AUDITING
THEORY
Principles of International Auditing & Assurance
[fourth edition]
,INDEX
COLLEGE 1: Introduction, planning the audit & materiality.................................................................................... 2
Chapter 1.2: What is an audit?............................................................................................................................ 2
Chapter 2.6: Standard Setting ............................................................................................................................. 2
Chapter 4: The foundations of auditing and assurance ...................................................................................... 3
Chapter 7.2: Planning objectives and procedures (Phase 2, Part 1) ................................................................... 4
Chapter 7.3: Understanding the entity (Phase 2, Part 1) .................................................................................... 4
Chapter 7.4: Audit risk model (Phase 2, Part 1) .................................................................................................. 5
Chapter 7.5: Materiality (Phase 2, Part 1) ........................................................................................................... 7
COLLEGE 2: Response to assessed risk and audit evidence .................................................................................... 8
Chapter 8: Internal control and control risk (Phase 2, Part 2) ............................................................................ 8
Chapter 9: Building and execution of the test plan and auditor’s response to assessed risk (Phase 3, Part 1) 14
Chapter 9: Building and execution of the test plan – analytical review (phase 3, part 2) ................................ 22
COLLEGE 3: Communication with CG bodies, group audits and using the work of others ................................... 26
Chapter 12.8: Communication with those charged with governance .............................................................. 26
Chapter 13.4: Group audits ............................................................................................................................... 26
Chapter 6.6: Use of other professionals in the audit ........................................................................................ 30
COLLEGE 4: Fraud and the auditor, service organisations & evaluating and concluding the audit ...................... 31
Chapter 5: Fraud and other considerations of law and regulation in an audit ................................................. 31
Chapter 7.7: Using the work of others and considering the auditee’s use of service organisations ................ 35
Chapter 11.8: Evaluation of the going concern assumption ............................................................................. 37
Chapter 10.8: Evaluation of misstatements identified during the audit (ISA 450) ........................................... 37
Chapter 11.9: Review of financial statements and other information ............................................................. 38
Chapter 12.6: Type of audit report ................................................................................................................... 38
Note: the summary is divided into the four main lectures given. There was also an IT lecture; this is already
incorporated into the other lectures, and the papers from this lecture are not incorporated. The guest lecture is
not included (this was a paper).
,COLLEGE 1: INTRODUCTION, PLANNING THE AUDIT & MATERIALITY
CHAPTER 1.2: WHAT IS AN AUDIT?
An audit is a systematic process of objectively obtaining and evaluating evidence regarding assertions about
economic actions and events to ascertain the degree of correspondence between these assertions and
established criteria, and communicating the results to intended users (ISA 200).
Investors and creditors may have objectives different from management's. Investors and creditors must
depend on the fair reporting of the financial statements. To give them confidence in the financial statements,
an auditor provides an independent and expert opinion on the fairness of the report, called an audit opinion.
The audit follows a structured, documented plan. The audit must be planned and structured so that those
carrying it out can thoroughly examine and analyse all relevant evidence. An audit is conducted objectively.
The evidence obtained and evaluated by the auditor concerns assertions about economic actions and events.
The basis for evidence-gathering objectives — what the evidence must prove — is management's assertions.
Assertions are representations by management, explicit or otherwise, that are embodied in the financial
statements.
The goal of the audit is to communicate the rituals to the intended users. The audit is conducted to express an
informed opinion in a written report.
ISA 200 sets out several requirements for the audit of financial statements. The auditor is required to comply
with relevant ethical requirements, including those about independence. The auditor shall plan and perform an
audit with professional scepticism, recognising that circumstances may exist that cause the financial
statements to be materially misstated. Professional scepticism is an attitude that includes a questioning mind.
The auditor shall exercise professional judgement in planning and performing an audit. This is the application of
relevant training, knowledge and experience.
It can be said that the function of auditing is to lend credibility to the financial statements. The financial
statements are the responsibility of management, and the auditor’s responsibility is to lend them credibility.
To design audit procedures to determine whether financial statements are materially misstated, the auditor
considers risk at two levels. One level of risk is that the overall financial statements may be misstated. The
second risk is misstatement in relation to classes of transactions, account balances and disclosures.
While the auditor is responsible for forming and expressing an opinion, the responsibility for preparing and
presenting the financial statements rests with the entity's management.
CHAPTER 2.6: STANDARD SETTING
ISAs are the standards of most interest to auditors because they govern the most frequent work auditors
perform (not all countries require ISAs). ISAs are harmonisation standards; their application promotes
consistent auditing worldwide.
ISA 100-199 Introductory matters
ISA 200-299 General principles and responsibilities
ISA 300-499 Risk assessment and respond to assessed risk.
ISA 500-599 Audit evidence
ISA 600-699 Using the work of others
ISA 700-799 Audit conclusions and reporting
, ISA 800-899 Specialized areas
CHAPTER 4: THE FOUNDATIONS OF AUDITING AND ASSURANCE
When auditors issue an auditor’s report on financial statements, they declare with reasonable assurance that
the financial statements give a true and fair view of the financial statements as a whole against the applicable
financial reporting framework (true is the sense taken into account a certain threshold). A true and fair view
indicates that the financial statements are free from material misstatements due to error or fraud.
The audit consists of the following phases:
Phase 1: deciding to accept or continue with the client/engagement
Phase 2: understanding the organisation and determining the risks of material misstatement, and
identifying which internal control measures the organisation has taken to manage these risks.
Phase 3: determining the effectiveness of internal control measures insofar as you intend to rely on
them and performing substantive tests that are still required to obtain the required reasonable level
of assurance.
Phase 4: evaluating and communicating the findings and articulating the opinion.
REASONABLE ASSURANCE
ISA 200 defines reasonable assurance as: ‘a high level of assurance but not absolute’, because the auditor has
limitations. It is not justifiable to audit every single item; it is sometimes impossible to wait for additional audit
evidence to become available. Statements consist of many judgmental items, and the majority of the audit
evidence on which the auditor bases his opinion is persuasive rather than conclusive.
SUFFICIENT APPROPRIATE AUDIT EVIDENCE
Audit evidence is all the information the auditor uses to form their opinion. Audit evidence has quantitative
(sufficient) and qualitative (appropriate, relevant, and reliable) aspects. The auditor must determine whether
she has sufficient and appropriate audit evidence to conclude that the financial statements give a true and fair
view. In making this determination, the auditor considers the effect, individually and collectively, of
uncorrected misstatements that are not materially misstated and thus that she has sufficient appropriate audit
evidence.
MATERIALITY
A material misstatement is a deviation that makes it likely that the judgment of a reasonable person, who relies
on that information, will be influenced or affected by the misrepresentation or omission. Not all misstatements
have relevance to all users. There is no magic formula for determining which misstatement is material to which
user. The auditor must base this on her professional judgement. She often uses benchmarks (e.g., percentage
THEORY
Principles of International Auditing & Assurance
[fourth edition]
,INDEX
COLLEGE 1: Introduction, planning the audit & materiality.................................................................................... 2
Chapter 1.2: What is an audit?............................................................................................................................ 2
Chapter 2.6: Standard Setting ............................................................................................................................. 2
Chapter 4: The foundations of auditing and assurance ...................................................................................... 3
Chapter 7.2: Planning objectives and procedures (Phase 2, Part 1) ................................................................... 4
Chapter 7.3: Understanding the entity (Phase 2, Part 1) .................................................................................... 4
Chapter 7.4: Audit risk model (Phase 2, Part 1) .................................................................................................. 5
Chapter 7.5: Materiality (Phase 2, Part 1) ........................................................................................................... 7
COLLEGE 2: Response to assessed risk and audit evidence .................................................................................... 8
Chapter 8: Internal control and control risk (Phase 2, Part 2) ............................................................................ 8
Chapter 9: Building and execution of the test plan and auditor’s response to assessed risk (Phase 3, Part 1) 14
Chapter 9: Building and execution of the test plan – analytical review (phase 3, part 2) ................................ 22
COLLEGE 3: Communication with CG bodies, group audits and using the work of others ................................... 26
Chapter 12.8: Communication with those charged with governance .............................................................. 26
Chapter 13.4: Group audits ............................................................................................................................... 26
Chapter 6.6: Use of other professionals in the audit ........................................................................................ 30
COLLEGE 4: Fraud and the auditor, service organisations & evaluating and concluding the audit ...................... 31
Chapter 5: Fraud and other considerations of law and regulation in an audit ................................................. 31
Chapter 7.7: Using the work of others and considering the auditee’s use of service organisations ................ 35
Chapter 11.8: Evaluation of the going concern assumption ............................................................................. 37
Chapter 10.8: Evaluation of misstatements identified during the audit (ISA 450) ........................................... 37
Chapter 11.9: Review of financial statements and other information ............................................................. 38
Chapter 12.6: Type of audit report ................................................................................................................... 38
Note: the summary is divided into the four main lectures given. There was also an IT lecture; this is already
incorporated into the other lectures, and the papers from this lecture are not incorporated. The guest lecture is
not included (this was a paper).
,COLLEGE 1: INTRODUCTION, PLANNING THE AUDIT & MATERIALITY
CHAPTER 1.2: WHAT IS AN AUDIT?
An audit is a systematic process of objectively obtaining and evaluating evidence regarding assertions about
economic actions and events to ascertain the degree of correspondence between these assertions and
established criteria, and communicating the results to intended users (ISA 200).
Investors and creditors may have objectives different from management's. Investors and creditors must
depend on the fair reporting of the financial statements. To give them confidence in the financial statements,
an auditor provides an independent and expert opinion on the fairness of the report, called an audit opinion.
The audit follows a structured, documented plan. The audit must be planned and structured so that those
carrying it out can thoroughly examine and analyse all relevant evidence. An audit is conducted objectively.
The evidence obtained and evaluated by the auditor concerns assertions about economic actions and events.
The basis for evidence-gathering objectives — what the evidence must prove — is management's assertions.
Assertions are representations by management, explicit or otherwise, that are embodied in the financial
statements.
The goal of the audit is to communicate the rituals to the intended users. The audit is conducted to express an
informed opinion in a written report.
ISA 200 sets out several requirements for the audit of financial statements. The auditor is required to comply
with relevant ethical requirements, including those about independence. The auditor shall plan and perform an
audit with professional scepticism, recognising that circumstances may exist that cause the financial
statements to be materially misstated. Professional scepticism is an attitude that includes a questioning mind.
The auditor shall exercise professional judgement in planning and performing an audit. This is the application of
relevant training, knowledge and experience.
It can be said that the function of auditing is to lend credibility to the financial statements. The financial
statements are the responsibility of management, and the auditor’s responsibility is to lend them credibility.
To design audit procedures to determine whether financial statements are materially misstated, the auditor
considers risk at two levels. One level of risk is that the overall financial statements may be misstated. The
second risk is misstatement in relation to classes of transactions, account balances and disclosures.
While the auditor is responsible for forming and expressing an opinion, the responsibility for preparing and
presenting the financial statements rests with the entity's management.
CHAPTER 2.6: STANDARD SETTING
ISAs are the standards of most interest to auditors because they govern the most frequent work auditors
perform (not all countries require ISAs). ISAs are harmonisation standards; their application promotes
consistent auditing worldwide.
ISA 100-199 Introductory matters
ISA 200-299 General principles and responsibilities
ISA 300-499 Risk assessment and respond to assessed risk.
ISA 500-599 Audit evidence
ISA 600-699 Using the work of others
ISA 700-799 Audit conclusions and reporting
, ISA 800-899 Specialized areas
CHAPTER 4: THE FOUNDATIONS OF AUDITING AND ASSURANCE
When auditors issue an auditor’s report on financial statements, they declare with reasonable assurance that
the financial statements give a true and fair view of the financial statements as a whole against the applicable
financial reporting framework (true is the sense taken into account a certain threshold). A true and fair view
indicates that the financial statements are free from material misstatements due to error or fraud.
The audit consists of the following phases:
Phase 1: deciding to accept or continue with the client/engagement
Phase 2: understanding the organisation and determining the risks of material misstatement, and
identifying which internal control measures the organisation has taken to manage these risks.
Phase 3: determining the effectiveness of internal control measures insofar as you intend to rely on
them and performing substantive tests that are still required to obtain the required reasonable level
of assurance.
Phase 4: evaluating and communicating the findings and articulating the opinion.
REASONABLE ASSURANCE
ISA 200 defines reasonable assurance as: ‘a high level of assurance but not absolute’, because the auditor has
limitations. It is not justifiable to audit every single item; it is sometimes impossible to wait for additional audit
evidence to become available. Statements consist of many judgmental items, and the majority of the audit
evidence on which the auditor bases his opinion is persuasive rather than conclusive.
SUFFICIENT APPROPRIATE AUDIT EVIDENCE
Audit evidence is all the information the auditor uses to form their opinion. Audit evidence has quantitative
(sufficient) and qualitative (appropriate, relevant, and reliable) aspects. The auditor must determine whether
she has sufficient and appropriate audit evidence to conclude that the financial statements give a true and fair
view. In making this determination, the auditor considers the effect, individually and collectively, of
uncorrected misstatements that are not materially misstated and thus that she has sufficient appropriate audit
evidence.
MATERIALITY
A material misstatement is a deviation that makes it likely that the judgment of a reasonable person, who relies
on that information, will be influenced or affected by the misrepresentation or omission. Not all misstatements
have relevance to all users. There is no magic formula for determining which misstatement is material to which
user. The auditor must base this on her professional judgement. She often uses benchmarks (e.g., percentage
