CHAPTER ONE

OVERVIEW OF AUDITING
Learning objectives
After Studying this chapter you should be able to
➢ Describe auditing.
➢ Distinguish between auditing and accounting.
➢ Explain the importance of auditing in reducing information risk.
➢ List the causes of information risk, and explain how this risk can be reduced.
➢ Describe assurance services and distinguish audit services from other assurance
and non-assurance services provide by CPAs.
➢ Differentiate the three main types of audits.
➢ Identify the primary types of auditors.

1.1 DEFINITION OF AUDITING

You might have heard of the terms 'Auditing' and 'auditors' many times. What is your
knowledge of the meaning of these terms? What in your understanding does auditor do?
When such questions are put to a group of people the replies would be quite different, and in
some cases interestingly some would reply that an auditor is a person who checks the
accounts and always finds fault with what has been done. Some others say that auditing is a
process through which frauds and errors are detected. One would say that an auditor is a
person who checks the correctness of accounts of an enterprise before they were made public.
All these view as represent what people generally think of auditing and auditors. However,
as competent expert of the subject of auditing, you need to understand the scope of auditing
and auditor in meaningful terms.
A quick auditing development of 20th century may be helpful to you in understanding the
direction in which auditing is moving. Among them the most significant developments are:

a) A shift in emphasis from the detection of fraud to the determination of fairness of

financial statements.
b) Increased responsibility of the auditors to third parties, such as governmental
agencies, stock exchanges and an investing public.
c) The change of auditing method from detailed examination of individual transaction, to
the use of sampling techniques, including statistical sampling.
d) Recognition of the need to consider internal control as a guide to the direction and
amount of testing and sampling to be performed.

1|14
 e) Development of new auditing procedures applicable to electronic data processing
systems and use of the computer as an auditing tool.
f) Recognition of the need for auditors to find means of protection from the current
wave of litigation
g) An increased demand for prompt disclosure of both favourable and unfavourable
information concerning any publicly owned company.
h) Increased concern with compliance by organizations with laws and regulations.
Different people have defined auditing in different ways. Most of these definitions give
importance only to some aspects of auditing. Let us, however, begin our discussion on the
nature of auditing by the following definitions, which explain auditing in a comprehensive
manner.
In its modern sense an audit is defined, as a process carried out by suitably qualified auditors
where by the accounting records of the business entity are subject to scrutiny in such due as
will enable the auditors to form an opinion as to their truth, fairness and accuracy. In other
words, audit is a systematic and scientific process to obtain objective evidence and examine
several books of accounts by independent auditors.

Auditing is the accumulation and evaluation of evidence about information to determine and
report on the degree of correspondence between the information and established criteria.
Auditing is a systematic process of objectively obtaining and evaluating evidence regarding
assertions about economic actions and events to ascertain the degree of correspondence between
those assertions and establishing criteria and communicating the results to interested users.
Essential Elements of the definition

✓ Information and established criteria

To do an audit, there must be information in a verifiable form and some standards
[criteria] by which the auditor can evaluate the information. Information can and does
take many forms. Auditors routinely perform audits of quantifiable information,
including companies’ financial statements and individuals’ federal income tax returns.
Auditors also perform audits of more subjective information, such as the effectiveness
of computer systems and the efficiency of manufacturing operations. The criteria for
evaluating information also vary depending on the information being audited.

✓ Accumulating and evaluating evidence

Evidence is defined as any information used by the auditor to determine whether the
information being audited is in accordance with the established criteria. Evidence takes
many different forms, including oral testimony of the auditee, written communication

2|14
 with outsiders, and observations by the auditor. It is important to obtain a sufficient
quality and volume of evidence to satisfy the purpose of the audit.

✓ Competent, independent person

The auditor must be qualified to understand the criteria used and competent to know the
types and amount of evidence to accumulate to reach the proper conclusion after the
evidence has been examined. The auditor also must have an independent mental attitude.
It does little good to have competent person who is biased performing the evidence
accumulation when unbiased information and objective thinking are needed for the
judgments and decisions to be made.

✓ Reporting
The final stage in the audit process is the audit report, which is the communication of the
findings to users. Reports differ in nature, but in all cases they must inform readers of the
degree of correspondence between information and established criteria. Reports also
differ in form and can vary from the highly technical type report usually associated with
financial statement audits to a simple oral report in the case of an operational audit done
of a small department’s effectiveness.

1.3. FEATURES OF AUDITING

a) Audit is a systematic and scientific examination of the books of accounts of a
business;
b) Audit is undertaken by an independent person or body of persons who are duly
qualified for the job.
c) Audit is a verification of the results shown by the profit and loss account and the state
of affairs as shown by the balance sheet.
d) Audit is a critical review of the system of accounting and internal control.
e) Audit is done with the help of vouchers, documents, information and explanations
received from the authorities.
f) The auditor has to satisfy himself with the authenticity of the financial statements and
report that they exhibit a true and fair view of the state of affairs of the concern.
g) The auditor has to inspect, compare, check, review, scrutinize the vouchers supporting
the transactions and examine correspondence, minute books of shareholders,
directors, Memorandum of Association and Articles of association etc., in order to
establish correctness of the books of accounts.

3|14
1.4 THE NEED OF AUDITING
1. A Tool for control: The first advantage of auditing is that it serves as a tool to control
over those who handle the resources belonging to others.
 Audit seeks to ensure that the officials use the public funds properly.
 It has been a function of auditing to act as a check on those who handle the funds
belonging to others.
 The mere fact that there would be an audit of accounts acts as a check on those using
the funds and makes them cautious.
 Moreover, it acts as a moral check on employees, since they fear that the auditor
would discover any errors or frauds.
 Thus, it acts as a means of protecting against misuse of funds and reduces the
possibility of errors and frauds.
2. Enhancing credibility of information: Another important advantage of auditing is that it
enhances the credibility of economic information.
➢ It is obvious that one would place greater reliance on financial statement if it has
been audited than would be the case otherwise. That is auditors lend credibility to the
financial statements. This is because the auditor is an independent and objective
expert who has no any stake in the management of the enterprise under audit.
➢ Auditors in their audit report express an opinion that the company’s presentation of
financial position, results of operations and changes in financial position is in
accordance with generally accepted accounting principles or some other disclosed
basis of accounting.
3.Improving economy and efficiency: In any type of audit engagement, the auditor reviews
the activities of the enterprise and often forwards suggestions to improve the efficiency of
various activities of the enterprise.
➢ Performance audit specifically is designed to review the operations and activities
➢ So that wastages and losses can be minimized, weaknesses in the system can be
identified and overcome and controls can be strengthened.
➢ In general auditing enhances efficient utilization of resources.

4. Regulatory requirements make auditing mandatory:

In many countries, it is a must for business organizations to file their audited financial
statements to renew their licenses and permits.
Some types of audits are conducted for certain special purposes.
➢ Income tax laws of many countries provide for audit of accounts of large businesses,
primarily as an aid to the tax authorities.

4|14
 ➢ Some organizations are legally required to get their financial statements audited.
➢ For instance, the 1960 Commercial code of Ethiopia requires any share company in
Ethiopia to get books of accounts audited annually so as to renew their license.
Though auditing has the above advantages along with others, auditing has its own limitations.
Some of these limitations are:
1. Its opinion is based on sampling. i.e... It does not look at 100% of transactions
2. It cannot predict future events
3. It may fail to detect fraudulent transactions.
4. Evidence obtained is persuasive(convincing), rather than conclusive(definite)
5. Provides reasonable assurance, not absolute assurance
6. The inherent limitations in accounting still exists in auditing

1.5 DISTINCTION BETWEEN ACCOUNTING AND AUDITING

➢ Accounting is the recording, classifying, and summarizing of economic events for the
purpose of providing financial information used in decision making. To provide
relevant information, accountants must have a thorough understanding of the
principles & rules that provide the basis for preparing the accounting information.
➢ Auditing is determining whether recorded information Properly reflects the economic
events that occurred during the accounting period.
➢ Because international accounting standards provide the criteria for evaluating whether
the accounting information is properly recorded, auditors must thoroughly understand
those accounting standards.
➢ In addition to understanding accounting, the auditor must possess expertise in the
accumulation and interpretation of audit evidence.
➢ It is this expertise that distinguishes auditors from accountants.
Point of differences Accounting Auditing
Primary function Preparation of financial statement Audit of financial statements

Criteria in Discharging Generally accepted accounting principles Generally accepted auditing

responsibilities GAAP/IFRS standards (GAAS)
Its nature ✓ Constructive ▪ Analytical
✓ it is concerned with finalization of ▪ It is concerned with
accounts. establishment of
reliability of financial
statements.

5|14
commencement Accounting commences when book Auditing begins when
keeping ends. accounting ends.
Scope ▪ It involves various financial ▪ It depends upon the
statements. agreement or upon the
▪ It does not go beyond books of provisions of law.
accounts. ▪ It goes beyond books
of accounts.
End product Financial statements Audit reports

1.6. Auditing, Attestation, And Assurance Services

Assurance services:- are independent professional services that improve the quality of
information, or its context, for decision makers. Such services are valued because the
assurance provider is independent and perceived as being unbiased with respect to the
information examined.
Assurance services can be performed by CPAs or by a variety of other professionals.
Examples:
–Risk assessment
–Information system reliability
–Electronic commerce
–Health care performance measurement
For example, Consumers Union, a nonprofit organ, tests a wide variety of products
used by consumers & reports their evaluations of the quality of the products tested in
Consumer Reports.
• The organization provides the information to help consumers make intelligent
decisions about the products they buy.
• Many consumers consider the information in Consumer Reports more reliable than
information provided by the product manufacturers because Consumers Union is
independent of the manufacturers.
❖ Attestation:- One category of assurance services provided by CPAs is attestation
services.
• Attestation occurs when a practitioner is engaged to issue or does issue a written
communication that expresses a conclusion about the reliability of a written assertion
that is the responsibility of another party.
Examples:
–The effectiveness of internal control

6|14
 –Financial information other than the financial statements
–Future-oriented financial information
–Compliance with statutory, regulatory, or contractual obligations
–Management’s discussion and analysis
Attestation Services: Five Categories
1. Audit of historical financial statements
2. Attestation of internal control over financial reporting
3. Review of historical financial statements
4. Attestation services on information technology
5. Other attestation services
Audit of historical financial statements
➢ In an audit of historical financial statements, management asserts that the
statements are fairly stated in accordance with Applicable U.S. or international
accounting standards.
➢ An audit of these statements is a form of attestation service in which the
auditor issues a written report expressing an opinion about whether the FS are
fairly stated in accordance with the applicable accounting standards.
Audit of historical financial statements: For an audit of internal control over
financial reporting, management asserts that internal controls have been developed and
implemented following well established criteria.
Review of historical financial statements
❖ For a review of historical financial statements, management asserts that the
statements are fairly stated in accordance with accounting standards, the same as
for audits.
❖ The CPA provides a lower level of assurance for reviews of financial statements
compared to a high level for audits, therefore less evidence is needed.
Attestation Services On Information Technology
For attestations on info technology, mgt makes various assertions about the
reliability & security of electronic information's.
Many business functions, such as ordering and making payments, are
conducted over the Internet or directly b/n computers using electronic data
interchange (EDI).
As transactions & information are shared online and in real time, business
people demand even greater assurances about info, transactions, & the security
protecting them.

7|14
Other Assurance Services

• Most of the other assurance services that CPAs provide do not meet the formal
definition of attestation services.

• The CPA is not required to issue a written report.

• The assurance does not have to be about the reliability of another party’s assertion
about compliance with specified criteria.

• These other assurance service engagements focus on improving the quality of info for
decision makers, just like attestation services

Example

• Assess risks of accumulation, distribution, and storage of digital information which

involves assessing security risks and related controls over data and other information
stored electronically, including the adequacy of backup and off-site storage.
• Compliance with trading policies and procedures
• Compliance with entertainment royalty agreements
• ISO 900 certification
• Environmental audit
Non-Assurance Services Provided by CPAs

1. Accounting and bookkeeping services

2. Tax services
3. Management consulting services
1.7.Types of Audits
There are different types of audits conducted by different types of auditors. Such difference is
based on the scope and objective of the audit and employment of the auditors.
❖ Auditors perform different types of audits. Mainly there are four types of audits:
1. Financial statement audit
2. Operational/performance audit
3. Compliance audit and
4. Forensic audit.

1. Audit of Financial Statement

Audit of financial statements is actually part of the broader concept of the attest function. To
attest to information mean to provide assurance as to fairness or dependability. Certified
8|14
Public Accountants (CPAs) attest to a host of other types of information including the
reasonableness of financial forecasts, the adequacy of internal control and compliance with
laws and regulations. To attest to financial statements is to provide assurance as to their
fairness and dependability. The attest function consists of two phases. The first is the
performance of an audit; the second is the issuance of an audit report. The attest function
leads to credibility to management's representations that are contained in the financial
statements.
Audit of financial statements is conducted to determine whether the overall financial
statements such as income statement, balance sheet, statements of retained earnings and
cash flow statements are stated in accordance with specified criteria. It ordinarily covers the
balance sheet and the related statements of profit and loss and cash flows. Financial audit
generally is conducted to ascertain whether the financial statements present true and fair
views of the financial position and working results of an enterprise or organization. The
goals of audit of financial statements are to determine whether the statements have been
prepared in conformity with generally accepted accounting principles. The aim of an
independent financial audit is to ascertain if the financial statements of an enterprise are
reliable and dependable. Financial statements audits are normally performed by certified
public accountants.
The contribution of the independent financial audit is to give credibility to financial
statements. Credibility, in this usage means that the financial statements can be believed that
is, they can be relied upon by outsiders, such as stockholders, creditors, government and other
interested third parties.
The objective of an audit of financial statement is to enable the auditor to express an opinion
whether the financial statements are prepared in all material respects in accordance with an
identified financial reporting framework. The word “audited” when applied to financial
statements means that balance sheet, profit and loss statements and cash flows are
accompanied by an audit report prepared by independent auditors expressing their
professional opinion as to fairness of the enterprise's financial statements. Financial
statements prepared by management and released to outsiders without first being audited by
independent auditors leave a credibility gap. In addition to the audits of financial statements
that we have been discussing, you should be familiar with compliance audits and operational
audits.

The Objectives of Audit of Financial Statement are:

✓ To determine whether financial statements have been prepared in accordance to the

generally accepted accounting principles.
9|14
 ✓ To ensure the completeness of financial statements.
✓ To vouch the existence of recorded transactions in the financial statements.
✓ To examine the accuracy of the financial statements.
✓ To ensure that the net income / loss is the result of the operation for a given
accounting period.
✓ To verify availability of assets recorded in the balance sheet.
2. Compliance Audit
The performance of a compliance audit is dependent upon the existence of verifiable data and
of recognized criteria or standard established by an authoritative body. Such audits seek to
determine whether a tax collection is in compliance with tax laws and regulations.
Compliance audit is defined, as an audit to determine whether verifiable data such as income
tax returns or other financial statements are in conformity with established criteria, for
example, laws and regulations, society has always been concerned with compliance with laws
and regulations by all types of entities, business, government and nonprofit making
organizations. Legislative public officials and the general public want assurance about
compliance. Many governmental entities and non-profit making organizations that receive
financial assistance from banks are subject to periodic compliance audit. Such audits are
designed to determine whether the financial assistance is spent in accordance with applicable
laws and regulations.
In auditing the financial statements of the governmental and non-governmental organizations,
the auditors must often perform tests of compliance with laws and regulations to determine
that violations do not have a direct and material effect on financial statements.
The Objectives of Compliance Audits are:

✓ To determine whether there have been violations of laws and regulations that
may have a material effect on the organizations financial statements.
✓ To provide a basis for additional reports on compliance procedures that is not
tests of the internal control policies and procedures. Compliance procedure is
defined, as performing procedures to act with laws and regulations.
The auditors may discover violations of provisions of laws, regulations, contracts or grants
that result in which they estimate to be material misstatement to the organization's financial
statements. Such violations are known as material instances of non-compliance. Non-
compliance is the failure to act in accordance with laws or regulations. In these
circumstances, the auditors must consider the effect on their opinion issues on the financial
statements. The resulting misstatement, if left uncorrected, would normally require the

10 | 1 4
auditors to issue a qualified or adverse opinion. The auditors may also report a description or
any indications of illegal acts that could result in criminal prosecution.
3. Operational audits /Performance Audits/
An operation audit is a systematic independent appraisal activity within an enterprise for a
review of the entire departmental performance as a service to management. The overall
objective of operational auditing is to assist all levels of management in the effective
discharges of responsibilities by furnishing them with objective analysis, appraisal,
recommendations and pertinent comments concerning the activities reviewed. It may be
noted that the terms, operation audit and performance audit often are used interchangeably.
The purpose of an operational audit usually includes the intention to appraise performance of
a particular organizational function or group activities. However, the broad statement must
be expanded to specify precisely the scope of the audit and the nature of the report. The
auditors must determine specifically which policies and procedures are to be appraised and
show their relation to the specific objectives of the enterprise or organization.
Before starting the operational audit, the auditors must obtain a comprehensive knowledge of
the objectives, organizational structure and operating characteristics of the unit to be audited.
This familiarization process might begin with a study of organizational charts statements of
the function and responsibilities assigned are management polices and directives and
operating policies and procedures.

In attempting to meet, managerial needs operational auditors sample the work performance to
see whether it is in accordance with approved procedures. They verify the accuracy and
consistency of the information obtained in operating reports, and they study the format of the
reports to determine whether the information is presented in a meaningful form. The
auditor's responsibility for seeing that the enterprise's assets are safeguarded against fraud is
expanded to a responsibility for providing protection against all kinds of waste. An
enterprise having a strong system of internal control over its cash, inventory, and other
personal property will never suffer a serious loss from fraud or theft.
Now-a-days economic pressures are forcing companies and government enterprises at all
levels to economize, resulting in an increased demand for the information provided by
operational audits. The demand has been so pronounced that operational auditing has
become an extension of the internal auditing function of most large enterprises. Also
governmental auditors engage extensively in evaluating the economy, effectiveness and
efficiency of various government programs.

11 | 1 4
Objectives of Operational Audits

Internal auditors often perform operational audits. The main users of operational audit
reports are managers at various levels including the board of directors.
Decision makers need assurances that every component of an enterprise is working to attain
the organization's goals. For example, the management needs the following information.
✓ Assessment of the unit performance in relation to management's objectives or
other appropriate criteria.
✓ Assurance that its plans are comprehensive, consistent and understood at the
operating levels.
✓ Objective information on how well its plans and policies are being carried out
in all areas of operation's and opportunities for improvement in effectiveness,
efficiency and economy.
✓ Information on weakness in operating controls, particularly as to possible
sources of waste.
✓ Reassurance that all operating reports can be relied on as basis for action.
In every audit, it is important to state clearly the boundaries of the examination. These
boundaries identify the economic entity to be examined and the time period to be covered.
Thus, the boundaries serve to define and to limit the auditors' responsibilities. The economic
entity to be audited may be a sole proprietorship, a partnership, a corporation and its
subsidiaries.
4. Forensic audit: A forensic audit’s purpose is the detection of a wide variety of fraudulent
activities. Some of the examples where forensic audit might be conducted include:
• Business or employee fraud
• criminal investigations
• shareholders and partners disputes
• Business economic losses
• Matrimonial disputes.
1.8.Types of Auditors
Auditors are often viewed as falling into three main types

1. Independent financial auditor /Certified Public Accountant/

2. Internal auditors
3. government auditors
1. Independent/external financial auditor
Independent financial auditor or certified public accountant is a person licensed by the state
to practice public accounting as a profession based on having passed the uniform CPA
12 | 1 4
examination and having met certain education and experience. All recognized professions
have developed codes of professional ethics. The fundamental purpose of such codes is to
provide members with guidelines for maintaining a professional attitude and conduct them in
a manner that will enhance the professional values of their discipline.
To understand the importance of a code of ethics to public accountants and other
professionals, one must know the nature of a profession as opposed to other vocations.
Unluckily, there is no universally accepted definition of what constitutes a profession, yet, for
decades certain types of activities have been recognized, as professions while other have not.
Although public accounting is a newcomer to the standards of the professions, it has attained
wide recognition in recent years. Including public accounting profession, all of the
recognized professions have many common characteristics. The most important of these
characteristics are a responsibility to serve the public, of a complex knowledge, standards of
admission to the profession and a need for public confidence. To Certified Public
Accountants, public confidence is of special significance. Credibility is the product of the
certified public accountants. Without public confidence in the attester, the attest function
serves no useful purpose. To attest to financial statements means to provide assurance as to
their fairness and dependability. The attest function includes, first, the independent public
accountant, must carry out an examination to provide the objective evidence that enables the
auditors to express an informed opinion on the financial statements. Second, the attest
function is the issuance of the auditor's report, which conveys to users of the financial
statements the auditor opinion as to the fairness and dependability of the financial statements.
Reliable financial information is essential to the very existence of society. Thus, good
accounting and audited financial statement aid society in allocation its resources in the most
efficient manner. The goal is to allocate limited resources to the production of those goods
and services for which demand is greatest. Economic resources tend to be attracted to the
industries, and the organizational entities that are shown by accounting measurements to be
capable of using more resources to the best advantage. Inadequate and inappropriate
accounting result on the other hand, conceal waste and inefficiency and thereby prevent
resources from being allocated in a rational manner. It is the report by the independent
auditors that gives credibility to a set of financial statements and makes acceptable to
investors, bankers, government and other users.
2. Internal Auditors
Although most auditing literatures interest is primarily in the audit of financial statements by
Certified Public Accountants, other professional groups carry on large scale auditing. These
well known types of auditors are internal auditors.

13 | 1 4
The standard definition adapted by the Institute of Internal Auditors of United States of
America, however is that internal auditing is an independent appraisal activity established
within an organization or enterprise to examine and evaluate its activities as a service to the
organization in the effective discharge of their responsibilities by furnishing their analysis,
appraisals, recommendations and counsel. In performing these functions internal auditors
can be considered as a part of the organization's internal control structure. They represent
high level control that functions by measuring and evaluating the effectiveness of other
internal control policies and procedures. Internal auditors are not merely concerned with the
organization's financial controls. Their work encompasses the entire internal control
structure of the organization or enterprise. They evaluate and test the effectiveness of
internal control policies and procedures designed to help the organization or enterprises to
meet all of its objectives.
The internal auditing head often accordingly reports to the general manager or board of
directors or president or another high executive. This strategic placement high in the
organizational structure helps assure the internal auditors will have ready access to all units of
the business and that their recommendations will be given prompt attention by department
heads. This reporting standard provides guidance for the head of internal auditing in
managing the internal auditing functions. The head of internal auditing is responsible for
properly managing the departments to help assured that, the audit work is preformed in
accordance with professional standards and fulfills the general purposes and responsibilities
developed by management of the organization and the resources of the internal auditing
department are efficiently and effectively employed.
A large part of the internal auditors consists of operational audits in addition; they may
conduct numerous compliance audits. The number and kind of investigative activities varies
from year to year. Unlike the certified public accountants who are committed to verify each
significant item in the annual financial statements the internal auditors are not obliged to
repeat their audits in annual basis.
3. Government Auditors: are auditors employed by federal or regional government
agencies. In Ethiopia they include Office of auditor general (OAG) and Inland Revenue
Auditors. They primarily perform operational, management and compliance audit.

14 | 1 4