Chapter 1

The Assurance

Services Market

Learning Objectives

1-2

Describe auditing.

Distinguish between auditing and

accounting.

Explain the importance of auditing in

reducing information risk.

List the causes of information risk, and

explain how this risk can be reduced.

Learning Objectives

1-3

Describe assurance services and

distinguish audit services from other

assurance and nonassurance services

provided by CPAs.

Differentiate the three main types of

audits.

Identify the primary types of auditors.

Describe the requirements for becoming a

CPA.

1-4

Describe auditing.

1

Nature of Auditing

1-5

• Auditing is the accumulation and evaluation

• of evidence about information to determine

• and report on the degree of correspondence

• between the information and established criteria.

Auditing should be done by a competent,

independent person.

Information and Established Criteria

1-6

To do an audit, there must be information in a

verifiable form and some standards (criteria)

by which the auditor can evaluate the information.

FASB IASB Criteria

Accumulating Evidence and Evaluating Evidence

1-7

Evidence is any information used by the auditor

to determine whether the information being

audited is stated in accordance with the

established criteria.

Transaction

data

Client

Testimony

Written and

electronic

Communications

with outsiders

Observations

Competent, Independent Person

1-8

Competence Judgment and

Experience

Independence

Evaluation

of Evidence

Proper

Conclusion

Audit Report

1-9

To the Board of Directors and Stockholders of ABC Corporation and Subsidiaries Anywhere, USA We have audited the accompanying consolidated balance sheets of ABC Corporation and Subsidiaries (the “Company”) as of December 31, 2010 and December 31, 2009, and the related consolidated statements of income, stockholders’ equity, and cash flows for each of the three years in the period ended December 31, 2010. Our audits also included the financial statement schedule listed in the Index at Item 15. These financial statements and financial statement schedule are the responsibility of the Company’s management. Our responsibility is to express an opinion on the financial statements and financial statement schedule based on our audits. We conducted our audits in accordance with the standards of the Public Company Accounting Oversight Board (United States). Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant estimates made by management, as well as evaluating the overall financial statement presentation. We believe that our audits provide a reasonable basis for our opinion. In our opinion, such consolidated financial statements present fairly, in all material respects, the financial position of ABC Corporation and Subsidiaries as of December 31, 2010 and December 31, 2009, and the results of their operations and their cash flows for each of the three years in the period ended December 31, 2010, in conformity with accounting principles generally accepted in the United States of America. Also, in our opinion, such financial statement schedule, when considered in relation to the basic consolidated financial statements taken as a whole, presents fairly, in all material respects, the information set forth therein. We have also audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States), the Company’s internal control over financial reporting as of December 31, 2010, based on the criteria established in Internal Control—Integrated Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission and our report dated February 28, 2011, expressed an unqualified opinion on the Company’s internal control over financial reporting. INTERNATIONAL CPA FIRM LLP Anywhere, USA February 28, 2011

• The final step communicates the findings to users.

Audit of a Tax Return Example

1-10

1-11

Distinguish between auditing

and accounting.

2

Distinguish Between Auditing and Accounting

1-12

Accounting is the recording, classifying,

and summarizing of economic events

for the purpose of providing financial

information used in decision making.

Auditing is determining whether

recorded information properly

reflects the economic events that

occurred during the accounting period.

DISTINCTION BETWEEN AUDITING AND ACCOUNTING

ACCOUNTING

• Is the recording, classifying, and summarizing of economic events in a logical manner for the purpose of providing financial information for decision making.

AUDITING

• auditors focus on determining whether recorded information properly reflects the economic events that

occurred during the accounting period.

ACCOUNTING • accountants must

have a thorough understanding of the principles and rules that provide the basis for preparing the accounting information.

AUDITING • Because U.S. or

international accounting standards provide the criteria for evaluating whether the accounting information is properly recorded, auditors must thoroughly understand those accounting standards.

ACCOUNTING • Auditors must

understand accounting standards to determine the correspondence between recorded information and established criteria (standards).

AUDITING

ACCOUNTING • Auditor is an expert in

the accumulation and interpretation of audit evidence. It is this expertise that distinguishes auditors from accountants. Determining the proper audit procedures, deciding the number and types of items to test, and evaluating the results are unique to the auditor.

AUDITING

NOTICE: Auditor is an accountant. While, accountant is not an auditor.

1-18

Explain the importance of auditing in reducing

information risk.

3

Relationships Among Auditors, Client, and External Users

1-19

Auditor

Client External

Users

Client or audit

committee hires

auditor

Auditor issues

report relied

upon by users to reduce

information risk

Provides capital

Client provides financial

statements to users

The economic demand for auditing

Demand Driver

for auditing Information risk

Information risk

Reflects the possibility that the

information upon which the business risk decision was made

was inaccurate.

A likely cause of the information risk is the possibility of inaccurate

financial statements.

List of the causes of information risk

1. Remoteness of Information

2. Biases and Motives of the Provider

3. Voluminous Data

4. Complex Exchange Transactions

How this risk can be reduced? 1. User Verifies Information

2. User Shares Information Risk with Management

3. Audited financial statements are provided

Relationships Among Auditors, Client, and External Users

Auditor

Client External

Users

Client or

audit

committee

hires

auditor

Auditor

issues

report relied

upon by

users to

reduce

information

risk

Provides

capital

Client provides financial

statements to users

1-25

Describe assurance services and distinguish audit services from other

assurance and non-assurance services provided by CPAs.

5

Assurance Services

1-26

An independent professional service

Can be performed by CPAs or by a variety

of other professionals

Describe assurance services and distinguish audit services from

other assurance and non-assurance services provided by CPAs.

Assurance Services:

Is an independent professional

service that improves the quality of

information for decision makers.

They can be done by CPAs or by a

variety of other professionals.

CPAs have provided many assurance services for years, particularly assurances about historical financial statement information.

Recently, CPAs have expanded the types of assurance services they perform to include forward-looking and other types of information, such as company financial forecasts and Web site controls.

For example, businesses and consumers using the Internet to conduct business need independent assurances about the reliability and security of electronic information.

The demand for assurance services continues to grow as the demand increases for real-time electronic information.

In general, assurance services are valued because the assurance provider is independent and perceived as being unbiased with respect to the information examined.

Individuals who are responsible for making business decisions seek assurance services to help improve the reliability and relevance of the information used as the basis for their decisions.

Attestation Services

1-31

A type of assurance service

CPA reports on the reliability of an assertion

That is the made by another party.

Attestation services: One category of assurance services

provided by CPAs is attestation services.

An attestation service is a type of assurance service in which the CPA firm issues a report about the reliability of a subject matter or an assertion that is made by another party.

Attestation Services

1-33

1. Audit

2. Internal

Control over

Financial

Reporting

Historical

Financial

Statements

5. Other

3. Review

4. Information

Technology

Five

Categories

Attestation Services

1-34

• In the audit of historical financial statements, management asserts that the statements are fairly

stated in accordance with applicable US or international

accounting standards.

• For an audit of internal controls over financial

reporting, management asserts that internal controls have been developed and implemented following well-

established criteria.

Attestation Services

1-35

• For a review of historical financial statements, management asserts that the statements are fairly

stated in accordance with accounting standards which are the

same as for audits (narrower in scope, can be performed

quarterly).

• For attestations on information technology, management

makes various assertions about the reliability and security

of electronic information.

Audit F.S • The CPA provides a

higher level of assurance.

• More evidence is needed.

• It can be provided by the CPA firm at a much higher fee than an audit .

Review F.S • The CPA provides a

lower level of assurance

• less evidence is needed.

• It can be provided by the CPA firm at a much lower fee than an audit .

• nonpublic companies use this attestation option to provide limited assurance on their financial statements without incurring the cost of an audit.

Attestation Services on Information Technology

1-37

WebTrust and SysTrust also meet the

criteria of attestation service

Attestation Services on Information Technology

1-38

WebTrust is an attestation service, and the WebTrust seal is a symbolic representation of the CPA’s report on management’s assertions about its disclosure of electronic commerce practices.

Attestation Services on Information Technology

1-39

SysTrust is an attest-type engagement to evaluate and test system reliability in areas such as security and data integrity.

Other Attestation Services. CPAs provide numerous other attestation services. Many of these services are natural extensions of the audit of historical financial statements, as users seek independent assurances about other types of information.

CPAs can also provide assurance about the reliability of subject matter when there is no written assertion from another party.

However, in those situations, the auditor′s written assurance is restricted to management or other specified parties.

For example, CPAs can attest to the information in a client′s forecasted fin. statements.

Other Assurance Services

• Most of the other assurance services that CPAs provide do not meet the formal definition of attestation services.

• The CPA is not required to issue a written report. • The assurance does not have to be about the reliability of another party’s assertion about compliance with specified criteria.

NOTICE: Audits and some types of attestation services are limited by regulation to licensed CPAs, but the market for other forms of attestation and assurance is open to non-CPA competitors.

Other Assurance Services

1-44

Most of the other assurance services that CPAs

provide do not meet the formal definition

of attestation services.

The CPA is not required to issue a written report.

The assurance does not have to be about the

reliability of another party’s assertion about

compliance with specified criteria.

Green Initiatives Bring Assurance Opportunities, Competition

1-45

Global interest has triggered a surge in reports.

95% of the Global Fortune 250 released

environmental, social, and governance data.

Presented in standalone reports or integrated

into annual financial reports.

Other Assurance Services Examples

1-46

Assess risks of accumulation, distribution,

and storage of digital information…

including

assessing security risks and related

controls over data and other information

stored electronically, including the

adequacy of backup and off-site storage.

Other Assurance Services Examples

1-47

Controls over and risks related to investments

Compliance with entertainment royalty agreements

ISO 9000 certifications

Corporate responsibility and sustainability

Nonassurance Services Provided by CPAs

Three specific examples are:

1. Accounting and bookkeeping services

2. Tax services

3. Management consulting services

• there is some common area of overlap between consulting and assurance services. While the primary purpose of an assurance service is to improve the quality of information, the primary purpose of a management consulting engagement is to generate a recommendation to management.

49

Assurance, Attestation, and Nonassurance Services

1-50

1-51

Differentiate the three main types of audits.

6

Types of Audits

1-52

Operational

Compliance

Financial Statement

Operational Audit

53 1-53

Example Evaluate computerized payroll system

for efficiency and effectiveness

Information Number of records processed, costs of

the department, and number of errors

Established

Criteria

Company standards for efficiency and

effectiveness in payroll department

Available

Evidence

Error reports, payroll records, and

payroll processing costs

An operational audit evaluates the efficiency and effectiveness of any part of an organization’s operating procedures and methods. At the completion of an operational audit, management normally expects recommendations for improving operations.

In operational auditing, the reviews are not limited to accounting. They can

include the evaluation of organizational structure, computer operations,

production methods, marketing, and any other area in which the auditor is

qualified.

Compliance Audit

56 56

Example Determine whether bank requirements

for loan continuation have been met

Information Company records

Established

Criteria

Available

Evidence

Loan agreement provisions

Financial statements and

calculations by the auditor

A compliance audit is conducted to determine whether the auditee is following specific procedures, rules, or regulations set by some higher

authority. Following are examples of compliance audits for a private business:

•Determine whether accounting personnel are following the procedures prescribed by the company controller.

•Review wage rates for compliance with minimum wage laws.

•Examine contractual agreements with bankers and other lenders to be sure the company is complying with legal requirements.

Governmental units, such as school districts, are subject to considerable compliance auditing because of extensive government regulation. Results of compliance audits are typically reported to management, rather than outside users, because management is the primary group concerned with the extent of compliance with prescribed procedures and regulations.

Therefore, a significant portion of work of this type is often done by auditors employed by the organizational units (Internal Auditors).

Audit of Financial Statements

1-61

Example

Information

Established

Criteria

Available

Evidence

Annual audit of Boeing’s financial

statements

Boeing's financial statements

Generally accepted accounting

principles

Documents, records, and outside

sources of evidence

A financial statement audit is conducted

to determine whether the financial

statements (the information being

verified) are stated in accordance with

specified criteria.

As businesses increase in complexity, it is no longer sufficient for auditors to focus only on accounting transactions. An integrated approach to auditing considers both the risk of misstatements and operating controls intended to prevent misstatements. The auditor must also have a thorough understanding of the entity and its environment.

XBRL Electronic Data to Improve Financial Reporting

1-63

Extensible Business Reporting Language

Enables sorting and comparing of financial data

Public companies required to provide interactive

financial statement data

64

1-65

Identify the primary types of auditors.

7

Types of Auditors

1-66

Certified public accounting firms

Governmental accountability office auditors

Internal Revenue agents

Internal auditors

TYPES OF AUDITORS 1. Certified public accounting firms

(External or independent auditors)

They are responsible for auditing the published historical financial statements of all publicly traded companies, most other reasonably large companies, and many smaller companies and noncommercial organizations.

2. Government Accountability Office Auditors

An auditor working for the U.S. Government Accountability Office (GAO), a nonpartisan agency in the legislative branch of the federal government. Headed by the Comptroller General, the GAO reports to and is responsible solely to Congress.

3. Internal Revenue Agents

A major responsibility of the IRS is to audit taxpayers’ returns to determine whether they have complied with the tax laws. These audits are solely compliance audits. The auditors who perform these examinations are called internal revenue agents.

• They are employed by all types of organizations to audit for management, much as the GAO does for Congress.

• To maintain independence from other business functions, the internal audit group typically reports directly to the president, another high executive officer, or the audit committee of the board of directors.

• However, internal auditors cannot be entirely independent of the entity as long as an employer–employee relationship exists.

4. Internal Auditors

• Users from outside the entity are unlikely to want to rely on information verified solely by internal auditors because of their lack of independence. This lack of independence is the major difference between internal auditors and CPA firms (External Auditors).

• Internal audit experience can be used to fulfill the experience requirement for becoming a CPA. Many internal auditors pursue certification as a certified internal auditor (CIA), and some internal auditors pursue both the CPA and CIA designations.

1-72

Describe the requirements

for becoming a CPA.

8

Three Requirements for Becoming a CPA

1-73

Educational requirement

Uniform CPA examination requirement

Experience requirement

CPA Examination Sections

1-74

Auditing

and

Attestation

Business

Environment

and

Concepts

Financial

Accounting

And

Reporting

Regulation

Three Requirements for Becoming a CPA

1-75

76