Faculty of Business Management

BAC 215 Auditing 1

Date: , December 2021

INSTRUCTIONS TO CANDIDATES
This paper contains two sections A and B.
Section A is compulsory carries 40 marks, attempt any ONE questions from section B
A total of THREE questions should be attempted.

Read the following before answering the examination questions.

1. Section A is compulsory
2. Read each question carefully before you answer.
3. Apportion your time according to the marks allocated for the question.
4. Apportion your time equally between Section A and B.
5. Firstly answer the questions that you feel can obtain the most marks for you but, if
there are any compulsory questions, you must ensure that you attempt these.
6. Number the answers to the questions clearly before answering.
7. Please write as neatly as possible as illegible handwriting cannot be marked.
SECTION A
Q. 1

With over 78% of the country’s total population below the age of 30 years, Uganda is
the most youthful (18 to 35 year) country in East Africa, with most youth both the skilled
or educated and the unskilled.

Several youths are migrating to Kampala, thinking that life in the city is way much better
to start and try out various businesses i.e Salons, Cloths Shop, Restaurants, Arcades,

Cavendish University Uganda - Examination, 2021

Page 1 of 14
Petrol Stations, Phone Repair , Retail Shops or even a driver or conductor in order to
survive.Others have created partnerships or corporation

Required:

a) Recommend the kind of records these youths ought to keep (5

marks)

Key records that the youths ought to keep in mind

Having betted his only 5000 Uganda shillings that he had, he now continues to his work
place, maybe a salon, cloths shop, restaurants, arcades, petrol stations, phone repair
shops or even a bus/taxi park. Remember that at the end of the day, if he is lucky, he will
win some amount, but if not, he will have to walk back home. That is the life of a youth
in Kampala, living on probability.

Those going to salons, suffer the challenge of having to stand by the roadside to call
customers. Several girls stand outside grand corner plaza in Kampala central calling
women, “sister saloon?” It’s a common phrase that these ladies use to ask girls passing
by whether they want salon services, a day without a customer, is a wasted day without
any pay.

Boys working in cloths shops, especially those both outside and inside park Enkadde
Mall, still in Kampala central have to nearly force girls passing by to buy their clothes.
Having to pull every passing girl’s hand, to drag her to their shop and buy something,
ignorantly, they chase away the would be clients.

The ones in restaurants, especially girls, face all sorts of insults from men. The worst kind
of disrespect that any girl would ever get is that which the girls that work in Kampala
restaurants get. Having to walk miles of distance through five buildings, just to take only
one plate of food so as to earn 500 Ugshs. Only to reach there, and she is abused why
she delayed. Men touching her body the way they want, and just because she wants to
keep the customer, she is entitled to just tolerate.

Besides those, there is also this category of the youth in Kampala, the ones who carry
luggage. This is the most touching group, watching a young boy of about 20 years,
carrying a baggage of about 200 kilograms, when he can barely walk and with red eyes,
probably because the heavy weight that the load exerts on him. All this hustle, just for
2000 Ugshs. What kind of suffering would be more than that to a normal youth?

Cavendish University Uganda - Examination, 2021

Page 2 of 14
It is because of these difficulties that the youth in Kampala go through to put something
in their pockets that is pushing them to resort to robbery, spamming and other sorts of
criminality. Some frustrated youth in Kampala even resort to drug abuse, because it
makes them forget about their hustles at least for a moment.

b) Advise these youths whether they can solicit for the auditor’s services. (7
marks)

The youths can solicit for auditors services because auditors provide;
Advisory and consulting engagements because it involves review of existing business
processes and strategies, as well as implementations. It also includes evaluation and
advice on policies, procedures, process enhancements, and any management requests
for reviews of areas considered mutually critical.
Consulting Services – Consulting services are advisory and other service activities
include counsel, advice, facilitation, process design and limited training. The objective of
consulting services is to add value in the development or modification of processes,
procedures, and controls to minimize risk and achieve objectives. The nature and scope
of particular consulting services are agreed upon with management. Internal Audit will
not assume management’s responsibilities in order to maintain appropriate objectivity
and independence.
c) Describe the would be benefits of conducting an audit for the above
entities. (8 marks)

Auditing can also provide the following benefits to the youths planning to start up
small businesses in Kampala

Auditing provides valuable information

Audits provide valuable information about a business and can save you a lot of misery
especially with the IRS if taxes are improperly filed, expenses are taken that are not
allowed. Failure to comply or improperly filing could trigger an IRS audit!

Auditing identifies problems in book keeping

An audit is like a general check-up. Audits can help locate and identify errors in book
keeping and records. If you have a partner(s) and employees embezzlement is always a
possibility and something that would be found out with a proper audit.

Cavendish University Uganda - Examination, 2021

Page 3 of 14
Auditing provides check-up messages

Just as you get a periodic check-up as a precautionary measure, so too an audit is a

business checkup where identifying a mistake today leads to action that can be taken
before it becomes a looming problem in the future.

Through such auditing services entrepreneurs can be in position to get loans

Some banks and lenders require an audit to determine eligibility for bank loans, lines of
credit, and other types of loans. Even if it's not required, a financial audit might make
obtaining a loan easier as well as helping you obtain a lower interest rate.

Auditing provides insights in businesses

A financial audit provides business owners an insight into their business and points out
the weak as well as strong points in your operation. This understanding is crucial to the
success of any business, regardless of its size.

Improves The Business Process: 

One of the important objectives of a small business owner is the improvisation of

operational inefficiencies. To meet this objective, an audit can help you to identify
existing and potential loopholes and ultimately improve the overall running of the
business. For instance, an accounting audit report can help you to get a detailed
insight into the expected profit margins and actual returns through a technical
accounting process. 

Improves Control And Reduce Frauds: 

As part of the audit procedures, the auditor will review and test your company’s
procedure to check whether they are operating smoothly or not. Further, your audit
service provider will make suggestions to the owner in case any suspicious activity is
identified. He/she will also crosscheck each and every transaction along with the
authorized invoices and bank accounts. In all, recurring analysis of operations and
internal control can prevent and detect various forms of fraud and other accounting
irregularities. 

Ensures Regulatory Compliance: 

Cavendish University Uganda - Examination, 2021

Page 4 of 14
Effective Audit can provide a comprehensive review of your organization’s adherence to
regulatory and statutory obligations. It will also help you to evaluate the strength of
compliance preparations, security policies, and risk management procedures of the
organization. Such a detailed outline will help you to gain a competitive edge, promotes
consistency, and maximize allowable deductions.

Other Benefits Of Auditing: 

Apart from the above major benefits, there are a number of good reasons why auditing
is important for small entrepreneurs:

i. It helps the stakeholders to get a bird’s eye view of your financial

performance.
ii. Assists prospective investors to analyze the reports and make a smart and
tactful investment decision.
iii. Enhances the credibility and reliability of your company’s trading
performance.
iv. It provides an assurance to stakeholders that the business is being operated
efficiently.
v. The report can be used to promote accountability for the managers and
employees in your company.
vi. Increase the credit rating in the market and therefore, get eligible for loans
through financial institutions.

Overall, an internal audit is an excellent way to enhance the functioning and profitability
of your business. It will also help you to track and address internal issues, gain more
control over your finances, and promote greater reliability to stakeholders. So, if you
want to be a successful entrepreneur and significantly improvise your profit digits, then
an internal audit is something that cannot be ignored.

The engagement letter documents and confirms the auditor's acceptance of the
appointment, the objective and scope of the audit, the extent of the auditor's
responsibilities to the client and the form of any reports. Scope and nature of the
audit, and setting forth a contractual relationship between the Auditor and the
Company.

Cavendish University Uganda - Examination, 2021

Page 5 of 14
 a) Under what circumstances may the auditor send the above letter? (6
marks)

An engagement letter is sent by an auditor to his client, after the receipt of

communication regarding his appointment, but preferably before the commencement
of engagement, spewing out the extent of his responsibilities in order to avoid any
misunderstanding with respect to his engagement and documents and confirming the
acceptance of appointment, the objectives and scope of audit, the extent of
responsibilities and the form of reports to be made to the client.

The auditor may send an engagement letter basing on the following

circumstances;

When it clearly defines the extent of the auditor’s responsibilities and minimizes
the possibility of any misunderstanding between the client and the auditor.

When the auditor is confirming acceptance of his appointment the scope of an

audit and the form of his report.

When the client becomes aware of the directors’ statutory responsibilities, which
in no way are diminished by the appointment of an auditor.

When management is informed that the audit tests would be based upon the
results of an evaluation of internal control.

When the client has explained the statutory requirements of the company’s
ordinance and through the matters to be reported are satisfied by law; the auditor
would be free to report on the matter in respect of which he is not satisfied.

When the client becomes informed about the other professional services that the
auditor can provide.

When the client is briefed that the discovery of fraud is not the main aim of the
audit.

When the scope of special or additional work is also determined.

Cavendish University Uganda - Examination, 2021

Page 6 of 14
 When the basis of computation of frees is brought to the knowledge of the client.

b) Describe the contents of the permanent audit file (4 marks)

Content of permanent audit file :

(a) Copy of initial appointment letter if the engagement is of recurring nature.

(b) Record of communication with the retiring auditor, if any, before acceptance of the
appointment as auditor.

(c) NOC from previous auditor.

(d) Information concerning the legal and organisational structure of the entity.

In the case of a company, this includes the Memorandum and Articles of Association. In
the case of a statutory corporation, this includes the Act and Regulations under which
the corporation functions, i.e.

(i) In case of partnerships- Partnership deed.

(ii) In case of trusts- Trust deed.

(iii) In case of societies- Certificate of registration/ Rules and Bye-laws.

(e) Organisational structure of the client.

(f) List of governing body including Name, Address and contact details. For instance, the
list of directors
in case of a company, list of partners in a partnership and list of trustees in a trust.

(g) Extracts or copies of important legal documents, agreements and minutes relevant to
the audit.

(h) A record of the study and evaluation of the internal controls related to the
accounting system. This might be in the form of narrative descriptions, questionnaires or
flow charts, or some combination thereof.

(i) Copies of audited financial statements for previous years

(j) Analysis of significant ratios and trends

Cavendish University Uganda - Examination, 2021

Page 7 of 14
(k) Copies of management letters issued by the auditor, if any.

(l) Notes regarding significant accounting policies.

(m) Significant audit observations of earlier years.

(n) Assessment of risks and risk management

(o) Major policies related to Purchases and Sales

(p) Details of sister concerns

(q) Details of Bankers, Registrars, Lawyers etc

(r) Systems and Data Security policies

(s) Business Continuity Plans

a) Briefly describe reasons why an internal auditor is less independent and

suggest ways to increase their independence. (10 marks) Total 20
marks

Self-Interest Threat

A self-interest threat exists if the auditor holds a direct or indirect financial interest in
the company or depends on the client for a major fee that is outstanding.

Self-Review Threat

A self-review threat exists if the auditor is auditing his own work or work that is done by
others in the same firm.

Advocacy Threat

An advocacy threat exists if the auditor is involved in promoting the client, to the point
where their objectivity is potentially compromised.

Familiarity Threat

A familiarity threat exists if the auditor is too personally close to or familiar with
employees, officers, or directors of the client company.

Cavendish University Uganda - Examination, 2021

Page 8 of 14
 Intimidation Threat

An intimidation threat exists if the auditor is intimidated by management or its directors

to the point that they are deterred from acting objectively.

INDEPENDENCE:

The audit charter should establish independence of the internal audit activity by the
dual reporting relationship to management and the organization's most senior oversight
group. Specifically, the CAE should report to executive management for assistance in
establishing direction, support, and administrative interface; and typically to the audit
committee for strategic direction, reinforcement, and accountability. The internal
auditors should have access to records and personnel as necessary, and be allowed to
employ appropriate probing techniques without impediment.

Cavendish University Uganda - Examination, 2021

Page 9 of 14
 SECTION B

Q. 4

a) ISA 315 Identifying and Assessing the Risks of Material Misstatement through
Understanding the Entity and Its Environment requires auditors to obtain an
understanding of the internal control system of an entity.
Required:
Clearly and with illustrations, explain the elements of an internal control system
as per COSO. (12
marks)

1. Control Environment
Control environment is the attitude toward internal control and control consciousness
established and maintained by the management and the employees of an organization. It
is a product of management’s philosophy, style and supportive attitude, as well as the
competence, ethical values, integrity, and morale of the organization’s people. The
organization structure and accountability relationships are key factors in the control
environment.

Principles for the Control Environment

- Demonstrates commitment to integrity and ethical values
- Exercises oversight responsibility
- Establishes structure, authority and responsibility
- Demonstrates commitment to competence
- Enforces accountability

2. Communication (and Information)

Communication is the exchange of useful information between and among people and
organizations to support decisions and coordinate activities. Within an organization,
information should be communicated to management and other employees who need it
in a form and within a time frame that helps them to carry out their responsibilities.
Communication also takes place with outside parties such as customers, suppliers and
regulators. 

Principles for Communication and Information

- Uses relevant information

Cavendish University Uganda - Examination, 2021

Page 10 of 14
- Communicates internally
- Communicates externally

3. Risk Assessment
Risks are events that threaten the accomplishment of objectives. They ultimately impact
an organization’s ability to accomplish its mission. Risk assessment is the process of
identifying, evaluating and determining how to manage these events. At every level within
an organization there are both internal and external risks that could prevent the
accomplishment of established objectives. Ideally, management should seek to prevent
these risks. However, sometimes management cannot prevent the risk from occurring. In
such cases, management should decide whether to accept the risk, reduce the risk to
acceptable levels, or avoid the risk. To have reasonable assurance that the organization
will achieve its objectives, management should ensure each risk is assessed and handled
properly. 

Principles for Risk Assessment

- Specifies suitable objectives
- Identifies and analyses risk
- Assesses fraud risk
- Identifies and analyses significant change

Impact – Is generally beyond the organization’s control in the short-to-medium term.

Likelihood – Is the main focus of an organization’s internal control

What are the possible risks in your area of operations and what is the likely impact of
each?

How to Deal With Risk

Managing Risk 
- Accept the risk: Do not establish control activities
- Prevent or reduce the risk: Establish control activities
- Avoid the risk: Do not carry out the function

Preventing or Reducing Risk

- What is the cause of the risk?

Cavendish University Uganda - Examination, 2021

Page 11 of 14
- What is the cost of control vs. the cost of the unfavorable event?
- What is the priority of this risk?

Managing Risk during Change

- What necessary training needs to be carried out?
- What necessary review and oversight needs to be carried out during the period of
change?

4. Control Activities 
Control activities are tools - both manual and automated - that help prevent or reduce
the risks that can impede accomplishment of the organization’s objectives and mission.
Management should establish control activities to effectively and efficiently accomplish
the organization’s objectives and mission. 

Principles for Control Activities

- Selects and develops control activities
- Selects and develops general controls over technology
- Deploys through policies and procedures

5. Monitoring
 Monitoring is the review of an organization’s activities and transactions to assess the
quality of performance over time and to determine whether controls are effective.
Management should focus monitoring efforts on internal control and achievement of
organization objectives. For monitoring to be most effective, all employees need to
understand the organization’s mission, objectives, and responsibilities and risk tolerance
levels.

Principles for Monitoring

- Conducts ongoing and/or separate evaluations
- Evaluates and communicates deficiencies

Many businesses, including SMEs, use computer-based accounting systems to

understand the controls in a computer-based system, as well as appreciating its effects
on the auditor's risk assessment and audit methods.

Cavendish University Uganda - Examination, 2021

Page 12 of 14
 a) Examine why Computer Assisted Audit Techniques are frequently used in
audit operations (CAATs). (10 marks)

They are used in the absence of input documents or lack of a visible paper trail may
require the use of CAATs in the application of compliance and substantive procedures.

CAATS are used because of the need for obtaining sufficient, relevant and useful
evidence from the IT applications or database as per audit objectives.

They are used in ensuring audit findings and conclusions are supported by
appropriate analysis and interpretation of the evidence

CAATS are frequently used because of the need to access information from systems
having different hardware and software environments, different data structure, record
formats, processing functions in a commonly usable format.

They are used because of the need to increased audit quality and comply with auditing
standards.

CAATS are used because of the need to identify materiality, risk and significance in an IT
environment.

CAATS are Improving the efficiency and effectiveness of the audit process. 8.
Ensuring better audit planning and management of audit resources.

b) Explain the meaning of the following terms in relation to audit evidence:

i. Sufficiency of evidence (3
mark)

Sufficiency is the measure of the quantity of audit evidence. The quantity of audit
evidence needed is affected by the following:

 Risk of material misstatement (in the audit of financial statements) or the risk
associated with the control (in the audit of internal control over financial
reporting). As the risk increases, the amount of evidence that the auditor should
obtain also increases. For example, ordinarily more evidence is needed to
respond to significant risks.2/

 Quality of the audit evidence obtained. As the quality of the evidence increases,
the need for additional corroborating evidence decreases. Obtaining more of the

Cavendish University Uganda - Examination, 2021

Page 13 of 14
 same type of audit evidence, however, cannot compensate for the poor quality of
that evidence.

ii. Appropriateness of evidence (5

marks)

Appropriateness is the measure of the quality of audit evidence; that is, its relevance
and its reliability in providing support for the conclusions on which the auditor’s opinion
is based.

The auditor should obtain sufficient appropriate audit evidence in order to be able to
form an audit opinion.

Good luck

Cavendish University Uganda - Examination, 2021

Page 14 of 14