Primer on Auditing


  • Obtain reasonable assurance that the financial statements are free from material misstatements.
  • Financial statements are prepared in accordance with the applicable GAAP.

Responsibilities of Auditors

  • Responsible to the company, and to its shareholders as a class for the purpose of providing information relevant to making their decisions as owners of the company.
  • Not responsible to individuals (regardless of whether they are existing shareholders) buying / selling shares of the company in order to make profits.
  • Not responsible to provide assurance on the internal controls of the company, any weaknesses identified are just by-products of the audit.
  • Not responsible for detecting fraud, however responsible to provide reasonable assurance that the financial statements are free from material misstatements whether caused by fraud or error.
  • Not responsible for providing assurance that the company is in compliance with laws and regulations, however responsible to obtain evidence of compliance with laws and regulations to the extent that they have a direct impact on material misstatements of the financial statements.

What is Considered “Material”

  • Both the size and the nature of misstatements needs to be considered to determine whether it is material.
  • On the size, the materiality threshold is determined by the auditors during the audit planning stage.
  • Generally materiality threshold is set at
    • 5% to 10% of pre-tax profit (below 5% is not material, more than 10% is material, anything in-between would depend on the circumstances).
    • 0.5% to 1% of turnover.
    • 1% to 2% of total assets.
    • Average of (10% of pre-tax profit, 1% of turnover, 2% of total assets)
  • A “Performance Materiality” level, at less than the materiality for the financial statements as a whole, is also set for particular classes of transactions, account balances, or disclosures. This is to
    • Reduce the risk that aggregate misstatements exceed materiality for the financial statements as a whole; or
    • Allow for a lower materiality level to be set for specific items that have higher risk / in greater focus (e.g. many investors are looking at a particular balance to decide whether to purchase the company).
  • Some misstatements can be material even though it is below the materiality threshold (e.g. may cause the company to swing from a profit to a loss).


  1. Client acceptance / retention
    • Check with the previous auditor on whether there are any reasons why the engagement should not be taken.
    • Confirm acceptance through AGM vote and minutes.
    • Engagement letter with client confirming audit objectives, responsibilities of company, responsibilities of auditors, relevant standards and legislation, deliverables, schedule, fee basis, use of experts, etc.
  2. Audit planning
    • Identify areas of risk of material misstatements
    • Design audit procedures so as to have a reasonable expectation of detecting material fraud or error.
  3. Control testing
    • Testing the company’s internal controls on their effectiveness and adequacy so as to determine if reliance can be placed on the related accounts, i.e. think about how someone can commit fraud within the set of controls in place.
  4. Substantive testing
    • Directly verifying the figures in the financial statements. They are designed to detect material misstatements at the assertion level (read below section on Audit Assertions) in the financial statements. Two ways:
      • Tests of detail (on balances, transactions, and disclosure)
        • Re-performance
        • Vouching
        • Tracing
        • Reconciliation
        • Inspection
        • Inquiry
        • Physical examination
        • Circularisation
      • Analytical procedures
        • Common size / ratio analysis
        • Trend analysis
        • Regression analysis
    • “Audit procedures” generally refers to both tests of control and substantive tests.
  5. Audit opinion and report
    • Obtain management representation letter to confirm any estimates / judgment provided by management, and that all necessary information has been provided to auditors.
    • Provide management letter on weaknesses in internal controls identified, potential consequences, and recommendations.

Audit Assertions

Audit assertions are what auditors need to assert on the 3 classes of items: balances, transactions, disclosures. Audit procedures should be designed, and audit evidence collected, to make the assertions below.

For Balances

  • Completeness
  • Ownership (Rights & Obligations)
  • Valuation and accuracy
  • Existence
  • Disclosure

For Transactions

  • Rights & Obligations
  • Completeness
  • Classification
  • Occurrence
  • Measurement (including accuracy and appropriate cut-off)

For Disclosures

  • Occurrence
  • Completeness
  • Classification
  • Valuation and accuracy

In general

  • C – Completeness – Everything that should be in is in
  • O – Occurrence – Transactions indeed occurred
  • M – Measurement – Cut-off for transactions adhered, appropriate measurement
  • P – Presentation and disclosure – Appropriate disclosure
  • A – Accuracy and Valuation – Amount is accurately recorded or not materially misstated
  • R – Rights and obligation – Have rights to assets and obligations to liabilities
  • E – Existence – Item exists, e.g. cash, inventory
  • C – Classification – Transactions / items classified in the correct account
  • O – Ownership – Ownership over

Risk Assessment (Planning Stage)

Audit Risk = Inherent Risk x Control Risk x Detection Risk

  • Inherent Risk = Risk of a material misstatement of an assertion on class of account balances, transaction, or disclosure.
  • Control Risk = Risk of a misstatement that was not caught or prevented by the company’s internal controls.
  • Detection Risk = Risk that the audit procedures performed failed to detect a material misstatement.

Auditors should assess risk by

  • Evaluating the design and implementation of internal controls
  • Understanding the company’s industry and enquire management on business risks
  • Performing analytical procedures (compare results with budget, with industry performance, with past years, etc.)
  • Identifying typical risk areas (e.g. related party transactions, complex transactions, new accounting standards, areas relying on management’s judgment, etc.)
  • Understanding how the company is controlling risks identified

Audit procedures should then be designed to reduce audit risk to an acceptably low level.

Internal Controls (Test of Controls Stage)

General Objectives

  1. Complete – Information / transactions should go through the accounting cycle completely,
  2. Accurate – and accurately,
  3. Valid – with appropriate authorizations given, and
  4. Restricted – access to each piece of information / transaction should be appropriately restricted.

Types of Internal Controls


  • S – Segregation of duties
  • P – Physical controls
  • A – Authorization and approval
  • M – Management controls
  • S – Supervisory controls
  • O – Organization as a control
  • A – Arithmetic and accounting controls
  • P – Personnel control


  • P – Physical controls
  • A – Accounts reconciliation
  • C – Comparisons (e.g. physical items count with records)
  • A – Accuracy / arithmetic checks
  • M – Maintain and review records (e.g. control accounts and trial balances)
  • A – Authorization and approval
  • C – Computer controls

Audit Evidence (Test of Controls and Substantive Testing Stage)

  • Sufficient and appropriate (i.e. relevant and reliable) evidence needs to be gathered to reduce the assessed risk of misstatement to an acceptable level.
  • Procedures include
    • Tests of detail (e.g. external confirmations, sampling, observation, inspection, etc.)
    • Analytical procedures
    • Written representations by management
    • Use of experts where technical knowledge is required
    • Use of internal audit’s work subject to assessment on their competence, objectivity, proper supervision, evidence obtained, etc.
    • Identifying related parties and obtaining evidence that transactions are at ‘arms-length’
    • Reviewing appropriateness of management’s estimates

Review (Completion Stage)

On Financial Statements

  • Analytical procedures
    • Relationships between figures within the financial statements, comparison to previous years, budget, and other management information.
  • Checklists
    • Compliance with statutory requirements
    • Appropriate disclosures
    • Subsequent events review
    • etc.

On Audit Documentation

  • Hot Review
    • Conducted before the audit report is signed, by a partner independent of the audit team.
    • Done for risky, or listed clients.
    • Deals with the substance of the audit, whether the audit opinion is appropriate based on the audit evidence and risk areas identified
  • Cold Review
    • Conducted after the audit report is signed, by a senior person independent of the audit team.
    • Deals with checking if the audit firm’s procedures were applied properly.

Audit Opinion and Report (Final Stage)

Types of Opinion

  • Unmodified opinion – all clear!
    • May come with an “Emphasis of Matter” paragraph to highlight certain key matter.
  • Modified opinion
    • Qualified opinion – material misstatement exists but not pervasive OR unable to obtain sufficient appropriate evidence and impact is material but not pervasive. A qualified opinion can be used even if a company did not comply with the relevant financial reporting standards, so long as the misstatement is material but not pervasive.
    • Adverse opinion – material and pervasive
    • Disclaimers of opinion – unable to obtain sufficient appropriate audit evidence, impact is material and pervasive.
  • Opinions may come with an “emphasis of matter” or “other matter” paragraphs
    • Emphasis of matter – refers to a matter that has been disclosed in the financial statements but is of fundamental importance (e.g. uncertainties that can damage the company’s ability to continue as a going concern).
    • Other matter – refers to a matter that has not been disclosed in the financial statements but is relevant to understanding the audit (e.g. restricted scope of audit, misstatement of fact in other parts of the annual report but not on the financial statements, etc.)

Types of Report

  • Unmodified report
    • With an unmodified opinion
  • Modified report
    • With an unmodified opinion + emphasis of matter / other matter paragraph(s), or with qualified / adverse / disclaimers of opinion

Types of Services Provided by Auditors

  1. Assurance services
    • Statutory audits
    • Review engagements (only limited assurance, i.e. negative assurance can be provided. Negative assurance = “.. nothing has come to the auditor’s attention that causes the auditor to believe that the financial statements are not prepared, in all material respects, in accordance with ….”)
    • Risk assessment (e.g. assessing effectiveness of internal controls)
    • Business performance measurement
    • Systems reliability
    • Social and environmental audit
  2. Other audit-related services (no assurance given)
    • Agreed-upon procedures (forensic audit, verifying insurance claims, due diligence)
    • Compilation (preparing financial statements or tax accounts)


Code of Ethics

  1. Integrity
  2. Objectivity
  3. Professional competence and due care
  4. Confidentiality
  5. Professional behaviour

Threats to Ethics

  1. Self-review, e.g. reviewing your own work
  2. Self-interest, e.g. owning shares in the client’s company
  3. Advocacy, e.g. acting on the client’s behalf in other matters
  4. Familiarity, e.g. audit partner is too close to management leading to erosion of professional scepticism
  5. Intimidation, e.g. threatened by lawsuits or withdrawing of business

Other Odd Bits

  • Difference between comparative and corresponding ‘figures’. Well there is Comparative Information, and within that, you have Corresponding Figures and Comparative Financial Statements.
    • Both corresponding figures and comparative financial statements show prior period’s results in comparison with the current year’s results.
    • However, corresponding figures do not make a complete set of financial statements. They are disclosed, as relevant, to compare with the current period’s figures.
    • Comparative financial statements on the other hand shows prior period’s figures in a level of detail that is comparable with the financial statements of the current period.
    • When comparative financial statements are presented, the auditor’s opinion shall refer to each period for which financial statements are presented. The auditor’s opinion does not relate to corresponding figures presented.

Other References



No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Copyright © 2005 – 2018 All Rights Reserved.

Enter your email address to follow this blog and receive notifications of new posts by email.


Blog Stats

  • 604,169 hits
%d bloggers like this: