*Introduction What is AuditingIn a corporate world where there are many shareholders, all shareholders can not participate in managing the Company.

Therefore, such shareholders select a Board of Directors amongst themselves to manage the Company.

These Board of Directors may not be able to manage the company on day to day basis because lack of time, knowledge and expertise.

Therefore, Board appoints Management to run the Company. Management includes CEO, CFO, COO and head of departments.

Management as part of their work ensures good internal control in the organisation and also prepares financial statements to reflect its financial performance.

An auditor audits these financial statements.

What is an audit*

*Introduction What is AuditingAudit means Inspection/Examination/Evaluation/Checking/Verification etc. and can be used in wide ranges of situation and scenarios. However, in the financial context,

An audit is performing procedures to obtain evidence about the amounts and disclosures in the financial statements. The audit procedures selected depend on auditors judgement, including the assessment of the risks of material misstatement of the financial statements, whether due to fraud or error.

In making those risk assessments, an auditor considers internal control relevant to the entitys preparation and fair presentation of the financial statements in order to design audit procedures that are appropriate in the circumstances.

An audit also includes evaluating the appropriateness of accounting principles used and the reasonableness of accounting estimates made by management, as well as evaluating the overall presentation of the financial statements.Audit is conducted under a framework e.g. International Standards on Auditing.

*Introduction - History of AuditingAuditing existed primarily as a method to maintain governmental accountancy, and record-keeping was its mainstay. It wasn't until the advent of the Industrial Revolution, from 1750 to 1850, that auditing began its evolution into a field of fraud detection and financial accountability.

Businesses expanded during this period, resulting in increased job positions between owners to customers. Management was hired to operate businesses in the owners' absences, and owners found an increasing need to monitor their financial activities, both for accuracy and for fraud prevention. In the early 20th century, the reporting practice of auditors, which involved submitting reports of their duties and findings, was standardized as the "Independent Auditor's Report.

Audit enhances credibility and therefore it become very popular and most often mandatory for certain types of Institutions like Company, Banks, etc..

*Introduction Auditing and Accounting I thought both are same!!! Surprised to hear they are different!!!

Accounting is recording, classifying and summarizing economic events in a logical manner for the purpose of providing financial information for decision making. Such financial information must be prepared by following a defined set of standards so that these comparable (i.e. IFRS, US GAAP)

The most common end product of accounting function is the financial statements.

The most important end product of auditing is Independent Auditors Report.

As both accounting and auditing functions are predominantly run by people having same professional qualification (i.e. Chartered Accountant - CA, Certified Public Accountant CPA) at times both roles seems familiar.

*What is Professional EthicsA professional carries additional moral responsibilities to those held by the population in general and in society. This is because professionals are capable of making and acting on informed decisions in situations that the general public cannot, because they have not received the relevant training/education.

For example, a lay member of the public could not be held responsible for failing to act to save a road accident victim because they could not give an emergency respiration support. This is because they do not have the relevant knowledge. In contrast, a fully trained doctor would be capable of carrying out the procedure and we would think it wrong if they stood by and failed to help in this situation. Legally that doctor may not liable if he/she ignores this accident and do nothing, but as professional ethics point of view he may be found guilty.

Therefore, all professions try to regulate their members through voluntarily adopting ethics which usually goes beyond the minimum legal requirements and binding on their members. All over the world various professional bodies of Accountants, Engineers, Lawyers, Medical Practitioners have formulated their own professional ethics with an objective to increase public acceptability of their own profession.

*Why Auditors Need Professional Ethics

Professional Accountants/Auditors act in a Position of Trust. This Trust is built by the knowledge that Professional Accountants/Auditors are bound by Ethical Behavior.

Public Interest is what differentiates the Auditing Profession from many other professions, such as lawyers, doctors and engineers. Auditors work creates major impacts in the national economy through capital markets as well as through tax collection for public expenditure.

A distinguishing mark of the auditing profession is its acceptance of the responsibility to act in the public interest. Therefore, a professional auditors responsibility is not exclusively to satisfy the needs of an individual client or employer

Ranging from providing assurance on listed company accounts to just preparing an individuals tax return, Auditor are relied upon and trusted by millions of public out in the street. Unlike many other professionals, there is a Third Party involvement in most of the Auditors work and therefore very strong Ethical Standards are needed to regulate Auditing Profession.

*Auditors IndependenceIn the case of audit engagements, it is in the public interest and, therefore, required by this Code, that members of audit teams, firms and network firms shall be independent of audit clients.

The objective of this section is to assist firms and members of audit teams in applying the conceptual framework approach described below to achieving and maintaining independence. Independence comprises:

(a) Independence of MindThe state of mind that permits the expression of a conclusion without being affected by influences that compromise professional judgment, thereby allowing an individual to act with integrity and exercise objectivity and professional skepticism.

(b) Independence in AppearanceThe avoidance of facts and circumstances that are so significant that a reasonable and informed third party would be likely to conclude, weighing all the specific facts and circumstances, that a firms, or a member of the audit teams, integrity, objectivity or professional skepticism has been compromised.

*IFAC Code of Ethics

Against this backdrop, International Federation of Accountants (IFAC), the worldwide organization for the audit and accountancy profession comprising of 159 members and associates in 124 countries, has established the International Ethics Standards Board for Accountants (IESBA) to develop and issue, under its own authority, high quality ethical standards and other pronouncements for professional accountants for use around the world.

In July 2009, the IESBA issued a revised IESBA Code clarifying the requirements for all professional accountants and significantly strengthening the independence requirements of all auditors. The revised IESBA Code become effective from 1 January 2011.

The Code of Ethics for Professional Accountants (IESBA Code) establishes ethical requirements for professional accountants. A member body of IFAC or firm shall not apply less stringent standards than those stated in this Code. Some jurisdictions may have requirements and guidance that differ from those contained in this Code. Professional accountants in those jurisdictions need to be aware of those differences and comply with the more stringent requirements and guidance unless prohibited by law or regulation.

*IFAC Code of Ethics- Fundamental PrinciplesA professional accountant shall comply with the following fundamental principles:Integrity to be straightforward and honest in all professional and business relationships.) Objectivity to not allow bias, conflict of interest or undue influence of others to override professional or business judgments.Professional Competence and Due Care to maintain professional knowledge and skill at the level required to ensure that a client or employer receives competent professional services based on current developments in practice, legislation and techniques and act diligently and in accordance with applicable technical and professional standards.Confidentiality to respect the confidentiality of information acquired as a result of professional and business relationships and, therefore, not disclose any such information to third parties without proper and specific authority, unless there is a legal or professional right or duty to disclose, nor use the information for the personal advantage of the professional accountant or third parties.Professional Behavior to comply with relevant laws and regulations and avoid any action that discredits the profession.

*IFAC Code of Ethics Threats/ConflictsWhen a professional auditor identifies threats to compliance with the fundamental principles and, based on an evaluation of those threats, determines that they are not at an acceptable level, the professional auditor shall determine whether appropriate safeguards are available and can be applied to eliminate the threats or reduce them to an acceptable level.

In making that determination, the professional auditor shall exercise professional judgment and take into account whether a reasonable and informed third party, weighing all the specific facts and circumstances available to the professional accountant at the time, would be likely to conclude that the threats would be eliminated or reduced to an acceptable level by the application of the safeguards, such that compliance with the fundamental principles is not compromised.

A professional auditor shall evaluate any threats to compliance with the fundamental principles when the professional accountant knows, or could reasonably be expected to know, of circumstances or relationships that may compromise compliance with the fundamental principles.

*IFAC Code of Ethics Types of Threats/Conflicts Threats fall into one or more of the following categories:

Self-interest threat the threat that a financial or other interest will inappropriately influence the professional auditors judgment or behavior;

Self-review threat the threat that he/she will not appropriately evaluate the results of a previous judgment made or service performed by him/her, or by another individual within the firm or employing organization, on which the auditor will rely when forming a judgment as part of a current service;

Advocacy threat the threat that he/she will promote a clients or employers position to the point that his/her objectivity is compromised

Familiarity threat the threat that due to a long or close relationship with a client or employer, he/she will be too sympathetic or too accepting of their work

Intimidation threat the threat that he/she will be deterred from acting objectively because of actual or perceived pressures, including attempts to exercise undue influence over the professional auditor.

*Common examples of threats

Gifts and hospitality creates self interest threat.If such gifts are small and common (like a box of chocolate) auditor can accept it. But if this is high value, like a Watch auditor shall refuse to accept.

Installation of new system by an auditor for a client will create self review threat.If auditor is involved in major system up gradation they can not audit the same client

If an auditor has Two clients and one client is competitor of another client, it will create confidentiality threat, so separate team shall be involved. This is call Chinese wall. Use of information from one clients work for another engagement is not possible without consent from the client

Safeguarding Confidentiality An auditor shall maintain client confidentiality. There is a greater risk of accidental disclosure of confidential information.

Therefore, a number of Security protocol and procedures needed to safeguard confidentiality of client information at auditors office and also in audit team.

If any member of audit team has any concern about how to maintain confidentiality they should concern Speak out. Also if they are not sure they should consult.

An audit team member shall not to discuss any work related information with family, friends and even within the same office with other teams.

Also audit team members shall not discuss client matters with colleagues at public place.

Disclosure of confidential informationNormally, only in following cases confidential matters for a client can be disclosed by the auditor:

- when consent of the client has been received; or

- there is a public duty to disclose; or

- there is a legal or professional duty to disclose.

Conflict of interestSharing of information between various teams can pose conflict

To manage this conflict there shall be separation within the same audit Firm. One team working on a Client can not see information of other Client/ other team of the same audit firm. This is called Chinese wall

Physical separation of teams may require within same office

Logical access control may require to prevent access to IT systems

*Obtaining an engagement - SourceInformal sourceAn auditor can approach their friends, former or present colleagues, former classmates and other acquaintances for obtaining audit or those people themselves contact auditors.

Formal sourcesInvitation for tender, notice published in paper, website to seek auditors. When auditors are invited to tender for particular audit or other services they quote for audit fee and often face competition.

Direct selectionBased on reputation, image, expertise sometimes client directly or any regulatory body or government directly appoint auditors.

*Appointment consideration Before accepting an engagement the auditor shall ensure that there is no independence or other ethical issues that will cause significant problems for the auditor to discharge his/her obligation.

Recap:If threats like self interest, self review, advocacy, familiarity and intimidation is/are present auditor shall consider whether safeguards are available.

The auditor shall ensure that they have been appointed in a proper and legal manner.

Auditors shall ensure that, they are

Professionally qualified to act

Existing resources are adequate

Obtain references about the client

Upon clearing the above steps an auditor shall consider whether this is first audit or it has been audited previously.

*Appointment consideration previously different auditor If this client has been audited previously, before accepting the engagement the new auditors shall ensure that the removal of previous auditor is lawful or resignation is conducted properly as per the legal framework

The new auditor shall check that their new appointment is valid.

Finally, in case the client has been audited previously by another auditor the new auditor shall communicate with the previous auditor to inquire whether there are any professional reason for which the new auditor shall not accept the audit engagement.

If the previous auditor does not reply within a reasonable time, the new auditor shall send a reminder and even after that no reply received the new auditor can accept the engagement.

However, if the previous auditor provided negative comments about the client, the new auditor shall consider these matters and if needed discuss with the client, before deciding whether they shall accept the engagement or decline it. Negative comments by previous auditor will increase the risk but it is not mandatory that new auditor shall refuse the engagement upon receiving any negative comment.

*Agreeing Terms/Engagement LetterAn auditor normally agrees the terms of audit through an engagement letter, where following information are included:

-The Objective of the Audit

- Management/Board/Clients responsibility

- Scope of audit including reference to the laws, regulations, standards, guidance

- The form of any reports, communications

- Fees and billing arrangements

Audit Evidence

During the course of an audit, all information are not checked/verified by an Auditor.

An auditor only check those information/documents which are relevant for an audit.

Audit evidence collected by an auditor shall be Sufficient and Appropriate

Sufficient means Quantity of evidence

Appropriate means Quality of evidence

Appropriate Audit EvidenceQuality of evidence can be influenced by following factors

External sources are more reliable than client source (like confirmation from Bank)

Evidence directly obtained by auditors are more reliable (like physical inspection of an asset)

Written evidence is more reliable (paper or electronic not verbal)

Original document is more reliable than photocopy or scan or fax

If control operates properly than evidence would be more reliable (like attendance sheet would be more reliable if entry control is ensured)

Following Procedures are followed to gather Audit EvidenceInspection of tangible assets

Inspection of documents

Observation watching a procedure

Inquiry (asking about something)

Confirmation from third party

Analytical procedures

Re performance of the same work by the auditor

Recalculation by auditor to check accuracy

MaterialityAuditor do not check 100% documents or information or item. In order to efficiently and effectively utilizing resources auditor mainly check/verify those items which are considered to be Material. Materiality has Two aspects.

Quantitative aspect: Amounts that are large or big shall be checked.

Qualitative: An amount may not be large or big but its nature is very important. Like a Fine or Penalty may be smaller but this may indicate the behavior of that Company/its Management.

For example, if a company has Tk 1,000,000 of salaries and Tk 10,000 travelling expenses, then salaries is material item not travelling. This is called quantitative materiality.

On the other hand if a company has Tk 10,000 legal expanses it can be material because legal costs are paid to lawyers and there may be some cases involved. So auditor may want to do detail checking of such legal fees. This is qualitative aspect.

Consideration of fraud and error in auditWhen any error or mistake is intentionally done this becomes a Fraud. It is at times difficult to prove whether this error or mistake is intentional or unintentional. However, when it is identified that because of this error that person is benefitted it can be assumed that this is an intentional error conducted by that person.

Fraud is two types:Misappropriation of assets (cash or laptop is stolen)2. Financial misreporting (profit is shown less to avoid tax or revenue is shown high to get bonus)

It is managements responsibility that the Company shall ensure proper control to ensure prevention and detection of all major fraud and error. An Auditor is not responsible to prevent or detect all major fraud. check whether the Company has followed all laws and regulations.

However, an Auditor shall normally check what types of controls management has implemented to ensure prevention and detection of fraud. *

Consideration of laws and regulationIt is managements responsibility that the Company shall ensure compliance with all laws and regulations.

An Auditor is not responsible to check whether the Company has followed all laws and regulations. However, an Auditor shall normally look into the various steps that Management has taken to comply applicable regulations.

For example, a Bank is required to maintain minimum capital. It is managements responsibility to maintain this minimum capital. However, auditor shall check whether management has taken proper steps to maintain these capital. *

* Source: TextAudit process

Audit planningAs part of the audit process, the auditor performs the following planning activities

Planning of logistics: Timing of start and finishing the audit, staff selection, location of audit etc.

Materiality calculation: Both quantitative and qualitative aspects

Business understanding: nature of the entity (i.e. private company or listed entity), products, customers, suppliers, quality of board/management

Planning analytical procedures

Understanding general Information Technology (IT) environment of the client

Control evaluationAs part of the audit process, the auditor also assess the internal control of the client which they are auditing.

To evaluate the internal control an auditor performs test called walk through test where a transaction is traced through initiation to finish. For examples an auditor wants to check the purchase. So in walk through test he will cover the following:- Ordering of goods- Receiving of material/goods (checking quality, quality)Checking of supplier invoices for this goods/material Processing of payment (two signatories in payment cheque)

Depending on the frequency and nature of control, auditor will do further testing of control through selecting samples.

If control is automated and IT system is operating effectively it will require lower sample as the process is same for all transaction. In manual control higher sample is required. Like for ATM it is automated control and for branch banking manual control.

Two column bullet-pointed slide.