Chapter 2 Organization and Structure of the Auditing Profession

蒙特马利审计2-2

Browse Location: United States\PwC Material\Montgomery's Auditing, Twelfth Edition\Part 1: The Audit Environment

Publish Date: 25 June, 2001

2

Organization and Structure of the Auditing Profession

2.1 TYPES OF ASSURANCE SERVICES

(a) Financial Audits,

(b) Compliance Audits,

(c) Performance Audits,

(d) Reviews of Financial Information,

(e) Attest Engagements,

(f) Other Assurance Services,

2.2 TYPES OF AUDITORS

2.3 ORGANIZATION OF AN ACCOUNTING FIRM

(a) Assurance Services,

(i) Audits,

(ii) Reviews,

(iii) Agreed-Upon Procedures

Engagements,

(iv) Attest Engagements,

(v) Other Assurance Services,

(b) Nonassurance Services,

(i) Compilations,

(ii) Tax Services,

(iii) Consulting Services,

(c) Firm Structure,

(d) Audit Engagement Team,

(i) Partner,

(ii) Manager,

(iii) Other Personnel,

2.4 ORGANIZATION OF THE AUDITING PROFESSION

(a) American Institute of CPAs,

(b) State Societies of CPAs,

(c) Institute of Internal Auditors,

(d) Other Organizations,

2.5 PROFESSIONAL CERTIFICATION AND LICENSING

(a) Certified Public Accountant (CPA),

(b) Certified Fraud Examiner (CFE),

蒙特马利审计2-2

(c) Certified Internal Auditor (CIA),

(d) Certified Information Systems Auditor (CISA),

2.6 ASSURANCE STANDARDS AND STANDARD-SETTING BODIES

(a) Generally Accepted Auditing Standards,

(b) International Auditing Standards,

(c) Role of the SEC and the Courts,

(d) Standards for Internal Auditing,

(e) Standards for Government Auditing,

(f) Attestation Standards,

(g) Statements on Standards for Accounting and

Review Services,

2.1 TYPES OF ASSURANCE SERVICES

Although the focus of this book is on audits of historical financial statements, the auditing profession provides other types of assurance services, some of which are described in this section. Some of these services continue to be referred to as "audits," while others-particularly some of the newer ones-are called "attest engagements." Still other services in which CPAs provide assurance to their clients and others are referred to in this book as "other assurance services."

(a) Financial Audits

In a financial audit, an auditor seeks evidence about assertions related mainly to financial

information, usually contained in a set of financial statements or some component thereof. The established criteria against which that financial information is measured are generally

accepted accounting principles or some other specified basis of accounting (such as might be stipulated in a rental agreement). Generally, the information will be used by parties other than the management of the entity that prepared it. Sometimes, however, the information is

intended to be used primarily by management for internal decision-making purposes. In that event, it may include nonfinancial as well as financial data. While most often financial audits are associated with independent auditors whose work results in an opinion on financial

statements, both internal auditors and government auditors also perform financial audits, often in conjunction with compliance or performance audits.

(b) Compliance Audits

Compliance audits are intended to determine whether an entity has complied with specified policies, procedures, laws, regulations, or contracts that affect operations or reports. Examples of compliance audits include auditing a tax return by an Internal Revenue Service agent, auditing components of financial statements to determine compliance with a bond indenture, auditing a researcher's expenditures under a government grant to determine compliance with the terms of the grant, and auditing an entity's hiring policies to determine whether it has complied with the Equal Employment Opportunity Act. As with all audits, a compliance audit

蒙特马利审计2-2

requires established criteria (such as those contained in a law or regulation) to measure the relevant assertions against. Compliance audits are performed by independent auditors and by internal and government auditors (often as part of a performance audit).

If a policy, contract, law, or regulation has a direct and material effect on the entity's financial statements, determining the extent of compliance with it usually will be an integral part of a financial statement audit. For example, an auditor reviews an entity's conformity with the restrictive covenants in a long-term debt agreement to ascertain that a violation of the

covenant has not made the entire bond issue due and payable at the lender's option, which might require that the debt be reclassified as a current liability. Independent auditors do not, however, plan their audits of financial statements to provide assurance about an entity's compliance with policies, contracts, laws, and regulations that do not have a direct and

material effect on the financial statements. Chapter 4 describes the auditor's responsibilities when a possible illegal act is detected. Compliance audits are discussed further in Chapter 32. (c) Performance Audits1

Performance audits, also referred to as operational audits, include economy and efficiency audits and program audits. Government Auditing Standards, issued by the U.S. General Accounting Office and revised most recently in 1994, defines those audits as follows:

Economy and efficiency audits include determining (1) whether the entity is acquiring, protecting, and using its resources (such as personnel, property, and space)

economically and efficiently, (2) the causes of inefficiencies or uneconomical practices, and (3) whether the entity has complied with laws and regulations concerning matters of economy and efficiency.

Program audits include determining (1) the extent to which the desired results or

benefits established by the legislature or other authorizing body are being achieved, (2) the effectiveness of organizations, programs, activities, or functions, and (3) whether the entity has complied with significant laws and regulations applicable to the program. Using resources economically means achieving a specified output or performance level at the lowest possible cost. An entity that met or exceeded the specified level at the lowest cost would be using its resources economically. Using resources efficiently means attaining the highest possible output or performance level at a specified cost. If output or performance can be increased without incurring additional costs, the implication is that a more efficient use of resources is possible. The achievement of desired results or benefits refers to the extent to which a program meets objectives and goals that are proper, suitable, or relevant. Results that are consistent with established objectives and goals indicate that the program is being carried out effectively.

Objectives and goals may be established by federal or state legislatures or granting agencies, or they may be set by an entity's management. As noted in Chapter 1, the subject matter of auditing usually is quantifiable information about economic actions and events. Some

蒙特马利审计2-2

quantifiable objectives and goals may not relate to economic actions and events, however, which raises the question of whether their evaluation falls within the definition of auditing. For example, in an audit of program results in a state's prison system, program objectives and goals almost surely will not be stated in terms of economic actions or events; instead, they may be stated in terms of the number of prisoners rehabilitated and released, the number of repeat offenders, or the percentage of prison capacity utilized. While such program audits may at times stretch the definition of auditing, they are widely performed, particularly by

government auditors, and are almost always referred to as audits.

(d) Reviews of Financial Information

A review engagement consists of applying certain limited procedures to financial statements as a basis for expressing limited assurance that there are no material modifications that should be made to them. That limited assurance is less than the assurance provided by an audit. (e) Attest Engagements

An attest engagement is defined in Statement on Standards for Attestation Engagements, Attestation Standards (), as "one in which a practitioner is engaged to issue or does issue a written communication that expresses a conclusion about the reliability of a written assertion that is the responsibility of another party." The scope of services covered by this definition is similar, if not identical, to that in the American Accounting Association's

definition of auditing, which was discussed in Chapter 1. Examples of attest services include testing and reporting on representations about the characteristics of computer software, investment performance statistics, internal control, prospective financial information, and historical occupancy data for hospitals.

The profession has not yet reached a consensus about which services should be called audits and which attest engagements. For the foreseeable future, however, it is clear that attest services related to historical financial statements will continue to be called audits. Also, the term "attest engagement" will be limited to an engagement in which the practitioner issues a written opinion about a written assertion.

(f) Other Assurance Services

Many of the services CPAs in public practice currently perform do not fall into any of the categories previously described. These services-as well as new services that are not being provided currently-are best described as "other assurance services." They may include providing assurance on performance measures, such as the effectiveness of health care providers, or on an entity's compliance with its human resource policies or operating policies. The AICPA Special Committee on Assurance Services considered the potential scope of assurance services, which the Committee defined broadly as "independent professional services that improve the quality of information, or its context, for decision makers," and identified and developed detailed business plans for six new assurance services. Those services are risk assessment, business performance measurement, information systems

蒙特马利审计2-2

reliability, electronic commerce, health care performance measurement, and assessing the quality of providers of elder care. In addition, the Committee considered, but did not develop business plans for, seven other assurance services.

2.2 TYPES OF AUDITORS

Auditors can be classified into three categories: independent, internal, and government. Independent auditors, also referred to as external auditors, and frequently as CPAs, CPAs in public practice, public accountants, or "outside" auditors, are never owners or employees of the entity that retains them to perform an audit, although they receive a fee for their services. Independent auditors perform financial statement audits to meet the needs of investors and creditors and the requirements of regulatory bodies like the Securities and Exchange Commission (SEC). The audits typically result in an opinion on whether the financial

statements are fairly stated, in all material respects, in conformity with generally accepted accounting principles. Occasionally, CPAs perform compliance and performance audits. Increasingly, they perform attest engagements and provide other assurance services.

Internal auditors are employed by the entity they audit. The Institute of Internal Auditors has defined internal auditing as "an independent appraisal function established within an organization to examine and evaluate its activities as a service to the organization. The

objective of internal auditing is to assist members of the organization in the effective discharge of their responsibilities. . . . The internal auditing department is an integral part of the

organization and functions under the policies established by management and the board [of directors]." The primary function of internal auditors is to examine their entity's internal control and evaluate how adequate and effective it is. In performing that function, internal auditors often conduct performance (or operational) audits that are broadly designed to accomplish financial and compliance audit objectives as well.

The independence of internal auditors is different from that of independent (i.e., external) auditors. Internal auditors' independence comes from their organizational status-essentially, their function and to whom they report-and their objectivity. For external auditors,

independence derives instead from the absence of any obligation to or financial interest in the entity they were retained to audit, its management, or its owners.

Government auditors are employed by agencies of federal, state, and local governments. When the audit is of the government agency or department that employs the auditors, they function as internal auditors; when they audit recipients of government funds (including other government agencies), they act as external auditors. For example, auditors employed by the U.S. Department of Agriculture may audit the internal operations of that department; they also may audit the economy, efficiency, and program results of research funded by the Department of Agriculture but performed by others, such as colleges and universities. Most audits performed by government auditors are performance audits of economy, efficiency, and

programs, which include determining whether the entity being audited has complied with laws and regulations concerning economy and efficiency as well as those applicable to the program. 2

蒙特马利审计2-2

Some audits, such as those by the Internal Revenue Service, are performed almost exclusively for compliance purposes.

There are many different groups of government auditors; virtually every level of government and every government agency has its own auditors. One group in particular warrants further discussion-the General Accounting Office (GAO). A nonpolitical agency headed by the

Comptroller General of the United States, it was created by and reports directly to Congress. The GAO has the authority to audit virtually every federal agency and expenditure. The GAO formulated the notion of and standards for economy, efficiency, and program audits, which are the major part of its activities.

2.3 ORGANIZATION OF AN ACCOUNTING FIRM

Accounting firms range in size from an individual CPA in business as a sole practitioner to large firms with an international practice, hundreds of offices worldwide, and thousands of partners and employees. In between these two extremes are numerous small and

medium-sized firms of professional accountants. In general, the larger firms offer a broader range of services than do the smaller ones. The majority of medium-sized and large

accounting firms are multicapability firms, meaning that they serve clients in several major practice areas, including assurance, taxation, consulting, and human resources advisory services. Although the structure of individual firms varies, it is possible to make some generalizations about the services typically offered by the majority of accounting firms. (a) Assurance Services

The most basic practice area of a CPA firm, assurance services consist primarily of performing independent audits of entities' financial statements. CPAs also perform reviews, engagements based on agreed-upon procedures, attest engagements, and other assurance services.

(i) Audits. An audit requires personnel with a blend of skills and technical expertise. For example, if the engagement is extremely complex technically, the audit team may require members who have industry expertise, a high level of knowledge of computer systems, tax expertise, and the ability to understand difficult actuarial computations. A team with such expertise frequently will find and recommend ways to improve the entity's financial and operating policies, a client service that is derived from the audit process.

In addition to audits, accounting firms generally offer a number of audit-related services, either in conjunction with an audit or as separate engagements. One of these services is a

communication to management containing recommendations for improvements in internal control relating to financial reporting and other matters, such as comments on operating efficiencies and profitability. Additional audit-related services include acquisition audits of

entities that clients are contemplating acquiring, and issuing letters reporting whether an entity is in compliance with the covenants of debt instruments.

(ii) Reviews. CPAs also perform review services. Review services for nonpublic entities are

蒙特马利审计2-2

defined by the American Institute of Certified Public Accountants (AICPA) in the first of a series of Statements on Standards for Accounting and Review Services (SSARSs). Those statements resulted from the AICPA's recognition of the need for professional services that are less than an audit, but that provide some assurance about the reliability of a nonpublic entity's financial statements. Reviews are discussed further in Chapter 30.

(iii) Agreed-Upon Procedures Engagements. Accountants sometimes are engaged to perform agreed-upon procedures to specified elements, accounts, or items of a financial statement. In these engagements, the parties agree on the procedures to be performed, and use of the resulting report is limited to those parties. These agreed-upon procedures

engagements are discussed further in Chapter 30. Other types of agreed-upon procedures engagements fall under the attestation standards and are discussed in Chapter 31. (iv) Attest Engagements. In an attest engagement, the accountant provides written

assurance about an assertion or assertions made by another party. The definition of an attest engagement is broad and covers a variety of assertions. For example, an accountant may be engaged to examine or review, and report on insurance claims data or enrollment and attendance data for a college. While attest engagements typically are undertaken by audit personnel, at times they are performed by personnel specializing in some of the

"nonassurance services" offered by accounting firms, as described below. (Attest

engagements are described further in Chapter 31.)

(v) Other Assurance Services. In an engagement to provide assurance services beyond those currently defined in the authoritative professional literature, the objective is to improve the quality of information, or its context, for decision makers. Since the particular set of

information that is used by a specific decision maker to make a specific decision will vary with the circumstances, the assurance provider must be able to identify what information is relevant and determine how and when to develop and present that information to the decision maker. The AICPA plans to develop measurement and reporting criteria to assist the assurance provider that will be sufficiently broad so that they can be customized to fill the needs of

individual decision makers. While assurance services may be undertaken by audit personnel, they also may be performed by personnel specializing in some of the "nonassurance services" offered by accounting firms, as described below, particularly since those individuals may have the competencies appropriate for providing those services.

(b) Nonassurance Services

Accounting firms provide nonassurance services to their clients in the form of compilations, tax services, and consulting services.

(i) Compilations. A service performed by CPAs that is related to assurance services but does not result in the expression of assurance is a compilation. A compilation consists of presenting information in the form of financial statements without expressing any opinion on them. Compilations are discussed further in Chapter 30.

蒙特马利审计2-2

(ii) Tax Services. A major service provided by accounting firms is in the area of taxation-tax and business planning and compliance services offered to businesses and individuals. Tax services offered to businesses by accounting firms cover a broad spectrum, including

preparing federal, state, and local tax returns; advising on merger or acquisition approaches to minimize taxes and on structuring operations to take advantage of tax opportunities; and reviewing tax returns for compliance with applicable laws and regulations. Services to

individuals include tax, financial, and estate planning. A firm's tax practice often includes one or more special service groups that address complex issues related to taxation. For instance, some accounting firms maintain support groups composed of senior tax professionals who monitor new tax laws, regulations, rulings, cases, and other related developments and

communicate this specialized knowledge to the rest of the firm. Many firms employ lawyers and engineers to advise clients on tax aspects of various transactions. Other groups that combine both tax and financial accounting expertise may be established to provide tax services relating to state and local tax matters; mergers, acquisitions, divestitures, sales of businesses, and related financing transactions; specialized industries that are affected by legislative, regulatory, and judicial proceedings; and international tax developments that concern multinational entities.

(iii) Consulting Services. Consulting services, sometimes called management advisory or management consulting services, are offered in several diversified areas, such as strategic planning, finance, inventory and supply, transportation, computerization, and human

resources. For example, professionals working in the consulting practice of an accounting firm may undertake work and make recommendations to an entity's management in one or more of the following areas:

Establishing long-range strategic planning programs Analyzing and improving administration-organization, methods, procedures, and

productivity

Developing information technology strategy, equipment and software evaluation and

selection, and telecommunications network and security evaluation

Designing and implementing information systems Applying techniques, such as just-in-time inventory planning, to improve profitability Improving materials controls, from consumer goods sales forecasting to

manufacturing planning and control

Human resources advisory professionals employed by accounting firms can advise clients about:

蒙特马利审计2-2

Planning executive compensation arrangements, conducting salary surveys, and

devising wage programs

Designing employee benefit and profit-sharing plans, performing annual actuarial

valuations, and implementing health care, life, and disability insurance programs

Communicating benefits and compensation policies to employees Developing benefits and compensation administration systems Determining compliance with government reporting requirements

Those consultants also may provide technical support to audit engagement teams. (c) Firm Structure

It is difficult to generalize about the organization of accounting firms because each one has its own structure and no two are exactly alike. Some multioffice firms are organized by groups or regions, with one partner assigned overall responsibility for the practice offices in each group or region. The group or regional partners may report to a number of vice chairmen or other designated partners. Each practice office is headed by a partner, often called the managing partner or partner in charge of the office, who is responsible for day-to-day operations. Within each practice office, there may be separate units for assurance services, tax, consulting, and perhaps one or more specialized practice areas. In addition to professional personnel, each practice office may have an administrative staff to handle personnel management, including recruiting, and to support the office's accounting and reporting function. In addition to their practice offices, many large accounting firms have a number of specialized departments, usually organized as part of a national office, that provide support to the practice. Examples of such resource groups are industry specialization, marketing and planning, professional education, and accounting and auditing policy setting, research, and consulting. Firms that practice in different countries are further organized under an international structure usually governed by a committee of representatives from the various member firms or geographic areas.

(d) Audit Engagement Team

Each audit is staffed by a team headed by a partner who signs the audit report and is ultimately responsible for the audit and its results. Especially on large or complex

engagements, there may be more than one partner, or the partner may delegate many

functions to one or more managers; however, one partner retains responsibility for the quality of the audit and thus should be actively involved in its planning and in evaluating the results, as documented and summarized by the members of the engagement team. The team usually includes a manager (or more than one on a large engagement) and other personnel with varying degrees of experience and professional expertise and competence. Firms establish staff classifications through which employees progress and policies that set forth the

蒙特马利审计2-2

responsibilities of audit personnel on each level. While these responsibilities vary from one firm to another, the typical functions and duties of each classification can be described generally.

(i) Partner. The partner has primary responsibility for accounting and auditing services and is usually the direct contact with the client. The partner is responsible for all decisions made in the course of the engagement, including those about the scope of services, the audit strategy, and the resolution of significant accounting and auditing issues. In short, the partner is responsible for ensuring that the audit has been planned, conducted, and reported on in accordance with the firm's policies and professional standards. As noted in Chapter 3, firms that are members of the SEC Practice Section of the AICPA's Division for CPA Firms are required to assign a second, or concurring review, partner on SEC engagements to provide additional assurance that those objectives are achieved. Because of the perceived benefits of such additional partner review, many firms assign a concurring review partner to other engagements as well. The concurring review partner on an engagement generally assesses the audit strategy, including auditing procedures to be performed in sensitive or high-risk areas, and may suggest additional matters to be addressed or recommend ways of enhancing audit efficiency. He or she reviews the draft audit report, related financial information and disclosures, and, where applicable, published reports and filings to be made with the Securities and Exchange Commission (SEC) and other regulatory bodies. In some circumstances, the review may be more detailed and include inquiring of members of the engagement team and reviewing working papers to determine that the scope of auditing procedures and related documentation comply with the firm's policies and professional standards.

(ii) Manager. Under the direction of a partner, a manager is responsible for administering all aspects of an engagement, including planning and coordinating activities with the entity's personnel, delegating duties to team members, coaching them, supervising and reviewing

their work, controlling engagement time and expenses, and overseeing billings and collections.

A manager is expected to have attained a degree of technical competence in accounting and auditing sufficient to ensure that an audit complies with all applicable professional standards and firm policies. The manager is also responsible for keeping the partner informed of all significant developments throughout the audit. Among other things, the manager often is

delegated the responsibility for reviewing proposed changes in the audit program, the report to management covering internal control related matters, the financial statements first in draft form and then in final form, and the working papers documenting the engagement.

(iii) Other Personnel. An experienced accountant, sometimes called the field team leader or in-charge accountant, is responsible, under the manager's direction, for the overall quality, timeliness, and efficiency of the fieldwork in an audit. This involves assisting the manager with administrative matters during the planning phase of the engagement as well as during and after the fieldwork. During the fieldwork, this individual is responsible for understanding the entity's business, industry, and internal control; identifying inherent risks; assessing control risk; reviewing working papers prepared by other engagement team personnel; drafting the report on internal control related matters and the proposed audit report; and preparing a summary of

蒙特马利审计2-2

audit findings, sometimes called critical issues, for the manager's and partner's attention. Less experienced personnel are responsible for completing assigned tasks under supervision. Their assignments, which vary with the size and complexity of the engagement, generally include preparing documentation of the understanding of the entity's business and its internal control, performing various types of auditing procedures and documenting the results, and keeping higher-level personnel informed of all findings.

2.4 ORGANIZATION OF THE AUDITING PROFESSION

The auditing profession in the United States has formed numerous voluntary groups with various purposes, among them the AICPA, state societies or institutes of CPAs, and The Institute of Internal Auditors, all of which have broadly based memberships. In addition, there are more specialized organizations of government auditors, computer auditors, teachers of auditing, and internal auditors with particular industry interests. The designation "Certified

Public Accountant" is granted by state boards of accountancy, discussed in the next section of this chapter.

(a) American Institute of CPAs

The mission of the AICPA is "to provide members with the resources, information, and

leadership that enable them to provide valuable services in the highest professional manner to benefit the public as well as employers and clients." About 40 percent of the AICPA's

approximately 330,000 members, all of whom are required to be CPAs, are in public practice either with CPA firms or as sole practitioners. (The rest are in business and industry,

government, or education, or are retired.) The AICPA provides a broad range of services to members, including continuing professional education, technical accounting and auditing assistance, auditing standard setting, self-regulation of the profession, and assistance in managing an accounting practice.

Ultimate authority over the AICPA is vested in its Council. Its 23-member Board of Directors, which includes three non-Institute members who represent the public, administers resources and sets policy. Pronouncements in the form of technical and ethical standards are issued by senior technical committees composed of Institute members in public practice and, to some extent, in industry, government, and academe. Those committees and the pronouncements they issue are shown in Figure 2.1.

Figure 2.1 Pronouncements Issued by AICPA Senior Technical Committees Senior Technical

Committee

Accounting and

Review Services

Committee Public Statements Issued or Reviewed Statements on Standards for Accounting and Review Services, and Interpretations Statements on Standards for Attestation

Engagements aa

蒙特马利审计2-2

Accounting

Committee Statements of Position Audit and Accounting Guides Standards Executive Practice Bulletins

AICPA Peer Review

Board

Auditing Standards

Board Standards for Performing and Reporting on Peer Reviews Statements on Auditing Standards, and Interpretations

Statements on Standards for Attestation

Engagements, and Interpretations

Statements on Quality Control Standards

Statements of Position

Audit and Accounting Guides

Auditing Procedures Studies

Notices to Practitioners aa

Management Statements on Standards for Consulting

aConsulting Services Services

Executive Committee Statements

aon Standards for Attestation Engagements

Personal

Planning

Committee

Professional Ethics Interpretations of Rules of Conducta Financial Statements on Responsibilities in Personal Executive Financial Planning Practice

Executive Committee Ethics Rulingsa

Tax Executive Statements on Responsibilities in Tax Practice

Committee

a The Rules of the AICPA Code of Professional Conduct and implementing resolutions of Council

require AICPA members to comply with standards contained in these pronouncements; departures

therefrom must be justified by those members who do not follow them.

In addition, the AICPA has four voluntary member sections that individuals with special interests may join: tax, personal financial planning, management consulting services, and

information technology. (There is also a Division for CPA Firms, composed of an SEC Practice Section and a Private Companies Practice Section, that CPA firms may join. The Division for

蒙特马利审计2-2

CPA Firms is discussed in Chapter 3.) Non-CPAs employed by CPA firms and meeting other eligibility requirements may join one or more of the AICPA's member sections, but not the AICPA itself, as Section Associates and receive the same member section benefits as CPA members. Individuals who have passed the Uniform CPA Examination, but have not received their CPA certificates because they have not completed their experience requirements, may become AICPA Associates. College students and recent graduates who have not yet passed the CPA examination may become Student Affiliates. Chartered accountants and CPAs who are members of associations belonging to the International Federation of Accountants (IFAC) and who do not hold a CPA certificate issued by a U.S. jurisdiction may join the AICPA as International Associates.

The AICPA provides educational programs covering a wide range of technical and

professional subjects of interest to members in public practice, business, teaching, and government. The Institute also publishes the Journal of Accountancy and The Tax Adviser monthly, which are available to nonmembers as well as members; several newsletters of

interest to practicing members; and numerous pamphlets, reports, and studies. The Institute's Board of Examiners prepares and grades the semiannual CPA examinations on behalf of the 50 states and other licensing jurisdictions. Through its Professional Ethics Division, the AICPA issues Interpretations of the Principles and Rules of the Code of Professional Conduct, investigates complaints against members regarding unethical practices, and assists in investigating and presenting ethics cases referred to the Joint Trial Board.

(b) State Societies of CPAs

In addition to belonging to the AICPA, most CPAs belong to a state society of CPAs. The

purpose of the state societies is also to improve the profession and help their members better serve the public interest. To accomplish this, the state societies offer members continuing professional education courses, provide consultation services, maintain liaison with members of state legislatures and relevant administrative agencies of state governments, publish professional journals, clarify and enforce professional technical and ethical standards, and provide other services to members, such as various types of group insurance. Members of a state society are automatically members of a specific local chapter within the state, which holds regular meetings and coordinates its activities with those of the state society. (c) Institute of Internal Auditors

The Institute of Internal Auditors (IIA) was formed to promote the professionalism and education of internal auditors. The organization has more than 58,000 members in 224

affiliates throughout the world. It has developed professional standards and a code of ethics, and has identified a common body of practitioner knowledge. The Institute sponsors training seminars, conferences, research, and books and other publications, including a bimonthly journal entitled The Internal Auditor. The Institute's Board of Directors and other international committees set Institute policy. The IIA offers a certification program leading to the

professional designation of Certified Internal Auditor (CIA).

蒙特马利审计2-2

(d) Other Organizations

Auditors with specialized interests have formed various organizations, usually with more

precisely defined objectives than the broadly based AICPA and IIA. Among those groups are computer, insurance company, government, and bank auditors. Members of the American Accounting Association who are interested in auditing research and teaching have established an Auditing Section of the Association, which publishes Auditing: A Journal of Practice & Theory. Membership in some of these organizations is limited to auditors practicing in a specific field or industry.

2.5 PROFESSIONAL CERTIFICATION AND LICENSING

The main professional designations relating to the practice of auditing are Certified Public Accountant, Certified Internal Auditor, Certified Information Systems Auditor, and Certified Fraud Examiner.

(a) Certified Public Accountant (CPA)

Starting in 1896, the various states have licensed and regulated individuals who have met specified education, experience, and examination requirements and who hold themselves out to the public as CPAs. Accountancy laws governing the licensing of professional accountants and establishing state boards of accountancy to administer and enforce them have been enacted in all 50 states, the District of Columbia, Guam, Puerto Rico, and the U.S. Virgin Islands. Only individuals who pass the CPA examination and meet the education and

experience requirements of their state boards are granted a license to practice by the state and are entitled to use the designation Certified Public Accountant or CPA. The CPA certificate is granted to qualified candidates to ensure the professional competence of those who offer their services to the public as professional accountants.

The semiannual, two-day CPA examination is prepared by the Board of Examiners of the AICPA and is given uniformly throughout the 54 United States licensing jurisdictions in May and November. The examination currently consists of the following four sections:

Business Law and Professional Responsibilities: tests the candidate's knowledge of a

CPA's professional responsibilities and of the legal implications of business

transactions, particularly as they relate to accounting and auditing

Auditing: tests the candidate's knowledge of auditing standards and procedures, and

the skills necessary to apply them in auditing and other attestation engagements

provided by CPAs

Accounting and Reporting-Taxation, Managerial, and Governmental and Not-for-Profit

Organizations: tests the candidate's knowledge of principles and procedures for

federal taxation, managerial accounting, and accounting for governmental and

蒙特马利审计2-2

not-for-profit organizations, and the skills needed to apply them

Financial Accounting and Reporting: tests the candidate's knowledge of authoritative

accounting pronouncements for business entities and the skills necessary to apply

them

Some states may require candidates to be tested in other subjects as well, most commonly professional ethics.

All state boards of accountancy use the AICPA Uniform CPA Examination and Advisory Grading Service. Even though the papers are graded by the AICPA, the state boards are responsible for the quality, composition, and grading of the examination and for licensing individuals, and thus may review the Institute's grading. Education and experience

requirements differ from state to state. Although in some states individuals receive a CPA certificate on passing the examination, most states require a period of experience before they issue a license to practice.

Additional information concerning a state's regulations and requirements can be obtained from the following sources:

The appropriate state education department or state board of accountancy National Association of State Boards of Accountancy, 380 Lexington Avenue, New

York, NY 10168-0002

American Institute of Certified Public Accountants, 1211 Avenue of the Americas, New

York, NY 10036-8775

The appropriate state society of certified public accountants

Publications that may have information about the CPA examination and state accountancy laws include:

Information for Uniform CPA Examination Candidates, published by the American

Institute of Certified Public Accountants

Digest of State Accountancy Laws and State Board Regulations, which includes a

listing of the state boards of accountancy, published by the National Association of

State Boards of Accountancy and the AICPA

(b) Certified Fraud Examiner (CFE)

The Association of Certified Fraud Examiners, established in 1988, prepares and administers the Uniform CFE Examination, which tests candidates' knowledge of financial transactions, conducting investigations, legal aspects of fraud, and criminology and ethics. The CFE

蒙特马利审计2-2

program is an accreditation, not a licensing, program. The CFE designation indicates that its holder has demonstrated expertise in resolving allegations of fraud, obtaining evidence, testifying to findings, and assisting in the detection and prevention of fraud and white-collar crime. CFEs must meet specified CPE requirements and adhere to the Association's Code of Professional Ethics and bylaws. Additional information about the experience and education requirements for the CFE examination can be obtained from the Association of Certified Fraud Examiners, 716 West Avenue, Austin, TX 78701.

(c) Certified Internal Auditor (CIA)

The Certified Internal Auditor examination measures technical competence in the practice of internal auditing and is administered by the Board of Regents of The Institute of Internal Auditors (IIA). The IIA's Director of Professional Practices is responsible for preparing,

administering, and grading the examination within the guidelines established by IIA's Board of Regents and Board of Directors. The Certified Internal Auditor examination is open to internal auditors and others who have the required professional qualifications. To maintain the CIA designation, a holder of a CIA certificate must meet specific continuing professional education (CPE) requirements. The certificate confers professional recognition but does not include a license to practice. Because CIAs do not offer their services to the public, states do not license them. Additional information relating to the experience and education requirements for the CIA examination can be obtained from The Institute of Internal Auditors, 249 Maitland Avenue, Altamonte Springs, FL 32701-4201.

(d) Certified Information Systems Auditor (CISA)

The Certified Information Systems Auditor examination tests knowledge and skills in the various fields of EDP auditing and is administered by the Information Systems Audit and Control Association (ISACA). To retain certification, a CISA must meet certain CPE requirements or retake the examination. The CISA program is also one of professional recognition rather than state licensure. Additional information about the experience and education requirements for the CISA examination can be obtained from the ISACA, 3701 Algonquin Road, Suite 1010, Rolling Meadows, IL 60008.

2.6 ASSURANCE STANDARDS AND STANDARD-SETTING BODIES

Assurance standards, in the broadest sense, are guidelines for performing professionally

responsible audits, attest engagements, and other assurance services. Several organizations have formulated such standards.

(a) Generally Accepted Auditing Standards

The membership of the AICPA approved and adopted ten broad statements collectively entitled "generally accepted auditing standards," often abbreviated as GAAS. Nine of them originally were adopted in 1948; the tenth was adopted some years later, but the basic

principle had existed before. The standards have not changed basically since (although our

蒙特马利审计2-2

understanding of several of them has changed significantly over the years and they have been amended to reflect that understanding and resulting changes in terminology). Of the ten standards, three are concerned with personal qualities that the auditor should possess

(general standards), three with how an audit should be conducted (field work standards), and four with the form and content of the auditor's report (reporting standards). The ten GAAS are discussed in detail in Chapter 3.

The authority to amplify and interpret the ten GAAS resides in a senior technical committee of the AICPA. From 1939 to 1972, that committee was called the Committee on Auditing Procedure and issued 54 pronouncements called Statements on Auditing Procedure. The Committee on Auditing Procedure was replaced in 1972 by the Auditing Standards Executive Committee, and in 1978 the Auditing Standards Board (ASB) was formed to succeed the Executive Committee. The ASB is now responsible for promulgating auditing standards and procedures to be observed by AICPA members in accordance with the Institute's Code of Professional Conduct. The pronouncements of the Auditing Standards Executive Committee and the ASB are called Statements on Auditing Standards (SASs). They define the nature and extent of auditors' responsibilities and provide guidance to auditors in carrying out their duties. From 1972 through September 1997 the two committees issued 82 SASs. While statements issued by all three committees are technically amplifications and interpretations of the ten original GAAS, they and the ten GAAS are frequently referred to collectively as generally accepted auditing standards.

In addition to issuing SASs, the ASB approves for publication auditing interpretations of the SASs; the interpretations are prepared by the Audit Issues Task Force of the ASB. As they are issued, SASs, auditing interpretations, and other AICPA professional standards are

incorporated in the AICPA's looseleaf service, Professional Standards, which results in a continuous codification of those pronouncements. Once a year, a bound version of the latest AICPA Professional Standards is published.

(b) International Auditing Standards

The desirability of developing more uniform auditing standards and practices worldwide has long been recognized and is gaining increasing support as international business continues to expand. Efforts to promote international uniformity in auditing standards were formally initiated in 1977, when representatives of approximately 50 countries, including the United States,

established the International Federation of Accountants (IFAC). The broad objectives of IFAC, as stated in paragraph 2 of its Constitution, are "the development and enhancement of a

coordinated worldwide accountancy profession with harmonized standards." IFAC's efforts are directed toward developing international technical, ethical, and educational guidelines for auditors, and reciprocal recognition of practitioners' qualifications.

Responsibility for developing and issuing exposure drafts and standards on generally accepted auditing practices and audit reports is vested in IFAC's International Auditing Practices Committee (IAPC); through September 1997 it has issued 30 International

Standards on Auditing (ISAs), plus three others in its series entitled International Standards on

蒙特马利审计2-2

Auditing/Related Services, all of which are codified in AU Section 8000 of AICPA Professional Standards. (The related services addressed by the standards are compilations, reviews, and agreed-upon procedures engagements.)

For the most part, the provisions of the standards coincide closely with comparable U.S. standards. Although the standards are not authoritative in the United States and are not covered by the AICPA Code of Professional Conduct, if a standard is intended to be issued that would deviate significantly from U.S. standards, the AICPA's Auditing Standards Board or Accounting and Review Services Committee considers ways of resolving the differences. In addition, the IAPC has issued ten International Auditing Practice Statements, which are intended to assist auditors in implementing the provisions of certain ISAs. This series of

statements, which are codified in AU Section 10,000 of AICPA Professional Standards, does not have the same authority as the ISAs.

In recognition of the need for a model of ethical guidelines that could be used as the basis for national ethical requirements, in January 1998 IFAC issued the Code of Ethics for Professional Accountants. The Code includes standards of professional conduct for accountants, as well as fundamental principles that underlie the achievement of a set of common objectives to be met by accountants. The fundamental principles, which are described in detail in the Code, are similar to the Principles and Rules of the AICPA Code of Professional Conduct, as discussed at length in Chapter 3 of the main volume. The Code of Ethics for Professional Accountants is codified in AU Section 11,000 of AICPA Professional Standards.

In 1992, the International Organization of Securities Commissions (IOSCO) approved a

resolution to recognize the ISAs for use in multinational reporting. In recommending that the IOSCO membership take that step, key members of IOSCO's Technical Committee, which reviewed the standards, concluded that they "represent a comprehensive set of auditing

standards and that audits conducted in accordance with these standards could be relied upon by securities regulatory authorities for multinational reporting purposes." IOSCO has more than 100 members, including the U.S. SEC, although the SEC has not yet accepted the ISAs as a basis for reporting in the United States.

In August 1999, International Professional Practice Statement 1, Assuring the Quality of Professional Services, was issued by IFAC. The statement calls for accounting firms to establish quality control systems necessary to provide reasonable assurance of their conformity with professional standards in the performance of assurance services. The

statement replaced a statement of policy on assuring the quality of audit and related services. The new statement includes a requirement that a firm's quality control policies and procedures be subject to external review, either by a national professional body or by another firm. (c) Role of the SEC and the Courts

The various federal acts that the SEC administers give it broad powers. Those powers

probably include promulgating auditing standards and may extend even to prescribing specific steps to be followed by auditors of financial statements filed with the Commission. The

蒙特马利审计2-2

Commission has, however, adopted the general policy of relying on the public accounting profession to establish auditing standards, largely because of the profession's willingness to address issues the SEC deems significant. The policy stated by the Commission in 1940 in Accounting Series Release No. 19 continues to be effective.

Until experience should prove the contrary, we feel that this program is preferable to its alternative-the detailed prescription of the scope of and procedures to be followed in the audit for the various types of issuers of securities who file statements with

us-and will allow for further consideration of varying audit procedures and for the

development of different treatment for specific types of issuers.

This is not to suggest that the SEC has not or will not influence the development of auditing standards. Indeed, it has done so on several occasions and is likely to continue doing so. That influence takes essentially two forms: stimulating the ASB to issue a pronouncement when the Commission believes one is needed (as occurred with , Review of Interim

Financial Information) and informing the ASB of its views during the standard-setting process. The ASB must continually acknowledge the presence of the SEC throughout its deliberations, but must not sacrifice the independence and objectivity that are essential to its

standard-setting function.

Despite numerous opportunities to interpret auditing standards when auditors have been the subject of litigation, only rarely have the courts failed to apply the profession's own auditing standards, and then it was primarily in areas involving reporting standards. Conformity with promulgated professional auditing standards has generally been an effective defense for auditors.

(d) Standards for Internal Auditing

The Institute of Internal Auditors in 1978 adopted a series of Standards for the Professional Practice of Internal Auditing. Those standards, which are reproduced in Figure 2.2, address the independence of internal auditors, their professional proficiency, the scope and

performance of their work, and the management of internal auditing departments. The IIA standards differ somewhat in their philosophy from the AICPA standards for external auditors in that the former represent the practice of internal auditing as it should be, whereas to a large extent SASs represent the Auditing Standards Board's view of the consensus among practitioners-what is "generally accepted." That difference should not be exaggerated, however; the IIA standards are also a consensus, but of the best of practice rather than of what is minimally acceptable. The IIA periodically issues Statements on Internal Auditing Standards to provide guidance on issues of interest to internal auditors.

Figure 2.2 Summary of General and Specific Standards for the Professional Practice of

Internal Auditing

100 INDEPENDENCE-Internal auditors should be independent of

蒙特马利审计2-2

the activities they audit.

110 Organizational Status-The organizational status of the

internal auditing department should be sufficient to permit

the accomplishment of its audit responsibilities.

120 Objectivity-Internal auditors should be objective in

performing audits.

200 PROFESSIONAL PROFICIENCY-Internal audits should be

performed with proficiency and due professional care.

The Internal Auditing Department

210 Staffing-The internal auditing department should provide

assurance that the technical proficiency and educational

background of internal auditors are appropriate for the

audits to be performed.

220 Knowledge, Skills, and Disciplines-The internal auditing

department should possess or should obtain the knowledge,

skills, and disciplines needed to carry out its audit

responsibilities.

230 Supervision-The internal auditing department should

provide assurance that internal audits are properly supervised. The Internal Auditor 240 Compliance with Standards of Conduct-Internal auditors

should comply with professional standards of conduct.

250 Knowledge, Skills, and Disciplines-Internal auditors

should possess the knowledge, skills, and disciplines

essential to the performance of internal audits.

260 Human Relations and Communications-Internal auditors

should be skilled in dealing with people and in

communicating effectively.

270 Continuing Education-Internal auditors should maintain their technical competence through continuing education. 280 Due Professional Care-Internal auditors should exercise

due professional care in performing internal audits.

300 SCOPE OF WORK-The scope of the internal audit should

encompass the examination and evaluation of the adequacy

and effectiveness of the organization's system of internal

control and the quality of performance in carrying out

蒙特马利审计2-2

assigned responsibilities.

310 Reliability and Integrity of Information-Internal auditors

should review the reliability and integrity of financial and

operating information and the means used to identify,

measure, classify, and report such information.

320 Compliance with Policies, Plans, Procedures, Laws,

and Regulations-Internal auditors should review the

systems established to ensure compliance with those

policies, plans, procedures, laws, and regulations which

could have a significant impact on operations and reports

and should determine whether the organization is in

compliance.

330 Safeguarding of Assets-Internal auditors should review

the means of safeguarding assets and, as appropriate,

verify the existence of such assets.

340 Economical and Efficient Use of Resources-Internal

auditors should appraise the economy and efficiency with

which resources are employed.

350 Accomplishments of Established Objectives and Goals

for Operations or Programs-Internal auditors should

review operations or programs to ascertain whether results

are consistent with established objectives and goals and

whether the operations or programs are being carried out as

planned.

400 PERFORMANCE OF AUDIT WORK-Audit work should include

planning the audit, examining and evaluating information,

communicating results, and following up.

410 Planning the Audit-Internal auditors should plan each

audit.

420 Examining and Evaluating Information-Internal auditors

should collect, analyze, interpret, and document information

to support audit results.

430 Communicating Results-Internal auditors should report the results of their audit work. 440 Following Up-Internal auditors should follow up to ascertain

that appropriate action is taken on reported audit findings.

500 MANAGEMENT OF THE INTERNAL AUDITING

DEPARTMENT-The director of internal auditing should

本文来源：https://www.bwwdw.com/article/8sm4.html