ASSURANCE AND THE AUDIT FUNCTION

A.     INTRODUCTION

 There has been a huge growth in information that is available today in all aspects of business.  The use of the internet has made access easy and more and more information is been required in all areas, not just financial.

 

This growth in information has led to a need for assurance as to the quality and reliability of that information so that users can make informed decisions based on the information that is available to them.

 

Audit and assurance services play a vital role in maintaining confidence and therefore stability in the world economy.  The markets need confidence and in order to get this confidence they seek to reduce their exposure to risk.  To reduce risk they need assurance in the market.

 

  1. ASSURANCE

 

The International Standards on Auditing (ISA) glossary of terms gives a definition of an assurance engagement as “one in which a practitioner expresses a conclusion designed to enhance the degree of confidence of the intended users other than the responsible party about the outcome of the evaluation or measurement of a subject matter against criteria.”

 

In practice, this could be an auditor expressing an opinion to the shareholders of a company on a set of financial statements prepared by management as to whether they have been prepared in a true and fair manner in accordance with accounting standards and relevant company law.

 

Any assurance engagement must have the following five elements:

  • A three party relationship such as the Auditor reporting to a shareholder about the actions of management.
  • Some subject matter such as a set of financial statements.
  • Suitable criteria such as the accounting standards and/or law.
  • Sufficient appropriate evidence, in a form that is sufficient, reliable and relevant.
  • A written report in an appropriate form.

 

Levels of Assurance

 

Various levels of assurance may be given but this depends very much on (1) the individual engagement, (2) the criteria applied and (3) the subject matter.  The glossary of terms refers to two types:

  • Reasonable level of assurance – subject matter materially conforms to criteria i.e.

accounts give a true and fair view having regard to the accounting standards and law.

  • Limited level of assurance – no reason to believe that subject matter does not conform to criteria. Essentially, a negative form of expression.

Absolute assurance can never be given.  There are inherent limitations of an audit that affect the auditor’s ability to detect material misstatements in a set of financial statements.

 

The Limitations of an audit

 

  • Every item is not checked. In fact, only test checks are carried out by auditors.  It would be impractical to examine all items within a class of transactions or account balance.  Hence, it is not really possible to give absolute assurance.
  • Auditors depend on representations from management and staff. Collusion can mitigate some good controls such as division of duties.  There is always the possibility of collusion or misrepresentation for fraudulent purposes.
  • Evidence gathered is persuasive rather than conclusive. It often indicates what is probable rather than what is certain.
  • Auditing is not purely an objective exercise. Judgements have to be made in a number of areas.  The view in financial statements is itself based on a combination of fact and judgement.
  • The timing of an audit.
  • An unqualified audit opinion is not a guarantee of a company’s future viability, the effectiveness and efficiency of management, nor that fraud has not occurred in the company.

 

So are there any benefits of an audit?  Yes, there are.

 

  • The shareholders of a company are given an independent opinion as to the true and fair view of the accounts that have been prepared by management.
  • The use made by third parties such as suppliers and banks of the accounts adds confidence in the performance of a company.
  • Auditors themselves can use the knowledge accumulated during the course of the audit to provide additional services to the company such as the provision of consultancy services or a management letter showing weaknesses in the business and recommendations to alleviate such weaknesses in the future.
  • While not responsible for detecting fraud, the very fact that an audit is carried out and may uncover evidence of fraud, can help to mitigate against such risks.

 

Types of engagements

 

The type of assurance engagement will depend very much on the subject matter, whether it be a set of accounts or an internal control system.

 

In order that an assurance engagement can be carried out, the subject matter must be:

  • Identifiable
  • Capable of consistent evaluation and measurement and
  • Capable of being subject to procedures and evidence gathering.

 

Types of assurance engagements include

  • Audits and reviews (different levels of assurance)
  • Reports on systems and controls as part of corporate governance framework
  • Reports for lenders and other investors
  • Reports on prospective financial information
  • Risk assessments
  • Business performance measurement
  • Social and environmental issues and
  • Value for money studies

 

Implications of assurance services

  •  Members of professions will need to have a good broad skills base to deal with the various types of engagements and not just the standard audit.
  • More types of engagements increase the potential liability of accountants. Clear identification of what is extended liability is vital.
  • There is the potential for increasing the expectations gap. Auditors’ view versus the public’s view.  The auditor is not responsible for preparation of accounts or the detection of fraud.

 

  1. THE NEED FOR REGULATION

 Where there is reduced confidence in the markets and this leads to business failure, this in turn leads to instability.  As a result there is increased demand for regulation.

 

There has been regulation in the markets since the introduction of the concept of limited liability.  The requirement for audited financial statements is a way to protect the owners of a business from unscrupulous management and also prevent the abuse of the limited liability status.

 

  1. THE AUDIT FUNCTION

 

What is an audit?

 An audit is an exercise, of which the objective is, to enable an independent auditor to express an opinion on whether a set of financial statements is prepared in a true and fair manner in accordance with an identified financial reporting framework.

 

The same objective applies to the audit of financial or other information prepared in accordance with appropriate criteria.

 

ISA (International standards on auditing) 200:  Objective and general principles governing an audit of financial statements sets out what audits are all about.

 

  • The auditor should comply with the code of ethics for professional accountants issued by the International Federation of Accountants (IFAC), ethical standards and the ethical pronouncements issued by the auditor’s relevant professional body.
  • The auditor should conduct an audit in accordance with International Standards of Auditing and should plan and perform an audit with an attitude of professional scepticism.
  • ISA 200 also makes a very important point in that while the auditor is responsible for forming and expressing an opinion on the financial statements, the responsibility for preparing and presenting those financial statements lies with the management.
  • Furthermore, the auditor does not have any responsibility with regard to the prevention and detection of fraud. Again, that lies with the management.  These points often form the basis for the expectation gap mentioned above.

 

Types of audits

  •  Statutory audits as required by companies’ legislation.
  • Non-statutory audits preferred by interested parties rather than been required by law.

For example, charities, societies, public interest companies etc.

  • Small entity audits.

 

  1. SMALL ENTITIES

 

Elements of a small entity would include:

  • Small number of individuals re ownership and management.
  • Basic record keeping.
  • Limited internal controls with huge potential for management override of such controls.

 

There are arguments for and against small company audits.  Each of the stakeholders, shareholders, management, employees, banks, suppliers and revenue commissioners has their pros and cons.

 

  • Reassurance given by audited accounts for shareholders not involved in management.
  • On the contrary, where shareholders are part of management, the whole audit exercise may not appear to be value for money.
  • Audited accounts provide a good indication of a fair valuation for shares particularly unquoted shares.
  • An audit provides management with an independent check on the accuracy of their financial statements. Also, some auditors do provide decent management letters.
  • In reality, a more focused systems review or similar consultancy report would be of more benefit to management.
  • Employees can gain comfort from audited accounts as to their job security and for wage negotiations. In reality, I don’t think this actually happens.
  • Bank managers often rely on audited accounts when reviewing security in the event of granting a loan.
  • More importantly though, a bank manager may want to see a good credit history in a company’s transactions with the bank.
  • Suppliers can gain assurance from audited accounts when giving credit to customers.
  • On the contrary, the accounts might be out of date and the customer could be experiencing difficulties. Might be more appropriate to get relevant credit references.
  • Rwandan Revenue Authority can rely on audited accounts to back up tax returns.
  • In reality, revenue authorities generally accept sets of accounts prepared by independent accountants.

 

Small company audits and potential problems

 

  • Small companies create difficulties for auditors in that the auditor has to direct more of his work in the verification of items by physical inspection and the vouching of third party evidence, as he would otherwise probably do with larger company audits. The general principles applied in an audit are the same for large and small companies. But the specific testing may vary considerably.

 

  • Due to the nature of small companies as noted above, problems can arise with the reliability of internal control systems. In fact Control Risk is considered high.  (ISA 200 defines control risk)

 

  • Lack of controls coupled with the risk of management override may lead to difficulties such as the incompleteness of income or the recording of inappropriate expenditure. In a larger company the system of internal control and a suitable staff structure would provide a check against a persons work.  In smaller companies, some internal controls will be useful as a management check on staff, but will provide no checking mechanism on management itself.  Where there are limitations in the effectiveness of internal controls, it has little value to the auditor in helping him form an opinion on a set of financial statements.  As a result he will need to increase his substantive testing.  Examples would be physically verifying additional assets purchased throughout the year and obtaining third party confirmation from a bank as to the small companies’ bank balances at the year-end.

 

  • Another problem associated with small company audits is that the lack of an appropriate internal control system coupled with the auditor’s inability to design or carry out procedures to obtain sufficient, reliable and relevant evidence as to the completeness and accuracy of the accounting records can create a limitation on the scope of the auditor’s work. This can affect the type of audit report that is issued.  For example, you can have a qualified audit report where the scope limitation does not prevent the auditor from expressing an opinion, or you can have a report where the scope limitation is so significant that the auditor is unable to express an opinion.

 

  1. METHODOLOGY OF AN AUDIT

 

  • Determine the scope and the audit approach.

Legislation and the auditing standards lay down the scope for statutory audits. An auditor should prepare a plan for his audit.

 

  • Ascertain the system and controls.

Discuss the accounting system and the flow of documents with all the relevant personnel in the company.  Document all your notes.  Some auditors do flow charts, narrative notes and/or internal control questionnaires.

Get to know the client’s business.

Confirm that you have recorded the system accurately by carrying out walkthrough tests.

 

  • Assess the system and internal controls.

Evaluate the system as it is to weigh up its reliability and draw up a plan to test its effectiveness.  At this stage you could draw up a letter to management recommending any improvements you consider from your findings.  In addition, what you have learned here may influence the type of further audit testing you may carry out later on.

 

  • Test the system and internal controls.

Above, you evaluated the controls that are in place.  You need also to test if they were effective.  Compliance tests will cover many more transactions than the walkthrough tests.  You need to carry out a representative sample through the accounting period. If you can establish that the controls are indeed effective, you can reduce the amount of detailed testing later on.  However, if the controls turn out to be ineffective, then more substantive tests will need to be carried out.

  • Test the financial statements.

This section covers the substantive testing which has been described earlier.  You are effectively trying to stand over the figures in the financial statements.  Substantive tests are audit procedures performed to detect material misstatements.  Remember, if you think that any error you might find in a class of transactions will not be significant, then there is no point carrying out the substantive test.

 

  • Review the financial statements.

After all the testing has been done and the evidence gathered, you should review the accounts as to their overall reliability making a critical analysis of the content and presentation.

 

  • Express an opinion.

You need to evaluate all the evidence you have gathered and express an opinion on a set of accounts by way of a written audit report.

You may in addition, write a management letter which can set out improvements you recommend or to place on record specific points in connection with the audit.

 

Question 1.1

 

What are the limitations of an audit?

Every item is not checked. In fact, only test checks are carried out by auditors. It
would be impractical to examine all items within a class of transactions or account
balance. Hence, it is not really possible to give absolute assurance.
Auditors depend on representations from management and staff. Collusion can
mitigate some good controls such as division of duties. There is always the
possibility of collusion or misrepresentation for fraudulent purposes.
Evidence gathered is persuasive rather than conclusive. It often indicates what is
probable rather than what is certain.
Auditing is not purely an objective exercise. Judgements have to be made in a
number of areas. The view of financial statements is itself based on a combination of
fact and judgement.
The timing of an audit.
An unqualified audit opinion is not a guarantee of a company’s future viability, the
effectiveness and efficiency of management or that fraud has not occurred.

 

Question 1.2

 

You have been preparing accounts for Mr J. Butera for the last number of years which he submits to the Revenue Authorities.  His current turnover is RWF1million.   Mr. Butera is considering forming a company and has asked for your advice on a number of issues.

 

  1. Are there any advantages to having a company audit.                                                                                                                                                        The advantages of having an audit can include the following:
    (a)Shareholders not involved in the management of the company can gain reassurance from a set of audited accounts about management’s handling of the business.
    Audited accounts are a good reliable source for a valuation of shares in an unquoted company.
    Banks may review a set of accounts for the purposes of making a loan and assessing the value of the security on offer.
    Suppliers can use audited accounts to assess the potential strength of a company.
    An audit provides a useful independent check on the accuracy of the accounting systems and the auditors may also recommend improvements in those systems.
    (b) The audit of Mr J Butera’s company is still an exercise designed to express an opinion on the truth and fairness of the accounts. So the method of undertaking the audit will be the same as that of Bank of Kigali’s and the same auditing standards will be applied. However, the auditor must be aware of the different inherent risk in the audit of a small company and in applying auditing standards. He should consider all the relevant risks. The audit of a small company is often affected by certain factors namely the concentration of ownership and management in one person, the professional relationship between the auditor and the business and the fact that small audit teams are involved.
    (c) The alternative to an audit for a small company is to have a review. Although it is similar to an audit, a review is designed to give a lower level of assurance. As a result, the procedures undertaken to express an opinion are less detailed and generally comprise enquiry and analytical review procedures.
    Mr J Butera needs to decide what level of assurance he needs. He needs to assess the advantages of having an audit which will give a higher degree of assurance and decide
    whether his business actually needs this. Bear in mind that some of the advantages to an audit will also be given by a review

 

  1. Would the audit carried out on his company be similar to that of say Bank of Kigali (BOK).

 

  1. Is there anything other than an audit that would give him a degree of assurance                                                            
(Visited 55 times, 1 visits today)
Share this:

Written by 

Leave a Reply