3.8 Flashcards
What assurance does the auditor provide that errors, fraud, and direct-effect noncompliance with laws and regulations that are material to the financial statements will be detected?
Errors:
Fraud:
Direct-effect noncompliance:
Reasonable
Reasonable
Reasonable
The auditor’s responsibility for detection of noncompliance having direct and material effects and of material errors and fraud is to design the audit to provide reasonable assurance of detection.
Audit plans should be designed so that
The audit evidence gathered supports the auditor’s conclusions.
The auditor is responsible for collecting sufficient appropriate audit evidence to be able to draw reasonable conclusions on which to base the opinion. Audit plans describe the steps involved in that process. Thus, the evidence should support the auditor’s conclusions.
Under the Private Securities Litigation Reform Act of 1995, Baker, CPA, reported certain noncompliance with laws and regulations to Supermart’s board of directors. Baker believed that failure to take remedial action would warrant a qualified audit opinion because the noncompliance had a material effect on Supermart’s financial statements. Supermart failed to take appropriate remedial action, and the board of directors refused to inform the SEC that it had received such notification from Baker. Under these circumstances, Baker is required to
Deliver a report concerning the noncompliance to the SEC within 1 business day.
Disclosure of noncompliance with laws and regulations to outside parties is not normally the auditor’s responsibility. However, under the Private Securities Litigation Reform Act of 1995, accountants must report noncompliance to the appropriate level of management and the audit committee unless it is clearly inconsequential. If senior management and the board fail to take action on reported material noncompliance, and this failure will result in a departure from a standard report or resignation from the audit, the accountants should report their conclusions to the board immediately. The board must then, within 1 business day, notify the SEC. If the accountants do not receive a copy of the notice within the 1-day period, they must furnish the SEC with a copy of their report within 1 business day.
Management’s attitude toward aggressive financial reporting and its emphasis on meeting projected profit goals most likely will significantly increase opportunities for fraudulent financial reporting when
Management is dominated by one individual who is also a shareholder.
One set of opportunity risk factors for misstatements arising from fraudulent financial reporting involves ineffective monitoring of management. One such risk factor is domination of management by a single person or small group (in a non-owner managed business) without compensating controls (Appendix to AU-C 240). A compensating control in that circumstance is effective oversight by the board or audit committee of the financial reporting process and internal control.
What is the primary objective of the fraud brainstorming session?
Assess the potential for material misstatement due to fraud.
The auditor should obtain reasonable assurance about whether the statements are free of material misstatement, whether due to fraud or error. The key members of the engagement team should discuss the potential for material misstatement. The discussion should include an exchange of ideas (brainstorming) about (1) how and where the statements might be susceptible to material misstatement due to fraud (“fraud risk”), (2) how assets might be misappropriated or financial reports fraudulently misstated, (3) how management could conceal fraudulent reporting (including override of controls), (4) how to respond to fraud risk, (5) known factors reflecting pressures/incentives/opportunities to commit fraud or an environment that permits rationalization of fraud, (6) an emphasis on the need to maintain professional skepticism, and (7) consideration of facts indicating manipulation of financial measures (e.g., earnings management).
Analytical procedures used as risk assessment procedures should focus on
Enhancing the auditor’s understanding of the entity and its environment.
The auditor obtains an understanding of the entity and its environment, including its internal control, to identify and assess the risks of material misstatement of the financial statements, whether due to fraud or error. Risk assessment procedures are performed to obtain the understanding. They include (1) inquiries of management and others within the entity, (2) analytical procedures (analytical procedures used to plan the audit), and (3) observation and inspection.
Financial statement audit plans usually should be developed
After the auditor has established the overall audit strategy.
Planning continues throughout the audit. It initially involves developing an overall audit strategy. The size and complexity of the entity, the auditor’s experience with the entity, and the auditor’s understanding of the entity and its environment (including internal control) affect planning. The auditor also should consider (1) characteristics of the engagement and reporting objectives; (2) appropriate materiality levels; (3) areas of high risk of material misstatement; (4) material client locations and the use of component auditors; (5) whether to seek evidence of the operating effectiveness of controls; (6) relevant entity-specific, industry, or financial developments; and (7) the audit resources required. The more detailed audit plan is developed after the formulation of the overall audit strategy.
When one auditor succeeds another, the auditor should request the
Client to authorize the predecessor auditor to allow a review of the predecessor auditor’s audit documentation.
The Code of Professional Conduct protects the confidentiality of client information. Hence, the auditor should seek the client’s specific consent for the predecessor auditor to respond fully to the auditor’s inquiries. The auditor should communicate with the predecessor to determine whether to accept the engagement (AU-C 210). If the engagement is accepted, the audit may be facilitated by making specific inquiries of the predecessor and by reviewing the predecessor’s audit documentation. The auditor also should request the client to authorize this review.
Which of the following audit risk components may be assessed in nonquantitative terms?
Control Risk:
Inherent Risk;
Detention Risk:
Yes
Yes
Yes
The components of audit risk may be assessed in quantitative terms such as percentages or in nonquantitative terms that range, for example, from high to low.
If accounts receivable turned over 7.1 times in Year 1 as compared with only 5.6 times in Year 2, it is possible that there were
Fictitious sales in year 2.
The accounts receivable turnover is the ratio of sales to average receivables. Fictitious sales would increase both the numerator and denominator. Adding an equal amount to both the numerator and denominator decreases a fraction greater than 1.0. For example, adding 1 to both parts of the fraction 3/2 decreases it to 4/3. The turnover ratio would decrease still more in the next period because the fictitious items would continue to increase receivables (which are cumulative) but not sales (which are closed periodically).
The auditor should consider certain factors in assessing the efficiency and effectiveness of analytical procedures as compared to tests of details. In determining whether and to what extent analytical procedures should be used, which of the following should the auditor consider?
The nature of the assertion tested.
Analytical procedures may be effective when tests of details may not indicate potential misstatements. For example, they may be effective for testing the completeness assertion. By understanding the assertion, the auditor can develop analytical procedures that best test it.
Which of the following is an auditor least likely to perform in planning a financial statement audit?
Selecting a sample of vendors’ invoices for comparison with receiving reports.
Selecting a sample of vendors’ invoices for comparison with receiving reports is a test of details (a substantive procedure). It is a further audit procedure performed to test relevant assertions.
Which of the following factors most likely would lead a CPA to conclude that a potential audit engagement should be rejected?
It is unlikely that sufficient appropriate audit evidence is available to support an opinion on the financial statements.
The auditor should obtain sufficient appropriate audit evidence to draw reasonable conclusions on which to base the opinion. If the CPA is unable to obtain this evidence, the engagement most likely should be rejected.
Which of the following types of risks most likely would increase if accounts receivable are confirmed 3 months before year end?
Detention.
Audit risk consists of (1) the risks of material misstatement (inherent risk combined with control risk) and (2) detection risk. The RMMs are the entity’s risks, and detection risk is the auditor’s risk. Detection risk is the risk that the procedures performed by the auditor to reduce audit risk to an acceptably low level will not detect a material misstatement. It is a function of the effectiveness of an audit procedure and its application by the auditor. Detection risk is the only component of audit risk that can be changed at the auditor’s discretion. An auditor who performs procedures at an interim date should cover the remaining period. The longer the remaining period, the greater the detection risk resulting from performing procedures at an interim date.
An auditor is required to establish an understanding in writing with a client regarding the services to be performed for each engagement. This understanding generally includes
The auditor’s responsibility for ensuring that the audit committee is aware of any significant deficiencies or material weaknesses in control that come to the auditor’s attention.
The understanding with the client regarding services to be performed is typically documented in an engagement letter. An engagement letter should indicate that a traditional financial statement audit is not designed to provide assurance on internal control. However, the auditor is responsible for ensuring that those charged with governance are aware of any significant deficiencies or material weaknesses in control, that come to his or her attention.
