ACCT90014 · Auditing And Assurance Services
Assurance and Ethics
An audit exists to add credibility to information that management prepares and that investors, lenders and regulators rely on. That single purpose drives this chapter: the auditor must give assurance — but only reasonable, never absolute — and must be independent for the assurance to be worth anything. ACCT90014 frames assurance on a spectrum: a financial-statement audit gives reasonable assurance and a positively-worded opinion, while a review gives limited assurance and a negative conclusion; the gap between what users believe an auditor guarantees and what is actually promised is the expectation gap. Professional ethics under APES 110 rests on a conceptual framework — identify the threat, evaluate it, respond — and there are exactly five threats to independence (self-interest, self-review, advocacy, familiarity, intimidation). Legal liability closes the topic: the auditor can be sued in contract (by the client) or in negligence (potentially by third parties), with the case canon — Kingston Cotton Mill, Pacific Acceptance, Caparo, Esanda — setting the standard of care and to whom a duty is owed. This is closed-book mid-semester canon: learn it cold.
What this chapter covers
- 01The assurance landscape: why an audit exists, the three-party relationship
- 02Reasonable vs limited assurance and the expectation gap
- 03APES 110: the conceptual framework and acting in the public interest
- 04The five threats to independence and their triggers
- 05Independence in fact vs appearance; gifts and fee dependence
- 06Legal liability I: contract, privity and the case canon
- 07Legal liability II: negligence, the three elements and duty to third parties
Worked example: the three elements of a negligence claim
- +2Element 1 — duty of care: a third party (the bank) is owed a duty only if the auditor knew the statements would be relied on by that party for that purpose. State the Esanda / Caparo proximity test and apply it to whether the auditor knew of the bank’s reliance.
- +2Element 2 — breach: the standard of care is that of a reasonably competent auditor (Pacific Acceptance). Failing to attend the stocktake to verify inventory existence is a breach of that standard.
- +1Element 3 — causation & loss: the breach must have caused the loss. The bank must show it relied on the misstated statements and would not have lent (or would have recovered) but for the overstatement.
- +1Conclude: the claim turns on duty — breach and loss are clear, so the bank succeeds only if it can establish the auditor knew of, and the statements were prepared for, the bank’s reliance.
Key terms
- Reasonable assurance
- The high but not absolute level of assurance a financial-statement audit gives, expressed as a positive opinion that the statements give a true and fair view. It is not a guarantee, because of sampling, judgement and the inherent limitations of an audit.
- Expectation gap
- The difference between what users believe an auditor does or guarantees (e.g. detect all fraud, certify solvency) and what the auditor is actually responsible for (reasonable assurance that the statements are free of material misstatement). A recurring exam theme.
- Conceptual framework (APES 110)
- The threats-and-safeguards approach to ethics: identify a threat to a fundamental principle, evaluate whether it is at an acceptable level, and respond by applying safeguards, eliminating the threat or declining the engagement.
- Self-interest threat
- The threat that a financial or other interest will inappropriately influence the auditor’s judgement — for example holding shares in the client, fee dependence, or a contingent fee. The most-cited of the five threats.
- Duty of care
- The first element of a negligence claim: a legal obligation to take reasonable care owed to a particular party. To a third party it depends on proximity / known reliance (Esanda, Caparo); to the client it arises automatically from the engagement contract.
Assurance and Ethics FAQ
What is the difference between reasonable and limited assurance?
Reasonable assurance is the high (not absolute) level an audit gives, stated positively ('the statements give a true and fair view'). Limited assurance is the lower level a review gives, stated negatively ('nothing has come to our attention to suggest the statements are materially misstated'). The audit does more work and a review less, which is why the wording flips from positive to negative.
How do I pick the right one of the five threats in an exam?
Match the fact to the trigger, not the label. A financial interest or fee dependence = self-interest; auditing your own firm's work = self-review; promoting the client's position = advocacy; a long or close relationship = familiarity; pressure or threats = intimidation. The marks are for naming the right threat and then explaining why this specific fact creates it.
Why does independence have two halves?
APES 110 distinguishes independence of mind (actually being objective) from independence in appearance (a reasonable, informed observer would conclude objectivity is not compromised). Both must hold: even if the auditor is genuinely objective, an arrangement that looks compromising still fails, because assurance depends on public confidence.
When can a third party sue the auditor in negligence?
Only when the auditor owed that party a duty of care, which depends on proximity and known reliance: did the auditor know the statements would be used by that party for that kind of decision (Esanda, Caparo)? If yes, and breach (below the Pacific Acceptance standard of care) and causation of loss are also shown, the claim can succeed.
Exam move
This is mid-semester canon, so memorise it cold. Build a one-line trigger for each of the five threats and drill picking the right one from a fact. Keep the reasonable-vs-limited contrast and the expectation gap on the tip of your tongue — they are easy, high-frequency marks. For legal liability, treat negligence as a fixed flowchart: duty → breach → causation/loss, each proven in order, with the right case attached (Caparo/Esanda for duty to third parties, Pacific Acceptance for the standard of care, Kingston Cotton Mill for reasonable skill). In every applied answer, tie the standard or case to the exact fact — the dollar, the relationship, the role — never just state the rule.