ACCTG 5510 1st Edition Lecture 1 Outline of Current Lecture I Auditing II Attestation Services a Defined b Five categories c Purpose d Function e Main types of audit Current Lecture I Auditing the accumulation and evaluation of evidence about information to determine and report on the degree of correspondence between the information and established criteria Auditing should be done by a competent independent person a Information must be in verifiable form b Standards or criteria must exist by which the auditor can evaluate the information GAP IFRS internal controls integrated framework COSO and the internal revenue code are all examples of standards c Evidence is any information used by the firm to determine whether the information being audited is stated in accordance with the established criteria Examples of evidence include 1 Electronic documentary data about transactions 2 Written electronic communication with outsiders 3 Observations by the auditors 4 Oral testimony of the auditee client d Independent Mental Attitude independence is key in order to keep the confidence of the users who rely on the auditors report e Information risk is the possibility that the information upon which the business risk decision was made was inaccurate as a result of inaccurate financial statements There are three ways to reduce information risk 1 User Verifies Information Users go to the business and obtain information concerning the reliability of statements 2 User Verifies Information Users go to the business and obtain information concerning the reliability of statements These notes represent a detailed interpretation of the professor s lecture GradeBuddy is best used as a supplement to your own notes not as a substitute 3 User Verifies Information Users go to the business and obtain information concerning the reliability of statements II Attestation Services a A type of assurance service in which the CPA firm issues a report about a subject matter or assertion that is made by another party b There are five categories 1 Audit of historical financial statements required under the federal securities act for publically traded companies 2 Audit of internal control over financial reporting section 404 of SOX requires public companies to report management s assessment of the effectiveness of internal controls and to attest to the effectiveness of internal controls over financial reporting 3 Review of historical financial statements less evidence is needed in a review than in an audit 4 Attestation services on information technology companies that used Electronic Data Interchange EDI would use firms like WebTrust created by the AICPA and CICA provides a seal on a webpage SysTrust Also developed by the AICPA it test the reliability of information systems used to generate real time information 5 Other attestation services that may be applied to a broad range of subject matter c The primary purpose of an assurance service is to improve the quality of information d CPA firms perform three major functions that are outside the scope of assurance services 1 Accounting Book Keeping 2 Tax Services 3 Management Consulting Services the purpose being to generate a recommendation to management e There are three main types of audits 1 Operational audit Evaluates the efficiency and effectiveness of any part of an organization s procedures and methods such audits can cover any portion of a organizations operations and test several different assertions Establishing criteria for evaluating the information is very subjective and it is more difficult to objectively evaluate operations for efficiency and effectiveness than it is for compliance or financial statement audits it is more like management consulting than auditing management expects recommendations for improving operations 2 Compliance audit Conducted to determine whether the auditee is following specific procedures rules or regulations set by some higher authority Examples include determining whether accounting personnel are following the procedures prescribed by the company controller wage rate reviews to verify compliance with minimum wage laws review of contractual agreement to ensure the company is complying with legal requirements determining whether a mortgage bank is in compliance with newly enacted government regulation all results are reported to management 3 Financial Statement audits To determine if financial statements are stated in accordance with specified criteria GAAP IFRS An integrated approach to auditing considers both the risk of misstatement and operating controls intended to prevent misstatement The auditor should have a thorough understanding of the company s industry business environment external relationships with suppliers customer and creditors and a consideration of the client s business strategy and process along with critical success factors This facilitates assessing business risk