MASOMO MSINGI PUBLISHERS APP – Click to download and access all our soft copy materials

To get complete copy of AUDITING AND ASSURANCE STUDY TEXT, Buy a copy using Masomo Msingi Publishers app which is in Playstore or order hard copy through 0728 776 317 or e-mail info@masomomsingi.co.ke

TOPIC 1

NATURE AND PURPOSE OF AN AUDIT

Nature of an audit

According to General Guidelines on Internal Auditing issued by the ICAI, “Auditing is defined as a systematic and independent examination of data, statements, records, operations and performances (financial or otherwise) of an enterprise for a stated purpose. In any auditing situation, the auditor perceives and recognises the propositions before him for examination, collects evidence, evaluates the same and on this basis formulates his judgement which is communicated through his audit report.”

The nature of the propositions which an auditor is called upon to review varies. Thus an auditor may review the financial statements of an enterprise to ascertain whether they reflect a true and fair view of its state of affairs and of its working results. In another situation, he may analyse the operations of an enterprise to appraise their cost-effectiveness and in still another, he may seek evidence to review the managerial performances in an enterprise. In yet another type of audit, the auditor may examine

whether the transactions of an enterprise have been executed within the framework of certain standards of financial propriety. However, the variations in the propositions do not change the basic philosophy of auditing, though the process of collection and evaluation of evidence and that of formulating a judgment thereon may have to be suitably modified.

According to AAS-1 on “Basic Principles Governing an Audit”, “An audit is independent examination of financial information of any entity, whether profit oriented or not, and irrespective of its size or legal form, when such an examination is conducted with a view to expressing an opinion thereon.” The person conducting this process should perform his work with knowledge of the use of the accounting statements discussed above and should take particular care to ensure that nothing contained in the statements will ordinarily mislead anybody. This he can do honestly by satisfying himself that:

The accounts have been drawn up with reference to entries in the books of account;
The entries in the books of account are adequately supported by underlying papers and documents and by other evidence;
None of the entries in the books of account has been omitted in the process of compilation and nothing which is not in the books of account has found place in the statements;
The information conveyed by the statements is clear and unambiguous;
The financial statement amounts are properly classified, described and disclosed in conformity with accounting standards; and
The statement of accounts taken as an integrated whole, present a true and fair picture of the operational results and of the assets and liabilities.

The aforesaid definition is very authoritative. It makes clear that the basic objective of auditing, i.e., expression of opinion on financial statements does not change with reference to nature, size or form of an entity. The definition given in AAS-1 is restrictive since it covers financial information aspect only.

However, the scope of auditing is not restricted to financial information only but, today, it extends to variety of non-financial areas as well. That is how various expressions like marketing audit, personnel audit, efficiency audit, production audit, etc. came into existence. Students may note that study material deals with various aspects of financial audit only unless otherwise specified.

The auditor: The person conducting audit is known as the auditor; he makes a report to the person appointing him after due examination of the accounting records and the accounting statement in the form of an opinion on the financial statements. The opinion that he is called upon to express is whether the financial statement reflect a true and fair view. Auditing, especially of companies and for public purposes has become the preserve of persons having recognised professional training and qualification.

Objectives of an audit: The objective of an assurance engagement will depend on the level of assurance given. First we will consider a reasonable assurance engagement, where a high, but not absolute, level of assurance is given.

ISAE 3000 (Revised) Assurance engagements other than audits or reviews of historical financial information was revised in September 2013 and applies to assurance reports dated on or after 15 December 2015. The revised ISAE distinguishes between two forms of assurance engagements:

Reasonable assurance engagements
Limited assurance engagements

The objective of a reasonable assurance engagement is a reduction in assurance engagement risk to an acceptably low level in the circumstances of the engagement as the basis for the assurance practitioner’s conclusion. The conclusion would usually be expressed in a positive form.

In order to give reasonable assurance, a significant amount of testing and evaluation is required to support the conclusion.

Limited assurance is a lower level of assurance. The nature, timing and extent of the procedures carried out by the practitioner in a limited assurance engagement would be limited compared with what is required in a reasonable assurance engagement. Nevertheless, the procedures performed should be planned to obtain a level of assurance which is meaningful, in the practitioner’s professional judgement.

For a limited assurance engagement, the conclusion conveys whether, based on the procedures performed and evidence obtained, a matter(s) has come to the practitioner’s attention to cause the practitioner to believe the subject matter information is materially misstated. This would usually be expressed in a negative form of words.

For both reasonable and assurance engagements, the revised ISAE requires the practitioner to provide a summary of the procedures undertaken within the assurance report.

Development of audit (early audit and modern audit)

Early Auditing (Ancient Times to 19th Century)

Origins in Ancient Civilizations:
- Auditing traces back to ancient Mesopotamia, Egypt, Greece, and Rome.
- Scribes checked records for fraud and mismanagement in tax collection and trade.
Middle Ages (Feudal Systems):
- Stewards (managers) maintained accounts for landowners.
- Auditors reviewed records to detect fraud and ensure accuracy.
Industrial Revolution Impact (18th–19th Century):
- Growth of businesses led to separation of ownership and management.
- Shareholders demanded independent verification of financial statements.
- Key Development:
  - Joint-stock companies(e.g., East India Company) required audits to protect investors.

Modern Auditing (20th Century–Present)

Early 20th Century:
- Formalization of Auditing Standards:
  - Companies Acts (e.g., UK’s 1844 Joint Stock Companies Act) mandated audits.
  - Big Four accounting firm semerged (PwC, Deloitte, EY, KPMG).
- Shift from Fraud Detection to Financial Verification:
  - Focus on ensuring financial statements were “true and fair.”
- Late 20th Century–21st Century:
  - Technology Integration:
    - Use of CAATs (Computer-Assisted Audit Techniques)and data analytics.
  - Regulatory Changes:
    - Sarbanes-Oxley Act (2002, USA): Strengthened internal controls post-Enron scandal.
    - IFRS (International Financial Reporting Standards): Global harmonization of audits.
  - Expanded Scope:
    - Risk-based auditing, sustainability audits, and cybersecurity audits.

Key Differences: Early vs. Modern Audit

Aspect	Early Audit	Modern Audit
Purpose	Fraud detection	Financial accuracy + compliance
Methods	Manual ledger checks	Digital tools, AI, data analytics
Regulation	Minimal formal standards	Strict laws (SOX, IFRS, ISA)
Scope	Basic financial records	Risk management, ESG, IT systems
Auditor Role	Reactive (error-finding)	Proactive (risk assessment)

Users of audited financial statements

Owners and investors

Stockholders of corporations need financial information to help them make decisions on what to do with their investments (shares of stock), i.e. hold, sell, or buy more.

Prospective investors need information to assess the company’s potential for success and profitability. In the same way, small business owners need financial information to determine if the business is profitable and whether to continue, improve or drop it.

Management

In small businesses, management may include the owners. In huge organizations, however, management is usually made up of hired professionals who are entrusted with the responsibility of operating the business or a part of the business. They act as agents of the owners.

The managers, whether owners or hired, regularly face economic decisions – How much supplies will we purchase? Do we have enough cash? How much did we make last year? Did we meet our targets? All those, and many other questions and business decisions, require analysis of accounting information.

Lenders

Lenders of funds such as banks, financial institutions, and bondholders, are interested in the company’s ability to pay liabilities upon maturity (solvency).

Trade creditors or suppliers

Like lenders, trade creditors or suppliers are interested in the company’s ability to pay obligations when they become due. They are nonetheless especially interested in the company’s liquidity – its ability to pay short-term obligations.

Government

Governing bodies of the state, especially the tax authorities, are interested in an entity’s financial information for taxation and regulatory purposes. Taxes are computed based on the results of operations and other tax bases. In general, the state would like to know how much the taxpayer makes to determine the tax due thereon.

Employees

Employees are interested in the company’s profitability and stability. They are after the ability of the company to pay salaries and provide employee benefits. They may also be interested in its financial position and performance to assess possibilities of company expansion, and with it, career development opportunities.

Customers

When there is a long-term involvement or contract between the company and its customers, the customers become interested in the company’s ability to continue its existence and maintain stability of operations. This need is also heightened in cases where the customers depend upon the entity.

For example, a distributor (reseller), the customer in this case, is dependent upon the manufacturing company from which it purchases the items it resells.

General Public

Anyone outside the company such as researchers, students, analysts and others could be interested in the financial statements of a company for some valid reason – be it for personal research, industry and sector analyses, school report, or simply to satisfy one’s curiosity.

Internal and External Users

The users may be classified into internal and external users.

Internal users refer to managers who use accounting information in making decisions related to the company’s operations.

External users, on the other hand, are not involved in the operations of the company but hold some financial interest. The external users may be classified further into users with direct financial interest – owners, investors, creditors; and users with indirect financial interest – government, employees, customers and the others.

Features of audits

Auditing is a systematic process. It is a logical and scientific procedure to examine the accounts of an organization for their accuracy. There are rules and procedures to follow.
The audit is always done by an independent authority or a body of persons with the necessary qualifications. They have to be independent so their views and opinions can be totally unbiased.
Once again, an audit is the examination of all the books of accounts and financial information of the company. So it is essentially a verification of the final accounts of the organization, i.e. the profit and loss statement and the balance sheet at the end of the financial year.
Auditing is not only the review of the books of accounts but also the internal systems and internal control of the organization.
To conduct the audit we need the help of various sources of information. This includes vouchers, documents, certificates, questionnaires, explanations etc. He may scrutinize any other documents he sees fit like Memorandum of Association, Articles of Associations, vouchers, minute books, shareholders register etc.
The auditor must completely satisfy himself with the accuracy and authenticity of the financial statements. Only then can he give the opinion that they are true and fair statements.

Purpose of an Audit

The main purpose of an audit is to provide

An objective and independent examination of the financial statements
To enhance the credibility of the financial statements prepared by the organisation
To increase the confidence of users in the financial statements
To reduce risk to investors

Thus, the basic purpose of an audit can be described as:

To assess whether or not the financial statements are in conformity with Generally Accepted Accounting Principles (GAAP) and the prescribed accounting standards.
To provide assurance about the accuracy of financials.
To ensure compliance with established internal control procedures by examining
records, reports, operating practices and documentation.
To certify the assets and liabilities by comparing same to available documentation.
To verify compliance, conformance or performance.
To follow-up on the completed/contemplated corrective action plan of an

Distinction between auditing and accounting

Accounting	Auditing
Definition
Accounting is referred to as the process of recording, classifying, summarising and interpreting the financial transactions, statements to determine the financial position of an organisation	Auditing is referred to as the process of examining the financial records such as transactions and statements of an organisation in order to find any discrepancies during the process of recording of the transactions and also to verify the accuracy of the records
Purpose
Accounting is done with the purpose of showing the position, profitability and performance of the business entity or organisation	Auditing is done to verify the accuracy of data presented by accounting. It is done with the purpose of revealing to what extent the true and fair view of records is maintained in the transactions
Objective
To determine profit and loss of the organisation or the financial position of an organisation for a period	To determine the correctness of all the recorded transactions
Mode of operation
Accounting is done on a daily basis, as transactions happen on a daily basis for any business	It is a periodical assessment and is done monthly, quarterly or yearly
Performed by
Accounting is done by accountants	Auditing is done by auditors
Sequence
Accounting starts at the end of bookkeeping	Auditing starts at the end of accounting

Different types of audit

As a brief recap, an audit examines your financial records and transactions to verify they are accurate. Typically, audits look at your financial statements and accounting books to compare information.

You or your employees may conduct audits. Or, you might have a third party audit your information (e.g., IRS audits).

Many business owners have routine audits, such as once per year. If you are not organized or don’t keep thorough records, your audits might take more time to complete.

Types of auditing can vary from business to business. For example, a construction business might conduct an audit to analyze how much they spent on a specific project (e.g., costs for contractors or supplies).

Overall, audits help ensure your business is operating smoothly. So, what are the various types of audit?

Internal audit

Internal audits take place within your business. As the business owner, you initiate the audit while someone else in your business conducts it.

Businesses that have shareholders or board members may use internal audits as a way to update them on their business’s finances. And, internal audits are a good way to check in on financial goals.

Although there are many reasons you may conduct an internal audit, some common reasons include to:

Propose improvements
Monitor effectiveness
Make sure your business is compliant with laws and regulations
Review and verify financial information
Evaluate risk management policies and procedures
Examine operation processes

Pros of internal auditing

When supported by well-organized data and skilled auditors, internal auditing can bring specific advantages to an organization.

Enhance decision-making: Internal audits can define specific problems and give decision-makers data to help inform their strategies and assess solutions.
Improve operations and efficiency: Internal audits can identify operational problems and inefficiencies. Because audits look at specific areas in-depth, they provide insights into the source of the issue. After the company makes changes, they can run another internal audit to see if the new practices and procedures have delivered the desired results.
Define and mitigate risks: Internal audits can look at the consequences of potential events and the odds that such an event will take place. Once decision-makers are aware of the risk, they can take steps to mitigate it, lower the odds of it taking place, and reduce the potential consequences.
Ensure compliance and success in external audits: Internal audits can mimic the process of external audits and find issues with reporting or compliance. By finding these problems and making corrections, a company can avoid potential penalties or punishments.

Cons of internal auditing

August 2024 Question One A

Internal auditing brings advantages, but there are also some drawbacks to consider.

Cost: Internal auditing costs money. The most efficient auditing departments only cost their companies. However, expenses can be high if you aren’t careful.
Disruptions to operations: Sometimes, audits may disrupt business processes. Work stoppages due to audits can harm a company’s bottom line.
Negative employee reactions: Employees may feel that an audit is unjust, that their department is being unfairly singled out, or that the review focuses on their performance rather than the department’s overall efficiency.
Poor use of digital accounting systems: Internal audits may be inaccurate or time-consuming because of poor record-keeping, a lack of an automated accounting system, and disorganized financial data.

Factors necessitating growth in Internal Audit

The growth and evolution of Internal Audit (IA) functions are driven by several key factors, including regulatory changes, organizational complexity, technological advancements, and increasing stakeholder expectations. Below are the primary factors necessitating growth in Internal Audit:

Increasing Regulatory and Compliance Requirements

Stricter laws (e.g., IIA, GDPR, Basel III, CCPA) demand stronger internal controls.
Regulators expect IA to provide assurance on compliance and risk management.
Emerging ESG (Environmental, Social, and Governance) reporting requirements.

Growing Organizational Complexity

Expansion into new markets, mergers & acquisitions (M&A), and diversified business models.
Complex supply chains and third-party risks requiring deeper audit scrutiny.
Decentralized operations (remote/hybrid work) increasing cybersecurity and fraud risks.

Technological Advancements & Digital Transformation

Adoption of AI, blockchain, cloud computing, and automation introduces new risks.
Need for IT Audits(cybersecurity, data privacy, system integrity).
Use of Data Analytics & AI in Auditing(predictive analytics, continuous monitoring).

Rising Cybersecurity & Fraud Risks

Increased cyber threats (ransomware, phishing, data breaches).
Fraud detection and forensic auditing becoming critical.
IA must assess IT controls and incident response plans.

Stakeholder & Board Expectations

Investors and regulators demand greater transparency and accountability.
IA must provide strategic insights beyond compliance (value-added auditing).
Focus on Enterprise Risk Management (ERM)and operational resilience.

Globalization & Geopolitical Risks

Cross-border operations introduce regulatory, currency, and political risks.
IA must assess risks in different legal and cultural environments.

Focus on Operational Efficiency & Cost Optimization

Businesses demand IA to identify inefficiencies and cost-saving opportunities.
Shift from traditional audits to risk-based and agile auditing.

Talent & Skill Development

Need for auditors with expertise in data analytics, cybersecurity, and AI.
Upskilling to align with evolving business risks.

Reputation & Trust Management

High-profile corporate scandals increase demand for strong IA functions.
IA helps protect brand reputation by ensuring ethical practices.

External audit

An external audit is conducted by a third party, such as an accountant, the IRS, or a tax agency. The external auditor has no connection to your business (e.g., not an employee). And, external auditors must follow generally accepted auditing standards (GAAS).

Like internal audits, the main objective of an external audit is to determine the accuracy of accounting records.

Investors and lenders typically require external audits to ensure the business’s financial information and data is accurate and fair.

Audit reports

When your business is audited, external auditors usually give you an audit report. Audit reports include details of the audit process and what was found. And, the report includes whether your financial records are accurate, missing information, or inaccurate.

December 2024 Question One B

Discuss FOUR differences between “internal audits” and “external audits”. (8 marks)

Using the work of internal audit

International Standard on Auditing (ISA) 610, Using the Work of Internal Auditors was revised and published in 2013. This standard focuses on whether the external auditor can use the work of the internal audit function for purposes of audit, and the revised version of the standard, clarified whether the internal auditors could be used to provide direct assistance to the external auditor.

Internal auditors are the employees of the entity, which could result in threats to independence (either in fact or perceived) if direct assistance is provided by the internal auditors. On the other hand, the following benefits relating to provision of direct assistance by the internal auditors cannot be ignored:

There will be a strengthened relationship between the external and internal auditors through a more effective dialogue
With the knowledgeof the internal auditors, the external auditor can gain additional insights into the entity
The external auditor can use internal auditors who may have relevant expertisein particular areas, and
The external audit team can focus on the more significant audit issues.

The external auditors need to evaluate and perform audit procedures on the work done by internal auditors that they might be able to use, in order to determine its adequacy.

The evaluation includes the following:

Whether the work was done by internal auditors having adequate technical training and proficiency
Whether the work was properly supervised, reviewed and documented
Whether adequate audit evidence was obtained to allow the internal auditors to draw reasonable conclusions
Whether the conclusions reached are appropriate and any reports are consistent with the results of the work done
Whether any exceptions or unusual matters disclosed are properly resolved

The nature, timing and extent of the audit procedures performed on specific work of the internal auditors will depend upon the external auditor’s assessment of the risk of material misstatement of the area concerned, the evaluation of internal audit and the evaluation of the specific work of the internal auditors.

Audit procedures might include:

Examination of items already examined by the internal auditors
Examination of other similar items
Observation of procedures performed by the internal auditors

Pros of external auditing

When a company is required to have an external audit, it can enjoy certain advantages.

Improved transparency: An outside auditor gives a company a chance to prove their finances are in order and their statements are accurate. This extra proof is necessary for shareholders, but lenders and people who want to support honest, transparent businesses will also appreciate it.
Stronger internal controls: A business can establish strong internal policies and practices to ensure a positive outcome of an external audit. These policies can also help with accounting, record-keeping and overall efficiency within the company.
Increased credibility: Whether public or private, a company can increase its credibility by letting a third party examine its financial records. The audit can show that the firm is operating honestly and not trying to manipulate its finances or engage in any unscrupulous practices.

Cons of external auditing

External audits can also come with drawbacks, some of which can be significant if you aren’t prepared for them.

Increased costs: The cost of an external audit depends on the size of a company and the details of its financial records.
Negative publicity: If your audit produces negative results, it could generate damaging stories in the media. This could be disastrous for public companies, which could lose shareholders. Even smaller firms could suffer if the audit turns up financial reporting or compliance issues.
Compliance concerns: An impending external audit could lead to concerns about meeting regulatory requirements. Companies may worry about accounting practices or systems missing necessary data or reports not complying with industry requirements.

Limitations of the external audit:

– Not all items in the financial statements are tested.

– Judgement is required.

– There are limitations in the accounting and control systems.

– The audit report is issued a while after the balance sheet date.

Similarities between internal audit and external audit

External audits and internal audits, though serving distinct purposes, share common goals and methodologies. The following are examples:

Both strive to deliver accurate and reliable information.
They also uphold professional standards and maintain independence.
Their primary role involves assessing the effectiveness of internal controls and pinpointing areas for improvement

MASOMO MSINGI PUBLISHERS APP – Click to download and access all our soft copy materials

Visited 1,987 times, 1 visit(s) today