Materi Bukti Audit Dan Mendokumentasikan, Resiko Audit, Dan Sampling Audit

General

The objective of the auditor is to design and perform audit procedures that enable the
auditor to obtain suffcient appropriate audit evidence to be able to draw reasonable conclusions
on which to base the auditor’s opinion. Audit evidence refers to Information used by the auditor
in arriving at the conclusions on which the auditor’s opinion is based. Audit evidence includes
both information contained in the accounting records underlying the fnancial statements and
other information. The quantity of the audit evidence needed is affected by the auditor’s
assessment of the risks of material misstatement and also by the quality of such audit evidence.
An auditor must exercise, not his “inclination,” but his “professional judgment” and that
judgment must be guided by sound auditing principles, among which are a thorough search for
evidential matter. Audit documentation is the written record of the basis for the auditor’s
conclusions that provides the support for the auditor’s representations, whether those
representations are contained in the auditor’s report or otherwise. Audit documentation also
facilitates the planning, performance, and supervision of the engagement, and is the basis for the
review of the quality of the work because it provides the reviewer with written documentation of
the evidence supporting the auditor’s significant conclusions. Among other things, audit
documentation includes records of the planning and performance of the work, the procedures

 Sources of Audit Evidence

Some audit evidence is obtained by performing audit procedures to test the accounting
records (e.g., through analysis and review, by re-performing procedures followed in the fnancial
reporting process, and by reconciling related types and applications of the same information).
Through the performance of such audit procedures, the auditor may determine that the
accounting records are internally consistent and agree to the fnancial statements. However,
accounting records alone do not provide suffcient appropriate audit evidence on which to base an
audit opinion on the fnancial statements. More assurance is ordinarily obtained from consistent
audit evidence obtained from different sources or of a different nature than from items of audit
evidence considered individually. For example, corroborating information obtained from a
source independent of the entity may increase the assurance that the auditor obtains from audit
evidence that is generated internally, such as evidence existing within the accounting records,
minutes of meetings, or a management representation.

Information from sources independent of the entity that the auditor may use as audit
evidence include confrmations from third parties, analysts’ reports, and comparable data about
competitors.

 Relevance and Reliability

 Although audit evidence is primarily obtained from audit procedures performed during
the course of the audit, it also may include information obtained from other sources (e.g.,
previous audits, in certain circumstances, and a frm’s quality control procedures for client
acceptance and continuance). The quality of all audit evidence is affected by the relevance and
reliability of the information upon which it is based.

 Relevance

Relevance relates to the logical connection with, or bearing upon, the purpose of the audit
procedure and, when appropriate, the assertion under consideration. The relevance of
information to be used as audit evidence may be affected by the direction of testing. For
example, if the purpose of an audit procedure is to test for overstatement in the existence or
valuation of accounts payable, testing the recorded accounts payable may be a relevant audit
procedure. On the other hand, when testing for understatement in the existence or valuation of
accounts payable, testing the recorded accounts payable would not be relevant, but testing such
information as subsequent disbursements, unpaid invoices, suppliers’ statements, and unmatched
receiving reports may be relevant. A given set of audit procedures may provide audit evidence
that is relevant to certain assertions but not others. For example, inspection of documents related
to the collection of receivables after the period-end may provide audit evidence regarding
existence and valuation but not necessarily cutoff. Similarly, obtaining audit evidence regarding
a particular assertion (e.g., the existence of inventory) is not a substitute for obtaining audit
evidence regarding another assertion (e.g., the valuation of that inventory). On the other hand,
audit evidence from different sources or of a different nature may often be relevant to the same
assertion.

 Reliability

The reliability of information to be used as audit evidence and, therefore, of the audit
evidence itself is infuenced by its source and nature and the circumstances under which it is
obtained, including the controls over its preparation and maintenance, when relevant. Therefore,
generalizations about the reliability of various kinds of audit evidence are subject to important
exceptions. Even when information to be used as audit evidence is obtained from sources
external to the entity, circumstances may exist that could affect its reliability. Information
obtained from an independent external source may not be reliable, for example, if the source is
not knowledgeable or a management specialist lacks objectivity. While recognizing that
exceptions may exist, the following generalizations about the reliability of audit evidence may be
useful: -The reliability of audit evidence is increased when it is obtained from independent
sources outside the entity.

– The reliability of audit evidence that is generated internally is increased when the
related controls, including those over its preparation and maintenance, imposed by the entity are
effective
 – Audit evidence obtained directly by the auditor (e.g., observation of the application of a
control) is more reliable than audit evidence obtained indirectly or by inference (e.g., inquiry
about the application of a control).

– Audit evidence in documentary form, whether paper, electronic, or other medium, is

more reliable than evidence obtained orally (e.g., a contemporaneously written record of a
meeting is more reliable than a subsequent oral representation of the matters discussed).

– Audit evidence provided by original documents is more reliable than audit evidence
provided by photocopies, facsimiles, or documents that have been flmed, digitized, or otherwise
transformed into electronic form, the reliability of which may depend on the controls over their
preparation and maintenance

 Management Assertions Over Financial Statement

In representing that the fnancial statements are presented fairly in conformity with the
applicable fnancial reporting framework, management implicitly or explicitly makes assertions
regarding the recognition, measurement, presentation, and disclosure of the various elements of
fnancial statements and related disclosures. Those assertions can be classifed into the following
categories: • Existence or occurrence—Assets or liabilities of the company exist at a given date,
and recorded transactions have occurred during a given period.

• Completeness—All transactions and accounts that should be presented in the fnancial

statements are so included.

• Valuation or allocation—Asset, liability, equity, revenue, and expense components have

been included in the fnancial statements at appropriate amounts.

• Rights and obligations—The Company holds or controls rights to the assets, and
liabilities are obligations of the company at a given date.

• Presentation and disclosure—The components of the fnancial statements are properly

classifed, described, and disclosed. The auditor may base his or her work on fnancial statement
assertions that differ from those in this standard if the assertions are suffcient

for the auditor to identify the types of potential misstatements and to respond
appropriately to the risks of material misstatement in each signifcant account and disclosure that
has a reasonable possibility of containing misstatements that would cause the fnancial statements
to be materially misstated, individually or in combination with other misstatements

 Audit Procedures for Obtaining Audit Evidence

Audit evidence to draw reasonable conclusions on which to base the auditor’s opinion is
obtained by performing the following:
 a. Risk assessment procedures which include:

(1) Inspection: Inspection involves examining records or documents, whether internal or

external, in paper form, electronic form, or other media or a physical examination of an asset.
Inspection of records and documents provides audit evidence of varying degrees of reliability,
depending on their nature and source and, in the case of internal records and documents, the
effectiveness of the controls over their production. An example of inspection used as a test of
controls is inspection of records for evidence of authorization. Some documents represent direct
audit evidence of the existence of an asset (e.g., a document constituting a fnancial instrument
such as a stock or bond). Inspection of such documents may not necessarily provide audit
evidence about ownership or value. In addition, inspecting an executed contract may provide
audit evidence relevant to the entity’s application of accounting policies, such as revenue
recognition. Inspection of tangible assets may provide reliable audit evidence with respect to
their existence but not necessarily about the entity’s rights and obligations or the valuation of the
assets. Inspection of individual inventory items may accompany the observation of inventory
counting. For example, when observing an inventory count, the auditor may inspect individual
inventory items (such as opening containers included in the inventory count to determine
whether they are full or empty) to verify their existence

(2) Observation: Observation consists of looking at a process or procedure being

performed by others (e.g., the auditor’s observation of inventory counting by the entity’s
personnel or the performance of control activities). Observation provides audit evidence about
the performance of a process or procedure but is limited to the point in time at which the
observation takes place and by the fact that the act of being observed may affect how the process
or procedure is performed.

(3) External Confrmation: An external confrmation represents audit evidence obtained by

the auditor as a direct written response to the auditor from a third party (the confrming party) in
paper form or by electronic or other medium. External confrmation procedures frequently are
relevant when addressing assertions associated with certain account balances and their elements.
However, external confrmations need not be restricted to account balances only. For example,
the auditor may request confrmation of the terms of agreements or transactions an entity has with
third parties; the confrmation request may be designed to ask if any modifcations have been
made to the agreement and, if so, their relevant details. External confrmation procedures also are
used to obtain audit evidence about the absence of certain conditions (e.g., the absence of a side
agreement that may infuence revenue recognition).

(4) Recalculation: Recalculation consists of checking the mathematical accuracy of

documents or records. Recalculation may be performed manually or electronically.

(5) Re-performance: Re-performance involves the independent execution of procedures

or controls that were originally performed as part of the entity’s internal control.
 (6) Analytical Procedures: Analytical procedures consist of evaluations of fnancial
information through analysis of plausible relationships among both fnancial and nonfnancial
data. Analytical procedures also encompass such investigation as is necessary of identifed
fuctuations and relationships that are inconsistent with other relevant information or that differ
from expected values by a signifcant amount. Scanning is a type of analytical procedure
involving the auditor’s exercise of professional judgment to review accounting data to identify
signifcant or unusual items to test. This may include the identifcation of unusual individual items
within account balances or other data through the reading or analysis of, for example, entries in
transaction listings, subsidiary ledgers, general ledger control accounts, adjusting entries,
suspense accounts, reconciliations, and other detailed reports. Scanning may include searching
for large or unusual items in the accounting records (e.g., nonstandard journal entries), as well as
in transaction data (e.g., suspense accounts and adjusting journal entries) for indications of
misstatements that have occurred. Electronic audit procedures may assist the auditor in
identifying unusual items. When the auditor selects items for testing by scanning and those items
are tested, the auditor obtains audit evidence about those items. The auditor’s scanning also may
provide some audit evidence about the items not selected for testing because the auditor has
exercised professional judgment to determine that the items not selected are less likely to be
misstated.

(7) Inquiry: Inquiry consists of seeking information of knowledgeable persons, both

fnancial and nonfnancial, within the entity or outside the entity. Inquiry is used extensively
throughout the audit, in addition to other audit procedures. Inquiries may range from formal
written inquiries to informal oral inquiries. Evaluating responses to inquiries is an integral part of
the inquiry process. Responses to inquiries may provide the auditor with information not
previously possessed or with corroborative audit evidence. Alternatively, responses might
provide information that differs signifcantly from other information that the auditor has obtained
(e.g., information regarding the possibility of management override of controls). In some cases,
responses to inquiries provide a basis for the auditor to modify or perform additional audit
procedures. Although corroboration of evidence obtained through inquiry is often of particular
importance, in the case of inquiries about management intent, the information available to
support management’s intent may be limited. In these cases, understanding management’s past
history of carrying out its stated intentions, management’s stated reasons for choosing a
particular course of action, and management’s ability to pursue a specifc course of action may
provide relevant information to corroborate the evidence obtained through inquiry.

b. Further audit procedures, which comprise

(i) Tests of controls

Tests of controls are designed to evaluate the operating effectiveness of controls in

preventing, or detecting and correcting, material misstatements at the assertion level. Designing
tests of controls to obtain relevant audit evidence includes identifying conditions (characteristics
or attributes) that indicate performance of a control and identifying deviation conditions that
indicate departures from adequate performance. The presence or absence of those conditions can
then be tested by the auditor.

(ii) Substantive procedures

Substantive procedures are designed to detect material misstatements at the assertion

level. They comprise tests of details and substantive analytical procedures. Designing substantive
procedures includes identifying conditions relevant to the purpose of the test that constitute a
misstatement in the relevant assertion.

(iii) Selecting items

for testing to obtain audit evidence Designing substantive tests of details and tests of
controls includes determining the means of selecting items for testing from among the items
included in an account or the occurrences of a control. The auditor should determine the means
of selecting items for testing to obtain evidence that, in combination with other relevant
evidence, is suffcient to meet the objective of the audit procedure. The alternative means of
selecting items for testing are:

• Selecting all items

Selecting all items (100% examination) refers to testing the entire population of items in
an account or the entire population of occurrences of a control (or an entire stratum within one of
those populations). The following are examples of situations in which 100% examination might
be applied:

– The population constitutes a small number of large value items; The audit procedure is
designed to respond to a signifcant risk, and other means of selecting items for testing do not
provide suffcient appropriate audit evidence; and

– The audit procedure can be automated effectively and applied to the entire population.

– Selecting specifc items Selecting specifc items refers to testing all of the items in a
population that have a specifed characteristic, such as:

– Key items. The auditor may decide to select specifc items within a population because
they are important to accomplishing the objective of the audit procedure or exhibit some other
characteristic, e.g., items that are suspicious, unusual, or particularly risk-prone or items that
have a history of error.

– All items over a certain amount. The auditor may decide to examine items whose
recorded values exceed a certain amount to verify a large proportion of the total amount of the
items included in an account. The auditor also might select specifc items to obtain an
understanding about matters such as the nature of the company or the nature of transactions.
However, the application of audit procedures to items that are selected as described in
paragraphs 25–26 of this standard does not constitute audit sampling,

• Audit sampling

Audit sampling is the application of an audit procedure to less than 100% of the items
within an account balance or class of transactions for the purpose of evaluating some
characteristic of the balance or class

 Reliability of Information Produced by a Management’s Specialist

When information to be used as audit evidence has been prepared using the work of a
management’s specialist, such an individual or organization may possess expertise in the
application of models to estimate the fair value of securities for which no observable market
exists. If the individual or organization applies that expertise in making an estimate which the
entity uses in preparing its fnancial statements, the individual or organization is a management’s
specialist and paragraph .08 applies. If, on the other hand, that individual or organization merely
provides price data regarding private transactions not otherwise available to the entity which the
entity uses in its own estimation methods, such information, if used as audit evidence, is subject
to paragraph .07, but it is not the use of a management’s specialist by the entity. Competence
relates to the nature and level of expertise of the management’s specialist. Capability relates to
the ability of the management’s specialist to exercise that competence in the circumstances.
Factors that infuence capability may include, for example, geographic location and the
availability of time and resources. Objectivity relates to the possible effects that bias, confict of
interest, or the infuence of others may have on the professional or business judgment of the
management’s specialist. The competence, capabilities, and objectivity of a management’s
specialist, and any controls within the entity over that specialist’s work, are important factors
with regard to the reliability of any information produced by a management’s specialist. When
evaluating the objectivity of a specialist engaged by the entity, it may be relevant to discuss with
management and that specialist any interests and relationships that may create threats to the
specialist’s objectivity and any applicable safeguards, including any professional requirements
that apply to the specialist, and to evaluate whether the safeguards are adequate. Interests and
relationships creating threats may include the following: fnancial interests; business and personal
relationships; and provision of other services.

 Audit Documentation

Audit documentation is reviewed by members of the engagement team performing the

work and might be reviewed by others. Reviewers might include, for example: – Auditors who
are new to an engagement and review the prior year’s documentation to understand the work
performed as an aid in planning and performing the current engagement.
 – Supervisory personnel who review documentation prepared by other members of the
engagement team.

– Engagement supervisors and engagement quality reviewers who review documentation

to understand how the engagement team reached signifcant conclusions and whether there is
adequate evidential support for those conclusions.

– A successor auditor who reviews a predecessor auditor’s audit documentation.

– Internal and external inspection teams that review documentation to assess audit quality
and compliance with auditing and related professional practice standards; applicable laws, rules,
and regulations; and the auditor’s own quality control policies.

– Others, including advisors engaged by the audit committee or representatives of a party

to an acquisition

 Audit Documentation Requirement

The auditor must prepare audit documentation in connection with each engagement
conducted pursuant to the standards of the PCAOB. Audit documentation should be prepared in
suffcient detail to provide a clear understanding of its purpose, source, and the conclusions
reached. Also, the documentation should be appropriately organized to provide a clear link to the
signifcant fndings or issues. Examples of audit documentation include memoranda,
confrmations, correspondence, schedules, audit programs, and letters of representation. Audit
documentation may be in the form of paper, electronic fles, or other media. Because audit
documentation is the written record that provides the support for the representations in the
auditor’s report, it should: – Demonstrate that the engagement complied with the standards of the
PCAOB, – Support the basis for the auditor’s conclusions concerning every relevant fnancial
statement assertion, and – Demonstrate that the underlying accounting records agreed or
reconciled with the fnancial statements. The auditor must document the procedures performed,
evidence obtained, and conclusions reached with respect to relevant fnancial statement
assertions. Audit documentation must clearly demonstrate that the work was in fact performed.
This documentation requirement applies to the work of all those who participate in the
engagement as well as to the work of specialists the auditor uses as evidential matter in
evaluating relevant fnancial statement assertions. Audit documentation must contain suffcient
information to enable an experienced auditor, having no previous connection with the
engagement: – To understand the nature, timing, extent, and results of the procedures performed,
evidence obtained, and conclusions reached, and – To determine who performed the work and
the date such work was completed as well as the person who reviewed the work and the date of
such review. In determining the nature and extent of the documentation for a fnancial statement
assertion, the auditor should consider the following factors: – Nature of the auditing procedure; –
Risk of material misstatement associated with the assertion; – Extent of judgment required in
performing the work and evaluating the results, for example, accounting estimates require greater
judgment and commensurately more extensive documentation; – Signifcance of the evidence
obtained to the assertion being tested; and – Responsibility to document a conclusion not readily
determinable from the documentation of the procedures performed or evidence obtained.
Application of these factors determines whether the nature and extent of audit documentation is
adequate. In addition to the documentation necessary to support the auditor’s fnal conclusions,
audit documentation must include information the auditor has identifed relating to signifcant
fndings or issues that is inconsistent with or contradicts the auditor’s fnal conclusions. The
relevant records to be retained include, but are not limited to, procedures performed in response
to the information, and records documenting consultations on, or resolutions of, differences in
professional judgment among members of the engagement team or between the engagement
team and others consulted. If, after the documentation completion date the auditor becomes
aware, as a result of a lack of documentation or otherwise, that audit procedures may not have
been performed, evidence may not have been obtained, or appropriate conclusions may not have
been reached, the auditor must determine, and if so demonstrate, that suffcient procedures were
performed, suffcient evidence was obtained, and appropriate conclusions were reached with
respect to the relevant fnancial statement assertions. To accomplish this, the auditor must have
persuasive other evidence. Oral explanation alone does not constitute persuasive other evidence,
but it may be used to clarify other written evidence. If the auditor determines and demonstrates
that suffcient procedures were performed, suffcient evidence was obtained, and appropriate
conclusions were reached, but that documentation thereof is not adequate, then the auditor
should consider what additional documentation is needed. In preparing additional
documentation, the auditor should refer to paragraph 16. If the auditor cannot determine or
demonstrate that suffcient procedures were performed, suffcient evidence was obtained, or
appropriate conclusions were reached, the auditor should comply with the provisions of AU sec.
390, Consideration of Omitted Procedures after the Report Date. Documentation of risk
assessment procedures and responses to risks of misstatement should include (1) a summary of
the identifed risks of misstatement and the auditor’s assessment of risks of material misstatement
at the fnancial statement and assertion levels and (2) the auditor’s responses to the risks of
material misstatement, including linkage of the responses to those risks.

 Evaluating the Audit Result

The auditor shall evaluate the results of the audit evidence collected to determine
whether the audit evidence obtained is suffcient and appropriate to support the opinion to be
expressed in the auditor’s report.

 Evaluating the Results of the Audit of Internal Control Over Financial

Reporting
 Auditing Standard No. 5, An Audit of Internal Control Over Financial Reporting That Is
Integrated with An Audit of Financial Statements, indicates that the auditor should form an
opinion on the effectiveness of internal control over fnancial reporting by evaluating evidence
obtained from all sources, including the auditor’s testing of controls, misstatements detected
during the fnancial statement audit, and any identifed control defciencies. Auditing Standard No.
5 describes the auditor’s responsibilities regarding evaluating the results of the audit, including
evaluating the identifed control defciencies.

 Evaluating the Results of the Audit of Financial Statements

In forming an opinion on whether the fnancial statements are presented fairly, in all
material respects, in conformity with the applicable fnancial reporting framework, the auditor
should take into account all relevant audit evidence, regardless of whether it appears to
corroborate or to contradict the assertions in the fnancial statements. In the audit of fnancial
statements, the auditor’s evaluation of audit results should include evaluation of the following:

A. Performing Analytical Procedures in the Overall Review

In the overall review, the auditor should read the fnancial statements and disclosures and
perform analytical procedures to (a) evaluate the auditor’s conclusions formed regarding
signifcant accounts and disclosures and (b) assist in forming an opinion on whether the fnancial
statements as a whole are free of material misstatement. As part of the overall review, the auditor
should evaluate whether: (a) the evidence gathered in response to unusual or unexpected
transactions, events, amounts, or relationships previously identifed during the audit is suffcient;
and (b) unusual or unexpected transactions, events, amounts, or relationships indicate risks of
material misstatement that were not identifed previously, including, in particular, fraud risks. If
the auditor discovers a previously unidentifed risk of material misstatement or concludes that the
evidence gathered is not adequate, he or she should modify his or her audit procedures or
perform additional procedures as necessary in accordance with the auditor risk assessment. The
nature and extent of the analytical procedures performed during the overall review may be
similar to the analytical procedures performed as risk assessment procedures. The auditor should
perform analytical procedures relating to revenue through the end of the reporting period. The
auditor should obtain corroboration for management’s explanations regarding signifcant unusual
or unexpected transactions, events, amounts, or relationships. If management’s responses to the
auditor’s inquiries appear to be implausible, inconsistent with other audit evidence, imprecise, or
not at a suffcient level of detail to be useful, the auditor should perform procedures to address the
matter. Whether an unusual or unexpected transaction, event, amount, or relationship indicates a
fraud risk, depends on the relevant facts and circumstances, including the nature of the account
or relationship among the data used in the analytical procedures

B. Accumulating and Evaluating Identifed Misstatements

 The auditor should accumulate misstatements identifed during the audit, other than those
that are clearly trivial. Matters that are clearly trivial will be of a smaller order of magnitude than
the materiality level established in accordance with Auditing Standard No. 11, Consideration of
Materiality in Planning and Performing an Audit, and will be inconsequential, whether taken
individually or in aggregate and whether judged by any criteria of size, nature, or circumstances.
When there is any uncertainty about whether one or more items is clearly trivial, the matter is not
considered trivial. The auditor may designate an amount below which misstatements are clearly
trivial and do not need to be accumulated. In such cases, the amount should be set so that any
misstatements below that amount would not be material to the fnancial statements, individually
or in combination with other misstatements, considering the possibility of undetected
misstatement. The auditor’s accumulation of misstatements should include the auditor’s best
estimate of the total misstatement in the accounts and disclosures that he or she has tested, not
just the amount of misstatements specifcally identifed. If the auditor concludes that the amount
of an accounting estimate included in the fnancial statements is unreasonable or was not
determined in conformity with the relevant requirements of the applicable fnancial reporting
framework, he or she should treat the difference between that estimate and a reasonable estimate
determined in conformity with the applicable accounting principles as a misstatement. If a range
of reasonable estimates is supported by suffcient appropriate audit evidence and the recorded
estimate is outside of the range of reasonable estimates, the auditor should treat the difference
between the recorded accounting estimate and the closest reasonable estimate as a misstatement.
If an accounting estimate is determined in conformity with the relevant requirements of the
applicable fnancial reporting framework and the amount of the estimate is reasonable, a
difference between an estimated amount best supported by the audit evidence and the recorded
amount of the accounting estimate ordinarily would not be considered to be a misstatement. The
auditor should determine whether the overall audit strategy and audit plan need to be modifed if:
(a) the nature of accumulated misstatements and the circumstances of their occurrence indicate
that other misstatements might exist that, in combination with accumulated misstatements, could
be material; or (b) the aggregate of misstatements accumulated during the audit approaches the
materiality level or levels used in planning and performing the audit. The auditor should
communicate accumulated misstatements to management on a timely basis to provide
management with an opportunity to correct them. If management has examined an account or a
disclosure in response to misstatements detected by the auditor and has made corrections to the
account or disclosure, the auditor should evaluate management’s work to determine whether the
corrections have been recorded properly and whether uncorrected misstatements remain. The
auditor should evaluate whether uncorrected misstatements are material, individually or in
combination with other misstatements. In making this evaluation, the auditor should evaluate the
misstatements in relation to the specifc accounts and disclosures involved and to the fnancial
statements as a whole, taking into account relevant quantitative and qualitative factors. If the
reevaluation of the established materiality level or levels, as set forth in Auditing Standard No.
11, results in a lower amount for the materiality level or levels, the auditor should take into
account that lower materiality level or levels in the evaluation of uncorrected misstatements. The
auditor’s evaluation of uncorrected misstatements should include evaluation of the effects of
uncorrected misstatements detected in prior years and misstatements detected in the current year
that relate to prior years. The auditor cannot assume that an instance of error or fraud is an
isolated occurrence. Therefore, the auditor should evaluate the nature and effects of the
individual misstatements accumulated during the audit on the assessed risks of material
misstatement. This evaluation is important in determining whether the risk assessments remain
appropriate. The auditor should evaluate whether identifed misstatements might be indicative of
fraud and, in turn, how they affect the auditor’s evaluation of materiality and the related audit
responses. If the auditor believes that a misstatement is or might be intentional, and if the effect
on the fnancial statements could be material or cannot be readily determined, the auditor should
perform procedures to obtain additional audit evidence to determine whether fraud has occurred
or is likely to have occurred and, if so, its effect on the fnancial statements and the auditor’s
report thereon. For misstatements that the auditor believes are or might be intentional, the auditor
should evaluate the implications on the integrity of management or employees and the possible
effect on other aspects of the audit. If the misstatement involves higher-level management, it
might be indicative of a more pervasive problem, such as an issue with the integrity of
management, even if the amount of the misstatement is small. In such circumstances, the auditor
should reevaluate the assessment of fraud risk and the effect of that assessment on (a) the nature,
timing, and extent of the necessary tests of accounts or disclosures and (b) the assessment of the
effectiveness of controls. The auditor also should evaluate whether the circumstances or
conditions indicate possible collusion involving employees, management, or external parties and,
if so, the effect of the collusion on the reliability of evidence obtained. If the auditor becomes
aware of information indicating that fraud or another illegal act has occurred or might have
occurred, he or she also must determine his or her responsibilities

C. Evaluating the Qualitative Aspects of the Company’s Accounting Practices

When evaluating whether the fnancial statements as a whole are free of material
misstatement, the auditor should evaluate the qualitative aspects of the company’s accounting
practices, including potential bias in management’s judgments about the amounts and disclosures
in the fnancial statements. If the auditor identifes bias in management’s judgments about the
amounts and disclosures in the fnancial statements, the auditor should evaluate whether the effect
of that bias, together with the effect of uncorrected misstatements, results in material
misstatement of the fnancial statements. Also, the auditor should evaluate whether the auditor’s
risk assessments, including, in particular, the assessment of fraud risks, and the related audit
responses remain appropriate. The auditor should evaluate whether the difference between
estimates best supported by the audit evidence and estimates included in the fnancial statements,
which are individually reasonable, indicate a possible bias on the part of the company’s
management. If each accounting estimate included in the fnancial statements was individually
reasonable but the effect of the difference between each estimate and the estimate best supported
by the audit evidence was to increase earnings or loss, the auditor should evaluate whether these
circumstances indicate potential management bias in the estimates. Bias also can result from the
cumulative effect of changes in multiple accounting estimates. If the estimates in the fnancial
statements are grouped at one end of the range of reasonable estimates in the prior year and are
grouped at the other end of the range of reasonable estimates in the current year, the auditor
should evaluate whether management is using swings in estimates to achieve an expected or
desired outcome, e.g., to offset higher or lower than expected earnings