The American Accounting Association defines auditing as a systematic process of objectively obtaining and evaluating the accounts or financial records of a governmental, business, or other entity based on established criteria. While auditing focuses largely on financial information, the process also may involve examination of nonfinancial documents that reveal information about a business's conduct. Handled by a trained accountant, an audit and the auditor's report provide additional assurance to users of financial statements that the information presented in financial statements is accurate, and can help companies assess their performance and their compliance with applicable regulations.
There are three types of auditors: internal, governmental, and external (i.e., independent auditors or certified public accountants). Internal auditors are employees of the organization whose activities are being examined and evaluated during an independent audit. The primary purposes of internal auditing are to review and assess a company's policies, procedures, and records and to review and assess a company's performance given its plans, policies, and procedures. Therefore, internal auditors review financial records and accounting systems, assess compliance with company policies, evaluate the efficiency of company operations, and assess the attainment of company goals.
Governmental auditors include accountants employed by the U.S. General Accounting Office (GAO). The GAO serves as the accounting and auditing branch of Congress. These governmental accountants perform accounting and auditing tasks for the entire federal government. In addition, most states have their own accounting and auditing agencies, which resemble the GAO. Because the GAO and its state counterparts are separate agencies from the departments and agencies they audit, they are similar to external auditors. Consequently, federal and state departments and agencies often have their own internal auditors, who provide internal auditing services similar to those described above. Moreover, GAO auditing largely has the same focus as internal auditing: examining financial records, assessing compliance with laws and regulations, reviewing efficiency of operations, and evaluating the achievement of objectives.
In contrast, the independent auditor is not an employee of the organization being audited or an employee of the government. He or she performs an examination with the objective of issuing a report containing an opinion on a client's financial statements. The attest function of external auditing refers to the auditor's expression of an opinion on a company's financial statements. Generally, the criteria for judging an auditor's financial statements are generally accepted accounting principles. The typical independent audit leads to an attestation regarding the fairness and dependability of the statements. This is communicated to the officials of the audited entity in the form of a written report accompanying the statements.
Investors and lenders are the primary users of financial statements and they rely on financial statements to make decisions such as whether to buy stocks or bonds, lend money, and extend credit. By conducting audits, external auditors make financial statements consistent and meaningful. To assess a company's position accurately, investors and lenders need credible financial information on a company's sales, profits, debt, value, and so forth. Companies usually have their own accountants and managers prepare their financial information, which could bring about a conflict of interest. Hence, users of financial statements demand the services of independent auditors to verify the accuracy of company information and lend credibility to the financial information, which is called attestation. Since individual users cannot verify information contained in financial statements, auditing by external accountants reduces the number of mistakes in financial statements and prevents companies from issuing fraudulent statements. In addition, the Auditing Standards Board in 1997 issued its statement "Consideration of Fraud in a Financial Statement Audit," which requires greater effort on the part of external auditors to ensure that financial statements are free from fraud and misstatements.
Major types of audits conducted by external auditors include the financial statements audit, the operational audit, and the compliance audit. A financial statement audit (or attest audit) examines financial statements, records, and related operations to ascertain adherence to generally accepted accounting principles, meaning that the audit determines whether companies have followed the financial reporting standards given by various sanctioning boards such as the Financial Accounting Standards Board. An operational audit examines an organization's activities in order to assess performances and develop recommendations for improved use of business resources. A compliance audit has as its objective the determination of whether an organization is following established procedures or rules. Auditors also perform statutory audits, which are performed to comply with the requirements of a governing body, such as a federal, state, or city government or agency.
Internal auditors also perform financial statement audits, operational audits (which are also referred to as performance auditing and management auditing), and compliance audits, although their audits have a different scope and their reports a different purpose. Because of the potential for conflicts of interest, internal auditors perform financial statement audits for internal use only. Nevertheless, much of the work internal auditors do is similar to the work external auditors do, except that it is not intended for external use. In addition, an operational audit involves reviewing an organization's activities to evaluate performance, attainment of business goals, and efficient use of resources. Internal auditors also perform compliance audits to ensure conformity with company policies as well as with applicable government laws and regulations. Even though internal auditors are employees of the companies they audit, they nevertheless strive for independence insofar as possible.
The auditing process is based on standards, concepts, procedures, and reporting practices, primarily imposed by the American Institute of Certified Public Accountants (AICPA). While these standards and procedures constitute the foundation of auditing for all three types of auditors, other organizations such as the Institute of Internal Auditors and the General Accounting Office impose their own standards and procedures, which apply to internal auditing and governmental auditing, respectively. The auditing process relies on evidence, analysis, conventions, and informed professional judgment. General standards are brief statements relating to such matters as training, independence, and professional care. AICPA general standards are:
Standards of fieldwork provide basic planning standards to be followed during audits. AICPA standards of field work are:
Standards of reporting outline the required auditing standards relating to the audit report and its contents. AICPA standards of reporting are:
Auditors generally conduct audits following four general steps: planning, gathering evidence, evaluating evidence, and issuing a report.
In planning the audit, the auditor develops an audit program that identifies and schedules audit procedures that are to be performed to obtain the evidence. The auditor must be aware of potential problems involved in the auditing process, such as whether company property and debt actually exist or whether company transactions actually took place. In addition, the auditor usually formulates a hypothesis about company financial information at this step, such as "Company financial reports are accurate" or "Company financial reports are inaccurate." Audit evidence is proof obtained to support these hypotheses and ultimately the audit's conclusions.
After the planning is completed, the auditor must collect the evidence necessary to support the audit's conclusions. Evidence-gathering procedures include observation, confirmation, calculations, analysis, inquiry, inspection, and comparison. An audit trail is a chronological record of economic events or transactions that have been experienced by an organization. The audit trail enables an auditor to evaluate the strengths and weaknesses of internal controls, system designs, and company policies and procedures. The auditor must evaluate the initial hypothesis based on the evidence and accept or reject the hypothesis as a result. Finally, the auditor prepares a report based on the findings of the other steps, which involves making a decision about company records and claims and whether the actual evidence supports company records and claims.
The independent audit report sets forth the independent auditor's opinion regarding the financial statements. The auditor's opinion indicates whether the financial statements are fairly presented in conformity with generally accepted accounting principles, and applied on a basis consistent with that of the preceding year (or in conformity with some other comprehensive basis of accounting that is appropriate for the entity). A fair presentation of financial statements is generally understood by accountants to refer to whether:
The auditor's unqualified report contains three paragraphs. The introductory paragraph identifies the financial statements audited, states that management is responsible for those statements, and asserts that the auditor is responsible for expressing an opinion on them. The scope paragraph describes what the auditor has done and specifically states that the auditor has examined the financial statements in accordance with generally accepted auditing standards and has performed appropriate tests. The opinion paragraph expresses the auditor's opinion on whether the statements are in accordance with generally accepted accounting principles.
Various audit opinions are defined by the AICPA's Auditing Standards Board as follows:
The fair presentation of financial statements does not mean that the statements are fraud-proof. The independent auditor has the responsibility to search for errors or irregularities within the recognized limitations of the auditing process. An auditor is subject to risks that material errors or irregularities, if they exist, will not be detected.
Investors should examine the auditor's report for citations of problems such as debt-agreement violations or unresolved lawsuits." Going concern" ' references can suggest that the company may not be able to survive as a functioning operation. If an "except for" statement appears in the report the investor should understand that there are certain problems or departures from generally accepted accounting principles in the statements that question whether the statements present fairly the company's financial statements and that will require the company to resolve the problem or somehow make the accounting treatment acceptable.
In contrast to the standardized report of external auditors, internal and governmental auditors prepare a variety of reports that serve a variety of purposes, depending on the auditing assignment and goals. Both internal and governmental reports strive to communicate information clearly and concisely. Government reports tend to emphasize the efficient use of resources by the government departments being audited, whereas internal reports tend to vary greatly because of the plethora of interests and purposes companies may have for auditing.
The legal responsibilities of the auditor are determined primarily by the following:
[ Charles Woelfel ,
updated by Karl Heil ]
American Institute of Certified Public Accountants. AICPA Professional Standards. Chicago: Commerce Clearing House.
Delaney, P. R. CPA Examination Review: Auditing. New York: John Wiley & Sons, 1994.
Farrell, Barbara, and Joseph Franco. "The Changing Role of the Auditor: An Analysis of Viewpoints from the Auditors' Perspective." Mid-Atlantic Journal of Business, June 1998, 101.
Robertson, Jack C., and Frederick G. David. Auditing. Plano, TX: Business Publications, 1985.
Taylor, D. H., and G. W. Glazen. Auditing: Integrated Concepts and Procedures. 7th ed. New York: John Wiley & Sons, 1996.