AUDITING AND ASSURANCE

PRINCIPLES
UNIT A
FUNDAMENTALS OF AUDITING
AND ASSURANCE SERVICES

Outline
1. Introduction to Assurance Engagements

 Nature, objective and elements

 Types of assurance engagements (audits, reviews, other assurance engagements)

 Assurance services vis-à-vis attestation services

2. Introduction to Auditing

 Nature, philosophy, and objectives

 Types of Audit

a. According to nature of assertion/data (financial statements audit, operational

audit, compliance audit)
b. According to types of auditor (external independent financial statements audit,
internal audit, government audit)

 The Risk-based Audit Process

Objectives:

At the end of the unit, the student should be able to:

 Explain the nature of assurance and non-assurance services, auditing and the audit
process;
 Know the different types of audits, their nature, philosophy and objectives
 Know the classification of auditors

1
2.A INTRODUCTION TO AUDITING

AUDITING IN GENERAL

The definition of auditing is:

“An audit is a systematic process of objectively obtaining and evaluating evidence regarding
assertions about economic actions or events to ascertain the degree of correspondence between these
assertion and established criteria, and communicating the results to interested users.” (American
Accounting Association)

Auditing therefore, encompasses both an investigative process and a reporting process, as illustrated in
the exhibit below.

Exhibit 2.1 – Illustrative Definition of Auditing in General

ENTITY
Responsible
Responsible
Party Intended
for Users
Assertion for

Evaluates
degree of
correspondence

Conducts an Obtains and

objective audit in a evaluates
systematic process Criteria evidence

Communicates
audit results
Auditor

The following concepts of auditing can be deduced from the definition above:

1. Auditing is a systematic process. To be effective and efficient, an audit must be conducted in a

structured, systematic process. Otherwise, the auditor may be unable to address important
areas that could result in an inappropriate opinion.

2. An audit is conducted objectively. An audit is an independent, objective, and expert examination

of evidence regarding assertions (the subject matter). Auditors should not allow bias to override
their objectivity and judgment. Audit opinions perceived to be biased bear no values to users.

3. The audit obtains and evaluates evidence. All auditors’ works involved gathering evidence as a
basis for the opinion expressed. Without such basis, the auditor is precluded from expressing an
opinion.

2
 4. The audit evidence concerns assertions about economic actions and events. Broadly defined,
the subject matter of audit refers to assertions by the responsible party (e.g., Financial
Statements prepared by management) that is capable of being examined by the auditor.

5. The auditor ascertains the degree of correspondence between assertions and established
criteria. The auditor obtains evidence that either supports or disputes the assertions.

6. The ultimate goal of audit is to communicate it’s results to interested users. An audit is
conducted with an aim of expressing an opinion in a written report. For instance, in financial
statements (F/S) audit, the report states “give a true and fair view” or “present fairly, in all
material respects” the financial position, performance, and cash flows of an entity.

Types of Audit

The next exhibit presents the types of audit.

Exhibit 2.2 – Types of Audits

The Entity and Its Objectives

Laws and
Regulations
Reliable Financial Effective and (including Policies,
Reports Efficient Contractors, Etc.)
Operations

Audits

Subject Financial
Operations Compliance
Matters Statements

External Auditor, Governmental Auditor, Governmental Auditor,

Governmental Auditor, Internal Auditor, Internal Auditor,
Auditors Internal Auditor (for External Auditor (if due External Auditor (If due
internal mgt.use) to outsourcing) to outsourcing)

The next exhibit compares the audits with their respective criteria and objectives.

Exhibit 2.3 – Comparison of Types of Audits

Type Example Subject Matter Criteria Objective
F/S Audit- Annual audit of PLDT’s F/S PFRSs as the GAAP To determine
Performed by SGV PLDT’s F/S or AFRF whether the F/S of
and Co. (External PLDT are stated in
Auditor) accordance PFRSs
Operational Audit- Evaluate whether PLDT’s PLDT’s standards Evaluates the
Performed by the PLDT’s computerized for efficiency and efficiency and
PLDT’s Internal computerized payroll system effectiveness effectiveness of
Auditors payroll system is computerized
working effectively payroll system
and efficiently
Compliance Audit- Determine PLDT’s compliance Loan agreement To determine
Performed by whether bank with loan provisions with whether PLDT
PLDT’s Internal requirements for continuation certain banks complies with loan
Auditors loan continuation requirements agreement
have been met

3
F/S audits and compliance audits are similar as they both involve determining whether the subject
matters conform to certain criteria. Operational audits tend to be more subjective than the other audits
because the criteria for effectiveness and efficiency vary from entity to entity.

Audits According to Subject Matter

Audits as to subject matter are classified are as (a) /FS audits, (b) operational audits, and (c) compliance
audits. They relate to an entity’s objectives in general, such as:

a. Financial reporting- pertains to preparation of reliable financial reports (e.g., F/S);

b. Operations- refers to effective and efficient use of the entity’s resources; and
c. Compliance- refers to entity’s compliance with policies, laws, regulations, etc.

Financial Statement Audits

This is conducted to determine whether financial statements present fairly the financial position,
performance, and cash flows of an entity in accordance with the applicable financial reporting
framework or AFRF (the criteria). The AFRF may be the full PFRS, PFRS for SMESs, other acceptable basis
of accounting, or the U.S GAAP. The auditor’s opinion, however, neither assures entity’s future viability
nor management’s efficiency of effectiveness.

A F/S audit is a reasonable assurance and attestation (assertion-based) assurance engagement. The
exhibit below shows the relationship of assertions to F/S and to audit objectives in developing audit
programs.

Exhibit 2.4 – F/S Assertions, Audit Objectives, and Audit Programs

Assertions Transactions
and Events
Audit Programs
(Containing Audit
F/S Assertions Account Audit
Procedures to Obtain
Balances Objectives
Audit Evidence)

Assertions Presentation
and
Disclosures

Assertions are representations by management, explicit or otherwise, that are embodied in the F/S. The
three categories of assertions are:

1. Classes of transactions and events (refer primarily to income statement accounts)

a. Occurrence- transactions and events that have been recorded have occurred and pertain to
the entity.
b. Completeness-all transactions and events that should have been recorded have been
recorded.
c. Accuracy- amounts and other data relating to recorded transactions and events have been
recorded appropriately.
d. Cutoff- transactions and events have been recorded in the proper accounts.
e. Classification- transactions and events have been recorded in the proper accounts.

2. Account balances (refer to balance sheet accounts)

a. Existence- assets, liabilities, and equity interests exist.
b. Rights and obligations- the entity holds or controls the rights to assets, and liabilities are the
obligations of the entity.
c. Completeness- all assets, liabilities and equity interests that should have been recorded
have been recorded.

4
 d. Valuation and allocation- assets, liabilities, and equity interests are included in the F/S at
appropriate amounts and any resulting valuation or allocation adjustments are
appropriately recorded.

3. Presentation and disclosure (refer to entire F/S)

a. Occurrence and rights and obligations-disclosed events, transactions, and other matters
have occurred and pertain to the entity.
b. Completeness-all disclosures that should have been included in the F/S have been included.
c. Classification and understandability- financial information is appropriately presented and
described, and disclosures are clearly expressed.
d. Accuracy and valuation-financial and other information are disclosed fairly and at
appropriate amounts.

To illustrate, consider Accounts Receivables of P1 million and Sales of P10 million. In F/S, management
asserts that the AR exists, rightfully collectible, properly valued, and complete. In “Sales,” management
says that sales have occurred, complete, accurate, with proper cutoff reflecting current year
transactions, and properly classified as revenue, not other income.

The auditor may combine transactions and events assertions with that of account balances, or use
“Measurement” assertion instead of “Accuracy” and “Cutoff”.

Operational (Performance) Audit

This is a study of an entity’s specific unit for purposes of measuring whether that unit conducted its
operations efficiently and effectively. Effectiveness is a measure of whether an entity achieves its goals
and objectives. Operational audit may be divided into two:

 Economy and efficiency (management) audit- The appraisal of management performance from
the most efficient point of view, i.e., cost-benefit analysis.
 Effectiveness (program results) audit- The evaluation of programs and activities to determine
the extent of achievement of previously set goals and objectives.

Compliance Audits

This is an evaluation to determine whether an entity is following specific policies, rules, or regulations
set out by some higher authority. In other words, this audit measures the entity’s compliance with
certain established criteria.

 An audit of a bank to determine if the bank complies with capital reserve requirements of
Bangko Sentral ng Pilipinas (BSP) performed by BSP examiners.

 An audit of an ITR filed by a taxpayer to determine whether such return complies with income
tax law performed by Bureau Internal Revenue (BIR) examiners.

 Audits of many government entities and non-profit organizations that receive financial
assistance from the government designed to determine whether the financial assistance from
the government designed to determine whether the financial assistance is spent in accordance
with applicable laws and regulations.

Audits According to Auditor

Audits as to auditor are (a) external (independent)) audits, (b) internal audits, and (c) governmental
audits.

External (Independent) Audits

These are audits performed by professional accountants in public practice that are independent of the
entities whose assertions are the audit subject matter. External auditors mainly perform F/S audits of
various entities although they may also be contracted to do operational and compliance audits, subject
to ethical requirements.

Internal Audits

Many large entities employ internal auditors that perform internal audits. Internal auditing means “an
independent “, objective assurance and consulting activity designed to add value and improved an
organization’s operations.” To achieve this objective, internal auditors must be independent of the

5
department they are auditing and directly report to those charged with governance (TCWG or the audit
committee or board of directors).

Although internal auditors aim to be independent, but being employees of the entity, they cannot be as
independent as ext external auditors. As a result, internal audits mainly comprise operational and
compliance audits. F/S audits may also be performed but reports are for internal, not external, use only.

The scope and objectives of internal audit activities vary widely, which may include:

 Review of internal controls and recommending improvements thereto;

 Review of the processes used to report financial and operating information;
 Review of the economy, efficiency and effectiveness of operating activities of an entity; and
 Review of compliance with laws, regulations and other external requirements, and with
management policies and directive and other internal requirement.

Governmental Audits

Governmental auditing involves the determination whether government funds are being handled
properly in compliance with the applicable laws and regulations, government programs are conducted
effectively and efficiently, and F/S are fairly presented. Governmental auditors (e.g., COA auditors, BSP
examiners, and BIR examiners) practically perform F/S audit, operational audit, and compliance audit.

THE AUDITOR’S OVERALL OBJECTIVES- OBTAINING REASONABLE ASSURANCE, REDUCING AUDIT RISK

To easily grasp the audit process, let us first discuss the auditor’s overall objectives in F/S audit. Students
are advised to spend time fully understanding the objectives as all auditors’ works are intended to
achieve them. These objectives are:
 To obtain reasonable assurance whether the FS are free from material misstatement, whether
due to fraud or error, to enable the auditor to express an opinion on whether the F’S are
prepared, in all material respects, in accordance with an AFRF; and
 To report on the F/S and communicate the auditor’s findings.

In other words , the auditor performs procedures to gather evidence about F/S assertion to obtain
reasonable assurance (reducing audit risk to low level) that F/S are free from material misstatement and
expressing opinion through a written report. (See exhibit below.)

Exhibit 2.5 Illustrative Auditor’s Overall Audit Objectives

Reasonable
Procedures Evidence Assurance & Opinion Report
Audit Risk

Gather Obtain
Perform audit sufficient reasonable
Issue written
procedures appropriate assurance and Form an
reduce audit
auditor’s
audit opinion about
risk to the fairness of report to
evidence
acceptably low F/S users
level

Audit Risk and Reasonable Assurance

Audit Risk is the risk (or likelihood) that the auditor gives an inappropriate audit opinion when the F/S
are materially misstated (beta risk). Audit risk does not include the risk that the auditor might express an
opinion that the F/S is materially misstated when they are not (alpha risk). Alpha risk is ordinarily
insignificant. Further, audit risk does not refer to the auditor’s business risks such as loss from litigation,
adverse publicity, or other events arising in connection with F/S audit.

In other words, audit risk occurs when the F/S are already materially misstated even before the audit,
and the auditor fails to detect them leading to expression of an inappropriate opinion. The next exhibit
illustrates this phenomenon.

6
Exhibit 2.6 Audit Risk and Reasonable Assurance

Audit Risk Reasonable

Risks of
(Acceptably Assurance
Material Detection
low level) (High but not
Misstatement Risk
absolute
(Inherent Risk and
Control Risk) assurance)

The chance that The chance that The chance that the
F/S are already the auditor fails auditor’s opinion is
materially to detect inappropriate when the
misstated material F/S is actually materially
before the audit misstatement misstated (beta risk)
begins

Audit Risk is a function of the risks of material misstatement and detection risk [AR = f(ROMM x DR)].
The ROMM refers to the likelihood that the F/S is materially misstated prior to the audit; while, DR is the
risk that the auditor’s procedure will not detect a material misstatement that exists. ROMM relate to the
entity, its environment, and its internal control; while, DR is the function of the effectiveness of auditor’s
procedures.

The auditor views DR and ROMM as inversely related. The higher the assessed level of ROMM, the lower
the DR the auditor sets, vice versa. Note that the detection risk cannot be set at zero given that there is
always ROMM.

THE RISK-BASED AUDIT PROCESS

The next exhibit depicts the risk-based audit approach roadmap.

Exhibit 2.7 The Risk-Based Audit Approach Roadmap

Phase 1----Risk Assessment Phase 2----Risk Response Phase 3----Conclusion and Reporting

Preliminary Planning the Determining Completing the Audit and

Engagement Audit Responding to the extent of Considering Post-Audit
Activities Assessed Risks Testing Responsibilities

Determining Understandin Considering Considering Forming the Auditor’s Opinion and

Materiality g the Entity Fraud, Error Work of Other Report Contents
and its and NOCLAR Practitioners
Environment

Understandin Indentifying Considering Performing and Reporting on

g the Entity and Assessing Considering Certain Specialized Audit Engagements
Internal ROMM Effect of IT Specific Items
Control

Professional Judgment and Professional Skepticism

Audit Evidence and Documentation

Audit Quality
7
In accordance with PSAs, the auditor shall perform a quality audit. In doing so, the auditor shall conduct
the audit with professional judgment and maintain professional skepticism throughout the planning and
performance of the audit and:

 Identify and assess ROMM, whether due to fraud or error, based on an understanding of the
entity, its environment and its internal control.
 Obtain sufficient appropriate audit evidence about whether material misstatements exist by
designing and implementing appropriate risks responses.
 Form an opinion on F/S based the audit evidence obtained.

Phase 1----Risk Assessment

In this phase, the auditor decides whether to accept an audit engagement. If the client is acceptable, the
auditor documents the terms of audit in an engagement letter.

To effectively and efficiently) perform an audit, the auditor plans the audit. This involves obtaining
understanding of the entity, its environment and its internal control that serves as a frame of reference
on (1) how the audit is conducted, (2) professional judgment and professional skepticism are exercised,
(3) materiality is determined, and (4) ROMM are assessed both at F/S and assertion levels.

Phase 2----Risk Response

The assessed ROMM serves as a basis for the auditor’s responses to obtain sufficient appropriate audit
evidence. The auditor’s two responses include overall responses to address risks ROMM at F/S level and
further audit procedures at assertion level.

Phase 3----Conclusion and Reporting

The auditor evaluates the results of the audit evidence obtained and:

a) Form an opinion on the F/S; and

b) Express clearly that opinion through a written report.

The following are the auditor’s opinion depending on the outcome engagement:

1. Unmodified (Unqualified or clean) opinion- The opinion expressed when the F/S are prepared, in
all material respects, in accordance with the AFRF.

2. Modified opinion- The three types of are:

a. Qualified opinion- The auditor is satisfied that the F/S is presented fairly. Except for a
specific aspect of them.
b. Adverse opinion- The auditor does not believe the F/S is fairly presented.
c. Disclaimer of opinion- The auditor does not know if F/S is presented fairly.

Professional Judgment

The auditor’s ability to exercise professional judgment is the hallmark (trademark) of auditing (i.e.,
accountants are engaged to audit F/S because of their ability to exercise professional judgment).
Professional judgment is the application of relevant training, knowledge, and experience that enables
the proper interpretation of:

 Relevant ethical requirements

 PSAs
 Informed decisions

Professional judgment is necessary regarding decisions about:

 Materiality and audit risk

 Nature, timing, and extent of audit procedures

8
  Evaluating whether sufficient appropriate audit evidence has been obtained
 Evaluating management’s judgments in applying the AFRF
 Drawing of conclusions, e.g./ assessing reasonableness of management’s estimates

Professional Skepticism

It is believed that professional skepticism is the auditor’s best method to detect fraud. Why is it so
considering that fraud is often too difficult to detect? Because professional skepticism is an attitude that
includes (1) a questioning mind, (2) being alert to conditions which may indicate possible misstatement
due to error or fraud, and (3) a critical assessment of audit evidence. Maintaining professional
skepticism reduces the risks of:

 Overlooking unusual circumstances.

 Over generalizing when drawing conclusions.
 Using inappropriate assumptions in performing procedures and evaluating results.

The auditor may accept documents as genuine unless there’s a reason to the contrary. The auditor
cannot be expected to disregard past experience of honesty and integrity of client, though the auditor
shall still maintain professional skepticism.

Audit Evidence and Documentation

All throughout the audit process, the auditor gathers and accumulates audit evidence and
documentation that support the opinion.

Audit quality

Quality audit means that the audit is performed in accordance with relevant ethical, professional, legal,
and regulatory requirements.

Relevant ethical requirements include the following fundamental principles of:

a. Integrity
b. Objectivity
c. Professional competence and due care
d. Confidentiality
e. Professional behavior

In addition, the Code of Ethics also requires professional accountants to be independent, both of mind
and in appearance, when performing audits.

Audits in Accordance with PSAs

The auditor shall comply will all PSAs relevant to the audit. The auditor shall not represent compliance
with PSAs in the auditor’s report unless the auditor has complied with the requirements of PSAs relevant
to the audit.

If an objective in a relevant of PSA cannot be achieved, the auditor shall evaluate whether this prevents
the auditor form achieving the overall objectives of the auditor and thereby requires the auditor, in
accordance with the PSAs, to modify the auditor’s opinion o withdraw form the engagement. Failure to
achieve an objective represents a significant matter requiring documentation.

SOURCE:

Cabarles L., Ocampo R., and Valez R. A Risk-Based Approach Part I – Theory (2019), Dom Dane Publishers
and Made Easy Books

Cabrera, M. E., Auditing & Assurance Services: Principles of Auditing & Assurance Services, (2018),
Manila: Conanan Educational Supply