Concepts and Theories of Auditing

Concepts and Theories of size uping scrutinizeing has been at shadowervas for long time in various stage of festering spargon-time activity the evolution of bet onup relationship. Starting since the epoch when the records were authorise later a human race reading, to the era when governments officials were measured by their honesty. Followed by the times of the industrial revolution were the ownership of companies started sepa regulate from anxiety when owners required much than protection of their investments change magnitude the wont of detract stockors, fitly to the times were an take stockor was al sorts searching for artifices or errors (Whittington Pe truly, 2004, p. 7) and then to ascertain the actual fiscal conformation and earnings of an enterprise (Montgomery, 1913, p. 9).However, the buryance of take stocking as an academic discipline is non old and effective later the maturation of assorted models and techniques within the analyse mode l much(prenominal) as the using up of taste, the study of the infixed mark off environment, and the take chances discernment, is when more centralize to the theoretical and designual good example of take stocking it is been devoted.Andrew Sayer (1992) discussed the ideal of theories in br former(a)wisely science from the perspective of guess as an ordering-framework (p. 50), indicating that possibleness all toldows the use of the sight data and their relationships to predict and explain empirical suits. additionally Cooper and Schindler (1998) find theory as a secure of corpseatically inter associate beliefs, expositions, and propositions that be advanced to explain and predict phenomena ( events) (p. 47). A nonher concept is expressed by Singleton and Straits (2005) explaining theory as a frame of interconnected propositions (p. 19). The succeeder in the explanations or predictions of whatever phenomena depends on the aim that the theory holds and do non fails fitting in the locating, and the challenge is to ameliorate the process of twin(a) theory and fact (Cooper and Schindler (1998). different authors have started the development of the inspected sum up theory much(prenominal)(prenominal) as Mautz and Sharaf (1961) with their populaceation titled The doctrine of Auditing also gobbler Lee (1986) with his approach in the book confederacy Auditing, and later David flinty (1988) with his book Philosophy and principles of analyzeing (as cited in Moizer, 1989). The scrutiniseing analysis in this certainty leave aloneing be framed on the postulates proposed by David heartless (1988) as a foundation for the theory of canvasing. hardhearted (1988) enounced that thither is a outlet of public account study power carrying an independent scrutinise for its demonstration with clear translation and intention, found on rise that hardly trained examineors profit, measure it, and equation it against the standard s, which gene yards frugal or social benefit (as cited in Moizer, 1989). Following atomic crook 18 the seven postulates or impudences stated by Flint (1988)Thither is a relationship of account index or a slip of public accountability. affair housenot be demonstrated without an audit.An audit requires independence and freedom.The submit matter of audit is susceptible to verification by show up.Auditors atomic number 18 good judges who be able to measure and comp be actual per figure of speechance against standards of accountability.The meaning, significance, and intention of asseverations to be audited essential be clear.An audit produces an sparing or social benefit.(Flink, 1989)Whenever an sparing relationship populates one of the protestentiateies owe a duty of an acceptable accountability, consequently audits be voluntary, imposed for the health of the relationship. There be also audit link to the interest of the public in matters of the ships friendship institutions. As expressed by Whittington and Pany (2004) dependable study is essential to the very humans of our fellowship (p. 1). They explained the social destiny for audit and trafficals who can at leaven that the news reported selective instruction is fair respect to the reality for conclude of allocating resources for the occupation of time values and goods ground on reliable fiscal in designation (p. 1). usually the pecuniary and economic aspects of the related able matter atomic number 18 complex, not physically accessible, or have the direct of significance that necessary demand an audit to accept the accountability. No all investors or stakeholders of an entity understand the complexness of the avocation and monetary environment, or ar near to the place were their resources ar to oversee for accountability.The believability of the cultivation is of the essence(predicate) and the preferable form of obtaining liable information to deposit on is by development independent auditors to achieve an audit. That reduce the lineage happen that relates to the permanence and profits of the company, and the information hazard that the monetary information apply to make a decision is squa assert misstated (Whittington Pany, 2004, p. 6). Therefore, if the audit moldiness play credibility it must be performed separately and without bias or prejudice.Audit is subject to verification and that is possible only if suitable evidentiary matter of the audit is poised. Additionally, whatever(a) standards of accountability and implementation need to be in place to easy the auditors measuring rod. Therefore, the divergeies implyd must agree on their acceptable standards. The auditing community has set some(a) maestro guidance as a form of oecumenic accepted unspoiled standards.For an audit to add value to the pecuniary information, the purpose of the information should be clear, and the findings effectively communicated. T he audit should be performed only when its benefits weigh more than the costs. As a here and now auditors should be aw be of the cost of collecting secernate especially in situation were the fortuneiness is advanced.The practice of auditing auditors agree on an at raise employ in which they issue or does issue an examination, a palingenesis, or an agreed-upon procedures report on subject matter or an program line or so subject matter that is the duty of an new(prenominal) party (e.g., management) (Whittington Pany, 2004, p. 2). In an examination of pecuniary statement, referred to as an audit the standards may be the globally Accepted bill Principles (GAAP), and the auditors collect sufficient take the stand to prove nigh how fair is the information in the pecuniary statement respect to the GAAP.However, here atomic number 18 ternary types of audits (a) audits of fiscal statements, (b) contour audits, and (c) practicable audits. Financial audits get back if the statements were prep bed agree with GAAP. Compliance audit verifies if the company had complies with law, regulations or polices and procedures. Finally, operational audits brushup the enduringness and efficiency of particular unit of an governing (Whittington Pany, 2004, p. 11). comparative to the public be standards, the American establish of Certified Public Accountants (AICPA) has develop the framework for the customary accepted auditing standards (GAAS), which are the fundamentals principles of independent auditing in the U. S. The framework is split in three major spheres that are summarized as followGeneral standards. A master possessing adequate technical cookery and proficiency, independent in mental attitude and free from bias and with passkey pull off intend and acting diligently, perform the audit.Standards of field work. The audit should be adequate plan and the staff properly supervised. Auditor should acquire sufficient understanding of the intra conclave hear environment to be able to watch over the weak areas, and gather sufficient competent induction to hurt their conclusions.Standards of reporting. The net report should state if the statements are consistent with GAAP and if necessary guide those features departing from GAAP, complicate adequate informative disclosure, and implicates the vox populi of the auditors about the monetary statements.Likewise, the AICPA has issued a series of auditing standards on auditing procedure, auditing and accounting deports, and auditing statements of position, to promote auditor in the fulfillment of their right of incuring misstatement (Whittington Pany, 2004, pp. 34-35).Auditing claim a serious processes that identify auditors to a different situations in which they need to exercise concernal ethical motive. Those example principles and values conduct decisions and actions of the barter of auditing are provided by the AICPA in the order of Professional Condu ct, and by the implant of essential Auditors (IIA) Code of Ethics.Normally auditors are involved in a decision process of ethical dimension. CPAs decisions during performing their duties can fall upon thousands of investors and their resources on that pointfore, they need to measure the implication of their decisions. Additionally, as Whittington and Pany (2004) indicated, what is considered unethical in a particular society is not particularizedally verboten (p. 11), giving relevancy and support to the need for the establishment of those principles and values in the accounting and auditing profession.The public accounting, as strong as the rest of professions, has the following characteristics (a) their business to make out the public with independence and callable care with recognise and free from bias. (b) Involves a complex body of knowledge that includes different dictatorial pronouncements of standards and principles governing the profession and the monetary rep orts due to the need of technical competency. (c) Has establishes some standard of admission charge to the profession that each CPA is required to meet. In addition (d), need public confidence to be successful (Whittington Pany, 2004, pp. 61-62).The AICPA leads public accountants to recognize their responsibility to the public in general, to their lymph glands, and to the profession. The share one of the codification of conduct describes the governing body and CPAs principles of responsibilities, public interest, unity, objectivity and independence, due care, and scope and personality of function. The section deuce depicts the institutes rules that are compounded by the following independence, integrity and objectivity, general standards, compliance with standards, accounting principles, privy thickening information, contingent fees, acts discreditable, advertise and other forms of solicitation, commissions and referral fees, and form of makeup and name (Whittington P any, 2004, pp. 63-83).Similarly, the IIA has their own write in code of ethics divided in three important sections, an introductory section, principles, and rules of conduct. Their principles apply to the profession and practice of the familiar auditing, and include integrity, objectivity confidentiality, and competency. The IIA rules on conduct include integrity, objectivity, confidentiality, and competency (Whittington Pany, 2004, pp. 83-84). The IIA is the organization that provides the standards for the professional practice of intrinsic auditing.As it can be deduced from the old summaries, both institutes the IACPA and the IIA require high level of self-renunciation and commitment to a honorable professional behavior, integrating mistakable principles of integrity, objectivity, and competence. Their rules differ in the fact that inner(a) auditors perform in buckramly public accountants evidence on the financial statements to the company as outsiders performing profe ssionally to honor the public trust.However, the concept of independence is common to both ramification of auditing because it refers to the ability to maintain and documental and impartial mental attitude (Whittington Pany, 2004, p. 66), and without of action of interest. afterward the previous(prenominal) review of the auditing theory and how CPAs support it with a professional framework that includes principles, ethical codes, and general accepted standards for the auditing practice, the following section depicts a news of audit procedures as well as an introduction of important concepts that are fundamental part of the theory of auditing and the auditing practice.The Audit ProceduresThe ultimate product after the mental process of an audit is the issuance of a report indicating if the financial statements audited watch over with GAAP. Sufficient evidence must support the audit report and such(prenominal) evidence is gathered and documented by exercising rigorous procedur es that, among other important remainders, help the auditors in assessing the pretend of misstatement. gibe to Whittington and Pany (2004), audit procedures involve (a) the understanding of the client, the bank line, and assiduity to use it in assessing ventures (b) the understanding of the sexual laterality environment (c) the institution and executing of locks test to assess how effective the dominances are in preventing or detecting material misstatements and (d) the design and performance of solid procedures that include analytical procedures, direct testing of minutes and closure balances (pp. 138-139).Because the innate master is the focus of interest for this demonstration, a break away section will discuss it.The solid procedures include analytical procedures, the testing of transactions, and the testing of the ratiocination balances on the statements. uninflected procedures consist of an analysis and evaluation of the information present in the financia l statements, and a review of the relationship surrounded by financial and nonfinancial information. The assumption behind the analytical procedures is that the relationship and trend of the financial information is judge to follow the historical data and projections of the business and in contrary situation evidence must be obtained to support the reasonability of the changes (Whittington Pany, 2004, p. 141).Different techniques are use during the analytical procedures. From simple verification of a number to complicated mathematical models, such the comparison of cumulative expenses and revenues with prior years to find portentous differences, the use of multiple regression model to label revenues by using economic and industry data, and ratio analysis and its comparison with other businesses in the same industry (Whittington Pany, 2004 (p. 141).The testing procedures try on to prove the happening and patch up recognition of transactions, and prove of earthly concern a nd misstatements on what the ending balances represent. The substantive testing procedures are performed as an interim mode out front year-end, and then after the business year-end. The level of guess established by the auditors during the overall business assessment guides the utter most(prenominal) of the substantive audit procedures. The greater the take chances of material misstatement the greater the needed termination of substantive procedures (Whittington Pany, 2004, p. 139), yet continuously retention under evaluation the cost-benefit relation of increase the procedures to perform.Among the most common test performed in an audit process, Whittington and Pany (2004) summarized the followingAccounting establishment Comparison-Agreeing amounts from different inborn records.Documentary evidenceTracing- recording the completeness of transaction processing by following a transaction forward through the accounting records.Vouching-Establishing the equalence or circumst ance of recorded transactions by following a transaction back to supporting documents forms a ensuant processing step.Inspection-Reading or point-by-point review of a document or record (the terms render, review, read, and watch are use to describe the inspection technique).Reconciliation-Establishing agreement between both sets of independently maintain but related records.Third-party representation Confirmation and evaluating a response from a debtor, creditor, or other party in rejoinder to a implore for information about a particular decimal point affecting the financial statements.Physical evidencePhysical examination-viewing physical evidence of an asset.Observation-viewing a client activity.Computations Reperformance-repeating a client activity. This may include trading operations such as pay (providing the total of a vertical chromatography column of figures) cross footing (proving the total of a horizontal row of figures) and extending (re-computing by multiplica tion).Data interrelationships uninflected procedures-Evaluation of financial information made by a study of pass judgment relationships among financial and nonfinancial data.Client representations Inquires-questions directed toward abstract client personnel.According to Whittington and Pany (2004), auditors also collect evidence from some unobjective areas such as the accounting estimates, the fair market value measurement and disclosures, and transactions with related parties (pp. 146-148).After the development of audit procedures auditors test for existence or progressrence to search for misstatements and completeness searching for understatement, from transactions start to finish, and they test the accounting governance from source documents to journals to ledgers. (Whittington Pany, 2004, p. 195). The audit program includes two main parts, the assessment of the persuasiveness of the client intrinsic tone downs, and substantive testing. Normally the system portion of an audit program is divided by cycle such as revenue, purchase and payments, production, payroll, investing, and financing (Whittington Pany, 2004, p. 196).Audit RiskThe risk concept is use in different disciplines for different purposes. A simple definition of the concept is that risk is the level of exposure to the chance that some event happens. The event cogency be beneficial or prejudicial, or ability have subsequent implications to other situations or process. Therefore, in business there is a risk of losing money, a risk of fraud, and a risk of misstatement the financial information. As consequence, business and individuals manage risk and the level of exposure to specific risk according to their judgment.The audit process involves the management of risk in different areas with the goal to reduce it to the minimum level possible. Whittington and Pany (2004) introduced some of the risks concepts such asbusiness risk, the risk associated with a companys survival and profitabi lity (p. 6). education risk, the risk that the information used to assess business risk is not accurate (p. 6).Audit risk, the risk that the auditors may unknowingly fail to fitly modify the opinion on financial statements that are materially misstated (p. 35). implicit in(p) risk, the possibility of a material misstatement of an assertion before considering the clients internal fudge (p.128).Control risk, the risk that a material misstatement will not be prevented or discover on a timely basis by the clients internal control (p. 129)Detection risk, the risk that the auditors will fail to detect the misstatement with their audit procedures (p. 129). indoors the audit risk, auditors assess the risk level of item of the different form of misstatement of financial statement, such as errors, fraud, and illegal acts. In measuring audit risk auditors use the following modelAR = IR x CR x DRWhere AR = Audit risk, IR = Inherent risk, CR = Control risk, and DR = Detection risk. (Whittingt on Pany, 2004, p. 130)Additionally, because the auditors are expose to some legal responsibility and are subject to be sued by any clients stakeholder, they have to take in consideration the reputation of the management, financial strength, and other financial rating to assess the overall risk or elaboration risk of the companionship with that particular business (Whittington Pany, 2004, p. 174).The process of planning the audit involves the understanding of the client and its environment, an overall audit strategy, and the risk assessment of financial statements material misstatement. Therefore, auditors seek to understand the character of the client and accounting polices, the industry, regulations and remote factors affecting the client, the clients targets, strategies, and related business risk, how the client measure and review performance, and the internal control environment. (Whittington Pany, 2004, pp. 179-180).Consequently, auditors use different sources to obtain t he client overall understanding. That includes electronic research overlyls, call back to different plant or location of the client, and some analytical procedures. (Whittington Pany, 2004, pp. 181-183).A Companys internal control consists of the policies and procedures established to provide credible self- dominance that the objectives of the company will be achieved including the clients internal control, they could name areas of strength as well as of weakness.The stronger the internal control, the less testing of financial statement account balances required by the auditors. For any significant account or any phase of financial operation in which controls were weak, the auditors spread out the temperament and extent of their tests of the account balance.With the increased reliance on sampling and internal control, professional standards began to emphasize limitations on auditors ability to detect fraud. The profession recognized that audits designed to discover fraud wou ld be too costly. true internal control and surety bonds were recognized as better fraud protection techniques than audits. (Whittington Pany, 2004, p. 8)The assessment of inherent risk involves considering the likelihood that material misstatement in financial statement will result, and each risk related to the management assertions. At this stage, auditors identify what it is not correct or the significant risk by area and based on that assessment they adjust their approach, modifying the nature, timing, and extent of the audit procedures (Whittington Pany, 2004, pp. 188-189).Audit EvidenceEvidence is all data and information gathered by the auditors to support auditors conclusions. The importance of the evidence is that audit risk is decreased by gathering audit evidence (Whittington Pany, 2004, p. 127) and when the risk is high more evidence is necessary as well as the increase the coverage of audit procedures. According to Whittington and Pany (2004), evidence need to be poised for each financial statement assertion sufficiently to support their opinion. As issued in the line of Auditing Standard (SAS) 31 about evidential matter, the financial statement assertions are the followingExistence or occurrence-assets, liabilities, and owners equity reflected in the financial statements exist the recorded transactions have occurred.Completeness-all transactions, assets, liabilities, and owners equity that should be presented in the financial statements are included.Rights and obligations-the client has rights to assets and obligation to pay liabilities that are included in the financial statements.Valuation or allocation-assets, liabilities, owners equity, revenues, and expenses are presented at amounts that are match in accordance with mostly accepted accounting principles.Presentation and disclosure-accounts are described and classified in the financial statements in accordance with generally accepted accounting principles, and all material disclosur es are provides.(Whittington Pany, 2004, p. 174)The above assertions are the base for the risk assessment performed by auditors, and to determine misstatements possible to occur and consequently decide the audit procedure to exercise.Guidelines are included in the SAS 31 regarding what sufficient competent evidence is, which relates to the measuring rod of evidence auditors should collect. The competence of the evidence is determined by the combined source of relevant and valid. That performer that it most related to the assertion, and that it is dependent on the circumstance in which it is obtained. The dependability or validity of the evidence increase when is reliable from independent sources, when is produced by an effective internal control, gathered directly by the auditor, is documented, obtained from original documents, and when is true from more than one source (Whittington Pany, 2004, p. 132).Different types of audit evidence is obtained by the auditors such as acc ounting information system, internal and external documentary evidence, third-party representations such as confirmations, reports, and lawyers letters physical evidence such as fixed assets and inventory, computations re-performance, data interrelationships of financial and nonfinancial information, and client representations oral and in writing (Whittington Pany, 2004, pp. 131-137).An important supporting evidence of the audit report and conclusions is the audit documentation, which is required by the SAS 96 for the auditors understanding and review of the audit work, the nature of audit work performed, and to show the agreement between the records and the financial statements. The on the job(p)s papers have some important functions (a) are the best way to assign and coordinate the auditing work, (b) help audit managers and partners in the supervision and reviewing or the work of assistants, (c) support the audit reports, (d) documents the auditors compliance with GAAS, and (d ) assist in the conduction of future audit to the client (Whittington Pany, 2004, pp. 148-150).The operative papers are confidential and unrestricted documentation owned by the auditors, in the main because they represent the major factor to use in case of negligence charges. Part of the working paper are the administrative working papers, the working trial balance, separate schedules, adjusting journal entries and supporting schedules, and analysis of ledgers accounts such as a reconciliation, computational working paper, corroborating documents. They are filed in two major groups, permanent file, and flow rate files (Whittington Pany, 2004, pp. 151-158).Audit SamplingAs a big corporate set out rapidly auditors began to warning selected transactions, rather than study all transactions. Auditors and business managers step by step came to accept the proposition that careful examination of comparatively few selected transactions would give a cost-effective, reliable indicati on of the accuracy of other similar transactions (Whittington Pany, 2004, p. 8).As explained before, auditors need sufficient and competent evidence to support their conclusions, but because business grows involving high volume of economic events and transactions, they need to rely in sampling testing. Audit sampling can be statistical or no statistical, involves the selection of a sample from a group of items and the use of the sample characteristics presuming that the auditors can draw inferences about the entire population. (Whittington Pany, 2004, p. 309).From the previous sampling introduction, we have the sample risk that is the risk that the auditors conclusion based on a sample might be different if they examine the whole population. According to Whittington and Pany (2004) sampling risk is reduced by increasing the size of the sample (p. 309) or by auditing the whole population.Auditors use statistical and no statistical sampling to perform a random selection, which inv olve that every item in the population has an check chance of existence selected for inclusion in the sample. Different techniques are used such as random number tables, random number generators, imperious selection, haphazard selection, immobilise selection, and stratification (Whittington Pany, 2004, pp. 310-313).There is a sample risk for test of controls in which auditors face the risk of assessing control risk too high, which is related to efficiency, or too low based on the operate effectiveness of the control. The AICAP guide suggest the statistical sample sizes for tests of controls at 5 percent risk of assessing control risk too low, providing the following permissible deviation rate per assessed level of control risk for low 2 7%, for run 6 12 %, for slightly below the maximum 11 20%, and for maximum level of control risk they press to omit test (Whittington Pany, 2004, pp. 316-320).Besides sampling, auditors became aware of the importance of effective intern al auditing. Following section presents a discussion about internal auditing. informal AuditingThe internal auditing actual rapidly during the decade of 1930s generating the foundation of the Institute of Internal Auditors (IIA), which is an organization with local chapter in the main cities worldwide. The IIA defines internal force as followsAn independent, objective assurance and consulting activity designed to add value and improve an organizations operations. It helps an organization accomplish its objectives by bringing a systematic, develop approach to measure and improve the effectiveness of risk management, control, and governance process. (The Institute of Internal Auditors IIA, 2008)Internal auditors are an important part of the internal control environment of entities, representing the highest level of control that measure and evaluate the effectiveness of other controls. Additionally to the financial controls, the internal auditors scope includes the evaluation and t esting of control effectiveness, and other assurance and consulting services to the management.Some companies have focus on outsourcing the internal audit functions, which is also provided by CPA firms as an elongated audit service and according to the AICPA guiding. However, opposition to the participation of accounting firms exist under the aim of possible conflicts of interest having then as part of the internal control when they also audit the company.The IIA have issued the standards for the practice of internal auditing with the following purposeTo delineate prefatorial principles that represent the practice of internal auditing.Provide a framework for performing and promoting a broad range of value-added internal auditing.Establish the basis for the evaluation of internal audit performance.To treasure improved organisational processes and operations.The auditing standards of the IIA includes two parts, the first is the attribute standards that state basic requirements for the practice of internal auditing. According with this attribute, organizations should define in a formal document or internal audit charter, the purpose, authority, and responsibility of the internal audit, and the nature of assurance and consulting services that the internal auditors will provide. Additionally, the chapter should include recognition of the definition of internal auditing, the code of ethics, and the auditing standards (IIA, 2008).The standards also state the independence and objectivity causality for internal auditors during the performance of their work. The need of freedom from conditions, bias, and subordination of judgment, or conflict of interest that impairs their ability to perform objectively, is rigorously presented in the standards. Additionally, the competencies, knowledge, and skills that an auditor must possess are described as well as the due professional care requirement for the performance of the engagement as important elements of the IIA standa rds. Finally, the attribute standards set requirements for continuing professional development and quality assurance for the internal audit activity (IIA, 2008).The second part of the IIA standards covers theConcepts and Theories of AuditingConcepts and Theories of AuditingAuditing has been present for years in different stage of development following the evolution of accounting. Starting since the epoch when the records were approved after a public reading, to the era when governments officials were measured by their honesty. Followed by the times of the industrial revolution were the ownership of companies started separating from management when owners required more protection of their investments increasing the use of auditors, consequently to the times were an auditor was always searching for frauds or errors (Whittington Pany, 2004, p. 7) and then to ascertain the actual financial condition and earnings of an enterprise (Montgomery, 1913, p. 9).However, the acceptance of audit ing as an academic discipline is not old and just after the development of different concepts and techniques within the audit model such as the use of sampling, the study of the internal control environment, and the risk assessment, is when more focus to the theoretical and conceptual framework of auditing it is been devoted.Andrew Sayer (1992) discussed the concept of theories in social science from the perspective of theory as an ordering-framework (p. 50), indicating that theory allows the use of the observed data and their relationships to predict and explain empirical events. Additionally Cooper and Schindler (1998) define theory as a set of consistently interrelated concepts, definitions, and propositions that are advanced to explain and predict phenomena (facts) (p. 47). Another concept is expressed by Singleton and Straits (2005) explaining theory as a set of interconnected propositions (p. 19). The success in the explanations or predictions of any phenomena depends on the l evel that the theory holds and do not fails fitting in the situation, and the challenge is to perfect the process of matching theory and fact (Cooper and Schindler (1998).Different authors have started the development of the audit theory such as Mautz and Sharaf (1961) with their publication titled The Philosophy of Auditing also Tom Lee (1986) with his approach in the book Company Auditing, and later David Flint (1988) with his book Philosophy and principles of auditing (as cited in Moizer, 1989). The auditing analysis in this demonstration will be framed on the postulates proposed by David Flint (1988) as a foundation for the theory of auditing.Flint (1988) stated that there is a matter of public accountability demanding an independent audit for its demonstration with clear definition and intention, based on evidence that only skilled auditors gather, measure it, and compare it against the standards, which generates economic or social benefit (as cited in Moizer, 1989). Following are the seven postulates or assumptions stated by Flint (1988)There is a relationship of accountability or a situation of public accountability.Accountability cannot be demonstrated without an audit.An audit requires independence and freedom.The subject matter of audit is susceptible to verification by evidence.Auditors are skilled judges who are able to measure and compare actual performance against standards of accountability.The meaning, significance, and intention of statements to be audited must be clear.An audit produces an economic or social benefit.(Flink, 1989)Whenever an economic relationship exists one of the parties owe a duty of an acceptable accountability, consequently audits are voluntary, imposed for the health of the relationship. There are also audit related to the interest of the public in matters of the society institutions. As expressed by Whittington and Pany (2004) dependable information is essential to the very existence of our society (p. 1). They explained the social need for audit and professionals who can attest that the reported information is fair respect to the reality for purpose of allocating resources for the production of services and goods based on reliable financial information (p. 1).Normally the financial and economic aspects of the related subject matter are complex, not physically accessible, or have the level of significance that necessary demand an audit to accept the accountability. No all investors or stakeholders of an entity understand the complexity of the business and financial environment, or are near to the place were their resources are to oversee for accountability.The credibility of the information is important and the preferable form of obtaining credible information to rely on is by using independent auditors to perform an audit. That reduce the business risk that relates to the permanence and profits of the company, and the information risk that the financial information used to make a decision is mater ially misstated (Whittington Pany, 2004, p. 6). Therefore, if the audit must add credibility it must be performed independently and without bias or prejudice.Audit is subject to verification and that is possible only if sufficient evidential matter of the audit is gathered. Additionally, some standards of accountability and performance need to be in place to easy the auditors measurement. Therefore, the parties involved must agree on their acceptable standards. The auditing community has set some professional guidance as a form of general accepted practiced standards.For an audit to add value to the financial information, the purpose of the information should be clear, and the findings effectively communicated. The audit should be performed only when its benefits weigh more than the costs. As a consequence auditors should be aware of the cost of collecting evidence especially in situation were the risk is high.The practice of auditing auditors agree on an attest engagement in which they issue or does issue an examination, a review, or an agreed-upon procedures report on subject matter or an assertion about subject matter that is the responsibility of another party (e.g., management) (Whittington Pany, 2004, p. 2). In an examination of financial statement, referred to as an audit the standards may be the mostly Accepted Accounting Principles (GAAP), and the auditors collect sufficient evidence to attest about how fair is the information in the financial statement respect to the GAAP.However, here are three types of audits (a) audits of financial statements, (b) compliance audits, and (c) operational audits. Financial audits determine if the statements were prepared according with GAAP. Compliance audit verifies if the company had complies with law, regulations or polices and procedures. Finally, operational audits review the effectiveness and efficiency of particular unit of an organization (Whittington Pany, 2004, p. 11).Relative to the public accounting s tandards, the American Institute of Certified Public Accountants (AICPA) has developed the framework for the general accepted auditing standards (GAAS), which are the fundamentals principles of independent auditing in the U. S. The framework is divided in three major areas that are summarized as followGeneral standards. A professional possessing adequate technical training and proficiency, independent in mental attitude and free from bias and with professional care planning and performing diligently, perform the audit.Standards of field work. The audit should be adequate planned and the staff properly supervised. Auditor should acquire sufficient understanding of the internal control environment to be able to determine the weak areas, and gather sufficient competent evidence to support their conclusions.Standards of reporting. The final report should state if the statements are consistent with GAAP and if necessary indicate those circumstances departing from GAAP, include adequate i nformative disclosure, and includes the opinion of the auditors about the financial statements.Likewise, the AICPA has issued a series of auditing standards on auditing procedure, auditing and accounting guides, and auditing statements of position, to help auditor in the fulfillment of their responsibility of detecting misstatement (Whittington Pany, 2004, pp. 34-35).Auditing involve a serious processes that expose auditors to a different situations in which they need to exercise professional ethics. Those moral principles and values leading decisions and actions of the profession of auditing are provided by the AICPA in the Code of Professional Conduct, and by the Institute of Internal Auditors (IIA) Code of Ethics.Normally auditors are involved in a decision process of ethical dimension. CPAs decisions during performing their duties can affect thousands of investors and their resources therefore, they need to measure the implication of their decisions. Additionally, as Whittingto n and Pany (2004) indicated, what is considered unethical in a particular society is not specifically prohibited (p. 11), giving relevance and support to the need for the establishment of those principles and values in the accounting and auditing profession.The public accounting, as well as the rest of professions, has the following characteristics (a) their responsibility to serve the public with independence and due care with fairness and free from bias. (b) Involves a complex body of knowledge that includes different authoritative pronouncements of standards and principles governing the profession and the financial reports due to the need of technical competency. (c) Has establishes some standard of admission to the profession that each CPA is required to meet. In addition (d), need public confidence to be successful (Whittington Pany, 2004, pp. 61-62).The AICPA leads public accountants to recognize their responsibility to the public in general, to their clients, and to the prof ession. The section one of the code of conduct describes the organization and CPAs principles of responsibilities, public interest, integrity, objectivity and independence, due care, and scope and nature of services. The section two depicts the institutes rules that are compounded by the following independence, integrity and objectivity, general standards, compliance with standards, accounting principles, confidential client information, contingent fees, acts discreditable, advertising and other forms of solicitation, commissions and referral fees, and form of organization and name (Whittington Pany, 2004, pp. 63-83).Similarly, the IIA has their own code of ethics divided in three main sections, an introductory section, principles, and rules of conduct. Their principles apply to the profession and practice of the internal auditing, and include integrity, objectivity confidentiality, and competency. The IIA rules on conduct include integrity, objectivity, confidentiality, and compet ency (Whittington Pany, 2004, pp. 83-84). The IIA is the organization that provides the standards for the professional practice of internal auditing.As it can be deduced from the previous summaries, both institutes the IACPA and the IIA require high level of self-discipline and commitment to a honorable professional behavior, integrating similar principles of integrity, objectivity, and competence. Their rules differ in the fact that internal auditors perform internally public accountants attest on the financial statements to the company as outsiders performing professionally to honor the public trust.However, the concept of independence is common to both ramification of auditing because it refers to the ability to maintain and objective and impartial mental attitude (Whittington Pany, 2004, p. 66), and without of conflict of interest.After the previous review of the auditing theory and how CPAs support it with a professional framework that includes principles, ethical codes, and general accepted standards for the auditing practice, the following section depicts a discussion of audit procedures as well as an introduction of important concepts that are fundamental part of the theory of auditing and the auditing practice.The Audit ProceduresThe ultimate product after the performance of an audit is the issuance of a report indicating if the financial statements audited comply with GAAP. Sufficient evidence must support the audit report and such evidence is gathered and documented by exercising rigorous procedures that, among other important goals, help the auditors in assessing the risk of misstatement.According to Whittington and Pany (2004), audit procedures involve (a) the understanding of the client, the business, and industry to use it in assessing risks (b) the understanding of the internal control environment (c) the design and performance of controls testing to assess how effective the controls are in preventing or detecting material misstatements and ( d) the design and performance of substantive procedures that include analytical procedures, direct testing of transactions and ending balances (pp. 138-139).Because the internal control is the focus of interest for this demonstration, a separate section will discuss it.The substantive procedures include analytical procedures, the testing of transactions, and the testing of the ending balances on the statements. Analytical procedures consist of an analysis and evaluation of the information present in the financial statements, and a review of the relationship between financial and nonfinancial information. The assumption behind the analytical procedures is that the relationship and trend of the financial information is expected to follow the historical data and projections of the business and in contrary situation evidence must be obtained to support the reasonability of the changes (Whittington Pany, 2004, p. 141).Different techniques are use during the analytical procedures. From s imple verification of a number to complicated mathematical models, such the comparison of cumulative expenses and revenues with prior years to find significant differences, the use of multiple regression model to estimate revenues by using economic and industry data, and ratio analysis and its comparison with other businesses in the same industry (Whittington Pany, 2004 (p. 141).The testing procedures seek to prove the occurrence and correct recognition of transactions, and prove of existence and misstatements on what the ending balances represent. The substantive testing procedures are performed as an interim mode before year-end, and then after the business year-end. The level of risk established by the auditors during the overall business assessment guides the extent of the substantive audit procedures. The greater the risk of material misstatement the greater the needed extent of substantive procedures (Whittington Pany, 2004, p. 139), but always keeping under evaluation the c ost-benefit relation of increasing the procedures to perform.Among the most common test performed in an audit process, Whittington and Pany (2004) summarized the followingAccounting System Comparison-Agreeing amounts from different internal records.Documentary evidenceTracing-Establishing the completeness of transaction processing by following a transaction forward through the accounting records.Vouching-Establishing the existence or occurrence of recorded transactions by following a transaction back to supporting documents forms a subsequent processing step.Inspection-Reading or point-by-point review of a document or record (the terms examine, review, read, and scan are used to describe the inspection technique).Reconciliation-Establishing agreement between two sets of independently maintained but related records.Third-party representation Confirmation and evaluating a response from a debtor, creditor, or other party in reply to a request for information about a particular item aff ecting the financial statements.Physical evidencePhysical examination-viewing physical evidence of an asset.Observation-viewing a client activity.Computations Reperformance-repeating a client activity. This may include operations such as footing (providing the total of a vertical column of figures) cross footing (proving the total of a horizontal row of figures) and extending (re-computing by multiplication).Data interrelationships Analytical procedures-Evaluation of financial information made by a study of expected relationships among financial and nonfinancial data.Client representations Inquires-questions directed toward appropriate client personnel.According to Whittington and Pany (2004), auditors also collect evidence from some subjective areas such as the accounting estimates, the fair market value measurement and disclosures, and transactions with related parties (pp. 146-148).After the development of audit procedures auditors test for existence or occurrence to search for m isstatements and completeness searching for understatement, from transactions start to finish, and they test the accounting system from source documents to journals to ledgers. (Whittington Pany, 2004, p. 195). The audit program includes two main parts, the assessment of the effectiveness of the client internal controls, and substantive testing. Normally the system portion of an audit program is divided by cycle such as revenue, purchasing and payments, production, payroll, investing, and financing (Whittington Pany, 2004, p. 196).Audit RiskThe risk concept is use in different disciplines for different purposes. A simple definition of the concept is that risk is the level of exposure to the chance that some event happens. The event might be beneficial or prejudicial, or might have subsequent implications to other situations or process. Therefore, in business there is a risk of losing money, a risk of fraud, and a risk of misstatement the financial information. As consequence, busi ness and individuals manage risk and the level of exposure to specific risk according to their judgment.The audit process involves the management of risk in different areas with the goal to reduce it to the minimum level possible. Whittington and Pany (2004) introduced some of the risks concepts such asbusiness risk, the risk associated with a companys survival and profitability (p. 6).Information risk, the risk that the information used to assess business risk is not accurate (p. 6).Audit risk, the risk that the auditors may unknowingly fail to appropriately modify the opinion on financial statements that are materially misstated (p. 35).Inherent risk, the possibility of a material misstatement of an assertion before considering the clients internal control (p.128).Control risk, the risk that a material misstatement will not be prevented or detected on a timely basis by the clients internal control (p. 129)Detection risk, the risk that the auditors will fail to detect the misstatem ent with their audit procedures (p. 129).Within the audit risk, auditors assess the risk level of occurrence of the different form of misstatement of financial statement, such as errors, fraud, and illegal acts. In measuring audit risk auditors use the following modelAR = IR x CR x DRWhere AR = Audit risk, IR = Inherent risk, CR = Control risk, and DR = Detection risk. (Whittington Pany, 2004, p. 130)Additionally, because the auditors are expose to some legal responsibility and are subject to be sued by any clients stakeholder, they have to take in consideration the reputation of the management, financial strength, and other financial rating to assess the overall risk or engagement risk of the association with that particular business (Whittington Pany, 2004, p. 174).The process of planning the audit involves the understanding of the client and its environment, an overall audit strategy, and the risk assessment of financial statements material misstatement. Therefore, auditors see k to understand the nature of the client and accounting polices, the industry, regulations and external factors affecting the client, the clients objectives, strategies, and related business risk, how the client measure and review performance, and the internal control environment. (Whittington Pany, 2004, pp. 179-180).Consequently, auditors use different sources to obtain the client overall understanding. That includes electronic research tools, visit to different plant or location of the client, and some analytical procedures. (Whittington Pany, 2004, pp. 181-183).A Companys internal control consists of the policies and procedures established to provide reasonable assurance that the objectives of the company will be achieved including the clients internal control, they could identify areas of strength as well as of weakness.The stronger the internal control, the less testing of financial statement account balances required by the auditors. For any significant account or any phase of financial operation in which controls were weak, the auditors expanded the nature and extent of their tests of the account balance.With the increased reliance on sampling and internal control, professional standards began to emphasize limitations on auditors ability to detect fraud. The profession recognized that audits designed to discover fraud would be too costly. Good internal control and surety bonds were recognized as better fraud protection techniques than audits. (Whittington Pany, 2004, p. 8)The assessment of inherent risk involves considering the likelihood that material misstatement in financial statement will result, and each risk related to the management assertions. At this stage, auditors identify what it is not correct or the significant risk by area and based on that assessment they adjust their approach, modifying the nature, timing, and extent of the audit procedures (Whittington Pany, 2004, pp. 188-189).Audit EvidenceEvidence is all data and information gat hered by the auditors to support auditors conclusions. The importance of the evidence is that audit risk is reduced by gathering audit evidence (Whittington Pany, 2004, p. 127) and when the risk is high more evidence is necessary as well as the increasing the coverage of audit procedures. According to Whittington and Pany (2004), evidence need to be collected for each financial statement assertion sufficiently to support their opinion. As issued in the Statement of Auditing Standard (SAS) 31 about evidential matter, the financial statement assertions are the followingExistence or occurrence-assets, liabilities, and owners equity reflected in the financial statements exist the recorded transactions have occurred.Completeness-all transactions, assets, liabilities, and owners equity that should be presented in the financial statements are included.Rights and obligations-the client has rights to assets and obligation to pay liabilities that are included in the financial statements.Valu ation or allocation-assets, liabilities, owners equity, revenues, and expenses are presented at amounts that are determined in accordance with generally accepted accounting principles.Presentation and disclosure-accounts are described and classified in the financial statements in accordance with generally accepted accounting principles, and all material disclosures are provides.(Whittington Pany, 2004, p. 174)The above assertions are the base for the risk assessment performed by auditors, and to determine misstatements possible to occur and consequently decide the audit procedure to exercise.Guidelines are included in the SAS 31 regarding what sufficient competent evidence is, which relates to the quantity of evidence auditors should collect. The competence of the evidence is determined by the combined condition of relevant and valid. That means that it most related to the assertion, and that it is dependent on the circumstance in which it is obtained. The reliability or validity o f the evidence increase when is received from independent sources, when is produced by an effective internal control, gathered directly by the auditor, is documented, obtained from original documents, and when is received from more than one source (Whittington Pany, 2004, p. 132).Different types of audit evidence is obtained by the auditors such as accounting information system, internal and external documentary evidence, third-party representations such as confirmations, reports, and lawyers letters physical evidence such as fixed assets and inventory, computations re-performance, data interrelationships of financial and nonfinancial information, and client representations oral and in writing (Whittington Pany, 2004, pp. 131-137).An important supporting evidence of the audit report and conclusions is the audit documentation, which is required by the SAS 96 for the auditors understanding and review of the audit work, the nature of audit work performed, and to show the agreement be tween the records and the financial statements. The working papers have some important functions (a) are the best way to assign and coordinate the auditing work, (b) help audit managers and partners in the supervision and reviewing or the work of assistants, (c) support the audit reports, (d) documents the auditors compliance with GAAS, and (d) assist in the conduction of future audit to the client (Whittington Pany, 2004, pp. 148-150).The working papers are confidential and unrestricted documentation owned by the auditors, principally because they represent the major factor to use in case of negligence charges. Part of the working paper are the administrative working papers, the working trial balance, separate schedules, adjusting journal entries and supporting schedules, and analysis of ledgers accounts such as a reconciliation, computational working paper, corroborating documents. They are filed in two major groups, permanent file, and current files (Whittington Pany, 2004, pp. 151-158).Audit SamplingAs a large-scale corporate grow rapidly auditors began to sample selected transactions, rather than study all transactions. Auditors and business managers gradually came to accept the proposition that careful examination of relatively few selected transactions would give a cost-effective, reliable indication of the accuracy of other similar transactions (Whittington Pany, 2004, p. 8).As explained before, auditors need sufficient and competent evidence to support their conclusions, but because business grows involving high volume of economic events and transactions, they need to rely in sampling testing. Audit sampling can be statistical or no statistical, involves the selection of a sample from a group of items and the use of the sample characteristics presuming that the auditors can draw inferences about the whole population. (Whittington Pany, 2004, p. 309).From the previous sampling introduction, we have the sample risk that is the risk that the auditors conclusion based on a sample might be different if they examine the whole population. According to Whittington and Pany (2004) sampling risk is reduced by increasing the size of the sample (p. 309) or by auditing the whole population.Auditors use statistical and no statistical sampling to perform a random selection, which involve that every item in the population has an equal chance of being selected for inclusion in the sample. Different techniques are used such as random number tables, random number generators, systematic selection, haphazard selection, block selection, and stratification (Whittington Pany, 2004, pp. 310-313).There is a sample risk for test of controls in which auditors face the risk of assessing control risk too high, which is related to efficiency, or too low based on the operating effectiveness of the control. The AICAP guide suggest the statistical sample sizes for tests of controls at 5 percent risk of assessing control risk too low, providing the following tolerable deviation rate per assessed level of control risk for low 2 7%, for moderate 6 12 %, for slightly below the maximum 11 20%, and for maximum level of control risk they recommend to omit test (Whittington Pany, 2004, pp. 316-320).Besides sampling, auditors became aware of the importance of effective internal auditing. Following section presents a discussion about internal auditing.Internal AuditingThe internal auditing developed rapidly during the decade of 1930s generating the foundation of the Institute of Internal Auditors (IIA), which is an organization with local chapter in the main cities worldwide. The IIA defines internal adducting as followsAn independent, objective assurance and consulting activity designed to add value and improve an organizations operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance process. (The Insti tute of Internal Auditors IIA, 2008)Internal auditors are an important part of the internal control environment of entities, representing the highest level of control that measure and evaluate the effectiveness of other controls. Additionally to the financial controls, the internal auditors scope includes the evaluation and testing of control effectiveness, and other assurance and consulting services to the management.Some companies have focus on outsourcing the internal audit functions, which is also provided by CPA firms as an extended audit service and according to the AICPA guiding. However, opposition to the participation of accounting firms exist under the argument of possible conflicts of interest having then as part of the internal control when they also audit the company.The IIA have issued the standards for the practice of internal auditing with the following purposeTo delineate basic principles that represent the practice of internal auditing.Provide a framework for perfo rming and promoting a broad range of value-added internal auditing.Establish the basis for the evaluation of internal audit performance.To foster improved organizational processes and operations.The auditing standards of the IIA includes two parts, the first is the attribute standards that state basic requirements for the practice of internal auditing. According with this attribute, organizations should define in a formal document or internal audit charter, the purpose, authority, and responsibility of the internal audit, and the nature of assurance and consulting services that the internal auditors will provide. Additionally, the chapter should include recognition of the definition of internal auditing, the code of ethics, and the auditing standards (IIA, 2008).The standards also state the independence and objectivity condition for internal auditors during the performance of their work. The need of freedom from conditions, bias, and subordination of judgment, or conflict of interes t that impairs their ability to perform objectively, is rigorously presented in the standards. Additionally, the competencies, knowledge, and skills that an auditor must possess are described as well as the due professional care requirement for the performance of the engagement as important elements of the IIA standards. Finally, the attribute standards set requirements for continuing professional development and quality assurance for the internal audit activity (IIA, 2008).The second part of the IIA standards covers the