AUDITING PRINCIPLES AND PRACTICE I

CHAPTER TWO: THE AUDITING PROFESSION

 CHAPTER OUTLINE
• The regulatory framework governing auditing
• Professional Ethics
• Need for ethic and special need for ethical conduct for Auditing profession
• AICPA code of professional conduct
• Legal liability of auditors
• Major Sources of Auditors liability
• Materiality and risk assessment
2.1. INTRODUCTION
• The audit function is carried out in complex environment composed of
interrelation between the government professional organizations, individual
auditors and audit firms.
• Professional organizations: are interested in audit function because they are
issuer of standards.
• Government: needs audit function in order to protect the interest of the public
and for its interest too (tax purpose).
2.2. AUDITING STANDARDS
Auditing standards are general guidelines to aid auditors in fulfilling their
professional responsibilities in the audit of historical FSs.

They include consideration of professional qualities such as competence &

independence, reporting requirements, and evidence.

They are not sufficiently specific to provide any meaningful guide to

practitioners, but they do represent a framework upon which the AICPA can
provide interpretation.
 CONT..,
❑Auditor is required to plan, perform, and report the results of a financial
statement audit in accordance with generally accepted auditing standards
(GAAS).
GAAS is concerned with measuring the quality of the audit and the objectives
to be attained during an audit.
Identify necessary qualifications and characteristics of auditors and guide the
conduct of the audit
Auditing standards are general guidelines to aid auditors in fulfilling their
professional responsibilities in the audit of financial statements.
CONT..,
Purpose of GAAS is to achieve the following objectives of an audit
examination
–Obtain reasonable assurance about whether financial statements are free of
material misstatement
–Report on the financial statements and communicate in accordance with
auditor’s findings.
 GENERALLY ACCEPTED AUDITING STANDARDS
(GAAS)
Three categories of GAAS:
General standards
Standards of fieldwork
Standards of reporting
 1. GENERAL STANDARDS
The General Standards affect all phases of the audit, including client
acceptance or retention.

General Standards Stress the important personal qualities that the auditor
should possess.

1.The audit must be performed by a person or persons having adequate technical

training and proficiency as an auditor.

- Experience and expertise

CONT..,

2. In all matters relating to the assignment, an independence in mental attitude is

to be maintained by the auditor or auditors.

–Independence in fact vs. independence in appearance

–Financial and managerial relationships

3.Due professional care is to be exercised in the performance of the audit and

the preparation of the report.

level of performance by reasonable auditor in similar circumstances

 2. STANDARDS OF FIELDWORK
The Fieldwork Standards - guide the planning, internal control
evaluation, and the evidence gathering phases of the engagement.

The Fieldwork Standards Concern evidence accumulation & other activities

during the actual conduct of the audit.

1.The auditor must adequately plan the work and must properly supervise any
assistants.
CONT..,
2.The auditor must obtain a sufficient understanding of the entity and its
environment, including its internal control, to assess the risk of material
misstatement of the financial statements whether due to error or fraud, and to
design the nature, timing, and extent of further audit procedures.

3.The auditor must obtain sufficient appropriate audit evidence through audit
procedures performed to afford a reasonable basis for an opinion regarding the
financial statements under audit.
 3. REPORTING STANDARDS
The Reporting Standards - guide the reporting phase of the audit engagement. It
require the auditor to prepare a report on the FSs taken as a whole, including
informative disclosures.
1.The report shall state whether the financial statements are presented in accordance
with GAAP.
2.The report shall identify those circumstances in which such principles have not been
consistently observed in the current period in relation to the preceding period.
3.Informative disclosures in the financial statements are to be regarded as reasonably
adequate unless otherwise stated in the report.
4.The report shall either contain an expression of opinion regarding the financial
statements, taken as a whole, or an assertion to the effect that an opinion cannot be
expressed.
 2.3. PROFESSIONAL ETHICS
•There are a number of ethical matters that are extremely important for auditors
to consider when performing their work.
•It is vital to the public image and credibility of the profession that the auditor is
seen to be behaving in an acceptable manner in addition to actually complying
with the ethical requirements.
•It is important to recognize that many groups in society rely on
accountant/auditors work and an accountant/auditor therefore has a public
accountability.
PROFESSIONAL ETHICS….

Activity
1. What is Ethics?
2. What is professional ethics?
 WHAT IS ETHICS?
Ethics can be defined broadly as a set of moral principles or values.
Though Each of us has such a set of values, we may or may not have considered them
explicitly.
Ethical behavior is necessary for a society to function in an orderly manner.
Ethics is a requirement for human life. It is our means of deciding a course of action.
Ethics deals with the moral duty and obligation
What is good and right
Judgment of right or wrong
Good or bad
 PROFESSIONAL ETHICS
•Professional ethics refers to the basic principles of right action for the
member of a profession.
•Professional ethics may be regarded as a mixture of moral and practical
concepts.
•Professional ethics in public accounting as in other professions, have been
developed gradually and are still in a process of change as the practice of
accounting it self changes.
•The fundamental purpose of such codes is to provide members with guidelines
for maintaining a professional attitude and conducting themselves in a manner
that will enhance the professional status of their discipline
PROFESSIONAL ETHICS….
The AICPA Code of Conduct: The Code of Ethics for Professional Auditors
establishes ethical requirements for professional auditors and provides a conceptual
framework for all professional auditors to ensure compliance with the following
fundamental principles of professional ethics. These principles are:
1.Independence
2. Integrity,
3. Objectivity,
4.Professional competence and due care,
5.Confidentiality, and
6.Professional behavior
7.Technical Standards
 PROFESSIONAL ETHICS….
The Security Exchange Commission (SEC) adopted rules to strengthen
independence with respect to a number of issues between CPA and client:
Financial interests: If there is
•Material direct investment by an auditor in an auditee,
•Indirect investment by a family member of an auditor compromises
independence;
•Former practitioners who may have a relationship with the auditee;
•Loans between an auditing firm and its client;
PROFESSIONAL ETHICS….
•Financial interests of close family members;
•Joint investor or investee relationship with a client;
•Membership on the board of directors of the auditee;
•Litigation involving a CPA firm and its client may serve to limit independence
as well.
•Consulting and other non-audit services provided to the client.
•Unpaid fees that the client owes to the CPA.
 PROFESSIONAL ETHICS….
Integrity
• A professional accountant should be straightforward and honest in all professional
and business relationships.
•The principle of integrity imposes an obligation on all professional accountants to be
straightforward and honest in professional and business relationships. Integrity also
implies fair dealing and truthfulness.
•A professional accountant should not be associated with reports, returns,
communications or other information where they believe that the information:
(a) Contains a materially false or misleading statement;
(b) Contains statements or information furnished recklessly; or
(c) Omits or obscures information required to be included where such omission or
obscurity would be misleading
PROFESSIONAL ETHICS….
Objectivity
•A professional accountant should not allow bias, conflict of interest or undue
influence of others to override professional or business judgments.
•The principle of objectivity imposes an obligation on all professional accountants not
to compromise their professional or business judgment because of bias, conflict of
interest or the undue influence of others.
•A professional accountant may be exposed to situations that may impair objectivity.
It is impracticable to define and prescribe all such situations. Relationships that bias or
unduly influence the professional judgment of the professional accountant should be
avoided.
 PROFESSIONAL ETHICS….
Professional Competence and Due Care
A professional accountant has a continuing duty to maintain professional
knowledge and skill at the level required to ensure that a client or employer
receives competent professional service based on current developments in
practice, legislation and techniques.
A professional accountant should act diligently and in accordance with
applicable technical and professional standards when providing professional
services.
PROFESSIONAL ETHICS….
• The principle of professional competence and due care imposes the following
obligations on professional accountants:
• (a) To maintain professional knowledge and skill at the level required to
ensure that clients or employers receive competent professional service; and
• (b) To act diligently in accordance with applicable technical and
professional standards when providing professional services.
PROFESSIONAL ETHICS….

• Competent professional service requires the exercise of sound judgment in

applying professional knowledge and skill in the performance of such service.
• • Professional competence may be divided into two separate phases:
• (a) Attainment of professional competence; &
• (b) Maintenance of professional competence.
PROFESSIONAL ETHICS….

• The maintenance of professional competence requires a continuing awareness

and an understanding of relevant technical professional and business
developments.
• Continuing professional development develops and maintains the capabilities
that enable a professional accountant to perform competently within the
professional environments.
• •Diligence encompasses the responsibility to act in accordance with the
requirements of an assignment, carefully, thoroughly and on a timely basis.
PROFESSIONAL ETHICS….

• A professional accountant should take steps to ensure that those working

under the professional accountant’s authority in a professional capacity
have appropriate training and supervision.
• •Where appropriate, a professional accountant should make clients, employers
or other users of the professional services aware of limitations inherent in the
services to avoid the misinterpretation of an expression of opinion as an
assertion of fact.
PROFESSIONAL ETHICS….

• Confidentiality
A professional accountant should respect the confidentiality of information
acquired as a result of professional and business relationships and should not
disclose any such information to third parties without proper and specific
authority unless there is a legal or professional right or duty to disclose.
• •Confidential information acquired as a result of professional and business
relationships should not be used for the personal advantage of the professional
accountant or third parties.
PROFESSIONAL ETHICS….

• The principle of confidentiality imposes an obligation on professional

accountants to refrain from:
(a) Disclosing outside the firm or employing organization confidential
information acquired as a result of professional and business relationships
without proper and specific authority or unless there is a legal or professional
right or duty to disclose; and
(b) Using confidential information acquired as a result of professional and
business relationships to their personal advantage or the advantage of third
parties.
PROFESSIONAL ETHICS….
• A professional accountant should maintain confidentiality even in a social
environment.
• •The professional accountant should be alert to the possibility of inadvertent
disclosure, particularly in circumstances involving long association with a
business associate or a close or immediate family member.
• •A professional accountant should also maintain confidentiality of information
disclosed by a prospective client or employer.
• •A professional accountant should also consider the need to maintain
confidentiality of information within the firm or employing organization.
 PROFESSIONAL ETHICS….

• The following are circumstances where professional accountants are or may be

required to disclose confidential information or when such disclosure may be
appropriate:
• a)Disclosure is permitted by law and is authorized by the client or the employer
• b)Disclosure is required by law, for example:
(i) Production of documents or other provision of evidence in the course of legal
proceedings; or
(ii) Disclosure to the appropriate public authorities of infringements of the law
that come to light; and
PROFESSIONAL ETHICS….
(c) There is a professional duty or right to disclose, when not prohibited by law:
(i) To comply with the quality review of a professional body;
(ii) To respond to an inquiry or investigation by a regulatory body;
(iii) To protect the professional interests of a professional accountant in legal
proceedings; or
(iv) To comply with technical standards and ethics requirements.
PROFESSIONAL ETHICS….
• •Professional Behavior: A professional accountant should comply with
relevant laws and regulations and should avoid any action that discredits the
profession.
• • The principle of professional behavior imposes an obligation on professional
accountants to comply with relevant laws and regulations and avoid any action
that may bring discredit to the profession.
• •This includes actions which a reasonable and informed third party, having
knowledge of all relevant information, would conclude negatively affects the
good reputation of the profession.
PROFESSIONAL ETHICS….

• •Technical Standards: Audit should be performed by following

certain standards, international or national.
PROFESSIONAL ETHICS….
Ethical dilemmas
•Ethical situations often present conflicting objectives, and it is sometimes
tempting to rationalize a particular course of action that is unethical.
• Typical rationalizations for such behavior include:
1) everyone is doing it;
2) it is legal it must also be ethical; and
3) no one will know the difference.
PROFESSIONAL ETHICS….

A process for managing one's personal ethical dilemmas is as follows:

•Obtain the facts;
•Identify the ethical issues;
•Examine the effects of various outcomes on each participant;
•Identify alternatives;
•Look at the consequences of each alternative;
•Choose the appropriate action.
 BENEFITS OF ETHICS IN AUDITING
The following are some benefits of Ethics in Auditing:
❑ Help individuals make sense of their own ethical environment
❑ Identify potential risks and liabilities.
❑ It improves legal compliance
❑ It is key in improving organizational performance
❑ Improved relationships with stakeholders
❑ Enable employees to recognize and expose potentially unethical choices
within a firm.
 2.4. LEGAL RESPONSIBILITY AND LIABILITY OF AUDITORS
The potential liability of CPAs to parties who might be suffering significant losses as a
result of improper professional practice greatly exceeds that of other physicians or any
group of professionals.
• If a physician or an attorney is negligent, the injured party usually limited to the
professional’s patient or client.
• If a CPA is negligent in expressing an opinion on financial statements, literally
millions of investors as well as the company itself and company creditors may sustain
losses.
• Auditors can be sued by clients, investors, creditors, government and all others who
claim for the loss from the auditors’report.
LEGAL RESPONSIBILITY AND LIABILITY OF AUDITORS…,

Definition of Terms
▪ Ordinary negligence: Absence of reasonable due care in the conduct of an
engagement. It is failure to perform a duty in accordance with applicable
professional standards.
▪ Gross negligence: Extreme or reckless departure from professional standards
of due care (constructive fraud).
It is a substantial failure on the part of the auditor to comply with generally
accepted auditing standards (GAAS/ISA).
▪ Fraud: is defined as misrepresentation by a person of material fact known
by that person to be untrue or made with reckless indifference as to whether the
fact is true.
 LEGAL RESPONSIBILITY AND LIABILITY OF AUDITORS…,

• Constructive fraud: differs from fraud in that constructive fraud does not
involve a misrepresentation with the intent to deceive the other party.
• Privity: is the relationship between parties to a contract. In case of absent a
contractual relationship, the auditor does not owe a duty of care to an injured
party.
• Third party beneficiary: a person who is named in a contract or intended by
contracting parties to have definite rights and benefits under the contract.
• Engagement letter: is the written contract summarizing the contractual
relationship between auditor and client.
 CONT..,
• Breach of contract: is failure of one or both parties to a contract to perform in
accordance with the contract’s provisions.
• Plaintiff: is the party claiming damages and bringing suit against the defendant.
• Contributory negligence: is negligence on the part of the plaintiff that has
contributed to his or having incurred a loss. Contributory negligence may be
used as a defense, because the court may limit or bar recovery by a plaintiff
whose own negligence contributed to the loss.
• Comparative negligence: is a concept used by certain courts to allocate
damages between negligent parties based on the degree to which each part is at
fault.
CONT..,
• The extent to which the CPAs services are found to be improper determines the
parties to whom the CPAs are liable for losses proximately caused by their improper
actions.
• CPAs are never liable to any party if they perform their services with due
professional care.
• Having exercised due professional care is a complete defense against any charge of
improper conduct.
• Common laws – is under written law that has developed through court decision due
to breach of contract, negligence, and fraud. It represents judicial interpretation of
society’s fairness.
• Statutory law – is a law that has been adopted by government such as federal
government.
CONT..,

• When CPAs take on any type of engagement, they are obliged to render due
professional care.
• This obligation exists whether or not it is specifically set forth in the written
contract with the client.
• Thus CPAs are liable to their clients and third party beneficiaries for any losses
proximately caused by the CPAs failure to render due professional care .
• In short ordinary negligence is a sufficient degree of misconduct to make CPAs
liable for damages caused to their clients.
 LEGAL LIABILITIES OF AUDITORS
• When an auditor assumes any type of engagement, they are obliged to render
due professional care.
• These obligations exist whether or not it is specifically set forth in written
contract with the client which is ordinarily company it self as contrasted to
shareholders.
• Audit professionals have a responsibility under common law to fulfill implied
or expressed contracts with clients.
• They are liable to their clients for negligence and/or breach of contract should
they fail to provide the services or not exercise due care in their performance.
 CONT..,
Sources of Auditors Liability
1. Breach of Contract. The potential for liability occurs when there is a breach of
contract and when damages result due to a failure of one or both parties to a contract
to perform in accordance with the contract’s provisions.
▪ A public accounting firm might be sued by the client for breach of contract, for
example, if the firm has failed to perform the engagement in accordance with the
engagement letter and the client has suffered resulting damages.
2. Negligence: Both clients and third parties sue CPAs for the tort of negligence.
For the CPA, negligence is failure to perform a duty in accordance with applicable
standards.
3. Fraud is defined as misrepresentation by a person of a material fact, known by that
person to be untrue or made with reckless indifference as to whether the fact is true, with
the intention of deceiving the other party and with the result that the other party is
injured.
4-21
CONT..,
4. Statutory liability. CPAs have statutory liability under both the federal
securities laws and state securities laws.
▪ The Securities Act of 1933, which applies to initial stock offerings, imposes
liability on CPAs for their audit work relating to financial statements used to
register the securities for sale.
▪ The Securities Exchange Act of 1934 imposes liability on CPAs for their work
on the financial statements included with a company’s ongoing reports to the
Securities and Exchange Commission.
The standards for liability differ under these statutes, but each provides a means
for recovery against the CPAs by investors.
CONT..,
5. Other sources
• CPA liability may arise from improper performance on any type of
engagement— audit, other attest, tax, accounting services, or consulting
services.
• However, CPAs are not liable to any party if they can prove that they
performed their services with due professional care (often referred to as a “due
care defense”).
• Exercising due professional care is a complete defense against any charge of
improper conduct.
 AUDITOR’S LIABILITY TO CLIENTS
• When CPAs take on any type of engagement, they are obliged by their contract
with the client—generally the engagement letter—to exercise due professional
care.
• This obligation exists whether or not it is specifically set forth in the contract
with the client.
• If the CPAs fail to perform according to the terms of the contract, the CPAs
have liability to clients through the common law theory of breach of contract.
 CONT..,
The most common source of from clients:
➢ Failure to complete audit on the agreed-upon time,
➢ Inappropriate withdrawal from an audit,
➢ Failure to discover a defalcation (theft of asset), and
➢ Breach of the confidentiality requirements of CPAs.
 CONT..,
Although legal difference exists between breach of contract and tort action, in
general to establish auditors liability a client must prove the following elements:
▪ There is a duty: the auditor accept duty of care exercise skill prudence &
diligence
▪ Breach of duty: Auditor breach his/her duty of care through negligence
performance
▪ Loss (damages) – the client suffer loss
▪ Causation(Proximate cause) – the loss results from the auditors’ negligent
performance.
AUDITOR’S DEFENSES AGAINST CLIENT SUITS

➢ Lack of duty to perform the service

➢ Nonnegligent performance

➢ Contributory negligence

➢ Absence of causal connection

CONT..
❑ The lack of duty to perform the service means that the CPA firm claims that there
was no implied or expressed contract. Eg review services not an audit
❑ A common way for a CPA firm to demonstrate a lack of duty to perform is by use of
an engagement letter.
❑ For non negligent performance in an audit, the CPA firm claims that the audit was
performed in accordance with auditing standards. Even if there were undiscovered
misstatements, the auditor is not responsible if the audit was conducted properly. (the
prudent person concept).
 CONT…
❖ A defense of contributory negligence exist when:
➢ The client’s own actions either resulted in the loss that is the basis for damages
or inferred with the conduct of the auditor in such a way that prevented the
auditor from discovering the cause of the loss. Eg employee’s theft of assets.
➢ The client must be able to show that there is a close causal connection b/n the
auditor’s breach of the standard of due care and the damages suffered by the
client. Eg renewal of loan…..
 Liability to Third Parties Under Common Law
➢Third party include actual & potential SHs, vendors, bankers, & other
creditors, employees & customers.
➢A CPA firm may be liable to third parties if a loss was incurred by the
claimant due to reliance on misleading FSs.
✓A typical suit might occur when a bank is unable to
collect a major loan from an insolvent customer.
✓The bank can claim that misleading audited FSs were relied on in making
the loan & that the CPA firm should be held responsible b/c it failed to
perform the audit with due care.
 Auditor Defenses Against Third-Party Suits
❖Three of the four defenses available to auditors in suits by clients are
available in third party lawsuits. Contributory negligence is ordinary
not available b/c a third party is not in a position to contribute to
misstated FSs.
❖However the preferred defense in third part suits is no negligent
performance. If the auditor conducted the audit in accordance with
GAAS, the other defenses are unnecessary. On the other hand, non-
negligence performance is difficult to demonstrate to a court.
 CRIMINAL LIABILITY
❖CPAs can be held liable under criminal liability for accountants.
❖CPAs can be found guilty for criminal action under both federal and
state laws.
❖The most likely statutes to be used under state law are the Uniform
Securities Acts, which are similar to parts of the SEC rules.
❖The 1933 & 1934 securities acts, as well as the Federal Mail Fraud
Statutes and the Federal False Statements Statutes, are the most relevant
federal laws affecting auditors.
❖All make it a criminal offense to defraud another person through knowingly
being involved with false FSs.
THE PROFESSION’S RESPONSE TO LEGAL LIABILITY
➢ Research in auditing
➢ Standard and rule setting

➢ Set requirements to protect auditors

➢ Establish peer review requirements
➢ Oppose lawsuits
➢ Education of users
➢ Lobby for changes in laws

➢ Sanction members for improper conduct and performance

PROTECTING INDIVIDUAL CPAS FROM LEGAL LIABILITY
➢ Deal only with clients possessing integrity
➢ Hire qualified personnel
➢ Follow the standards of the profession
➢ Maintain independence
➢ Understand the client’s business
➢ Perform quality audits
➢ Document the work properly
➢ Obtain an engagement and a representation letter
➢ Maintain confidential relations
 MATERIALITY AND RISK ASSESSMENT
❖Audit risk is the risk that the auditor may unknowingly fail to
appropriately modify his or her opinion on financial statements that are
materially misstated.
❖The auditor’s standard report states that the audit provides only reasonable
assurance that the financial statements do not contain material misstatements.
❖Reasonable assurance implies some risk that a material misstatement could be
present in the financial statements and the auditor will fail to detect it.
CONT..,
The Audit Process
Although specific audit procedures vary from one engagement to the next, the following
stages are involved with
every engagement.
1. Plan the audit.
2. Obtain an understanding of the client and its environment, including internal control.
3. Assess the risks of misstatement and design further audit procedures.
4. Perform further audit procedures.
5. Complete the audit.
6. Form an opinion and issue the audit report.
CONT..,
Materiality
➢Materiality is the magnitude of an omission or misstatement of accounting
information that, in light of surrounding circumstances, makes it probable that
the judgment of a reasonable person relying on the information would have
been changed or influenced by the omission or misstatement.
➢The preliminary judgment about materiality is the maximum amount the
auditor believes the statements could be misstated and still not affect the
decisions of reasonable users.
➢If the misstatement doesn’t influence the decision of reasonable
person, it is said to be immaterial.
 COMPONENTS OF AUDIT RISK

1. Inherent Risk (IR): Susceptibility of an assertion to material misstatement

assuming no related internal controls.
2. Control Risk (CR): Risk of misstatements not being detected by system of
internal control.
3. Detection Risk (DR): Risk of misstatements not being detected by the auditor.
CONT..,
❖The auditors’ consideration of control risk involves analyzing the design and
implementation of internal control to decide whether the internal control system
appears adequate to prevent or detect and correct material misstatements.
For example, if the auditors believe that inherent risk is higher for an important
area and internal control is weak (i.e., control risk is high), they will assess the
risk of material misstatement as high.
On the other hand, if inherent risk is assessed as low and controls seem capable
of preventing or detecting and correcting misstatements, the auditors may decide
to perform tests of controls to support an assessment that control risk is low.
❖If those tests provide evidence that the controls are operating effectively, the
auditors may conclude that the risk of material misstatement is low.
ACTIVITY

Read more on risk assessment and materiality