Joanne M. Flood - Wiley Practitioner's Guide to GAAS 2020

GAAS and the GAAS Hierarchy

AU-C 200 describes the auditor’s overall responsibilities when conducting a GAAS audit, including the auditor’s overall objectives and the nature and scope of the audit. Also included in AU-C 200 are the scope, authority, and structure of GAAS. (AU-C 200.01)

Source: AU-C 200.14.For definitions related to this standard, see Appendix A, “Definitions of Terms”: Applicable financial reporting framework, Audit evidence, Audit risk, Auditor, Detection risk, Financial reporting framework, Financial statements, Historical financial information, Interpretive publications, Management, Misstatement, Other auditing publications, Premise, relating to the responsibilities of management and, when appropriate, those charged with governance, on which an audit is conducted (the premise), Professional judgment, Professional skepticism, Reasonable assurance, Risk of material misstatement, Those charged with governance.

The overall objectives of the auditor, in conducting an audit of financial statements, are to

1 obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, thereby enabling the auditor to express an opinion on whether the financial statements are presented fairly, in all material respects, in accordance with an applicable financial reporting framework; and

2 report on the financial statements, and communicate as required by GAAS, in accordance with the auditor’s findings.

(AU-C 200.12)

If reasonable assurance cannot be obtained and a qualified opinion is insufficient, the auditor must either disclaim an opinion or withdraw from the engagement when possible under applicable law or regulation. (AU-C 200.13)

Financial statements are prepared by management with oversight from those charged with governance. GAAS do not impose requirements on management or those charged with governance, but rather an audit is conducted on the premise that management and those charged with governance understand their responsibilities. (AU-C 200.05)

Many times clients do not understand their responsibilities for audited financial statements. The financial statements are management’s . They contain management’s representations. The form and content of the financial statements are management’s responsibility, even if the auditor prepared them or participated in their preparation.

Management also is responsible for implementing and maintaining an effective system of internal control.

The purpose of an audit of financial statements is confined to the expression of an opinion on the financial statements being audited. In performing the audit, the auditor is responsible for compliance with GAAS. (AU-C 200.04)

In every audit, the auditor has to obtain reasonable assurance 1about whether the financial statements are free of material misstatement, whether due to errors or to fraud. (AU-C 200.06) Materiality is taken into account when planning and performing the audit. Misstatements are considered material, individually or in the aggregate, when they could reasonably be expected to influence economic decisions made by financial statement users. However, the auditor is not required to obtain reasonable assurance that misstatements not material to the financial statements taken as a whole, whether caused by fraud or error, are detected. Materiality considers qualitative and quantitative elements and should be viewed in context. (AU-C 200.07)

The auditor has a responsibility to consider GAAS in all audits. For more information, see the section “Complying with GAAS” later in this chapter.

To provide reasonable assurance that it is conforming with generally accepted auditing standards in its audit engagements, an accounting firm should establish quality control policies and procedures. These policies and procedures should apply not only to audit engagements but also to attest and accounting and review services for which professional standards have been established. (AU-C 200.A20) The AICPA’s Quality Control Standards detail the firm’s responsibility for establishing and maintaining a system of quality control for auditors. See QC Section 10, A Firm’s System of Quality Control , for more information.

The auditor must be independent. If not independent, the auditor cannot issue a report under GAAS. The only exception is if GAAS provides otherwise or law or regulation requires the auditor to accept the engagement and report on the financial statements. (AU-C 200.15) In that situation, AU-C 705, Modifications to the Opinion in the Independent Auditor’s Report , applies.

To be independent, the auditor must be intellectually honest; to be recognized as independent, he or she must be free from any obligation to or interest in the client, its management, or its owners. The auditor should be independent in appearance as well as fact. (AU-C 200.A17) For specific guidance, the auditor should look to the AICPA and the state society codes of conduct and, if relevant, the requirements of the Securities and Exchange Commission (SEC). (AU-C 210.A21)

Policies and procedures should provide reasonable assurance that personnel maintain independence when required and perform all responsibilities with integrity, objectivity, and due care.

1 Independence is an impartiality that recognizes an obligation for fairness.

2 Integrity pertains to being honest and candid, and requires that service and public trust not be subordinated to personal gain.

3 Objectivity is a state of mind that imposes an obligation to be impartial, intellectually honest, and free of conflicts of interest.

4 Due care requires the auditor to discharge professional responsibilities with the competence and diligence necessary to perform the audit and issue an appropriate report and to render services promptly, thoroughly, and carefully, while observing applicable standards. (AU-C 200.A19)

(AU-C 200.A16)

(See the AICPA’s Code of Professional Conduct, ET.0.300)

The auditor must exercise professional judgment in planning and performing an audit of financial statements. (AU-C 200.17-18) The auditor should:

Observe GAAS,

Possess the degree of skill commonly possessed by other auditors, and

Exercise that skill with reasonable care and diligence.

Professional judgment is developed through training and experience. It will come into play in all aspects of the audit, particularly when

Assigning materiality

Assessing audit risk

Evaluating the sufficiency of audit evidence

Evaluating management’s integrity and judgment

Arriving at conclusions

(AU-C 200.A27)

As can be seen from the above list, professional judgment is exercised throughout the audit.

The auditor should also exercise professional skepticism, that is, an attitude that includes a questioning mind and a critical assessment of audit evidence.

In practice, this means that auditors should be alert for:

Contradictory evidence,

Indications of fraud,

Unusual circumstances and those that suggest the need for additional audit procedures,

Evidence that calls into question the reliability of documents and responses to inquiries,

The possibility of collusion when performing the audit, and