ICAI Notes: Nature, Objective and Scope of Audit | Auditing and Ethics for CA Intermediate PDF Download

Introduction

In today’s complex business environment, real-life situations highlight the critical importance of auditing. Various stakeholders, including investors seeking opportunities, shareholders wanting to understand the financial health of companies they’ve invested in, banks and financial institutions lending funds, governments ensuring tax compliance, trade unions negotiating wages, and insurance companies settling claims, all rely heavily on audited financial statements. This widespread reliance stems from the fact that audited financial statements provide confidence and assurance to users, enabling them to make informed decisions based on reliable financial data. The importance of auditing becomes evident as it plays a pivotal role in maintaining transparency, accountability, and trust in an environment where economic activities, legal frameworks, and regulatory standards are constantly evolving. But what exactly is auditing? What does it encompass, what are its limitations, and why is it essential? These questions will be explored in the following sections.

Origin of Auditing

Before understanding the meaning and nature of auditing, it's essential to explore its origin. Auditing has existed since ancient times in various societies, including India. Notably, references to auditing can be found in Kautilya's Arthshastra, dating back to the 4th century BC. The text discusses key auditing elements such as a fixed accounting year, a process for closure of accounts, and the importance of audit. It even mentions the practice of periodical checking and verification of accounts, along with concerns about misstatements in financial statements caused by the abuse of power. Kautilya's insights reflect how advanced his understanding was for his time.

The term "audit" comes from the Latin word "audire," meaning "to hear." In medieval times, auditors would hear the accounts read to them to ensure that employees were not negligent or careless in their record-keeping. The Industrial Revolution in Europe further expanded the need for auditors due to the rapid growth in trade.

In more recent history, the first Auditor General of India was appointed during British India in 1860, combining both accounting and auditing responsibilities. Over time, the Office of Auditor General was formally recognized. Today, the Comptroller and Auditor General of India is an independent constitutional authority responsible for auditing government receipts and expenditures.

The Institute of Chartered Accountants of India (ICAI) was established in 1949 under an Act of Parliament to regulate the profession of Chartered Accountancy in India.

Meaning and Nature of Auditing

"An audit is an independent examination of financial information of any entity, whether profit-oriented or not, and irrespective of its size or legal form, when such an examination is conducted with a view to expressing an opinion thereon."

An analysis of this definition highlights the following key points:

• Audit as an Independent Examination: The core of auditing is that it must be independent. This means that the auditor’s judgment should not be influenced by the wishes or directions of anyone who has engaged the auditor. The auditor must be free from any external influence to form an objective opinion about the financial statements.
  Independence: The auditor must be independent of the entity whose financial statements are being audited. This ensures that the auditor can provide an unbiased opinion. Independence enables the auditor to act objectively and without any biases creeping into their judgment.
  Examples: A Chartered Accountant (CA) cannot audit the financial accounts of a business owned by his brother, as the familial relationship could affect his independence and objectivity. Similarly, if a CA has invested in shares of a company, they cannot audit the financial accounts of that company. The CA's self-interest in the company's financial performance would compromise their ability to provide an independent opinion on the financial statements.
• The entity whose financial information is examined through an audit does not have to be profit-oriented. It can include non-profit organizations such as NGOs or charitable trusts. Audits can be conducted for any organization, regardless of its size—small, medium, or large. The audit can also apply to entities with various legal structures, such as proprietary concerns, partnership firms, LLPs, private companies, public companies, societies, or trusts.
• The primary purpose of an audit is to express an opinion on the financial statements. The auditor's role is to ensure that the financial statements do not mislead anyone, and to do so, they must ensure:
  • The accounts are drawn up with reference to the entries in the books of account.
  • The entries in the books of account are supported by adequate and appropriate evidence.
  • No entries have been omitted during the process of compilation.
  • The information conveyed is clear and unambiguous.
  • The amounts in the financial statements are properly classified, described, and disclosed in accordance with accounting standards.
  • The statement of accounts presents a true and fair view of the operational results, assets, and liabilities.
• Auditing provides assurance by offering confidence to users of financial statements. This assurance lends credibility to the financial data presented, ensuring that users can rely on the information reflected in the statements.

The preparation and presentation of the financial statements of an entity is the responsibility of the management of the entity. The auditor does not prepare the financial statements but instead examines them to form an independent opinion. The auditor then expresses this opinion through a written audit report, which provides assurance to users about the accuracy and fairness of the financial statements.

Interdisciplinary Nature of Auditing - Relationship with Diverse Subjects

Auditing is inherently interdisciplinary, drawing knowledge and techniques from various fields, including accountancy, law, behavioral science, statistics, economics, and financial management. 

These diverse subjects play an essential role in the auditing process:

• Accounting: A strong understanding of accounting principles is crucial for auditors, as auditing involves examining financial statements and ensuring they are prepared in accordance with accounting standards.
• Law: Knowledge of business laws and taxation laws enables auditors to better understand the financial statements within the legal framework applicable to the entity.
• Behavioral Science: Auditors often interact with various individuals during the audit process. An understanding of human behavior helps auditors effectively communicate, gather information, and make inquiries.
• Statistics: Since it is impractical to check every transaction, auditors use statistical methods to draw samples. This allows auditors to perform meaningful tests and arrive at valid conclusions.
• Economics: Understanding the economic environment in which the business operates helps auditors assess the broader context and identify factors that may affect the financial statements.
• Financial Management: Knowledge of financial management topics such as funds flow, working capital management, ratio analysis, and capital budgeting is necessary for auditors to evaluate the financial health of an entity effectively.

Relationships between Auditing and Various Subjects

• Auditing and Accounting: Auditing reviews financial statements, which are the result of the accounting process.
• Auditing and Law: Auditors need to have a good understanding of business laws affecting the entity under audit.
• Auditing and Economics: Auditors should be familiar with the overall economic environment in which the client’s business operates.
• Auditing and Behavioral Science: Knowledge of human behavior is essential for auditors to effectively carry out their duties.
• Auditing and Statistics & Mathematics: Statistical sampling techniques and mathematics for verifying inventories are important skills for auditors.
• Auditing and Data Processing: EDP (Electronic Data Processing) auditing is an emerging field that requires specialized knowledge.
• Auditing and Financial Management: Auditors should understand financial techniques such as working capital management, funds flow, and ratio analysis.
• Auditing and Production: A good auditor understands the client's business functions, such as production, cost systems, and marketing.

The interdisciplinary nature of auditing highlights the broad expertise required for auditors to perform their roles effectively and make informed judgments during the auditing process.

Objectives of Audit

The objectives of the auditor when conducting the audit of financial statements, as per SA-200 "Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with Standards on Auditing," are:
(a) To obtain reasonable assurance that the financial statements, as a whole, are free from material misstatement, whether caused by fraud or error, enabling the auditor to express an opinion on whether the financial statements are prepared, in all material respects, in accordance with the applicable financial reporting framework.
(b) To report on the financial statements and communicate the findings in accordance with the auditor's findings, as required by the Standards on Auditing (SAs).

Key Points Derived from the Objectives

• Reasonable Assurance: The auditor's objective is to obtain reasonable assurance that the financial statements, in total, are free from material misstatements due to fraud or error. This assurance does not guarantee absolute accuracy, but it ensures a high level of confidence.
• Distinction between Reasonable and Absolute Assurance:
  • Reasonable assurance refers to a high level of confidence but does not guarantee that financial statements are free from all misstatements.
  • Absolute assurance would mean a complete guarantee, but this is not attainable in audits.
• Professional Competence: Auditors conduct their audits with professional competence and in accordance with Standards on Auditing (SAs). They apply audit procedures, gather and evaluate evidence, and draw conclusions, leading to a reasonable level of assurance.
• Misstatements Due to Fraud or Error: Misstatements can occur due to fraud, error, or both. The auditor must assess the overall impact of these misstatements on the financial statements as a whole.
• Opinion on Financial Statements: Once reasonable assurance is obtained, the auditor can form an opinion on whether the financial statements are prepared in accordance with the applicable financial reporting framework.
• Reporting and Communication: The auditor expresses their opinion in a written report, which is communicated in accordance with the audit findings, as required by the Standards on Auditing.

An Overview of Objectives of Audit

• Obtaining a reasonable assurance that the financial statements, as a whole, are free from material misstatement due to fraud or error.
• Gaining reasonable assurance leads to the formation of an opinion on whether the financial statements are prepared, in all material respects, in accordance with the applicable financial reporting framework.
• To report on the financial statements.
• Reporting of opinion in accordance with audit findings.
• Communication of reporting.
• Reporting and communication are carried out in accordance with the Standards on Auditing.

Scope of Audit - What It Includes

The scope of audit refers to the range or extent of an audit’s coverage. The primary purpose of an audit is to enhance the degree of confidence that users have in the financial statements. These users can include shareholders, employees, customers, government and regulatory authorities, and bankers, among others. This enhanced confidence is achieved when the auditor expresses an opinion on whether the financial statements are prepared, in all material respects, in accordance with the applicable financial reporting framework. 
The term "applicable financial reporting framework" refers to a framework adopted for the preparation and presentation of financial statements that is acceptable based on the entity's nature and the objective of the financial statements, or as required by law or regulation. 
For instance, in India, for companies, the financial reporting framework is outlined in Schedule III of the Companies Act, 2013.

The scope of audit of financial statements includes the following key points:

• Coverage of All Aspects of the Entity: The audit should be organized to adequately cover all relevant aspects of the entity that pertain to the financial statements being audited. This ensures that all significant areas are thoroughly examined.
• Reliability and Sufficiency of Financial Information: The auditor must ensure that the information contained in the underlying accounting records and other source data (such as bills, vouchers, documents, etc.) is reliable and provides a sufficient basis for preparing the financial statements. To assess this, the auditor examines the entity's accounting systems and internal controls, and conducts appropriate tests, inquiries, and procedures.
• Proper Disclosure of Financial Information: The auditor needs to determine whether the relevant financial information is disclosed appropriately in the financial statements, in compliance with applicable statutory requirements. This involves ensuring that the financial statements properly summarize recorded transactions and events, and considering the judgments made by management in the preparation of the statements.
  (a) Management’s Judgment: The management is responsible for making many judgments during the preparation and presentation of financial statements, such as selecting appropriate accounting policies (e.g., the method for depreciation on fixed assets or inventory valuation methods).
  (b) Evaluation of Accounting Policies: The auditor evaluates whether the management's choice of accounting policies is appropriate and consistently applied from one period to another.
• Historical Financial Information: Financial statements are based on historical financial information, which refers to the data derived from the entity’s accounting system about economic events from past periods or conditions at specific points in the past. For example, purchases and sales reported in financial statements are based on historical financial information, reflecting transactions that have occurred in the past.

Since financial statements are prepared based on historical information, the audit of these statements is also grounded in historical financial data. Therefore, the audit primarily examines past financial transactions and conditions, ensuring that the information is presented accurately and in compliance with accounting standards.

Elements of an Assurance Engagement

The following elements make up an assurance engagement:

• A Three-Party Relationship Involving a Practitioner, a Responsible Party, and Intended Users:
  • The practitioner is the individual providing the assurance. This term is broader than an auditor, as practitioners can offer assurance on matters beyond historical financial information.
  • The responsible party is the party accountable for the preparation of the subject matter.
  • Intended users are the individuals or groups for whom the assurance report is prepared. They rely on this report to make informed decisions.
• An Appropriate Subject Matter: The subject matter refers to the information that the practitioner will evaluate. For example, in an audit engagement, the subject matter would be the financial information contained in the financial statements.
• Suitable Criteria: Criteria are the benchmarks or standards used to evaluate the subject matter. These could include laws, rules, regulations, or guidelines that are relevant for the specific evaluation.
• Sufficient and Appropriate Evidence:
  • The practitioner must gather sufficient and appropriate evidence to form a conclusion.
  • Sufficient refers to the quantity of evidence collected, while appropriate relates to the quality of evidence. Some pieces of evidence may provide more confidence and be deemed appropriate based on their relevance and reliability.
• A Written Assurance Report in an Appropriate Form: The outcome of the engagement is a written assurance report that presents the practitioner's conclusion, conveying the level of assurance regarding the subject matter. This written report is the final product of the assurance engagement.

Overview of Elements of Assurance Engagement

• Three-Party Relationship: Involves a practitioner, a responsible party, and intended users.
• An Appropriate Subject Matter: The information being evaluated by the practitioner.
• Suitable Criteria: Benchmarks such as standards, guidance, laws, rules, and regulations used to assess the subject matter.
• Sufficient Appropriate Evidence: The practitioner must gather enough and relevant evidence to form conclusions and express an opinion.
• Written Assurance Report in Appropriate Form: A written report containing the conclusion and assurance regarding the subject matter.

Meaning of Review; Audit Vs. Review

• An audit provides reasonable assurance, meaning a high level of confidence in the accuracy of financial statements. On the other hand, a review is a limited assurance engagement that provides a lower level of assurance than an audit. 
• A review involves fewer procedures and gathers less evidence than an audit, which leads to conclusions with a lower degree of confidence. However, both audit and review relate to financial statements that are prepared based on historical financial information.

Types of Assurance Engagements - Reasonable Assurance Engagement vs. Limited Assurance Engagement

As discussed earlier, assurance engagements provide varying degrees of confidence to users, based on the level of assurance offered. The key difference between the types of assurance engagements is the degree of confidence they provide:

Reasonable Assurance Engagement

• High Level of Assurance: Provides a high level of confidence in the accuracy of the information.
• Extensive Procedures: It involves more elaborate and comprehensive procedures to obtain sufficient appropriate evidence.
• Reasonable Conclusions: The conclusions are drawn based on sufficient and appropriate evidence.
• Example: An audit engagement is an example of reasonable assurance engagement.

Limited Assurance Engagement

• Lower Level of Assurance: Provides a moderate or lower level of assurance compared to reasonable assurance.
• Fewer Procedures: It involves fewer procedures than reasonable assurance engagements.
• Limited Conclusions: The engagement provides limited conclusions based on sufficient but less extensive evidence.
• Example: A review engagement is an example of limited assurance engagement.

Other Types of Assurance Engagements:
In addition to reasonable and limited assurance engagements, there are also assurance engagements related to matters other than historical financial information. These may include:

• Prospective Financial Information: This involves providing assurance on future financial information, based on assumptions about events or actions that may occur in the future. It is not related to historical financial information.
  • Examples: Forecasts, projections, or a combination of both.
  • These engagements do not examine historical financial information, but rather the basis and assumptions for prospective financial information.

The practitioner in such engagements ensures that:

• The management’s assumptions on which the prospective financial information is based are reasonable.
• The prospective information is properly prepared and based on these assumptions.
• All material assumptions are adequately disclosed.

In these cases, since the information is based on future events, the practitioner cannot guarantee that the results will match the projections. Instead, they confirm that nothing has come to their attention to suggest that the assumptions do not provide a reasonable basis for the projections. Thus, these engagements provide a moderate level of assurance.

Key Difference:

• Historical Financial Information: Refers to information based on past events and conditions.
• Prospective Financial Information: Refers to financial information based on future assumptions and predictions.

Examples of Assurance Engagements:

• Audit of Financial Statements
  • Type: Reasonable assurance engagement
  • Provides high-level assurance regarding the accuracy and reliability of financial statements.
• Review of Financial Statements
  • Type: Limited assurance engagement
  • Provides a moderate level of assurance about the financial statements, based on fewer procedures than an audit.
• Examination of Prospective Financial Information
  • Type: Limited assurance engagement
  • Provides assurance regarding the reasonability of assumptions forming the basis of projections and related matters.
• Report on Operating Controls at an Organization
  • Type: Reasonable assurance engagement
  • Provides assurance regarding the design and operation of controls within an organization.

Qualities of an Auditor

• An auditor plays a critical role in reporting on the financial matters of businesses and other institutions, where errors and fraud are common. Therefore, auditors must possess several key qualities, including: Tact, Caution, Firmness, Good temper, Integrity, Discretion, Industry, Judgment, Patience, Clear-headedness, Reliability
• In essence, the personal qualities that make someone a good businessman also contribute to being a good auditor.
• Additionally, an auditor must possess cultural knowledge and uphold the highest degree of integrity while maintaining adequate independence.
• The role of the auditor is one of trust and responsibility. Alongside professional training and education, auditors need to have strong human qualities. They are tasked with critically reviewing financial statements, which requires an expert level of knowledge.
• An auditor must have an exhaustive knowledge of accounting in all its branches and a deep understanding of accounting principles and techniques, which is essential for performing audits effectively.

Engagement and Quality Control Standards: An Overview

The following Standards issued under the authority of the ICAI Council are collectively known as Engagement Standards:

• Standards on Auditing (SAs): These apply to the audit of historical financial information.
• Standards on Review Engagements (SREs): These apply to the review of historical financial information.
• Standards on Assurance Engagements (SAEs): These apply to assurance engagements other than audits and reviews of historical financial information.
• Standards on Related Services (SRSs): These apply to agreed-upon procedures for information, compilation engagements, and other related service engagements.

The purpose of issuing these standards is to establish high-quality standards and provide guidance in the areas of financial statement audits and other types of assurance services.

Standards on Auditing

Standards on Auditing (SAs) apply in the context of an audit of financial statements conducted by an independent auditor. These standards are specifically designed for historical financial information and establish high-quality benchmarks that auditors follow when conducting an audit.
These standards cover a wide range of issues in the auditing field, addressing essential aspects such as:

• Overall objectives of the independent auditor
• Audit documentation
• Planning an audit of financial statements
• Identifying and assessing risks of material misstatement
• Audit sampling
• Audit evidence
• Forming an opinion and reporting on financial statements

Some key examples of Standards on Auditing include:

• SA 200: Overall Objectives of the Independent Auditor and the Conduct of an Audit in accordance with Standards on Auditing
• SA 230: Audit Documentation
• SA 315: Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment
• SA 500: Audit Evidence
• Revised SA 700: Forming an Opinion and Reporting on Financial Statements

Standards on Review Engagements

Standards on Review Engagements apply in the context of reviewing financial statements. A review is a limited assurance engagement, providing assurance that is lower than that offered by an audit. This is because a review involves fewer procedures than an audit. However, as a review also provides assurance to users, it still requires obtaining sufficient appropriate evidence. For example, when an auditor performs a review of an entity's interim financial information.
Some examples of Standards on Review Engagements are:

• SRE 2400 (Revised): Engagements to Review Historical Financial Statements
• SRE 2410: Review of Interim Financial Information Performed by the Independent Auditor of the Entity

It is important to note that both Standards on Auditing and Standards on Review Engagements apply to engagements involving historical financial information.

Standards on Assurance Engagements

In addition to auditing and review engagements, there are standards specifically for assurance engagements dealing with subject matters other than historical financial information. These engagements do not involve "audit" or "review" of historical financial information, but instead, focus on other areas such as prospective financial information or non-financial matters like the design and operation of internal controls within an entity.
Some examples of Standards on Assurance Engagements are:

• SAE 3400: The Examination of Prospective Financial Information
• SAE 3420: Assurance Engagements to Report on the Compilation of Pro Forma Financial Information Included in a Prospectus

These standards provide guidance on engagements where the subject matter is beyond just historical financial information.

Standards on Related Services

Standards on Related Services apply to engagements where the auditor or practitioner is required to perform agreed-upon procedures regarding financial information. For example, an engagement may require the auditor to perform specific procedures related to individual items of financial data, such as:

• Accounts payable
• Accounts receivable
• Purchases from related parties
• Sales and profits of a segment of an entity
• A financial statement like a balance sheet or an entire set of financial statements.

Additionally, practitioners may assist management in preparing and presenting historical financial information without providing assurance on that information. Such engagements are classified as compilation engagements, and the practitioner issues a report clearly stating that it is not an assurance engagement and no opinion is being expressed.
These types of engagements are called related services, and specific standards have been issued to guide the practitioner's responsibilities in these areas.
Some examples of Standards on Related Services include:

• SRS 4400: Engagements to Perform Agreed-Upon Procedures Regarding Financial Information
• SRS 4410 (Revised): Compilation Engagements

It is important to note that all the standards mentioned—Standards on Auditing (SAs), Standards on Review Engagements (SREs), Standards on Assurance Engagements (SAEs), and Standards on Related Services (SRSs)—are collectively referred to as the Engagement Standards. These standards, issued under the authority of the ICAI Council, govern the responsibilities of auditors and practitioners.

Standards on Quality Control

Standards on Quality Control (SQCs) have been issued to set guidelines and establish standards regarding a firm's responsibilities for its system of quality control in the conduct of audits, reviews of historical financial information, and other assurance and related service engagements.

• SQC 1 is a key standard in this regard. It requires auditors and practitioners to establish a system of quality control to ensure that both the firm and its personnel comply with professional standards, regulatory, and legal requirements. This ensures that the reports issued are appropriate and meet the required standards.
• The basic objective of SQC 1 is to ensure that when rendering services under engagement standards, the firm has an internal quality control system in place to comply with professional standards and legal requirements. This system ensures that reports issued are appropriate in the given circumstances.
• SQCs must be applied to all services covered by Engagement Standards to maintain quality control across various audit and assurance engagements.

Why are Standards Needed?

The need for standards arises due to the following reasons:

• Global Benchmarking: Standards ensure that audits are conducted against established benchmarks that are on par with global practices.
• Improvement in Financial Reporting: Standards improve the quality of financial reporting, aiding users in making well-informed decisions.
• Promoting Uniformity: Standards promote uniformity in auditing practices, ensuring consistency across different audits.
• Equipping Professionals: Standards equip professional accountants with the necessary knowledge and skills to perform high-quality audits.
• Ensuring Audit Quality: Standards guarantee the quality of audits, making sure they are conducted properly and efficiently, providing reliable and accurate information.

Duties in Relation to Engagement and Quality Control Standards

It is the duty of professional accountants to ensure that Standards are followed in the engagements they undertake. Generally, these standards must be adhered to during the performance of their work. However, there may be situations where a specific procedure required by the standards may not be effective in a particular engagement.
In such cases, the accountant is required to:

• Document how the alternative procedures performed achieve the same purpose as the required procedure.
• Document the reason for the departure from the standard procedure, unless it is self-explanatory.
• Draw attention to such departures in the audit or assurance report.

It is important to note that disclosure of departures in the report does not absolve the professional accountant from ensuring compliance with the applicable standards.

Overview of Engagement and Quality Control Standards

• Standards on Auditing (SAs) apply to the audit of historical financial information.
• Standards on Review Engagements (SREs) apply to the review of historical financial information.
• Standards on Assurance Engagements (SAEs) apply to engagements dealing with matters other than historical financial information.
• Standards on Related Services (SRSs) apply to engagements involving agreed-upon procedures regarding financial information and other services, such as assisting management in the preparation and presentation of financial statements.
• Standards on Quality Control (SQC) apply to all services covered by Engagement Standards (i.e., SAs, SREs, SAEs, and SRSs).
• It is the duty of professional accountants to follow these standards. If any standard is not followed, the reason for departure must be stated in the reports.

Conclusion

An audit is an independent examination of an entity's financial information, regardless of its size or legal form, with the purpose of expressing an opinion on the accuracy of the financial statements. It provides reasonable assurance to users of financial statements, offering confidence through a written audit report. While an audit cannot provide absolute assurance, it offers a high level of reliability.
Auditors are expected to perform duties within their scope of competence, and there are inherent limitations in the audit process. These limitations arise from the nature of financial reporting, audit procedures, and the distinction between audits and investigations, which means audits do not provide absolute assurance.
Audits fall under assurance engagements, which are designed to enhance confidence by evaluating a subject matter against established criteria. These engagements consist of a three-party relationship, suitable criteria, sufficient evidence, and a written assurance report. Reasonable assurance engagements, like audits, provide a high level of assurance, while limited assurance engagements, such as reviews, offer a lower level.
The standards governing audits, reviews, and other assurance engagements are collectively known as Engagement Standards, which define the responsibilities of auditors and practitioners. Additionally, Standards on Quality Control ensure firms maintain a robust quality control system to meet professional standards. These standards are essential to conducting audits against established benchmarks, improving financial reporting quality, promoting uniformity, equipping accountants with the necessary skills, and ensuring high-quality audits.