Today:

1
Today

• Finish Chapter 10 materials and case 10
• Review Lessons 12, 2, 10
• Forecast Exam 3 and schedule

2
Audit Risk Model Components
Risk that material misstatement has occurred
Risk that material misstatement might occur
Risk assessments (noncompensatory)
PFR1
CFR2
BVR



OR
1 Pervasive risks Process viability,
management fraud, weak control environment,
incentives to misstate, industry and time
specific factors, and weak general (computer)
controls. 2 Related to internal information risk
(IIR) to management.
3
Audit Risk Model in Equation Form
OR PFR CFR BVR AuR OR x DR or for
audit planning DR AuR / OR
4
Audit RISSAR Chart for LJ Appliances, Inc.
Risk assessment
Response
Source
Final
Size
Detection Risks (DR)
Occurrence Risk (OR)
Tests of Processes (Interim)
Tests of Balances
Review
Materially

Misstated
(AuR)
PFR
CFR
BVR
OR
Sales
Collections
Purchasing
Disbursements
Analysis
Details
Sales
L
L
M
M
M
M
M
VL
Cost of Sales
L
M
M
M
M
M
M
VL
Cash
L
L
L
L
M
M
H
H
VL
Accounts
Receivable
L
L
M
M
M
M
M
H
VL
Inventory
L
M
M
H
M
M
L
VL
Accounts
Payable
L
M
L
M
M
M
M
M
VL
5
Typical Auditing Procedures for

• Tests of Processes
• observe processes
• inspect documents for evidence of processing and
  accuracy of processing
• inquire of client personnel and outsiders to
  confirm processes
• reprocess selected transactions
• analysis of relationships of transactions with
  related transactions and nonfinancial measures

• Analytical Test of Balances
• analysis of balances via
• - regression analysis and other
  relatively precise analytical procedures for
  expectations
• - detailed follow-up of large deviations from
  expectations

• Detailed Tests of Balances
• observe ending quantities on hand
• inspect documents of purchase, receipt, sale, and
  shipment
• inquire of outsiders to confirm balances
• reprocess transactions by tracing/comparing,
  verifying pricing, extension, summation

• Final Review
• analysis of final balances for reasonableness
  given all audit results and all other information
  available.

6
Assurance Levels
Level Procedures/
Users Opinion Distribu- of service
conclusions OR DR Risk
form tion
Examination conclude assess- varies
positive Low AttR ed
OR VL assurance general
Review AP and not ass-
L to negative inquiry
essed mod. Mod. assurance general
Agreed-upon usr prp not ass- varies L to
findings- procedures agree essed
proc. VH no neg. asr. limited
.
Compilation assembly, not ass- L
to no assur- format
essed VH VH ance
general
7
Users Attestation Risk of Incorrect Reliance
on Materially Misstated Fin. Stmts.Users Audit
Risk vs. Users Review Risk
Co. A--Low OR (OR .2) Audit Risk (AuR) DR
AuR/OR .02/.20 .10 AuR OR x DR
.2 x .1 .02 Review Risk (RvR) RvR
OR x DR .2 x .4 .08
Co. B--High OR (OR .7) Audit Risk (AuR) DR
AuR/OR .02/.7 .0286 AuR .70 x
.0286 .02 Review Risk (RvR) RvR .4 x .7
.28
Note Target audit risk (AuR) is .02 for both
Co. A and Co. B. DR is fixed at .4 for reviews.
8
Client with good controls (OR .2)Audit (AuR
.02)
9
Client with good controls (OR .2)Review (DR
.40)
10
Client with bad controls (OR .7)Audit (AuR
.02)
11
Client with bad controls (OR .7)Review (DR
.40)
12
1. Interim Financial Statements Review Report
Scope We have reviewed . . . fin. statements
are the responsibility of management.
Procedures . . . review in accordance with
AICPA standards . . . analytical procedures and
inquiry of those . . . less than an audit . . .
express no opinion.
Opinion Based on our review, we are not aware
of any modifications that should be made . . .
to be in conformity with GAAP.
13
2. Internal Control Examination Report
Introductory We have examined managements
assertion that. . .comply with COSO . .
. Scope in accordance with AICPA standards .
. . Inherent limitations Because of inherent
limit- ations in any internal control . .
. Opinion . . . managements assertion
(about IC) as of 12/31/01 is fairly stated . .
. based on (COSO)
14
Internal Control Reporting

• As part of audit
• negative assurance on material weaknesses
• report any material weaknesses and reportable
  conditions that are discovered!
• limited distribution (internal use only)
• Stand alone examination
• assertion of compliance with COSO/CoCo (financial
  reporting) by management
• examination report as of point in time
• general distribution

15
Why doesnt SEC require IC audits

• U. S. Securities acts dont mandate it (and SEC
  rule-making cant require it)
• FCPA does require cost effective IC or
  management goes to jail
• IC audits harder because it is a process . . .
  (Brown, Spurrier, Solich, Stoops -- criteria)
• IC audits may be mandated in future, given Enron,
  Waste Management, and current investigations by
  Dingell, Washington Post, and others

16
SysTrustSM (AICPA/CICA)

• examination of computer system design and
  operations
• report on four areas
• System availability
• System security
• System integrity
• System maintainability
• partial substitute for internal control reporting
• useful for third party trading partners (B2B) and
  data processing outsourcing

17
3. Agreed-upon Procedures Report
Scope We have performed procs.
enumerated below . . . accordance with AICPA
standards. . . Sufficiency of procedures is
responsibility of specified users . .
. Limitation We make no representation about
sufficiency of procedures Procedures and
findings enumerate both Opinion We were not
engaged to examine . . . We do not express an
opinion . . . Limited distribution solely for
(specified users) and should not be used by
those not agreeing . . .
18
Essential Concepts of Lesson 12(Legal and
Ethical Responsibilities in Public Reporting)

• Disentangling the effects of bad outcomes, bad
  decisions, and bad audits
• Legal responsibilities of management and
  corporate directors
• Legal responsibilities of external auditors
• Auditors codes of professional conduct

19
Essential Concepts of Lesson 2(Business
Measurement Systems Information Relevance)

• Decomposing historical accounting measurements
  and deviations from expectations for relevance
• Nature and design of accounting information
  systems as a part of business measurement
• Customizing Historical GAAP-based accounting
  information for decisions about the future

20
Essential Concepts of Lesson 10(Other
certification, Investigation, and Origination
Assurance Services)

• Managements assertions as subject matter for
  attestors investigation and certification
  reports
• The role of measurement criteria in adding value
  to CPA/CA services
• Required procedures vs. required conclusions as
  the basis for investigation and certification
  services
• Attest report forms, wording, distribution
  restrictions
• Investigation and origination services

21
Exam 3

• Chapter 12 (25)
• Chapter 2 (15)
• Chapter 10 (20)

Audit reports ch. 9 (15) AuRisk/ corrections
ch. 8 (13) Auditing procs ch. 5, 6 (12)
22
Course grade

• Exam 1 25
• Exam 2 25
• Exam 3 30
• Cases and class participation 20
• Course grade curved on total points (with
  positive trend in exam scores considered
  favorably)

23
Exam 3 logistics

• Exam 3 Friday, May 10, 700 p.m. in TAY 2.006
• Exam 3 make-up for those with documented
  schedule conflicts only Saturday, May 11, 700
  p.m. in UTC 1.116

• Question and answer session
• 400 p.m. Tuesday, May 7
• UTC 4.104