CONTENTS Preface About the Author About the Contributor Professional Responsibilities — Module Code of Professional Responsibilities Engagement Planning, Obtaining an Understanding, and Assessing Risks — Module Understanding Internal Control and Assessing Control Risk — Module Consideration of Internal Control Responding to Risk Assessment: Evidence Accumulation and Evaluation — Module Sufficient Appropriate Audit Evidence Reporting — Module Audit Reports Other Engagements & Reports Accounting and Review Services — Module Accounting and Review Services Audit Sampling — Module Sampling Auditing with Technology — Module Responsibilities in An Information Technology Environment Index Copyright © 2013 by John Wiley & Sons, Inc All rights reserved Published by John Wiley & Sons, Inc., Hoboken, New Jersey Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400, fax 978-750-4470, or on the Web at www.copyright.com Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, 201-748-6011, fax 201-748-6008, or online at http://www.wiley.com/go/permission Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose No warranty may be created or extended by sales representatives or written sales materials The advice and strategies contained herein may not be suitable for your situation You should consult with a professional where appropriate Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages For general information on our other products and services, or technical support, please contact our Customer Care Department within the United States at 800-762-2974, outside the United States at 317-572-3993 or fax 317-573-4002 Wiley also publishes its books in a variety of electronic formats Some content that appears in print may not be available in electronic books For more information about Wiley products, visit our Web site at http://www.wiley.com ISBN: 978-1-118-41057-8 (paperback); 978-1-118-60794-7 (ebk); 978-1-118-60780-0 (ebk); 978-1-118-60768-8 (ebk) PREFACE This publication is a comprehensive, yet simplified study program It provides a review of all the basic skills and concepts tested on the CPA exam and teaches important strategies to take the exam faster and more accurately This tool allows you to take control of the CPA exam This simplified and focused approach to studying for the CPA exam can be used: As a handy and convenient reference manual To solve exam questions To reinforce material being studied Included is all of the information necessary to obtain a passing score on the CPA exam in a concise and easy-to-use format Due to the wide variety of information covered on the exam, a number of techniques are included: Acronyms and mnemonics to help candidates learn and remember a variety of rules and checklists Formulas and equations that simplify complex calculations required on the exam Simplified outlines of key concepts without the details that encumber or distract from learning the essential elements Techniques that can be applied to problem solving or essay writing, such as preparing a multiple-step income statement, determining who will prevail in a legal conflict, or developing an audit program Pro forma statements, reports, and schedules that make it easy to prepare these items by simply filling in the blanks Proven techniques to help you become a smarter, sharper, and more accurate test taker This publication may also be useful to university students enrolled in Intermediate, Advanced and Cost Accounting; Auditing, Business Law, and Federal Income Tax classes; Economics, and Finance Classes Good Luck on the Exam, Ray Whittington, PhD, CPA ABOUT THE AUTHOR Ray Whittington, PhD, CPA, CMA, CIA, is the dean of the Driehaus College of Business at DePaul University Prior to joining the faculty at DePaul, Professor Whittington was the Director of Accountancy at San Diego State University From 1989 through 1991, he was the Director of Auditing Research for the American Institute of Certified Public Accountants (AICPA), and he previously was on the audit staff of KPMG He previously served as a member of the Auditing Standards Board of the AICPA and as a member of the Accounting and Review Services Committee and the Board of Regents of the Institute of Internal Auditors Professor Whittington has published numerous textbooks, articles, monographs, and continuing education courses ABOUT THE CONTRIBUTOR Kurt Pany, PhD, CPA, is a Professor of Accounting at Arizona State University His basic and advanced auditing courses provided the basis on which he received the Arizona Society of CPA’s Excellence in Teaching Award and an Arizona CPA Foundation Award for Innovation in the Classroom for the integration of computer and professional ethics applications His professional experience includes serving for four years on the AICPA’s Auditing Standards Board, serving as an academic fellow in the Auditing Division of the AICPA, and prior to entering academe, working as a staff auditor for Deloitte and Touche Professional Responsibilities — Module Summary of the 10 Generally Accepted Auditing Standards (GAAS) T—Training and Proficiency I—Independence P—Professional Care P—Planning and Supervision I—Internal Control E—Audit Evidence G—Generally Accepted Accounting Principles O—Opinion D—Disclosures C—Consistency The Standards spell out TIP, PIE, and GODC (the reporting standards are ordered 1, 4, 3, for GOD and a soft-c to sound like gods) General Standards (3) 1) Training and proficiency The auditor must have adequate technical training and proficiency to perform the audit 2) Independence The auditor must maintain independence in mental attitude in all matters relating to the audit 3) Professional care The auditor must exercise due professional care in the performance of the audit and the preparation of the report Standards of Fieldwork (3) 1) Planning and supervision The auditor must adequately plan the work and must properly supervise any assistants 2) Internal control The auditor must obtain a sufficient understanding of the entity and its environment, including its internal control, to assess the risk of material misstatement of the financial statements whether due to error or fraud, to design the nature, timing and extent of further audit procedures 3) Audit evidence The auditor must obtain sufficient appropriate audit evidence by performing audit procedures to afford a reasonable basis for an opinion regarding the financial statements under audit Standards of Reporting (4) 1) GAAP The auditor must state in the auditor’s report whether the financial statements are presented in accordance with generally accepted accounting principles (GAAP) 2) Consistency The auditor must identify in the auditor’s report those circumstances in which such principles have not been consistently observed in the current period in relation to the preceding period 3) Disclosures When the auditor determines that informative disclosures are not adequate, the auditor must so state in the auditor’s report 4) Opinion The auditor must either express an opinion regarding the financial statements, taken as a whole, or state that an opinion cannot be expressed, in the auditor’s report When the auditor cannot express an overall opinion, the auditor should state the reasons therefor in the auditor’s report In all cases where an auditor’s name is associated with financial statements, the auditor should clearly indicate the character of the auditor’s work, if any, and the degree of responsibility the auditor is taking, in the auditor’s report CODE OF PROFESSIONAL RESPONSIBILITIES AICPA General Standards & Accounting Principles A CPA must perform with competence and must exercise due care Competence implies combination of education & experience Due care includes proper supervision & reviewing work of assistants Examples of actions that would violate the standard of due care include Performing professional services without complying with the appropriate standards Expressing an unqualified opinion on financial statements known to be materially misstated Failing to report the discovery of fraud to the client’s audit committee Independence – Covered members The concept of covered members is important since certain independence requirements apply to them Included as “covered members” are: A member of the attest engagement team A person who may influence the attest engagement A partner in the office in which the lead attest partner practices The firm, including its benefit plans A member in public practice shall be independent in the performance of professional responsibilities Independence impaired if a covered member Had committed to acquire any direct or material indirect financial interest in the client Was a trustee or executor or estate that had/committed to acquire any direct or material indirect financial interest in the client in excess of 10% of assets Had a material joint closely held investment Had a loan to or from the client, officer, director of the client, or any individual owning 10% or more of client’s capital (there are some exceptions to this) Partner or professional employee of the firm, his or her immediate family owned more than 5% of capital Was associated with the client as a(n) Director, officer, or employee, or in any capacity equivalent to that of a member of management; Promoter, underwriter, or voting trustee Independence impaired by Supervising client’s personnel Signing client’s checks Acting as client’s stock transfer agent Entering into lease with client Accepting gifts from client Obtaining material loan from client, even if fully collateralized (except by cash balances) Independence – Effect on Independence of Family Members, Relatives and Friends Overall: These groups may impair a CPA’s independence General Rules: Immediate family (spouse, spousal equivalent or dependent): Restrictions generally same as for accountant Exceptions relate to those in other than a key position with a client and certain benefit plans Close relatives (parent, sibling, or nondependent child): Independence not impaired unless close relative has a key position with client or a material financial interest of which the accountant is aware Other relatives and friends: Independence not impaired unless a reasonable person aware of the facts would conclude there is an unacceptable risk Independence – Unpaid Fees Unpaid fees may impair independence May not extend beyond one year Audit may be performed, but report may not be issued until prior year fees paid Independence - Auditor Takes Employment with Audit Client Must inform the audit firm If enter into negotiations must be immediately removed from the engagement and all their work reviewed by the audit firm Once accepts employment with audit client, the audit firm should consider the need to modify the audit plan or change members of the audit In any audit performed within a year of the professional joining the client, a member of the audit firm with no connection to the audit must review all work to ensure it takes into account independence issues When performing certain services, CPA must be independent in fact and in appearance Independence in fact means No direct or material indirect financial interest in client Independence is impaired if a CPA takes on a decision-making role for an audit client Independence is not impaired if a CPA performs litigation support services for a client Independence - Nonattest Services May provide advice, research materials, and recommendations Client must accept responsibility for making all decisions Fraud and Illegal Acts in Compilation or Review Engagements The CPA has certain responsibilities regarding fraud and illegal acts in a compilation or review Establishing an understanding with the client before commencement of the engagement that the CPA will inform the appropriate level of management of any evidence that fraud or an illegal act may have occurred Reporting such evidence when it comes to the CPA’s attention unless the matter is clearly inconsequential In a review, performing additional procedures as necessary to establish that no material modifications need to made to the financial statements as a result of the suspected fraud or illegal act Documenting any communications with management regarding fraud and illegal acts Restricted Use Compilation & Review Reports The CPA may issue reports that are restricted to use by specific parties Required when presentation is based on criteria in contractual agreements or regulatory provisions not in conformity with GAAP or other comprehensive basis of accounting A separate paragraph must be added to the report indicating That the report is intended solely for specified parties The identity of those specified parties That the report is not intended for anyone other than the specified parties A CPA may compile specified elements, accounts, or items of a financial statement The CPA who prepares or assists a client in preparing a schedule of such elements may be associated with the schedule and need to issue a report to avoid inappropriate assumptions by a potential user of the level of assurance Normal compilation standards apply including the possibility of restricted use A CPA may report on compiled pro forma financial information based on historical statements Downgrading Engagements Accountant may be asked to downgrade an engagement that has begun Audit may be downgraded to review or compilation Review may be downgraded to compilation Before accepting downgrade, accountant should consider Reason given by client Additional effort to complete original engagement Additional cost to complete original engagement Comparative Financial Statements Overall guidance when portions of audited financial statements are not audited An entity may include financial information with which the accountant is not associated (e.g., statement audited last year by a different auditor) in a report that also includes information with which the accountant is associated (e.g., this year’s compilation) The accountant should not allow his/her name to be associated with the portion of financial statements s/he is not associated with A continuing accountant who performs the same or a higher level of service this year (e.g., review) than last year (e.g., compilation) should update his/her report on the financial statements of a prior period presented with those of the current period A continuing accountant who performs a lower level of service should either Include a separate paragraph in his/her report with a description of the responsibility assumed for the prior period statements, or Reissue his/her report on the financial statements of the prior period Audit Sampling — Module SAMPLING Sampling is used in both tests of controls & substantive testing Nonstatistical samples are based exclusively on auditor’s judgment Statistical samples involve mathematics & probabilities Sampling Risk Audit risk is affected by sampling risk Sample for performance of tests may not be representative of population Conclusions drawn may not be same as if sample was representative Sampling Risk & Tests of Control When sample not representative in a test of control, possible errors Risk of Assessing Risk Too High (Underreliance)—Auditor will conclude that control is not effective when it actually is Auditor will inappropriately assess level of control risk at maximum & perform more substantive testing than necessary Resulting audit will be inefficient Risk of Assessing Risk Too Low (Overreliance)—Auditor will conclude that control is effective when it actually is not Auditor will inappropriately assess level of control risk below the maximum & perform less substantive testing than necessary Resulting audit may be ineffective & auditor may issue inappropriate report Sampling errors in tests of controls TRUE OPERATING EFFECTIVENESS OF THE CONTROLS IS The test of controls sample indicates: Adequate for planned assessed level of control risk Inadequate for planned assessed level of control risk Extent of operating effectiveness is adequate Correct Decision Incorrect Decision (risk of assessing control risk too low) Extent of operating effectiveness is inadequate Incorrect Decision (risk of assessing control risk too high) Correct Decision Sampling Risk & Substantive Tests When sample not representative in a substantive test, possible errors Risk of Incorrect Rejection—Auditor will incorrectly conclude that management assertion is not corroborated Auditor will reject sample Auditor will require inappropriate adjustment or issue inappropriately modified report Risk of Incorrect Acceptance—Auditor will incorrectly conclude that management assertion is corroborated Auditor will accept sample Auditor will inappropriately issue unmodified report Types of Statistical Sampling There are types of statistical sampling frequently used in auditing Attribute sampling—generally used for tests of controls Estimate frequency of errors in population based on frequency in sample Determine whether or not estimated error rate indicates control is working effectively Variables sampling—generally used for substantive testing Estimate value of population based on value of items in sample Determine whether or not estimated value is close enough management’s assertion as to valuation Probability proportional to size sampling—also used for substantive testing Form of variables sampling Items that are larger in size or value higher probability of being selected for sample Attribute Sampling The auditor determines the control to be tested & identifies the type of error that would indicate the control is not effective so that a sampling plan can be established Establish tolerable deviation rate—the maximum error rate the auditor will allow without increasing the assessed level of control risk Determine allowable risk of overreliance or sampling risk—the maximum allowable risk of assessing control risk too low Determine the expected population deviation rate—the rate of errors expected to occur in population which is the basis for the initial assessed level of control risk Calculate the sample size Select & test the sample 1) Calculate the sample deviation rate – # of errors in sample ÷# of items in sample Calculate upper deviation limit—maximum population error rate based on sample deviation rate & acceptable risk of overreliance Upper precision limit = Sample deviation rate + Allowance for sampling risk Reach conclusions & document results If upper precision limit ≤ tolerable rate—assessed level of control risk unchanged If upper precision limit > tolerable rate—assessed level of control risk increased Calculating Sample Size Various factors affect sample size ATTRIBUTES SAMPLING SUMMARY OF RELATIONSHIPS TO SAMPLE SIZE Increases in Effect on Sample Size Risk of assessing control risk too low Decrease Tolerable rate Decrease Expected population deviation rate Increase Population Increase (slightly for large samples) Variations of Attribute Sampling Different approaches can be used when applying attribute sampling Under traditional attribute sampling, sample size is determined & sample tested to estimate error rate in population Under stop or go (sequential) sampling, testing discontinues when auditor acquires sufficient data Appropriate when expected deviation rate is low Sample selected in steps Each step is based on results of previous step No fixed sample size and may result in lower sample if few or no errors detected Under discovery sampling, sample size is very small Appropriate when expected deviation rate is extremely low or zero Sample large enough to detect at least error if it exists Any errors in sample results in rejection Variables Sampling The auditor determines the balance to be tested & a sampling plan can be established 1) Establish tolerable misstatement—the maximum difference, taking materiality into account, between the actual balance & the reported balance that will not prevent the auditor from issuing an unmodified report 2) Determine allowable risk of incorrect acceptance or sampling risk—the maximum allowable risk of that the auditor will accept an amount that is materially incorrect 3) Determine the expected amount of misstatement or expected deviation—the amount by which the auditor expects the actual balance to differ from the reported amount based on the assessed level of control risk 4) Calculate the sample size 5) Select & test the sample 6) Calculate the upper deviation limit—the estimated difference between the actual amount & the reported amount based on the sample 7) Reach conclusions & document results If precision ≤ tolerable misstatement—opinion may require modification If precision > tolerable misstatement—opinion will not require modification Allowable Risk of Incorrect Acceptance The allowable risk of incorrect acceptance can be calculated based on other factors 1) Determine acceptable audit risk (AR) 2) Measure inherent risk (IR) 3) Assess level of control risk (CR) 4) Use AR, IR, & CR to calculate acceptable level of detection risk (DR) AR ÷(IR × CR) = DR 5) At various levels of DR, measure the allowable risk of incorrect acceptance Allowable level of incorrect acceptance = AR ÷(IR × CR × DR) Example If AR = 5%, IR = 100%, & CR is assessed at 50% DR = 05 ÷(1.00 × 50) = 10 or 10% If DR is set at 30% Allowable level of incorrect acceptance = 05 ÷(1.00 × 50 × 30) = 333 or 33 1/3% Calculating Sample Size Various factors affect sample size VARIABLES SAMPLING SUMMARY OF RELATIONSHIPS TO SAMPLE SIZE Increases in Effect on sampling size Risk—Incorrect Acceptance Decrease Risk—Incorrect Rejection Decrease Tolerable Misstatement (Error) Decrease Expected Misstatement (Error) Increase Population Increase Variation (standard deviation) Increase Probability Proportional to Size (PPS) Sampling PPS, a form of dollar unit sampling, has advantages over classical variables sampling Items with larger dollar amounts have a greater probability of being selected An item that is individually material will automatically be selected Sample size may be reduced as the same item may be selected more than once The sample distribution does not have to be close to the distribution in the population for the sample to be valid Sampling can be initiated prior to year-end more easily Disadvantages of PPS Understated items have a lower probability of being selected Items with zero or negative balances are not generally included in the sample A high frequency of misstatements results in an increase in sample size PPS is most effective when Few or no errors are expected The auditor is concerned about overstatement of the account PPS is applied as follows 1) Determine the risk of incorrect acceptance & the estimated number of overstatement errors 2) Measure the necessary reliability factor for errors of overstatement Measured by formula (selected from table) The higher the risk of incorrect acceptance, the lower the reliability The higher the estimated number of overstatement errors, the higher the reliability 3) Determine the tolerable misstatement 4) Determine sampling interval Sampling interval = Tolerable misstatement ÷Reliability factor 5) Calculate sample size Sample size = Total dollar amount of population ÷ Sampling interval 6) Select & test sample 7) Calculate projected error in population 8) Evaluate sample results & draw conclusion Selecting the Sample 1) List items in population in logical sequence 2) Based on the amount of an item and the total amounts of all previous items, each item will represent a cumulative amount 3) Assign each item a range of values The lower end of the range will be the previous item’s cumulative amount The upper end of the range will be the item’s cumulative amount 4) Select the items within the population where a multiple of the sampling interval is included in the range Calculating the Projected Misstatement 1) Determine items in sample containing misstatement 2) If item has dollar amount ≥ sampling interval, misstatement is added to projected misstatement 3) If item has dollar amount < sampling interval, effect of misstatement on projected misstatement must be calculated & added to the projected misstatement Calculate a tainting factor = Amount of misstatement ÷Dollar amount of item Projected misstatement = Taint% × Sampling interval Auditing with Technology — Module RESPONSIBILITIES IN AN INFORMATION TECHNOLOGY ENVIRONMENT Audit objectives are the same when financial records are manual or developed in an information technology (IT) environment In an IT environment, the auditor should consider Client use of computers in significant accounting applications Complexity of the entity’s computer operations Organizational structure of computer processing activities Availability of data Use of computer assisted audit techniques (CAATS) for audit procedures Controls in an IT Environment As a result of limited segregation of duties and a reduced paper audit trail, the auditor will often have to rely more heavily on the ability to reduce control risk rather than detection risk in order to keep audit risk at an acceptably low level The objectives of controls in an IT environment are Completeness Accuracy Validity Authorization Timeliness Integrity Controls will include general controls, application controls, input controls, processing controls, and output controls Auditing through the Computer Once the auditor obtains an understanding of internal control, a decision will be made as to the planned assessed level of control risk The auditor may plan to assess control risk at the maximum when the client’s computer system is relatively simple and there is a sufficient audit trail When the client’s computer system is complex, the lack of an audit trail may prevent the auditor from adequately reducing detection risk through the performance of substantive tests and the auditor will need to set control risk below the maximum This will require the performance of tests of controls in relation to those control activities on which the auditor intends to rely Testing General Control Activities The auditor will generally first test general control activities The auditor can test Personnel policies by inspecting personnel manuals, observing the appropriate segregation of duties, and verifying restrictions on the access to the system through the use of passwords File security by inspecting external labels on files and using the computer to read internal labels, and observing the existence of lockout procedures and file protection Contingency plans by observing the existence of multiple generations of backup files, discussing disaster recovery plans with management, and observing the existence of a hot or cold site Facilities by observing the appropriateness of the location and the limitations on access and by confirming the existence of insurance Access to computer files by verifying the use of passwords to prevent unauthorized individuals from obtaining access Testing Application Control Activities If general controls are in place and operating effectively, reliance may also be placed on application control activities The auditor can test input and output controls largely through observation Processing controls, on the other hand, may be tested in a variety of ways In testing controls over the development of, and changes to, programs and systems design, the auditor might Make inquiries of personnel Review minutes of meetings of computer staff and users Inspect documentation of testing performed before programs were put into use Review documentation of program changes and compare them to management approvals Inspect manuals being used by operators and other users Computer assisted audit techniques, or CAATs, are used to test the operation of software These include test data, controlled programs, integrated test facilities, program analysis, tagging and tracing, and generalized audit software programs Test data includes one example of each type of exception and is run through the company’s computer programs The auditor compares results to expected results to evaluate the processing of the data and handling of exceptions Controlled programs are copies of the client’s programs that are under the control of the auditor The auditor processes the client’s data using these programs and compares the results to those of the client to evaluate the client’s processing of the data Using an integrated test facility, fictitious and real transactions are processed simultaneously using the client’s system The auditor can review the client’s processing of the data to evaluate the effectiveness of the programs Program analysis techniques involve the use of software that will allow the computer to generate flowcharts of other programs The auditor can examine the flowcharts to evaluate the effectiveness of the client’s programs By tagging transactions, they may be traced through the system and the auditor is provided a printout of the steps followed in processing them Generalized audit software packages test the reliability of the client’s programs These packages are used to perform many specific audit procedures One application is parallel simulation in which the software is designed to process data in a manner that is essentially the same as that used by the client’s program Auditing with the Computer The auditor may use the computer to perform substantive tests Once the auditor has access to the client’s data, the computer can be used to Examine the client’s data for validity, completeness, and accuracy Rearrange and analyze the client’s data Select client data for audit samples Compare similar data contained in two or more of the client’s files to identify discrepancies Compare the results of audit procedures, such as test counts, to the client’s data The use of computers in the performance of an audit does not change the auditor’s responsibility to adhere to the standards of fieldwork Methods, however, may change There may be a reduction in the use of working papers to reduce the auditor’s ability to observe the details of calculations when reviewing the work of staff assistants Index Accounting and Review Services Accounting Estimates Actions Resulting from Evidence of Fraud Allowable Risk of Incorrect Acceptance Analytical Procedures Assessing Control Risk Assessing Risk of Fraud Assurance Provided by Auditor Attestation Engagements Attribute Sampling Audit Committee Audit Reports Audit Risk Audit Risk Model Auditing Accounts Payable & Purchases Auditing Accounts Receivable & Sales Auditing Cash Auditing Equity Auditing Inventory Auditing Investments & Investment Income Auditing Long-Term Debt & Interest Expense Auditing Property, Plant, & Equipment Auditing Specific Accounts Auditing through the Computer Auditing with the Computer Communication with Predecessor Auditor Comparative Financial Statements Compilation Report Compilations Compliance with Aspects of Contractual Agreements or Regulatory Requirements Components of Audit Risk Components of Internal Control Condensed Financial Statements & Selected Data Consideration of Fraud in a Financial Statement Audit Consideration of Internal Control Control Activities Control Environment Controls in an IT Environment Department of Labor Independence Requirements for Employee Benefit Plans Departures from GAAP Division of Responsibility Documentation Documentation of Internal Control Downgrading Engagements Effects of Assessment Effects of Substantive Tests on Detection Risk Emphasis of a Matter Emphasis of an Uncertainty Engagement Letter Evaluation of Misstatements Financial Information in Prescribed Forms or Schedules Financial statement compilations Planning Financial Statement Reviews Financial Statements Prepared in Conformity with an OCBOA Flowcharts Fraud and Illegal Acts in Compilation or Review Engagements Fraud Risk Factors Further Reducing the Assessed Level of Control Risk GAO Code of Ethics General Standards and Accounting Principles Government Auditing Standards Governmental Auditing Inconsistencies Independent auditor Information & Communication Institute of Internal Auditors Code of Ethics Internal Control Questionnaire International Auditing and Assurance Standards International Ethics Standards Introductory Paragraph Issues Related to Substantive Testing Letters to Underwriters Litigation, Claims & Assessments Major Federal Programs Management Representations Materiality Modified Reports Monitoring Nature, Timing, & Extent of Evidential Matter Nonattest services Omitted Procedures Opinion Paragraph Other Cycles Other Engagements & Reports Other Responsibilities and Practices PCAOB Audit Standard Audit Standard Planning Considerations & Procedures Probability Proportional to Size (PPS) Sampling Professional Responsibilities Prospective Financial Statements Purchases & Spending Cycle Quality Control Related Parties Relationship of Internal Control to Audit Procedures Relationship of Objectives to Risk Assessment & Control Activities Reliability Reporting on Pro Forma Financial Information Reports on Internal Control in Connection with Audit Reports under the SAA Requirements for Evaluation of Internal Control Responsibilities in an Information Technology Environment Responsibilities to Clients Responsibility to Detect & Report Illegal Acts Restricted Use Compilation & Review Reports Restrictions on an Auditor’s Report Revenue Cycle Review of Interim Financial Information Review Report Reviews Analytics Risk Assessment Sampling Sampling Risk Sampling Risk & Substantive Tests Sampling Risk & Tests of Control Sarbanes-Oxley Act Scope Limitations Scope Paragraph Separate Engagements on Internal Control Single Audit Act Special Reports Specialists Specified Elements, Accounts, or Items of a Financial Statement Standard Report – An Unqualified Opinion Standards for Consulting Services Statements Used in Other Countries Steps in Consideration of Fraud Subsequent Discovery of Facts Subsequent Events Summary of Relationship Among GAAS, GAS, & SAA Tax Preparer Test of Balances Approach Test of Transactions Approach Testing Application Control Activities Testing General Control Activities Tests of Controls Timing of Audit Procedures Types of Fraud Types of Statistical Sampling Types of Substantive Tests Understanding of Client’s Operations, Business, & Industry Understanding the Design of Internal Control Using Management Assertions to Develop Audit Programs Variables Sampling Variations of Attribute Sampling Working Papers ... a review of all the basic skills and concepts tested on the CPA exam and teaches important strategies to take the exam faster and more accurately This tool allows you to take control of the CPA. .. to take control of the CPA exam This simplified and focused approach to studying for the CPA exam can be used: As a handy and convenient reference manual To solve exam questions To reinforce... Accounting; Auditing, Business Law, and Federal Income Tax classes; Economics, and Finance Classes Good Luck on the Exam, Ray Whittington, PhD, CPA ABOUT THE AUTHOR Ray Whittington, PhD, CPA, CMA,