks exist

d. Many companies are global

i. The audit firm must operate in multiple countries or have experience among its auditors in various countries.

e. Auditors must now evaluate the quality of internal control over financial reporting on public companies.

i. Must report that evaluation to users

f. Increasing time pressure to get the audit done and to report more quickly.

g. A need exists to bill the clients for the work done at sufficient billing rates to both a) attract new people like you to the profession, and b) retain managers and partners who often operate under heavy stress to fulfill this most important obligation.

C. Auditing Defined.

a. Auditing, in its broadest context, is the process of attesting to assertions about economic actions and events. It is therefore frequently referred to as an attestation service. Attestation is a three-part process:

i. gathering evidence about assertions,

ii. evaluating that evidence against objective criteria,

iii. communicating the conclusion reached.

b. In most cases, the communication goes to third-parties and provides independent, objective information that is useful to their decision-making. The audit adds value only if the auditor:

i. has expertise in both obtaining and evaluating evidence regarding the financial statements and the economic assertions embodied in the financial statement

ii. is independent of management and the third-parties

iii. can thus provide an objective opinion on the fairness of the financial statements.

D. Auditors Obtain and Evaluate Evidence.

a. The auditor must gather evidence that the client’s processes are working correctly, the financial data are recorded and presented correctly, and the financial statements as a whole are fairly presented. The requirement is that the auditor is systematic and objective in obtaining and evaluating evidence.

i. Basic components of the audit process:

1. gather and evaluate evidence to test assertions

2. systematic

3. independence of the audited entity

4. audit process is unbiased

E. Assertions and Established Criteria.

a. An assertion is a positive statement about an action, event, condition, or performance over a specified period of time. To have unbiased and clear communication, criteria must exist whereby independent observers can assess whether or not such assertions are appropriate. When management prepares financial statements, they assert that those statements are fairly presented in accordance with GAAP. Generally accepted accounting principles become the criteria by which “fairness” of a financial statement presentation is judged. Other criteria exist for other kinds of audits.

F. Communicating Results to Users.

a. Communication of audit results to management and interested third parties completes the audit process. To minimize misunderstandings, this communication generally follows a prescribed format by clearly outlining the nature of the work performed and the conclusions reached. Most audits result in audit reports that do not contain any reservations about the fairness of the organization’s presentation of its financial statements. This is referred to as an unqualified audit report.

G. The Need for Unbiased Reporting.

a. The need for unbiased reporting can be seen by reviewing the diversity of users of an organization’s financial statements. These users include current and potential shareholders, suppliers, creditors, lending institutions, regulatory agencies, labor, academicians, indirect users (such as consumers), and the court system. In many cases, the interests of the various users can conflict. Current shareholders might want management to use accounting principles that result in higher levels of reported income, but lending institutions generally prefer a conservative approach to valuation and income recognition. Audits are designed to detect material misstatements, but materiality is based on what is important to users.

H. Need for Assurance.

a. Potential Bias in Providing Information.

i. Management has a vested interest in providing information that will make management look good.

b. Remoteness of Users.

i. The advantages of the Internet are tremendous, but a significant disadvantage is that we no longer either know, or interact directly with many parties, including those in which we might own stock. Most users cannot interview management, tour a company’s plant, or review its financial records firsthand; instead, they must rely on the financial statements to communicate the results of management’s performance.

c. Complexity.

i. Third party users depend on managers and auditors to deal with complexities such as financial instruments, derivatives, long-term contracts, and other complex transactions to ensure that they are fairly presented and fully disclosed in financial statements.

d. Avoid Surprises.

i. During the past decade many financial statement users such as pension funds, private investors, venture capitalists, and banks all lost billions of dollars because financial information and, in some instances, the audit function, had become unreliable. Financial statements were restated because errors were found subsequent to the original issuance of the statements. Usually, the restatements were followed by precipitous drops in stock prices – and in a number of cases – bankruptcy.

II. INCREASED DEMAND FOR ACCOUNTABILITY

The accounting profession has undergone a decade of turmoil that is unprecedented and on a scale that has occurred only once before. The Sarbanes-Oxley Act of 2002 may be the single most important legislation that will affect the conduct of the profession for years to come. The Act focused on five critical improvements needed in the way in which financial information is presented to the stakeholders.

A. Demand for Improved Corporate Governance.

a. Corporate governance exists in all organizations. It occurs when one party provides resources to an entity or to another party to utilize for the business purposes agreed-upon by the parties. In turn, the party providing the resources requires accountability on

i. whether those resources were safeguarded

ii. whether they were used for the purposes agreed-upon

iii. how well have those resources been used. The lack of effective corporate governance was one of the major deficiencies that led to the business failures in the past decade.

Most notably missing was

i. independent oversight of management by the Board of Directors

ii. the power of the Board to effectively utilize the audit function.

Boards of Directors need to be independent of the organization and put in a position of power to provide proper oversight of both management and the audit function.

B. Required Reporting on Internal Controls.

a. In many of the recent major frauds, senior management had overridden the accounting system. In almost all cases, the companies had poor internal controls over financial reporting. The Sarbanes-Oxley Act of 2002 contains a provision requiring the Chief Executive Officer and the Chief Financial Officer of public companies to assess and publicly report on the quality of its internal controls over financial reporting. Congress showed that the demand for assurance services is not limited to financial statements by requiring the external auditor to publicly attest to management’s internal control report.

C. Audit Standard Setting and Auditor Independence.

a. The audit function must be independent and objective if assurances are going to be trusted by third parties. The independence of auditors has been strengthened by requiring:

i. the audit committee of the Board of Directors to have the authority to hire and fire the external auditors

ii. mandatory rotation of the partner in charge of the audit engagement every five years

iii. that consulting work cannot be performed for audit clients

iv. increased oversight of potential independence conflicts by the audit committee of the organization being audited.

D. Public Expectation of Auditors.

a. The public expects auditors to

i. find fraud

ii. enforce accounting principles that best portray the spirit of the concepts adopted by the FASB

iii. be neutral to users, but it also expects auditors to be advocates of economic reality.

The public wants the auditors to step forward and acknowledge more responsibility for detecting fraud and ensuring that frauds are reported to the Board of Directors for timely action.

E. Audit Standard Setting Moved to a Quasi-Public Board.

a. The public lost confidence in the profession and especially the AICPA. The Sarbanes-Oxley Act created the Public Company Accounting Oversight Board (PCAOB) and gave the Board the full authority to develop audit standards for the audits of publicly companies who have stock listed on U.S. stock exchanges and who must register with the SEC (including some foreign entities). In addition to setting auditing standards, the PCAOB is charged with performing peer review of all public accounting firms that are registered with it to perform audits of public companies.

III. SCOPE OF SERVICES: OTHER ASSURANCE SERVICES

Although the recent focus on the auditing profession has been on the audit of financial statements, the concept of assurance services is much broader.

A. What is Assurance?

a. Assurance is a broad concept. Assurance services are designed to improve the quality of decision making by improving confidence in the information on which decisions are made, the process by which that information is developed, and the context in which the information is presented to users. The AICPA’s Special Committee on Assurance Services depicts the scope of potential services. The field of assurance services is much broader than traditional audits of financial statements.

B. Assurance vs. Attestation vs. Audit.

a. Assurance services can be provided to management or to external users. Assurance services includes both attestation and audit services. Assurance services can be provided on financial information or on other information such as the quality of business processes, the reliability of computer information systems, or the accuracy of performance data. Attestation services are a subset of assurance services and always involve a report that goes to a third party. The narrowest service is an audit of a company’s financial statements. An audit is a crucial function that must be performed reliably in order to have the financial statements work properly. The processes used in performing audits of financial statements apply equally well to other types of assurances. The difference is in the subject area knowledge and the specific evidence that will need to be gathered to provide the assurance desired.

C. Characteristics of Assurance Services. Assurance services involve three critical components:

a. Information or a process on which the assurance service is provided.

b. A user or a group of users who derive value from the assurance services provided.

c. An assurance service provider.

D. Item on Which Assurance Given.

a. Assurance items can range from financial statements to IT integrity to quality of products and services sold via Internet to compliance with regulatory requirements.

E. Attributes Needed to Perform Assurance.

a. Assurance creates confidence by reducing information risk – the risk that the information is not reliable. Investors can make decisions because they have reliable financial information. Users of E-Commerce can have confidence in the vendors that are “certified” as to reliability. The attributes needed for all assurance services are the same – whether for financial statements or for information systems security. Those attributes are:

i. subject matter knowledge

ii. independence

iii. agreed-upon criteria to evaluate quality of presentation

iv. expertise in the process of gathering and evaluating evidence

IV. REQUIREMENTS TO ENTER THE PUBLIC ACCOUNTING PROFESSION

A. Accounting and Auditing Expertise.

a. The complexity of today’s environment demands that the auditor be fully versed in the technical accounting and auditing pronouncements. In addition to that technical understanding, the auditor must have a sound conceptual understanding of the basic elements underlying financial reporting. This conceptual understanding is necessary to address the ever-increasing infusion of new types of transactions and contracts for which accounting pronouncements do not exist. The auditor is expected to be able to discern the economic substance of these new transactions and use the financial conceptual model to “reason” to the appropriate accounting treatment for these newer transactions which the Financial Accounting Standards Board (FASB) may not have specifically addressed.

B. Internal Control Expertise

a. Integrated audits must be performed by public auditors of both the company’s internal controls and its financial statements.

b. Auditor must understand how deficiencies in internal control will impact recording and disclosure of transactions.

c. Auditor must adjust audit procedures to search for errors in account balances.

C. Knowledge of Business and Its Risks.

a. Most audit firms utilize a “business risk” approach to performing audits. The fundamental premise behind the business risk approach is that the auditor must understand the basic structure of the business in order to identify significant risks affecting the client. In a similar fashion, an understanding of the strategies used by management will assist the auditor in evaluating preliminary financial results and pinpoint areas needing more attention.

D. Understanding Accounting System Complexity.

a. Today’s companies are actively involved in E-Commerce and electronic data interchange (EDI). Traditional paper documents will not be present in many systems. Further, systems will be integrated across companies. Today’s auditors must understand the audit challenges posed in a system in which traditional source documents do not exist.

V. THE PROVIDERS OF ASSURANCE SERVICES

A. The Public Accounting Profession.

a. The public accounting profession varies from sole-practitioner firms to large multinational professional services firms such as the Big 4. Many of the regional and local CPA firms provide a variety of services to both audit and non-audit clients. However, the SEC sees a conflict in the provision of information systems consulting, financial planning, tax planning, and internal audit services to audit clients and has prohibited accounting firms from providing such services to public companies for which they perform the audit. Such a restriction on services has not been specified by the AICPA or regulatory authorities for public accounting firms that do not audit SEC registered clients.

A. Organization and Size of Public Accounting Firms.

a. Evidence suggests that the organizational structure of CPA firms is beginning to change from its historically pyramidal structure. As audits become more complex, there is a need for more seasoned auditors with analytical business skills and experience at the senior and manager level. The detailed work previously performed by staff auditors is increasingly accomplished more quickly and with greater efficiency through the use of computer-assisted audit techniques. Today’s auditor, therefore, will spend more time analyzing a client’s business processes and financial data to understand the risk of misstatements in the statements. New auditors will encounter the exciting challenges offered by the profession more quickly than in the past. Many public accounting firms have also reorganized along industry lines to better serve clients in financial services, retailing, not-for-profit, manufacturing, and distribution. The rationale is that today’s business professional, whether performing audit or consulting services, needs to understand the industry in as much detail as does the management of the client.

The most significant changes in the auditing profession are:

i. Audits are performed in teams where each member is expected to contribute to analyzing and understanding the business

ii. All auditors are engaged from the very beginning in analyzing potential fraud risks associated with the clients

iii. Auditors are expected to understand computer processing and be able to access and audit electronic data regardless of their level within the organization

B. The Internal Audit Profession.

a. Internal auditing has emerged as an exciting discipline and an excellent training ground for future management positions. The emphasis on adding value and improving operations puts internal auditing squarely aligned with stockholders, the board of directors, and management. The scope of internal auditing is broad and includes the evaluation of processes to identify and managing risk, to develop and implement effective controls – including those designed to ensure efficient operations, and to ensure that the governance process is working effectively.

C. Governmental Auditing Profession.

a. The requirement of accountability has created a demand for more information about government programs and services. Public officials, legislators, and private citizens want and need to know not only whether government funds are being handled properly and in compliance with laws and regulations but also whether government organizations, programs, and services are achieving the purposes for which they were authorized and funded and whether they are doing so economically and efficiently.

VI. PROFESSIONAL AND REGULATORY ORGANIZATIONS

A. The Public Company Accounting Oversight Board. The Public Company Accounting Oversight Board was established by Congress as part of the Sarbanes-Oxley Act of 2002 to:

a. set auditing standards for audits of public companies

b. require all firms that audit public companies to register with it

c. perform quality reviews of all firms that are registered with it.

B. The Securities and Exchange Commission.

a. The SEC has oversight responsibilities for the PCAOB, and oversight responsibilities for all public companies that are required to register with it to gain access to the U.S. capital markets. The SEC has the authority to establish GAAP for companies whose stock is publicly traded, although it has generally delegated this authority to the FASB.

C. The American Institute of Certified Public Accountants.

a. The American Institute of Certified Public Accountants has long served as the primary governing organization of the public accounting profession. In many ways, the AICPA has become a more marginal player in recent years because the public came to view the AICPA as more of a trade association, rather than a professional organization that always puts the public interest first. Essentially, it was on the wrong side of public opinion regarding (a) consulting activities for audit clients, (b) auditor independence issues, (c) standards permitting aggressive tax shelters, and (d) development of independence standards and enforcing their own Code of Ethics.

D. Committee of Sponsoring Organizations

a. COSO is the Committee of Sponsoring Organizations of the Treadway Commission. In 1992, it issued the Internal Control, Integrated Framework that serves as the primary criterion for evaluating the quality control of a company’s internal control system.

E. Accounting Standard Setters

a. Auditors must be aware of global accounting standards and standards that may apply to audits of specific organization types. Examples of organizational specific standard setters include:

§ FASB (Financial Accounting Standards Board)

§ GASB (Government Accounting Standards Board)

§ IASB (International Accounting Standards Board)

F. State Boards of Accountancy.

a. CPAs are licensed by state boards of accountancy, which are charged with regulating the profession at the state level.

G. The Institute of Internal Auditors.

a. The IIA administers the Certified Internal Auditor program and has established a peer review process to ensure that the practice of internal auditing around the globe is consistent with the professional standards.

H. The U.S. General Accounting Office.

a. The U.S. General Accounting Office is the nonpartisan audit agency for Congress. Congress has delegated to the GAO the responsibility for developing auditing standards for governmental audits. The GAO periodically updates Governmental Auditing Standards, setting forth standards for the conduct of audits of governmental organizations, programs, activities, and functions, and of government funds received by contractors, nonprofit organizations, and other nongovernmental entities.

I. The Court System.

a. The court system acts as an effective quality control mechanism for the practice of auditing.