Auditing for CPA Board Exam: Complete PSA Standards Guide

Auditing tests your understanding of Philippine Standards on Auditing (PSA) and your ability to apply audit concepts to practical scenarios. With 70 multiple-choice questions split between theory and application, this subject requires both memorization and critical thinking.

Understanding the Auditing Exam

Per BOA Resolution No. 30, Series of 2022, Auditing is administered on Day 1 (Afternoon Session) of the CPALE:

Questions: 70 MCQs
Duration: 3 hours
Distribution: 50% Theory, 50% Application
Cognitive Levels: 26% Remembering, 56% Understanding, 18% Analyzing

The Exam's Two Components

Component	Weight	Focus
Theory on Auditing & Attestation	50%	PSA knowledge, definitions, concepts
Auditing Practice	50%	Risk assessment, procedures, judgment

Philippine Standards on Auditing (PSA) Framework

The Auditing and Assurance Standards Council (AASC) promulgates PSA pronouncements by adopting International Standards on Auditing (ISA) for Philippine use. Here's the complete framework:

PSA 200 Series - General Principles

Standard	Title	Key Concepts
PSA 200	Overall Objectives of the Independent Auditor	Reasonable assurance, professional skepticism
PSA 210	Agreeing the Terms of Audit Engagements	Engagement letter, preconditions
PSA 220 (Revised)	Quality Management for an Audit	Engagement partner responsibilities
PSA 230	Audit Documentation	Working paper requirements
PSA 240	Auditor's Responsibility Regarding Fraud	Fraud risk factors, management override
PSA 250	Consideration of Laws and Regulations	Non-compliance detection
PSA 260	Communication with Those Charged with Governance	Required communications
PSA 265	Communicating Deficiencies in Internal Control	Significant deficiencies

PSA 300 Series - Risk Assessment and Response

Standard	Title	Key Concepts
PSA 300	Planning an Audit	Overall audit strategy, audit plan
PSA 315 (Revised 2019)	Identifying and Assessing Risks of Material Misstatement	Understanding entity, risk assessment
PSA 320	Materiality in Planning and Performing	Performance materiality
PSA 330	Auditor's Responses to Assessed Risks	Further audit procedures

PSA 500 Series - Audit Evidence

Standard	Title	Key Concepts
PSA 500	Audit Evidence	Sufficiency and appropriateness
PSA 501	Audit Evidence for Specific Items	Inventory, litigation, segments
PSA 505	External Confirmations	Positive vs. negative confirmations
PSA 520	Analytical Procedures	Substantive analytics
PSA 530	Audit Sampling	Statistical vs. non-statistical

PSA 700 Series - Reporting

Standard	Title	Key Concepts
PSA 700	Forming an Opinion and Reporting	Unmodified opinion
PSA 705	Modifications to the Opinion	Qualified, adverse, disclaimer
PSA 706	Emphasis of Matter and Other Matter	Additional paragraphs
PSA 701	Key Audit Matters	Listed company reporting

The Audit Risk Model (Critical Concept)

Understanding the audit risk model is fundamental to the entire auditing subject:

Audit Risk (AR) = Inherent Risk (IR) × Control Risk (CR) × Detection Risk (DR)

Definitions:

Risk Component	Definition	Auditor Control
Inherent Risk	Susceptibility to misstatement before controls	Cannot control (assess only)
Control Risk	Risk that controls won't prevent/detect misstatement	Cannot control (assess only)
Detection Risk	Risk that audit procedures fail to detect misstatement	CAN control through procedures

The Inverse Relationship:

Higher assessed IR × CR → Lower acceptable DR → More audit work needed
Lower assessed IR × CR → Higher acceptable DR → Less audit work needed

Exam Tip: Questions often test the inverse relationship. If control risk increases, detection risk must decrease (meaning more substantive procedures are required).

Internal Control - COSO Framework

Per PSA 315, auditors must understand internal controls using the COSO Framework with five components:

The Five Components

1. Control Environment (Foundation)

Integrity and ethical values
Commitment to competence
Board/audit committee participation
Management philosophy and operating style
Organizational structure
Human resource policies

2. Risk Assessment

How management identifies business risks
Estimating significance and likelihood
Determining risk responses

3. Control Activities

Policies and procedures addressing risks
Types: Preventive, detective, corrective
Categories: Authorization, segregation, physical controls, reconciliation

4. Information and Communication

Financial reporting information system
Internal and external communication channels
Quality of information

5. Monitoring Activities

Ongoing monitoring (built into operations)
Separate evaluations (internal audit)
Reporting deficiencies

Memory Aid: "CRIME" - Control environment, Risk assessment, Information & communication, Monitoring, (control) activitiEs

Audit Evidence Requirements

Sufficiency vs. Appropriateness (PSA 500)

Concept	Definition	Factors
Sufficiency	Quantity of evidence	Assessed risk level, quality of evidence
Appropriateness	Quality of evidence	Relevance + Reliability

Reliability Hierarchy (Most to Least Reliable)

Evidence from independent external sources
Evidence obtained directly by auditor
Documentary evidence (vs. oral)
Original documents (vs. copies)
Evidence from effective internal controls

Types of Audit Procedures

Procedure	Description	Example
Inspection	Examining records or documents	Reviewing invoices
Observation	Watching a process or procedure	Observing inventory count
External confirmation	Direct response from third party	Bank confirmation
Recalculation	Checking mathematical accuracy	Footing a schedule
Reperformance	Independently executing controls	Re-running bank reconciliation
Analytical procedures	Evaluating relationships	Comparing ratios to prior year
Inquiry	Seeking information from personnel	Interviewing management

Audit Sampling (PSA 530)

Statistical vs. Non-Statistical Sampling

Aspect	Statistical	Non-Statistical
Selection method	Random selection required	Any method acceptable
Evaluation	Mathematical measurement of sampling risk	Professional judgment
Defensibility	More objective, defensible	More subjective

Key Sampling Concepts

Tolerable Misstatement: Maximum misstatement in population that auditor is willing to accept

Tolerable Rate of Deviation: Maximum rate of control deviations that auditor is willing to accept

Sampling Risk: Risk of reaching wrong conclusion due to testing only a sample

For Tests of Controls	For Substantive Tests
Risk of assessing control risk too low	Risk of incorrect acceptance
Risk of assessing control risk too high	Risk of incorrect rejection

Audit Reports and Opinions (PSA 700/705/706)

Types of Audit Opinions

The opinion depends on two factors: (1) nature of the matter, and (2) pervasiveness.

Nature of Matter	Material but NOT Pervasive	Material AND Pervasive
Financial statements are misstated	Qualified Opinion	Adverse Opinion
Inability to obtain sufficient evidence	Qualified Opinion	Disclaimer of Opinion

Understanding "Pervasive"

Per PSA 705, pervasive effects are those that:

Are not confined to specific elements/accounts
If confined, represent a substantial proportion of the financial statements
In relation to disclosures, are fundamental to users' understanding

Emphasis of Matter vs. Other Matter (PSA 706)

Paragraph Type	Purpose	Effect on Opinion
Emphasis of Matter	Draw attention to matter properly presented in FS	None (opinion remains unmodified)
Other Matter	Draw attention to matter NOT presented in FS	None (opinion remains unmodified)

Common Emphasis of Matter situations:

Uncertainty about going concern (when properly disclosed)
Significant subsequent event
Early adoption of new accounting standard

Tests of Controls vs. Substantive Procedures

Comparison Table

Aspect	Tests of Controls	Substantive Procedures
Purpose	Evaluate operating effectiveness of controls	Detect material misstatements
When performed	Usually interim period	Usually at/near year-end
Nature of questions	"Did the control operate?"	"Is the balance correct?"
Required?	Only when relying on controls	Always required
Examples	Inspect approvals, reperform reconciliations	Confirm receivables, count inventory

The Relationship

Strong controls → Lower control risk → Can reduce substantive procedures
Weak controls → Higher control risk → Must increase substantive procedures
No reliance on controls → Assess control risk at maximum → Substantive-only approach

High-Yield Topics for the Exam

Based on exam patterns and review center data:

Priority 1: Must Master

PSA 200 - Overall objectives, reasonable assurance, professional skepticism
PSA 315 - Understanding the entity, risk assessment procedures
PSA 330 - Responding to assessed risks
PSA 700/705 - Forming opinions, modifications
Audit risk model - IR × CR × DR relationships

Priority 2: Know Well

PSA 500 - Audit evidence sufficiency and appropriateness
PSA 240 - Fraud considerations
PSA 530 - Audit sampling
COSO Framework - Five components
Internal control types - Preventive vs. detective

Priority 3: Understand Concepts

PSA 260/265 - Communications with governance
PSA 520 - Analytical procedures
PSA 501 - Evidence for specific items
Quality management standards - PSQM 1 and 2

Study Strategies for Auditing

1. Group Standards by Function, Not Number

Instead of memorizing PSA 200, 210, 220... group by audit phase:

Planning Phase: PSA 200, 210, 220, 300, 315, 320 Execution Phase: PSA 330, 500, 501, 505, 520, 530 Completion Phase: PSA 700, 705, 706, 560, 570

2. Understand Before Memorizing

Focus on understanding why each standard exists:

PSA 240 exists because management can override controls
PSA 315 exists because you can't respond to risks you haven't identified
PSA 705 exists because users need to know when something is wrong

3. Create Decision Trees for Report Modifications

Is there a misstatement or scope limitation?
├── No → Unmodified Opinion
└── Yes → Is it material?
    ├── No → Unmodified Opinion
    └── Yes → Is it pervasive?
        ├── No → Qualified Opinion
        └── Yes → Is it a misstatement?
            ├── Yes → Adverse Opinion
            └── No (scope) → Disclaimer

4. Practice Application Questions

Don't just memorize definitions. Practice scenarios like:

"The auditor discovered management had been inflating revenue for three years. What type of opinion should be issued?"
"The client's legal counsel refused to respond to the auditor's inquiry about pending litigation. What is the effect?"

5. Know the New Quality Management Standards

PSQM 1 (effective December 15, 2022) replaced PSQC 1 with eight components:

Firm's risk assessment process
Governance and leadership
Relevant ethical requirements
Acceptance and continuance
Engagement performance
Resources
Information and communication
Monitoring and remediation process

Common Mistakes to Avoid

Conceptual Errors

Confusing qualified (material, not pervasive) with adverse (material, pervasive)
Thinking Emphasis of Matter affects the opinion (it doesn't)
Believing higher detection risk means more work (it's the opposite)

Application Errors

Not recognizing when controls are ineffective (requires substantive-only approach)
Forgetting that some substantive procedures are always required
Confusing tests of controls (effectiveness) with tests of details (correctness)

Time Management

Spending too long on scenario questions
Second-guessing straightforward definition questions
Not flagging difficult questions for later review

Recommended Study Approach

Phase 1: Foundation (Weeks 1-2)

Read through all major PSA standards
Understand the audit process flow
Master the audit risk model

Phase 2: Deep Study (Weeks 3-4)

Study each PSA series systematically (200s, 300s, 500s, 700s)
Create summary sheets per standard
Practice MCQs per topic

Phase 3: Integration (Weeks 5-6)

Take full-length mock exams
Analyze wrong answers thoroughly
Focus on weak areas

Phase 4: Final Review (Last Week)

Review summary sheets
Focus on high-yield topics
Light practice, no new material

Official Resources

Auditing rewards understanding over memorization. Focus on the logical flow of the audit process, master the relationships between risk and response, and practice applying standards to scenarios. With systematic preparation, you can confidently tackle any audit question on the board exam.

Ready to master Auditing? Start your free trial and access AI-powered practice questions covering all PSA standards.