Читать книгу Wiley Practitioner's Guide to GAAS 2020 - Joanne M. Flood - Страница 142

The auditor is explicitly required to:

1 Obtain an understanding of the legal and regulatory framework.

2 Obtain an understanding of how the entity is complying with that framework.

(AU-C 250.12)

To obtain an understanding of the entity’s legal and regulatory framework, the auditor may, among other procedures,

 Use the auditor’s existing understanding of the entity’s industry and regulatory and other external factors and update the understanding of those regulations that directly determine the reported amounts and disclosures in the financial statements.

 Inquire of management concerning the client’s compliance with laws and regulations, policies on prevention of noncompliance, and the use of directives and periodic representations obtained from management at appropriate levels of authority concerning compliance with laws and regulations.

 Consider the entity’s history of noncompliance.

(AU-C 250.A8)

For laws and regulations in category 1 above, the auditor must obtain sufficient evidence regarding material amounts in the financial statements that are determined by those laws and regulations. (AU-C 250.13)

For category 2, the auditor’s responsibility is to perform specified audit procedures that may identify noncompliance having a material effect on the financial statements. (AU-C 250.07) These are:

 Inquire of management and, if appropriate, those charged with governance about whether the entity is complying with laws and regulations.

 Inspect correspondence with the relevant licensing or regulatory authorities.

(AU-C 250.14)

During the audit, the auditor should remain alert to instances of noncompliance that may be revealed by other audit procedures. (AU-C 250.15) Examples of customary audit procedures that might bring possible noncompliance to the auditor’s attention include:

 Reading minutes

 Making inquiries of management and legal counsel concerning litigation, claims, and assessments

 Performing substantive tests of sensitive transactions

(AU-C 250.A17)

In addition to those procedures, the auditor may apply other procedures, if necessary, to further understand the nature of noncompliance that has come to the auditor’s attention. The additional procedures might include:

 Examining supporting documents, such as invoices

 Confirming significant information with other parties to the transaction

 Determining if the transaction was properly authorized

 Considering whether other similar transactions may have occurred

 Applying procedures to identify other similar transactions

(AU-C 250.A20)

The auditor should inquire of management at a level above those involved, if possible. If the effect may be material and management or those charged with management do not provide satisfactory information that there has been no noncompliance, the auditor should:

 Consider the need to seek legal advice (AU-C 250.18)

 Evaluate the effect on the opinion (AU-C 250.19)

 Evaluate the implication on other areas of the audit—for example, the assessment of audit risk (AU-C 250.20)

However, aside from the requirements above and absent specific information concerning possible noncompliance, the auditor does not need to perform any further procedures in this area. AU-C 580, Written Representations, requires the auditor to obtain a written representation from management concerning the absence of noncompliance with laws or regulations. (AU-C 250.16)