1.1 General
The word “audit” comes from the Latin word audire, which means “to hear”. The ancient “audit-checking” activities can be traced back to ancient civilizations, such as of China, Egypt, and Greece. The ancient checking activities found in Greece (around 350 B.C.) appear to be closest to the present-day auditing.1 Auditing is a systematic process of objectively obtaining and evaluating the evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between the assertions and established criteria and communicating the results to interested users.2 The role assured by audit firms is crucial to our financial markets. Information is the lifeblood of the market. For the market to operate efficiently—indeed, for it to operate at all—information must have some measure of reliability. Investor confidence is bolstered by the knowledge that public financial statements have been subjected to the rigors of independent and objective investigation and analysis.3
1.2 Attestations and Assurance Services
1.2.1 Attestation Services
Attestation involves an engagement resulting in the issuance of a report on subject matter or an assertion about the subject matter that is the responsibility of another party. Attestation services include: (i) audit, (ii) internal control over financial statements, (iii) review, (iv) information technology, and (v) others.4 There are four types of audit services:
- Operational audit
Operational Audit is a systematic review of effectiveness, efficiency, and economy of operation. Operational audit is a future-oriented, systematic, and independent evaluation of organizational activities. The process is very similar to the processes for other forms of audits, such as the financial audit, but the operational audit process is a much more in-depth review of the business. It usually does not focus on a single department or project, because each department plays a role in the overall operational process and is interconnected. It aims to determine whether the internal controls of the business (i.e., policies and procedures) are sufficient to produce an optimum level of efficiency and effectiveness. Operational audit is often praised as a process which provides a company with objective opinions enabling it to generate quicker production or sales turnaround, better allocation of costs, improved control systems, the location of areas of delay and an overall streamlined workflow. However, like any audit process, operational audit can be time-consuming and costly.
- Compliance audit 5
A compliance audit is a comprehensive review of an organization’s adherence to regulatory guidelines. Independent accounting, security, or IT consultants evaluate the strength and thoroughness of compliance preparations. A compliance audit is based on the premise that management is responsible for the entity’s compliance with compliance requirements. Management’s responsibility for the entity’s compliance with compliance requirements includes the following:
- a.Identifying the entity’s government programs and understanding and complying with the compliance requirements
- b.Establishing and maintaining effective controls that provide reasonable assurance that the entity administers government programs in compliance with the compliance requirements
- c.Evaluating and monitoring the entity’s compliance with the compliance requirements
- d.Taking corrective action when instances of noncompliance are identified, including corrective action on audit findings of the compliance audit.
The auditor’s objectives in a compliance audit are to: (a) obtain sufficient appropriate audit evidence to form an opinion and report at the level specified in the governmental audit requirement on whether the entity complied in all material respects with the applicable compliance requirements; and (b) identify audit and reporting requirements specified in the governmental audit requirement that are supplementary to GAAS and Government Auditing Standards, if any, and perform procedures to address those requirements.
The auditor should determine which of those government programs and compliance requirements to test in accordance with the governmental audit requirement. The auditor should assess the risks of material noncompliance whether due to fraud or error for each applicable compliance requirement and should consider whether any of those risks are pervasive to the entity’s compliance because they may affect the entity’s compliance with many compliance requirements. The auditor should report noncompliance as well as other matters that are required to be reported by the governmental audit requirement in the manner specified by the governmental audit requirement.
- Financial statement audit
A financial statement audit is the examination of an entity’s financial statements and accompanying disclosures by an independent auditor. The result of this examination is a report by the auditor, attesting to the fairness of presentation of the financial statements and related disclosures. It aims to add credibility to the reported financial position and performance of a business, and is required for all publicly traded entities. The audit process is based upon management assertions. The auditor may base his or her work on financial statement assertions that differ from those in this standard if the assertions are sufficient for the auditor to identify the types of potential misstatements and to respond appropriately to the risks of material misstatement in each significant account and disclosure that has a reasonable possibility of containing misstatements that would cause the financial statements to be materially misstated, individually or in combination with other misstatements. Those assertions can be classified into the following categories:
- 1.Existence or occurrence—Assets or liabilities of the company exist at a given date, and recorded transactions have occurred during a given period.
- 2.Completeness—All transactions and accounts that should be presented in the financial statements are so included.
- 3.Valuation or allocation—Asset, liability, equity, revenue, and expense components have been included in the financial statements at appropriate amounts.
- 4.Rights and obligations—The company holds or controls rights to the assets, and liabilities are obligations of the company at a given date.
- 5.Presentation and disclosure—The components of the financial statements are properly classified, described, and disclosed.
1.2.2 Assurance Services
Assurance services are independent professional services that improve the quality of information, or its context, for decision makers. Assurance services include many areas of information, including nonfinancial areas. They may include process documentation, control testing, development of entity-level and activity level controls and documentation review, or an agreed-upon procedure, or IT assurances.
The needs of for assurance and related services on various types of financial information often are addressed through assurance and related services (other than audits) and through combinations of services that satisfy a particular entity’s specific needs.6
1.3 Audit Objectives
The objectives of the audit have also evolved through time from the detection of fraud to its by prevention through adequate safeguards and principles.7 An audit function plays a critical role in maintaining the welfare and stability of the society.8 Today, it is well accepted that the role or function of an audit consists of providing credibility to the financial statements prepared and released by company managers for their shareholders, including the detection, the report, as well as the assessment of the business’ risks.
1.4 Overall Objectives9
The overall objectives of the auditor, in conducting an audit of financial statements, are:
- To obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, thereby enabling the auditor to express an opinion on whether the financial statements are presented fairly, in all material respects, in accordance with an applicable financial reporting framework; and
- To report on the financial statements, and communicate as required by GAAS, in accordance with the auditor’s findings.
In all cases when reasonable assurance cannot be obtained and a qualified opinion in the auditor’s report is insufficient in the circumstances for purposes of reporting to the intended users of the financial statements, GAAS require that the auditor disclaim an opinion or withdraw from the engagement, whenever withdrawal is possible under applicable law or regulation. The auditor’s opinion on the financial statements addresses whether the financial statements are presented fairly, in all materi...