What an External Audit Is (and Isn’t)

Learning objectives

By the end of this chapter, you will be able to:

• Explain the purpose of an external audit and its boundaries, focusing on the auditor’s role in reporting an independent conclusion on the financial statements.
• Distinguish an audit from accounting services, a review engagement, and advisory work, explaining how objectives and outputs differ.
• Explain reasonable assurance and why audit work delivers high confidence rather than certainty, including the built-in limits of evidence and judgement.
• Recognise the main sections found in an auditor’s report and the messages each section is designed to communicate.
• Identify the key parties involved and where responsibilities sit: management, those charged with governance, and the auditor.

Overview & key concepts

An external audit is an independent check on the credibility of financial statements. The auditor’s job is not to prepare the numbers, but to gather and evaluate evidence and then report whether the statements can be relied on for decision-making, taking into account the reporting rules the company claims to follow. Because the focus is on matters that could influence users, audit work concentrates on material misstatements rather than trying to eliminate every possible error.

This matters because users of financial statements (shareholders, lenders, suppliers, tax authorities, employees, analysts) often have to make decisions without being involved in producing the figures. Independence, evidence, and careful judgement are therefore central.

Just as important is understanding what an audit is not:

• It is not bookkeeping or accounts preparation.
• It is not a guarantee that all fraud will be uncovered.
• It is not a prediction of future performance or business survival.
• It is not a “certificate” that controls are perfect.

Distinction from other financial services

External auditing can be confused with other engagements that involve financial information. The simplest way to separate them is by objective and output.

Accounting and bookkeeping

Accounting services record transactions, maintain ledgers, and prepare financial statements by applying the entity’s chosen policies and judgements.

An audit sits outside that process. The auditor evaluates what management has produced and forms an independent conclusion based on evidence.

Independence rules can restrict the auditor from preparing the accounts they later audit, especially for larger entities and higher-public-interest situations. For smaller entities, limited support may be permitted with safeguards, but the auditor cannot take management responsibility.

Review engagement (limited assurance)

A review engagement is designed to provide a lower level of assurance than an audit. The work typically relies more on discussion with management and analytical review than on detailed testing.

A useful way to compare the output is:

• In a review, the practitioner gives limited assurance. Instead of stating positively that the statements are fairly presented, they report in a cautious way that—based on the procedures performed—nothing has come to their attention that indicates the financial statements may be materially misstated (or not prepared in line with the stated framework).
• In an audit, the auditor reports a higher level of assurance and communicates an opinion in the conventional “in all material respects” framing under the stated framework.

Advisory and consultancy services

Advisory work aims to improve performance, design systems, strengthen controls, manage risk, or support transactions. It is improvement-focused and does not result in an assurance conclusion on the financial statements.

Assurance and reasonable assurance

Assurance is the outcome of professional work that increases users’ confidence in information. In an audit, the auditor collects evidence and uses professional judgement to reach a conclusion on the financial statements as a whole.

Why reasonable assurance is not certainty

Audit work delivers high confidence, but not certainty, for practical reasons:

• Judgement in reporting:many figures are estimates (for example, provisions, impairments, useful lives). Different reasonable assumptions can produce different outcomes.
• Sampling and selectivity:auditors target higher-risk areas and do not test every transaction.
• Evidence is often persuasive rather than definitive:many audit conclusions are supported by multiple indicators rather than a single “perfect proof”.
• Deliberate concealment:collusion, falsified documents, and senior management override can make detection harder.

Reasonable assurance means the auditor designs the work to reach a well-supported conclusion with a very small remaining chance of being wrong. That residual risk can be reduced, but it cannot be driven to zero.

Materiality

A misstatement is material if it could reasonably influence decisions made by users based on the financial statements.

Materiality has both:

• size(how big the misstatement is), and
• nature(what the misstatement relates to and why users might care).

A small number may still matter if it affects a borrowing covenant, changes a profit/loss outcome, hides a trend, or relates to sensitive disclosures.

Materiality is set for the financial statements as a whole. Auditors often also set performance materiality (a lower working level) to plan testing and evaluate differences, so that the combined effect of individually small issues is less likely to become material by the time the financial statements are finalised.

Audit opinion

The audit opinion is the headline conclusion communicated in the auditor’s report.

• Unmodified opinion:based on the work performed, the auditor reports that the financial statements are presented in accordance with the applicable frameworkin all material respects. This is a high level of assurance, but it does not mean every figure is perfect or that all fraud has been ruled out.
• Modified opinions:arise when the auditor concludes there is a significant unresolved issue. This can happen because:
  • the financial statements contain a material problem that is not corrected, and/or
  • the auditor is unable to obtain enough suitable evidence in an important area.

The effect on the report depends on how significant the issue is and whether it is confined to a specific area or affects the financial statements more broadly.

Audit scope

Scope describes what the audit covers and how the auditor plans to cover it, including:

• the reporting period and the entity (and group, if relevant),
• the financial statements and key disclosures,
• the higher-risk areas and planned responses,
• the planned extent of testing.

Scope is influenced not only by risk and materiality, but also by auditing standards, law and regulation, and (for groups) group scope decisions, such as which components are significant and whether component auditors are involved. The auditor cannot reduce work below what is needed to support a properly evidenced conclusion.

Expectations gap

The expectations gap is the mismatch between what users think an audit delivers and what it is designed to deliver.

Common misconceptions include believing that an audit:

• checks every transaction,
• guarantees fraud detection,
• confirms the business will remain successful,
• confirms controls are flawless.

Clear reporting and consistent explanation of materiality, assurance level, and limitations help reduce this gap.

Professional scepticism

Professional scepticism is a disciplined mindset that:

• stays alert to information that does not fit,
• challenges explanations when evidence is weak,
• recognises that bias can exist even without dishonesty,
• treats unusual patterns as signals to investigate.

It does not mean assuming management is dishonest. It means not accepting claims without adequate support.

Those charged with governance (TCWG)

Those charged with governance oversee financial reporting and internal control and engage with the auditor on significant matters. Depending on the entity, this may be the board, an audit committee, trustees, partners, or similar.

Their role typically includes:

• overseeing the integrity of financial reporting,
• challenging key judgements and estimates,
• supporting auditor independence and appropriate communication,
• receiving findings on significant risks and control weaknesses.

What’s in the auditor’s report

The exact layout varies by jurisdiction and circumstances, but many auditor’s reports contain the following sections or equivalents:

Opinion

The auditor’s conclusion on whether the financial statements are properly presented under the stated framework in all material respects.

Basis for opinion

A short explanation of the foundation for the opinion, typically referring to independence, the nature of the work performed, and the overall approach to evidence.

Going concern

Going concern is always considered as part of the audit. Extra reporting is triggered when the auditor identifies a material uncertainty related to going concern, or where going concern is a significant focus of the audit. For entities where key audit matters are reported, going concern may be presented as a key audit matter when it required significant auditor attention.

Key audit matters (where required)

Key audit matters are reported when the applicable auditor reporting standards or law require them (commonly for listed entities). They highlight the matters that were most significant in the audit and explain, at a high level, how they were addressed. This is not a list of all errors found.

Other information

A section explaining the auditor’s work relating to other narrative information published alongside the financial statements (for example, parts of an annual report), and what the auditor does and does not conclude about it.

Responsibilities of management and those charged with governance

A description of management’s responsibility for preparing the financial statements and for the control environment, and TCWG’s oversight role.

Auditor’s responsibilities

A description of what the auditor is responsible for doing, including planning the work and gathering evidence to support the opinion.

Other legal and regulatory reporting (where applicable)

Additional statements required by local law or regulators, which vary across jurisdictions.

Core theory and frameworks

Objective of an external audit

The auditor’s objective is to perform work that supports an independent conclusion on the financial statements. In practical terms, that means focusing on areas where a material problem could exist, designing procedures to address those risks, and evaluating whether the financial statements as a whole are reliable for users.

Responsibilities of management and TCWG

Management is responsible for:

• preparing the financial statements,
• selecting and applying suitable accounting policies,
• making reasonable estimates,
• maintaining records and controls that support reliable reporting.

Those charged with governance oversee management’s financial reporting responsibilities and engage with the auditor on significant issues and findings.

Auditor’s responsibilities

The auditor is responsible for:

• planning the audit using risk assessment and materiality,
• obtaining evidence through a mixture of tests and analysis,
• evaluating key estimates and accounting policies,
• concluding and reporting in an independent auditor’s report.

The auditor does not manage the business, prepare the accounts as management, or guarantee perfection.

Fraud and error

Errors are unintentional (miscalculations, misunderstandings, weak processes). Fraud involves deliberate manipulation of reporting or misappropriation of assets.

Management is responsible for prevention and detection through controls and governance. The auditor designs work to address the risk of material misstatement arising from fraud or error, while recognising that some fraud risks are inherently harder to detect.

Sampling and judgement

Auditors use judgement to decide what matters most, and sampling to test populations without checking everything. The key question is whether the work performed provides a sound basis for the conclusion.

Inherent limitations

Audits cannot remove all risk. Limitations arise from the need for judgement, the nature of evidence, practical constraints, and the possibility of concealment through collusion or override.

Applicable financial reporting framework

Financial statements are prepared using an identified reporting framework (such as a set of international or national standards and relevant law). The framework sets the criteria for recognition, measurement, presentation, and disclosure. The auditor evaluates the financial statements against those criteria.

Worked example

Mini case study: ABC Corporation (year ended 31 December 2025)

You are planning the audit of ABC Corporation, a mid-sized manufacturing company.

Management’s draft financial statements show:

• Revenue: 1,915,000
• Gross margin: 11.7%
• Current tax rate: 22.2%
• Capital expenditure during the year: 116,000

During the year, management highlights the following matters as “significant”:

• A sale of goods for 500,000 with a 4.4% early settlement discount.
• Raw materials purchases of 300,000 subject to 5% sales tax.
• Operating expenses paid of 200,000.
• Depreciation charged on machinery of 50,000.
• A cash share issue of 100,000.
• Dividends paid of 30,000.
• A bank loan received of 150,000 and principal repaid of 50,000.
• Interest paid of 10,000.
• An allowance for doubtful debts of 20,000.
• An inventory write-down of 15,000.
• A tax expense recorded using the stated tax rate.

The purpose of this case is not to “prepare accounts from scratch”, but to show how an auditor turns information into risks, evidence plans, and evaluation.

Planning notes: what could go wrong (risks linked to assertions)

Revenue and discounting

• Risk: revenue and receivables overstated if discounts are routinely taken but the accounting reflects the gross amount.
• Assertions most affected: accuracy, cut-off, valuation (receivables).

Purchases, inventory, and sales tax

• Risk: inconsistent treatment of sales tax (recoverable vs non-recoverable) could distort inventory valuation and cost of sales.
• Assertions: accuracy, valuation, classification.

Capital expenditure and depreciation

• Risk: capital items expensed, or depreciation timing/estimate errors (useful life, start date).
• Assertions: classification, valuation, accuracy.

Financing (loan and interest)

• Risk: principal repayments recorded as expenses, or interest misclassified.
• Assertions: classification, completeness, accuracy.

Allowance for doubtful debts

• Risk: allowance unsupported or biased, leading to overstatement of receivables and profit.
• Assertions: valuation, accuracy.

Inventory write-down

• Risk: write-down unsupported (overly pessimistic) or omitted (overly optimistic).
• Assertions: valuation.

Tax

• Risk: tax expense recorded mechanically without considering taxable profit adjustments, leading to misstatement of current tax payable and tax expense.
• Assertions: accuracy, completeness, classification.

Evidence approach: procedures that respond to the risks (examples)

Revenue and discounts

• Inspect sales terms and credit notes.
• Review post-year-end cash receipts and settlement patterns to assess how often discounts are taken.
• Recalculate revenue and receivables for a sample of discounted invoices.

Sales tax on purchases

• Inspect supplier invoices to confirm tax amounts.
• Agree sales tax treatment to tax returns and payments.
• Assess whether sales tax is recoverable for the entity and whether accounting treatment is consistent.

Capital expenditure

• Vouch additions to invoices, contracts, and asset registers.
• Confirm the date assets were available for use and recalculate depreciation from that point where relevant.
• Review repairs and maintenance accounts for misposted capital items.

Loan and interest

• Obtain direct confirmation from the lender (or alternative evidence) and agree balances to bank statements.
• Separate principal movements from interest; review classification in the financial statements.

Allowance for doubtful debts

• Review receivables ageing and subsequent receipts.
• Evaluate the method used to set the allowance (historical loss patterns, specific debtor issues).
• Challenge management where assumptions appear overly optimistic.

Inventory write-down

• Inspect evidence supporting net realisable value (selling prices after year end, condition/obsolescence).
• Reperform the write-down calculation on selected lines.

Tax

• Evaluate whether management’s current tax and any tax balances/disclosures are reasonable based on available evidence.
• Consider whether tax balances and disclosures are consistent with the tax computation and with filings/correspondence available to the audit team.

Minimal computations to support audit evaluation

These computations are included only to illustrate the amounts at risk.

Early settlement discount

• Discount: 4.4% × 500,000 = 22,000
• Net amount expected if discount earned: 500,000 − 22,000 =478,000

Implied profit signal from the draft margin

• Gross profit: 11.7% × 1,915,000 = 224,055
• If the listed expenses include operating expenses 200,000, depreciation 50,000, interest 10,000, allowance 20,000, and inventory write-down 15,000, then the draft performance would indicate a loss of70,945(224,055 − 295,000).
• Based on the limited information provided, this suggests no current tax payable, but the auditor should corroborate the position using management’s tax computation and available filings/correspondence.

Likely findings and their financial statement effect (illustrative)

The following are examples of issues an auditor might uncover in these areas. They are written as “effects” rather than a model journal list, to keep the focus on audit evaluation.

Discounted revenue not reflected

• Effect: revenue and trade receivables overstated by up to 22,000 (depending on whether the discount is expected to be earned and whether cash has been received net).

Sales tax treated inconsistently

• If recoverable sales tax is included in inventory cost: inventory and cost of sales may be overstated and a tax receivable understated.
• If non-recoverable sales tax is excluded from inventory cost: inventory may be understated.

Capital expenditure expensed

• Effect: operating expenses overstated and property, plant and equipment understated (and depreciation may also be misstated depending on timing).

Dividends recorded as an expense

• Effect: profit understated and retained earnings presentation incorrect (dividends are distributions to owners, not costs of operations).

Loan principal repayment recorded as an expense

• Effect: profit understated and the loan liability misstated; principal repayments should reduce the liability, while interest is the finance cost.

Allowance and write-down unsupported

• Effect: assets (receivables or inventory) may be overstated if allowances are too low, or understated if provisions are overly conservative. The auditor needs evidence, not simply the recorded number.

Reporting consequences (high level)

If management corrects material misstatements identified, the auditor is more likely to issue an unmodified opinion.

If management does not correct a material issue, the auditor evaluates the seriousness and breadth of the effect. If the issue is significant but confined, the report may be modified in a way that describes the specific area affected. If the effect is widespread across the financial statements, the modification becomes more severe.

If sufficient evidence cannot be obtained for an important area, the issue becomes one of evidence limitation, which can affect the conclusion even if a misstatement has not been proved.

Common pitfalls and misunderstandings

• Treating an audit as a complete re-performance of accounting, rather than an evidence-based evaluation of what management has produced.
• Assuming the auditor checks every transaction; audits are risk-directed and selective.
• Believing that high assurance means certainty.
• Confusing financial statement issues with business success: an audit conclusion is about reporting reliability, not future performance.
• Misclassifying key items:
  • dividends as expenses,
  • loan principal as an expense,
  • capital expenditure as operating cost,
  • allowances and write-downs without a clear evidence basis.
• Ignoring qualitative materiality (for example, covenant impact or sensitive disclosures).
• Misreading the auditor’s report as a guarantee rather than a reasoned conclusion supported by audit work.

Summary

An external audit is an independent assessment of whether financial statements are reliable for users’ decisions, with attention directed at issues that could matter to users. The auditor gathers and evaluates evidence, applies professional judgement, and reports a conclusion in the auditor’s report.

Audit assurance is high, but not absolute, because financial reporting involves estimates and judgement, audit evidence is not always definitive, and practical limits mean auditors use sampling and risk-focused procedures.

Responsibilities are distinct: management prepares the financial statements, those charged with governance oversee the process, and the auditor independently evaluates and reports.

FAQ

What is the primary objective of an external audit?

To obtain and evaluate evidence in order to report an independent conclusion on whether the financial statements are presented under the stated reporting framework in all material respects.

How does reasonable assurance differ from certainty?

Reasonable assurance provides high confidence based on evidence and judgement. Certainty would imply no remaining risk, which is not achievable because of estimation uncertainty, selectivity in testing, and the limits of evidence.

What does materiality do in practice?

Materiality helps the auditor decide what matters most for users. It influences planning, the extent of testing, and whether identified differences require correction or disclosure.

Who is responsible for fraud prevention?

Management is responsible for prevention and detection through controls and governance. The auditor plans work to address fraud risks that could lead to material misstatement, while recognising that some fraud can be difficult to uncover.

What are “key audit matters” and when do they appear?

They are included when required by the applicable auditor reporting standards or law (commonly for listed entities). They explain the matters that received the most auditor attention and how those matters were addressed at a high level.

Glossary

Allowance for doubtful debts
A contra account that reduces trade receivables to reflect amounts not expected to be collected, with the related charge recognised as an impairment loss.

Assurance
A professional conclusion that increases users’ confidence in information.

Audit opinion
The auditor’s reported conclusion on whether the financial statements are presented under the stated framework in all material respects.

Audit scope
The boundaries of audit work, shaped by risk, materiality, auditing standards, legal or regulatory requirements, and (where relevant) group considerations.

External audit
An independent engagement in which the auditor evaluates financial statements using evidence and judgement and reports a conclusion for users.

Expectations gap
The mismatch between what users believe an audit delivers and what the audit is designed to deliver.

Inherent limitations
Constraints that prevent an audit from providing certainty, including judgement, sampling, the nature of evidence, and the possibility of concealment.

Materiality
A threshold used to judge whether a misstatement could reasonably influence users’ decisions, considering both size and nature.

Misstatement
A difference between what is reported and what should be reported (in recognition, measurement, presentation, or disclosure), arising from error or fraud.

Professional scepticism
A questioning mindset that critically assesses evidence and remains alert to possible misstatement due to error or fraud.

Reasonable assurance
A high level of confidence obtained through audit work, while recognising that a low residual risk of an inappropriate conclusion remains.

Those charged with governance (TCWG)
The individuals or group responsible for overseeing financial reporting and internal control and engaging with the auditor on significant matters.

Applicable financial reporting framework
The set of reporting rules and requirements used to prepare the financial statements, forming the criteria against which presentation is evaluated.