AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER

ALAMO, MARK JOSEPH S.

AC17&18: ASSURANCE PRINCIPLES,

PROFESSIONAL ETHICS AND GOOD
GOVERNANCE

• AUDIT – AN OVERVIEW
• THE PROFESSIONAL STANDARDS
• THE AUDITOR’S RESPONSIBILITY
• THE AUDIT PROCESS – ACCEPTING AN ENGAGEMENT
• AUDIT PLANNING
• CONSIDERATION OF INTERNAL CONTROL
• AUDITING IN AN COMPUTERIZED ENVIRONMENT
• PERFORMING SUBSTANTIVE TESTS
• AUDIT SAMPLING
• COMPLETING THE AUDIT
• AUDIT REPORTS ON FINANCIAL STATEMENTS
• ASSURANCE AND RELATED SERVICES
• THE CODE OF ETIHICS AND REPUBLIC ACT 9298
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

AUDIT – AN OVERVIEW
“An audit is a systematic process of objectively obtaining and evaluating evidence regarding assertions about economic actions and
events to ascertain the degree of correspondence between the assertions and established criteria and communicating the results to
interested users.” – AASC

Types of Audit

1. Financial Statement Audit – audit conducted to determine whether the FSs of an entity are fairly presented
with an identified financial reporting framework. (Conducted by EXTERNAL AUDITORS)
2. Compliance Audit – a review of an organization’s procedures to determine whether the organization adhered
to specific procedures, rules, contracts, or regulations. (Conducted usually by GOVERNMENT AUDITORS)
3. Operational Audit – study of a specific unit of the organization for the purpose of measuring its performance.
(Conducted usually by INTERNAL AUDITORS)

The Independent Financial Statement Audit

• MANAGEMENT is responsible for preparing and presenting the FSs in accordance with the financial
reporting framework.
• The AUDITOR’S RESPONSIBILITY is to form and express an opinion on the FSs based on his audit.
• An audit conducted with PSA is designed to provide only REASONABLE ASSURANCE that the FSs taken as a
whole are free from material misstatements.

Limitations of an Audit

1. Sampling Risk/ Use of Testing 4. Inherent Limitations of the Client’s Accounting

2. Error in Application of Judgment/ Non-sampling and Internal Control Systems
risk 5. Nature of Evidence
3. Reliance on Management’s Representation

General Principles Governing the Audit of Financial Statements

1. Code of Professional Ethics 3. Attitude of Professional Skepticism

2. Philippine Standards on Auditing (PSA)

Need for an Independent Financial Statement Audit

1. Conflict of Interest
2. Expertise
3. Remoteness
4. Financial Consequences

Theoretical Framework of Auditing (Assumptions or Ideas that Support the Audit Function)

1. Financial Data are Verifiable

2. Independence
3. No Long-Term Conflict
4. Effective Internal Control
5. Consistent application of GAAP/PFRS
6. Continuity
7. Benefits the Public
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

THE PROFESSIONAL STANDARDS

Generally Accepted Auditing Standards (GAAS)

It represents measures of the quality of auditor’s performance. These standards should be looked as MINIMUM
STANDARD of performance that auditors should follow.

General Standards Standards of Fieldwork Standards of Reporting

Technical Training and Proficiency Planning GAAP

Independence Internal Control Consideration Inconsistency

Professional Care Evidential matter Disclosure

Opinion

PHILIPPINE STANDARDS ON AUDITING (PSA)

The Philippine Standard on Auditing (PSA) establishes the independent auditor’s overall responsibilities when
conducting an audit of financial statements in accordance with PSAs. These are issued by AASC as interpretations to
GAAS.

Practice Statements – are additions to these standards to provide practical assistance to auditors in implementing
the standards and to promote good practice in the accountancy profession.

SYSTEM OF QUALITY CONTROL

Quality controls are policies and procedures adopted by CPAs to provide reasonable assurance of conforming to
professional standards in performing audit and related services.

Elements of Quality Control (PSA 220)

1. Leadership Responsibilities for Quality on Audits

2. Ethical Requirements (Integrity, Objectivity, Professional Competence & Due Care, Confidentiality, Professional
Behavior)
3. Independence
4. Acceptance and Continuance of Client Relationships
5. Human Resources and Assignment (Recruitment, Performance evaluation, Capabilities, Career Dev’t,
Engagement Team Assignment)
6. Engagement Performance (Direction, Supervision, Review, Consultation, Engagement Quality Control Review,
Differences of Opinion)
7. Monitoring

QUALITY CONTROL

REVIEW

The government thru the Professional Regulatory Board of Accountancy (BOA) has required all CPA firms and
individual CPA firms and individual CPAs in public practice to obtain a certificate of accreditation to practice public
accountancy.

Quality Review Committee (QRC) – created by PRC which shall conduct a quality review on applicants for registration to
practice public accountancy.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

AUDITOR’S RESPONSIBILITY
The auditor’s responsibility is to design the audit to provide reasonable assurance of detecting material misstatements in the FSs. Th
Error
Fraud
Noncompliance with Laws and Regulations

ERROR – refers to unintentional misstatements in the financial statements

Examples: Mathematical or clerical mistakes, incorrect accounting estimates, mistake in application of accounting policies

FRAUD – refers to intentional act by one or more individuals among management, employees, or third parties which results in
misrepresentation of financial statements.
Types of Fraud:
1. Management Fraud/ Fraudulent Financial Reporting – involves intentional misstatements or omissions of
amounts or disclosures, usually done by members of management or those charged with governance.
Examples: manipulation of documents or records, misrepresentation of effects of transactions, recording of
transactions w/o substance, intentional application of accounting policies
2. Employee Fraud/ Misappropriation of assets – fraud that is accompanied by false or misleading records in order
to conceal the fact that assets are missing.
Examples: embezzling receipts, stealing entity’s assets, lapping of AR

RESPONSIBILITY OF MANAGEMENT AND THOSE CHARGED WITH GOVERNANCE (PSA 240)

Management – to establish a control environment and to implement internal control policies designed to ensure the
DETECTION AND PREVENTION of fraud and error.
Individuals charged with governance – to ensure the integrity of entity’s accounting and financial reporting systems

AUDITOR’S RESPONSIBILITY:

The auditor is not and cannot be held responsible for the prevention of fraud and error. The auditor’s responsibility is to
design the audit to obtain reasonable assurance that the FS are free from material misstatements whether caused by error or
fraud.

PLANNING PHASE TESTING PHASE COMPLETION PHASE

The auditor
Perform procedures necessary to determine whether should
material obtain a written
misstatements exist. representation from th
1. Make inquiries of
management about When
Consider whether such a misstatement resulted from theor
error auditor
fraud. believes that
(Errors will material
only result error/fraud exist
to adjustment o
possibility of misstatement
If the auditor is unable to evaluate the effect of fraud on
2. Assess the risk that fraud/error may cause the FS to contain material
misstatements.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

FRAUD RISK FACTORS RELATING TO MISSTATEMENTS RESULTING FROM FRAUD

FRAUDULENT FINANCIAL MISAPPROPRIATION OF ASSETS

REPORTING (MANAGEMENT (EMPLOYEE FRAUD)
FRAUD) 1. Susceptibility of Assets to Misappropriation
1. Management’s Characteristics and Influence Over - These fraud risk factors pertain to the nature
Control Environment of an entity’s assets and the degree to
• These fraud risk factors pertain to 5mgmt.’s abilities, which they are subject to theft.
pressures, styles, and attitude relating to internal control and (Ex.: large amount of cash on hand, inventory
financial reporting process. characteristics, easily convertible assets, etc.)
(Ex.: non-financial 5mgmt. participates excessively, high turn-
over of 5mgmt.., etc.) 2. Controls
2. Industry Conditions - These fraud risk factors involve the lack of
• These fraud risk factors involve the economic and controls designed to prevent or detect
regulatory environment in which the entity operates. misappropriation of assets.
(Ex.: new accounting/statutory req. that impairs financial (Ex.: lack of appropriate 5mgmt. oversight,
stability of the entity) inadequate record keeping of assets, poor
3. Operating Characteristics and Financial Stability physical safeguards, lack of timely
• These fraud risk factors pertain to the nature and complexity documentation for transactions)
of the entity and its transactions, the financial condition, and
profitability.
(Ex.: inability to generate cash flows while reporting earnings)

NONCOMPLIANCE WITH LAWS AND REGULATIONS – refers to acts or commission by the entity being audited, either
intentional or intentional, which are contrary to the prevailing laws or regulations.
Examples: Tax evasion, violation of environmental protection laws, inside trading of securities, violation of SEC
requirements
MANAGEMENT’S RESPONSIBILITY (PSA 250) – to ensure that the entity’s operations are conducted in accordance with laws
and regulations. The responsibility for the prevention and detection of noncompliance rests with management.
AUDITOR’S RESPONSIBILITY:
An audit cannot be expected to detect noncompliance with all laws and regulations . Nevertheless, the auditor should
recognize that noncompliance by the entity with laws and regulations may materially affect the FS.
PLANNING PHASE TESTING PHASE COMPLETION PHASE

1. Obtain a general When the auditor is aware 6. The auditor shouldobtain a written
understanding of the legal concerning instance of noncompliance, evaluate the possible effect
representation on the FS.
from the client’s
and regulatory framework management.
applicable to entity When the auditor believes there maybe noncompliance, the auditor should document the
findings,
2. Design procedures to help identify instances discuss them with laws and
of noncompliance
When the auditor believes that there is
regulations
noncompliance, the auditor should request the mgmt. to re

If a scope limitation has precluded the auditor from obtain

qualified opinion or a disclaimer of opinion.

3. Design audit procedures to with

obtain auditsufficient appropriate mgmt.andconsider the

evidence about implication on other aspects of

the audit.
compliancewithlawsand
regulations

• Auditors are primarily concerned with the noncompliance what will have a direct and material effect in the FS.
• Noncompliance may involve conduct designed to conceal it such as collusion, forgery, senior 5mgmt. override
of controls, failure to record transactions, or intentional misrepresentations being made to auditor.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

THE AUDIT PROCESS – ACEEPTING AN ENGAGEMENT

FINANCIAL STATEMENT ASSERTIONS

Assertions about classes of Assertions about account balances at Assertions about presentation and
transactions and events for the the period end: disclosure:
period under audit:
• Completeness • Rights and Obligations • Completeness
• Occurrence • Existence • Occurrence and rights and
• Cutoff • Completeness obligations
• Accuracy • Valuation and allocation • Classification and
• Classification understandability
• Accuracy and valuation
AUDIT PROCEDURES
The procedures selected should enable the auditor to gather sufficient appropriate evidence about a particular
assertion.
• Inspection – involves examining of records, documents, or tangible assets.
• Observation – consists of looking a process or procedure being performed by others.
• Inquiry – consists of seeking information from knowledgeable persons inside or outside the entity.
• Confirmation – consists of the response to an inquiry to corroborate information contained in the
accounting records.
• Computation – consists of checking the arithmetical accuracy of source documents and accounting records or
performing independent calculations.
• Analytical Procedures – consist of the analysis of significant ratios and trends including the resulting
investigation of fluctuations and relationships that are inconsistent with other relevant information or
deviate from particular amounts.
Audit evidence – refers to the information obtained by the auditor in arriving at the conclusions on which the audit
opinion is based. Audit evidence will comprise source documents and accounting records underlying the financial
statements and corroborating information from other sources.

ISSUING A REPORT

Forms a conclusion on FS (in

COMPLETING THE AUDIT the form of opinion)
OVERVIEW OF THE
AUDIT PROCESS
Satisfy that the evidence gathered is consistent
with auditor’s report.
PERFORMING SUBSTANTIVE TESTS

Examination of documents and evidences

supporting the amounts and disclosures in the FS

CONSIDERING INTERNAL CONTROL

Obtaining understanding of entity’s control

systems and assessing level of control risk
AUDIT PLANNING

Obtaining detailed
ACCEPTING AN ENGAGEMENT knowledge about the entity and preliminary assessment of risk and materiality

Evaluation of auditor’s qualification and auditability of

prospective client’s FS
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

ACCEPTING AN ENGAGEMENT
In deciding whether to accept or reject an engagement, the firm should consider:
1. Competence – acquired through a combination of education, training, and experience. The auditor should
obtain a preliminary knowledge of client’s business and industry to determine whether the auditor has
the degree of competence required by the engagement.
2. Independence – the auditor should consider whether there are threats to audit team’s independence and
objectivity and, if so, whether adequate safeguards can be satisfied.
3. Ability to serve the client properly – An engagement should not be accepted if there are no enough qualified
personnel to perform the audit. PSA 220 suggests that the audit work should be assigned to personnel who
have the appropriate capabilities, competence, and time to perform the audit enga gement in accordance with
professional standards.
4. Integrity of the management – PSA 220 requires the firm to conduct a background investigation of the
prospective client in order to minimize the likelihood of association with clients whose mgmt. lacks
integrity. This involves:
• Making inquiries of appropriate parties in the business community
• Communicating with the predecessor auditor

RETENTION OF EXISTING CLIENTS

• Clients should evaluate at least once a year or upon occurrence of major events such as changes in mgmt.,
ownership, nature of client’s business, etc.
• In general, conditions that would cause the firm to reject the prospective client may also lead to decision of
terminating an audit engagement.
ENGAGEMENT LETTER
• This serves as the written contract between the auditor and the client. This letter sets forth:
□ The objective of the audit of FS which is to express an opinion on the FS.
□ The mgmt.’s responsibility for the fair representation of the FS.
□ The scope of the audit.
□ The forms or any reports or other communication that the auditor expects to issue.
□ The fact that because of limitations of the audit, there is an unavoidable risk that material
misstatements may remain undiscovered.
□ The responsibility of the client to allow the auditor to have unrestricted access to whatever
records, documentation, and other information requested in connection with the audit.
□ Billing arrangements
□ Expectations of receiving mgmt. representation letter.
□ Arrangements concerning the involvement of others (experts, other auditors, internal auditors, etc.)
□ Request for the client to confirm the terms of the engagement
• Importance of the engagement letter – (1) to avoid misunderstanding with respect to the mgmt. and (2)
document and confirm the auditor’s acceptance of the appointment
• Recurring audits – the auditor does b=not normally send new engagement letter every year, unless (1) client
misunderstands the objective and scope of audit, (2) revised or special terms of the engagement (3) recent
change of senior mgmt., (4) significant change in nature or size of business (5) legal and gov’t
pronouncements
• Audit of components – the auditor will consider the factors whether they will send a separate letter to
component: (1) who appoints the auditor of component, (2) whether a separate audit report is to be issued
on the component, (3) legal requirements, (4) the extent of any work performed by other auditor (5) degree
of ownership by parent, (6) degree of independence of the component’s mgmt.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

AUDIT PLANNING
Audit planning – involves developing a general audit strategy and a detailed approach for the expected conduct of the audit. The auditor’s main

PSA 315 requires the auditor to obtain sufficient understanding of the entity and its environment including the internal
control. Such understanding involves obtaining knowledge of entity’s:
• Industry, regulatory, and other external factors, including financial reporting framework
• Nature of the entity
• Objectives and strategies and the related risks that may result in material misstatement of FS
• Measurement and review of entity’s performance
• Internal control

Additional Consideration on New Engagements

PSA 510 requires the auditor to obtain sufficient appropriate audit evidence that:
• The opening balances do not contain misstatements that materially affect the current year’s FS
• The prior period’s closing balances have been correctly brought forward to the current period or, when
appropriate, have been restated
• Appropriate accounting policies are consistently applied or changes in accounting policies have been
properly accounted for and properly disclosed

Developing an Overall Audit Strategy

The best strategy is the approach that results in the most efficient audit – that is, an effective audit performed at the
least possible cost. An audit plan should be made regarding:
• How much evidence to accumulate
• How and when this should be done

When developing an audit strategy, the auditor must consider carefully the appropriate levels of materiality and audit
risk.

MATERIALITY
• “Information is material if its omission or misstatement could influence the economic decision of users”
• In designing an audit plan, the auditor should make a preliminary estimate of materiality.
• Materiality may be viewed as: (1) the largest amount of misstatement that the auditor could tolerate in the
FS or (2) the smallest aggregate amount that could misstate the FS
• There is an inverse relationship between materiality and evidence.
• Use of materiality: (1) in the planning stage, to determine the scope of the audit and (2) in the completion
stage, to evaluate the effect of misstatements in the FS
• Using materiality levels:

PLANNING STAGE Step 1. Determine the Overall Materiality – Financial Statement Level*
Step 2. Determine the Tolerable Misstatement – Account Balance
Level** Perform audit procedures
COMPLETION STAGE
Step 3. Compare the aggregate amount of misstatements with overall materiality

* Common method of estimating materiality at FS level is statement base (total assets, sales, etc.) x certain %
** Also known as performance materiality. This process is highly subjective and requires the exercise of great deal of
auditor’s judgment
• Bases that can be used to determine materiality level: alternative for annual FS if not available – annualized
interim FS, prior year’s FS, budgeted FS for the current year
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

AUDIT RISK
• AUDIT RISK refers to the risk that the auditor gives an inappropriate audit opinion on the FS. This occurs
because the auditor believes that the FS are fairly stated when in fact the FS are materially misstated.
• Audit Risk Model

Audit Risk = Inherent Risk * Control Risk * Detection Risk

• INHERENT RISK is the susceptibility of an account balance or class of transactions to a material
misstatement assuming that there are no related internal controls.
PSA 315 requires the auditor to assess inherent risk at FS level and account balance/transaction level. Factors
that affect the risk of misstatement at FS level include:
□ Management integrity
□ Management Characteristics (e.g. aggressive attitude toward financial reporting)
□ Operating Characteristics (e.g. profitability of the entity relative to its industry)
□ Industry Characteristics (e.g. industry is experiencing a large no. of business failures)
Factors affecting inherent risk at the account balance level include:
□ Susceptibility of the account to theft
□ Complexity of calculations related to account
□ The complexity underlying transactions and other events.
□ The degree of judgment involved in determining account balances
• As the assessed level of INHERENT RISK INCREASES, the auditor should design MORE EFFECTIVE
SUBSTANTIVE PROCEDURES.

• CONTROL RISK is the risk that the material misstatement that could occur in an account balance or class
of transactions will not be prevented or detected on a timely basis by accounting and control systems.
• Control risk is related to the effectiveness of the client’s internal control.
• If the entity’s internal control is effective, the assessed level of control risk decreases (and vice versa).
• As the assessed level of CONTROL RISK INCREASES, the auditor should design MORE EFFECTIVE
SUBSTANTIVE PROCEDURES.

• DETECTION RISK is the risk that an auditor’s substantive procedure will not detect a material misstatement.
• Detection risk is a function of the effectiveness of the auditor’s substantive procedures.
• As the acceptable level of DETECTION RISK DECREASES, the ASSURANCE DIRECTLY PROVIDED FROM
SUBSTANTIVE TESTS INCREASES. Hence, the auditor should design more effective audit procedures in order
to achieve the desired level of assurance.
• Unlike inherent and control risk, THE AUDITOR CAN CONTROL THE LEVEL OF DETECTION RISKS by
performing more effective substantive procedures.
• Steps in using the audit risk model:
AUDIT PLANNING Step 1. Set the desired level of audit
risk.* Step 2. Assess the level of inherent
CONSIDERATION OF INTERNAL CONTROL
risk. ** Step 3. Assess the level of control
PERFORMING SUBSTANTIVE TESTS risk. ***
Step 4. Determine the acceptable level of detection risk. ****
Step 5. Design substantive tests.
* The auditor uses his judgment in determining the risk that he is willing to take of accepting an assertion as fairly stated when in fact is materially misstated.
** Consider the specific factors related to client that may aff ect the risk of material misstatement for a particular amount. In making this assessment, the
auditor will rely primarily on his knowledge of the client’s business and industry, and the results of his preliminary analytical procedures.
*** Assessment of control risk would involve studying and evaluating the effectiveness of the client’s accounting and internal control systems.
**** The acceptable level of detection risk can be determined as follows:
Detection risk = Audit Risk
Inherent risk * Control Risk
Nature Timing Extent

Low Acceptable Level of Detection Risk More effective substantive procedures year-end procedures larger sample size

High Acceptable Level of Detection Risk Less effective substantive procedures Tests at interim smaller sample size
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

RELATIONSHIP BETWEEN MATERIALITY AND RISK

• There is an INVERSE RELATIONSHIP between MATERIALITY and the LEVEL OF AUDIT RISK.
• After planning for specific audit procedure, if the auditor determines that the acceptable materiality level
is lower, audit risk is increased. The auditor would compensate for this by either:
□ Reducing the assessed level of control risk, where this is possible, and supporting the reduced level
by carrying out extended or additional tests of control; or
□ Reducing detection risk by modifying the nature, timing, and extent of planned substantive procedures.
MATERIALITY AUDIT RISK PLANNED AUDIT PROCEDURES
Planning materiality and/or tolerable error Risk of material error occurring and/or
Not being determined

LOW HIGH MORE EXTENSIVE

HIGH LOW LESS EXTENSIVE

RISK ASSESSMENT PROCEDURES – the procedures performed by auditors to obtain an understanding of the entity
and its environment including its internal control and to assess the risks of material misstatements in the FS. These
include:
□ Inquiries of management and others within the entity
□ Analytical procedures
□ Observation and inspection

ANALYTICALPROCEDURES – involves analysis of significant ratios and trends including the resulting investigation of
fluctuations and relationships that are inconsistent with other relevant information or deviate from particular amounts.
PSA 520 requires the auditor to use analytical procedures in the planning and overall stages of the audit.
• Steps in Applying Analytical Procedures
Step 1. Develop expectations regarding FS using:
□ Prior year’s financial statements
□ Anticipated results such as budgets and forecasts
□ Industry averages ( FS of other entities operating w/in the same industry)
□ Non-financial information
□ Typical relationships among FS account balances
Step 2. Compare expectations with the FS under audit.
Step 3. Investigate significant unexpected differences (unusual fluctuations) to determine whether FS contain
material misstatements
Uses of Analytical Procedures:
□ As a planning tool, to determine the nature, timing, and extent of other auditing procedures
➢ to understand the client’s business
➢ to identify areas that may represent specific risks
In using analytical procedures as a planning tool, if the difference between recorded balances in FS and
expectations is significant, the auditor must design more extensive substantive tests (or vice versa)
□ As a substantive test to obtain corroborative evidence about particular assertions related to account balance or
transaction class
□ As an overall review of the financial statements in the completion phase of the audit
• to identify unusual fluctuations that were not identified in the planning and testing phases of the audit
to confirm conclusions reached w/ respect to the fairness of the FS

Documenting the Audit Plan – the final step in planning process is the documentation of the audit planning process by
preparing:
• Audit plan – the overview of the expected scope and conduct of the audit. It sets out in broad terms the
nature, timing, and extent of the audit procedures to be performed.
• Audit program – it sets out in detail the audit procedures to be performed in each segment of the audit.
• Time budget – is an estimate of the time that it will spent in executing the audit procedures listed in the audit
program.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

CONSIDERATION OF INTERNAL CONTROL

PSA 315 states that INTERNAL CONTROL is the process designed and effected by those charged with governance, management, and o

• In the audit of FS, the auditor is only concerned with those policies and procedures within the accounting and
internal control systems that are relevant to the financial statement assertions.
• Components of Internal Control:
1. Control Environment – includes the attitudes, awareness, and actions of the mgmt. and those charged with
governance concerning the entity’s IC and its importance in the entity.
➢ Integrity and ethical values ➢ Commitment in competence
➢ Mgmt. philosophy and operating style ➢ Personnel policies and procedures
➢ Active participation of those charged ➢ Assignment of responsibility and
w/ governance authority/ Organizational Structure
2. Risk Assessment – mgmt. should adopt policies and procedures that are designed to identify and
analyze business risks.
For audit purposes, the auditor is only concerned with risks that are relevant to preparation of reliable
financial statements.
➢ Business risk – is the risk that the entity’s business objectives will not be attained as a result of internal
and external factors such as technological developments, changes in customer demand, etc.
3. Information and Communication Systems
An information system encompasses methods and records that:
➢ identify and record all valid transactions,
➢ describe on a timely basis the transactions in sufficient detail to permit proper classification,
➢ measure transactions in their proper monetary value,
➢ determine the time period to permit recording of transactions in proper accounting period, and
➢ present properly the transactions and disclosures in FS.
Communication involves providing an understanding of individual roles and responsibilities pertaining to
internal control over financial reporting.
4. Control Activities – are policies and procedures that help ensure that mgmt. directives are carried out.
Specific control procedures that are relevant to FS audit would include:
➢ Performance reviews – review and analysis of actual performance vs. budgets, forecasts, and PY’s.
➢ Information Processing – to check accuracy, completeness, and authorization of transactions.
➢ Physical Controls – physical security of assets, authorization for access to programs and data files,
periodic counting and comparison w/ amounts shown on control records
➢ Segregation of Duties – assigning different people the responsibilities of authorizing
transactions, recording transactions, and maintaining custody of assets.
5. Monitoring – the process of assessing the quality of internal control performance over time.
• Auditors are not responsible for establishing and maintaining an entity’s accounting and internal control systems:
that is the responsibility of the management.
STEPS IN CONSIDERATION OF INTERNAL CONTROL
1. OBTAIN UNDERSTANDING OF THE INTERNAL CONTROL
• Evaluating the design of a control
➢ This can be obtained by: making inquiries of appropriate individuals, inspecting documents and records,
and observing entity’s activities and operations
• Determining whether it has been implemented
➢ This can be accomplished by performing a WALK-THROUGH TEST. This involves tracing one or two
transactions through the entire accounting systems, from their initial recording at source to their
final destination as a component of an account balance in the FS.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

2. DOCUMENT THE UNDERSTANDING OF ACCOUNTING AND INTERNAL CONTROL SYSTEMS

• This documentation need not be in particular form. Some commonly used forms are: narrative description,
flowchart and diagrams of flow of transactions, internal control questionnaire providing mgmt. responses
3. ASSESS THE LEVEL OF CONTROL RISK
• If ICs related to a particular assertion is not effective, the auditor may assess the control risk at high level.
• If the auditor concludes that it is more efficient to rely on entity’s IC, the auditor would plan to assess control risk
at less than high level.
4. PERFORM TEST OF CONTROLS
TEST OF CONTROLS – are performed to obtain evidence about the effectiveness of the:
Design of the accounting and internal control systems; or
Operation of the internal control through the period

• According to PSA, the auditor should obtain audit evidence through test of control to support any
assessment of control risk at less than high level. The lower assessment of control risk, the more support the
auditor should obtain that the IC is suitably designed and operating effectively.
• Nature of Test of Controls
• Inquiry – searching for appropriate information about the effectiveness of internal control from
knowledgeable persons inside or outside the entity.
• Observation – refers to looking at the process being performed by others.
• Inspection – involves examination of documents and records to provide evidence of reliability
depending on their nature and source and the effectiveness of IC over their processing
• Reperformance – involves repeating the activity performed by the client to determine whether proper
results were obtained.
• Timing of tests of controls: auditors usually perform tests of controls during an interim visit, in advance
of period end. However, auditors cannot rely on it w/o considering the need to obtain further evidence on
the remainder of the period.
In determining whether or not to test the remaining period, these must be considered: the results of the interim
tests, the length of the remaining period, and whether changes have occurred in accounting and internal
control systems during the remaining period.
• Extent of test of controls: The auditor cannot examine all transactions related to certain control procedures. In
an audit, the auditor should examine the size of a sample sufficient to support the assessed level of control
risk.
• Operating effectiveness vs. implementation
- When obtaining audit evidence of implementation by performing risk assessment procedures, the auditor
determines that the relevant controls exist and the entity is using them.
- When performing tests of the operating effectiveness of controls, the auditor obtains audit evidence
that controls operate effectively. This includes obtaining evidence about how controls were applied at
relevant times during period under audit, the consistency which they were applied, and by whom or by
what means they were applied.
• Documenting the assessed level of control risk
- If the control risk is assessed at high level, the auditor should document his conclusion that the control risk
is at high level.
- If the control risk is assessed at less than high level, the auditor should document his conclusion that
control risk is less than high level and the basis for the assessment (basis is actually the results of TOC).
• Communication of Internal Control Weaknesses
- Auditor is required to report the matter to the appropriate level of mgmt. material weaknesses in the
design or operation of the accounting and IC systems.
- Auditors are not required to search for and/or identify material control weaknesses.
- Internal control weaknesses are documented in a formal management letter.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

AUDITING IN A COMPUTERIZED ENVIRONMENT

Characteristics of Computerized Information Systems (CIS)
1. Lack of Visible Transaction Trails 5. Systems Generated Transactions
2. Consistency of Performance 6. Vulnerability of Data and Program
3. Ease of Access to data and Computer Programs Storage Media
4. Concentration of Duties
Internal Control in a CIS Environment
A. General Controls – are control policies and procedures that relate to the overall computer information system.
1. Organization controls – clear assignment of authority and responsibility
a. Segregation b/w CIS dept. and user dept.
b. Segregation of duties w/in the CIS dept.
CIS Director (exercises control over the CIS operation)

Systems Development Operations Other Functions

- Systems Analyst - Computer Operator - Librarian
(designs new systems, evaluates and improves (using the program and instructions by the programmer, (maintains custody of systems documentation,
existing systems, and prepares specs. for programmers) he operates the computer to process transaction) programs and files)

- Programmer - Data Entry Operator - Control Group

(guided by the specs of the systems analyst, (prepares and verifies input data for processing) (reviews all input procedures, monitors
he writes a program, tests and debugs such computer processing, follows-up data
programs, and prepares the computer operating processing errors, reviews the reasonable-
instructions ness of output, and distributes output to
authorized personnel

2. Systems development and documentation controls – to facilitate use of program as well as changes
that may be introduced to system
3. Access controls – adequate security controls, such as use of passwords
4. Data recovery controls – provides maintenance of back-up files and off-site storage procedures.
5. Monitoring controls – to ensure that CIS controls are working effectively as planned.
B. Application Controls – are those policies and procedures that relate to the specific use of the system.
1. Controls over Input – designed to provide reasonable assurance that data submitted for processing
are complete, properly authorized and accurately translated into machine readable form.
❖ Key verification – this requires data to be entered twice to provide assurance that there are no key
entry errors committed.
❖ Field check - this ensures that the input data agree with required field format.
Ex.: SSS number must contain 10 digits. An input of SSS number w/ more or less than 10 digits will be rejected
❖ Validity check – info entered are compared with valid info in the master file to determine the authenticity
of the input.
Ex.: Employees’ master file may contain two valid codes to indicate the employee’s gender “1” for male and
“2” for female. A code of “3” is invalid and will be rejected.
❖ Self-checking digit – this is a mathematically calculated digit w/c is usually added to a document number to
detect common transpositional errors in data submitted for processing.
❖ Limit check – or reasonable check is designed to ensure that data submitted for processing do not exceed a
predetermined or reasonable amount.
❖ Control totals – these are totals computed based on the data submitted for processing. Control totals
ensure the completeness of data before and after they are processed.
✓ Financial totals – sum total of the peso amount in the documents
✓ Hash totals – sum total of the control numbers in the documents
✓ Record count - total number of the documents
2. Controls over Processing – designed to provide reasonable assurance that input data are processed
accurately, and that data is not lost, added, excluded, duplicated, or improperly changed.
❖ Almost all of input controls mentioned above are also part of processing controls.
3. Controls over Output – designed to provide reasonable assurance that the results of processing
are complete, accurate, and that these outputs are distributed only to authorized personnel.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

Test of Control in a CIS Environment

• The auditor’s objectives and scope of the audit do not change in a CIS environment.
• Testing the reliability of general controls may include:
□ Observing client’s personnel in performing their duties
□ Inspecting program documentation
□ Observing security measure in force
• In testing application controls, the auditor may either:
□ Audit around the computer
✓ Similar to testing control in a manual control structure in that it involves examination
of documents and reports to determine the reliability of the system.
✓ When using this approach, the auditor ignores the client’s data processing procedures,
focusing solely on the INPUT documents and the CIS OUTPUT.
✓ Can be used only if there are visible input documents and detailed output that will enable
the auditor to trace individual transactions back and forth.
✓ This is also known as “black box approach”.
□ Use Computer-Assisted Audit Techniques (CAATs)
✓ Are computer programs and data which the auditor uses as part of the audit procedures to
PROCESS data of audit significance contained in an entity’s information systems.
✓ Used when computerized accounting systems performs tasks w/c no visible evidence is
available. Consequently, the auditor will have to audit directly the client’s computer
program using CAATs.
✓ This is also known as “white box approach”.
✓ Commonly used CAATs:
1. Test Data
- Designed to test the effectiveness of the internal control procedures w/c
are incorporated in the client’s computer program.
- The objective of this technique is to determine whether the client’s computer
programs can correctly handle valid and invalid conditions as they rise.
2. Integrated Test Facility (ITF)
- the auditor creates dummy or fictitious employee, or other appropriate unit for
testing within the entity’s computer system.
- ITF integrates the processing of test data w/ the actual processing of ordinary
transactions w/o mgmt. being aware of the testing process.
- ITF provides assurance that the program tests by the auditor is the same
program used by the client in the processing of transactions (unlike test data
approach).
3. Parallel Simulation
- requires the auditor write a program that simulates key features or processes of
the program under review.
- The simulated program is then used to reprocess transactions that were previously
processed by the client’s program.
- Can be accomplished by using:
1. Generalized auditing software – composed of generally available
computer packages w/c has been designed to perform common audit
tasks
2. Purpose-written programs – designed to perform audit tasks in specific
circumstances.
✓ Other CAATs
1. Snapshots – taking a picture of a transaction as it flows through the computer systems.
2. System control audit review files (SCARF) – embedding audit software modules within an
application system to provide continuous monitoring of the systems transactions. The
information is collected into a special computer file that the auditor can examine.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

PERFORMING SUBSTANTIVE TESTS

Substantive Tests – are audit procedures designed to substantiate the account balances or to detect material misstatements in the finan
Types of Substantive Tests:
Analytical Procedures
Test of Details
The decision about w/c procedures to use is based on the auditor’s judgment about the expected
effectiveness and efficiency of such [procedures in satisfying the audit objective.

1. Analytical Procedures
✓ Analytical procedures applied as substantive tests enable the auditor to obtain corroborative evidence
about a particular account.

USING ANALYTICAL PROCEDURES AS SUBSTANTIVE TESTS

Develop Expectations
about the FS

Compare the FS with the

Expectations Developed

NO
Is the
difference significant?
Conduct further
Investigation

YES

Accept the account

balance as reasonable.

✓ When intending to perform analytical procedures as substantive tests, the auditor should focus on
those accounts that are predictable. The following generalizations may be helpful in assessing the
predictability of those accounts:
□ Income statement accounts are more predictable compared to balance sheet accounts.
□ Accounts that are not subject to management discretion are generally predictable.
□ Relationships in a stable environment are more predictable than those in a dynamic or unstable
environment.
2. Test of Details
✓ It involves examining the actual details making up the various account balances. This approach may
take the form of:
□ Test of details of balances – involves direct testing of the ending balance of an account
* This will be used when account balances are affected by large volume of relatively immaterial
transactions.
□ Test of details of transactions - involves testing the transactions which give rise to the
ending balance of the account.
* This is useful if account balances are comprised of a smaller volume of transactions
representing relatively material amounts.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

Effectiveness of Substantive Test

• Nature of substantive test: relates to quality of evidence; high quality of evidence is preference, yet it’ll involve
high cost
• Timing of substantive test: the higher the risk of material misstatement, the more likely it is that the auditor
may decide to perform ST closer to year-end.
• Extent of substantive test: the auditor ordinarily increases the extent of ST as the risk of
material misstatement increases.
Relationship between Substantive Test and Test of Control
• Test of control provide evidence that indicates a misstatement is likely to occur. Substantive test on the
other hand, provide evidence about the existence of misstatement in an account balance.
AUDIT EVIDENCE
• It refers to the information obtained by the auditor in arriving at the conclusions on which the audit opinion i
s based. It consists of:
➢ Underlying accounting data – refers to accounting records underlying in the FS. This includes books of
accounts, related accounting manuals, worksheet supporting cost allocations and reconciliations
prepared by the client personnel.
➢ Corroborating information – supporting the underlying accounting data obtained from client and other
sources. This includes documents such as invoices, bank statements, POs, contracts, checks, etc.
• Qualities of Evidence
➢ When performing tests of control, audit evidence must support the assessed level of control risk.
➢ When performing substantive tests, audit evidence must support the acceptable level of detection risk.
➢ When obtaining audit evidence, the auditor should consider the:
□ Sufficiency – refers to the amount of evidence that the auditor should accumulate.
The auditor uses his judgment to determine the amount of evidence needed to support the opinion
on the FS. The following factors may be considered in evaluating the sufficiency of the audit
evidence: competence of evidence, materiality of item being examined, the risk involved in a
particular amount, experience gained during the previous audit.
□ Appropriateness – is the measure of the quality of audit evidence and its relevance to a
particular assertion and its reliability.
Relevance relates the timeliness of evidence and its ability to satisfy the audit objective.
Reliability relates to the objectivity of evidence and is influenced by its source and by its nature. While
reliability of audit evidence is dependent on individual circumstance, the following generalizations
could help the auditor in assessing the reliability of audit evidence:
✓ Audit evidence obtained from independent outside sources is more reliable than that generated
internally.
✓ Audit evidence generated internally is more reliable when the related accounting and internal
control systems are effective.
✓ Audit evidence obtained directly by the auditor is more reliable than that obtained by the
entity.
✓ Audit evidence in the form of documents and written representations is more reliable than oral
representations.
• Cost/benefit consideration when obtaining evidence
➢ Ordinarily, the auditor finds it necessary to rely on audit evidence that is persuasive rather than conclusive
in nature.
AUDIT DOCUMENTATION/ WORKING PAPERS
• Working papers are records kept by the auditor that documents the audit procedures applied, information
obtained and conclusions reached.
• PSA 230 requires the auditor to document matters that are important to support an opinion on FS, and evidence
that the audit was conducted in accordance with PSA.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

• Functions of the Working Papers:

□ Support the auditor’s opinion on FS □ Planning future audits

□ Support the auditor’s representation as to □ Providing information useful in rendering other
compliance with PSA. services (MAS or tax consultancy)
□ Assist the auditor in the planning, □ Providing adequate defense in case of litigation
performance, review and supervision of the
engagement.
• Form, Content, and Extent of Audit
Documentation
➢ In deciding on these, the auditor should consider what would enable an experienced auditor, having
no previous connection with the audit, to understand:
a. The nature, timing, and extent of the audit procedures to comply with PSAs and applicable legal
and regulatory requirements
b. The results of the audit procedures and the audit evidence obtained.
c. Significant matters during the audit and the conclusions reached thereon.
• Classification of Working Papers
➢ Permanent file – contains information of continuing significance to the auditor in performing recurring
audits.
This file would most likely include: copies of articles of incorporation and by-laws, major contracts,
engagement letter, org. chart, analyses of long-term accounts, etc.
➢ Current file – contains evidence gathered and conclusions reached relevant to the audit of a particular year.
This file includes: copy of FS, audit program, working TB, lead schedules, correspondence w/ other parties.
• Ownership of working papers
➢ Working papers are the property of the auditor and the client has no right to the working papers prepared
by the auditor.
Working papers may sometimes serve as reference source for the client but they should not be considered

as part or as a substitute for the client’s records.

• Confidentiality of working papers

➢ Although the working papers are the personal property of the auditor, these working papers cannot be
shown to third parties w/o client’s permission, except:
□ When disclosure is required by law or when the working papers are subpoenaed at court.
□ When there is a professional right to disclose information such as when the auditor uses
his working papers to defend himself when sued by client for negligence.
• Retention of working papers. Working papers should be retained by the auditor for a period of time
sufficient to meet the needs of his practice and to satisfy any pertinent legal requirements of record
retention.
• Guidelines for the preparation of working papers.
The following techniques may be used by the auditor:
□ heading (to be properly identified with such information such as client name, type of working paper,
content description, period covered)
□ indexing (use of lettering or numbering system to identify accounts),
□ cross-indexing/cross referencing (to provide a trail in reviewing),
□ tick marks (symbols to describe the audit procedures performed).

AUDITING ACCOUNTING ESTIMATES

➢ PSA 540 defines ‘accounting estimate’ is an approximation of the amounts of an item in the absence of
a precise means of measurement.
➢ The risk of material misstatement is greater when accounting estimates are involved.
➢ Management is responsible for making accounting estimates included in the financial statements.
➢ The auditor’s responsibility is to obtain sufficient appropriate evidence as to whether:
□ Accounting estimate is properly accounted for and disclosed
□ Accounting estimate is reasonable in the circumstances.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

➢ In addition, the auditor may use one or a combination of the following approaches:
1. Review and test the process used by mgmt. to develop the estimate.
2. Make an independent estimate
3. Review subsequent events which confirm the estimate made.

RELATED PARTIES – refers to persons or entities that may have dealings w/ one another in which one party as the ability
to exercise significant influence or control over the other party in making financial and operating decisions.
Management’s Responsibility: Mgmt. is responsible for the identification and disclosure of related parties and
transactions with such parties.
Auditor’s responsibility: The auditor should obtain and review information provided by the directors and mgmt.
identifying the names of all known related parties and related party transaction.
- An audit cannot be expected to provide assurance that all related party transactions will be discovered.

USING THE WORK OF AN AUDITOR’S EXPERT

➢ An expert is a person or firm possessing special skill, knowledge and experience in a particular field other
than accounting and auditing.
➢ PSA 620 identifies two kinds of experts:
□ Auditor’s Expert – an expert, whose work in his/her field of specialization, is used by the auditor to
assist the auditor in obtaining sufficient appropriate audit evidence.
□ Management’s Expert – an expert, whose work in his field of expertise, is used by the entity to assist in
preparing the financial statements.
➢ Not all engagements would require the help of an expert. When determining the need of use of the work of
an expert, the auditor would consider: whether the mgmt. has used a mgmt.’s expert in preparing FS, the
nature and significance of the matter, the risk of material misstatement in the matter, and expected nature
of procedures to respond to identified risks
➢ Effect of the Reliance on Expert’s Work on the Auditor’s Report
□ The auditor has sole responsibility for the audit opinion expressed and that responsibility is not
reduced by the auditor’s use of the work of an expert. Thus, the auditor should not refer to the work
of an auditor’s expert in an auditor’s report containing an unmodified opinion.
□ When an auditor’s report contains a modified opinion, the auditor can make reference to the expert’s
work if the auditor believes that such reference is necessary in order for the readers to understand
the reason of expressing a modified opinion. When this happens, the auditor should indicate in his
report that such reference does not reduce the auditor’s responsibility for that opinion.
CONSIDERING THE WORK OF INTERNAL AUDITORS
Internal auditing is an appraisal activity established within an entity as a service to the entity. Considering the work of
internal auditor involves two important phases:
1. Making a preliminary assessment of internal auditing (considering the competence, objectivity,
due professional care, and scope of function of internal auditors)
2. Evaluating and testing the work of internal auditing – to confirm its adequacy for the external auditor’s
purposes.
* The external auditor may also request the assistance of the internal auditors in performing routine or mechanical
audit procedures.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

AUDIT SAMPLING
PSA 530 defines audit sampling as, “the application of audit procedures to less than 100% of the items within an account balance or class o

Risks in Sampling
1. Sampling risk –refers to the possibility that the auditor’s conclusion, based on a sample may be different from
the conclusion reached if the entire population were subjected to the same audit procedures. This exists
because the sample selected for testing may not be truly representative of a population.

Alpha Risk – results in an auditor performing

audit procedures more than what is Risk of underreliance Risk of incorrect rejection
necessary, thus affecting audit efficiency
Beta Risk - results in an auditor performing
audit procedures less than what is necessary, Risk of overreliance Risk of incorrect acceptance
thus affecting audit effectiveness.
➢ The only way to eliminate sampling risk is to examine the whole population, yet it is not feasible to do so.
➢ Controlling Sampling Risk: This can be done by:
□ Increasing the sample size
□ Using an appropriate selection method

2. Non-sampling risk – refers to the risk that the auditor may draw incorrect conclusions about the
account balance or class of transactions because of human errors.
➢ Non-sampling risk is something that cannot be eliminated even if the auditor examines the population.
➢ Controlling Non-sampling Risk: This can be done by proper planning, adequate direction, review, and
supervision of the audit team.
General Approaches to Audit Sampling
1. Statistical sampling – is a sampling approach that uses random based selection of sample and uses the law
of probability to measure sampling risk and evaluate sample results.
2. Non-statistical sampling - is a sampling approach that purely uses auditor’s judgment in estimating sampling
risks, determining sample size, and evaluating sample results.
Audit Sampling Plans

1. Attribute Sampling Estimate the frequency of occurrence Test of Controls to estimate the
of a certain characteristic in a rate of deviations.
population.
2. Variable Sampling Estimate a numerical measurement Substantive Tests to estimate the
of a population such as peso value. amount of misstatements.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

Steps in Audit Sampling:

1. Define the objective of the test. Specify the control to be selected. Specify the purpose of the test and its
relationship to the financial statement
assertions.
2. Determine the procedures Determine the appropriate audit Determine the appropriate audit
to be performed. procedures to satisfy the objective. procedures to satisfy the objective.

Define the population and the Define the population and its
conditions that constitute a deviation. characteristics.
3. Determine the sample size. Consider the effects of the following Consider the effects of the following
factors in determining the sample factors in determining the sample
size: size:
• Acceptable sampling risk • Acceptable sampling risk
(inverse) (inverse)
• Tolerable deviation • Tolerable misstatement
rate (inverse) (inverse)
• Expected population • Expected misstatement
deviation rate (direct) and population variation
4. Select the sample. Use any of the following techniques: (direct)
• Random number selection Use any of the following techniques
• Systematic selection and stratify the population, when
• Haphazard selection (applies appropriate:
only to non-statistical • Random number selection
sampling) • Systematic selection
• Haphazard selection (applies
only to non-statistical
sampling)
5. Apply the audit procedures. Apply the audit procedures to the • Value weighted selection
sample items. Apply the audit procedures to
6. Evaluate the sample results. Decide whether the results supported the sample items.
the planned degree of reliance on Decide whether to accept account
internal control. balance as fairly stated or to require
further actions.
*It is to be emphasized that steps 1, 2, 5, and 6 will be performed whether the auditor uses auditor sampling or not.

Factors in Determination of Sample Size of Test of Controls (Step 3):

1. Acceptable sampling risk. There is an inverse relationship b/w the acceptable sampling risk and sample size.
2. Tolerable deviation rate. This is the maximum rate of deviations the auditor is willing to accept.
3. Expected deviation rate. This is the rate of deviations the auditor expects to find in the population
before testing begins.
Factors in Determination of Sample Size of Substantive Tests (Step 3):
1. Acceptable sampling risk. There is an inverse relationship b/w the acceptable sampling risk and sample size.
2. Tolerable misstatement. This is the maximum rate of misstatement the auditor will permit in the population
and still be willing to conclude that the account balance is fairly stated.
3. Expected misstatement. This is the amount of misstatement the auditor believes exists in the population.
4. Variation in the population – when using statistical sampling, this is measured by standard deviation.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

Sample Selection Methods for Test of Controls and Substantive Tests (Step 4):
1. Random number selection – the auditor selects the sample by matching random numbers, generated by
a random number table or a computer software generator.
2. Systematic selection – this involves a constant sampling interval and then selects the sample based on the size
of the interval.
3. Haphazard selection – the sample is selected without following an organized or structured technique.
For Substantive Tests only:
➢ In addition, the auditor may divide or stratify the population to decrease the effect of variance in
the population.
4. Value Weighted Selection/ Probability Proportional or Size Sampling/ Monetary Unit Sampling – each peso is
treated as one sampling unit. This method gives monetary values greater representation in the sample.
Situations that Auditor May Encounter in Step 4 & 5:
1. Void documents – such document should be replaced by another sample item.
2. Missing documents – such document must be treated as a deviation.
Evaluating the Results for Test of Control (Step 6):
1. Determine the sample deviation rate.
2. Compare the sample deviation rate with tolerable deviation rate and draw an overall conclusion of
the population.
➢ If sample deviation rate is greater than tolerable deviation rate – means that sample results do not support
the planned degree of reliance on IC. Control risks will be assessed at high level and more extensive ST will
be performed.
➢ If sample deviation rate is less than tolerable deviation rate – consider the allowance for sampling risk (the
possibility that these sample results could have occurred even if the actual population deviation rate is
higher than TD)
a. If SD is considerably lower than TD (Ex.: SD at 2% vs. TD of 10%) – the sample results supported the
planned degree of reliance on IC.
b. If SD is barely lower than TD (Ex.: SD at 8% vs. TD of 10%) - there is high possibility that the actual
deviation rate will exceed the TD rate.
Other Sampling Applications:
1. Sequential sampling/ stop-or-go sampling – used when an auditor expects very few deviations within the
population. Under this method, the auditor does not use fixed sample size.
2. Discovery sampling – this form of attribute sampling is most appropriate when no deviations are expected in
the population. This is normally used when the auditor suspects that an irregularity might have been
committed.
Evaluating the Results for Substantive Tests (Step 6):
3. Project the misstatements in the population.

Projected Misstatements = Amount of misstatements x (population size / sample size)

➢ Ratio estimation – uses book values of the population and sample size
➢ Difference estimation – uses number of customers on the population and number size
4. Compare projected misstatements together with tolerable misstatements and draw an overall conclusion.
➢ If projected misstatement is greater than tolerable misstatements – the auditor will conclude that the account
balance is materially misstated.
➢ If projected misstatement is less than tolerable misstatements - consider the allowance for sampling risk.
➢ In some circumstances, the auditor may encounter anomalous errors. These are errors or misstatements that
arise from isolated event that has not recurred other than specifically identifiable occasions and are therefore
not representative to the population.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

COMPLETING THE AUDIT AND POST AUDIT RESPONSIBILITIES

COMPLETING THE AUDIT
After the fieldwork is almost complete, a series of procedures are generally carried out to complete the audit. These
procedures include:
1. Identifying subsequent events that may affect the FS under audit.
• Subsequent events are those events or transactions that occur subsequent to the balance sheet date and
may affect the financial statements and the auditor’s report. It may be classified as:
➢ Requiring Adjustment – those that provide further evidence of conditions that existed at the BS date
➢ Requiring Disclosure – those that are indicative of conditions that arose subsequent to the BS date.
• PSA 560 states that “The auditor should perform procedures designed to obtain sufficient appropriate evidence
that all events up to the date of the auditor’s report that may require adjustment of, or disclosure in the
financial statements have been identified.”
• Subsequent events occurring after the report date but before the FS are issued.
➢ The auditor does not have any responsibility to perform procedures to identify subsequent events after the
date of the auditor’s report.
➢ If the auditor becomes aware of an event occurring after the report date but before the FS issuance date,
he should take the necessary actions to ascertain whether such event is has been properly accounted for
and disclosed in the notes to FS.
➢ Failure on the part of the client to make amendments to the FS, where the auditor believes they need to be
amended, will cause the auditor to issue either QUALIFIED OR ADVERSE OPINION.
• Effect of subsequent events on the date of report.
➢ If a material SE requiring adjustment to the FS occurs after the date of auditor’s report but before
the FS issuance, the FS should be adjusted and the auditor’s report should BEAR THE ORIGINAL
DATE OF REPORT (date of completion of audit procedures).
➢ If a SE requiring disclosure occurs after the date of auditor’s report but before the FS issuance, the
auditor should consider the adequacy of the disclosure and the date the report either:
✓ As of the date of the subsequent event(when this is used by the auditor, the responsibility for the SE is extended)
✓ Dual date of the report (used when the auditor does not want to extend the procedures, that is, original date of report
and the date of the specific event is occurred, e.g.: March 15, 2018 except for Note 12 dated March 31, 2018)

2. Identifying contingencies such as litigations, claims and assessment.

• PSA 501 requires the auditor to carry out procedures in order to become aware of any litigation and claims
involving the entity which may have a material effect on the FS.
• Mgmt. Is the primary source of information for L.C.A. The auditor corroborates info obtained from mgmt. to
lawyers by asking the client to send letters of audit inquiry.
• If mgmt. refuses to give the auditor permission to communicate w/ the entity’s lawyer or lawyer refuses to
reply, this would be considered a scope limitation that would require the auditor to issue either a QUALIFIED OR DISCLAIMER OF OPIN
If there is uncertainty because the lawyer is unable to estimate the likelihood of an unfavorable outcome including the potential lo
Obtaining written management representation.
•

3.

• PSA 580 requires an auditor to obtain sufficient appropriate audit evidence that the entity’s mgmt. has
acknowledged that has fulfilled its responsibility for the preparation and presentation of fair FS and has
approved the FS – such evidence can be obtained using a WRITTEN representation from the mgmt. (can be
requested from CEO and CFO or other equivalent officers)
• Mgmt. written representations complement the audit evidence the auditor accumulates, but they do
not substitute for the performance of audit procedures.
• Written representation should be addressed to the auditor and the date shall be as near as practicable to, but
not after the date of auditor’s report.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

• When mgmt. does not provide written representation or the auditor concludes that there is sufficient doubt
on the integrity of the mgmt., the auditor should consider these as scope limitation that would warrant a
DISCLAIMER OF OPINION.
4. Performing wrap-up procedures.
• Wrap-up procedures are procedures done at the end of the audit that generally cannot be performed before
the other audit work is complete. These include:
a. Final analytical procedures
➢ PSA 520 states that the auditor should apply analytical procedures at or near the end of the audit.
➢ Analytical procedures applied in completion phase should focus on: identifying unusual fluctuations
that were not previously identified and assessing the validity of the conclusions reached and
evaluating the overall FS presentation.
b. Evaluation of the entity’s ability to continue as a going concern
➢ The auditor’s responsibility is to consider the appropriateness of mgmt. use of GC assumption
(consider whether there are event s that cast a significant doubt on entity’s ability to continue as
going concern and evaluate mgmt.’s assessment of the entity’s ability to continue as GC)
➢ When evaluating the entity’s GC assumption, the auditor should remember that the conditions and
events that may indicate significant doubt about entity’s continued existence may be mitigated
by other factors (alternatives such as disposal of assets, obtaining additional capital, etc.)
➢ Effect on the auditor’s report:
✓ If there is reasonable assurance that the entity is going concern, the auditor should express an
UNMODIFIED OPINION.
✓ If there is uncertainty and is adequately disclosed that the entity is going concern, the
auditor should express an UNMODIFIED OPINION WITH EMPHASIS OF MATTER
PARAGRAPH.
✓ If there is uncertainty and is not adequately disclosed that the entity is going concern, the
auditor should express EITHER QUALIFIED OR ADVERSE OPINION.
✓ If the GC assumption is not appropriate, the FS should be prepared using other appropriate
basis. Otherwise the auditor should issue an ADVERSE OPINION.
c. Evaluating audit findings and preparing a list of potential adjusting entries.
✓ If mgmt. accepts all adjusting entries proposed by the auditor, an UNMODIFIED OPINION is
issued.
✓ If mgmt. refuses to correct the FS, a QUALIFIED OR AN ADVERSE OPINION will be issued.
POST AUDIT RESPONSIBILITIES (Events after the FS have been issued)
• Ordinarily, the auditor does not have any responsibility to perform additional procedures after the FS are
issued, unless the auditor is aware that the audit report issued may be inappropriate (he must take steps
to prevent future reliance on such report).
➢ Subsequent discovery of facts
1. Discuss the matter w/ the appropriate level of mgmt. and consider whether the FS needs
revision.
2. Advise mgmt. to take steps to ensure the users of the previous issued FS are informed of
the situation.
✓ If mgmt. makes appropriate revisions and disclosures, the auditor should issue a new audit
report that includes an EMPHASIS OF MATTER PARAGRAPH. If mgmt. refuses to revise the
FS or to inform the users about the new info, the auditor should notify the persons
responsible for the refusal and intent to prevent reliance to the audit report.
➢ Subsequent discovery of omitted procedures
1. Assess the importance of the omitted procedures to the auditor’s ability to support his opinion
2. Undertake to apply the omitted procedures or the corresponding alternative procedures.
✓ If omission impairs the current ability to support his opinion, apply the procedures.
✓ If, after applying the omitted procedures, it makes the report inappropriate, discuss this
matter with mgmt. to take steps to prevent reliance in the report.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

THE AUDITOR’S REPORT ON FINANCIAL STATEMENTS

PSA 700 requires an auditor’s report to contain a clear expression of the auditor’s opinion on the FS.

THE UNMODIFIED REPORT

✓ This is issued when the auditor concludes that based on the audit evidence obtained, that the FS is fairly
presented, in all material aspects in accordance with the applicable financial reporting framework.
✓ Basic Elements of the Unmodified Report:
1. Title (to emphasize the independence of the auditor and to distinguish the report from others)
2. Addressee (report should be addressed to those parties for whom the report is prepared such as shareholders, BOD, third parties)
3. Introductory Paragraph (name of entity, FS audited, title of each FS including date covered by FS, summary of significant
accounting policies and notes)
4. Management’s Responsibility for the FS (describes responsibility for the preparation and fair presentation of FS and for
design, implementation and maintenance of IC)
5. Auditor’s Responsibility (stating that the responsibility of the auditor is to express an opinion on the FS, that the audit was
conducted in accordance with PSA, and to give a general description of the audit)
6. Auditor’s Opinion
7. Other Reporting Responsibilities
8. Auditor’s Signature (name of audit firm and the personal name of the auditor)
9. Date of Report (date as of the completion of all essential audit procedures)
10. Auditor’s Address (location in the jurisdiction where the auditor maintains his office)

MODIFICATION TO THE OPINION

MODIFICATION TO THE OPINION

MATERIAL MISSTATEMENT SCOPE LIMITATION

• Inappropriate accounting policy selected (Auditor is unable to perform necessary audit procedures/auditor is
• Misapplication of selected unable to obtain sufficient appropriate evidence)
Circumstances beyond control of the entity
accounting policy •
Circumstance imposed
Circumstances relating to nature
Inappropriate or inadequate disclosure scope limitation
•
•
or timing of auditor’s work
• Limitations imposed by management Mgmt. imposed scope
limitation
Should re uest first to m mt. to remove the limitation

Material but not Material and Material and Material and

Pervasive Pervasive Pervasive Pervasive
(Material enough to affect
(Material enough to affect (Material enough to affect (Material enough to affect
the FS but not to
the FS and overshadows the FS but not to the FS and overshadows the
overshadow the fair
the fair presentation of FS overshadow the fair fair presentation of FS as a
presentation of FS as a
as a whole) presentation of FS as a whole)
whole)
whole)

Qualified Opinion Adverse Qualified Disclaimer of Opinion

(use the phrase (State that the auditor has not been
“except for the effects
Opinion Opinion able to obtain sufficient appropriate
of the matter (should state (use the phrase evidence to provide a basis of
described in BMP…) that FS do not “except for the possible opinion)

present fairly) effects of the matter

described in BMP…)
Or resign from
the engagement
(for mgmt.
imposed SL)

Basis of Modification Paragraph (placed immediately before the Opinion Paragraph)

➢ For MM, it should include: a description of nature of misstatements and a quantification of its financial effects.
➢ For SL, it should explain the reason of inability to obtain sufficient appropriate audit evidence.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

Piecemeal Opinion
It is an unmodified opinion expressed on one or more components of the FS while expressing an adverse or
disclaimer of opinion as a whole. PSA 705 does not allow this practice.
EMPHASIS OF MATTER PARAGRAPH (placed after Auditor’s Opinion Paragraph)

EMPHASIS OF MATTER
(to give emphasis on an important matter affecting the FS or the auditor’s report;
these does not negate the auditor’s unmodified opinion)

Uncertainties*
Going Concern** Adequately Unmodified
Early Application of New Accounting Standards disclosed in the notes to the FSwith Emphasis Matter Paragraph
Opinion
Major Catastrophe
Subsequent Discovery of Facts
Special Purpose FS

* Multiple uncertainties may cause the auditor to issue a DISCLAIMER OF OPINION.

** • Only if GC uncertainty is adequately disclosed.
• If it was not adequately disclosed, the auditor will issue a QUALIFIED OR ADVERSE OPINION.
• If the GC assumption is inappropriate and the entity insists to use GC principle, the auditor will issue an ADVERSE OPINION.

OTHER MATTER PARAGRAPH

OTHER MATTER
(to communicate a matter other than those that are presented or disclosed in the FS)

REPORTING ON COMPARATIVE INFORMATION

PSA 710 identified two framework on comparative information:
1. Comparative FS – amounts and disclosures for the preceding period are not part of current FS
a. PPFS were audited by a continuing auditor (state the fact of different updated opinion report, date
of PY report, type of PY opinion, reason of changing opinion)
b. PPFS were audited by another auditor (may either reissue predecessor PPFS or successor will
make reference on predecessor’s report)
c. PPFS were not audited (revise PPFS if it is materially misstated, then if mgmt. refused to revise FS,
the auditor will issue a QUALIFIED OR ADVERSE OPINION)
2. Corresponding Figures - amounts and disclosures for the preceding period are part of current FS
(comparatives are not specifically identified because the opinion is only on the current period FS
only)

MATERIAL INCONSISTENCIES – exists when the other information* contradicts the information contained in the
audited FS.

FINANCIAL STATEMENTS LIMITING THE USE OF THE AUDITOR’S SUBSEQUENT DISCOVERY

PREPARED USING MORE THAN REPORT OF FACTS
ONE FINANCIAL FRAMEWORKS (Indicate in Other Matter Paragraph
(Include in other matter that auditor’s report is intended solely (Refer to post-audit
paragraph if the frameworks are for intended users) responsibilities)
acceptable)
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

OTHER INFORMATION ACCOMPANYING FINANCIAL STATEMENTS

* PSA 720 states that the auditor has no responsibility to corroborate the other info (such as in annual reports), but he should
read the other info to determine that it is not materially inconsistent with the FS and whether the other information needs to be
amended).
✓ If an amendment is necessary in the FS, and the entity refuses to make an amendment, the auditor will issue either a
QUALIFIED OR ADVERSE OPINION.
✓ If an amendment is necessary in the other information, and the entity refuses to make an amendment, the auditor
should consider making an Other Matter paragraph indicating the material inconsistency, withhold the auditor’s opinion,
or withdraw from the engagement

MATERIAL MISSTATEMENT OF FACTS: This exists when other information, not related to matters appearing to FS, is incorrectly
presented. If the auditor concludes that there is a material misstatement of fact and the mgmt. refuses to correct the other
information, the auditor should notify the audit committee and if necessary, obtain legal advice.

AUDIT OF GROUP FINANCIAL STATEMENTS

✓ A group auditor is the auditor with responsibility for reporting the FS of an entity when those FS include
financial information of one or more components audited by another auditor.
✓ If the group auditor has not become satisfied about the professional competence and the independence of
the component, the group auditor should obtain sufficient appropriate audit evidence relating to the financial
information of the entity by auditing the FS of the component.
✓ Auditor’s report on group financial statements shall not refer to a component auditor.

REPORTS ON SPECIAL PURPOSE FINANCIAL STATEMENTS

✓ SPFS are made by entities that are complying with a special financial reporting framework designed to me et
the needs of specific users (PSA 800). Examples include other comprehensive basis of accounting like cash
basis accounting, financial reporting framework established by SEC, IC, or BSP, and financial reporting
provisions of a contract such as bond indenture, loan agreement or a project grant.
✓ Audit report of SPFS should include an EMPHASIS OF MATTER PARAGRAPH.

AUDIT OF SINGLE FINANCIAL STATEMENT OR SPECIFIC ELEMENT OF A FINANCIAL STATEMENT

✓ These are engagements that requested to express an opinion on a single FS or one of components of a FS. This
type of engagement does not result to an expression of an opinion on FS taken as a whole.
✓ When accepting this type of engagement: the auditor may need to examine other related accounts,
materiality should be related to the specific account, and auditor’s report on a component of FS should not
accompany the FS of the entity.
✓ When the auditor undertakes an engagement to report on a single FS or on a specific element of a FS,
the auditor should express a separate opinion for each engagement.
✓ In case the auditor expresses an adverse or disclaimer of opinion as a whole but the auditor consider it
appropriate to express an unmodified opinion on the single FS/specific element (which is a piecemeal
opinion), the auditor shall only do so if:
1. the auditor is not prohibited by law or regulation,
2. the report on the element is not published together with the auditor’s report on the complete FS, and
3. the specific element does not constitute a major portion of the entity’s complete FS.

REPORTING ON SUMMARY FINANCIAL STATEMENTS

✓ Summary financial statements are derived only from the complete set of FS (to highlight the entity’s financial
position and results of operation).
✓ The auditor’s report on the audited FS should express an opinion about whether the summary FS are
consistent with the audited FS or whether the summary FS are a fair summary of the audited FS.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

ASSURANCE ENGAGEMENTS AND RELATED SERVICES

There are four types of services that are normally performed in connection with the entity’s FS. These are:
1. Audit 3. Compilation
2. Review 4. Agreed-Upon Procedures

Objective To express an To enable the CPA to To carry out audit To assist the client in
opinion on the FS report whether anything procedures agreed on the preparation of the
has come to his attention with the client and any FS
that would indicate the FS appropriate third parties
are not presented fairly identified in the report
Level of High/ Reasonable Moderate/Limited None None
Assurance
provided by
the CPA
Type of Positive assurance Negative assurance Description of Identification of
Report Issued (opinion) procedures performed financial information
and actual findings compiled
Basic Risk assessment Inquiry and analytical As agreed Assemble FS based on
Procedure procedures, test of procedures. It does not client’s data.
controls, and include assessing control
substantive tests risk, test of records and
of responses to inquiries
by obtaining
corroborating evidence.
Independence Required Required Not Required Not Required
Requirement

ASSURANCE ENGAGEMENTS
✓ PSA 3000 states that assurance engagements are intended to enhance the credibility of information about a
subject matter by evaluating whether the subject matter conforms in all material respects with suitable
criteria.
✓ Types of assurance engagement: reasonable assurance engagement (audit) and limited assurance engagement
(review).
✓ Elements of Assurance Engagements:
1. Three-party relationship
2. Appropriate subject matter
3. Suitable criteria
4. Sufficient appropriate evidence
5. Written assurance report
REPORTS ON PROSPECTIVE FINANCIAL INFORMATION
✓ Prospective financial information is financial information based on assumptions about events that may occur
in the future and possible actions of the entity. There are two types:
1. Forecast - PFI prepared on the basis of the assumptions as to future events which mgmt. expects to take
as of the date the information is prepared (best-estimate assumptions)
2. Projections – PFI prepared on the basis of hypothetical assumptions or a mixture of best-estimate
and hypothetical.
✓ PSA 3400 states that the auditor, when examining PFI, should obtain sufficient appropriate evidence that PFI
are reasonable, properly prepared and presented, and on consistent basis.
✓ When reporting on the reasonableness of mgmt. assumptions, the auditor normally provides only moderate
level of assurance.
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

THE CODE OF ETIHICS AND REPUBLIC ACT 9298

THE CODE OF ETIHICS
THE CODE OF PROFESSIONAL ETHICS - standards of conduct that embody and demonstrate integrity, objectivity, and
concern for the public interest.
The Code of Ethics for Professional Accountants in the Philippines is based on the IFAC Code of Ethics for
Professional Accountants.
The International Federation of Accountants (IFAC) serves the public interest by contributing to the development of
strong and sustainable organizations, markets, and economies. It advocates for transparency, accountability, and
comparability of financial reporting; helps develop the accountancy profession; and communicates the importance and
value of accountants to the global financial infrastructure.
Parts of “The Code of Ethics for Professional Accountants”:
• Part A—General Application of the Code
• Part B—Professional Accountants in Public Practice
• Part C—Professional Accountants in Business

Conceptual Framework Approach:

(a) Identify threats to compliance with the fundamental principles;
(b) Evaluate the significance of the threats identified; and
(c) Apply safeguards, when necessary, to eliminate the threats or reduce them to an acceptable level.
Threats
(a) Self-interest threat – is the threat that a financial or other interest will inappropriately influence the
professional accountant’s judgment or behavior.
Self-review threat – is the threat that a professional accountant will not objectively evaluate the results of the previous judgment ma
Advocacy threat – is the threat that a professional accountant will promote a client’s or employer’s position to

the point that the professional accountant’s objectivity is compromised.

(d) Familiarity threat – occurs when, by virtue of close relationship with a client, its directors, etc. becomes too
sympathetic to the client’s interests.
(e) Intimidation threat – is the threat that a professional accountant will be deterred from acting objectively
because of actual or perceived pressures, including attempts to exercise undue influence over the professional
accountant.
Safeguards
(a) Safeguards created by the profession, legislation or regulation; and
(b) Safeguards in the work environment.
• Firm-wide safeguards
• Engagement specific safeguards
• Safeguards within the client’s systems and procedures

PART A—GENERAL APPLICATION OF THE CODE

• Section 100 Introduction and Fundamental Principles
• Section 110 Integrity – not merely honesty but fair dealing and truthfulness.
• Section 120 Objectivity – to be fair, intellectually honest, and free of conflicts of interest
• Section 130 Professional Competence and Due Care –
✓ Professional competence means he/she should continually strive to improve his knowledge and skills to ensure
that a client or employer receives the advantage of competent professional service based on up-to-date
developments in practice, legislation, and techniques. It is divided into two phases: attainment and
maintenance
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

✓ Due professional care encompasses the responsibility to perform professional services in accordance with
technical and professional standards.
• Section 140 Confidentiality – he/she should not use or disclose any such information w/o proper and
specific authority or unless: permitted by the client or employer, required by law, there is a professional
duty to disclose information
• Section 150 Professional Behavior – he/she should comply with relevant laws and regulations

PART B—PROFESSIONAL ACCOUNTANTS IN PUBLIC PRACTICE

• Section 200 Introduction
• Section 210 Professional Appointment
• Section 220 Conflicts of Interest
• Section 230 Second Opinions
• Section 240 Fees and Other Types of Remuneration
• Section 250 Marketing Professional Services
• Section 260 Gifts and Hospitality
• Section 270 Custody of Client Assets
• Section 280 Objectivity―All
• Section 290 Independence―Audit and Review Engagements
• Section 291 Independence―Other Assurance Engagements

✓ Independence of mind - is the auditor’s perception of his own independence.

Independence in appearance – refers to the public perception of the professional accountant’s independence.
✓ Independence Requirements of Different Assurance Engagements:

Audit Yes Yes Yes

Non-audit (not restricted) Yes Yes No
Non-audit (restricted) Yes No No
Note: Additional requirement is that the firm should not have any
material financial interest (direct or indirect)

✓ Independence Interpretations and Rulings

Financial Interest Direct financial interest (material

or immaterial
Material indirect financial interest
Loans and guarantees Loan to an assurance client that si
Loan to afinancial institution,
not a financial institution
providedthattheloanis
immaterial to both and made my
normal lending circumstances
Close Business Relationships Considered as an indirect financial interest, must be material to impair independence
Family and Personal Relationships Member of assurance team is an immediate family member of the assurance client
Past employment with an assurance Member of assurance team had clientserved in position to influence the
subject matter of the engagement
Serving as an officer or director on As an honorary member, that he Serves as an officer or a director
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

the Board of Assurance Clients does not participate in the mgmt. on the board of an assurance client
or operations of the client
Long association with assurance ✓ Lead engagement partners must
clients be rotated at least once every 5
years (for listed companies)
Provision of accounting and ✓ Provision of services to an audit
bookkeeping services to assurance client hat is a public interest entity
clients
Provision of taxation services to 
assurance clients
Provision of legal services to ✓ Advisory services ✓ Advocacy services
assurance clients ✓ Corporate finance services
Recruiting Senior Management  Recruited for ultimate hiring ✓ Recruited for consulting services
decision
Fees – overdue  At the time of issuing the
assurance report, the PY
professional fees due from client
is unpaid
Contingent Fees   Fees that are fixed by court or
other public authority, fees
determined based on the results
of judicial or gov’t agency
proceedings
Gifts and Hospitality 
Actual or threatened litigation 

PART C—PROFESSIONAL ACCOUNTANTS IN BUSINESS

• Section 300 Introduction
• Section 310 Potential Conflicts
• Section 320 Preparation and Reporting of Information
• Section 330 Acting with Sufficient Expertise
• Section 340 Financial Interests
• Section 350 Inducements

REPUBLIC ACT NO. 9298: THE PHILIPPINES ACCOUNTANCY ACT OF 2004

Overview of RA 9298 and its IRR
The Republic Act No. 9298, including its implementing rules and regulations, consists of:
• five Articles • has three Annexes; and
(Rules);
• was enacted into law on May 13, 2004.
• with 44 Sections;

1. Article I | Rule I
- Act shall govern & provide
for: O Regulation of
education O Examination
for CPA
O Supervision, control and regulation of practice
- Scope of practice: O Education
O Public accountancy O Government
O Commerce & industry
- Definition of terms
 AC17&18: ASSURANCE PRINCIPLES, PROFESSIONAL ETHICS AND GOOD GOVERNANCE REVIEWER
ALAMO, MARK JOSEPH S.

2. Article II | Rule II
Professional Regulatory Board
- Chairman & 6 members
- APO should submit its nominees not later than 60 days
- Qualifications:
O Natural born Filipino O Of good moral character
O Registered CPA w/ 10 O Not have any pecuniary interest
years experience O Not a director or officer of APO
- Term: 3 years ; no person shall serve in the Board for more than 12 years
- Receive compensation & allowances
- Powers & functions:
O Monitor conditions O Adopt official seal
O Supervise registration, licensure & O Investigate violations
practice O Punish for contempt
O Prescribe & adopt rules O Prepare/Amend syllabi for
O Conduct oversight into quality examinations
O Issue, suspend, revoke or reinstate O Exercise other powers provided by
the registration law
- Submit a report @ close of each year
- FRSC composed of 15 members with a chairman and 14 representatives
- AASC composed of 15 members with a chairman and 14 representatives
- Educational Technical Council (ETC) composed of 7 members with a chairman and 6 representatives with the
functions of:
O Determine a min standard curriculum
O Establish teaching standards
O Monitor progress of program
O Evaluate performance of educational institutions
- Board is under supervision of the Commission
- May remove/suspend members of the board when:
O Neglect of duty
O Violation of the Act
O Final judgment of crimes involving moral turpitude
O Manipulation

3. Article 3 | Rule III

Examination, Registration & Licensure
- Qualifications for examinations:
O Filipino citizen
O Good moral character
O BSA degree
O Not convicted of any crime involving moral turpitude
- Documents submitted to support requirements:
O NSO
O College Diploma
O NBI Clearance
- Scope of exam:
O TOA O AT
O Business Law & Tax O AP
O MAS O PRAC 1 & 2
- Rating: general average of 75% w/ no grades lower than 65%