Joanne M. Flood - Wiley Practitioner's Guide to GAAS 2020

How management may override controls in a way that would make the fraud particularly difficult to detect.

(AU-C 200.A22–A.23)

However, the auditor is not an insurer, and the audit report does not constitute a guarantee. It is based on reasonable assurance . Thus, it is possible that an audit conducted in accordance with GAAS may not detect a material misstatement.

In order to form an opinion, the auditor must obtain reasonable assurance. The auditor obtains reasonable assurance by obtaining sufficient appropriate audit evidence to reduce audit risk to an acceptably low level to draw a reasonable conclusion. (AU-C 200.19)

Auditors must comply with and understand relevant AU-C sections, that is, those that are in effect and address the circumstances of the audit. (AU-C 200.20 and .21) GAAS uses two categories of professional requirements to describe the degree of responsibility the standards impose on auditors.

1 Unconditional requirements. The auditor is required to comply with an unconditional requirement in all cases in which the circumstances exist to which the unconditional requirement applies. SASs use the word must to indicate an unconditional requirement.

2 Presumptively mandatory requirements. The auditor is also required to comply with a presumptively mandatory requirement in all circumstances where the presumptively mandatory requirement exists and applies. However, in rare circumstances, the auditor may depart from a presumptively mandatory requirement. The departure should only relate to a specific procedure when the auditors determine that the procedure would be ineffective in the specific circumstances. The auditors must document their justification for the departure and how the alternative procedures performed in the circumstances were sufficient to achieve the objectives of the presumptively mandatory requirement. GAAS use the word should to indicate a presumptively mandatory requirement.

(AU-C 200.25–.26)

The term should consider means that the consideration of the procedure or action is presumptively required, whereas carrying out the procedure or action is not.

AU-C Section 200 also clarifies that explanatory material is intended to explain the objective of the professional requirements, rather than imposing a professional requirement for the auditor to perform.

The auditor is responsible for planning, conducting, and reporting the results of an audit according to GAAS. 2GAAS provide the standards for the auditors’ work in fulfilling their objectives. Each AU-C section contains objectives that provide a link between the requirements and the overall objectives of the auditors. Auditors should have sufficient knowledge of the AU-C sections to determine when they apply and should be prepared to justify departures from them.

Interpretive publications are not auditing standards, but are recommendations, issued under the authority of the ASB, on how to apply GAAS in specific circumstances, including engagements for entities in specialized industries. Interpretive publications are not auditing standards. They consist of the following:

Auditing Interpretations of AU-C sections, listed in each chapter of this book that has a related Interpretation.

AICPA Audit and Accounting Guides and Statements of Position, listed in Appendix Bof this book.

(AU-C 200.A81)

Auditors should consider interpretive publications that apply to their audits.

Other auditing publications, listed in Appendix Cof this book, are not authoritative but may help auditors to understand and apply GAAS. An auditor should evaluate such guidance to determine whether it is both (1) relevant for a particular engagement and (2) appropriate for the particular situation. When evaluating whether the guidance is appropriate, the auditor should consider whether the publication is recognized as helpful in understanding and applying SASs, and whether the author is recognized as an auditing authority. AICPA auditing publications that have been reviewed by the AICPA Audit and Attest Standards staff are presumed to be appropriate. (AU-C 200.A82–.84)

1 1 See Definitions of Terms.

2 2 Generally accepted auditing standards are issued in the form of Statements on Auditing Standards and codified into AU-C sections in the AICPA’s Professional Standards.

Scope SCOPE This section states the requirements and provides application guidance on the auditor’s responsibilities when agreeing upon terms of engagement with management and those charged with governance. It also establishes the important preconditions for an audit, for which management is responsible. AU-C 220, Quality Control for an Engagement Conducted in Accordance with Generally Accepted Auditing Standards , addresses those aspects of engagement acceptance that the auditor can control and the auditor’s responsibilities regarding ethical requirements concerning acceptance of an engagement. (AU-C 210.01 and .A1)

Definitions of Terms DEFINITIONS OF TERMS Source: AU-C 210.04. For definitions related to this standard, see Appendix A , “Definitions of Terms”: Preconditions for an audit, Recurring Audit.

Objectives of AU-C Section 210 OBJECTIVES OF AU-C SECTION 210 AU-C Section 210.03 states that: … the objective of the auditor is to accept an audit engagement for a new or existing audit client only when the basis upon which it is to be performed has been agreed upon through 1 establishing whether the preconditions for an audit are present and 2 confirming that a common understanding of the terms of the audit engagement exists between the auditor and management and, when appropriate, those charged with governance.

Fundamental Requirements FUNDAMENTAL REQUIREMENTS Engagement Acceptance Preconditions Unless required to do so by law or regulation, an auditor should discuss the situation with management and not accept an engagement when the preconditions (see Appendix A , “Definitions of Terms”) are not met. (AU-C 210.08) To assess whether those preconditions are met, the auditor should: 1 determine whether the financial reporting framework 1 to be applied in the preparation of the financial statements is acceptable and 2 obtain the agreement of management that it acknowledges and understands its responsibilityfor the preparation and fair presentation of the financial statements in accordance with the applicable financial reporting framework;for the design, implementation, and maintenance of internal control relevant to the preparation and fair presentation of financial statements that are free from material misstatement, whether due to fraud or error; andto provide the auditor withaccess to all information of which management is aware that is relevant to the preparation and fair presentation of the financial statements, such as records, documentation, and other matters;additional information that the auditor may request from management for the purpose of the audit; andunrestricted access to persons within the entity from whom the auditor determines it necessary to obtain audit evidence.(AU-C 210.06) In evaluating whether the financial reporting framework is acceptable, the auditor may want to consider: The nature of the entity The purpose and nature of the financial statements Whether the framework is determined by law or regulator (AU-C 210.A5)

Engagement Acceptance