07_CH06_138-170.QXD:AEB12.

QXD 1/5/07 12:19 PM Page 140

efore beginning the study of how to conduct an audit, it is necessary to understand

B the overall objectives of the audit, the auditor’s responsibilities in conducting
the audit, and the specific objectives the auditor tries to accomplish. Without an under-
standing of these topics, planning and accumulating audit evidence during the audit has
no relevance. Figure 6-1 summarizes the five topics that provide keys to understanding
evidence accumulation. These are the steps used to develop specific audit objectives.

OBJECTIVE OF CONDUCTING AN AUDIT OF FINANCIAL STATEMENTS

OBJECTIVE 6-1
SAS 1 (AU 110) states
Explain the objective of
conducting an audit of financial
statements and an audit of The objective of the ordinary audit of financial statements by the independent auditor is the expression of an
internal controls. opinion on the fairness with which they present fairly, in all material respects, financial position, results of oper-
ations, and cash flows in conformity with generally accepted accounting principles.

Understand objectives
and responsibilities
for the audit
Our primary focus is the section of SAS 1 that emphasizes issuing an opinion on
financial statements. For public companies, the auditor also issues a report on internal
Divide financial control over financial reporting as required by Section 404 of the Sarbanes–Oxley Act.
statements Auditors accumulate evidence in order to reach conclusions about whether the finan-
into cycles cial statements are fairly stated and to determine the effectiveness of internal control,
after which they issue the appropriate audit report.
Know management If the auditor believes that the statements are not fairly presented or is unable to
assertions about
financial statements reach a conclusion because of insufficient evidence, the auditor has the responsibility
of notifying users through the auditor’s report. Subsequent to their issuance, if facts
Know general audit indicate that the statements were not fairly presented, the auditor will probably have to
objectives for classes demonstrate to the courts or regulatory agencies that he or she conducted the audit in
of transactions, a proper manner and drew reasonable conclusions.
accounts, and
disclosures

Know specific audit

objectives for classes FIGURE 6-1 Steps to Develop Audit Objectives
of transactions,
accounts, and
disclosures
Understand objectives
and responsibilities
for the audit

Divide financial
statements
into cycles

Know management
assertions about
financial statements

Know general audit

objectives for classes
of transactions,
accounts, and
disclosures

Know specific audit

objectives for classes
of transactions,
accounts, and
disclosures

140 PART TWO / THE AUDIT PROCESS

07_CH06_138-170.QXD:AEB12.QXD 1/5/07 12:19 PM Page 141

MANAGEMENT’S RESPONSIBILITIES
The responsibility for adopting sound accounting policies, maintaining adequate OBJECTIVE 6-2
internal control, and making fair representations in the financial statements rests with
Distinguish management’s
management rather than with the auditor. Because they operate the business daily, a responsibility for the financial
company’s management knows more about the company’s transactions and related statements and internal control
assets, liabilities, and equity than the auditor does. In contrast, the auditor’s knowledge from the auditor’s responsibility
of these matters and internal control is limited to that acquired during the audit. for verifying the financial
statements and effectiveness of
The annual reports of many public companies include a statement about manage- internal control.
ment’s responsibilities and relationship with the CPA firm. Figure 6-2 presents a report
of management for the Boeing Company as a part of its annual report. Read the report
carefully to determine what management states about its responsibilities.
Management’s responsibility for the fairness of the representations (assertions) in
the financial statements carries with it the privilege of determining which presentations
and disclosures it considers necessary. If management insists on financial statement dis-
closure that the auditor finds unacceptable, the auditor can either issue an adverse or
qualified opinion or withdraw from the engagement.
The Sarbanes–Oxley Act increases management’s responsibility for the financial
statements by requiring the chief executive officer (CEO) and the chief financial officer

FIGURE 6-2 The Boeing Company’s Report of Management

2005 ANNUAL REPORT

REPORT OF MANAGEMENT

To the Shareholders of The Boeing Company:

The accompanying consolidated financial statements of The Boeing Company and subsidiaries have
been prepared by management who are responsible for their integrity and objectivity. The statements
have been prepared in conformity with accounting principles generally accepted in the United States
of America and include amounts based on management’s best estimates and judgments. Financial
information elsewhere in this Annual Report is consistent with that in the financial statements.

Management has established and maintains a system of internal control designed to provide
reasonable assurance regarding the reliability of financial reporting and the presentation of financial
statements in accordance with accounting principles generally accepted in the United States of
America, and has concluded that this system of internal control was effective as of December 31,
2005. In addition, management also has established and maintains a system of disclosure controls
designed to provide reasonable assurance that information required to be disclosed is accumulated
and reported in an accurate and timely manner. The system of internal control and disclosure control
include widely communicated statement of policies and business practices which are designed to
require all employees to maintain high ethical standards in the conduct of Company affairs. The
internal controls and disclosure controls are augmented by organizational arrangements that provide
for appropriate delegation of authority and division of responsibility and by a program of internal
audit with management follow-up.

The Audit Committee of the Board of Directors, composed entirely of outside directors, meets
periodically with the independent certified public accountants, management and internal auditors to
review accounting, auditing, internal accounting controls, litigation and financial reporting matters.
The independent certified public accountants and the internal auditors have free access to this
committee without management present.

James A. Bell W. James McNerney, Jr.

Executive Vice President, Finance Chairman, President and
and Chief Financial Officer Chief Executive Officer

CHAPTER 6 / AUDIT RESPONSIBILITIES AND OBJECTIVES 141

07_CH06_138-170.QXD:AEB12.QXD 1/5/07 12:19 PM Page 142

(CFO) of public companies to certify the quarterly and annual financial statements sub-
mitted to the SEC. In signing those statements, management certifies that the financial
statements fully comply with the requirements of the Securities Exchange Act of 1934
and that the information contained in the financial statements fairly present, in all
material respects, the financial condition and results of operations. The Sarbanes–Oxley
Act provides for criminal penalties, including significant monetary fines or imprison-
ment up to 20 years, for anyone who knowingly falsely certifies those statements.

AUDITOR’S RESPONSIBILITIES
OBJECTIVE 6-3
SAS 1 (AU 110) as amended states
Explain the auditor’s responsibility
for discovering material
misstatements. The auditor has a responsibility to plan and perform the audit to obtain reasonable assurance about whether
the financial statements are free of material misstatement, whether caused by error or fraud. Because of the
nature of audit evidence and the characteristics of fraud, the auditor is able to obtain reasonable, but not
absolute, assurance that material misstatements are detected. The auditor has no responsibility to plan and
perform the audit to obtain reasonable assurance that misstatements, whether caused by errors or fraud, that
are not material to the financial statements are detected.

This paragraph in AU 110 discusses the auditor’s responsibility for detecting

material misstatements in the financial statements. When the auditor also reports on
the effectiveness of internal control over financial reporting, the auditor is also respon-
sible for identifying material weaknesses in internal control over financial reporting.
The auditor’s responsibilities for audits of internal control are discussed in Chapter 10.
This paragraph and the related discussion in the standards about the auditor’s respon-
sibility to detect material misstatements include several important terms and phrases.
Material Versus Immaterial Misstatements Misstatements are usually considered mate-
rial if the combined uncorrected errors and fraud in the financial statements would
likely have changed or influenced the decisions of a reasonable person using the state-
ments. Although it is difficult to quantify a measure of materiality, auditors are respon-
sible for obtaining reasonable assurance that this materiality threshold has been satis-
fied. It would be extremely costly (and probably impossible) for auditors to have
responsibility for finding all immaterial errors and fraud.
Reasonable Assurance Assurance is a measure of the level of certainty that the auditor
has obtained at the completion of the audit. Auditing standards (SAS 104) indicate
reasonable assurance is a high, but not absolute, level of assurance that the financial
statements are free of material misstatements. The concept of reasonable, but not
absolute, assurance indicates that the auditor is not an insurer or guarantor of the cor-
rectness of the financial statements. Thus, an audit that is conducted in accordance
with auditing standards may fail to detect a material misstatement.
The auditor is responsible for reasonable, but not absolute, assurance for several
reasons:
1. Most audit evidence results from testing a sample of a population such as
accounts receivable or inventory. Sampling inevitably includes some risk of
not uncovering a material misstatement. Also, the areas to be tested; the type,
extent, and timing of those tests; and the evaluation of test results require
significant auditor judgment. Even with good faith and integrity, auditors can
make mistakes and errors in judgment.
2. Accounting presentations contain complex estimates, which inherently involve
uncertainty and can be affected by future events. As a result, the auditor has to
rely on evidence that is persuasive, but not convincing.

142 PART TWO / THE AUDIT PROCESS

07_CH06_138-170.QXD:AEB12.QXD 1/5/07 12:19 PM Page 143

Sometimes, misappropriation of assets involves
CABLE MOGULS ARRESTED significant amounts and occurs at the very top of the
FOR CORPORATE LOOTING organization. In 2002 the SEC charged former
Adelphia CEO John Rigas and other Rigas family
members with “rampant self dealing” at Adelphia
Communications Corp. in what has been called one of
the most extensive financial frauds ever to take place
at a public company. According to the SEC complaint,
the Rigas family used Adelphia funds to finance open
market purchases of stock, pay off margin loans and
other family debts, purchase timber rights, construct a
golf club, and purchase luxury condominiums in
Colorado, Mexico, and New York City.
In the criminal complaint, prosecutors charged
that the Rigas family “looted Adelphia on a massive
scale, using the company as the Rigas family’s
personal piggy bank, at the expense of public
investors and creditors.” After details of the misap-
propriations and fraudulent reporting in the com-
pany’s financial statements became public, Adelphia
filed for bankruptcy, and its stock collapsed from a
price of $20 per share to less than $1 per share.
John Rigas was convicted and sentenced to 15 years
in prison; his son Timothy, the company’s former
CFO, was sentenced to 20 years in prison.
Sources: 1. SEC press release 2002-110
(www.sec.gov/news/press/2002-110.htm);
2. “Rigas and sons arrested”
(money.cnn.com/2002/07/24/news/rigas/);
3. “Adelphia founder sentenced to 15 years”
(money.cnn.com/2005/06/20/news/newsmakers/
rigas_sentencing/).

3. Fraudulently prepared financial statements are often extremely difficult, if not

impossible, for the auditor to detect, especially when there is collusion among
management.

If auditors were responsible for making certain that all the assertions in the state-
ments were correct, evidence requirements and the resulting cost of the audit function
would increase to such an extent that audits would not be economically practical. Even
then, auditors would be unlikely to uncover all material misstatements in every audit.
The auditor’s best defense when material misstatements are not uncovered is to have
conducted the audit in accordance with auditing standards.
Errors Versus Fraud SAS 99 (AU 316) distinguishes between two types of misstatements:
errors and fraud. Either type of misstatement can be material or immaterial. An error is an
unintentional misstatement of the financial statements, whereas fraud is intentional. Two
examples of errors are a mistake in extending prices times quantity on a sales invoice and
overlooking older raw materials in determining the lower of cost or market for inventory.
For fraud, there is a distinction between misappropriation of assets, often called
defalcation or employee fraud, and fraudulent financial reporting, often called
management fraud. An example of misappropriation of assets is a clerk taking cash at
the time a sale is made and not entering the sale in the cash register. An example of
fraudulent financial reporting is the intentional overstatement of sales near the balance
sheet date to increase reported earnings.
Professional Skepticism SAS 1 (AU 230) requires that an audit be designed to provide
reasonable assurance of detecting both material errors and fraud in the financial state-
ments. To accomplish this, the audit must be planned and performed with an attitude
of professional skepticism in all aspects of the engagement. Professional skepticism is an
attitude that includes a questioning mind and a critical assessment of audit evidence.
Auditors should not assume that management is dishonest, but the possibility of dis-
honesty must be considered. At the same time, auditors also should not assume that
management is unquestionably honest.
Auditors spend a great portion of their time planning and performing audits to detect Auditor’s Responsibilities for
unintentional mistakes made by management and employees. Auditors find a variety of Detecting Material Errors
errors resulting from such things as mistakes in calculations, omissions, misunder-
standing and misapplication of accounting standards, and incorrect summarizations
and descriptions. Throughout the rest of this book, we consider how the auditor plans
and performs audits for detecting both errors and fraud.

CHAPTER 6 / AUDIT RESPONSIBILITIES AND OBJECTIVES 143

07_CH06_138-170.QXD:AEB12.QXD 1/5/07
Auditor’s Responsibilities for
Detecting Material Fraud
Auditor’s Responsibilities for
Discovering Illegal Acts
144 PART TWO / THE AUDIT PROCESS
12:19 PM Page 144
Auditing standards make no distinction between the auditor’s responsibilities for
searching for errors and fraud. In either case, the auditor must obtain reasonable assur-
ance about whether the statements are free of material misstatements. The standards
also recognize that fraud is often more difficult to detect because management or the
employees perpetrating the fraud attempt to conceal the fraud. Still, the difficulty of
detection does not change the auditor’s responsibility to properly plan and perform the
audit to detect material misstatements, whether caused by error or fraud.
Fraud Resulting from Fraudulent Financial Reporting Versus Misappropriation of Assets
Both fraudulent financial reporting and misappropriation of assets are potentially
harmful to financial statement users, but there is an important difference between
them. Fraudulent financial reporting harms users by providing them incorrect finan-
cial statement information for their decision making. When assets are misappropri-
ated, stockholders, creditors, and others are harmed because assets are no longer avail-
able to their rightful owners.
Typically, fraudulent financial reporting is committed by management, sometimes
without the knowledge of employees. Management is in a position to make accounting
and reporting decisions without employees’ knowledge. An example is the decision to
omit an important footnote about pending litigation.
Usually, but not always, theft of assets is perpetrated by employees and not by manage-
ment, and the amounts are often immaterial. However, there are well-known examples of
extremely material misappropriation of assets by employees and management.
There is an important distinction between the theft of assets and misstatements
arising from the theft of assets. Consider the following three situations:
1. Assets were taken and the theft was covered by misstating assets. For example,
cash collected from a customer was stolen before it was recorded as a cash
receipt, and the account receivable for the customer’s account was not credited.
The misstatement has not been discovered.
2. Assets were taken and the theft was covered by understating revenues or over-
stating expenses. For example, cash from a cash sale was stolen, and the transac-
tion was not recorded. Or, an unauthorized disbursement to an employee was
recorded as a miscellaneous expense. The misstatement has not been discovered.
3. Assets were taken, but the misappropriation was discovered. The income state-
ment and related footnotes clearly describe the misappropriation.
In all three situations, there has been a misappropriation of assets, but the financial
statements are misstated only in situations 1 and 2. In situation 1, the balance sheet is
misstated, whereas in situation 2, revenues or expenses are misstated.
Illegal acts are defined in SAS 54 (AU 317) as violations of laws or government regu-
lations other than fraud. Two examples of illegal acts are a violation of federal tax laws
and a violation of the federal environmental protection laws.
Direct-Effect Illegal Acts Certain violations of laws and regulations have a direct finan-
cial effect on specific account balances in the financial statements. For example, a vio-
lation of federal tax laws directly affects income tax expense and income taxes payable.
The auditor’s responsibility under SAS 54 for these direct-effect illegal acts is the same
as for errors and fraud. On each audit, therefore, the auditor normally evaluates
whether or not there is evidence available to indicate material violations of federal or
state tax laws. To do this evaluation, the auditor might hold discussions with client per-
sonnel and examine reports issued by the Internal Revenue Service after completion of
an examination of the client’s tax return.
Indirect-Effect Illegal Acts Most illegal acts affect the financial statements only indi-
rectly. For example, if the company violates environmental protection laws, financial
07_CH06_138-170.QXD:AEB12.QXD 1/5/07 12:19 PM Page 145

statements are affected only if there is a fine or sanction. Potential material fines and
sanctions indirectly affect financial statements by creating the need to disclose a con-
tingent liability for the potential amount that might ultimately be paid. This is called
an indirect-effect illegal act. Other examples of illegal acts that are likely to have only an
indirect effect are violations of insider securities trading regulations, civil rights laws,
and federal employee safety requirements. Auditing standards state that the auditor
provides no assurance that indirect-effect illegal acts will be detected. Auditors lack
legal expertise, and the frequent indirect relationship between illegal acts and the
financial statements makes it impractical for auditors to assume responsibility for dis-
covering those illegal acts.
Auditors have three levels of responsibility for finding and reporting illegal acts:
Evidence Accumulation When There Is No Reason to Believe Indirect-Effect Illegal Acts
Exist Many audit procedures normally performed on audits to search for errors and
fraud may also uncover illegal acts. Examples include reading the minutes of the board
of directors and inquiring of the client’s attorneys about litigation. The auditor should
also inquire of management about policies they have established to prevent illegal acts
and whether management knows of any laws or regulations that the company has
violated. Other than these procedures, the auditor should not search for indirect-effect
illegal acts unless there is reason to believe they may exist.
Evidence Accumulation and Other Actions When There Is Reason to Believe Direct- or
Indirect-Effect Illegal Acts May Exist The auditor may find indications of possible illegal
acts in a variety of ways. For example, the minutes may indicate that an investigation by
a government agency is in process or the auditor may have identified unusually large
payments to consultants or government officials.
When the auditor believes that an illegal act may have occurred, several actions are
necessary to determine whether the suspected illegal act actually exists:
1. The auditor should first inquire of management at a level above those likely to
be involved in the potential illegal act.
2. The auditor should consult with the client’s legal counsel or other specialist
who is knowledgeable about the potential illegal act.
3. The auditor should consider accumulating additional evidence to determine
whether there actually is an illegal act.
Actions When the Auditor Knows of an Illegal Act The first course of action when an
illegal act has been identified is to consider the effects on the financial statements,
including the adequacy of disclosures. These effects may be complex and difficult
to resolve. For example, a violation of civil rights laws could involve significant fines,
but it could also result in the loss of customers or key employees, which could materi-
ally affect future revenues and expenses. If the auditor concludes that the disclosures
relative to an illegal act are inadequate, the auditor should modify the audit report
accordingly.
The auditor should also consider the effect of such illegal acts on the CPA firm’s
relationship with management. If management knew of the illegal act and failed to
inform the auditor, it is questionable whether management can be believed in other
discussions.
The auditor should communicate with the audit committee or others of equivalent
authority to make sure that they know of the illegal act. The communication can be oral
or written. If it is oral, the nature of the communication and discussion should be docu-
mented in the audit files. If the client either refuses to accept the auditor’s modified
report or fails to take appropriate remedial action concerning the illegal act, the auditor
may find it necessary to withdraw from the engagement. If the client is publicly held, the
auditor must also report the matter directly to the SEC. Such decisions are complex and
normally involve consultation by the auditor with the auditor’s legal counsel.

CHAPTER 6 / AUDIT RESPONSIBILITIES AND OBJECTIVES 145