What is Auditing?

What is Auditing?

Definition 1

Audit is an independent examination (1) defined as the systematic process (2) of objectively obtaining and evaluating evidence regarding assertions about economic actions & events to ascertain the degree of correspondence between those assertions and established criteria and communicating the results (3) to interested users.

Definition 2

Auditing is the accumulation and evaluation of evidence about information to determine and

report on the degree of correspondence between the information and established criteria.

Auditing should be done by a competent, independent person.

1. Auditing = Checking financial records carefully to see if they are true and fair.
2. Auditor writes a report to show opinion if the financial statements follow laws & standards.

(1) Independent examination

An independent examination is a neutral, objective appraisal of financial information (often the financial statements) by someone free from bias, conflicts, and undue influence from management or owners.

Why “independent” matters:

It preserves objectivity and credibility—so users can trust the conclusions. Independence has two dimensions:

In mind

actual unbiased judgement.

In appearance

no relationships that look compromising (e.g., financial interests, close family ties).

What it involves:

A systematic process of obtaining and evaluating evidence against established criteria (e.g., MFRS/IFRS, laws, policies), then communicating results (usually an auditor’s report with an opinion).

Who can do it:

A suitably qualified practitioner (external auditor) who meets ethical and independence requirements (e.g., professional code, firm safeguards, partner rotation where applicable).

Outputs:

• Audit opinion (unmodified/qualified/adverse/disclaimer) and required report sections.
• Communications to Those Charged with Governance and management (e.g., control deficiencies).

Not to confuse:

• Review engagement = limited assurance (primarily inquiry/analytics).
• Compilation = no assurance.

An audit (independent examination) provides reasonable assurance, higher than a review.

(2) The systematic process 

Meaning:

·   Audit is not random checking.

·   It follows a structured, professional methodology guided by auditing standards (e.g. ISA).

Typical stages in that process:

1.      Planning & risk assessment

o    Understand the business, industry, internal controls, fraud risk.

o    Identify areas most likely to be misstated.

2.      Designing audit procedures

o    Decide what evidence is needed, how to gather it (tests of controls, substantive tests, confirmations, inspection, recalculation, analytical procedures).

3.      Obtaining and evaluating evidence

o    Perform the tests, document results, evaluate whether evidence is sufficient and appropriate.

4.      Forming a conclusion

o    Judge whether the financial statements are fairly presented.

5.      Communicating the result

o    Issue a written audit report to shareholders and other users.

Why it matters:

·         Because it’s systematic, two different competent auditors applying the same standards should reach broadly similar conclusions.

·         It also supports audit quality, accountability, and the ability to defend the opinion in court/regulation.

In simple terms:
“Systematic process” means audit is done using a planned, step-by-step professional approach and not guesswork in order to gather reliable evidence and reach a defendable opinion.

(3) Communicating the results

“Communicating the results” means how the auditor formally tells users what was found and the opinion reached.

In practice:

Primary vehicle: the Independent Auditor’s Report to shareholders (or those charged with governance).

What it contains (ISA 700/705/706/701):

• Opinion (unmodified / qualified / adverse / disclaimer).
• Basis for Opinion (key reasons, independence & ethics statement).
• Key Audit Matters (KAMs) for listed entities (what was most significant and how it was addressed).
• Going Concern conclusions (and any material uncertainty).
• Other information section (e.g., annual report consistency).
• Responsibilities of management and the auditor.
• Report date, auditor’s name, firm, location.

• Other communications (not the opinion itself, but part of “results”):

  • Report to Those Charged with Governance (ISA 260): significant findings, scope, audit strategy, independence.
  • Management letter: control deficiencies and recommendations.
  • Regulatory communications where required.

In simple terms:

It’s the auditor’s formal reporting of conclusions and significant findings—primarily via the audit opinion and related required communications—to the users who rely on the financial statements.