The Nature, Purpose, and Scope of an Audit and Review
Auditing is an independent examination. The word “audit” comes from the Latin word audire which means “to hear.” In the middle Ages, accounts or revenue and expenditure were “heard” by the auditor.
Statutory audits (i.e. those carried out in accordance with statutory provisions) became mandatory for companies in 1900. At that time the purpose of an audit was to detect fraud, technical errors, and errors of principle. However, case law recognizes that it is unreasonable to expect auditors to detect all aspects of fraud, even if they exercise reasonable skill and care, so this is not now a primary purpose. Over the last 20 years or so, the auditing profession has sought to broaden its role (e.g. with value for money, operational audits, etc.)
Concepts in Auditing
Directors or other managers of an enterprise have the responsibility of stewardship for the property of that enterprise. Their responsibilities, which may be duties embodied in statute, may include:
- Keeping books of accounts and proper accounting records;
- Producing a balance sheet and income statement that show a true and fair view;
- Producing a directors’ report which is consistent with the financial statements and contains certain specified information.
A director can be described as an agent with a fiduciary relationship with a principal, or company that employs him/her (a fiduciary relationship is one of trust). In meeting their responsibilities of stewardship, managers have fiduciary duties to safeguard assets and implement and operate an adequate accounting and internal control system.
Auditors act in the interest of the primary stakeholders whilst having regard to the wider public interest. The identity of the primary stakeholders in determined by reference to the statute of agreement requiring an audit. For companies, the primary stakeholder is the general body of shareholders.
Objective and General Principles of Auditing Financial Statements
The objective of an audit is to enable the auditor to express an opinion as to whether the financial statements are prepared, in all material respects, in accordance with an identified financial reporting framework.
It is management’s responsibility to prepare the financial statements. Whilst the auditor’s opinion adds credibility to the financial statements, it is no guarantee of future viability nor of management’s efficiency or effectiveness. A degree of imprecision is inevitable due to inherent uncertainties and use of judgment. Only reasonable assurance is given.
The amount of audit work is determined by judgement, requirements of professional bodies and legislation, agreed terms of the engagement, and the need to exercise professional skepticism. The ability to reduce audit risk is limited by the necessity to sample, inherent limitations in any accounting and control systems, possible fraudulent collusion, and certain evidence that is not persuasive or conclusive.
The audit opinion is given on whether the financial statements give a true and fair view of the entity’s financial statements and whether they have been properly prepared in accordance with the applicable reporting framework. This opinion is reached after:
- Extensive risk assessment has been performed.
- Extensive testing of controls and substantive tests on transactions and balances for validity, accuracy and completeness of recording.
- Extensive verification procedures have been performed to test for existence, ownership, valuation, presentation and disclosure of items in the financial statements.
- Extensive review of whether the financial statements comply with applicable accounting standards and legal requirements.
As such, the audit opinion gives a high level of assurance to the users of financial statements. Whenever an audit is conducted, it must be performed in accordance with ISAs or national auditing standards, and if it is a statutory audit, it cannot be restricted in any way. An example of an audit report given in ISA 700.
The auditor’s report on financial statements illustrates the high level of assurance given by an audit:
Auditor’s Report to the Shareholders of ABC Company
We have audited the accompanying balance sheet of ABC Company as at 31 December 20X1, and the related statements of income and cash flows for the year then ended. These financial statements are the responsibility of the company’s management. Our responsibility is to express an opinion on these financial statements based on our audit
We conducted our audit in accordance with International Standards on Auditing (or to relevant national standards). Those Standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation. We believe that our audit provides a reasonable basis for our opinion.
In out opinion, the financial statements give a true and fair view of (or present fairly, in all material respects) the financial position of the company as at 31 December 20X1, and of the results of its operations and its cash flows for the year then ended in accordance with International Accounting Standards (or title of national standards used) and comply with ( title of relevant statute or law)
Concept of “True and Fair”
- Many countries’ legislation requires that financial statements give a “true and fair view” (e.g. the UK) or “present fairly, in all material respects” (e.g. the USA)
- There has never been, however, any definition in legislation as to the meaning of the expression.
The following would be generally accepted definition (based on legal opinion commissioned by the UK Accounting Standards Committee in 1983):
- The financial statements comply with Accounting Standards whose purpose is to narrow the areas of divergent opinion and practice in accounting – these are the profession’s attempt, in the absence of statutory definition, to define true and fair view
- By “true” is meant that financial statements are free from material misstatement and based on verifiable evidence.
- By “fair” is meant that the financial statements are objectively presented, free from management bias, and relevant to the needs of users.
- The concept is a dynamic concept and is incapable of precise lasting legal definition, but to be true and fair, financial statements must live up to the current needs and expectations of users.
Concept of Materiality
Materiality is an important concept in the audit process and affects audit risk evaluation, the nature, timing and extent of audit procedures (eg sample sizes), and the determination of whether the financial statements are distorted by misstatements discovered.
ISA 320 - Audit Materiality defines the concept as follows:
Transactions, items, events will be material in financial statements if their omission, misstatement, misclassification or non-disclosure would distort the view given by the financial statements and would responsibly influence the understanding and economic decisions of users.
Materiality, however, is not capable of general mathematical definition since it involves qualitative as well as quantitative considerations
For example, materiality can be viewed in terms of size, an item being compared with a transaction or balance class or being compared with the financial statements as a whole (quantitative judgement)
It can also be viewed in terms of the nature of an item irrespective of size – e.g. the non-disclosure of an accounting policy or non-compliance with the requirements of law such as errors or omissions in relation to the disclosure of director’s remuneration (qualitative judgement).
General Principles Governing the Auditor
The auditor should comply with the International Federation of Accountants’ (IFAC) “Code of Ethics for Professional Accountants”:
- Professional competence and due care
- Professional behaviour
- Technical standards.
Adherence to Standards on Auditing
An audit should be conducted in accordance with ISAs. ISAs provide:
- Standards (i.e. basic principles and essential procedures); and
- Related guidance (i.e. explanatory and other material).
An audit should be planned and performed (“conducted”) with an attitude of “professional skepticism” recognizing circumstances that may bring about material misstatement in the financial statements.
- An auditor should assume neither dishonesty nor unquestioned honesty.
See also the auditor’s responsibilities for fraud and error
The Audit Process
- Engagement letter – Auditor should send all clients an engagement letter setting out the auditor’s duties and responsibilities.
- Planning – Planning and controlling audit work is essential to performing work to the required high standard of skill and care.
- Ascertain accounting systems – auditors enquire into and ascertain the client’s system of accounting and internal controls in order to understand how accounting data is prepared and to gain an impression as to whether systems are reliable.
- Test controls and transactions – Controls must be tested if the auditor intends to rely on them. Records must be tested to obtain evidence that they are a reliable basis for the preparation of accounts.
- Verify assets and liabilities – Figures appearing in financial statements must be verified.
- Review financial statements – To see if, overall, they appear sensible.
- Obtain management representations – The auditor asks management to confirm formally the truth and fairness of certain aspects of financial statements.
- Sign auditor’s report – After the directors have approved the accounts.
Purpose of Different Types of Audits
- Gives confidence in the integrity of corporate reporting for the benefit of stakeholders and society as a whole, by providing an external and objective view on the reports given by management.
Internal Auditing An independent, objective assurance and consulting activity designed to add value and improve an organization’s operations.
- Objective is to assist management and staff in the effective discharge of their duties.
Examining, evaluating and monitoring the adequacy and effectiveness of the accounting and internal control systems.
Providing analyses, appraisals and recommendations concerning the activities reviewed.
Value for Money Audit An investigation into whether or not the use of resources is economic, efficient and effective.
- To identify and recommend ways in which the return for resources employed may be maximised.
Environmental Auditing A performance evaluation which aims to help safeguard the environment.
- Facilitates management control of environmental practices.
- Assesses the degree of compliance with environmental legislation, external regulations and company policies.
Public Sector Auditing National and local government, agencies, commissions, etc
- Scope and objectives are affected by interests and requirements of third party organizations. Specific requirements, relevant regulations, ordinances or ministerial directives may affect the audit mandate.
Scope of an Audit of Financial Statements
Audit Procedures Deemed Necessary An audit conducted in accordance with ISAs must have regard to the requirements of:
- ISAs (i.e. to plan, evaluate controls, obtain evidence, form conclusions, and report);
- Relevant professional bodies (eg ACCA);
- Legislation and regulations (eg Companies Acts);
- The terms of the audit engagement and reporting requirements.
Reasonable assurance – in an audit engagement, the auditor provides a high, but not absolute, level of assurance, expressed positively in the audit report as reasonable assurance, that the information subject to audit (ie the financial statements)is free of material misstatement.
- To provide such assurance, the auditor assesses the evidence collected in respect of the fianncial statements as a whole and expresses a conclusion thereon.
- Inherent limitations – However, the auditor may not be able to detect all material misstatements because:
Testing is on a sample basis. Any accounting and internal control system has inherent limitations. Most audit evidence is presuasive rather than conclusive (eg an asset purchased by an entity, though physically possessed, may no longer be owned if title has been transferred to another). Transactions between related parties (ie where one has the abilitiy to control or exercise significant influence over the other) may not be identified as such.
The rule of judgement – Judgement is particularly important in gathering audit evidence (eg in deciding the nature, timing and extent of audit procedures);
Nature (e.g. whether to test controls over transactions or substantiate them “in depth” or using analytical procedures);
Extent (e.g. sample sizes);
Timing (e.g. at an interim visit during the year, the year end or after the year end at the final audit visit.
Judgment is also important In drawing conclusions based on that evidence (eg in assessing the persuasiveness of conflicting evidence from different sources).
There are a number of reporting assignments or engagements which do not give the same degree of assurance as an audit to users.
- Guidance issued by the International Auditing and Assurance Standards Board (IAASB), a body set up by the International Federation of Accountants, is summarized below.
- Non-audit engagements can be classified into 2 groups as follows:
Reviews: ISA 900 – Egnagements to review financial statements
- A review engagement enables the auditor to state whether anything has come to the auditor’s attention which causes the auditor to believe that the financial statements are not prepared in all material respects with the applicable financial reporting framework. However, the auditor does not perform the extensive testing procedures.
- The main procedures involved comprise enquiries of management, analytical procedures (eg ratio anlysis, comparisons and trends analysis on total figurs rather than individual transactions), and comparison of financial statements with accounting records – without verification to underlying documentation.
- The opinion expressed is called a negative assurance.
- The assurance given is therefore much lower than an audit opinion.
Note the following example of a review report and compare it with the audit report above:
Review report to (usually the direcotrs)
We have reviewed the accompanying balance sheet of ABC Company at 31 December 20X1 and the related income statement and cash flow statement for the year then ended. These financial statement are responsibility of the company’s management. Our responsibility is to issue a report on these financial statements based on our review.
We conducted our review in accordance with the (relevant Standard) applicable to review engagements. This standard requires that we plan and perform the review to obtain moderate assurance as to whether the financial statements are free from material misstatement. A review is limited primarily to enquiries of company personnel and analytical procedures applied to financial data and thus provides less assurance than an audit. We have not performed an audit and, accordingly, we do not express an audit opinion.
Based on our review, nothing has come to out attention that causes us to believe that the accompanying financial statements do not gie a true and fair view in accordance with accounting standards.
These assignments involve a three-way relationship between the accountant, a responsible party (usually client management), and an intended user (e.g. banker or regulator).
The accountant evaluates a subject matter which is the responsibility of the responsible pary against suitable criteria, and expresses an opinion providing the intended user with a level of assurance about the subject matter. The subject matter could be historical financial data or prospective financial data. Suitable criteria could be accounting standards, laws, regulations, contract terms.
Assurance engagements include:
- Direct reporting engagements – the auditor/accountant reports on issues that have come to his attention during the course of the commissioned assignment. Such an assignment would be a due diligence engagement where the auditor/accountant reviews the systems and accounts of a target company and reports to a prospective purchaser.
- Attest or attestation engagements the auditor/accountant declares that a given premise is either correct or not.
- A report on interim accounts might require the auditor to attest whether the accounting policies used are consistent with those used in the annual audited financial statements, and whether any material modifications should be made to the interim accounts.
Compilation engagements The accountant uses expertise other than auditing in such engagements. For example, the accountant may be commissioned to prepare financial statements from a company’s records. No audit tests will be performed and management will be solely responsible for the information complied. As stated above, no opinion and hence no assurance is given.
- The accountant reports on factual findings.
- No assurance is given.
- Users draw their own conclusions.
- Thus client management may commission a report on accounts receivable or accounts payable – the accountant states the results of findings, such as the number of accounts in error and the number of balances agreed with supplier statements or agreed by customers in a debtors circularisation.