Unit No.-I 1.

1 Introduction: International Federation of Accountants (IFA) and

International Auditing and Assurance Standard Setting Body (IAASB)

1.2 Objectives and general principles governing an audit (ISA 200)

What Is the International Federation Of Accountants (IFAC)?

The International Federation of Accountants (IFAC) is a global organization representing the

accounting profession. IFAC establishes and promotes international standards, and speaks for the
profession on public policy issues. According to the IFAC website, the group serves the public
interest through advocacy, development, and support for our member organizations and the more
than 3 million accountants who are crucial to our global economy.

Understanding International Federation Of Accountants (IFAC)

The IFAC consists of more than 175 member organizations and affiliates, representing more than
130 countries and localities. These organizations represent approximately 3 million professional
accountants worldwide. Members include organizations such as the American Institute of
Certified Public Accountants and the Institute of Management Accountants.

IFAC's boards set international standards in a number of areas, including auditing, quality control,
education, public sector accounting and ethics for professional accountants. IFAC was founded
in 1977 in Munich, Germany. Today, it is based in New York City.

History and Mission of IFAC

Beginning with 63 founding members from 51 countries in 1977, IFAC's membership has grown
to now include over 175 members and associates in more than 135 countries and jurisdictions
worldwide.

IFAC was founded on October 7, 1977, in Munich, Germany, at the 11th World Congress of
Accountants to strengthen the global accountancy profession in the public interest by:

1. Developing high-quality international standards in auditing and assurance, public

sector accounting, ethics, and education for professional accountants and supporting
their adoption and use;
2. Facilitating collaboration and cooperation among its member bodies;
3. Collaborating and cooperating with other international organizations; and
4. Serving as the international spokesperson for the accountancy profession.

At the first meeting of the IFAC Assembly and Council in October 1977, a 12-point work program
was developed to guide IFAC committees and staff through the first five years of activities. Many
elements of this work program are still relevant today.

1. Develop statements which serve as guidelines for international and auditing guidelines
 2. Establish the basic principles which should be included in the code of ethics of any
member body of IFAC and to refine or elaborate on such principles as deemed appropriate
3. Determine the requirements and develop programs or the professional education and
training of accountant
4. Collect, analyze, research, and disseminated information on the management of public
accounting practices to assist practitioners in more effectively conducting their practices
5. Evaluate, develop, and report on financial management and other management techniques
and procedures
6. Undertake other studies of value to accountants, such as a possible study on the legal
liabilities of auditors
7. Foster closer relationships with users of financial statements including preparers, trade
unions, financial institutions, industry, governments, and others
8. Maintain good relations with regional organizations and explore the potential for
establishing other regional organizations, as well as assisting in their organizations and
development
9. Establish regular communications among the members of IFAC and other interested
organizations, principally through an IFAC Newsletter
10. Organize and promote the exchange of technical information, educational materials and
professional publications, and other literature emanating from member bodies
11. Organize and conduct an international congress of accountants approximately every five
years
12. Seek to expand the membership of IFAC

The International Auditing and Assurance Standards Board (IAASB)

The International Auditing and Assurance Standards Board (IAASB) is an independent standard-
setting body that develops and promotes high-quality auditing and assurance standards globally.
The primary function of the IAASB is to establish and update International Standards on Auditing
(ISAs) and other related assurance standards.
Here are the key functions of the IAASB:
Setting Auditing and Assurance Standards: The IAASB develops and issues international
standards that guide auditors and assurance practitioners in conducting their work. These standards
provide a framework for performing high-quality audits and assurance engagements, ensuring
consistency, reliability, and transparency in the process.
Enhancing Audit Quality: The IAASB continuously works to enhance audit quality by
addressing emerging issues, identifying areas for improvement, and promoting best practices. The
board engages in research, consultation, and collaboration with stakeholders to develop standards
that keep pace with the evolving business environment.
Promoting Convergence and Adoption: The IAASB plays a crucial role in promoting the
adoption and consistent application of international auditing and assurance standards worldwide.
It collaborates with national standard-setters, regulators, and professional bodies to encourage
convergence towards global standards, thereby facilitating cross-border transactions and
enhancing the quality of financial reporting.
Responding to Stakeholder Needs: The IAASB maintains a strong focus on meeting the needs
of various stakeholders, including investors, regulators, auditors, and financial statement
preparers. The board actively seeks feedback, conducts consultations, and considers public interest
to ensure that its standards remain relevant, effective, and aligned with the evolving expectations
of the market.
Monitoring and Quality Control: The IAASB monitors the implementation and application of
its standards through various mechanisms, such as quality control reviews and inspections. It
promotes effective quality control systems within auditing firms and strives to address any
identified issues or gaps that may impact the quality of audits and assurance engagements.
Providing Guidance and Support: The IAASB produces guidance documents, publications, and
tools to assist auditors and assurance practitioners in understanding and applying the international
standards effectively. These resources help in achieving consistent and high-quality auditing and
assurance practices across different jurisdictions.
Overall, the IAASB plays a vital role in establishing global auditing and assurance standards,
promoting audit quality, facilitating international convergence, and addressing the needs of
stakeholders. By setting high-quality standards, the IAASB contributes to building trust in
financial reporting and supporting the stability and integrity of the global financial system.

Understanding assurance and its levels: absolute, reasonable, and limited assurance
Assurance and its levels

Assurance’ means confidence. In an assurance engagement, an ‘assurance firm’ is engaged by one

party to give an opinion on a piece of information that has been prepared by another party. The
opinion is an expression of assurance about the information that has been reviewed. It gives
assurance to the party that hired the assurance firm that the information can be relied on. Assurance
can be provided by:

Review.

A statutory audit is one form of assurance. Without assurance from the auditors, the shareholders
may not accept that the information provided by the financial statements is sufficiently accurate
and reliable. The statutory audit provides assurance as to the quality of the information. The
provision of this assurance should add credibility to the information in the financial statements,
making the information more reliable and therefore more useful to the user.

Levels of assurance:
There are different levels or degrees of assurance. Some assurances are more reliable than others.
The degree of assurance that can be provided about the reliability of the financial statements of a
company will depend on the amount of work performed in carrying out the assurance process and
the results of that work.

The resulting assurance falls into one of two categories:

1) Reasonable Assurance – A high (but not absolute) level of assurance provided by the
practitioner’s conclusion expressed in a positive form. E.g. “In our opinion the accounts are true
and fair”. The objective of a statutory audit is to provide reasonable assurance.

2)Limited Assurance – A moderate level of assurance provided by the practitioner’s conclusion

expressed in a negative form. E.g. “Based on our review, nothing has come to our attention that
causes us to believe that the accompanying financial statements do not give a true and fair
view”. The objective of a review engagement is often to provide limited assurance.

Assurance provided by audit

An audit provides a high, but not absolute, level of assurance that the audited information is free
from any material misstatement. This is often referred to as reasonable assurance. The reason why
auditor is not expected to provide absolute assurance is that there are inherent limitations of an
audit, which result in most of the audit evidence on which the auditor draws conclusions and bases
the auditor’s opinion being persuasive rather than conclusive.

Assurance provided by review

A review is a ‘voluntary’ investigation. In contrast to ‘reasonable’ level of assurance provided by

an audit, a review into an aspect of the financial statements would provide only a moderate level
of assurance that the information under review is free of material misstatement. The resulting
opinion is usually (although not always) expressed in the form of negative assurance.

Negative assurance is an opinion that nothing is obviously wrong: in other words, ‘nothing has
come to our attention to suggest that the information is misstated’.

A review does not provide the same amount of assurance as an audit. An external audit
provides positive assurance that, in the opinion of the auditors, the financial statements do present
fairly the financial position and performance of the company.
Comparison of audit and review

The higher level of assurance (audit) will enhance the credibility provided by the assurance
process, but the audit work is likely to be more time-consuming than a review and so more costly
than a review.

Negative assurance (review) is necessary in situations where the accountant/auditor cannot obtain
sufficient evidence to provide positive assurance. For example the management of a client entity
may ask the audit firm to carry out a review of a cash flow forecast. A forecast relates to the future
and is based on many assumptions, and an auditor therefore cannot provide positive assurance that
the forecast is accurate. However he may be able to provide negative assurance that there is nothing
he is aware of to suggest that the forecast contains material errors.

UNIT-III-A. Legal considerations relating to appointment and removal of auditors (Section

246 to 253 of Companies Act 2017)

246. Appointment, removal and fee of auditors.—

(1) The first auditor or auditors of a company shall be appointed by the board within ninety days
of the date of incorporation of the company; and the auditor or auditors so appointed shall retire
on the conclusion of the first annual general meeting.
(2) Subject to the provisions of sub-section
(3), the subsequent auditor or auditors shall be appointed by the company in the annual general
meeting on the recommendation of the board after obtaining consent of the proposed auditors, a
notice shall be given to the members with the notice of general meeting. The auditor or auditors
so appointed shall retire on the conclusion of the next annual general meeting.
(3) A member or members having not less than ten percent shareholding of the company shall also
be entitled to propose any auditor or auditors for appointment whose consent has been obtained by
him and a notice in this regard has been given to the company not less than seven days before the
date of the annual general meeting. The company shall forthwith send a copy of such notice to the
retiring auditor and shall also be posted on its website.
(4) Where an auditor, other than the retiring auditor is proposed to be appointed, the retiring auditor
shall have a right to make a representation in writing to the company at least two days before the
date of general meeting. Such representation shall be read out at the meeting before taking up the
agenda for appointment of the auditor:
Provided that where such representation is made, it shall be mandatory for the auditor or a person
authorized by him in writing to attend the general meeting in person.
(5) The auditor or auditors appointed by the board or the members in an annual general meeting
may be removed through a special resolution.
(6) Any casual vacancy of an auditor shall be filled by the board within thirty days from the date
thereof. Any auditor appointed to fill in any casual vacancy shall hold office until the conclusion
of the next annual general meeting:
Provided that where the auditors are removed during their tenure, the board shall appoint the
auditors with prior approval of the Commission.
(7) If the company, fails to appoint—
(a) the first auditors within a period of ninety days of the date of incorporation of the company;
(b) the auditors at an annual general meeting; or
(c) an auditor in the office to fill up a casual vacancy within thirty days after the occurrence of the
vacancy; and
(d) if the appointed auditors are unwilling to act as auditors of the company; the Commission may,
of its own motion or on an application made to it by the company or any of its members direct to
make good the default within such time as may be specified in the order. In case the company fails
to report compliance within the period so specified, the Commission shall appoint auditors of the
company who shall hold office till conclusion of the next annual general meeting:
(8) The remuneration of the auditors of a company shall be fixed—
(a) by the company in the general meeting;
(b) by the board or by the Commission, if the auditors are appointed by the board or the
Commission, as the case may be.
(9) Every company shall, within fourteen days from the date of any appointment of an auditor,
send to the registrar intimation thereof, together with the consent in writing of the auditor
concerned.
247. Qualification and disqualification of auditors.—
(1) A person shall not be qualified for appointment as an auditor—
(a) in the case of a public company or a private company which is subsidiary of a public company
or a private company having paid up capital of three million rupees or more unless such person is
a chartered accountant having valid certificate of practice from the Institute of Chartered
Accountants of Pakistan or a firm of chartered accountants; and
(b) in the case of a company other than specified in clause (a), unless such person, is a chartered
accountant or cost and management accountant having valid certificate of practice from the
respective institute or a firm of chartered accountants or cost and management accountants, having
such criteria as may be specified:
Provided that for the purpose of clause (a) and (b), a firm whereof majority of practicing partners
are qualified for appointment shall be appointed by its firm name to be auditors of the company.
(2) Where a partnership firm is appointed as auditor of a company, only the partners who meet the
qualification requirements as provided in subsection
(1), shall be authorized to act and sign on behalf of the firm.
(3) None of the following persons shall be appointed as auditor of a
company, namely—
(a) a person who is, or at any time during the preceding three years was, a director, other officer
or employee of the company;
(b) a person who is a partner of , or in the employment of, a director, officer or employee of the
company;
(c) the spouse of a director of the company;
(d) a person who is indebted to the company other than in the ordinary course of business of such
entities;
(e) a person who has given a guarantee or provided any security in connection with the
indebtedness of any third person to the company other than in the ordinary course of business of
such entities;
(f) a person or a firm who, whether directly or indirectly, has business relationship with the
company other than in the ordinary course of business of such entities;
(g) a person who has been convicted by a court of an offence involving fraud and a period of ten
years has not elapsed from the date of such conviction;
(h) a body corporate;
(i) a person who is not eligible to act as auditor under the code of ethics as adopted by the Institute
of Chartered Accountants of Pakistan and the Institute of Cost and Management Accountants of
Pakistan; and
(j) a person or his spouse or minor children, or in case of a firm, all partners of such firm who hold
any shares of an audit client or any of its associated companies:
Provided that if such a person holds shares prior to his appointment as auditor, whether as an
individual or a partner in a firm the fact shall be disclosed on his appointment as auditor and such
person shall disinvest such shares within ninety days of such appointment.
(5) A person shall also not be qualified for appointment as auditor of a company if he is, by virtue
of the provisions of sub-section (3), disqualified for appointment as auditor of any other company
which is that company’s subsidiary or holding company or a subsidiary of that holding company.
(6) If, after his appointment, an auditor becomes subject to any of the disqualifications specified
in this section, he shall be deemed to have vacated his office as auditor with effect from the date
on which he becomes so disqualified.
(7) A person who, not being qualified to be an auditor of a company, or being or having become
subject to any disqualification to act as such, acts as auditor of a company shall be liable to a
penalty of level 2 on the standard scale.
(8) The appointment as auditor of a company of an unqualified person, or of a person who is
subject to any disqualifications to act as such, shall be void, and, where such an appointment is
made by a company, the Commission may appoint a qualified person in place of the auditor
appointed by the company.
RIGHTS AND DUTIES OF AUDITOR
248. Auditors’ right to information.—
(1) An auditor of a company has a right—
(a) of access at all times to the company’s books, accounts and vouchers (in whatever form they
are held); and
(b) of access to such copies of, an extracts from, the books and accounts of the branch as have been
transmitted to the principal office of the company;
(c) to require any of the following persons to provide him with such information or explanations
as he thinks necessary for the performance of his duties as auditor—
(i) any director, officer or employee of the company;
(ii) any person holding or accountable for any of the company’s books, accounts or vouchers;
(iii) any subsidiary undertaking of the company; and
(iv) any officer, employee or auditor of any such subsidiary undertaking of the company or any
person holding or accountable for any books, accounts or vouchers of any such subsidiary
undertaking of the company.
(2) If any officer of a company refuses or fails, without lawful justification, the onus (responsibilty)
whereof shall lie on him, to allow any auditor access to any books and papers in his custody or
power, or to give any such information possessed by him as and when required, or otherwise
hinders, obstructs or delays an auditor in the performance of his duties or the exercise of his powers
or fails to give notice of any general meeting to the auditor or provides false or incorrect
information, he shall be liable to penalty as provided under section 252.
Rights of an auditor:
A company auditor's job is full of responsibility. The auditor has a lot of power under the
Companies Act. He has all of the rights that other business owners should have because he is the
shareholders' agent. Because the Act contains specific provisions, no one can prevent the auditor
from exercising these rights.

1. Right to access book, account and vouchers:

Every auditor of a company has unrestricted access to the firm's books of accounts and vouchers,
whether held at the company's headquarters or elsewhere. As a result, the auditor has access to all
readers, coupons, and documentation. This is a legal right of the auditor. He may pay a surprise
visit without telling the Board of Directors in advance, but auditors notify the Board of Directors
before their trips. This is one of the primary rights of a company editor. Access to all the accounts
data is crucial to be accessible to the company auditor.

2. Right to obtain information and explanation:

Every company auditor has a right to gain information from the company. An auditor of a firm has
the right to demand from the company's officers whatever information and explanation he deems
relevant to fulfil his obligations as an auditor. In his report, the auditor must state if he got all of
the information and answers essential for the audit to the best of his knowledge and belief. This is
another vital tool in the auditor's arsenal. He will, however, determine which information or
explanations he believes are required. He has the right to include the fact in his report if the
company's directors or officers refuse to provide certain information because they think it is
unnecessary.

3. Right to correct any wrong statement:

During the company auditor's tenure as an auditor, the auditor must make a report to the company's
members on the accounts he has examined. The Board of Directors is responsible for preparing
and presenting any reports or balance sheets to the auditor. The auditor also can recommend
appropriate changes to the management's accounting method. They have the power to correct the
statements or anything mentioned in the reports that are not correct according to them. If a
recommendation is offered, the directors should follow it. If this is not the case, the auditor should
inform the members. However, he does not have the authority to make any changes to the
company's accounts on his own. But the suggestions need to be taken seriously.

4. Right to visit branches:

The auditor is also permitted to visit the company's branches. If a qualified auditor audits the
branch's accounts, he can obtain copies of the reports that have been certified by the branch auditor,
and he will always have access to such records. Suppose a duly qualified auditor does not audit
the Branch Accounts. In that case, the auditor has unrestricted access to the company's books,
accounts, and vouchers and may visit the branch if deemed necessary. The company auditor does
not have the legal authority to see international units.

5. Right to receive a notice and attend meetings:

During his tenure, the company auditor has the right to receive all notices and communications
relevant to all general meetings. Even if the auditor's audited accounts aren't discussed, the
corporation should send him a note. The auditor has the right to attend the sessions as well. He is
also welcome to speak at the meeting if any clarification is required. On the other hand, the auditor
is under no obligation to attend such sessions. This right also does not apply to board meetings.
An auditor of a corporation has the same right as a member of the company to receive notices and
other communications relevant to the General Meeting under section 231.

6. Right to sign the audit report:

Only the person chosen as the company's auditor, or, in the case of a partnership, only a partner in
the firm practising in India, may sign the auditor's report or sign or authenticate any other document
required by law by the company under section 299. If appointed, any partner also has the right to
do the same. The first auditor shall sign and authenticate a specific section of the Statutory Report.
He also has the authority to sign and establish any other document that the Act requires. Auditor
has full power to sign the papers and make the report.

7. Right to remuneration:

The auditor's pay shall be established in the company's general meeting or in a manner that may
be determined therein. It must include any expenses made by the company auditor in connection
with the company's audit and any facilities provided to him. Still, it does not have any payment
paid to him for any other services performed at the company's request. This right to remuneration
also comes under the rights of the company auditor as one of the fundamental rights.

8. Right to be indemnified:
In case of any civil and criminal actions by the company against the auditor, and If it is proven that
the auditor acted honestly or the judgement given is in his favour, he has a right to be indemnified
out of the assets of the company against any liability incurred by him defending himself against
any civil and criminal procedures brought by the company under section 633. This can protect him
against any criminal proceedings by the corporation. Aside from this fact, many other factors are
considered.

9. Right to take legal and technical advice:

Auditor also has a right to take any legal advice if they need it. If necessary to take action on his
report, the auditor may seek advice from experts. If the report needs legal action or the auditor
feels the need, only the auditor has a right to take legal or any technical advice. Sometimes the
technical advice can depend on the needs and complexity of the report. Auditor has the full
authority to ask for such kind of advice. This is necessary considering the reports. In the case of
any unique technical issues, the auditor has the right to contact and seek the advice of an expert.
He has the right to seek legal assistance to carry out his responsibilities effectively.

249. Duties of auditor.—

(1) A company’s auditor shall conduct the audit and prepare his report in compliance with the
requirements of International Standards on Auditing as adopted by the Institute of Chartered
Accountants of Pakistan.
(2) A company’s auditor must carry out such examination to enable him to form an opinion as to—
(a) whether adequate accounting records have been kept by the company and returns adequate for
their audit have been received from branches not visited by him; and
(b) whether the company’s financial statements are in agreement with the accounting records and
returns.
(3) The auditor shall make out a report to the members of the company on the accounts and books
of accounts of the company and on every financial statements and on every other document
forming part of such statements including notes, statements or schedules, which are to be laid
before the company in general meeting and the report shall state—
(a) whether or not they have obtained all the information and explanations which to the best of
their knowledge and belief were necessary for the purposes of the audit and if not, the details
thereof and the effect of such information on the financial statements;
(b) whether or not in their opinion proper books of accounts as required by this Act have been kept
by the company;
(c) Whether or not in their opinion the statement of financial position and profit and loss account
and other comprehensive income or the income and expenditure account and the cash flows have
been drawn up in conformity with the requirements of accounting and reporting standards as
notified under this Act and are in agreement with the books of accounts and returns;
(d) whether or not in their opinion and to the best of their information and according to the
explanations given to them, the said accounts give the information required by this Act in the
manner so required and give a true and fair view—
(i) In the case of the statement of financial position, of the state of affairs of the company as at the
end of the financial year;
(ii) In the case of the profit and loss account and other comprehensive income or the income and
expenditure account, of the profit or loss and other comprehensive income or surplus or deficit, as
the case may be, for its financial year; and
(iii) in the case of statement of cash flows, of the generation and utilization of the cash and cash
equivalents of the company for its financial year;
(e) Whether or not in their opinion—
(i) investments made, expenditure incurred and guarantees extended, during the year, were for the
purpose of company’s business; and
(ii) zakat deductible at source under the Zakat and Usher Ordinance, 1980 (XVIII of 1980), was
deducted by the company and deposited in the Central Zakat Fund established under section 7 of
that Act.
Explanation.—Where the auditor’s report contains a reference to any other report, statement or
remarks which they have made on the financial statements examined by them, such statement
or remarks shall be annexed to the auditor’s report and shall be deemed to be a part of the auditor’s
report.
(4) Where any of the matters referred to in sub-section (2) or (3) is answered in the negative or
with a qualification, the report shall state the reason for such answer along with the factual position
to the best of the auditor’s information.
(5) The Commission may, by general or special order, direct that, in the case of all companies
generally or such class or description of companies as may be specified in the order, the auditor’s
report shall also include a statement of such additional matters as may be so specified.
(6) The auditor shall express unmodified or modified opinion in his report in compliance with the
requirements of International Standards on Auditing as adopted by the Institute of Chartered
Accountants of Pakistan.
(7) The Commission may by general or special order, direct, that the statement of compliance as
contained in sub-section (4) of section 227 of this Act, shall be reviewed by the auditor who shall
issue a review report to the members on the format specified by the Commission.
(8) The auditor of a company shall be entitled to attend any general meeting of the company, and
to receive all notices of, and any communications relating to, any general meeting which any
member of the company is entitled to receive, and to be heard at any general meeting which he
attends on any part of the business which concerns him as auditor:
Provided that, in the case of a listed company, the auditor or a person authorised by him in writing
shall be present in the general meeting in which the financial statements and the auditor’s report
are to be considered.
Duties of an Auditor:

The duties of an auditor include the following tasks, which are considered the significant duties of
a company auditor. Out of the major ones, these are a few major ones

1. Providing audit report:

A company auditor's primary duty is to provide reports of all the accounts and financial statements
audited by them and presented to the company. Such audits give credibility to the financial
information. This provides a fair idea of the company's accounts. The auditor's opinion enhances
the reliability of the financial statements. The assurance from the auditor is the fundamental reason
for its credibility. The audit report also ensures that accounting and auditing rules are followed.
According to accounting standards, he must make sure that the financial statements adhere to the
relevant provisions of the Companies Act 2013.

2. Make a proper enquiry:

Every company auditor is responsible for requesting access to the company's books of accounts,
vouchers, and other documents and explanations. Furthermore, an auditor can contact the company
at any time to obtain information on the following topics:

 If the company's loans and advances made based on security were appropriately secured.
 He should also check if the terms and conditions under which such loans and advances
have been issued are not biased.
 Whether or not the company is a bank or an investment firm, and how many of the firm's
assets have been sold for less than what it paid for them.
 Whether the shares issued for cash have been received in cash, the auditor must check that
the company's financial condition is recorded if no money has been accepted.

3. Assist in branch office:

When a corporation maintains a branch office, the accounts of that branch office must be audited
either by the company's auditor or by any other person qualified to serve as an auditor for the
company. The branch auditor will create a report on the accounts of the branch he is auditing and
transmit it to the company's auditor, who will address it in his essay in whatever way he sees fit.

4. Compliance with auditing standards:

All auditors must follow the auditing standards. In cooperation with the National Financial
Reporting Authority, the Central Government will announce these requirements. These standards
assist the auditor in carrying out his auditing responsibilities with relative simplicity and precision.
The government may also specify that the auditors' report contains a statement on the notified
matters.

5. Reporting of frauds:

In general, the auditor may develop suspicions about fraud within the organisation while executing
his job. This could be related to any financial statement that cannot be added up. While performing
his duties as auditor, if an auditor of a company has reason to believe that an offence involving
fraud is being or has been committed against the company by officers or employees of the
company, he must immediately report the matter to the Central Government within the time and
in the manner prescribed.

6. Assist in the investigation:

The auditor must assist the officers if the company is under investigation. The auditor's
responsibilities are diverse, as can be seen, and they have a wide-ranging and far-reaching impact.
This job is full of guilt, and fulfilling those can be difficult. The level of assurance provided by a
set of audited financial statements is much higher than that offered by regular unaudited financial
statements. The term "investigation" refers to the systematic and rigorous examination of certain
business records. When a company's issue has already been identified, this type of inquiry is
carried out to determine the cause and who was involved in the activity. As a result, an auditor's
responsibility is to help officers conduct such an investigation.

7. Follow Auditing principles:

Confidentiality is one of the fundamental principles that govern an audit. As a result, the auditor
must keep the information he obtains while executing his obligations as an auditor confidential.
Without his permission, he should not share the client's details. In addition, the auditor must be
truthful, sincere, objective, and free of bias. As a result, he should examine the company's books
of accounts with a high level of objectivity and integrity. The auditor's principal responsibility is
to provide his opinion on whether the balance sheet presents an accurate and fair picture of the
company's financial situation after the fiscal year. Schedule VI refers to the minimum disclosure
obligation; however, if specific information significantly influences the representations made in
the financial statements, it must be reported.

8. Fraud detection and reporting:

A Company auditor may have suspicions about fraud within the organisation. If he finds himself
in this situation, he must notify the Central Government as quickly as possible and by the Act's
requirements. The role of a financial statement auditor in detecting fraud is undeniable. The auditor
can get reasonable but not complete assurance that significant misstatements are found due to the
nature of audit evidence and the features of fraud.

9. If required, form a negative opinion:

The auditor's report has a high level of certainty and trustworthiness because it contains the
auditor's view on the financial accounts. The auditor has the right to provide an unfavourable
opinion if he considers the financial statements do not present an accurate and fair picture of the
company's financial status. He will also issue an opinion disclaimer if he is displeased with the
material supplied and cannot offer a qualified opinion on the statements. A waiver of thought states
that the organisation's financial position cannot be ascertained due to a lack of information. If he
finds himself in this situation, he must notify the Central Government as quickly as possible and
by the Act's requirements.

10. Observe the Ethics and Professional Conduct Codes:

A Company auditor must follow the code of ethics and the code of professional conduct. Two parts
of this are confidentiality and proper care in fulfilling his tasks. Professional scepticism is another
crucial requirement. The auditor must have a critical mind and be on the watch for any financial
disasters, blunders, or frauds.

11. Help with an investigation:

The auditor must assist the officers if the company is under investigation. The auditor's
responsibilities are diverse, as can be seen, and they have a wide-ranging and far-reaching impact.
The level of assurance provided by a set of audited financial statements is much higher than that
offered by regular unaudited financial statements.

250. Audit of cost accounts

(1)Where any company or class of companies is required under first provision of sub-section (1)
of section 220 to include in its books of account the particulars referred to therein, the Commission
may direct that an audit of cost accounts of the company shall be conducted in such manner and
with such stipulations (conditions) as may be specified in the order by an auditor who is a
chartered accountant within the meaning of the Chartered Accountants Ordinance, 1961 (X of
1961), or a cost and management accountant within the meaning of the Cost and Management
Accountants Act, 1966 (XIV of 1966); and such auditor shall have the same powers, duties and
liabilities as an auditor of a company and such other powers, duties and liabilities as may be
specified.
(2) The audit of cost accounts of the company under sub-section (1) shall be directed by the
Commission subject to the recommendation of the regulatory authority supervising the business
of relevant sector or any entity of the sector.
251. Signature of auditor’s report.—(1) The auditor’s report must state the name of the auditor,
engagement partner, be signed, dated and indicate the place at which it is signed.
(2) Where the auditor is an individual, the report must be signed by him.
(3) Where the auditor is a firm, the report must be signed by the partnership firm with the name of
the engagement partner.
252. Penalty for non-compliance with provisions by companies.—
Any contravention or default in complying with requirements of sections 246, 247, 248 and 250
shall be an offence liable to a penalty of level 3 on the standard scale.
253. Penalty for non-compliance with provisions by auditors.—
(1) If any auditor’s report or review report is made, or any document of the company is signed or
authenticated otherwise than in conformity with the requirements of section 131, sections 249 and
251 or is otherwise untrue or fails to bring out material facts about the affairs of the company or
matters to which it purports to relate, the auditor concerned and the person, if any, other than the
auditor who signs the report or signs or authenticates the document, and in the case of a firm all
partners of the firm, shall be liable to a penalty of level 2 on the standard scale.
(2) If the auditor’s report to which sub-section (1) applies is made with the intent to profit such
auditor or any other person or to put another person to a disadvantage or loss or for a material
consideration, the auditor shall, in addition to the penalty provided by that sub-section, be
punishable with imprisonment for a term which may extend to two years and with penalty which
may extend to one million rupees.

Unit No.-II- Responsibility for the financial statements

Management Responsibilities relating to Financial Statements

The management responsibilities in relation to the financial statements include the
following:
1. The overall responsibility for the preparation and presentation of the financial statements.
2. Identifying the financial reporting framework to be used in the preparation and presentation of
the financial statements.
3. Designing, implementing and maintaining internal controls relevant to the preparation and
presentation of financial statements that are free from material misstatement whether due to
fraud or error.
4. Selecting and applying appropriate accounting policies.
5. Making accounting estimates that are reasonable in the circumstances.
Preparation and presentation of the financial statements
An acceptable financial reporting framework should be used by the management in the preparation
and presentation of the financial statements. Management should also identify financial reporting
framework which is used in preparation and presentation of financial statements. Financial
statement should be prepared for general purpose and it should also fulfill the requirement of local
laws and regulations.
Designing, implementing and maintaining internal controls
Management should agree and acknowledge for such internal control as management determines
is necessary to enable the preparation of financial statements that are free from material
misstatement, whether due to fraud or error. Internal Control system is very important for
determining the time and extent of audit procedures.
Selection and application of appropriate accounting policies
Management should select and apply accounting policies properly in accordance with relevant
standards , rules and regulations so that financial statements providing a true and accurate picture
of the state of affairs of the entity. selection and application of appropriate accounting policies
depends upon the competence of relevant personnel.
Making reasonable accounting estimates
Management should make reasonable accounting estimates keeping in view the substance of
transactions and their impact on financial statements. Accounting estimates should be made in
accordance with normal accounting practices prevailing in the market.
Auditors Responsibilities on Financial Statements
The process of getting financial statements audited is a really important step in lieu of ensuring
that the organization has presented true and fair view of their financial position over the past
year.
Therefore, the responsibility of an auditor to provide assurance on that particular claim is quite
significant, since it really impacts the overall stakeholders.
Therefore, auditors’ responsibilities can be defined as follows:
Risk Assessment, Audit Risks, and Audit Procedures
Identifying and assessing the overall risk of material misstatement of the entity’s financial
statements. This also includes any chances of errors, frauds, or incorrect declaration by the
organization.
Furthermore, the auditor is also responsible to ensure that he is able to perform audit tasks and
procedures responsive to the audit risks that are identified.
Subsequently, it is also important to obtain audit evidence that is sufficient and appropriate
enough to provide the basis for the auditors’ opinion.
Internal Controls
Additionally, the auditor is also responsible for obtaining an understanding of the internal
controls that are present relevant to the auditor in order to design audit procedures that are
appropriate in the circumstances, but not for the purposes of expressing their thought regarding
the organizations’ internal control.
If the controls are strong, then auditors might relying on the controls so that they might
reduce audit sample size.
If the control is concluded to be weak then the risk of material misstatement of over financial
reporting are high then the sample sizes of the transactions or balance in the financial statements
to be reviewed will be increasing up 100%.
Accounting Estimates
The auditor is also responsible to ensure that the accounting policies and the overall
reasonableness of the accounting estimates is done appropriately.
Related disclosures should also be made in order to provide any additional information that
might be useful to either of these parties.
Audit Conclusion
After having conducted the relevant audit risk assessments, auditors are also responsible to
conclude on the overall extent to which the going concern basis is reflected in the accounting.
Furthermore, based on the audit evidence that is obtained, it should also be seen if material
uncertainty exists related to the events, which may question the entity’s overall ability to
continue as a going concern.

UNIT-III 6. 2-Terms of Audit engagements (ISA 210)

This is the summary of ISA 210: Agreeing with the Term of Audit Engagement. In this
summary, we follow the structure of ISA which starts with an Introduction, Objective,
Definition, and Requirement.
You may jump to the specific areas as your requirement. The summary here does not include all
the standard points and is for quick check only. The full standard is recommended for
professional practices.
Introduction
The Main Purposes of ISA 210 are to:
 Provide the standard and guidance on how the audit firm agree with the term of engagement
with its clients
 Provide the standard and guidance on how audit firms respond to requests on changing the
term and conditions.
This standard provides the basis and guidance when it is preparing to bind an agreement with its
client for audit and non-audit services like tax service, accounting review, and advisory services.
However, once such non-audit services exist, the standard recommends having a separate
engagement letter.
The formal engagement letter is recommended in any situation, term and dirction should be clear
and understandable for both parties.
Objective
The main objective of ISA 210 is said that audit could perform its work only when the term and
conditions of the engagement are agreed upon. In that case, the term and conditions are present
and agreed upon by both parties, if possible from those charges with the government.
To simplify this point, the auditor should accept or continues its work when there is no evidence
that management does not agree with the term and conditions.
Definitions
The following is the definition of the key term in ISA 210:
Precondition for an audit is the condition in which auditor could establish that the Financial
Statements that auditor going to audit are preparing in accordance with applicable standard and,
the understanding and agreeing rule and responsibilities on management as well as those charge
with governments on Financial Statements.
Requirements:
The following are the requirement for five important points in ISA 210:
Preconditions for an Audit

 Determine if the frameworks to be used are acceptable and if the framework to be used is not
acceptable, then the auditor should not accept the engagement.
 Confirm and agree with management about their responsibilities in preparing Financial
Statements and Internal controls on Financial Reporting.
 Confirm with management about the auditor’s right to access information; if management
does not agree, engagement should not accept.
 Confirm the scope of the audit and if the limitation is imposed. Access if the impose affects
the audit words for its opinion.
 The auditor might not accept the engagement if the precondition is not discussed.

Agreement on Audit Engagement Terms

 The term and conditions should be included and agreed upon with management in the
application form. For example, a contract or engagement letter. The importance of
information includes Scope, Objective, Responsibility of both parties, financial framework,
and the report that is going to issue by the auditor. Audit Fees and the basis of audit fee
calculation should be included.
 Law and regulation related to audit engagement might need to consider.

Recurring Audits
 A recurring audit happens when the firm continues the audit of the current client. Before
continuing the standard, the firm must reassess if there is anything that needs to change to the
original engagement. ISA 210 requires a firm might need to inform management of the terms
and conditions.
Acceptance of a Change in terms of the Audit Engagement
 The client might be asked to change the terms and conditions during the audit. In such a case,
the auditor needs to consider whether or not the change is acceptable.
 If the change is not acceptable, the auditor should not continue engagement. If it is accepted, a
new agreement should be formed. All applicable laws and ethics should be considered.

Unit No.-II 2.2.THE AUDITOR’S RESPONSIBILITIES RELATING TO FRAUD IN AN

AUDIT OF FINANCIAL STATEMENTS 157 ISA 240 AUDITING Introduction Scope of this
ISA

1. This International Standard on Auditing (ISA) deals with the auditor’s responsibilities relating
to fraud in an audit of financial statements. Specifically, it expands on how ISA 3151 and ISA
3302 are to be applied in relation to risks of material misstatement due to fraud. Characteristics
of Fraud

2. Misstatements in the financial statements can arise from either fraud or error. The
distinguishing factor between fraud and error is whether the underlying action that results in the
misstatement of the financial statements is intentional or unintentional.

3. Although fraud is a broad legal concept, for the purposes of the ISAs, the auditor is concerned
with fraud that causes a material misstatement in the financial statements. Two types of
intentional misstatements are relevant to the auditor – misstatements resulting from fraudulent
financial reporting and misstatements resulting from misappropriation of assets. Although the
auditor may suspect or, in rare cases, identify the occurrence of fraud, the auditor does not make
legal determinations of whether fraud has actually occurred. (Ref: Para. A1–A6) Responsibility
for the Prevention and Detection of Fraud

4. The primary responsibility for the prevention and detection of fraud rests with both those
charged with governance of the entity and management. It is important that management, with
the oversight of those charged with governance, place a strong emphasis on fraud prevention,
which may reduce opportunities for fraud to take place, and fraud deterrence, which could
persuade individuals not to commit fraud because of the likelihood of detection and punishment.
This involves a commitment to creating a culture of honesty and ethical behavior which can be
reinforced by an active oversight by those charged with governance. Oversight by those charged
with governance includes considering the potential for override of controls or other inappropriate
influence over the financial reporting process, such as efforts by management to manage
earnings in order to influence the perceptions of analysts as to the entity’s performance and
profitability.

Responsibilities of the Auditor

5. An auditor conducting an audit in accordance with ISAs is responsible for obtaining

reasonable assurance that the financial statements taken as a whole are free from material
misstatement, whether caused by fraud or error. Owing to the inherent limitations of an audit,
there is an unavoidable risk that some material misstatements of the financial statements may not
be detected, even though the audit is properly planned and performed in accordance with the
ISAs.36. As described in ISA 200,4 the potential effects of inherent limitations are particularly
significant in the case of misstatement resulting from fraud. The risk of not detecting a material
misstatement resulting from fraud is higher than the risk of not detecting one resulting from
error. This is because fraud may involve sophisticated and carefully organized schemes designed
to conceal it, such as forgery, deliberate failure to record transactions, or intentional
misrepresentations being made to the auditor. Such attempts at concealment may be even more
difficult to detect when accompanied by collusion. Collusion may cause the auditor to believe
that audit evidence is persuasive when it is, in fact, false. The auditor’s ability to detect a fraud
depends on factors such as the skillfulness of the perpetrator, the frequency and extent of
manipulation, the degree of collusion involved, the relative size of individual amounts
manipulated, and the seniority of those individuals involved. While the auditor may be able to
identify potential opportunities for fraud to be perpetrated, it is difficult for the auditor to
determine whether misstatements in judgment areas such as accounting estimates are caused by
fraud or error.

7. Furthermore, the risk of the auditor not detecting a material misstatement resulting from
management fraud is greater than for employee fraud, because management is frequently in a
position to directly or indirectly manipulate accounting records, present fraudulent financial
information or override control procedures designed to prevent similar frauds by other
employees.

8. When obtaining reasonable assurance, the auditor is responsible for maintaining professional
skepticism throughout the audit, considering the potential for management override of controls
and recognizing the fact that audit procedures that are effective for detecting error may not be
effective in detecting fraud. The requirements in this ISA are designed to assist the auditor in
identifying and assessing the risks of material misstatement due to fraud and in designing
procedures to detect such misstatement. Effective Date

9. This ISA is effective for audits of financial statements for periods beginning on or after
December 15, 2009. Objectives

10. The objectives of the auditor are:

(a) To identify and assess the risks of material misstatement of the financial statements due to
fraud;

(b) To obtain sufficient appropriate audit evidence regarding the assessed risks of material
misstatement due to fraud, through designing and implementing appropriate responses; and

(c) To respond appropriately to fraud or suspected fraud identified during the audit. Definitions

11. For purposes of the ISAs, the following terms have the meanings attributed below:

(a) Fraud – An intentional act by one or more individuals among management, those charged
with governance, employees, or third parties, involving the use of deception to obtain an unjust
or illegal advantage.

(b) Fraud risk factors – Events or conditions that indicate an incentive or pressure to commit
fraud or provide an opportunity to commit fraud. Requirements Professional Skepticism

12. In accordance with ISA 2005, the auditor shall maintain professional skepticism throughout
the audit, recognizing the possibility that a material misstatement due to fraud could exist,
notwithstanding the auditor’s past experience of the honesty and integrity of the entity’s
management and those charged with governance. (Ref: Para. A7–A8)

13. Unless the auditor has reason to believe the contrary, the auditor may accept records and
documents as genuine. If conditions identified during the audit cause the auditor to believe that a
document may not be authentic or that terms in a document have been modified but not disclosed
to the auditor, the auditor shall investigate further. (Ref: Para. A9)

14. Where responses to inquiries of management or those charged with governance are
inconsistent, the auditor shall investigate the inconsistencies.

13th August 2023-Unit III- 6.2Terms of Audit engagements (ISA 210)

What is an Audit Engagement?

An audit engagement is an agreement between a client and an independent third-party auditor to

perform an audit of some element of the client’s business, such as accounting records, financial
statements, internal controls, regulatory compliance, information systems, operational processes,
etc.

The purpose of engaging a third-party auditor is to obtain an unbiased and independent

opinion on the organization’s ability to achieve the specified audit criteria. Your auditor should
be a subject matter expert who provides value in delivering conclusions on the effectiveness of
business processes and controls, while alerting the company of any risks identified.

How Does an Engagement Letter Work?

An engagement letter works with the same purpose as a traditional contract between two separate
parties. Its format is generally less formal than a contract and avoids the typical legal jargon that
most contracts have.

The letter is written to accurately but briefly describe the following:

1. The services
2. The deadlines
3. The terms and conditions
4. The compensation

While this letter is less formal than a contract, it is still a legal document. Meaning that in the
case of a business deal, the information contained within the letter is binding.

Essential Elements of an Engagement Letter

The essential elements of an engagement letter are as follows:

 Identification of both parties

 The scope of services
 The period of engagement
  The fee structure
 Responsibilities of each party
 Professional standards
 Confirmation of terms and conditions

Importance of an Engagement Letter

There are a number of important elements of an engagement letter that benefit both parties. Here
are some of the key ones:

They help you to set and keep track of expectations

They reduce the chance of scope creep occurring

They reduce risk for both parties

Advantages of an Engagement Letter

There are a number of benefits of engagement letters. When entering into a relationship between
a client and a business, it is important to set expectations.

The business has the advantage of being able to set the boundaries under which they’ll be
expected to work and what will be expected of them in terms of performance. This helps avoid
what’s known as a “scope creep”. This is where the scope of the project incrementally becomes
larger and larger, leading to a number of potential issues on both sides.

The letter can also cite any services that lie outside of the current agreement but could in theory
be added in the future as needed. This will come with an estimate of the cost of these additional
services.

When it comes to the client, they benefit from the added layer of reassurance of knowing when
the service will be completed and have a record of how much it will cost. The engagement letter
also clears up whether any other costs are involved that are not covered in the initial agreement.
An example of this may be additional software that has to be purchased separately by the client.

An engagement can also include a clause around mediation or binding arbitration for the
relationship. This aims to provide guidance for managing any disputes that may arise throughout
the process between the two parties.

If the relationship in question is long-term, many businesses will require that their engagement
letter is updated and signed again by the client on a regular basis. This can be quarterly, every six
months, or most commonly on an annual basis.

This clause allows for any changes that occur in the business relationship over time. It also
strengthens the legality of the document. It can also remind both parties about the scope of the
agreement.
Standard Format of an Engagement Letter

Each engagement letter will of course be unique to the two parties in question. However, they
will all tend to follow a similar format. The typical engagement letter format is as follows:

Parties

The letter will start by stating the parties relevant to the agreement. In most cases, one party will
be the client, and the other party will be the business.

Type of Service

Here you will outline the exact type of service that is being provided by the business to the
client.

Service Details

This section is used to go into specific detail about the service terms that will be provided. This
is an important part of the document in the bid to avoid any misunderstandings. It helps to set
clear expectations regarding what will take place and the standard of the work.

This section will also commonly outline the deadline or deadlines for the work, as well as the
structure of the fee.

Joint Responsibilities

Here you will lay out the responsibilities that have to be carried out by both parties when the
work is being undertaken.

Disclaimer

The disclaimer section is where you will outline the scope of the service being provided. It is
used to emphasize the limitations of the service and show any caveats with which the final result
must be viewed.

Validity and Termination

This section is used to lay out the period of engagement at which the agreement will be valid, or
perhaps when the service is fully completed. The termination section will state the reasons why
the agreement may be considered terminated and outline how to exit the engagement.
 26th August 2023 Unit-IV (A) Planning an audit (ISA 300)

Audit strategy and audit plan

ISA 300 states that audit planning activities should:

 establish the overall audit strategy.

 develop an audit plan.

Audit plans are comprehensive plans that professional auditors create to evaluate how a company
performs and whether they're doing so in a manner that's ethical and efficient.

What is an audit plan?

An audit plan is a detailed plan that professionals create before performing an audit on a
company or organization. This plan includes information about the standards the auditors aim to
uphold while performing the audit. It also includes the specific procedures and policies that the
auditors are to use to complete the audit. An audit plan also contains information about the scope
of the audit, the name and other defining information about the company in question, the
time frame over which the audit occurs and the professionals in charge of the audit.

Why are audit plans important?

Audit plans are important for a variety of reasons, many of which impact the auditor's ability to
smoothly and efficiently conduct an audit for a company. Typically, developing an audit plan
to follow provides the following important benefits to the auditor:

1. Defines the steps to take to complete an audit

2. Assists the auditor in obtaining documents, records and other evidence for the
circumstances
3. Helps with identifying any problems or challenges the auditor may encounter
4. Ensures the audit runs in a well-defined manner
5. Gives an idea of how much the audit is to cost
6. Establishes the scope of the audit
7. Ensures both the company and the auditor remain informed and updated on the audit

How to develop an audit plan

Developing an audit plan can be a straightforward and effective process if you follow a few
steps. It's important to note that depending on specific auditing requirements as outlined by the
state country live in, the company or organization you're auditing and any specific requests made
to you, there may be more or fewer steps to follow to develop this plan. You can follow these
steps when creating this type of plan:
1. Review risks

An important aspect of a company's health and standing is the amount of risk associate with it
and how ready the company is to handle that risk. As such, the first step in developing an audit
plan is to carefully asses all risks related to the company. It's important to pay close attention
to anything that may impact a company's ability to reach its goals and document this risk.
Additionally, it's important to consider the company's business risk in addition to its operating
environment.

2. Analyze accounting policies

Verify the appropriateness of accounting policies and procedures. When designing an audit
plan, the auditors will want to spend sufficient time developing an understanding of significant
accounting policies in use at the company. Accounting policies include procedures related to
revenue recognition, capitalization, accounting for inventory, consolidation, impairment and
valuation.

3. Determine materiality thresholds

Materiality thresholds refer to the size at which a misstatement can have a significant impact on
an individual's decision-making capabilities. This is an important size to gauge when creating an
audit plan for a company, so it's important to determine what the company's material thresholds
may be. This materiality is commonly relative to the actual size of the company in question, so
you typically use a percentage of the company's total assets or a percentage of its revenue as its
materiality threshold number.

4. Create plan expectations

Before you can design your audit procedures, it's important to outline your audit plan
expectations. In this step, you develop expectations for analytical procedures that you plan to
follow to perform your audit. Usually, these procedures include both ratio analysis and trend
analysis. Ratio analyses refer to comparing a company's financial standings in addition to its
financial condition and performance with that of the industry's averages. Trend analyses aim to
identify any anomalies in the company's accounting practices over certain periods of time.

5. Design audit procedures

A main component of your audit plan development involves the creation of auditing procedures
to following when conducting the audit. Audit procedures exist under two main categories,
which are substantive testing and tests of internal controls. Substantive testing refers to the
direct testing of transactions or tests that a company performed during a specific period
documented on financial reports. Depending on what you determine, you may conduct
substantive testing in a number of different areas or several times on areas where you place
special consideration.
Tests of internal controls refer to methods of reviewing a company's ability to detect and
prevent any types of material misstatements. This type of testing means to gauge the
effectiveness of the company's overall ability to handle risk and take impacts to its financial
standing.

6. Proof the plan

To conclude the development of your plan, try to reassess it and review it for quality, clarity and
accuracy. As you complete your audit, you actually reassess and change it as needed as you
uncover any additional risks to the company or any adjustments required. It's important to
remember to update anyone else involved with the audit, including fellow auditors and the
company you're auditing, of any changes you make to the plan so everyone's as informed and
updated as possible.

Unit-IV (B) Assessment of audit risks (ISA 315 and 330)

Risk Assessment

Risk assessment is the identification and analysis of relevant risks to the achievement of an
organization's objectives, for the purpose of determining how those risks should be managed.

Risk Assessment Procedures in Audit – What Are the Key Process?

This International Standard on Auditing (ISA) deals with the auditor’s responsibility to identify
and assess the risks of material misstatement within the financial statements through
understanding the entity and its surroundings which incorporates the entity’s control.

The following risk assessment procedures should be followed in an audit:

Understanding The Entity And Its Environment:

The auditor shall obtain an understanding of the following factors:

Relevant industry and different external factors such as the applicable financial reporting
framework.

The nature of the entity consists of its operations, its ownership and governance structures, the
types of investments that the entity is making and plans to make, which include investments in
special-purpose entities; and the manner that the entity is established and how it is financed, to
permit the auditor to recognize the classes of transactions, account balances, and disclosures in
the financial statements.

The entity’s selection and understanding of accounting policies. The auditor should evaluate
whether the entity’s accounting policies are appropriate for its enterprise and consistent with the
applicable financial reporting framework.
The entity’s goals and strategies and those related to commercial enterprise risks may result in
risks of material misstatement.

The size and assessment of the entity’s financial performance.

Obtaining an Understanding of Internal Control:

The auditor must acquire enough understanding of each component of internal control over
financial reporting to become aware of the types of potential misstatements.

The nature, timing, and extent of procedures that might be important to gain an understanding of
internal control depend upon the size and complexity of the company and the company’s nature
of documentation of its internal control over financial reporting.

Obtaining an understanding of internal control consists of comparing the design of controls

which can be applicable to the audit and determining whether the controls were implemented.

Internal control over economic reporting can be described as consisting of components that
consist of the control environment, the organization’s assessment process, information and
communication, control activities, and tracking of controls.

Components of Internal Control:

1) Control environment:

The auditor should obtain an understanding of the client’s control environment. Along with
obtaining this information, the auditor shall evaluate whether management has created and
maintained a culture of honesty and ethical conduct.

The strengths in the control environment elements collectively provide the appropriate basis for
the other components of internal control and whether those other components are not
undermined through deficiencies in the control environment.

2) Monitoring of Controls:

The auditor should understand the significant activities that the company uses to display the
effectiveness of its internal control over financial reporting and how the organization initiates
corrective actions related to its controls.

3) Performing Walkthroughs:

The auditor may carry out walkthroughs as part of obtaining information on internal control over
financial reporting.
To perform a walkthrough, the auditor follows a transaction from origination through the
company’s processes. Walkthrough procedures include a combination of inquiry, observation, an
inspection of relevant documentation, and re-performance of controls.

4) Performing Analytical Procedures:

The auditor should perform analytical procedures designed to enhance the auditor’s
understanding of the client’s business and the significant transactions and events that have
occurred since the prior year-end and become aware of areas that could constitute specific risks
relevant to the audit.

(What is a Material Misstatement?

A material misstatement is information in the financial

statements that is sufficiently incorrect that it may impact the
economic decisions of someone relying on those statements.)
5) Identifying and Assessing Risks of Material Misstatement:

The auditor should determine risks of material misstatement at the financial statements level. In
identifying and assessing risks of material misstatement, the auditor should discover risks of
misstatement using information obtained from performing risk assessment procedures and decide
whether any of the identified risks of material misstatement are significant risks.

6) Factors Relevant to Identifying Fraud Risks:

The auditor must evaluate whether the information obtained from the risk assessment procedures
indicates that one or more fraud risk factors are present and should be considered in identifying
and assessing fraud risks.

7) Further Consideration of Controls:

When the auditor has decided that a significant risk, including fraud risk, exists, the auditor
should evaluate the design of the company’s controls meant to address fraud risks and other
significant risks and decide whether those controls were properly implemented.

8) Revision of Risk Assessment:

When the auditor obtains audit evidence during the course of the audit that may challenge the
audit evidence on which the auditor originally based their risk assessment, the auditor must
revise the risk evaluation and modify audit approaches in response to the revised risk
assessments.
 Unit-V (A) Audit Materiality (ISA 320)

The word "materiality" basically means how important or significant something is in relation to
the financial statements as a whole.

ISA 320 Materiality in Planning and Performing an Audit says [defines] the following about the
term:

‘A matter is material if its omission or misstatement would reasonably influence the economic
decisions of users taken on the basis of the financial statements.’

This definition basically says that whether something is "material" or not depends on how big the
item is or how important the error or omission on the financial statements is.

Types of Materiality

There are two types of materiality:

1. Financial Statement Materiality; and

2. Performance Materiality.

Financial statement materiality is calculated for the financial statements as a whole (see later),
and this calculation is based on the auditor's experience and judgment.

Performance materiality is the amount or amounts set by the auditor that are less than
materiality for the financial statements as a whole.

This is done to make it less likely that the total number of uncorrected and undetected mistakes
will add up to more than what is considered "material" for the financial statements. Thus,
performance materiality reduces the probability that the aggregate amount of uncorrected and
undetected misstatements exceeds the materiality level for the financial statements.

The level of performance materiality selected is a matter of professional judgment and is

impacted by the auditor’s understanding of the client, including the types and amounts of
misstatements found during previous audits of the client; these matters impact the auditor’s
expectations regarding misstatements that might be present in the current period. The
performance materiality level can be set at different levels for different accounts.

Importance of Audit Materiality

The concept of audit materiality is very important, which is based on both qualitative as well as
quantitative aspects. The auditor is responsible for correctly determining the materiality of
misstated financial information. In case the auditor discovers any material misstatement in the
financial reporting of a company, it his or her responsibility to bring it to the client’s notice for
rectification. In this way, the auditors help the end-users of the financial statements who take
their economic decisions on the basis of the disclosures in the financial reporting, such as related
party transactions, contingent liabilities, any material change in accounting policies, etc.

Relevance of Audit Materiality

An auditor needs to decide on the level of materiality based on the entirety of the financial
statements, which includes the content of the financial statements as well as the kind of testing.
The ultimate decision of the auditor is based on his or her judgment about the misstatement’ size,
nature, surrounding circumstances, and impact on the users of the financial statements.

UNIT-V-(B) Audit Evidence (ISA 500)

What Is Auditing Evidence?

Auditing evidence is the information collected for review of a company's financial transactions,
internal control practices, and other items necessary for the certification of financial
statements by an auditor or certified public accountant (CPA). The amount and type of auditing
evidence considered vary considerably based on the type of firm being audited as well as the
required scope of the audit.

Understanding Auditing Evidence

The goal of any audit is to determine whether a company's financial statements comply
with generally accepted accounting principles (GAAP), international financial reporting
standards (IFRS), or another set of accounting standards applicable to an entity's jurisdiction.
Publicly traded companies are generally required to present fully audited financial statements to
shareholders periodically, and thus the compilation and organization of auditing evidence are
essential for auditors and accountants to do their work. In short, auditing evidence is meant to
provide auditors with the information for them to make the judgment on whether or not financial
statements are accurate and true.

Characteristics of Auditing Evidence

Good auditing evidence can be measured by the extent of the following characteristics:

Sufficiency: Sufficiency takes into account whether or not the material provided is of an
adequate quantity that would allow auditors to make an accurate judgment. If an auditor was
given just one bank statement of a company, it would not be enough to make any determinations
on the financial standing of that company.

Reliability: Reliability seeks to determine whether or not the material can be trusted and counted
on for forming an opinion. Reliability typically factors from the source of the information.

Source: The source of accounting evidence can be obtained directly from the company or
externally. Externally sourced information is generally regarded as more trustworthy and is
therefore preferred.
Nature: Nature refers to the type of information that is received. For example, the information
can be provided through legal documents, presentations, orally from employees, or through a
physical confirmation.

Relevance: Depending on the type of audit being conducted, how pertinent the information
received is in relation to the overall analysis is a guiding factor.

In general, auditors prefer information that is written as opposed to that which is provided orally.
They also prefer:

 Information that is from a third-party source as opposed to that from inside the company
 Original documents as opposed to copies of those documents
 A strong understanding of the firm by the auditor to request appropriate auditing
evidence
 Firsthand observations by the auditor as opposed to the documentation provided via
another source

Example of Auditing Evidence

Company ABC has enlisted the auditing services of the accounting firm, Anderson Brothers, to
have their financial statements from the fiscal year 2020 audited. The auditor begins working on
the audit and requests information regarding reported revenues and bank balances. To obtain
accurate and reliable information, regarding revenues, the auditor requests sales receipts and
invoices and a physical examination of inventory. Regarding bank balances, the auditor requests
all of the bank statements of the company directly from ABC's bank. All of this information; the
receipts, invoices, physical observations, and bank statements are regarded as auditing evidence.

3rd September 2023 Audit sampling (ISA 530)

What Is Audit Sampling?

Audit sampling is a technique used by auditors to select a representative sample of data from a
larger population to obtain reasonable assurance that the financial statements are free of material
misstatements. This approach reduces the cost and time of conducting a full audit on the entire
population.

Benefits of audit sampling include reducing the cost and time of the audit, providing reasonable
assurance, and complying with auditing standards. In contrast, disadvantages include the risk of
not detecting material misstatements and the possibility of incorrect conclusions.

Audit sampling is a technique used by auditors to select a representative sample of data from a
larger population to obtain reasonable assurance that the financial statements are free of material
misstatements.

The audit sampling process involves three main phases: planning, execution, and evaluation.
There are two main methods of audit sampling: statistical sampling and non-statistical sampling.

Advantages of audit sampling include reducing the cost and time of the audit, providing
reasonable assurance, and complying with auditing standards. In contrast, disadvantages include
the risk of not detecting material misstatements and the possibility of incorrect conclusions.

Audit Sampling Process Explained

The audit sampling process involves conducting audit of financial statements in three phases –
planning, execution, and evaluation.

In the planning phase, the auditor determines the sample size, selects the sampling method, and
identifies the sample selection criteria.

During the execution phase, the auditor collects the data from the selected sample, analyzes it,
and draws conclusions based on the results.

Finally, in the evaluation phase, the auditor assesses the results and determines the level of
confidence that can be placed on the financial statements.

Methods of Audit Sampling

There are two main methods of audit sampling: statistical sampling and non-statistical sampling.
Statistical sampling involves using probability theory to select a sample representative. Non-
statistical sampling, on the other hand, involves using auditor judgment to select a sample
representative of the population.

#1 – Statistical Sampling

Statistical sampling is a method that uses probability theory to select a sample that is
representative of the population. First, the auditor determines the sample size and selects the
sample using a random or systematic selection process. Then, the auditor calculates the sample
size using statistical methods, such as a confidence level and a margin of error, to ensure that the
sample is large enough to provide reasonable assurance that the results of the sample can be
projected to the population.

#2 – Non-Statistical Sampling

Non-statistical sampling, on the other hand, involves using auditor judgment to select a sample
representative of the population. The auditor selects items from the population based on
materiality, risk, or unusual transactions. Non-statistical sampling can be further classified into
haphazard sampling and block sampling. Haphazard sampling involves selecting items without
any specific method, while block sampling involves selecting items in a contiguous block.

Reasons
Auditors use audit sampling for several reasons, including to reduce the cost and time of
conducting a full audit on the entire population, to obtain reasonable assurance that the financial
statements are free of material misstatements, and to comply with auditing standards.

#1 – Efficiency

Audit sampling can help auditors to complete an audit more efficiently. For example, the auditor
can select a representative sample for testing instead of examining every transaction or item in
the population. This can save time and resources, especially when the population is large or
complex.

#2 – Cost-Effectiveness

Conducting a full audit of a large population can be costly. Audit sampling can reduce an audit’s
cost by allowing the auditor to examine a smaller population subset.

#3 – Risk Management

Audit sampling helps auditors manage audit risk as it reasonably assures that the sample results
represent the population. By testing a sample of transactions, the auditor can gain insight into the
population and identify potential risks or errors.

#4 – Objectivity

Using statistical sampling methods gives the auditor an objective basis for selecting a sample.
This can increase the reliability and credibility of the audit results.

#5 – Compliance

Auditors must often use audit sampling by professional standards, such as those set by the
International Auditing and Assurance Standards Board (IAASB) and the American Institute of
Certified Public Accountants (AICPA). Using audit sampling can help ensure that the audit
complies with these standards.

Conclusion

The purpose of audit sampling is to appropriately test the right samples and determine the
operating effectiveness of controls in the organization. But, before proceeding with this
technique, the auditor should review and consider the sampling method, sample size, acceptable
rate of deviation.

The auditor should consider the level of tolerable misstatement that the technique can lead to and
the impact of misstatement. The auditor must investigate the possible effect on the purpose of the
audit procedure and the other audit areas.
The auditor should also perform additional audit procedures to obtain substantial audit evidence
that the misstatement or deviation does not affect the remainder of the population. The auditors
should use their professional judgment to assess audit risk and establish appropriate procedures
and methods for testing.

Substantive procedures (ISA 330)

What are Substantive Procedures?

Substantive procedures are the method or audit tests designed by an auditor to evaluate the
financial statements of the company, which require an auditor to create conclusive evidence for
verifying the completeness, accuracy, existence, occurrence, measurement, and valuation (audit
assertions) of the financial records of the business.

Substantive procedures are audit procedures performed by the auditor to obtain adequate audit
evidence to support the auditor’s opinion on the financial statements.

It is used to calculate the company’s financial statements and to analyze the completeness,
accuracy, existence, occurrence, measurement, and valuation of the business’s financial records.

Test of details and substantive analytical procedures are the two types of substantive procedures.

Substantive audit procedures are used to collect evidence about the business transaction and its
occurrence and validity and verify its existence. In addition, the accounting treatment
genuineness can also be tested.

Example of Substantive Procedure

For example, there is a company named BSR Trading, whose financial statements of the
company show the following balances:
Types

There are two types which are as follows:

#1 – Test of Details

Test of details refers to collecting evidence that helps evaluate the correctness of the account
balances, disclosures, and other accounting transactions made by the business entity in their
financial statements.

#2 – Substantive Analytical Procedures

Analytical procedures are an important method performed while conducting the process of
auditing. In the analytical procedures, the evaluations are made on the financial statements by
studying the plausible relationships between financial and non-financial data. For example,
computation of ratios, comparing past year balances with the current year, etc.

Importance

The substantive procedure is important to check the accuracy & completeness of a business
transaction, measurement & valuation of an asset or liability of that business, and check that all
material items are disclosed properly, etc. These procedures are important while conducting the
audit to comment upon the truth and fairness of the company’s financial statements. It assures
the following assertions to the auditor:
The existence of assets and liability on the given date.

The assets reported must be owned by the company on the given date.

The liabilities reported must be the company’s obligations to pay on the given date.

All the assets and liabilities that existed should be appropriately valued and recorded in the
company’s financial statements.

Events or recorded transactions must be related to that auditing period only.

The transaction is recorded at the correct amount, and only those expenses and revenues are
recorded that pertain to that period.

Conclusion

Substantive audit procedures are tests designed to collect evidence about the business
transaction. The occurrences, validity, and existence of the transaction can be verified, and the
accuracy of their accounting treatment can be checked.

Tests of controls (ISA 330)

What are Tests of Controls?

A test of controls is an audit procedure to test the effectiveness of a control used by a client
entity to prevent or detect material misstatements. Depending on the results of this test, auditors
may choose to rely upon a client's system of controls as part of their auditing activities. If the
auditors encounter an error in a test of controls, they will expand the sample size and conduct
further testing. If additional errors are found, they will consider whether there is a systematic
controls problem that renders the controls ineffective, or if the errors appear to be isolated
instances that do not reflect upon the overall effectiveness of the control in question. If the
auditors conclude that controls are weak, they will enhance their use of substantive testing,
which usually increases the cost of an audit.

A test of controls is made irrespective of the dollar amount of the underlying business
transaction. The main point of the test is to see if a control functions properly, so the dollar
amount of a transaction is not of consequence to the goal of the test.
Advantages and disadvantages of Test of Controls

Advantages of Tests of controls

(1) Tests of controls facilitate the auditor to ascertain whether a control system in action is
effective or not. If properly designed controls are working as prescribed, auditors can reduce the
level of substantive testing required at the period end.

(2) Tests of controls mean that auditors do not have to concentrate all of their efforts on
substantive procedures at the period end which would in many cases be impractical,
unproductive and not cost effective.

Disadvantages of Tests of controls

(1) Tests of controls are often performed on a sample basis

(2) Tests of controls are often performed on routine transactions for which there are high quality
automated controls. The very high risk areas in financial statements are often outside this area
and relate to non-routine transactions and more intangible environmental or general controls
which are not easy to test.

The following are general classifications of tests of controls:

Reperformance Classification

Auditors may initiate a new transaction, to see which controls are used by the client and the
effectiveness of those controls.

Observation Classification

Auditors may observe a business process in action, and in particular the control elements of the
process.

Inspection Classification

Auditors may examine business documents for approval signatures, stamps, or review check
marks, which indicate that controls have been performed. If the inspection approach is used, a
test of controls is typically conducted for a sample of documents related to transactions that
occurred throughout the year. Doing so provides evidence that the system of controls has
operated in a reliable manner throughout the reporting period.
Analytical procedure (ISA 520)
What Are Analytical Procedures?

Analytical procedures are techniques used in financial auditing and analysis to evaluate financial
information through comparison and analysis. These procedures involve using ratios, trends, and
comparisons of financial information. One of its primary aims is to identify potential risks and
areas of concern.

It also aims to assess the overall financial statement, evaluate internal controls‘effectiveness,
increase the audit process’s efficiency, and provide valuable information for decision-making. It
can be performed at various stages of the audit or analysis process, including planning,
substantive testing, and overall review. They can be performed manually or with the help of
computer software.

Analytical procedures in an audit are a powerful tool that can help auditors gain insights into the
financial performance of an organization. It can be used at different stages of an audit, including
planning, interim review, and final review.

Risk assessments are performed at the planning stage of the audit to identify areas of the
financial statements that may be at higher risk of material misstatement or errors.

Substantive analytical procedures are performed to test account balances or transactions and to
obtain audit evidence supporting financial statement assertions.
Analytical Procedures Explained

Analytical procedures can be highly effective in financial auditing and analysis. These
challenges include data availability and quality, subjectivity, limitations of the techniques,
industry-specific challenges, and interpretation of results.

Importance

Some of them are below.

Enhanced Efficiency: It helps auditors and analysts quickly identify potential financial
statement issues. By identifying potential risks early in the audit or analysis process, auditors and
analysts can plan their work more effectively, improving overall efficiency.

Improved Quality of Financial Reporting: It can help identify errors, omissions, or other
irregularities in financial statements. By identifying these issues, auditors and analysts can help
to ensure that the financial statements are accurate and complete.

Enhanced Risk Assessment: It helps auditors and analysts to assess the risk of material
misstatements in the financial statements. By identifying potential risk areas, auditors and
analysts can develop appropriate audit or analysis procedures to mitigate those risks.

Better Decision Making: It provides valuable information to management, investors, and

other stakeholders.