Case SOCIOLOGY 325 Summary CPA - Advanced Audit and Assurance (AAA) - edition 5

Assurance engagements - Definition and objectives - Elements of an assurance engagement - Types of assurance engagements - Levels of assurance and reports - Non-assurance engagements 10.2Nature and purpose of an audit - Nature and objectives - Audit as an assurance engagement - Development of audit (early audit and modern audit) - Types of audit and limitations 10.3Legal framework and regulation - Regulatory framework within which external audits take place - Statutory regulations; auditors' liability, appointment, removal, remuneration, resignation, rights and duties of auditors - International standards on auditing and other regulations - Professional ethics/code of ethics for professional accountants - Fundamental principles, threats and safeguards, other professional guidelines on audit fees, conflict of interest, advertising and opinion shopping 10.4Planning and risk assessment - Obtaining clients acceptance and retention - Understanding the entity and its environment - Audit planning, audit programmes and documentation - Assessing audit risks - Errors, fraud and other irregularities 10.5Overview of forensic accounting - Nature, purpose and scope of forensic accounting - Types of forensic investigations: Corruption, asset misappropriation, financial statement fraud, others - Fraud prevention and deterrence 10.6 Internal control systems - Internal controls theory and practice - Evaluation of internal control system and test of control - Communication on internal control system (management letter) - Information technology threats and control AUDITING AND ASSURANCE Contact: Page 3 10.7 Audit evidence - Financial statement assertions and audit evidence - Audit evidence procedures/techniques - Audit sampling and other means of testing - The audit of specific items (income/expenses/assets/liabilities) - Using the work of others (internal audit and experts) - Computer assisted audit techniques 10.8 Overall audit review - Subsequent events review - Going concern review - Contingencies and commitments - Management representations - Quality control and review - Role of auditors in receiverships and liquidation 10.9 Audit reports - 7th Schedule provisions on audit reports - Basic elements - Types of opinions - Emphasis of master paragraph - Features of audit reports 10.10 Auditing in the Public Sector - Introduction to auditing in the Public Sector; regulatory provisions - Establishment, mandate and functions of public sector auditors; Kenya National Audit Office (KENAO) and similar national audit bodies - Role of internal audit function in public entities - Relationship between external and internal auditors in the public sector - International Standards on Supreme Auditing Institutions 10.11 Emerging issues and trends AUDITING AND ASSURANCE Contact: Page 4 CONTENT TOPIC PAGE 1. Assurance engagements………………………………………………………………..5 2. Nature and purpose of an audit………………………………………………………12 3. Legal framework and regulation………………………………………………….….31 4. Planning and risk assessment…………………………………………………………66 5. Overview of forensic accounting…………………………………………………….113 6. Internal control systems…………………………………………………….…….…..125 7. Audit evidence……………………………………………………………….….……..139 8. Overall audit review……………………………………………………….………….193 9. Audit reports…………………………………………………………….….…………211 10.Auditing in the Public Sector………………………………………………...….…..224 Revised on: November 2016 AUDITING AND ASSURANCE Contact: Page 5 TOPIC 1 ASSURANCE ENGAGEMENTS DEFINITION AND OBJECTIVES The term assurance refers to the expression of a conclusion that is intended to increase the confidence that users can place in a given subject matter or information. For example, an auditor’s report is a conclusion that increases the confidence that users can place in a company’s financial statements. Audit engagement refers to audit performed by an auditor. It is the very first stage of an audit procedure where the client is notified by the auditor that the work pertaining to audit has been accepted by him/her and also provides clarifications with regard to the scope and purpose of audit. To be more specific, audit engagement can be referred to the written letter that the auditor uses to notify the client that he/she would be engaging in auditing services. Thus, the audit engagement procedure is basically a negotiation based on professional terms that takes place between prospective customer and a public accounting entity. This procedure is used for finding new customers and offer accounting related services to different businesses. The auditor uses the term ‘audit engagement’ when the entity has to undergo the auditing procedure. This could imply varied things and therefore it is necessary that the auditor clarifies what she/he exactly means by the term. Irrespective of the definition followed by the auditor, he/she makes it a point to follow certain specific guidelines and procedure for offering the services. Full Engagement Audit engagement consists of several steps that basically revolve around planning, substantiation, control testing and finalization. The very first step involves providing a letter to the client reminding him about the audit. Once the client has been contacts, both the auditor and client meet with each other to determine how, why and when the auditing would take place. In addition to this, the client also needs to provide the auditor with relevant resources for conducting the procedure smoothly. Following this, the auditor carries out surveys to find out more about the organization and its controls. This is followed by testing of controls and garnering of as much detail and information as is possible. On the basis of the results and information, the auditor prepares a temporary draft and shares the same with client. Once the client has gone through the draft report, he responds to the recommendations and findings made in it. After this, the auditor prepares a final audit report and may also request the client to fill a survey form to better understand his/her performance. The audit is completed after a follow up meeting with client, which usually happens within 6 months. AUDITING AND ASSURANCE Contact: Page 6 Objectives of the Practitioner A practitioner is an the individual(s) conducting the engagement (usually the engagement partner or other members of the engagement team, or, as applicable, the firm) by applying assurance skills and techniques to obtain reasonable assurance or limited assurance, as appropriate, about whether the subject matter information is free from material misstatement In conducting an assurance engagement, the objectives of the practitioner are: a) To obtain either reasonable assurance or limited assurance, as appropriate, about whether the subject matter information (that is, the reported outcome of the measurement or evaluation of the underlying subject matter) is free from material misstatement; b) To express a conclusion regarding the outcome of the measurement or evaluation of the underlying subject matter through a written report that clearly conveys either reasonable or limited assurance and describes the basis for the conclusion; and c) To communicate further as required by relevant ISAEs. In all cases when .reasonable assurance or limited assurance, as appropriate, cannot be obtained and a qualified conclusion in the practitioner's assurance report is insufficient in the circumstances for purposes of reporting to the intended users, the ISAEs require that the practitioner disclaim a conclusion or withdraw (or resign) from the engagement, where withdrawal is possible under applicable laws or regulations. NON-ASSURANCE ENGAGEMENTS Non-assurance Engagements If an engagement lacks the five elements of assurance engagements, it is considered nonassurance (residual definition). Examples of non-assurance engagement are the following: 1. Agreed-upon procedures 2. Compilations engagements 3. Preparation of Income tax returns where no conclusion conveying assurance is expressed 4. Management advisory services and Consulting 5. Engagement that includes rendering of professional opinions not intended to be an assurance report Elements of Assurance Engagements There are five elements that must all be present in order to qualify the engagement as an assurance engagement. 1. A three-party relationship involving a practitioner, a responsible party, and intended users; 2. An appropriate subject matter; 3. Sufficient appropriate evidence; 4. Suitable Criteria; AUDITING AND ASSURANCE Contact: Page 7 5. A written assurance report in the form appropriate to a reasonable assurance engagement or a limited assurance engagement. Appropriate Subject Matter The subject matter and the subject matter information of an assurance engagement can take many forms, such as:  Financial performance or conditions  Non-financial performance or conditions  Physical characteristics  Systems and Processes  Behavior An appropriate subject matter is  Identifiable and capable of consistent evaluation or measurement against the identified criteria  Capable of being subjected to procedures for gathering sufficient appropriate evidence to support a reasonable assurance or limited assurance conclusion, as appropriate Sufficient Appropriate Evidence  Sufficiency is the measure of the quantity of evidence o The quantity of evidence needed is affected by the risk of the subject matter being materially misstated.  Appropriateness is the measure of the quality of evidence, that is, its relevance and reliability o The reliability of evidence is influenced by its source and by its nature, and is dependent on the individual circumstances under which it is obtained. o Generalization about the reliability of evidence – evidence is more reliable if:  Obtain from independent source outside the entity  Generated internally when the related controls are effective  Obtained directly by the practitioner than indirect or by inference  Exist in documentary form  Provided by original documents  Merely obtaining more evidence may not compensate for its poor quality  The auditor should consider the cost of obtaining the usefulness of the evidence. Suitable Criteria The following are the characteristics of a criteria to be considered suitable:  Relevance – contribute to conclusions that assist decision-making by the intended users.  Completeness – the relevant factors that could affect the conclusions are not omitted. Includes benchmarks for presentation and disclosure AUDITING AND ASSURANCE Contact: Page 8  Reliability – allows reasonably consistent evaluation or measurement of the subject matter including where relevant, presentation and disclosure, when used in similar circumstances by similarly qualified practitioners  Neutrality – free from bias  Understandability – contribute to conclusions that are clear, comprehensive, and not subject to significantly different interpretations TYPES OF ASSURANCE ENGAGEMENTS 1. As to level of assurance: i. Reasonable Assurance – the objective is a reduction in assurance engagement risk to an acceptably low level as the basis for a positive form of expression of a practitioner’s conclusion. (e.g., audit of historical financial statements) ii. Limited Assurance – the objective is a reduction in assurance engagement risk to a level that is acceptable in the circumstances of the engagement, but where the risk is greater that for a reasonable assurance engagement, as the basis for a negative form of expression of the practitioner’s conclusion. (e.g., review of historical financial statements 2. As to structure of engagement: i. Assertion-based – the evaluation or measurement of the subject matter is performed by the responsible party, and the subject matter information is in the form of assertion to the intended users. ii. Direct Reporting – the practitioner either directly performs the evaluation or measurement of the subject matter, or obtains a representation from the responsible party that has performed the evaluation or measurement that is not available to intended users. The subject matter information is provided to the intended users in the assurance report. Importance of Assurance Engagements 1. Potential bias in providing information 2. Remoteness between a user and the organization 3. Complexity of the transactions, information, or processing systems 4. Investors need to manage their risk and thereby minimize financial surprises as consequences to investors, and others, of relying on inaccurate information can be quite significant. Limitations of Assurance Engagements 1. Use of selective testing (sampling) 2. Use of judgment 3. Inherent Limitations of internal control 4. Persuasive evidence rather than conclusive evidence 5. Characteristics of the subject matter AUDITING AND ASSURANCE Contact: Page 9 LEVELS OF ASSURANCE` AND REPORTS There are broad ranges of assurance engagement and each has distinct differences depending on the assurance requirements as follows: Review engagement: The auditor provides a moderate level of assurance that the information subject to review is free from material misstatement. This is expressed in the form of negative assurance. Agreed-upon procedures: The auditor simply provides report of the actual findings, so no assurance is expressed. Users of the report must instead judge for themselves the auditors' procedures and findings and draw their own conclusions from the auditors work. Compilation engagement: Users of compiled information gain some benefit from the accountant's (as opposed to the auditor's) involvement, but no assurance is expressed in the report. REPORTS The practitioner forms a conclusion on the basis of the evidence obtained, and provides a written report containing a clear expression of that conclusion that conveys the assurance obtained about the subject matter information. Assurance Standards establish basic elements for assurance reports. In an attestation engagement, the practitioner's conclusion can be worded either: a. in terms of a statement made by the measurer or evaluator, that is, the party responsible for measuring or evaluating the underlying subject matter (for example: — In our opinion the responsible party's statement that internal control is effective, in all material respects, based on XYZ criteria, is fairly statedil); or b. In terms of the underlying subject matter and the criteria (for example: —In our opinion internal control is effective, in all material respects, based on XYZ criteriall). In a direct engagement, the practitioner's conclusion is worded as for (b) above, that is in terms of the underlying subject matter and the criteria. Can the practitioner’s conclusion be worded in terms of: The underlying subject matter and the criteria? A statement made by the measurer or evaluator who is not the practitioner? Attestation engagement yes yes Direct engagement yes No (the practitioner is the measurer or evaluator in a direct engagement, so there is no statement made by another party) AUDITING AND ASSURANCE Contact: Page 10  In a reasonable assurance engagement, the practitioner's conclusion is expressed in the form that conveys the practitioner's opinion on the outcome of the measurement or evaluation of the underlying subject matter, for example: —In our opinion internal control is effective, in all material respects, based on XYZ criteria. This form of expression conveys —reasonable assurance. Having performed procedures of a nature, timing and extent that were reasonable given the characteristics of the underlying subject matter and other relevant engagement circumstances described in the assurance report, the practitioner has obtained sufficient appropriate evidence to reduce engagement risk to an acceptably low level.  In a limited assurance engagement, the practitioner's conclusion is expressed in a form that conveys that, based on the procedures performed, nothing has come to the practitioner's attention to cause the practitioner to believe the subject matter information: is materially misstated, for example, —Based on our work described in this report, nothing has come to our attention that causes us to believe that internal control is not effective, in all material respects, based on XYZ criteria. This form of expression conveys a level of —limited assurance that is commensurate with the level of the practitioner's procedures given the characteristics of the underlying subject matter and other engagement circumstances described in the assurance report.  The practitioner may choose a —short form or —long form style of reporting to facilitate effective communication to the intended users. —Short-form reports ordinarily include only the basic elements. —Long-form reports include other information and explanations that are not intended to affect the practitioner's conclusion. As well as the basic elements, long-form reports may describe in detail the terms of the engagement, the criteria being used, findings relating to particular aspects of the engagement, details of the qualifications and experience of the practitioner and others involved with the engagement, disclosure of materiality levels, and, in some cases, recommendations. Whether to include any such information depends on its significance to the information needs of the intended users.  The practitioner's conclusion on the subject matter information is clearly separated from any emphasis of matter, -findings, recommendations or similar information included in the assurance report, and the wording used makes it clear that findings, recommendations or similar information is not intended to detract from the practitioner's conclusion.  The practitioner's conclusion is modified when the following circumstances exist and, in the practitioner's professional judgment, the effect of the matter is or may be material: . a. There is a limitation on the scope of the practitioner's work. The practitioner expresses The practitioner is unable to obtain sufficient appropriate evidence in the context of the engagement, in which case a scope limitation exists and a qualified conclusion or a disclaimer of conclusion is expressed depending onhow the materiality or pervasiveness of the limitation is. In some cases the practitioner considers withdrawing from the engagement. b. When: AUDITING AND ASSURANCE Contact: Page 11 i. The practitioner's conclusion is worded in terms of a statement made by the measurer or evaluator, and that statement is incorrect, in a material respects; or ii. The practitioner's conclusion is worded in terms of the underlying subject matter and the criteria, and the subject matter information is not free from material misstatement. In such cases, a qualified or adverse conclusion is expressed, depending on the materiality and pervasiveness of the matter A qualified conclusion is expressed as being —except for the effects, or possible effects. of the matter to which the qualification relates. In those cases where the practitioner's unqualified conclusion, would be worded in terms of a statement made by the measurer or evaluator, and that statement has identified and properly described that the subject matter information is materially misstated: a. A qualified or adverse conclusion worded in terms of the underlying subject matter and the criteria is expressed; or b. If specifically required by the terms of the engagement to word the conclusion in terms of statement made by the measurer or evaluator, an unqualified conclusion is expressed but emphasizes the matter by specifically referring to it in the assurance report. If it is discovered after the engagement has been accepted, that the criteria are unsuitable or the underlying subject matter is not appropriate for an assurance engagement. a. A qualified conclusion or adverse conclusion is expressed depending on how material or pervasive the matter is, when the unsuitable criteria or inappropriate underlying subject matter is likely to mislead the intended users; or b. A qualified conclusion or a disclaimer of conclusion is expressed depending on how material or pervasive the matter is, in other cases. In some cases the practitioner considers withdrawing from the engagement. A qualified conclusion is expressed when the effects, or possible effects, of a matter are not so material or pervasive as to require an adverse conclusion or a disclaimer of conclusion. A qualified conclusion is expressed as being —except for the effects, or possible effects, of the matter to which the qualification relates. AUDITING AND ASSURANCE Contact: Page 12 TOPIC 2 NATURE AND PURPOSE OF AN AUDIT NATURE AND OBJECTIVES Definition of an Audit: An audit is the independent examination of an expression of an opinion on the financial statements of an economic entity by appointed auditor in pursuance of that appointment and in compliance with any relevant statutory obligation The objective of an audit is to enable the auditor express an opinion whether financial statements show a true and fair view of the company state of affairs in accordance with an identified financial reporting framework. The purpose of an audit is not to provide additional information but rather it is intended to provide the users of the accounts with assurance that the information provided to then by directors is reliable. However, the users should not assume the auditor’s opinion is one to efficiency with which management has conducted the affairs of the entity. Financial statement: According to the Companies Act, the company accounts refers to the balance sheet and the profit and loss account but due to development in business practice and shareholders information needs, these are inadequate as to the information regarding financial position and performance of the company. Since most balance sheets and profit and loss accounts are summarized statements amplified by notes to the statements, the business community and the accountancy profession require that a cash flow statement as well as a statement of changes in equity be prepared. The terms company accounts and financial statements have the same meaning. Financial Reporting framework: According to International Auditing Standards (ISA 200, the framework of international standards of auditing), financial statements are usually prepared and presented annually and are directed at common informational needs of a wide range of users. Many of the users rely on the financial statements as their major source of additional information to meet their specific information needs. Therefore financial statements need to be prepared in accordance with one or combination of:  International Financial Reporting Standards (IFRS)or IASs  National accounting standards  Any other authoritative and comprehensive financial reporting framework designed for use in financial reporting and is identified in the financial statements. In Kenya the financial reporting framework adopted is as prescribed by IFRS. AUDITING AND ASSURANCE Contact: Page 13 Scope of-the Audit  The auditor's opinion on the financial statements deals with whether the financial statements are prepared, in all material respects, in accordance with the applicable financial reporting framework: Such an opinion is common to all audits of financial statements.  The auditor's opinion therefore does not assure, for example, the future viability of the entity nor the efficiency or effectiveness with which management has conducted the affairs of the entity. In some jurisdictions, however, applicable law or regulation may require auditors to provide opinions on other-specific matters, such as the effectiveness of internal control, or the consistency of a separate management report with the financial statements.  While the ISAs include requirements and guidance_ in relation to such matters to the extent that they are relevant to forming an opinion on the financial statements, the auditor would be required to undertake further work if the auditor had additional responsibilities to provide such opinions. STAGES OF AN AUDIT The suggested audit approach is designed to gather sufficient and reliable evidence to support the audit opinion in the most efficient and effective way and to enable the engagement team to fully understand the client's business. There is no difference between an audit of a large and a small entity except that the procedures adopted may differ depending on the particular circumstances of each audit i. Preliminary Engagement Activities ii. Planning iii. Execution iv. Review and Completion i) Preliminary Engagement Activities At the Pre-planning stage, the engagement partner ensures that: - The client acceptance and continuation procedures have been carried out; - The terms of engagement have been agreed in writing; - The quality control aspects for the assignment have been reviewed including review of the competency of the team to carry out the assignment, review of compliance with the ethical requirements, including review of the independence requirements. Planning Planning is an essential component in focusing the audit efforts. The key components of Identifying the scope of the assignment Developing an audit strategy taking into consideration the scope of the engagement; the business and the regulatory environment in which the entity operates; entity specific issues including reliance on the work of internal audit; reporting objectives, timing of the audit and the nature of communication required; matters affecting the direction of the audit including AUDITING AND ASSURANCE Contact: Page 14 preliminary setting of materiality levels, preliminary review of risk including fraud risk, preliminary review of internal control including the control environment, the process adopted by the entity to identify, measure, monitor and control risks. - Developing, based on the above, the overall audit plan detailing the nature, timing and extent of the audit procedures to be performed in order to reduce the audit risk to an acceptably low level; the nature of tests to be adopted; procedures to be adopted at the assertion level; and tailoring the audit programmes. - Ascertaining the nature and the extent of the resources required to perform the audit. iii) Execution - The key components of the execution stage are: - Carrying out the test of controls and substantive tests on transactions and balances including substantive analytical procedures to obtain sufficient and appropriate audit evidence to enable the engagement team to draw reasonable conclusions on which to base the audit opinion. - Evaluating significant assumptions used in fair value measurement to determine the reasonableness of the basis used and the disclosures. - Identification of related parties and obtaining sufficient and appropriate audit evidence in respect of measurement and disclosure of related party transactions. - Documenting the nature, timing and extent of the audit procedures performed and the results and conclusions drawn from the audit evidence obtained While pre-printed forms and programmes are available in the Manual, the extent and the timing of the tests should be tailored to the specific assignment. Different tests and different levels will be appropriate for each assignment. The control of the audit at this stage must be maintained by a senior team member with the appropriate experience and expertise. iv) Review and Completion The review and completion procedures focus on ensuring that sufficient and appropriate evidence has been obtained to support the audit opinion. This involves ensuring that: - All outstanding matters have been cleared. - Consultations on difficult or contentious matters have been documented and adequately resolved and conclusions therefrom implemented. - Analytical procedures have been performed to form a conclusion on whether the financial statements taken as a whole are consistent with the firm's knowledge of the business. - Where other appropriate audit evidence cannot be reasonably obtained, written management representations have been obtained on areas material to the financial statements. - Review has been carried out of any material uncertainty relating to events or conditions that n g may exist which alone or in aggregate cast a significant doubt on the entity's ability to continue as a going concern. - There is evidence that the engagement team has considered and confirmed that the financial reporting framework adopted by the entity is suitable, and that the financial statements comply with the framework as to both recognition and measurement and AUDITING AND ASSURANCE Contact: Page 15 presentation and disclosure. In the context of Kenya, this in most cases will be the IFRS's. - The engagement partner has reviewed the audit file and is satisfied that sufficient and appropriate evidence has been obtained to support the conclusions derived and the audit opinion to be issued. As much of the audit evidence obtained is persuasive rather than conclusive, absolute certainty is rarely obtainable and .therefore the engagement partner should ensure that the audit risk is reduced to the lowest level possible. - Where applicable, sufficient and appropriate procedures have been performed to identify subsequent events tip to the date of the audit report and ensure that all items that require adjustment or disclosure in the financial statements have been appropriately dealt with: - Where appropriate, an engagement quality .control review has been undertaken and all the issues arising from the review have been fully dealt with and cleared with the reviewer. - At the end of each audit, the engagement team is de-briefed, the audit objectives set out for the assignment have been achieved and that the engagement team has gained experience from the assignment which will enhance their personal development. Though not covered by the terms of audit engagement, the engagement team may, as part of the audit process carry out a business review of the key issues facing the entity and take a strategic look at the business and at areas where the firm can add value to the entity. In providing other value added services, the firm and in particular the engagement partner should be conscious of the independence requirements of the code of ethics AUDIT AS AN ASSURANCE ENGAGEMENT It is often not possible to check things for yourself, whether quality, accuracy, performance or existence. You might not have the skills or the time, or you might be in the wrong location. Therefore you must rely on someone else to give you assurance. This means you have to decide: - What standards should be applied? - What represents 'good', 'acceptable' or 'unacceptable? - How much checking should be done? All checking and assurance has an associated cost Audit is one form of assurance An audit is defined as: the independent examination of and expression of opinion on the financial statements of an entity by a duly appointed auditor in pursuit of that appointment. The important words here are 'independent' and 'opinion'. Independence is essential and underlies the value of auditing. Opinion really means that one auditor could look at a set of financial statements and disagree with the opinion of another auditor. Judgment is essential to all auditing, there are no certainties and there are no certifications of correctness or accuracy. AUDITING AND ASSURANCE Contact: Page 16 DEVELOPMENT OF AUDIT (EARLY AUDIT AND MODERN AUDIT) A review of the historical development of auditing has shown that the objective of auditing and the role of auditors are constantly changing as they are highly influenced by contextual factors such as the critical historical events (e.g. the collapsed of big corporations), the verdict of the courts, and technological developments (e.g. advancement of computing systems and CAATs). It can be observed that any major changes in these contextual factors are likely to cause a change in the audit function and the role of auditors. As a result, auditing is seen to be evolving at all times. However, it is important to note that the change in society's expectation and the response of the auditing profession towards these changes are not always at the same pace. Hence there is a natural time gap between the changing expectation of the users and the response by the profession and due to this time gap there arises what has been stated as the expectation gap or audit expectation gap. Even though the existence of such a natural time gap is inevitable, auditors should be sensitive to the changing expectation of the relevant groups while at the same time containing these expectations within the constraints of what is possible. There are inevitably economic and practical limitations on what an audit can do, and this is something which those who wish the benefit must understand. The evolution of auditing practices Prior to 1840 Generally, the early historical development of auditing is not well documented (Lee, 1994). Auditing in the form of ancient checking activities was found in the ancient civilizations of China, Egypt and Greece. The ancient checking activities found in Greece (around 350 B.C.) appear to be closest to the present-day auditing. Similar kinds of checking activities were also found in the ancient Exchequer of England. When the Exchequer was established in England during the reign of Henry 1(), special audit officers were appointed to make sure that the state revenue and expenditure transactions were properly accounted for. The person who was responsible for the examinations of accounts was known as the "auditor". The aim of such examination was to prevent fraudulent actions. 1840s-1920s The practice of auditing did not become firmly established until the advent of the industrial revolution during the period 1840s-1920s in the UK. According to Brown (1962), the largescale operations that resulted from the industrial revolutions drove the corporate form of enterprise to the foreground. Large factories and machine-based production were established. As a result, a vast amount of capital was needed to facilitate this huge amount of capital expenditure. The emergence of a "middle class" during the industrial revolution period provided the funds for the establishment of large industrial and commercial undertakings. However, the share market during this period was unregulated and highly speculative. As a consequence, the rate of financial failure was high and liability was not limited. Innocent investors were liable for the debts of the business. In view of this environment, it was apparent AUDITING AND ASSURANCE Contact: Page 17 that the growing number of small investors was in dire need of protection (Porter, et al, 2005). Hence, the time was ripe for the profession of auditing to emerge (Brown, 1962). In response to the socio-developments in the UK during this period, the Joint Stock Companies Act Was passed in 1844. The Joint Stock Companies Act stipulated that "Directors shall cause the Books of the Company to be balanced and a full and fair Balance Sheet to be made up". In addition the Act provided the appointment of auditors to check the accounts of the company. However, the annual presentation of the balance sheet to the shareholders and the requirement of a statutory audit were only made compulsory in .1900 under the Companies Act 1862 (UK). According to Porter, et al (2005) the accountant particularly in the early years of this period, was normally the company manager and his duties were to ensure proper use of the funds entrusted to him. The auditors during this period were merely shareholders chosen by their fellow members. The auditors during this period were required to perform complete checking of transactions and the preparation of correct accounts and financial statements. Little attention was paid to internal control of the company. 1920s-1960s The growth of the US economy in the 1920s-1960s had caused a shift of auditing developthent from the UK to the USA. In the years of recovery following the 1929 Wall Street Crash and ensuing depression, investment in business entities grew rapidly. Meanwhile, the advancement of the securities markets and credit-granting institutions had also facilitated the development of the capital market in this period. As companies grew in size, the separation of the ownership and management functions became more evident. Hence to ensure that funds continued to flow from investors to companies, and the financial markets function smoothly, there was a need to convince the participants in the financial markets that the company's financial statement provided a true and fair portrayal of the relevant company's financial position and performance. In view of the economic condition, the audit function was mainly to provide credibility to the financial statements prepared by company managers for their shareholders. Consensus were generally achieved that the primary objective of an audit function is adding credibility to the financial statement rather than on the detection of fraud and errors. The concept of materiality and sampling techniques were used in auditing during this period. The development of material Concept and sampling technique was due to the voluminous transactions involved in the conduct of business by. large corporations operating in. widespread locations., It is no longer practical for auditors to verify all the transactions. Consequently, sampling and the development of judgment of materiality were essential. The major characteristics of the audit approach during this period included: i. Reliance on internal control of the company and sampling techniques were used; ii. Audit evidence was gathered through both internal and external source; iii. Emphasis on the truth and fairness of financial statements; iv. Gradually shifted to the audit of Profit and Loss Statement but Balance Sheet remained important; and v. Physical observation of external and other evidence outside the "book of account" AUDITING AND ASSURANCE Contact: Page 18 1960s to 1990s The world economy continued to grow in the 1960s-1990s. This period marked an important development in technological advancement and the size and complexity of the companies. Auditors in the 1970s played an important role in enhancing the credibility of financial information and furthering -the operations of an effective capital market. The duties of auditors. among others, were to affirm the truthfulness of financial statements and to ensure that financial statements were fairly presented. Hence, the role of auditors with regard to the audit of financial statement generally remained the same as per the previous period. Despite the overall audit objectives remaining similar, auditing had undergone some critical developments in this period. In the earlier part of this period, a change in audit approach can be observed from "verifying transaction in the books" to "relying on system". Such a change was due to the increase in the number of transactions which resulted from the continued growth in size and complexity companies where it is unlike for auditors to play the role of verifying transactions. As a result, auditors in this period had placed much higher reliance on companies' internal control in their audit procedures. Furthermore, auditors were required to ascertain and document the accounting system with particular consideration to information flows and identification of internal controls. When internal control of the company was effective, auditors reduced the level of detailed substance testing. In the early 1980 there was a readjustment in auditors' approaches where the assessment of internal control systems was found to be an expensive process and so auditors began to cut back their systems work and make greater use of analytical procedures. An extension of this was the development during the mid-1980s of risk-based auditing. Risk-based auditing is an audit approach where an auditor will focus on those areas which are more likely to contain errors. To adopt the use of risk-based auditing, auditors are required to gain a thorough understanding of their audit clients in term of the organization, key personnel, policies, and their industries. Hence, the use of risk-based auditing had placed strong emphasis on examining audit evidence derived from a wide variety of sources, i.e. both internal and external information for the audit client. Most of the companies in this period had introduced computer systems to process their financial and other data, and to perform, monitor and control many of their operational and administrative processes. Similarly, auditors placed heavy reliance on the advanced computing auditing tool to facilitate their audit procedures. In addition to the auditing of financial statement, auditors at the same time were providing advisory services to the audit clients. 1990s-present The auditing profession witnessed substantial and rapid change since 1990s as a result of the accelerating growth at the world economies. It can be observed that auditing in the present day has expanded beyond the basic financial statement attest function. Present-day auditing has developed into new processes that build on a business risk perspective of their clients. The business risk approach rests on the notion that a broad range of the client's business risks are relevant to the audit. Advocates of the business risk approach opined that many business risks, if not controlled, will eventually affect the financial statement. Furthermore by understanding the full range of risks in businesses, the auditor will be in a better position to identify matters of significance and relevance to the audit profession on a timely basis. Since the early 1990s, the audit profession began to take increased responsibility to detect and report fraud and to AUDITING AND ASSURANCE Contact: Page 19 assess, and report more explicitly, doubts about an auditee's ability to continue in conformance with society's and regulators' increasing concern about corporate governance matters. Adoption of the business risk approach in turn enhances auditor's ability to fulfill these responsibilities. Presently, the ultimate objective of auditing is to lend credibility to financial and non-financial information provided by management in annual reports; however, audit firms have been largely providing consultancy services to businesses Although the overall audit objectives in the present period remained the same, i.e. lending credibility to the financial statement, critical changes have been made to the audit practice as a result of the extensive 'reform in various countries. Such reform has implicated the auditing profession in the following ways:. i. The role of auditors is expected to Converge: refocusing on the public interest, redefining -audit relationship, ensuring integrity of financial reports, separation of nonaudit function and other advisory services; ii. The audit methods revert to basics i.e. risk attention, fraud awareness, objectivity and independence, and. iii. Increase attention on the needs of financial statement users" TYPES OF AUDITS AND LIMITATIONS • Audits can be classified into two broadways. • According to terms of engagement i.e. nature of work done. • According to the approach to the work to be done/ timing. According to nature of work done, audits may be either statutory of private. Statutory audits These are carried out as per the requirements of various statutes e.g. Companies Act Cap 486 requires that all public limited companies to have their financial statements subjected to an independent audit. The objective of the audit is to enable the auditor express an opinion whether the financial statements have a true and fair view of the company’s state of affairs. The rights and duties of the auditor are laid down in the relevant statute. The powers of appointment of the auditors are vested on the shoulders. Private audits These are not governed by statutes. They are performed by independent auditors because the owners, members or interested parties require them carried out. Private audits are carried out for organizations such as non governmental organizations, partnerships and clubs and among others. Appointment of auditors is carried out as a private contract between the auditor and the relevant shareholder. The scope and objective of the work as well as rights and duties of the auditor are determined by the agreed terms between the auditor and the client. The auditor is not liable to third parties. AUDITING AND ASSURANCE Contact: Page 20 According to approach of the work to be done, audits can be continuous, interim or final. Continuous audits This is an approach whereby an audit is carried out throughout the financial period usually at predetermined intervals. This approach is ideal for large organizations with tight reporting deadlines e.g. multinational banks. The approach ensures accounts are kept up to date, errors and frauds are discovered in early stages and better audit reports are developed since more time is taken. However, this approach is expensive considering amount of time taken, has frequent interruptions of client work and auditors‟ independence may be affected by their continuous presence at clients premises. Interim audits This is an audit carried out halfway through the financial period. It usually precedes the final audit and is a preparation for the final audit. It is ideal for dynamic businesses, cheaper compared to continuous audits and enhances keeping of up to date records. Final audits These are usually done at the end of the year as either a continuation of the interim audit for large and medium size companies or as a single audit for small companies at end of financial period. Other types of audits Procedural audits - These require examination of procedures or records for reliability and accuracy. They usually relate to company’s internal control systems, laid down guidelines and procedures and records of the company. Management audits -These involve investigation of the company’s entire management to ascertain whether the directors are running the company in the most optimal way for the benefit of the shareholders. It improves quality and efficiency of management in addition to checking the budgetary system. Balance sheet audits - This tests the strength of internal control system by working backwards to get the initial transactions using assertion methodology. AUDITING AND ASSURANCE Contact: Page 21 Internal Audit Management upon realizing the advantages of an audit have established within the company „an independent activity to examine and evaluate the organizations risk management process and systems of control and to make recommendations for the achievement of the company’s objective‟. This activity is called internal auditing. The duties of internal audit personnel are: • Reviewing the economic efficiency and effectiveness of the company’s operations. • Reviewing the company’s compliance with external laws and regulations and internal policies and procedures. • Reviewing and advising the management on development of key organizational systems and implementation of major changes. The focus of internal auditing is adding value to an organization through improvement in risk control. In 1999, the institute of internal auditors (IIA) defined internal auditing as „an independent objective assurance and consulting activity designed to add value and improve an organization’s operations, help it achieve its objective and improve the effectiveness of risk management, control and governance process. Aspect Internal Auditing External Auditing Objectives The main objective is to advice management on whether organization has sound internal control systems to protect it against loss. The objective is to provide an opinion as to whether or not the financial statements show a true and fair view Of the company’s state affairs. Legal basis Internal auditing is not a legal requirement but corporate governance advises and recommends that a company should have an internal audit department. It is a legal requirement for limited liability companies and public bodies to have their accounts audited. Scope It covers all areas of organization i.e. operational as well as financial. It has a purely financial focus. Approach It is increasingly risk based. The approach is to assess risks, evaluate systems of control and test operation of the systems and finally make recommendations for improvement. Its increasingly risk based as it only tests underlying transactions that form having of financial statements. Responsibility The responsibility is to advise and make recommendations on internal controls and corporate governance The Responsibility is to form an opinion on whether financial statements show a true and fair view