审计学：一种整合方法 (8)

竭诚为您提供优质的服务，优质的文档，谢谢阅读/双击去除审计人员必读书籍推荐审计工作的励志书籍|大学生必读的励志书籍审计是指由专设机关依照法律对国家各级政府及金融机构、企业事业组织的重大项目和财务收支进行事前和事后的审查的独立性经济监督活动。

有什么适合审计人员的励志书籍?以下是小编为你推荐的审计人员必读书籍，希望能帮到你。

审计人员必读书籍推荐一：《告密者》辛西娅·库珀作为欺诈案的见证者，她为读者提供了世通公司兴衰骤然的不寻常的视角。

世通曾是电信巨头，华尔街的宠儿，拥有令密西西比骄傲的灰姑娘般的成功传奇。

库珀以极大的坦率诚恳态度，阐述了她是如何进行斗争，以克服这些困难和挑战，以及如何通过与后来者一起分享其中的经验和教训，从而使自己恢复如常。

本书告诉我们：道德抉择并非形成于重大事件发生的十字路口，而是始于一个人的童年，恰如“点滴汇成大海”。

辛西娅·库珀，美国世通公司前内审部副总裁，她因为发现并报告了发生在公司最高层的巨大欺骗行为而被大家广为熟知。

辛西娅·库珀因此被授予时代杂志年度人物之一。

审计人员必读书籍推荐二：索耶内部审计劳伦斯·索耶劳伦斯·b·索耶是一位律师、作家、会计师和内部审计师。

他曾在美国审计总署担任内部审计总监，而且是内部审计师协会的活跃分子。

40多年审计经历，使他掌握了大量的第一手资料。

出版过数本学术专著，其中包括《现代内部审计实务》(1973年)、《现代内部审计》(1974年)、《管理和现代内部审计》和《内部审计手册》。

他还举办过各种学术讲座和研讨会，参加过录象教学。

在当代审计不空中，索耶在发展内部审计方面，占有重要地位。

他的处女作、也是成名之作《现代内部审计实务》一方面继承了前人的优秀成果，同时又将自己的丰富经验与现代管理科学融为一体，从一种崭新的角度，对各种内部审计实践问题进行了系统的、孜孜不倦的研究。

索耶称得上是当代世界第一流的内部审计权威人士，现代内部审计的重要奠基人。

审计学：⼀种整合⽅法阿伦斯英⽂版第12版课后答案Chapter15SolutionsManualChapter 15Audit Sampling for Tests of Controls andSubstantive Tests of TransactionsReview Questions15-1 A representative sample is one in which the characteristics of interest for the sample are approximately the same as for the population (that is, the sample accurately represents the total population). If the population contains significant misstatements, but the sample is practically free of misstatements, the sample is nonrepresentative, which is likely to result in an improper audit decision. The auditor can never know for sure whether he or she has a representative sample because the entire population is ordinarily not tested, but certain things, such as the use of random selection, can increase the likelihood of a representative sample.15-2Statistical sampling is the use of mathematical measurement techniques to calculate formal statistical results. The auditor therefore quantifies sampling risk when statistical sampling is used. In nonstatistical sampling, the auditor does not quantify sampling risk. Instead, conclusions are reached about populations on a more judgmental basis.For both statistical and nonstatistical methods, the three main parts are:1. Plan the sample2. Select the sample and perform the tests3. Evaluate the results15-3In replacement sampling, an element in the population can be included in the sample more than once if the random number corresponding to that element is selected more than once. In nonreplacement sampling, an element can be included only once. If the random number corresponding to an element is selected more than once, it is simply treated as a discard the second time. Although both selection approaches are consistent with sound statistical theory, auditors rarely use replacement sampling; it seems more intuitively satisfying to auditors to include an item only once.15-4 A simple random sample is one in which every possible combination of elements in the population has an equal chance of selection. Two methods of simple random selection are use of a random number table, and use of the computer to generate random numbers. Auditors most often use the computer to generate random numbers because it saves time, reduces the likelihood of error, and provides automatic documentation of the sample selected.15-5In systematic sampling, the auditor calculates an interval and then methodically selects the items for the sample based on the size of the interval. The interval is set by dividing the population size by the number of sample items desired.To select 35 numbers from a population of 1,750, the auditor divides 35 into 1,750 and gets an interval of 50. He or she then selects a random number between 0 and 49. Assume the auditor chooses 17. The first item is the number 17. The next is 67, then 117, 167, and so on.The advantage of systematic sampling is its ease of use. In most populations a systematic sample can be drawn quickly, the approach automatically puts the numbers in sequential order and documentation is easy.A major problem with the use of systematic sampling is the possibility of bias. Because of the way systematic samples are selected, once the first item in the sample is selected, other items are chosen automatically. This causes no problems if the characteristics of interest, such as control deviations, are distributed randomly throughout the population; however, in many cases they are not. If all items of a certain type are processed at certain times of the month or with the use of certain document numbers, a systematically drawn sample has a higher likelihood of failing to obtain a representative sample. This shortcoming is sufficiently serious that some CPA firms prohibit the use of systematic sampling. 15-6The purpose of using nonstatistical sampling for tests of controls and substantive tests of transactions is to estimate the proportion of items in a population containing a characteristic or attribute of interest. The auditor is ordinarily interested in determining internal control deviations or monetary misstatements for tests of controls and substantive tests of transactions.15-7 A block sample is the selection of several items in sequence. Once the first item in the block is selected, the remainder of the block is chosen automatically. Thus, to select 5 blocks of 20 sales invoices, one would select one invoice and the block would be that invoice plus the next 19 entries. This procedure would be repeated 4 other times.15-8 The terms below are defined as follows:15-8 (continued)15-9The sampling unit is the population item from which the auditor selects sample items. The major consideration in defining the sampling unit is making it consistent with the objectives of the audit tests. Thus, the definition of the population and the planned audit procedures usually dictate the appropriate sampling unit.The sampling unit for verifying the occurrence of recorded sales would be the entries in the sales journal since this is the document the auditor wishes to validate. The sampling unit for testing the possibility of omitted sales is the shipping document from which sales are recorded because the failure to bill a shipment is the exception condition of interest to the auditor.15-10 The tolerable exception rate (TER) represents the exception rate that the auditor will permit in the population and still be willing to use the assessed control risk and/or the amount of monetary misstatements in the transactions established during planning. TER is determined by choice of the auditor on the basis of his or her professional judgment.The computed upper exception rate (CUER) is the highest estimated exception rate in the population, at a given ARACR. For nonstatistical sampling, CUER is determined by adding an estimate of sampling error to the SER (sample exception rate). For statistical sampling, CUER is determined by using a statistical sampling table after the auditor has completed the audit testing and therefore knows the number of exceptions in the sample.15-11 Sampling error is an inherent part of sampling that results from testing less than the entire population. Sampling error simply means that the sample is not perfectly representative of the entire population.Nonsampling error occurs when audit tests do not uncover errors that exist in the sample. Nonsampling error can result from:1. The auditor's failure to recognize exceptions, or2. Inappropriate or ineffective audit procedures.There are two ways to reduce sampling risk:1. Increase sample size.2. Use an appropriate method of selecting sample items from thepopulation.Careful design of audit procedures and proper supervision and review are ways to reduce nonsampling risk.15-12 An attribute is the definition of the characteristic being tested and the exception conditions whenever audit sampling is used. The attributes of interest are determined directly from the audit program.15-13 An attribute is the characteristic being tested for in a population. An exception occurs when the attribute being tested for is absent. The exception for the audit procedure, the duplicate sales invoice has been initialed indicating the performance of internal verification, is the lack of initials on duplicate sales invoices.15-14 Tolerable exception rate is the result of an auditor's judgment. The suitable TER is a question of materiality and is therefore affected by both the definition and the importance of the attribute in the audit plan.The sample size for a TER of 6% would be smaller than that for a TER of 3%, all other factors being equal.15-15 The appropriate ARACR is a decision the auditor must make using professional judgment. The degree to which the auditor wishes to reduce assessed control risk below the maximum is the major factor determining the auditor's ARACR.The auditor will choose a smaller sample size for an ARACR of 10% than would be used if the risk were 5%, all other factors being equal.15-16 The relationship between sample size and the four factors determining sample size are as follows:a. As the ARACR increases, the required sample size decreases.b. As the population size increases, the required sample size isnormally unchanged, or may increase slightly.c. As the TER increases, the sample size decreases.d. As the EPER increases, the required sample size increases.15-17 In this situation, the SER is 3%, the sample size is 100 and the ARACR is 5%. From the 5% ARACR table (Table 15-9) then, the CUER is 7.6%. This means that the auditor can state with a 5% risk of being wrong that the true population exception rate does not exceed 7.6%.15-18 Analysis of exceptions is the investigation of individual exceptions to determine the cause of the breakdown in internal control. Such analysis is important because by discovering the nature and causes of individual exceptions, the auditor can more effectively evaluate the effectiveness of internal control. The analysis attempts to tell the "why" and "how" of the exceptions after the auditor already knows how many and what types of exceptions have occurred.15-19 When the CUER exceeds the TER, the auditor may do one or more of the following:1. Revise the TER or the ARACR. This alternative should be followed onlywhen the auditor has concluded that the original specifications weretoo conservative, and when he or she is willing to accept the riskassociated with the higher specifications.2. Expand the sample size. This alternative should be followed whenthe auditor expects the additional benefits to exceed the additionalcosts, that is, the auditor believes that the sample tested was notrepresentative of the population.3. Revise assessed control risk upward. This is likely to increasesubstantive procedures. Revising assessed control risk may bedone if 1 or 2 is not practical and additional substantive proceduresare possible.4. Write a letter to management. This action should be done inconjunction with each of the three alternatives above. Managementshould always be informed when its internal controls are notoperating effectively. If a deficiency in internal control is consideredto be a significant deficiency in the design or operation of internalcontrol, professional standards require the auditor to communicatethe significant deficiency to the audit committee or its equivalent inwriting. If the client is a publicly traded company, the auditor mustevaluate the deficiency to determine the impact on the auditor’sreport on internal control over financial reporting. If the deficiency isdeemed to be a material weakness, the auditor’s report on internalcontrol would contain an adverse opinion.15-20 Random (probabilistic) selection is a part of statistical sampling, but it is not, by itself, statistical measurement. To have statistical measurement, it is necessary to mathematically generalize from the sample to the population.Probabilistic selection must be used if the sample is to be evaluated statistically, although it is also acceptable to use probabilistic selection with a nonstatistical evaluation. If nonprobabilistic selection is used, nonstatistical evaluation must be used.15-21 The decisions the auditor must make in using attributes sampling are: What are the objectives of the audit test? Does audit sampling apply?What attributes are to be tested and what exception conditions are identified?What is the population?What is the sampling unit?What should the TER be?What should the ARACR be?What is the EPER?What generalizations can be made from the sample to thepopulation?What are the causes of the individual exceptions?Is the population acceptable?15-21 (continued)In making the above decisions, the following should be considered: The individual situation.Time and budget constraints.The availability of additional substantive procedures.The professional judgment of the auditor.Multiple Choice Questions From CPA Examinations15-22 a. (1) b. (3) c. (2) d. (4)15-23 a. (1) b. (3) c. (4) d. (4)15-24 a. (4) b. (3) c. (1) d. (2)Discussion Questions and Problems15-25a.An example random sampling plan prepared in Excel (P1525.xls) is available on the Companion Website and on the Instructor’s Resource CD-ROM, which is available upon request. The command for selecting the random number can be entered directly onto the spreadsheet, or can be selected from the function menu (math & trig) functions. It may be necessary to add the analysis tool pack to access the RANDBETWEEN function. Once the formula is entered, it can be copied down to select additional random numbers. When a pair of random numbers is required, the formula for the first random number can be entered in the first column, and the formula for the second random number can be entered in the second column.a. First five numbers using systematic selection:Using systematic selection, the definition of the sampling unit for determining the selection interval for population 3 is the total number of lines in the population. The length of the interval is rounded down to ensure that all line numbers selected are within the defined population.15-26a. To test whether shipments have been billed, a sample of warehouse removal slips should be selected and examined to see ifthey have the proper sales invoice attached. The sampling unit willtherefore be the warehouse removal slip.b. Attributes sampling method: Assuming the auditor is willing to accept a TER of 3% at a 10% ARACR, expecting no exceptions in the sample, the appropriate sample size would be 76, determined from Table 15-8.Nonstatistical sampling method: There is no one right answer to this question because the sample size is determined using professional judgment. Due to the relatively small TER (3%), the sample size should not be small. It will most likely be similar in size to the sample chosen by the statistical method.c. Systematic sample selection:22839 = Population size of warehouse removal slips(37521-14682).76 = Sample size using statistical sampling (students’answers will vary if nonstatistical sampling wasused in part b.300 = Interval (22839/76) if statistical sampling is used (students’ answers will vary if nonstatisticalsampling was used in part b).14825 = Random starting point.Select warehouse removal slip 14825 and every 300th warehouse removal slip after (15125, 15425, etc.)Computer generation of random numbers using Excel (P1526.xls): =RANDBETWEEN(14682,37521)The command for selecting the random number can be entered directly onto the spreadsheet, or can be selected from the function menu (math & trig) functions. It may be necessary to add the analysis tool pack to access the RANDBETWEEN function. Once the formula is entered, it can be copied down to select additional random numbers.d. Other audit procedures that could be performed are:1. Test extensions on attached sales invoices for clerical accuracy. (Accuracy)2. Test time delay between warehouse removal slip date and billing date for timeliness of billing. (Timing)3. Trace entries into perpetual inventory records to determinethat inventory is properly relieved for shipments. (Postingand summarization)15-26 (continued)e. The test performed in part c cannot be used to test for occurrenceof sales because the auditor already knows that inventory wasshipped for these sales. To test for occurrence of sales, the salesinvoice entry in the sales journal is the sampling unit. Since thesales invoice numbers are not identical to the warehouse removalslips it would be improper to use the same sample.15-27a. It would be appropriate to use attributes sampling for all audit procedures except audit procedure 1. Procedure 1 is an analyticalprocedure for which the auditor is doing a 100% review of the entirecash receipts journal.b. The appropriate sampling unit for audit procedures 2-5 is a line item,or the date the prelisting of cash receipts is prepared. The primaryemphasis in the test is the completeness objective and auditprocedure 2 indicates there is a prelisting of cash receipts. All otherprocedures can be performed efficiently and effectively by using theprelisting.c. The attributes for testing are as follows:d. The sample sizes for each attribute are as follows:15-28a. Because the sample sizes under nonstatistical sampling are determined using auditor judgment, students’ answers to thisquestion will vary. They will most likely be similar to the samplesizes chosen using attributes sampling in part b. The importantpoint to remember is that the sample sizes chosen should reflectthe changes in the four factors (ARACR, TER, EPER, andpopulation size). The sample sizes should have fairly predictablerelationships, given the changes in the four factors. The followingreflects some of the relationships that should exist in student’ssample size decisions:SAMPLE SIZE EXPLANATION1. 90 Given2. > Column 1 Decrease in ARACR3. > Column 2 Decrease in TER4. > Column 1 Decrease in ARACR (column 4 is thesame as column 2, with a smallerpopulation size)5. < Column 1 Increase in TER-EPER6. < Column 5 Decrease in EPER7. > Columns 3 & 4 Decrease in TER-EPERb. Using the attributes sampling table in Table 15-8, the sample sizesfor columns 1-7 are:1. 882. 1273. 1814. 1275. 256. 187. 149c.d. The difference in the sample size for columns 3 and 6 result from the larger ARACR and larger TER in column 6. The extremely large TER is the major factor causing the difference.e. The greatest effect on the sample size is the difference between TER and EPER. For columns 3 and 7, the differences between the TER and EPER were 3% and 2% respectively. Those two also had the highest sample size. Where the difference between TER and EPER was great, such as columns 5 and 6, the required sample size was extremely small.Population size had a relatively small effect on sample size.The difference in population size in columns 2 and 4 was 99,000 items, but the increase in sample size for the larger population was marginal (actually the sample sizes were the same using the attributes sampling table).f. The sample size is referred to as the initial sample size because it is based on an estimate of the SER. The actual sample must be evaluated before it is possible to know whether the sample is sufficiently large to achieve the objectives of the test.15-29 a.* Students’ answers as to whether the allowance for sampling error risk is sufficient will vary, depending on their judgment. However, they should recognize the effect that lower sample sizes have on the allowance for sampling risk in situations 3, 5 and 8.b. Using the attributes sampling table in Table 15-9, the CUERs forcolumns 1-8 are:1. 4.0%2. 4.6%3. 9.2%4. 4.6%5. 6.2%6. 16.4%7. 3.0%8. 11.3%c.d. The factor that appears to have the greatest effect is the number ofexceptions found in the sample compared to sample size. For example, in columns 5 and 6, the increase from 2% to 10% SER dramatically increased the CUER. Population size appears to have the least effect. For example, in columns 2 and 4, the CUER was the same using the attributes sampling table even though the population in column 4 was 10 times larger.e. The CUER represents the results of the actual sample whereas theTER represents what the auditor will allow. They must be compared to determine whether or not the population is acceptable.15-30a. and b. The sample sizes and CUERs are shown in the following table:a. The auditor selected a sample size smaller than that determinedfrom the tables in populations 1 and 3. The effect of selecting asmaller sample size than the initial sample size required from thetable is the increased likelihood of having the CUER exceed theTER. If a larger sample size is selected, the result may be a samplesize larger than needed to satisfy TER. That results in excess auditcost. Ultimately, however, the comparison of CUER to TERdetermines whether the sample size was too large or too small.b. The SER and CUER are shown in columns 4 and 5 in thepreceding table.c. The population results are unacceptable for populations 1, 4, and 6.In each of those cases, the CUER exceeds TER.The auditor's options are to change TER or ARACR, increase the sample size, or perform other substantive tests to determine whether there are actually material misstatements in thepopulation. An increase in sample size may be worthwhile inpopulation 1 because the CUER exceeds TER by only a smallamount. Increasing sample size would not likely result in improvedresults for either population 4 or 6 because the CUER exceedsTER by a large amount.d. Analysis of exceptions is necessary even when the population isacceptable because the auditor wants to determine the nature andcause of all exceptions. If, for example, the auditor determines thata misstatement was intentional, additional action would be requiredeven if the CUER were less than TER.15-30 (Continued)e.15-31 a. The actual allowance for sampling risk is shown in the following table:b. The CUER is higher for attribute 1 than attribute 2 because the sample sizeis smaller for attribute 1, resulting in a larger allowance for sampling risk.c. The CUER is higher for attribute 3 than attribute 1 because the auditorselected a lower ARACR. This resulted in a larger allowance for sampling risk to achieve the lower ARACR.d. If the auditor increases the sample size for attribute 4 by 50 items and findsno additional exceptions, the CUER is 5.1% (sample size of 150 and three exceptions). If the auditor finds one exception in the additional items, the CUER is 6.0% (sample size of 150, four exceptions). With a TER of 6%, the sample results will be acceptable if one or no exceptions are found in the additional 50 items. This would require a lower SER in the additional sample than the SER in the original sample of 3.0 percent. Whether a lower rate of exception is likely in the additional sample depends on the rate of exception the auditor expected in designing the sample, and whether the auditor believe the original sample to be representative.15-32a. The following shows which are exceptions and why:b. It is inappropriate to set a single acceptable tolerable exception rate and estimated population exception rate for the combined exceptions because each attribute has a different significance tothe auditor and should be considered separately in analyzing the results of the test.c. The CUER assuming a 5% ARACR for each attribute and a sample size of 150 is as follows:15-32 (continued)d.*Students’ answers will most likely vary for this attribute.e. For each exception, the auditor should check with the controller todetermine an explanation for the cause. In addition, the appropriateanalysis for each type of exception is as follows:15-33a. Attributes sampling approach: The test of control attribute had a 6% SER and a CUER of 12.9%. The substantive test of transactionsattribute has SER of 0% and a CUER of 4.6%.Nonstatistical sampling approach: As in the attributes samplingapproach, the SERs for the test of control and the substantive testof transactions are 6% and 0%, respectively. Students’ estimates ofthe CUERs for the two tests will vary, but will probably be similar tothe CUERs calculated under the attributes sampling approach.b. Attributes sampling approach: TER is 5%. CUERs are 12.9% and4.6%. Therefore, only the substantive test of transactions resultsare satisfactory.Nonstatistical sampling approach: Because the SER for the test ofcontrol is greater than the TER of 5%, the results are clearly notacceptable. Students’ estimates for CUER for the test of controlshould be greater than the SER of 6%. For the substantive test oftransactions, the SER is 0%. It is unlikely that students will estimateCUER for this test greater than 5%, so the results are acceptablefor the substantive test of transactions.c. If the CUER exceeds the TER, the auditor may:1. Revise the TER if he or she thinks the original specificationswere too conservative.2. Expand the sample size if cost permits.3. Alter the substantive procedures if possible.4. Write a letter to management in conjunction with each of theabove to inform management of a deficiency in their internalcontrols. If the client is a publicly traded company, theauditor must evaluate the deficiency to determine the impacton the auditor’s report on internal control over financialreporting. If the deficiency is deemed to be a materialweakness, the auditor’s report on internal control wouldcontain an adverse opinion.In this case, the auditor has evidence that the test of control procedures are not effective, but no exceptions in the sample resulted because of the breakdown. An expansion of the attributestest does not seem advisable and therefore, the auditor shouldprobably expand confirmation of accounts receivable tests. Inaddition, he or she should write a letter to management to informthem of the control breakdown.d. Although misstatements are more likely when controls are noteffective, control deviations do not necessarily result in actualmisstatements. These control deviations involved a lack ofindication of internal verification of pricing, extensions and footingsof invoices. The deviations will not result in actual errors if pricing,extensions and footings were initially correctly calculated, or if theindividual responsible for internal verification performed theprocedure but did not document that it was performed.e. In this case, we want to find out why some invoices are notinternally verified. Possible reasons are incompetence,carelessness, regular clerk on vacation, etc. It is desirable to isolatethe exceptions to certain clerks, time periods or types of invoices.Case15-34a. Audit sampling could be conveniently used for procedures 3 and 4 since each is to be performed on a sample of the population.b. The most appropriate sampling unit for conducting most of the auditsampling tests is the shipping document because most of the testsare related to procedure 4. Following the instructions of the auditprogram, however, the auditor would use sales journal entries asthe sampling unit for step 3 and shipping document numbers forstep 4. Using shipping document numbers, rather than thedocuments themselves, allows the auditor to test the numericalcontrol over shipping documents, as well as to test for unrecordedsales. The selection of numbers will lead to a sample of actualshipping documents upon which tests will be performed.。

Chapter 1The Demand for Audit and Other Assurance Services Review Questions1-1The relationship among audit services, attestation services, and assurance services is reflected in Figure 1-3 on page 13 of the text. An assurance service is an independent professional service to improve the quality of information for decision makers. An attestation service is a form of assurance service in which the CPA firm issues a report about the reliability of an assertion that is the responsibility of another party. Audit services are a form of attestation service in which the auditor expresses a written conclusion about the degree of correspondence between information and established criteria.The most common form of audit service is an audit of historical financial statements, in which the auditor expresses a conclusion as to whether the financial statements are presented in conformity with generally accepted accounting principles. An example of an attestation service is a report on the effe ctiveness of an entity’s internal control over financial reporting. There are many possible forms of assurance services, including services related to business performance measurement, health care performance, and information system reliability.1-2 An independent audit is a means of satisfying the need for reliable information on the part of decision makers. Factors of a complex society which contribute to this need are:1.Remoteness of informationa.Owners (stockholders) divorced from managementb.Directors not involved in day-to-day operations ordecisionsc.Dispersion of the business among numerous geographiclocations and complex corporate structures2.Biases and motives of providerrmation will be biased in favor of the providerwhen his or her goals are inconsistent with thedecision maker's goals.3.Voluminous dataa.Possibly millions of transactions processed daily viasophisticated computerized systemsb.Multiple product linesc.Multiple transaction locationsplex exchange transactionsa.New and changing business relationships lead toinnovative accounting and reporting problemsb.Potential impact of transactions not quantifiable,leading to increased disclosures1-3 1. Risk-free interest rate This is approximately the rate the bank could earn by investing in U.S. treasury notes for thesame length of time as the business loan.2.Business risk for the customer This risk reflects thepossibility that the business will not be able to repay itsloan because of economic or business conditions such as arecession, poor management decisions, or unexpectedcompetition in the industry.rmation risk This risk reflects the possibility thatthe information upon which the business risk decision wasmade was inaccurate. A likely cause of the information riskis the possibility of inaccurate financial statements.Auditing has no effect on either the risk-free interest rate or business risk. However, auditing can significantly reduce information risk.1-4The four primary causes of information risk are remoteness of information, biases and motives of the provider, voluminous data, and the existence of complex exchange transactions.The three main ways to reduce information risk are:er verifies the information.er shares the information risk with management.3.Audited financial statements are provided.The advantages and disadvantages of each are as follows:1-5 To do an audit, there must be information in a verifiable form and some standards (criteria) by which the auditor can evaluate the information. Examples of established criteria include generally accepted accounting principles and the Internal Revenue Code. Determining the degree of correspondence between information and established criteria is determining whether a given set of information is in accordance with the established criteria. The information for Jones Company's tax return is the federal tax returns filed by the company. The established criteria are found in the Internal Revenue Code and all interpretations. For the audit of Jones Company's financial statements the information is the financial statements being audited and the established criteria are generally accepted accounting principles.1-6The primary evidence the internal revenue agent will use in the audit of the Jones Company's tax return include all available documentation and other information available in Jones' office or from other sources. For example, when the internal revenue agent audits taxable income, a major source of information will be bank statements, the cash receipts journal and deposit slips. The internal revenue agent is likely to emphasize unrecorded receipts and revenues. For expenses, major sources of evidence are likely to be cancelled checks, vendors' invoices and other supporting documentation.1-7This apparent paradox arises from the distinction between the function of auditing and the function of accounting. The accounting function is the recording, classifying and summarizing of economic events to provide relevant information to decision makers. The rules of accounting are the criteria used by the auditor for evaluating the presentation of economic events for financial statements and he or she must therefore have an understanding of generally accepted accounting principles (GAAP), as well as auditing standards. The accountant need not, and frequently does not, understand what auditors do, unless he or she is involved in doing audits, or has been trained as an auditor.1-81-9Five examples of specific operational audits that could be conducted by an internal auditor in a manufacturing company are:1.Examine employee time cards and personnel records todetermine if sufficient information is available to maximizethe effective use of personnel.2.Review the processing of sales invoices to determine if itcould be done more efficiently.3.Review the acquisitions of goods, including costs, todetermine if they are being purchased at the lowest possiblecost considering the quality needed.4.Review and evaluate the efficiency of the manufacturingprocess.5.Review the processing of cash receipts to determine if theyare deposited as quickly as possible.1-10 When using a strategic systems auditing approach in an audit of historical financial statements, an auditor must have a thorough understanding of the client and its environment. This knowledge should include the client’s regulatory and operating environment, business strategies and processes, and measurement indicators. The strategic systems approach is also useful in other assurance or consulting engagements. For example, an auditor who is performing an assurance service on information technology would need to understand the client’s business strategies and processes related to information technology, including such things as purchases and sales via the Internet. Similarly, a practitioner performing a consulting engagement to evaluate the efficiency and effectiveness of a cli ent’s manufacturing process would likely start with an analysis of various measurement indicators, including ratio analysis and benchmarking against key competitors.1-11 The major differences in the scope of audit responsibilities are:1.CPAs perform audits in accordance with auditing standards ofpublished financial statements prepared in accordance withgenerally accepted accounting principles.2.GAO auditors perform compliance or operational audits inorder to assure the Congress of the expenditure of publicfunds in accordance with its directives and the law.3.IRS agents perform compliance audits to enforce the federaltax laws as defined by Congress, interpreted by the courts,and regulated by the IRS.4.Internal auditors perform compliance or operational auditsin order to assure management or the board of directors thatcontrols and policies are properly and consistentlydeveloped, applied and evaluated.1-12 The four parts of the Uniform CPA Examination are: Auditing and Attestation, Financial Accounting and Reporting, Regulation, and Business Environment and Concepts.1-13 It is important for CPAs to be knowledgeable about e-commerce technologies because more of their clients are rapidly expanding their use of e-commerce. Examples of commonly used e-commerce technologiesinclude purchases and sales of goods through the Internet, automatic inventory reordering via direct connection to inventory suppliers, and online banking. CPAs who perform audits or provide other assurance services about information generated with these technologies need a basic knowledge and understanding of information technology and e-commerce in order to identify and respond to risks in the financial and other information generated by these technologies.Multiple Choice Questions From CPA Examinations1-14 a. (3) b. (2) c. (2) d. (3)1-15 a. (2) b. (3) c. (4) d. (3)Discussion Questions And Problems1-16 a. The relationship among audit services, attestation services and assurance services is reflected in Figure 1-3 on page 13of the text. Audit services are a form of attestationservice, and attestation services are a form of assuranceservice. In a diagram, audit services are located within theattestation service area, and attestation services arelocated within the assurance service area.b. 1. (1) Audit of historical financial statements2.(2) An attestation service other than an auditservice; or(3) An assurance service that is not an attestationservice (WebTrust developed from the AICPASpecial Committee on Assurance Services, but theservice meets the criteria for an attestationservice.)3.(2) An attestation service other than an auditservice4.(2) An attestation service other than an auditservice5.(2) An attestation service other than an auditservice6.(2) An attestation service that is not an auditservice (Review services are a form ofattestation, but are performed according toStatements on Standards for Accounting andReview Services.)7.(2) An attestation service other than an auditservice8.(2) An attestation service other than an auditservice9.(3) An assurance service that is not an attestationservice1-17 a. The interest rate for the loan that requires a review report is lower than the loan that did not require a review becauseof lower information risk. A review report provides moderateassurance to financial statement users, which lowersinformation risk. An audit report provides further assuranceand lower information risk. As a result of reducedinformation risk, the interest rate is lowest for the loanwith the audit report.b.Given these circumstances, Vial-tek should select the loanfrom City First Bank that requires an annual audit. In thissituation, the additional cost of the audit is less than thereduction in interest due to lower information risk. Thefollowing is the calculation of total costs for each loan:1-17 (continued)c. Vial-tek may desire to have an audit because of the manyother positive benefits that an audit provides. The auditwill provide Vial-tek’s management with assurance aboutannual financial information used for decision-makingpurposes. The audit may detect errors or fraud, and providemanagement with information about the effectiveness ofcontrols. In addition, the audit may result inrecommendations to management that will improve efficiencyor effectiveness.d. Under a strategic systems audit approach, the auditor musthave a thorough understanding of the client and itsenvironment, including the client’s e-commerce technologies,industry, regulatory and operating environment, suppliers,customers, creditors, and business strategies and processes.This thorough analysis helps the auditor identify risksassociated with the client’s strategies that may affectwhether the financial statements are fairly stated. Whenapplying the strategic systems audit approach, the auditoroften discovers ways to help the client improve businessoperations, thereby providing added value to the auditfunction.1-18 a. The services provided by Consumers Union are very similar to assurance services provided by CPA firms. The servicesprovided by Consumers Union and assurance services providedby CPA firms are designed to improve the quality ofinformation for decision makers. CPAs are valued for theirindependence, and the reports provided by Consumers Unionare valued because Consumers Union is independent of theproducts tested.b.The concepts of information risk for the buyer of anautomobile and for the user of financial statements areessentially the same. They are both concerned with theproblem of unreliable information being provided. In thecase of the auditor, the user is concerned about unreliableinformation being provided in the financial statements. Thebuyer of an automobile is likely to be concerned about themanufacturer or dealer providing unreliable information.c.The four causes of information risk are essentially the samefor a buyer of an automobile and a user of financialstatements:(1)Remoteness of information It is difficult for a userto obtain much information about either an automobilemanufacturer or the automobile itself withoutincurring considerable cost. The automobile buyer doeshave the advantage of possibly knowing other users who are satisfied or dissatisfied with a similar automobile.(2)Biases and motives of provider There is a conflictbetween the automobile buyer and the manufacturer. The buyer wants to buy a high quality product at minimum cost whereas the seller wants to maximize the selling price and quantity sold.(3)Voluminous data There is a large amount of availableinformation about automobiles that users might like to have in order to evaluate an automobile. Either that information is not available or too costly to obtain.1-18 (continued)(4)Complex exchange transactions The acquisition of anautomobile is expensive and certainly a complexdecision because of all the components that go intomaking a good automobile and choosing between a largenumber of alternatives.d.The three ways users of financial statements and buyers ofautomobiles reduce information risk are also similar:(1)User verifies information him or herself That can beobtained by driving different automobiles, examiningthe specifications of the automobiles, talking toother users and doing research in various magazines.(2)User shares information risk with management Themanufacturer of a product has a responsibility to meetits warranties and to provide a reasonable product.The buyer of an automobile can return the automobilefor correction of defects. In some cases a refund maybe obtained.(3)Examine the information prepared by Consumer ReportsThis is similar to an audit in the sense thatindependent information is provided by an independentparty. The information provided by Consumer Reports iscomparable to that provided by a CPA firm that auditedfinancial statements.1-19 a. The following parts of the definition of auditing are related to the narrative:(1)Virms is being asked to issue a report aboutqualitative and quantitative information for trucks.The trucks are therefore the information with whichthe auditor is concerned.(2)There are four established criteria which must beevaluated and reported by Virms: existence of thetrucks on the night of June 30, 2005, ownership ofeach truck by Regional Delivery Service, physicalcondition of each truck and fair market value of eachtruck.(3)Susan Virms will accumulate and evaluate four types ofevidence:(a)Count the trucks to determine their existence.(b)Use registrations documents held by Oatley forcomparison to the serial number on each truck todetermine ownership.(c)Examine the trucks to determine each truck'sphysical condition.(d)Examine the blue book to determine the fairmarket value of each truck.(4)Susan Virms, CPA, appears qualified, as a competent,independent person. She is a CPA, and she spends most of her time auditing used automobile and truck dealerships and has extensive specialized knowledge about used trucks that is consistent with the nature of the engagement.1-19(continued)(5)The report results are to include:(a)which of the 35 trucks are parked in Regional'sparking lot the night of June 30.(b)whether all of the trucks are owned by RegionalDelivery Service.(c)the condition of each truck, using establishedguidelines.(d)fair market value of each truck using thecurrent blue book for trucks.b.The only parts of the audit that will be difficult for Virmsare:(1)Evaluating the condition, using the guidelines of poor,good, and excellent. It is highly subjective to do so.If she uses a different criterion than the "bluebook," the fair market value will not be meaningful.Her experience will be essential in using thisguideline.(2)Determining the fair market value, unless it isclearly defined in the blue book for each condition.1-20 a. The major advantages and disadvantages of a career as an IRS agent, CPA, GAO auditor, or an internal auditor are:1-20 (continued)EMPLOYMENT ADVANTAGES DISADVANTAGESINTERNAL AUDITOR 1.Extensive exposure to allsegments of theenterprise with whichemployed.2.Constant exposure to oneindustry presentingopportunity for expertisein that industry.3.Likely to have exposureto compliance, financialand operational auditing.1.Little exposure totaxation and the auditthereof.2.Experience is limited toone enterprise, usuallywithin one or a limitednumber of industries.(b)Other auditing careers that are available are:Auditors within many of the branches of the federalgovernment ., Atomic Energy Commission)Auditors for many state and local government units .,state insurance or bank auditors)1-21 The most likely type of auditor and the type of audit for each of the examples are:EXAMPLE TYPE OF AUDITOR TYPE OF AUDIT1.2.3.4.5.6.7.8.9.10.11.12.IRSGAOInternal auditor or CPACPA or Internal auditorGAOCPAGAOIRSCPAInternal auditor or CPAInternal auditor or CPAGAOComplianceOperationalOperationalFinancial statementsOperationalFinancial statementsFinancial statementsComplianceFinancial statementsComplianceFinancial statementsCompliance1-22 a. The conglomerate should either engage the management advisory services division of a CPA firm or its own internalauditors to conduct the operational audit.b.The auditors will encounter problems in establishingcriteria for evaluating the actual quantitative events andin setting the scope to include all operations in whichsignificant inefficiencies might exist. In writing thereport, the auditors must choose proper wording to statethat no financial audit was performed, that the procedureswere limited in scope and that the results reported do notnecessarily include all the inefficiencies that might exist.1-23 a. The CPA firm for the Internet company described in this problem could address these customer concerns by performinga WebTrust attestation engagement. The WebTrust assuranceservice was created by the profession to respond to thegrowing need for assurance resulting from the growth ofbusiness transacted over the Internet.b.The appropriate WebTrust principle for each of the customerconcerns noted in the problem is as follows:1.Accuracy of product descriptions and adherence tostated return policies: (3) Processing Integrity.2.Credit card and other personal information: (1) OnlinePrivacy and (2) Security.3.Selling information to other companies: (1) OnlinePrivacy and (2) Security.4.System failure: (4) Availability.Internet Problem Solution: Assurance Services1-1 This problem requires students to work with the AICPA assurance services Web site.1.Considering the assurance needs of customers and thecapabilities of CPAs, the Special Committee on AssuranceServices developed business plans for six assurance services.Chapter 1 of the textbook discussed several of theseservices. Go to the service description for the assuranceservice that most interests you (any one of the six). Whatare the major aspects or sections of the associated businessplan ., does the plan address market potential, competition,etc.?)Answer: Each business plan provides background information,describes the service, assesses market potential, discussesissues such as competition and why CPAs should offer theservice, identifies practice tools available and steps thatCPAs must take to begin offering the services.2.The Special Committee's report on Assurance Servicesdiscusses competencies needed by assurance providers todayand in the coming decade. Briefly describe the 5 generalcompetencies needed in the next decade (Hint: See the“About Assurance Services” link. Then follow the“Assurance Services and Academia” link.)Answer:The Committee identified the following five majorimperatives regarding future competencies, each of whichimplies increasing emphasis on the competencies noted:1-1 (continued)Customer focus.Assurance service providers need tounderstand user decision processes and how informationshould enter into those processes. Increased emphasis isneeded on: understanding user needs, communication skills,relationship management, responsiveness and timeliness.Migration to higher value-added information activities. Toprovide more value to client/decision makers and others,assurance service providers need to focus less on activitiesinvolved in the conversion of business events intoinformation ., collecting, classifying, and summarizingactivities) and more on activities involved in thetransformation of information into knowledge ., analyzing,interpreting, and evaluating activities) that effectivelydrives decision processes. This will require: analyticalskills, business advisory skills, business knowledge, modelbuilding (including sensitivity analysis), understanding theclient’s business processes, measurement theory(development of operational definitions of concepts, designof appropriate measurement techniques, etc.).Information technology (IT).Assurance services deal ininformation. Hence, the profound changes occurring ininformation technology will shape virtually all aspects ofassurance services. As information specialists, assuranceservice providers need to embrace information technology inall of its complex dimensions. Embracing IT meansunderstanding how it is transforming all aspects of business.It also means learning how to effectively use newdevelopments in hardware, software, communications, memory,encryption, etc., in everything assurance service providersdo as information specialists, not only in dealing withclients, but also in dealing with each other as individuals,teams, firms, state societies, and national professionalorganizations.Pace of change and complexity. Assurance services will takeplace in an environment of rapid change and increasingcomplexity. Assurance service providers need to investheavily in life-long learning in order to maintain up-to-date knowledge and skills. They will require: intellectualcapability, learning and rejuvenation.Competition.Growth in new assurance services will dependless on franchise/regulation and more on market forces.Assurance service providers need to develop their marketingskills —the ability to see clients’ latent informationand assurance needs and rapidly design and deploy cost-effective services to meet those needs —in order toeffectively compete for market-driven assurance services.Required skills include: marketing and selling,understanding customer needs, designing and deployingeffective solutions.1-1 (continued)(Note: Internet problems address current issues using Internet sources. Because Internet sites are subject to change, Internet problems and solutions are subject to change. Current information on Internet problems is available at。