Professional Documents
Culture Documents
Merged - PDF Auditing and Investigation
Merged - PDF Auditing and Investigation
XXXXXXX 1
UNIT Unit X, section X: XXXXXXX
Dear Student, you are warmly welcome to this module, ACC 411 Auditing
and Investigation. For most of you, this Unit may seem a revision of
previously-acquired knowledge in Auditing and Assurance Services.
However, it is absolutely essential that you acquaint yourself with the
material in this Unit as it forms the basis of most of the advanced topics we
will be covering in this course.
This Unit, like all the subsequent Units, has six sections.
Section 1 Regulatory Institutions of Audit Practice in Ghana
Section 2 Public Sector Auditing framework
Section 3 International Standards on Auditing
Section 4 Ethical Requirements for Auditors
Section 5 Auditor’s Civil and Criminal Liability
Section 6 Quality Control for Professional Auditing Firms
We hope you will enjoy the journey through this Unit with us.
12 UEW/IEDE
AUDITING AND
This page is left blank for your notes INVESTIGATION
UEW/IEDE 13
REGULATORY INSTITUTIONS OF AUDIT PRACTICE IN
AUDITING AND
UNIT 1 SECTION
INVESTIGATION
1
Unit 1, section
GHANA 1: Regulatory institutions of audit practice in Ghana
This section will introduce students to the regulatory bodies and authorities
of the audit practise. Institutions such as International Federation of
Accountants [IFAC], The Institute of Chartered Accountants –Ghana, The
Ghana Audit Service and The Internal Audit Agency help to regulate audit
practice and it is important every student gets the structures right from the
start.
IFAC’s governing body, staff and volunteers are committed to the values of
integrity, transparency and expertise. IFAC also seeks to reinforce auditors’
adherence to these values, which are reflected in the IFAC Code of Ethics
for Auditors.
Primary Activities
Serving the Public Interest
IFAC provides leadership to the worldwide accountancy profession in
serving the public interest by:
Developing, promoting and maintaining global professional standards
and a Code of Ethics for Auditors of a consistently high-quality;
Actively encouraging convergence of professional standards,
particularly, auditing, assurance, ethics, education, and public and
private sector financial reporting standards;
Seeking continuous improvements in the quality of auditing and
financial management;
Promoting the values of the accountancy profession to ensure that it
continually attracts high calibre entrants;
Promoting compliance with membership obligations; and
Assisting developing and emerging economies, in cooperation with
regional accounting bodies and others, in establishing and maintaining a
14 UEW/IEDE
AUDITING AND
Unit 1, section 1: Regulatory institutions of audit practice in Ghana INVESTIGATION
Membership
IFAC is comprised of about 160 members and associates in over 120
countries worldwide representing more than 2.5 million accountants in
public practice, industry and commerce, the public sector, and education.
IFAC’s strengths derive not only from its international representation, but
also from the support and involvement of its individual member bodies,
dedicated to promoting integrity, transparency, and expertise in the
accountancy profession, as well as from the support of regional accountancy
bodies.
Standard-Setting Initiatives
IFAC has long recognized the need for a globally harmonized framework to
meet the increasingly international demands that are placed on the
accountancy profession, whether from the business, public sector or
education communities. Major components of this framework are the Code
of Ethics for Auditors, International Standards on Auditing (ISAs),
International Education Standards, and International Public Sector
Accounting Standards (IPSASs).
UEW/IEDE 15
AUDITING AND
INVESTIGATION Unit 1, section 1: Regulatory institutions of audit practice in Ghana
16 UEW/IEDE
AUDITING AND
Unit 1, section 1: Regulatory institutions of audit practice in Ghana INVESTIGATION
UEW/IEDE 17
AUDITING AND
INVESTIGATION Unit 1, section 1: Regulatory institutions of audit practice in Ghana
18 UEW/IEDE
AUDITING AND
Unit 1, section 1: Regulatory institutions of audit practice in Ghana INVESTIGATION
The Institute has several working committees just like the IFAC which
include:
Education and Training
Admissions
Examination
Professional Standards & Ethics
Technical & Research
Publication and Public Relations
National Advisory Council
Member Services
UEW/IEDE 19
AUDITING AND
INVESTIGATION Unit 1, section 1: Regulatory institutions of audit practice in Ghana
Disqualification of an Auditor
The Companies Act outlines the following criteria under sections 270 and
296 for disqualifying an auditor of a company:
An officer of the company or of any associated company;
A person who is a partner of or in the employment of an officer of the
company or of any associated company;
An infant;
Any person found by a competent court to be a person of unsound mind;
A body corporate, except that members of an incorporated partnership
may be appointed in the manner provided by subsection (2) of section
134 of this Code;
Any one in respect of whom an order shall have been made under
section 186 of this Code so long as such order remains in force unless
leave to act as auditor of the company concerned has been given by the
Court in accordance with that section;
An undischarged bankrupt, unless he shall have been granted leave to
act as auditor of the company concerned by the court by which he was
adjudged bankrupt;
A person who is for the time being disqualified from acting as auditor of
a company by order of the Registrar.
If, having been adjudged an insolvent or bankrupt, he has not been granted
by a court of competent jurisdiction a certificate to the effect that his
insolvency or bankruptcy has arisen wholly or partly from unavoidable
losses or misfortunes, the Institute will not by its own volition re-admit that
individual as a member.
20 UEW/IEDE
AUDITING AND
Unit 1, section 1: Regulatory institutions of audit practice in Ghana INVESTIGATION
inquiry, made a report to the Council that the person concerned has been
guilty of professional misconduct.
The Council may, in lieu of exercising its powers, suspend the person
concerned from membership of the Institute or withhold his registration,
for such period as the Council may deem fit.
The Council may also strike off the register of the Institute the name of a
chartered accountant or cancel the registration of a practising accountant
if the prescribed fees remain unpaid for a period exceeding four months.
A person whose name has been struck off the register of the Institute or
whose registration has been cancelled may have his name or registration
restored if the Council is satisfied that he has become subsequently a fit
and proper person to practise the profession of an accountant.
Any person aggrieved by a decision of the Council may appeal against
that decision to the High Court. Every appeal against a decision shall be
made by petition in writing, lodged within three months after the date of
that decision; and be heard and decided by a Judge of the High court
after such summary inquiry as that Judge may deem requisite.
Restrictions
Under the Chartered Accountants Act, 1963 (Act 170),
No person who is not a chartered accountant or is not a practising
accountant is permitted to carry on practice as an auditor of financial
statements.
No person who is a chartered accountant or is a practising accountant is
permitted to practise as an accountant unless he/she is the holder of a
certificate to practise which is for the time being in force. Every
certificate to practise is issued by the Council, renewable annually and
upon payment of the prescribed annual subscription. Every certificate to
practise is valid until thirty-first day of December of the year of issue of
that certificate.
Disciplinary Procedures
The Institute of Chartered Accountant –Ghana has a just and effective
investigative and disciplinary regime that provides a means of bringing to
account those who fail to maintain high professional standards.
There are provisions in the Chartered Accountants Act that govern
investigation and discipline of misconduct, including breaches of
professional standards and rules by its individual members and firms.
UEW/IEDE 21
AUDITING AND
INVESTIGATION Unit 1, section 1: Regulatory institutions of audit practice in Ghana
Sanctions
ICAG operates a just and effective investigative and disciplinary regime.
The regime would allow those who judge issues relating to misconduct to
impose a range of penalties, including:
Reprimand;
Loss or restriction of practice rights;
Fine/payment of costs;
Loss of professional title (designation); and
Exclusion from membership.
Review Questions
Outline the primary responsibilities of IFAC
State the functions of IAASB, IESBA, IPSASB, IAESB
Discuss how ICAG regulates the accountancy profession in Ghana
Outline the qualification requirement of an Auditor of a company and
the disqualification criteria of an Auditor
22 UEW/IEDE
AUDITING
AUDITING AND
AND
This page is
Unit 1, section 1: Regulatory institutions ofleft blank
audit for your
practice notes INVESTIGATION
in Ghana INVESTIGATION
UEW/IEDE 23
PUBLIC SECTOR AUDITING FRAMEWORK
AUDITING AND
UNIT 1 SECTION
INVESTIGATION
2
Unit 1, section 2: Public sector auditing framework
By the end of the section, you should be able to understand how Parliament,
Ghana Audit Service and Internal Audit Agency regulate and impact audit
practice in Ghana.
Examination of accounts
The Auditor-General shall examine in such manner as he thinks necessary
the public and other government accounts and shall ascertain whether in his
opinion:
24 UEW/IEDE
AUDITING AND
Unit 1, section 2: Public sector auditing framework INVESTIGATION
UEW/IEDE 25
AUDITING AND
INVESTIGATION Unit 1, section 2: Public sector auditing framework
The salary and allowances payable to the Auditor-General, the facilities and
privileges available to the Auditor-General shall be determined by the
President on the recommendations of not more than five persons appointed
by the President, acting in accordance with the advice of the Council of
State. His rights in respect of leave of absence, retiring award or retiring age
shall not be varied to his disadvantage during his tenure of office. The
provisions of article 146 of the Constitution relating to the removal of a
Justice of the Superior Court of Judicature from office shall apply to the
Auditor-General. The Auditor-General may at any time resign his office in
writing addressed to the President.
26 UEW/IEDE
AUDITING AND
Unit 1, section 2: Public sector auditing framework INVESTIGATION
The above paragraph shall not preclude the President, acting in accordance
with the advice of the Council of State, from requesting the Auditor-General
in the public interest, to audit, at any particular time, the accounts of any
such body or organization.
UEW/IEDE 27
AUDITING AND
INVESTIGATION Unit 1, section 2: Public sector auditing framework
Any public money was not duly accounted for and paid into the
Consolidated Fund or other designated public account;
An appropriation was exceeded or was applied for a purpose or in a
manner not authorised by law;
Expenditure was not authorised or properly vouched for or certified;
There has been a deficiency through fraud, default or mistake of any
person;
Applicable internal control and management measures are inefficient or
ineffective;
the use or custody of property, money, stamps, securities, equipment,
stores, trust money, trust property or other assets has occurred in a
manner detrimental to the State;
Resources have not been used with due regard to economy, efficiency
and effectiveness in relation to the results attained;
In the public interest, the matter should be brought to the notice of
Parliament.
Publication of reports
The Auditor-General shall publish his reports on the public accounts of
Ghana and the statement of foreign exchange receipts and payments of the
Bank of Ghana as soon as the reports have been presented to the Speaker to
be laid before Parliament.
The Auditor-General shall submit copies of the published reports to—
The Government Archivist;
All public and University libraries in Ghana;
The libraries of the Ghana Institute of Management and Public
Administration (GIMPA) and the Managing Development and
Productivity Institute (MDPI);
Members of the Board; and
Any other institution approved by the Board.
28 UEW/IEDE
AUDITING AND
Unit 1, section 2: Public sector auditing framework INVESTIGATION
UEW/IEDE 29
AUDITING AND
INVESTIGATION Unit 1, section 2: Public sector auditing framework
30 UEW/IEDE
AUDITING AND
Unit 1, section 2: Public sector auditing framework INVESTIGATION
The Agency holds dearly and is to regularly review the ethical conduct of
Internal Auditors regarding the following:
Integrity – Such that Internal Auditors will perform their work with
honesty and diligence; not knowingly be a party to any illegal activities
or engage in acts that discredit the work of internal auditing or the MDA
or MMDA they work for; make disclosures required by law and the
standards; not participate in any activity or relationship that may impair
or is likely to be taken to impair unbiased assessment, including an
activity or a relationship that may be in conflict with the interests of the
MDA or MMDA; not accept anything or any favour that may impair or
might be taken to affect their professional judgement; and disclose all
material facts known to them, the non-disclosure of which may distort
any reporting activity.
UEW/IEDE 31
AUDITING AND
INVESTIGATION Unit 1, section 2: Public sector auditing framework
You also learnt about how the public sector accountability is regulated by
the internal audit agency. In the next section, you will learn about
international standards on auditing.
Review Questions
Explain the code of ethics of Internal Auditors
Outline the functions of the Internal Audit Agency
32 UEW/IEDE
AUDITING AND
Unit 1, section 2: Public sector auditing framework INVESTIGATION
UEW/IEDE 33
INTERNATIONAL STANDARDS ON AUDITING
AUDITING AND
UNIT 1 SECTION
INVESTIGATION
3
Unit 1, section 3: International standards on auditing
At the end of the section, you should be able to understand and outline the
overarching International Standards on Auditing.
Audit planning
ISA 300 Planning an Audit of Financial Statements
ISA 315 Identifying and assessing the risks of material misstatement
through understanding the entity and its environment
ISA 320 Materiality in planning and performing an audit
ISA 330 The auditor's responses to assessed risks
Internal Control
ISA 402 Audit Considerations Relating to an Entity Using a Service
Organization
ISA 450 Evaluation of Misstatements Identified during the Audit
34 UEW/IEDE
AUDITING AND
Unit 1, section 3: International standards on auditing INVESTIGATION
Audit evidence
ISA 500 Audit Evidence
ISA 501 Audit Evidence – Additional Considerations for Specific Items
ISA 505 External Confirmations
ISA 510 Initial Engagements - Opening Balances
ISA 520 Analytical Procedures
ISA 530 Audit Sampling and Other Means of Testing
ISA 540 Auditing Accounting Estimates, Including Fair Value
Accounting Estimates, and Related Disclosures
ISA 550 Related Parties
ISA 560 Subsequent Events
ISA 570 Going Concern
ISA 580 Written Representations
Specialized areas
ISA 800 Special Considerations-Audits of Financial Statements
Prepared in Accordance with Special Purpose Frameworks
ISA 805 Special Considerations-Audits of Single Financial Statements
and Specific Elements, Accounts or Items of a Financial Statement
ISA 810 Engagements to Report on Summary Financial Statements
International Standard on Quality Control (ISQC) 1, Quality Controls
for Firms that Perform Audits and Reviews of Financial Statements, and
Other Assurance and Related Services Engagements
UEW/IEDE 35
AUDITING AND
INVESTIGATION Unit 1, section 3: International standards on auditing
Related Services
4000-4699 INTERNATIONAL STANDARDS ON RELATED SERVICES
(ISRSS)
4400 Engagements to Perform Agreed-upon Procedures Regarding
Financial Information (Previously ISA 920) arrangements to Compile
Financial Information (Previously ISA 930)
36 UEW/IEDE
AUDITING AND
Unit 1, section 3: International standards on auditing INVESTIGATION
Review Questions
Outline the International Auditing Standards. ISAs
Which standard relates to Audit Evidence
The Overall Objectives of the Independent Auditor and the Conduct of
an Audit in Accordance with International Standards on Auditing refers
to ISA …………….
UEW/IEDE 37
ETHICAL REQUIREMENTS OF AUDITOR
AUDITING AND
UNIT 1 SECTION
INVESTIGATION
4
Unit 1, section 4: Ethical requirements of auditor
At the end of the chapter, you should be able to describe professional ethical
requirements for auditors with reference to Professional Appointment,
Conflicts of interest, Second Opinions, Fees and Other Types of
Remuneration, Marketing Professional Services , Gifts and Hospitality ,
Custody of Client Assets and Objectivity.
Part A of the IFAC Code of Ethics for Professional Accountants has general
application to all assignments undertaken by all professional accountants.
Part B of the Code spells out the ethical requirements specific to
accountants in public practice (professional auditors/auditing firms).
38 UEW/IEDE
AUDITING AND
Unit 1, section 4: Ethical requirements of auditor INVESTIGATION
Self-Review Threats
Examples of circumstances that create self-review threats for an auditor
include:
A firm issuing an assurance report on the effectiveness of the operation
of financial systems after designing or implementing the systems.
A firm having prepared the original data used to generate records that
are the subject matter of the assurance engagement.
A member of the assurance team being, or having recently been, a
director or officer of the client.
A member of the assurance team being, or having recently been,
employed by the client in a position to exert significant influence over
the subject matter of the engagement.
The firm performing a service for an assurance client that directly
affects the subject matter information of the assurance engagement.
Advocacy Threats
Examples of circumstances that create advocacy threats for an auditor
include:
The firm promoting shares in an audit client.
An auditor acting as an advocate on behalf of an audit client in litigation
or disputes with third parties.
Familiarity Threats
Examples of circumstances that create familiarity threats for an auditor
include:
A member of the engagement team having a close or immediate family
member who is a director or officer of the client.
A member of the engagement team having a close or immediate family
member who is an employee of the client who is in a position to exert
significant influence over the subject matter of the engagement.
A director or officer of the client or an employee in a position to exert
significant influence over the subject matter of the engagement having
recently served as the engagement partner.
An auditor accepting gifts or preferential treatment from a client, unless
the value is trivial or inconsequential.
Senior personnel having a long association with the assurance client.
UEW/IEDE 39
AUDITING AND
INVESTIGATION Unit 1, section 4: Ethical requirements of auditor
Intimidation Threats
Examples of circumstances that create intimidation threats for an auditor in
public practice include:
A firm being threatened with dismissal from a client engagement.
An audit client indicating that it will not award a planned non-assurance
contract to the firm if the firm continues to disagree with the client’s
accounting treatment for a particular transaction.
A firm being threatened with litigation by the client.
A firm being pressured to reduce inappropriately the extent of work
performed in order to reduce fees.
An auditor feeling pressured to agree with the judgment of a client
employee because the employee has more expertise on the matter in
question.
An auditor being informed by a partner of the firm that a planned
promotion will not occur unless the accountant agrees with an audit
client’s inappropriate accounting treatment.
40 UEW/IEDE
AUDITING AND
Unit 1, section 4: Ethical requirements of auditor INVESTIGATION
UEW/IEDE 41
AUDITING AND
INVESTIGATION Unit 1, section 4: Ethical requirements of auditor
Professional appointment
Client Acceptance
Before accepting a new client relationship, an auditor shall determine
whether acceptance would create any threats to compliance with the
fundamental principles. Potential threats to integrity or professional
behaviour may be created from, for example, questionable issues associated
with the client (its owners, management or activities).
42 UEW/IEDE
AUDITING AND
Unit 1, section 4: Ethical requirements of auditor INVESTIGATION
Engagement Acceptance
The fundamental principle of professional competence and due care imposes
an obligation on an auditor to provide only those services that the auditor in
public practice is competent to perform. Before accepting a specific client
engagement, an auditor shall determine whether acceptance would create
any threats to compliance with the fundamental principles. For example, a
self-interest threat to professional competence and due care is created if the
engagement team does not possess, or cannot acquire, the competencies
necessary to properly carry out the engagement.
UEW/IEDE 43
AUDITING AND
INVESTIGATION Unit 1, section 4: Ethical requirements of auditor
44 UEW/IEDE
AUDITING AND
Unit 1, section 4: Ethical requirements of auditor INVESTIGATION
Conflicts of Interest
An auditor shall take reasonable steps to identify circumstances that could
pose a conflict of interest. Such circumstances may create threats to
compliance with the fundamental principles. For example, a threat to
objectivity may be created when an auditor competes directly with a client
or has a joint venture or similar arrangement with a major competitor of a
UEW/IEDE 45
AUDITING AND
INVESTIGATION Unit 1, section 4: Ethical requirements of auditor
The auditor shall also determine whether to apply one or more of the
following additional safeguards:
The use of separate engagement teams;
Procedures to prevent access to information (e.g., strict physical
separation of such teams, confidential and secure data filing);
Clear guidelines for members of the engagement team on issues of
security and confidentiality;
The use of confidentiality agreements signed by employees and partners
of the firm; and
Regular review of the application of safeguards by a senior individual
not involved with relevant client engagements.
Where an auditor has requested consent from a client to act for another party
(which may or may not be an existing client) in respect of a matter where
46 UEW/IEDE
AUDITING AND
Unit 1, section 4: Ethical requirements of auditor INVESTIGATION
the respective interests are in conflict and that consent has been refused by
the client, the auditor in public practice shall not continue to act for one of
the parties in the matter giving rise to the conflict of interest.
Second Opinions
Situations where an auditor is asked to provide a second opinion on the
application of accounting, auditing, reporting or other standards or
principles to specific circumstances or transactions by or on behalf of a
company or an entity that is not an existing client may create threats to
compliance with the fundamental principles. For example, there may be a
threat to professional competence and due care in circumstances where the
second opinion is not based on the same set of facts that were made
available to the existing accountant or is based on inadequate evidence. The
existence and significance of any threat will depend on the circumstances of
the request and all the other available facts and assumptions relevant to the
expression of a professional judgment.
If the company or entity seeking the opinion will not permit communication
with the existing accountant, an auditor shall determine whether, taking all
the circumstances into account, it is appropriate to provide the opinion
sought.
The existence and significance of any threats created will depend on factors
such as the level of fee quoted and the services to which it applies. The
significance of any threat shall be evaluated and safeguards applied when
necessary to eliminate the threat or reduce it to an acceptable level.
UEW/IEDE 47
AUDITING AND
INVESTIGATION Unit 1, section 4: Ethical requirements of auditor
48 UEW/IEDE
AUDITING AND
Unit 1, section 4: Ethical requirements of auditor INVESTIGATION
An auditor may purchase all or part of another firm on the basis that
payments will be made to individuals formerly owning the firm or to their
heirs or estates.
An auditor shall not bring the profession into disrepute when marketing
professional services. The auditor in public practice shall be honest and
truthful and not:
Make exaggerated claims for services offered, qualifications possessed,
or experience gained; or
Make disparaging references or unsubstantiated comparisons to the
work of another.
The existence and significance of any threat will depend on the nature,
value, and intent of the offer. Where gifts or hospitality are offered that a
reasonable and informed third party, weighing all the specific facts and
circumstances, would consider trivial and inconsequential, an auditor may
conclude that the offer is made in the normal course of business without the
specific intent to influence decision making or to obtain information. In
UEW/IEDE 49
AUDITING AND
INVESTIGATION Unit 1, section 4: Ethical requirements of auditor
such cases, the auditor may generally conclude that any threat to compliance
with the fundamental principles is at an acceptable level.
Objectivity—All Services
An auditor shall determine when providing any professional service whether
there are threats to compliance with the fundamental principle of objectivity
resulting from having interests in, or relationships with, a client or its
directors, officers or employees. For example, a familiarity threat to
objectivity may be created from a family or close personal or business
relationship.
50 UEW/IEDE
AUDITING AND
Unit 1, section 4: Ethical requirements of auditor INVESTIGATION
Review Questions
Discuss the threats to compliance with the fundamental principles and
the safeguards available for eliminating or reducing the threats to
acceptable levels
Discuss the potential threats associated with professional appointments
and the safeguards available to reduce or eliminate the threats to
acceptable levels
Identify circumstances that could pose threat to the following ethical
issues and the safeguards available to reduce or eliminate the threats to
acceptable levels
UEW/IEDE 51
AUDITORS’ CIVIL AND CRIMINAL LIABILITY
AUDITING AND
UNIT 1 SECTION
INVESTIGATION
5
Unit 1, section 5: Auditors’ civil and criminal liability
This Section will discuss the auditor’s liability during and after the conduct
of an audit exercise. Students should be familiar with these liabilities in
order to identify and understand the limitations in auditing.
Liabilities of an Auditor
Types of liability
Auditors are potentially liable for both criminal and civil offences. The
former occur when individuals or organisations breach a government
imposed law; in other words criminal law governs relationships between
entities and the state. Civil law, in contrast, deals with disputes between
individuals and/or organisations.
Criminal offences
Like any individual or organisation auditors are bound by the laws in the
countries in which they operate. The Criminal Code, 1960 (Act 29) and
Criminal Procedure Code, 1960 (Act 30) are strong authorities that should
guide everyone including auditors in Ghana. So under current criminal law
auditors could be prosecuted for acts such as offences involving dishonesty,
fraud, deceit, insider trading offences against the person, sexual offences,
libel, forgery and so on.
This means that auditors could be prosecuted in a criminal court for either
knowingly or recklessly issuing an inappropriate audit opinion.
Civil offences
There are two pieces of civil law of particular significance to the audit
profession; contract law and the law of tort. These establish the principles
for auditor liability to clients and to third parties, respectively. The High
Court (Civil Procedures) Rules, 2004 (CI 47).
52 UEW/IEDE
AUDITING AND
Unit 1, section 5: Auditors’ civil and criminal liability INVESTIGATION
Under contract law, parties can seek remedy for a breach of contractual
obligations. Therefore shareholders can seek remedy from an auditor if they
fail to comply with the terms of an engagement letter. Under the law of tort,
auditors can be sued for negligence if they breach a duty of care towards a
third party who consequently suffers some form of loss.
Civil liabilities arise when there are dispute between two parties for a loss
caused to one due to the act of another. In this case, the auditor is called
upon to pay damages as decided by the court. These may be of the following
types.
Liability of Negligence
While conducting the work of audit, auditor should take care and be
professional and skilful. Otherwise it amounts to negligence. Negligence
means acting carelessly or failing to perform a duty owed properly. An
auditor is expected to perform his duties as an agent of the shareholders by
exercising care and diligence in the implementation of statutory
requirements for the maintenance and presentation of the financial
statement.
For example: Mr. X is a sole trader and Mr. A is his auditor. A has
conducted audit work which was relied upon and the report was so
misleading such that there was a loss of $40,000 due to reliance on the
auditor’s opinion. A will be liable to pay such specific damage to X. But
in the event where the amount of damage is not quantified, the court will
award general damages to compensate the client X for any loss suffered
Misstatement in Prospectus
The civil liability of an auditor arises due to misstatement in prospectus.
Where a prospectus invites person to subscribe for shares or debentures of a
company, the auditor shall be liable to pay compensation to every person
who subscribe for a purchase any shares or debentures on the faith of the
prospectus for any loss or damage be may reason of any untrue statements.
UEW/IEDE 53
AUDITING AND
INVESTIGATION Unit 1, section 5: Auditors’ civil and criminal liability
Breach of Contract
If the auditor fails to fulfill the term of the contract, the civil liability arises.
In case he omits to perform all or some conditions of the contract, he will
equally be liable to pay the owner for any financial loss sustained.
The audits which are not legally required are called optional audits. Audit of
sole trading concerns, audit of partnership firms, etc. are examples to
optional audits. In case of optional audits rights, duties, liabilities etc of
auditor will be of contractual nature. So there may be terms between auditor
and client which auditor has to become liable on certain agreed occasions.
Contractual liability is agreed liability.
Case Brief
The application of the law of tort in the auditing profession, and the way in
which auditors seek to limit their exposure to the ensuing liabilities, has
been shaped by a number of recent landmark cases. The most notable of
these are Caparo Industries Plc (Caparo) v Dickman (1990) and Royal Bank
of Scotland (RBS) vs Bannerman JohnstoneMacLay (Bannerman) (2002).
In the first case, Caparo pursued the firm Touche Ross (who later merged to
form Deloitte &Touche) following a series of share purchases of a company
called Fidelity plc. Caparo alleges that the purchase decisions were based
upon inaccurate accounts that overvalued the company. They also claimed
that, as auditors of Fidelity, Touche Ross owed potential investors a duty of
care. The claim was unsuccessful; the House of Lords concluded that the
accounts were prepared for the existing shareholders as a class for the
purposes of exercising their class rights and that the auditor had no
reasonable knowledge of the purpose that the accounts would be put to by
Caparo.
It was this case that provided the current guidance for when duty of care
between an auditor and a third party exists. Under the ruling this occurs
when:
the loss suffered is a reasonably foreseeable consequence of the
defendant’s conduct
there is sufficient ‘proximity’ of relationship between the defendant and
the pursuer, and
It is 'fair, just and reasonable' to impose a liability on the defendant.
In the second case RBS alleged to have lost over £13m in unpaid overdraft
facilities to insolvent client APC Ltd. They claimed that Bannerman had
been negligent in failing to detect a fraudulent and material misstatement in
the accounts of APC. The banking facility was provided on the basis of
receiving audited financial statements each year.
54 UEW/IEDE
AUDITING AND
Unit 1, section 5: Auditors’ civil and criminal liability INVESTIGATION
The guidance for when an auditor may be liable, either under criminal or
civil law appears to be clear and largely uncontroversial. The same cannot
be said of the nature of the fines and settlements. There is little argument
that parties that have suffered as a result should be able to seek adequate
compensation against the auditor. It is alleged that the penalties incurred by
the audit profession are unfairly high. Also the civil law principle of ‘joint
and several liability’ means that even if there are few culpable parties in a
negligent act, the plaintiff may pursue any one of the partners either
individually or jointly for the entire damages sought.
UEW/IEDE 55
AUDITING AND
INVESTIGATION Unit 1, section 5: Auditors’ civil and criminal liability
The management of the audit liability been discussed and it seems there is
little or not protection to the profession. There are increasing number of
advocates for a ‘proportional’ system of liability replacing the current ‘joint
and several’ one. Under this proposal the audit firms would accept their
proportion of the blame in a negligence case and would pay that proportion
of the compensation. This system would ensure a fair outcome for the
plaintiff without placing the entire financial burden upon the audit
profession.
Disclaimers of liability
It has become common to include a disclaimer of liability to third parties in
the wording of the audit report. Disclaimers may not entirely eliminate
liability to third parties but they do reduce the scope for courts to assume
liability to them. It should be noted that whilst this should reduce the threat
of litigation, it provides no protection from the threat of litigation from
clients under contract law.
Review Questions
State and explain the types of liabilities of an Auditor
What lesson do we learn from the Caparo case
In what circumstances can an Auditor be liable to his client?
56 UEW/IEDE
AUDITING
AUDITING AND
AND
Unit 1, section 5: Auditors’
This page iscivil
left and criminal
blank liability
for your notes INVESTIGATION
INVESTIGATION
UEW/IEDE 57
QUALITY CONTROL FOR PROFESSIONAL AUDITING
AUDITING AND
UNIT 1 SECTION
INVESTIGATION
6
Unit 1, section
FIRMS6: Quality control for professional auditing firms
ISQCs are written to apply to firms in respect of all their services falling
under the IAASB’s Engagement Standards. The authority of ISQCs is set
out in the introduction to the ISQCs. This International Standard on Quality
Control (ISQC) deals with a firm’s responsibilities for its system of quality
control for audits and reviews of financial statements, and other assurance
and related services engagements.
58 UEW/IEDE
AUDITING AND
Unit 1, section 6: Quality control for professional auditing firms INVESTIGATION
Human resources
The firm shall establish policies and procedures designed to provide it with
reasonable assurance that it has sufficient personnel with the competence,
capabilities, and commitment to ethical principles necessary to:
Perform engagements in accordance with professional standards and
applicable legal and regulatory requirements; and
Enable the firm or engagement partners to issue reports that are
appropriate in the circumstances.
Engagement performance
The firm shall establish policies and procedures designed to provide it with
reasonable assurance that engagements are performed in accordance with
professional standards and applicable legal and regulatory requirements, and
that the firm or the engagement partner issue reports that are appropriate in
the circumstances. Such policies and procedures shall include:
Matters relevant to promoting consistency in the quality of engagement
performance;
Supervision responsibilities; and
Review responsibilities.
Monitoring
The firm shall establish policies and procedures requiring, for appropriate
engagements, an engagement quality control review that provides an
objective evaluation of the significant judgments made by the engagement
team and the conclusions reached in formulating the report. The firm shall
document its policies and procedures and communicate them to the firm’s
personnel.
UEW/IEDE 59
AUDITING AND
INVESTIGATION Unit 1, section 6: Quality control for professional auditing firms
Review Questions
Discuss the elements of system of Quality Control
Why should firms adopt a quality control system
60 UEW/IEDE
CONDUCTING AN AUDIT ASSIGNMENT
XXXXXXX 2
UNIT Unit X, section X: XXXXXXX
62 UEW/IEDE
AUDITING AND
This page is left blank for your notes INVESTIGATION
UEW/IEDE 63
THE AUDIT PROCESS
AUDITING AND
UNIT 2 SECTION
INVESTIGATION
1
Unit 2, section 1: The audit process
At the end of this session students should understand and appreciate the
audit process
Note that the auditor can collect evidence in each stage in a client’s
accounting system to help determine whether the financial statements are
fairly stated:
the internal control put in place by the client to ensure proper handling
of transactions (e.g. evaluates and test the controls);
the transactions that affect each account balance (e.g. examine a sample
of the transactions that occurred during the period); and
the ending account balances themselves (e.g. inspect a sample of the
items that make up a closing account balance at period end). Evidence
that relates directly to closing account balances is usually the highest
quality, but also the costliest evidence. Thus, an auditor will usually rely
on a combination of evidence from all three stages (if the internal
control system is reliable) in forming an audit opinion regarding the
fairness of the financial statements. Which of these three areas it is best
to focus on depends on the circumstances, and this is generally left to
the auditor’s professional judgment.
64 UEW/IEDE
AUDITING AND
Unit 2, section 1: The audit process INVESTIGATION
Opening Meeting
Fieldwork
Communication
Report Drafting
Management Response
Closing Meeting
Report Distribution
Follow-up
Consider the auditor’s task from a logical perspective. The end product of a
financial statement auditor’s work is an audit report indicating opinions
whether or not the client’s financial statements are free of material
misstatement.
Notification
First, you will receive a letter to inform you of an upcoming audit. The
auditor will send a letter of engagement after reviewing a preliminary
checklist where an assessment of the auditor’s capability to carry out the
exercise will be considered. This is a list of documents (e.g. organization
charts, financial statements) that will help the auditor learn about your unit
before planning the audit.
Planning
The auditor must first obtain a thorough understanding of the entity and its
environment, including the entity’s internal control. After reviewing the
information, the auditor will plan the review, conduct an engagement risk
assessment, draft an audit plan, and schedule an opening meeting. The
auditor must understand the risks the client faces, how it is dealing with
those risks, and what remaining risks are most likely to result in a material
misstatement in the financial statements. Armed with this understanding, the
auditor will develop an audit strategy and an audit plan that will produce
evidence helpful in forming and supporting an opinion on the financial
statements.
Opening Meeting
The opening meeting should include senior management and any
administrative staff that may be involved in the audit. During this meeting,
the scope of the audit will be discussed. You should feel free to ask the
auditors to review areas that you are concerned about. The time frame of the
audit will be determined, and you should discuss any potential timing issues
(e.g. vacations, deadlines) that could impact the audit. It doesn't take as
much of your time as you might expect!
UEW/IEDE 65
AUDITING AND
INVESTIGATION Unit 2, section 1: The audit process
Fieldwork
After the opening meeting, the auditor will finalize the audit plan and begin
fieldwork. Fieldwork typically consists of talking with staff, reviewing
procedure manuals, and learning about your business processes, testing for
compliance with applicable university policies and procedures and laws and
regulations, and assessing the adequacy of internal controls.
Communication
Throughout the process, the auditor will keep the client informed, and will
have an opportunity to discuss issues noted and the possible solutions.
Report Drafting
After the fieldwork is completed, the auditor will draft a report. The report
consists of several sections and includes: the distribution list, the follow-up
date, a general overview of your unit, the scope of the audit, any major audit
concerns, the overall conclusion, and detailed commentary describing the
findings and recommended solutions. You should read the draft report
carefully to make sure there are no errors. If you find a mistake, inform the
auditor right away so that it can be corrected before the final report is
issued.
Management Response
Once the report is finalized, we will request your management responses.
The response consists of 3 components: whether you agree or disagree with
the problem, your action plan to correct the problem, and the expected
completion date.
Closing Meeting
A closing meeting will be held so that everyone can discuss the audit report
and review your management responses. This is an opportunity to discuss
how the audit went and any remaining issues.
Report Distribution
The report is then distributed to you, your manager(s), senior university
administrators, internal audit, and the university's external auditors. We also
distribute an audit survey to the audited unit to solicit feedback about the
audit. Feedback is important to us, since it can help us improve the audit
process.
Follow-Up
Follow-up reviews are performed on an issue-by-issue basis and typically
occur shortly after the expected completion date, so that agreed-upon
corrective actions can be implemented. The purpose of the follow-up is to
verify that you have implemented the agreed-upon corrective actions. The
66 UEW/IEDE
AUDITING AND
Unit 2, section 1: The audit process INVESTIGATION
We discussed the conduct of audit, going through the audit process, the
methods of gathering evidence and carrying out verification exercise.
The auditor must understand the risks the client faces, how it is dealing
with those risks, and what remaining risks are most likely to result in a
material misstatement in the financial statements.
Review Questions
Outline and explain the stages in the auditing process
What should be considered in audit planning
UEW/IEDE 67
AUDIT EVIDENCE
AUDITING AND
UNIT 2 SECTION
INVESTIGATION
2
Unit 2, section 2: Audit evidence
You are now in Section 2 of the second unit of this module. Welcome, I
believe that you have now tipped Auditing and Investigation as one of the
interesting subjects in business. Let us look at what constitute audit
evidence
68 UEW/IEDE
AUDITING AND
Unit 2, section 2: Audit evidence INVESTIGATION
Other information that the auditor may use as audit evidence includes
minutes of meetings; confirmations from third parties; analysts’ reports;
information obtained by the auditor from such audit procedures as inquiry,
observation, and inspection; and other information developed by, or
available to, the auditor that permits the auditor to reach conclusions
through valid reasoning.
Appropriateness is the measure of the quality of audit evidence; that is, its
relevance and its reliability in providing support for, or detecting
misstatements in, the classes of transactions, account balances, and
disclosures and related assertions. The quantity of audit evidence needed to
affected by the risk of misstatement (the greater the risk, the more audit
evidence is likely to be required) and also by the quality of such audit
evidence (the higher the quality, the less may be required).
A given set of audit procedures may provide audit evidence that is relevant
to certain assertions, but not others. For example, inspection of records and
documents related to the collection of receivables after the period end may
provide audit evidence regarding both existence and valuation, although not
necessarily the appropriateness of period-end cut-offs.
On the other hand, the auditor often obtains audit evidence from different
sources or of a different nature that is relevant to the same assertion. For
example, the auditor may analyze the aging of accounts receivable and the
subsequent collection of receivables to obtain audit evidence relating to the
valuation of the allowance for doubtful accounts. Furthermore, obtaining
audit evidence relating to a particular assertion, for example, the physical
existence of inventory, is not a substitute for obtaining audit evidence
regarding another assertion, for example, the valuation of inventory.
UEW/IEDE 69
AUDITING AND
INVESTIGATION Unit 2, section 2: Audit evidence
The reliability of audit evidence is influenced by its source and by its nature
and is dependent on the individual circumstances under which it is obtained.
Generalizations about the reliability of various kinds of audit evidence can
be made; however, such generalizations are subject to important exceptions.
Even when audit evidence is obtained from sources external to the entity,
circumstances may exist that could affect the reliability of the information
obtained. For example, audit evidence obtained from an independent
external source may not be reliable if the source is not knowledgeable.
While recognizing that exceptions may exist, the following generalizations
about the reliability of audit evidence may be useful:
Audit evidence is more reliable when it is obtained from independent
sources outside the entity.
Audit evidence that is generated internally is more reliable when the
related controls imposed by the entity are effective.
Audit evidence obtained directly by the auditor (for example,
observation of the application of a control) is more reliable than audit
evidence obtained indirectly or by inference (for example, inquiry about
the application of a control).
Audit evidence is more reliable when it exists in documentary form,
whether paper, electronic, or other medium (for example, a
contemporaneously written record of a meeting is more reliable than a
subsequent oral representation of the matters discussed).
Audit evidence provided by original documents is more reliable than
audit evidence provided by photocopies or facsimiles.
70 UEW/IEDE
AUDITING AND
Unit 2, section 2: Audit evidence INVESTIGATION
with that obtained from another, the auditor determines what additional
audit procedures are necessary to resolve the inconsistency.
The auditor considers the relationship between the cost of obtaining audit
evidence and the usefulness of the information obtained. However, the
matter of difficulty or expense involved is not in itself a valid basis for
omitting an audit procedure for which there is no alternative.
In forming the audit opinion, the auditor does not examine all the
information available because conclusions ordinarily can be reached by
using sampling approaches and other means of selecting items for testing.
Also, the auditor ordinarily finds it necessary to rely on audit evidence that
is persuasive rather than conclusive. However to obtain reasonable
assurance, the auditor is not satisfied with audit evidence that is less than
persuasive. The auditor uses professional judgment and exercises
professional scepticism in evaluating the quantity and quality of audit
evidence, and thus its sufficiency and appropriateness, to support the audit
opinion.
Assertions about classes of transactions and events for the period under
audit [Income statement assertions]:
Occurrence – transactions and events that have been recorded have
occurred and pertain to the entity.
Completeness – all transactions and events that should have been
recorded have been recorded.
Accuracy – amounts and other data relating to recorded transactions
and events have been recorded appropriately.
UEW/IEDE 71
AUDITING AND
INVESTIGATION Unit 2, section 2: Audit evidence
The auditor may use the assertions as described above or may express them
differently provided all aspects described above have been covered. For
example, the auditor may choose to combine the assertions about
transactions and events with the assertions about account balances. As
another example, there may not be a separate assertion related to cut-off of
transactions and events when the occurrence and completeness assertions
include appropriate consideration of recording transactions in the correct
accounting period.
72 UEW/IEDE
AUDITING AND
Unit 2, section 2: Audit evidence INVESTIGATION
Occurrence and
rights and
Occurrence Existence obligations
UEW/IEDE 73
AUDITING AND
INVESTIGATION Unit 2, section 2: Audit evidence
Observation
Observation consists of looking at a process or procedure being performed
by others. Examples include observation of the counting of inventories by
the entity’s personnel and observation of the performance of control
activities. Observation provides audit evidence about the performance of a
process or procedure, but is limited to the point in time at which the
observation takes place and by the fact that the act of being observed may
affect how the process or procedure is performed
Inquiry
Inquiry consists of seeking information of knowledgeable persons, both
financial and non-financial, throughout the entity or outside the entity.
Inquiry is an audit procedure that is used extensively throughout the audit
and often is complementary to performing other audit procedures. Inquiries
may range from formal written inquiries to informal oral inquiries.
Evaluating responses to inquiries is an integral part of the inquiry process.
74 UEW/IEDE
AUDITING AND
Unit 2, section 2: Audit evidence INVESTIGATION
assertion level. Moreover, inquiry alone is not sufficient to test the operating
effectiveness of controls.
Confirmation
Confirmation, which is a specific type of inquiry, is the process of obtaining
a representation of information or of an existing condition directly from a
third party. For example, the auditor may seek direct confirmation of
receivables by communication with debtors. Confirmations are frequently
used in relation to account balances and their components, but need not be
restricted to these items. For example, the auditor may request confirmation
of the terms of agreements or transactions an entity ha with third parties, the
confirmation request is designed to ask if any modifications have been made
to the agreement and, if so, what the relevant details are. Confirmations also
used to obtain audit evidence about the absence of certain conditions, for
example, the absence of a “side agreement” that may influence revenue
recognition.
Re-calculation
Recalculation consists of checking the mathematical accuracy of documents
or records. Recalculation can be performed through the use of information
technology, for example, by obtaining an electronic file from the entity and
using CAATs to check the accuracy of the summarization of the file.
Re-performance
Re-performance is the auditor’s independent execution of procedures of
controls that were originally performed as part of the entity’s internal
control, either manually or through the use of CAATs, for example, re-
performing the aging of accounts receivable.
UEW/IEDE 75
AUDITING AND
INVESTIGATION Unit 2, section 2: Audit evidence
Analytical Procedures
Analytical procedures consist of evaluation of financial information made
by a study of plausible relationships among both financial and non-financial
data. Analytical procedures also encompass the investigation of identified
fluctuations and relationships that are inconsistent with other relevant
information or deviate significantly from predicted amounts. See ISA 520,
“Analytical Procedures” for further guidance on analytical procedures.
We have gone through the concept of audit evidence which implies that
auditors should obtain sufficient and appropriate evidence to be able to draw
reasonable conclusions on which to base the audit opinion. The auditor
should use management assertions and representations for classes of
transactions, account balances and presentation and disclosures in sufficient
detail to form a basis for the assessment of risk of material misstatement and
performance of further audit procedures.
Review Questions
Discuss the strength or weakness of the following sources of audit
evidence, and the financial statement assertions to which they relate:
Physical inspection of a fixed assert by an auditor
Confirmation by a debtor of money owed
Oral representations by management that all creditors owed money
at the end of the year have been included in the accounts.
76 UEW/IEDE
AUDITING
AUDITING AND
AND
ThisUnit
page2,issection
left blank
2: Audit
for your
evidence
notes INVESTIGATION
INVESTIGATION
UEW/IEDE 77
USING THE WORK OF EXPERTS
AUDITING AND
UNIT 2 SECTION
INVESTIGATION
3
Unit 2, section 3: Using the work of experts
We are now in the third section of unit 2. In this section, we would examine
how the auditor can rely on the work of an expert or a specialist to obtain
reliable, appropriate and sufficient evidence.
An expert may be engaged by the client entity or the auditors. The auditors
need to have regard to ethical guidance issues by their relevant professional
bodies when an assignment involves an expert employed by them, or any
firm associated with them, being engaged by the client entity. The auditors
need to ensure their integrity, objectivity and independence are not called
into question in such circumstances.
78 UEW/IEDE
AUDITING AND
Unit 2, section 3: Using the work of experts INVESTIGATION
When determining whether to use the work of an expert, the auditors need to
consider:
The materiality of the financial statement assertion being considered
The risk of misstatement based on the nature and complexity of the
matter being considered; and
The quantity and quality of other audit evidence available regarding the
assertion
If the auditors consider that it is appropriate to use the work of an expert, the
approach needs to be discussed and agreed with management
If management is unable or unwilling to engage an expert, the auditors need
to consider whether adequate audit evidence can be obtained from other
sources. If unable to obtain sufficient appropriate audit evidence, the
auditors need to consider the implications for their audit report.
The risk that an expert’s objectivity is impaired increases when the expert is:
employed by the entity, or
Related in some other manner to the entity, for example by being
financially dependent upon, or having an investment in the entity.
UEW/IEDE 79
AUDITING AND
INVESTIGATION Unit 2, section 3: Using the work of experts
In the event that these matters are set out in written instructions to the
expert, the auditors may need to communicate with the expert directly to
obtain audit evidence in this regard.
When considering whether the expert has used source data which is
appropriate in the circumstances, the auditors may consider the following
procedures:
making enquiries regarding any procedures undertaken by the expert to
establish whether the source data is sufficient, relevant and reliable; and
reviewing or testing the data used by the expert
The appropriateness and reasonableness of assumptions and methods
used and their application are the responsibility of the expert. The
auditors do not have the same expertise, and, therefore cannot
necessarily challenge the expert’s assumptions and methods used and to
consider whether they are reasonable, based on the auditors knowledge
of the business and the results of other audit procedures
If the results of the expert’s work are not consistent with other audit
evidence, the auditors need to attempt to resolve the inconsistency by
discussions with the entity and the expert. Applying additional procedures,
including possibly engaging another expert, may also assist the auditors in
resolving the inconsistency
80 UEW/IEDE
AUDITING AND
Unit 2, section 3: Using the work of experts INVESTIGATION
If the auditors are unable to obtain satisfaction regarding the expert’s work
and there is no satisfactory alternative source of audit evidence, the auditors
need to consider the implications for their audit report
Throughout this section we looked at how the auditor can rely on the work
of an expert or a specialist to obtain reliable, appropriate and sufficient audit
evidence. The auditors should access the appropriateness of the experts’
work audit evidence regarding the financial statement assertions being
considered.
Review Questions
Explain the importance of reliance on the work of the expert and factors
you will consider in making a recommendation on reliance
Who should appoint the expert required for an audit assignment?
How does the auditor assess the expert’s work?
UEW/IEDE 81
SUBSTANTIVE PROCEDURES IN AUDITING
AUDITING AND
UNIT 2 SECTION
INVESTIGATION
4
Unit 2, section 4: Substantive procedures in auditing
After reading through the chapter, the learner should be able to:
draw audit programmes for testing sales, receipts purchases, payment
and payroll.
identify the objective that such tests seek to achieve.
Substantive procedures
Sales and Receipts
Audit Objectives may include:
To confirm the reliability, accuracy and completeness of the accounting
To confirm that all goods supplied were duly and properly invoiced and
recorded.
Auditing Programme:
Test numerical sequence of dispatch notes
Select a sample of transaction from the goods dispatched notes/goods
outwards records (if no such record from sales day book)
Check to sales invoice
Check to sales day book
Trace goods from stock records
Trace to proof of delivery records
For each sales invoice selected:
Check with customers’ orders
Check that credit procedures have been applied
Compare prices charged with price lists, quotations or
correspondence
Check calculations and additions of invoices
Check analysis in sales daybook if applicable
Check posting to the ledger
For each receipt selected:
Check that the invoice has been paid per the sales ledger
Cash receipt to cashbook
Check to copy paying in slip identifying individual amount and trace
to bank statement
Test numerical sequence of sales invoice
Test the cast and cross-cast of the sales daybook and control account
82 UEW/IEDE
AUDITING AND
Unit 2, section 4: Substantive procedures in auditing INVESTIGATION
Test the postings of the sale daybook throughout the year for large or
unusual items
Selecting a sample of credit notes from the sales day book and vouch as
follows:
vouch with correspondence or other original documents
see that copies of credit note have been signed as authorized by a
director or other senior official
trace goods back into stock where appropriate
check analysis in sales day book
where returns affect commissions, check that proper adjustments
have been made
Review the sales day book throughout the year for large or unusual
items.
Check the sales day book throughout the year for large unusual items
Check credit notes through the year and verify that they have been
signed and authorized by a director or other senior official. Vouch any
large or unusual items
Test the assets and cross-casts of the receipts cash book
Confirm that discounts taken by credit customers are in accordance with
the client’s terms of trade
Audit Programme:
Test numerical sequence of goods received notes
Trace goods received notes to invoice or entry in day book
Select a sample of invoice from the purchase day book (or payment from
the cash book if no purchase day book.
verify authorisation
confirm that cash discounts were correctly taken
very price with order or agreements
confirm receipt of goods with delivery notes
check additional and calculations on invoices (including VAT)
check allocation in day books
check to stock records
check to Work-in-progress records
Test numerical sequence of purchase invoice
Test the casts and cross casts of the purchase day book to the nominal
ledger
Review the purchase day book throughout the year for large or unusual
items
UEW/IEDE 83
AUDITING AND
INVESTIGATION Unit 2, section 4: Substantive procedures in auditing
Payroll
Audit Objectives may include:
To ensure that levels of pay are in order
To check accuracy and validity of deductions
To confirm proper payments
To test reasonableness of net pay figures
To confirm reliability, accuracy and completeness of the accounting
To ensure correct treatment of PAYE and social security deductions.
Audit Programme
Select a sample of employees from different periods in the year from
both weekly payroll and monthly salaries and ensure that gross pay has
been properly authorized by checking to:
lists of hourly rates
lists of piece-work rates
lists of overtime rates
lists of annual salaries
Contracts of employment
For hourly paid employees, check the hours worked with the time
records, and the authorisation of overtime and bonus payment
For piece workers, check quantities with output returns of job slips
initiated by a foreman
84 UEW/IEDE
AUDITING AND
Unit 2, section 4: Substantive procedures in auditing INVESTIGATION
Analytical Procedures
Nature and Purpose of Analytical Procedures
Analytical procedures mean the analysis of significant ratios and trends
including the resulting investigations of fluctuations and relationships that
are inconsistent with other relevant information or which deviate from
predictable patterns.
UEW/IEDE 85
AUDITING AND
INVESTIGATION Unit 2, section 4: Substantive procedures in auditing
Review Questions
Prepare an audit programme for sales and receipts; purchases and
payment and payroll
Explain the nature and purpose of analytical procedure
86 UEW/IEDE
AUDITING
AUDITING AND
AND
Unit 2, section 4:This
Substantive
page is left
procedures
blank for your
in auditing
notes INVESTIGATION
INVESTIGATION
UEW/IEDE 87
ANALYTICAL REVIEWS
AUDITING AND
UNIT 2 SECTION
INVESTIGATION
5
Unit 2, section 5: Analytical reviews
Background
We assume that you have already covered interpretation of financial
statements
in your other studies. In this section we shall ask you to apply existing
knowledge to auditing and perhaps enhance your appreciation of
interpretation of financial statement. Some auditors use the term 'diagnostic
procedures' to describe analytical procedures. Paragraph 3 of ISA 520 on
analytical procedures defines them as:
In a notorious case in the United States, (The Salad Oil Case) the stocks of
salad oil stated in the records of the company exceeded the entire stocks of
salad oil in the United States at a particular point in time and this was not
picked up by internal auditors or the warehousing company supposedly
managing the company's tank farm.
Informed analytical information can be a valuable tool for setting the scene
and pinpointing areas of risk. We shall now put analytical procedures on to
a more formal basis and start with a number of general observations:
First, long before the auditors give their opinion on the financial statements,
they use analytical procedures at the planning stage to pinpoint critical areas
88 UEW/IEDE
AUDITING AND
Unit 2, section 5: Analytical reviews INVESTIGATION
where audit risk may be high. This is suggested by ISA 520 - Analytical
procedures, where is indicated that
Truly, analytical procedures were used to set the scene for, and to aid
planning of, the final work on year-end financial statements.
Third, analytical procedures are used just before the end of the audit. ISA
520 makes it clear that:
'The auditor should apply analytical procedures at or near the end of the
audit when forming an overall conclusion as to whether the finance
statements as a whole are consistent with the auditor's understanding of the
entity.'
The auditors at this stage have already formed views on individual figures in
the financial statement, but need to see that the figures are reasonable taken
together in the context of conclusions drawn from detailed audit evidence.
Auditors must be clear that:
The financial statements have been prepared using consistent accounting
principles (unless the effect of material change is disclosed) and are
appropriate to the company's circumstances.
Information published in the financial statements and other information
are compatible with the auditor's knowledge of the company.
Presentation and disclosure in the financial statements are as required by
law and by regulatory bodies and in particular aid the achievement of
truth and fairness.
Conclusions drawn from other tests, together with those drawn from the
overall review of the financial statements are the bases on which the
opinion to is formed on those statements.
UEW/IEDE 89
AUDITING AND
INVESTIGATION Unit 2, section 5: Analytical reviews
We have seen that auditors seek background information to aid planning and
to facilitate the audit work in context. During the audit, auditors acquire
further detailed knowledge about such matters as management integrity,
management objectives, accounting and control systems in place and
performance of the company.
They use this knowledge when assessing whether the figures in the financial
statements make sense. Apart from this knowledge (described earlier as
cumulative client knowledge, the auditor uses analytical procedures to aid
analysis of the figures. Considerable experience and imagination is needed
for this task and normally the work is performed by experienced staff. This
is costly in fee terms, but a skilled review should result in time-savings as a
major objective of analytical review is to direct audit effort towards risk
areas and the reduction of audit effort elsewhere. Skilled analytical review
may well reduce the extent of detailed check on less risky areas.
Analytical procedures in planning the audit use both financial and non-
financial information, for example the relationship between sales and
volume of goods sold
90 UEW/IEDE
AUDITING AND
Unit 2, section 5: Analytical reviews INVESTIGATION
The extent of reliance that the auditors place on the results of analytical
procedures when used as a substantive procedure depends on the following
factors:
UEW/IEDE 91
AUDITING AND
INVESTIGATION Unit 2, section 5: Analytical reviews
The materiality of the items involved. The more material an item is, the
more likely it is that the auditors will wish to place reliance on other
substantive procedures, in addition to analytical procedures.
Other audit procedures directed towards the same audit objectives. For
example, other procedures the auditors undertake in reviewing the
collectability of accounts receivable, such as the review of subsequent cash
receipts, may confirm or dispel questions arising from the application of
analytical procedures to an agreed profile of customer’s accounts. The
assessments of inherent and control risks. For example if internal control
over sales order processing is weak and therefore control risk is high, more
reliance on tests of details of transactions and balances than on analytical
procedures in drawing conclusions on receivables may be required.
The conclusions drawn from the results of such procedure are intended to
corroborate conclusions formed during the audit of individual components
or elements of the financial statements and assist in arriving at the overall
conclusion as to the reasonableness of the financial statements. However,
they may also identify areas requiring further procedures.
92 UEW/IEDE
AUDITING AND
Unit 2, section 5: Analytical reviews INVESTIGATION
In fact, the objective of the analytical review at any stage where the auditor
is searching for evidence is to direct audit effort towards the evidence
needed to form audit conclusion. For instance, if the financial statements
showed that debtors owed the company more than 100 days sales instead of
45 days, the auditor would be led to enquire about the reasons. These might
include:
Errors - incorrect cut-off, overstating sales and debtors.
Changes in accounting practice, such as special sales being shown in a
separate heading of the financial statements instead of being included in
general sales as previously.
Changes in management policy - a decision to allow customers total
extended credit.
Changes in general commercial factors, such as worsening business
climate resulting in poorer cash flows in the customers' businesses and
hence an inability to pay on time. This might prompt the auditor to
suggest a higher provision for bad and doubtful debts.
Changes in commercial factors affecting the client only - (say) the
company has a higher proportion of sales on credit so that debtors
represent a higher proportion of total sales, despite little change in
collectability. Normally collectability should be assessed in relation to
credit sales, but II
mention the point to emphasize the need for care in the use of data and
information.
Fraud - if, for instance, an employee has misappropriated cash received
from debtors on a significant scale, debtors may be overstated in the
accounting records.
UEW/IEDE 93
AUDITING AND
INVESTIGATION Unit 2, section 5: Analytical reviews
The six headings above are a useful guide to the factors the auditor should
consider when investigating apparent inconsistencies in figures. The entire
example,
relate to sales and debtors but examples could have been taken just as easily
from
other areas.
Important Ratios
Among the ratios that are computed for the purposes of carrying out
analytical procedures as the following:
Gross Profit Margin
Net Profit margin
Return on capital employed
Current ratio
Quick or acid test ratio
Debtors turnover period
Creditors payment period
Rate of stock turnover
Gearing ratio
Price/Earnings ratio
Dividend per share
Earnings per share
Earnings yield
Return on net assets
In addition to the above ratios, the auditors should examine the clients’
circumstance and compute other relevant ratios e.g. revenue per passenger
mile for an airfare operator.
Other areas that auditors may examine as part of the analytical procedures
include the following:
Examine changes in products, customers, distribution chain and levels of
return
Assess the effect of inflation, industrial disputes, changes in technology
of production and changes in activity on the wages paid
Obtain explanations for all major variances analysed using a standard
costing system. Particular attention should be paid to those relating to
the over or under absorption of overheads since these may, inter-alia,
affect stock valuations
Examine trends in production and sale and assess the effect on any
provisions for obsolete stocks
Ensure that changes in the percentage labour or overhead content of
production costs are also reflected in the stock valuation
Review other expenditure items with particular emphasis on
comparisons of the following:
94 UEW/IEDE
AUDITING AND
Unit 2, section 5: Analytical reviews INVESTIGATION
Activity
Examine the draft financial statements of OJ Limited and, without
calculating any ratios, note matters of significance in the context of planning
the final examination.
Case Study
The following information for the year to 30 April 2007 has been
extracted from the accounting records of Kothari
a manufacturing concern, together
with comparative figures for 2006:
2007 2006
GH¢000 GH¢000 GH¢000 GH¢000
Sales 4600 3000
Materials: Opening stock 400 350
Purchases 3000 1500
Closing stock (800) (400)
-- --
Materials used 2600 1450
Factory overheads 1550 750
Production cost 4150 2200
Work in progress: Opening 300 400
Closing (1000) (300)
Factory cost: finished 3450 2300
goods
Finished goods: Opening 500 550
stock
Closing stock (150) (500)
Cost of sales 3800 2350
UEW/IEDE 95
AUDITING AND
INVESTIGATION Unit 2, section 5: Analytical reviews
550 310
Net Profit 250 340
-- --
Financed by
Share capital and reserves 3500 3000
Long-term borrowings 2450 450
Net capital employed 5950 3450
Look at the figures broadly, before calculating any ratios. Ask the
question:
'Are there any matters requiring further investigation?' For instance, you
might note sales are higher (or lower) than the previous year, and that
stock levels look high (or low) this year compared with last year. Do not
immediately suspect that fraud is taking place.
The next step would be to calculate selected ratios to see if your initial
impression was valid. For instance, you might wish to look at sales
trend, calculate gross profit percentages and turnover of stock. Leave the
calculation of ratios until they are necessary. In the exam room, you will
not have time to calculate inappropriate ratios. Be selective.
96 UEW/IEDE
AUDITING AND
Unit 2, section 5: Analytical reviews INVESTIGATION
Selling expenses have increased in relation to sales over the period and
the auditor should discover what kinds of expense were included. For
instance, the expansion in sales might have been partially triggered by
an advertising campaign. At the same time we note that gross profit
percentage has dropped by more than 4.4% and this may have played a
role. Clearly the auditor would wish to know more about the company's
pricing policy.
The acid test ratio appears to be high, but the company may still not
have completed its expansion programme. One worrying feature that we
did not address above was the reduced collect ability of debtors (the
company is waiting for more than four months for payment) and you
would want to find out why this is so. Poor collectability of debtors
might hinder an expansion programme.
UEW/IEDE 97
AUDITING AND
INVESTIGATION Unit 2, section 5: Analytical reviews
The raw materials stock position and the enhanced production cost seem
reasonable in view of the expansion of the company. The finished stock
position looks strange, but it may be that the company is clearing out old
lines at low prices (hence the lower gross margin).
You may have noted other matters but these seem to be the salient features.
Now that you have obtained a global view, select ratios that would support
or refute the above observations. Do not overdo it. Remember that as the
lead auditor wish to arm yourself with relevant information before you go to
see the chief accountant.
The auditor considers testing the controls, if any, over the entity's
preparation of information used by the auditor in applying substantive
analytical
procedures. When such controls are effective, the auditor has greater
confidence in the reliability of the information and, therefore, in the results
of substantive analytical procedures.'
Review Questions
Explain the nature and purpose of analytical review
98 UEW/IEDE
AUDITING AND
Unit 2, section 5: Analytical reviews INVESTIGATION
UEW/IEDE 99
VERIFICATION OF FINANCIAL POSITION ITEMS
AUDITING AND
UNIT 2 SECTION
INVESTIGATION
6
Unit 2, section 6: Verification of financial position items
Ownership: The auditor must conduct test to establish that the client is
the beneficial owner of the assets existing and that the liabilities
concerned are required to be met by the client. In some instances, it is
possible to verify ownership[ by reference to a document such as leases
or deeds in relation to a property; in other case, however, it may be
necessary to rely on corroborative evidence or the representations of
outside parties.
100 UEW/IEDE
AUDITING AND
Unit 2, section 6: Verification of financial position items INVESTIGATION
Verification Procedures
Procedures auditors may adopt to verify assets and liabilities include:
Observation
Inspection
Enquiring
Confirmation
Computation
Analytical review
UEW/IEDE 101
AUDITING AND
INVESTIGATION Unit 2, section 6: Verification of financial position items
Investments
Audit Objectives may include:
To determine whether there is a documentary evidence of the ownership
of the investment
To determine whether changes during the period represented bonafide
transactions
To ascertain whether the basis on which the investments are stated is
appropriate and the method employed in valuation has been consistently
applied
To determine whether the amount shown in the statement of financial
positions are properly classified and described.
Audit Programme
Obtain or prepare analysis of investments and test clerical accuracy of
the analysis
Obtain third party confirmation and or make physical inspection of
securities listed on the analysis
Test interest and dividend incomes received and accrued by reference to
supporting documents
Check for additional acquisitions and redemptions during the year
Review the treatments of capital distributions, bonus and rights issue
Verify quoted prices for listed investments at statement of financial
position audit
Determine whether unlisted investments at statement of financial
position audit
Check whether investments are properly described and classified as
current assets or long term investments
102 UEW/IEDE
AUDITING AND
Unit 2, section 6: Verification of financial position items INVESTIGATION
Audit Programme:
Examine sample of ledger accounts and all accounts with balances equal
to or over the materiality factor and trace balances to summary lists
Check the additions of the lists of balances and cross cast if analysed.
Trace total o lead schedule
Check that the total balances agree with the balances on the control
account
Examine control account for the year and verify unusual items
Select balances for direct confirmation through debtors’ circularization.
Investigate discrepancies and reconcile
If no circularization of debtors has been carried out, select a sample of
balances and check payment after date. Trace such receipts to the
paying in-book
Examine accounts with credit balances and ensure that payments in
respect of credit balances are authorized by responsible officials
Ensure separate and shown under creditors
Verify that provision for doubtful debts and discounts are both
reasonable and adequate
Examine the credit control procedures and consider if any
recommendations should be made. Check for the compliance with
credit policy of the entity with respect to credit limits, credit period, cash
discounts, etc
Verify that bad debts written off during the period were properly
authorised and that all reasonable recovery procedures have been taken
prior to the write-offs
Examine ledger for transfer between accounts throughout the year.
Verify reasons for this, and check authorization
Examine credit notes issued after the year end and verify whether they
relate to genuine sales
Test returns during the period and ensure that credit notes are raised and
posted accordingly.
UEW/IEDE 103
AUDITING AND
INVESTIGATION Unit 2, section 6: Verification of financial position items
Audit Programme
Bank
Obtain a copy of the year end bank reconciliation
Compare cash book and bank statements in detail covering items in the
reconciliation
Trace all outstanding cheques to subsequent bank statements and ensure
that they are cleared
Verify by reference to paying-in-ships that lodgements outstanding were
actually lodged with the bank prior to the end of the year
Scrutinize bank statements for dishonoured cheques and investigate any
such items
Obtain direct from bankers a certificate of balance and check to
reconciliation
Cash
Obtain a statement setting out details of the cash in hand
Count the cash at the year-end in presence f the cashier. Reconcile
balance to year-end figure
Verify that monies received on the last day of the financial year were
duly banked on that date or included in the cash in hand balance
Examine the pre-and post-yearend cash count and verify that all cheques
drawn to replenish the petty cash fund have been entered in the records
Audit Programme
Test extraction of purchases ledger
Reconcile ledger balances with suppliers statements
Where suppliers statements are not available, verify the balances
through circularization
Check casting of list of balances and trace total to lead schedule
Verify that the list of balances agrees to the control account
Examine list of debit balances and ensure separated and shown under
debtors
Enquire into the reasons for debt balances and ensure that they are
recoverable
104 UEW/IEDE
AUDITING AND
Unit 2, section 6: Verification of financial position items INVESTIGATION
Verification of Stocks
Problems associated with verification of stocks.
Of all the statement of financial position items of manufacturing and trading
organizations the one that requires attention in terms of verification are
stocks (Raw materials, consumables, Work-in-progress, parts, loose tools,
finished goods, lubricants and fuel etc). From the auditor’s point of view,
this had always been the asset that possesses the greatest verification
difficulties. This is because:
The amount at which the stocks are stated in the financial statements is
almost always material especially in the case of manufacturing
companies
UEW/IEDE 105
AUDITING AND
INVESTIGATION Unit 2, section 6: Verification of financial position items
It is the only item in the published accounts which does not also feature in
the closing trial balance, i.e. it does not arise from the double entry process
itself. In some accounting systems, production costing and financial
accounting will be integrated to give a book figure for work-in-progress, but
in majority of cases, the determination of stocks is largely dependent upon
physical stock taking procedures. This factor makes the stock figure the
most susceptible to manipulation
Yet another problem is the fact that certain stock items pose identification
and measuring problems, for example, how does one measure large volumes
of power on liquid? It is by volume or by weight?
106 UEW/IEDE
AUDITING AND
Unit 2, section 6: Verification of financial position items INVESTIGATION
Verification
Objectives which verification of stocks and work-progress seeks to achieve
include the following:-
To confirm that all stock and work-in-progress belonging to the client
has been brought into accounts
To confirm that all stocks belonging to others in possession of the client
have been separately identified, counted, reconciled and excluded from
the valuation
To confirm that all obsolete, damaged or slow moving stocks have been
separately identified and stated at realisable value
The value at which stock and work-in-progress is stated in the statement
of financial position is correctly calculated on a basis consistent with
previous years
Security arrangements for safe custody of stock and work-in-progress
are adequate.
Prior to the stock-take, review the client’s own stock taking instructions
to its staff and consider whether they are adequate. Ensure that the
stocktaking procedures questionnaire has been completed.
Note any weakness in the system which would invalidate the reliability
of the count and bring to the audit manager’s attention immediately so
that he may discuss the problem with the client.
Attend to observe the physical count and ensure that the client’s stock
taking procedures are followed and in particular, that:
All slow moving, obsolete or damaged stocks are segregated and
counted separately and clearly marked on the stock sheets
All stores location are covered by the count
All slow moving, obsolete or damaged stocks are segregated and
counted separately and clearly marked on the stock sheets
All stocks belonging to third parties are counted and segregated on
stock sheets
All stocks sheets issued are accounted for, completed properly, dated
and signed by the personnel carrying out the count.
Complete the standard stock taking report
Obtain details of the last few goods outward and goods inwards/delivery
notes for use in cut off tests
Ensure that all rough stock sheets have been processed to make up the
final stock sheets
UEW/IEDE 107
AUDITING AND
INVESTIGATION Unit 2, section 6: Verification of financial position items
Scrutinize the stock sheets for obvious errors and compare with the
comparative sheets for the previous years to ensure that no section of the
stock has been excluded
Select a sample of goods outward notes and check that the goods have
been entered in the stock records in the current year. Carry out a similar
test for goods inwards/delivery notes
Compare final stock sheets with any perpetual inventory records
maintained (e.g. bin cards, stores ledgers). Note any discrepancies and
obtain adequate explanations for the differences. Ensure that all
necessary adjustments are made to the inventory records
Reconcile stock and work in progress figure in the final accounts with
amounts shown in total by the perpetual inventory records or
management accounts. Prepare a schedule giving the reason for the
divergence, stating the evidence obtained to verify the explanations
given
Obtain certificate direct from third parties in respect of stock held by
them. The certificate should identify the nature of the stock, the
quantities held and the purpose for which it is held. It should also
confirm that the stock held is in good condition and not subjected to any
lien or charges. Confirm that all necessary deductions are made in
respect of slow moving damaged or obsolete stocks.
108 UEW/IEDE
AUDITING AND
Unit 2, section 6: Verification of financial position items INVESTIGATION
Responsibility
It is the responsibility of the management of an enterprise to ensure that the
amount at which stocks are shown in the financial statements represents
stocks physically in existence and includes all stocks owned by the
enterprise.
UEW/IEDE 109
AUDITING AND
INVESTIGATION Unit 2, section 6: Verification of financial position items
The principal sources of this evidence are stock records, stock control
systems and the results of any stocktaking test counts made by the auditor
himself. By reviewing the enterprises stock records, and stock control
systems, the auditor can decide to what extent he needs to rely upon
attendance at stock taking to obtain the necessary audit evidence
Types of stocktaking
Physical verification of stocks may be by means of a full count (or
measurement in the case of bulk stock) of all the stocks at the yearend or at
a selected date before or shortly after the year end, or by means of a count of
part of the stocks in which case it may be possible to extrapolate the total
statistically. Alternatively, verification may be by means of the counting or
measurement of stocks during the course of the year using continuous stock-
checking methods. Some business enterprise use continuous stock-checking
methods for certain stocks and carry out a full count of other stocks at a
selected date.
The evidence of the existence of stocks provided by the stock take results is
most effective when stocktaking is carried out at the end of the financial
110 UEW/IEDE
AUDITING AND
Unit 2, section 6: Verification of financial position items INVESTIGATION
year. Stocktaking carried out before or after the year end may also be
acceptable for audit purposes provided records of stock movement in the
period are such that the movements can be examined and substantiated.
The auditor should bear in mind that the greater the interval between the
stocktaking and the year end, the greater will be his difficulties in
substantiating the amount of stock at the statement of financial position
date. Such difficulties will, however, be lessened by the existence of a well-
developed system of internal control and satisfactory stock records.
Stocktaking Procedures
The following are the principal procedures which may be carried out by an
auditor when attending a stock take.
Before the Stock taking: Planning,
The auditor should plan his audit coverage of a stock take by:
reviewing his working papers for the previous year, where applicable,
and discussing with management any significant changes in stocks over
the year
discussing stock taking arrangements and instructions with management
familiarizing himself with the nature and volume of the stocks, the
identification of high value items and the method of accounting for
stocks
considering the location of the stock and assessing the implications of
this for stock control and recording
Reviewing the systems of internal and accounting relating to stocks, so
as to identify potential areas of difficulty (for example cut off).
considering any internal audit involvement, with a view to deciding the
reliance which can be placed on it
ensuring that a representative selection of locations, stocks and
procedures are covered, and particular attention is given to high value
items where these form a significant proportion of total stock value
arranging to obtain third party confirmation of stocks held by them, but
if the auditor considers that such stocks are a material part of the
enterprise’s total stock, or the third party is not considered to be
independent or reliable, then arranging, (where appropriate) either for
him or for the third party’s auditor to attend a stock take at the party’s
premise’s; and
UEW/IEDE 111
AUDITING AND
INVESTIGATION Unit 2, section 6: Verification of financial position items
The auditor should conclude whether the stock taking has been properly
carried out and is sufficiently reliable as a basis of determining the existence
of stocks. The auditor should consider whether any amendment is necessary
to his subsequent audit procedures.
112 UEW/IEDE
AUDITING AND
Unit 2, section 6: Verification of financial position items INVESTIGATION
The auditor should try to gain from his observations and overall impression
of the levels and values of stocks held so that he may, in due course, judge
whether the figure for stocks appearing in the financial statements is
reasonable.
The auditor’s working paper should include details of his observations and
tests, the manner in which points that are relevant and material to the stocks
being counted or measured have been dealt with by the client, instances
where the client’s procedures have not been satisfactorily carried out and the
auditor’s conclusions.
After Stocktaking
After the stock taking, the matters recorded in the auditors’ working papers
at the time of the count or measurement should be followed up.
Photocopies of or extracts from rough stock sheets and details of test counts
may be used to check that the final stock sheets are accurate and complete.
The auditor should check replies from third parties about stocks held by or
for them, follow up all queries and notify senior management of serious
problems encountered during the stock taking.
Bank Overdraft
Bank overdrafts are shown as liabilities even though there may be other
bank balances shown as an asset. The only exception is where there a legal
right of set-off; in such cases, the accounts presentation is to net off the two
balances against each other. Verification of bank overdrafts is in other
respects identical to the verification of cash balances.
Accruals
Accruals, like prepayments, are commonly made for rent, electricity,
telephone and other items where the expenditure has been incurred in the
current period but where no invoice has yet been recorded. Accruals are
often immaterial and reliance is often placed on analytical procedures.
Nevertheless, as year-end adjustments, there are rarely controls over
accruals and any errors are likely to be those of understatement.
Test for accruals include the following:
Consider the client’s own system (if any) for capturing accruals.
Obtain a schedule of accruals, ensuring that it is cast correctly,
comparing it with prior year accruals and performing other analytical
procedures.
Test check a sample of accruals for correct calculation, referring to
supporting invoices received in the next period.
Include confirmation of the completeness of accruals in the management
representation letter. This is dealt with in further detail later.
UEW/IEDE 113
AUDITING AND
INVESTIGATION Unit 2, section 6: Verification of financial position items
Long-term Liabilities
The main long-term liabilities will be debenture loans and bank loans.
There may be other amounts, such as a creditor who has agreed a specially
extended date of payment. If so, the audit procedures are the same as for a
similar item under current liabilities. It should also be appreciated that if all
or part of the debenture loan has a due date of payment within one year of
the statement of financial position date, then the loan (or the part requiring
payment) must be disclosed under current liabilities.
Debenture Loans
A debenture loan is defined as a written acknowledgement by a
company, usually under seal, of a loan made to it, containing provisions
as to payment of interest and repayment of capital.
The procedure with regard to the issue of debentures is similar to that in
the case of an issue of shares and the work to be performed by the
auditor in vouching the issue will be of the same nature.
On vouching the issue, the auditor should always refer to the debenture
trust deed.
The auditor should inspect the certificate of registration given by the
Registrar.
When a new issue of debentures takes place in the year, it is necessary to
disclose the class of debentures issued, the amount issued for each class
and the consideration received.
Debentures may be redeemable according to the terms of the issue, at
specified dates, by annual or other drawings, or at the option of the
company, after due notice has been given of intention to repay.
Auditors should examine the provisions of the trust deed or the
debenture bonds relating to the redemption, and ascertain that they are
duly complied with.
The auditor’s principal duties with regard to the redemption are as
follows:
Examine the trust instrument as to the terms of the redemption, and
note that these have been complied with.
Check the payment of cash to the debenture holders.
Inspect the cancelled bonds.
See that the entry in the register of charges has been cancelled, and
inspect any ‘memorandum of satisfaction’ filed with the Registrar.
Contingent Liabilities
A contingency may be defined as a condition which exists at the
statement of financial position date where the ultimate outcome (gain or
loss) will only be confirmed by the occurrence or non-occurrence of one
or more uncertain future events. Under the rules of IAS 37, probable
losses should be accrued, possible losses should be disclosed. Probable
gains should be disclosed.
114 UEW/IEDE
AUDITING AND
Unit 2, section 6: Verification of financial position items INVESTIGATION
UEW/IEDE 115
AUDITING AND
INVESTIGATION Unit 2, section 6: Verification of financial position items
The auditor may also consider it useful to obtain the client’s consent to
send a letter requesting confirmation of specific matters to the client’s
solicitors. An example of such a letter is:
In connection with the presentation and audit of our accounts for the
year ended….. …. The directors have made estimates of the ultimate
liabilities (including costs) which might be incurred, and which are
regarded as material, in relation to the following matters on which you
have been consulted. We should be obliged if you would confirm that in
your opinion these estimates are reasonable.
GH¢25,000
appearing in newspaper.
Signed ………………………
Dated ……………………….
Share Capital
There are many distinct types of shares of limited companies, but capital
is most often divided into preference and ordinary shares. The rights of
the respective shareholders are governed by the Regulations. The
preference shareholders, as a rule, are entitled to a fixed dividend out of
profits. The surplus profits after such payments belong to the ordinary
shareholders.
Depending on the provisions in the Regulations, the preference shares
may also carry a preferential right as regards capital, that is to say, that
they are entitled to the return of their capital before there is any return on
the ordinary shares in the event of liquidation, and possibly they may
also be entitled to a premium on liquidation.
Share capital represents part of the capital invested in the company by its
shareholders, but may also represent past reserves of the company which
have been ‘capitalised’ by a bonus issue of shares.
The total of share capital and reserves represents the books value of the
net assets of the company.
116 UEW/IEDE
AUDITING AND
Unit 2, section 6: Verification of financial position items INVESTIGATION
In the notes to the accounts, the authorised and issued share capital must
be disclosed by class of share.
The issued share capital is the total amount of the authorised share
capital which has actually been issued
In addition, full details must be given of any changes in the share capital
during the year.
As any change in share is likely to be a material transaction subject to
special legal requirements, all changes should be checked. Sampling
would not be appropriate except for an issue of shares for cash involving
a substantial number of shareholders:
Appropriate procedures:
Check authorised capital limit to memorandum and articles.
Check changes to issued capital in year and agree to board minutes.
Trace all transactions involving cash to the cash book and bank
statement.
Ensure that appropriate returns have been made to the Registrar of
Companies.
Ensure appropriate disclosure in accordance with FRS 4 Capital
Instruments, as either debt or equity.
Ensure that all transactions are legal and that any share premiums in
particular have been accounted for in accordance with the CA 1985
requirements.
Reserves
Reserves represent the balance of net assets accruing to the shareholders
and may include retained earnings (income surplus), capital
surplus(capital redemption reserve fund, asset replacement reserve fund,
revaluation surplus, etc.) and share deals account
It is necessary to disclose all the information required by the Companies
Code.
This includes:
Following the standardised formats laid down in Part 2 of Schedule 4 of
the Companies Code (under review)
Showing the opening and closing balances on reserves and any transfer
to or from the reserves during the year
Disclosing the source and application of any amount to be transferred.
The audit of the revaluation reserve will involve the following steps:
Assess the reason for the revaluation, the basis of valuation and its
reasonableness in the light of the auditor’s knowledge of the business
and the position of the property market.
Evaluate the qualifications and experience of the valuer, which must be
disclosed in the year in which the valuation take place (the year of the
valuation is given in subsequent years). Reliance on experts has been
dealt with in an earlier chapter.
UEW/IEDE 117
AUDITING AND
INVESTIGATION Unit 2, section 6: Verification of financial position items
Ensure that adequate disclosures are made as above and that any
difference between market value and the recorded value is disclosed.
The Income Surplus balance represents accumulated retained profits of
the business. The balance at the yearend consists of the balance brought
forward from the previous year plus the retained profit for the current
year.
The audit procedures for income surplus mainly consist of verifying that
legal requirements have been complied with and correct disclosures
made. The following is a summary of the procedures:
Prepare a schedule of reserves showing movements in the year.
Check material movements, and ensure compliance with legal
regulations.
Ensure all gains and losses have been included in the income statement
or other reserves as appropriate.
Review Question:
As an auditor to Gameli Ltd., and automobile firm, state the audit work that
you would carry out in connection with the following items disclosed in the
financial statements dated 31 December, 2006.
charges in the profit and loss account in respect of depreciation of fixed
assets
the sale during the year of one of the company’s freehold properties
the purchase during the year of the freehold premises
Capital grants received in respect of expenditure during the year on
plant and equipment.
118 UEW/IEDE
FINANCIAL STATEMENT AUDIT
XXXXXXX 3
UNIT Unit X, section X: XXXXXXX
Dear learner, you are once again welcome to the third unit of the course
“auditing and investigation”. In this unit, we will deal with financial
statement audit. We have already taken you through legal and professional
framework of audit and conducting an audit assignment.
Generally, the basic idea of financial statement audit are equally important
for any business and therefore a business student. It is very important you
pay attention to this topic. Enjoy your lesson.
120 UEW/IEDE
AUDITING AND
This page is left blank for your notes INVESTIGATION
UEW/IEDE 121
AUDIT OF ACCOUNTING ESTIMATES IN FINANCIAL
AUDITING AND
UNIT 3 SECTION
INVESTIGATION
1
Unit 3, section 1: Audit of accounting estimates in financial statement
STATEMENT
122 UEW/IEDE
AUDITING AND
Unit 3, section 1: Audit of accounting estimates in financial statement INVESTIGATION
UEW/IEDE 123
AUDITING AND
INVESTIGATION Unit 3, section 1: Audit of accounting estimates in financial statement
124 UEW/IEDE
AUDITING AND
Unit 3, section 1: Audit of accounting estimates in financial statement INVESTIGATION
Evaluating Reasonableness
In evaluating the reasonableness of an estimate, the auditor normally
concentrates on key factors and assumptions that are—
Significant to the accounting estimate.
Sensitive to variations.
Deviations from historical patterns.
Subjective and susceptible to misstatement and bias.
The auditor normally should consider the historical experience of the entity
in making past estimates as well as the auditor's experience in the industry.
However, changes in facts, circumstances, or entity's procedures may cause
factors different from those considered in the past to become significant to
the accounting estimate.
The auditor should evaluate whether the difference between estimates best
supported by the audit evidence and estimates included in the financial
statements, which are individually reasonable, or indicating a possible bias
on the part of the company's management. If each accounting estimate
included in the financial statements was individually reasonable but the
effect of the difference between each estimate and the estimate best
supported by the audit evidence was to increase earnings or loss, the auditor
should evaluate whether these circumstances indicate potential management
bias in the estimates.
UEW/IEDE 125
AUDITING AND
INVESTIGATION Unit 3, section 1: Audit of accounting estimates in financial statement
126 UEW/IEDE
AUDITING AND
Unit 3, section 1: Audit of accounting estimates in financial statement INVESTIGATION
UEW/IEDE 127
AUDITING AND
INVESTIGATION Unit 3, section 1: Audit of accounting estimates in financial statement
Review Questions
Identify five areas in which accounting estimates are likely to be made
in a financial statement
Explain the circumstances that require accounting estimates to be made
Enumerate the audit procedures required to audit accounting estimates
128 UEW/IEDE
AUDITING
AUDITING AND
AND
Unit 3, section 1: Audit of accounting
This estimates
page is leftinblank
financial
for your
statement
notes INVESTIGATION
INVESTIGATION
UEW/IEDE 129
EXAMINATION OF PROSPECTIVE FINANCIAL
AUDITING AND
UNIT 3 SECTION
INVESTIGATION
2
Unit 3, section 2: Examination of prospective financial information
INFORMATION
Prospective financial information relates to events and actions that have not
yet occurred and may not occur. While evidence may be available to support
the assumptions on which the prospective financial information is based,
such evidence is itself generally future oriented and, therefore, speculative
in nature, as distinct from the evidence ordinarily available in the audit of
historical financial information. The auditor is, therefore, not in a position to
express an opinion as to whether the results shown in the prospective
financial information will be achieved.
130 UEW/IEDE
AUDITING AND
Unit 3, section 2: Examination of prospective financial information INVESTIGATION
Some Definitions
Prospective financial information' means financial information based on
assumptions about events that may occur in the future and possible actions
by an entity. It is highly subjective in nature and its preparation requires the
exercise of considerable judgment. Prospective financial information can be
in the form of a forecast, a projection or a combination of both, for example,
a one year forecast plus a five year projection.
Acceptance of Engagement
Before accepting an engagement to examine prospective financial
information, the auditor would consider, amongst other things:
• The intended use of the information:
UEW/IEDE 131
AUDITING AND
INVESTIGATION Unit 3, section 2: Examination of prospective financial information
The auditor and the client should agree on the terms of the engagement. It is
in the interests of both entity and auditor that the auditor sends an
engagement letter to help in avoiding misunderstandings regarding the
engagement.
The auditor should consider the extent to which reliance on the entity's
historical financial information is justified. The auditor requires knowledge
of the entity's historical financial information to assess whether the
prospective financial information has been prepared on a basis consistent
with the historical financial information and to provide a historical yardstick
for considering management’s assumptions. The auditor will need to
establish, for example, whether relevant historical information was audited
or reviewed and whether acceptable accounting principles were used in its
preparation.
132 UEW/IEDE
AUDITING AND
Unit 3, section 2: Examination of prospective financial information INVESTIGATION
would consider the surrounding facts and the effect on the examination of
the prospective financial information.
Period Covered
The auditor should consider the period of time covered by the prospective
financial information. Assumptions are usually speculative with the length
of the period covered. The period to cover should not extend beyond the
time for which management has a reasonable basis for the assumptions.
The following are some of the factors that are relevant to the auditor's
consideration of the period of time covered by the prospective financial
information:
Operating cycle, for example, in the case of a major construction project
the time required to complete the project may dictate the period covered.
The degree of reliability of assumptions, for example, if the entity is
introducing a new product the prospective period covered could be short
and broken into small segments, such as weeks or months. Alternatively,
if the entity's sole business owns a property under long-term lease, a
relatively long prospective period might be reasonable.
The needs of users, for example, prospective financial information may
be prepared in connection with an application for a loan for the period of
time required to generate sufficient funds for repayment. Alternatively,
the information may be prepared for investors in connection with the
sale of debentures to illustrate the intended use of the proceeds in the
subsequent period.
Examination Procedures
When determining the nature, timing and extent of examination procedures,
the auditor's considerations should include:
The likelihood of material misstatement;
The knowledge obtained during any previous engagements;
Management's competence regarding the preparation of prospective
financial information;
The extent to which the prospective financial information is affected by
the management's judgment; and
The adequacy and reliability of the underlying data.
The auditor would assess the source and reliability of the evidence
supporting management's best-estimate assumptions. Sufficient appropriate
evidence supporting such assumptions would be obtained from internal and
external sources including consideration of the assumptions in the light of
historical information and an evaluation of whether they are based on plans
that are within the entity’s capacity.
UEW/IEDE 133
AUDITING AND
INVESTIGATION Unit 3, section 2: Examination of prospective financial information
consideration. For example, if sales are assumed to grow beyond the entity's
current plant capacity, the prospective financial information will need to
include the necessary investment in the additional plant capacity or the costs
of alternative means of meeting the anticipated sales, such as subcontracting
production.
The auditor would focus on the extent to which those areas that are
particularly sensitive to variation will have a material effect on the results
shown in the prospective financial information. This will influence the
extent to which the auditor will seek appropriate evidence. It will also
influence the auditor's evaluation of the appropriateness and adequacy of
disclosure.
134 UEW/IEDE
AUDITING AND
Unit 3, section 2: Examination of prospective financial information INVESTIGATION
UEW/IEDE 135
AUDITING AND
INVESTIGATION Unit 3, section 2: Examination of prospective financial information
State that:
Actual results are likely to be different from the prospective financial
information since anticipated events frequently do not occur as expected and
the variation could be material. Likewise, when the prospective financial
information is expressed as a range, it would be stated that there can be no
assurance that actual results will fall within the range; and
136 UEW/IEDE
AUDITING AND
Unit 3, section 2: Examination of prospective financial information INVESTIGATION
When the auditor believes that the presentation and disclosure of the
prospective financial information is not adequate, the auditor should express
a qualified or adverse opinion in the report on the prospective financial
information, or withdraw from the engagement as appropriate.
When the auditor believes that one or more significant assumptions do not
provide a reasonable basis for the prospective financial information
prepared on the basis of best estimate assumptions or that one or more
significant assumptions do not provide a reasonable basis for the
prospective financial information given the hypothetical assumptions, the
auditor should either express an adverse opinion in the report on the
prospective financial information, or withdraw from the engagement.
UEW/IEDE 137
Unit 3, section
AUDITING3: Auditing
OF THE of the financial statements
FINANCIAL of charities
STATEMENTS OFand trade
AUDITING AND
UNIT 3 SECTION
INVESTIGATION
3
unions CHARITIES AND TRADE UNIONS
Background
Not every charitable non-profit is required to conduct an independent audit.
Some non-profits, because of the size of their annual budgets, or because of
the sources of their funding, are required by state or federal law to conduct
an independent audit. In other situations, a charitable non-profit has a choice
whether or not to conduct an independent audit.
What is a charity?
Definition of charitable purposes: A charity is defined as any institution,
corporate or otherwise, which is established exclusively for charitable
purpose according to the laws of Ghana.
138 UEW/IEDE
Unit 3, section 3: Auditing of the financial statements of charities and trade AUDITING AND
unions INVESTIGATION
Regulatory bodies
If the Registrar of companies is satisfied that an institution applying for
registration is established for exclusively charitable purposes (and if it is not
one of a class of charities exempted from the need to register) it will enter it
in the Register of charities maintained by them. The Registrar may request
that the accounts of registered charities are filed with them and they can also
require that such accounts be audited.
UEW/IEDE 139
AUDITING AND Unit 3, section 3: Auditing of the financial statements of charities and trade
INVESTIGATION unions
Accounting policies
It is essential that the financial statements of all charities should include a
statement of the main accounting policies in accordance lASI and IAS 8.
The disclosure of significant accounting policies assumes a greater
importance than for other enterprises. The most important accounting
policies for a charity will probably include:
the basis on which income has been taken to the credit of the revenue
account (for example, accruals or cash basis, policy with regard to
legacy income, gross or net profit from trading activities);
the basis on which expenditure has been charged to the revenue account
(for example, accrual or cash, costs. including Y AT);
the accounting treatment of fixed assets and investments, including
donated assets;
the presentation of the special funds and the movements thereon;
The treatment of branches.
140 UEW/IEDE
Unit 3, section 3: Auditing of the financial statements of charities and trade AUDITING AND
unions INVESTIGATION
Cash income
In practice a charity may find it difficult to institute procedures to ensure
that all cash collections, often by volunteers, are properly accounted for in
the books of account.
The cut-off date for the cash income of some charities is not always the
year-end date, a later date sometimes being adopted because of the
importance of accounting for income collected, but not yet remitted by
voluntary supporters.
Central and local government grants and loans: Charities can be eligible for
a number of grants and loans, which can create problems in respect of:
knowing of the existence of the grant or loan scheme and the right to
claim;
Using the money for the correct purpose.
Accounting for the money in the right format
UEW/IEDE 141
AUDITING AND Unit 3, section 3: Auditing of the financial statements of charities and trade
INVESTIGATION unions
Once the scope of the audit has been established, it .should be defined and
explained in a suitably worded letter of engagement.
Central and local government grants and loans: The auditor should be
familiar with the workings of the grant or loan system and the accepted
ways of treating grants or loans in the financial statements.
Overseas activities: Where records are maintained overseas and the amounts
are material, the auditor should give consideration to a local audit. If
remittances to overseas branches are treated as an expense when made,
evidence of receipt will be required.
Specific funds: Tests will need to be designed to confirm that these funds
have been correctly accounted for and app lied.
Grants to beneficiaries: The auditor should confirm that the bona fides of
the recipients have been established. For example, the auditor will look for
evidence of the bona fides of a sample of grants made by the charity, and
scrutinize all grants of an unusual size or nature.
142 UEW/IEDE
Unit 3, section 3: Auditing of the financial statements of charities and trade AUDITING AND
unions INVESTIGATION
Audit procedures
The following procedures amplify those given in the operational guidelines.
They do not impose on the auditor any additional requirements. For
example, the internal controls operated by some charities, particularly small
ones, whilst adequate for their own purposes, may not be sufficient for the
purposes of reliance by the auditor in arriving at his opinion. In such cases
the auditor would choose a substantive route and not rely upon controls
which may exist.
In all audits, the scope will be determined by, and the audit procedures used
will vary in accordance with, the terms of the auditor's appointment. The
level of audit evidence to be obtained will be a matter of judgement for the
auditor in each individual case.
Planning
When planning the audit of a charity the auditor should particularly consider
the following:
the scope of the audit;
the acceptability of accounting policies adopted;
changes in circumstances in the sector in which the charity operates;
past experience of the effectiveness of the charity's accounting systems;
key audit areas;
the amount of details included in the financial statements on which the
auditor is required to report.
Audit evidence
When designing substantive tests for charities, the auditor should give
special attention to the possibility of:
understatement or incompleteness of the recording of all income
including gifts In kind, cash donations, and legacies;
overstatement of cash grants or expenses;
Misanalysis or misuse in the application of funds;
Misstatement or omission of assets including donated properties and
investments; the existence of restricted or uncontrollable funds in
foreign or Independent branches.
The extent of testing required will depend on the scope of the audit. For
example, the auditor may be required to report on financial statements
which include considerable details.
UEW/IEDE 143
AUDITING AND Unit 3, section 3: Auditing of the financial statements of charities and trade
INVESTIGATION unions
comparison of the funds raised by particular branches from one period to the
next should also be carried out and explanation obtained for significant
differences.
Internal controls
The auditor will have to consider where there are any internal controls on
which he may wish to reply, or whether he will need to carry out extensive
substantive testing. Large charities should have the internal controls
appropriate to any large enterprise, and the auditor should look for and
encourage the charity to implement normal internal controls and reporting
systems in keeping with the scale of operations.
Generally, the auditor will hope to be able to rely on the internal controls of
the charity in one or more key areas wherever the volume of transactions
makes this reliance desirable. For example, the auditor might wish to rely on
the charity's system of authorizing and controlling grants payments by the
grants committee. His compliance tests might include checking with the
minutes concerned and other documentation.
Deed of covenant:
regular checks and follow-up procedures to ensure due amounts are
received;
regular checks to ensure all tax repayments have been obtained.
Legacies:
comprehensive correspondence files maintained in respect of each
legacy, numerically controlled; ,
search agency reports of legacies receivable;
Regular reports and follow-up' procedures undertaken in respect' of
outstanding legacies.
144 UEW/IEDE
Unit 3, section 3: Auditing of the financial statements of charities and trade AUDITING AND
unions INVESTIGATION
Fund-raising activities
records maintained for each fund-raising event;
comparable controls maintained over receipts as for normal donations;
comparable controls maintained over expenses as for administrative
expenses.
Branches
Any branch, office or individual representative of the charity should-
make regular reports or returns to the charity, and checks should be
made to ensure that all these are received;
Any reports of misuse of the 'charity's name should be promptly
investigated;
Wherever the trustees of the charity have direct control over the
branches, internal
controls should be of equivalent standard to that of the main charity;
Consideration of an accounts manual and the standardization of
procedures-at all branches;
Proper acknowledgements of remittances to and from abroad.
Specific funds:
separate revenue and assets accounts;
terms controlling application of fund monies:
applications of fund monies
Grants beneficiaries:
records maintained of all requests for material grants received and their
treatments;
checks made of the bona fides of applicants for substantial grants, and
that amounts paid are intra vires;
minutes maintained of all grants committee meetings with record of
decisions made;
UEW/IEDE 145
AUDITING AND Unit 3, section 3: Auditing of the financial statements of charities and trade
INVESTIGATION unions
Bank records
In small charities the following controls will have particular significance:
prompt banking of receipts:
independent agreement of banking records to receipts records;
regular bank reconciliations;
scrutiny of returned cheques for unusual or frequent endorsements;
adequate arrangements for bank signatories.
146 UEW/IEDE
Unit 3, section 3: Auditing of the financial statements of charities and trade AUDITING AND
unions INVESTIGATION
In these circumstances, the review of the financial statements may lead the
auditor to question whether a going concern basis of accounting is
appropriate. He should therefore, in forming a conclusion on the matter, take
account of the amount of, trends in, income and expenditure since the
accounting date, any forecast and representations by management as to
future income and expenditure and (where relevant) the market value or the
charity's tangible assets.
Reporting
Form of report and address
The form of auditor's report and the persons to whom it will be addressed
will depend on the constitution of the particular charity concerned. Where
the auditor's report on the financial statements of a charity is registered
under the Companies Code, the provisions of the Code will apply and it will
be addressed to the members of appropriate governing body. The auditor’s
report on the financial statements of a charity registered under the Acts
relating to friendly and industrial and provident societies will be in another
form and addressed to the charity itself. In other cases, where charities are
not governed by statute, the auditor's report will be determined in
accordance with the terms of the auditor's appointment. For example, it may
be appropriate for the auditor to report only that the financial statements
have been prepared in compliance with regulations governing the charity's
operations.
In our opinion the financial statements give a true and fair view of
the state of the charity's affairs at 31st December 201x .... and of its
surplus/deficit and cash flow statement for the year ended and
comply with (insert relevant statutory and/or constitutional
provisions)'.
UEW/IEDE 147
AUDITING AND Unit 3, section 3: Auditing of the financial statements of charities and trade
INVESTIGATION unions
A particular and frequent problem for many shall charities is the difficulty
of applying proper control over voluntary donations until they are entered in
the accounting records. This creates a problem for auditors similar to that
which exists in relation to many small businesses regarding evidence of
completeness of income. Where such a problem does exist, even after the
auditor has taken steps to obtain all the evidence which can reasonably be
obtained, he may conclude that he is unable to give an unqualified opinion
on the financial statements in respect of the completeness of income. In such
a case, provided that he has satisfied himself that the charity's operations,
and that he has no reason to believe that income has been omitted, an
example of a form of report which be used is as follows:
This charity, in common with many others of similar size and organisation,
derives a substantial proportion of its income from voluntary donations
which cannot be fully controlled until they are entered in the accounting
records, and are not therefore susceptible to independent audit verification.
Subject to the foregoing, in our opinion the financial statements give a true
and fair view of the state of the charity's affairs at 31st December 201x and
of its surplus/deficit and cash flow statement for the year then ended and
comply with (insert relevant statutory and/or constitutional provision).'
148 UEW/IEDE
Unit 3, section 3: Auditing of the financial statements of charities and trade AUDITING AND
unions INVESTIGATION
Accounting
It is required that every trade union (except one which consists wholly or
mainly of representatives of constituent or affiliated organizations) to:
establish and maintain a satisfactory system of control of its accounting
records, its cash holdings and its receipts and remittances; and
keep proper accounting records with respect to its transactions, assets
and liabilities.
These records must be as to give a true and fair view of the state of affairs of
the trade union and to explain its transactions.
The auditor also has a duty to carry out such investigations as will enable
him to form an opinion on whether proper accounting records have been
kept, whether a satisfactory system of control over proper accounting
records have been kept, whether a satisfactory system of control over
transactions has been maintained and whether the accounts are in
agreements with the accounting records. If these statutory requirements
have not, in the auditor's opinion, been satisfied, or if he fails to obtain the
necessary information and explanations, he must state that fact in his report.
UEW/IEDE 149
AUDITING AND Unit 3, section 3: Auditing of the financial statements of charities and trade
INVESTIGATION unions
the right to require from officers of the trade union, or of any of its
branches, such information and explanations as he considerers
necessary;
the right to attend general meetings of members or of delegates of
members and to receive due notices of such meetings;
the right to be heard at such meetings on any part of the business which
concerns him as auditor.
The trade union rules contain provision for the appointment and removal of
auditors and also prescribe both the scope of the audit and the terms of the
auditor's report on the accounts included in the annual return.
Auditing procedures
Planning
The auditor should send an engagement letter to the executive committee to
confirm his understanding of the terms of his appointment. The letter should
indicate that the auditor is required to state whether in his opinion the
accounts contained in the annual return give a true and fair view. It should
also indicate the matters which he is required to state in his report on the
annual financial statements. In most cases, these will include his opinion on
whether these statements give a true and fair view.
The engagement letter should deal with the treatment of branch funds within
the annual return and the annual financial statements and the extent to which
such branch funds are included within the scope of the audit in respect of
any activities where the connection with the rules or objects of the trade
union is in doubt.
The auditor will need to consider the extent to which it is necessary to visit
and examine the records maintained at branches. He will take into account
the manner in which head office exercises its responsibilities for control and
supervision over the accounting records maintained at branch level and
whether separate branch auditors are appointed.
Accounting systems
Members' contributions represent the largest source of income for most
trade unions. It will therefore be necessary for the auditor to obtain an
150 UEW/IEDE
Unit 3, section 3: Auditing of the financial statements of charities and trade AUDITING AND
unions INVESTIGATION
In particular, where there are delays between the date of collection and
remittance to the trade union, the auditor will need to satisfy himself as to
the appropriateness of the method of determining arrears and the
reasonableness of the figures produced.
Audit evidence
Particularly important sources of evidence in respect of a trade union are the
membership and contribution records. Normally, an examination of these
records, and the figures contained within them, will assist the auditor in
obtaining the assurance that he requires in respect of members' contribution
income for the trade union as a whole and for the separate funds.
Two other important sources of audit evidence are the rules and decisions
from minutes. The latter represents an important source because many
significant decisions affecting financial matters may be taken by conference
or delegated down to specific councils, committees or branches. Key areas
where the auditor will have to rely on are as follows:
contributions (including political fund contributions) and entrance fees;
fines and special levies receivable;
benefits payable;
travel, subsistence and attendance payment and allowances;
dispute payments and receipts.
Internal controls
The auditing guideline on internal controls has particular relevance to the
audit of trade union. This is because of the specific requirement on most
trade unions to establish and maintain satisfactory systems of control over
their accounting records, their cash holdings, receipts and remittances; the
duties of auditors reporting on accounts contained in annual returns to carry
out investigations into and, where necessary, to report on such systems.
Large trade unions should have the internal controls appropriate to any large
enterprise, and the auditor should look for and encourage such a trade union
to implement normal internal controls and reporting systems in keeping with
the scale of operations.
Small unions and branches, even those of large trade unions, will generally
suffer from internal control weaknesses common to small enterprises, such
UEW/IEDE 151
AUDITING AND Unit 3, section 3: Auditing of the financial statements of charities and trade
INVESTIGATION unions
Financial organization
Preparation and appraisal of budgets
Comparison of actual performance against budgets
Monitoring in detail by specific committees or officers of expenditure
incurred.
Benefits payable
Regular checks to ensure that benefits payable are properly recorded
Checks to ensure that applicants fulfil all conditions necessary before
receiving benefits.
Separate funds
Checks to ensure that income and expenditure, assets and liabilities and
numbers of members contributing are properly identified and recorded
in respect of each separate fund.
152 UEW/IEDE
Unit 3, section 3: Auditing of the financial statements of charities and trade AUDITING AND
unions INVESTIGATION
Investments
Ensuring that investments are properly recorded
Periodic checks to ensure that all investment income due is in fact
received
Proper authorization of purchases and disposal of investments
Regular checking of the register of investments with evidence of title.
Properties
Ensuring all property transactions are properly authorized
Ensuring that all properties are properly recorded and that all rental
income due is in fact received
Reporting
The audit report on the accounts contained in the annual return is required to
be express: in 'true and fair' terms. The audit report should be dated and
indicate the year to which the annual return relates. It should identify the
trade union as the body on which the report is addressed and also identify
those pages or paragraphs of the annual return.
UEW/IEDE 153
AUDITING AND Unit 3, section 3: Auditing of the financial statements of charities and trade
INVESTIGATION unions
The auditor must also state the fact in his report, where in his opinion:
proper accounting records have been or have not been maintained;
a satisfactory or unsatisfactory system of control over its transactions
has (or has not) been maintained;
the accounts are in or not in agreement with the accounting records; or
he has not obtained the necessary information and explanation that he
requires.
We have audited the accounts set out on pages .... to .... of this return in
accordance with approved Auditing Standards.
In our opinion the accounts give a true and fair view of the state of the
financial affairs at 3 I December .... and of its transactions and cash flow
statement for the year then ended.'
We have audited the accounts set out on pages ………….to ...of this return
in accordance with approved Auditing Standards.
154 UEW/IEDE
Unit 3, section 3: Auditing of the financial statements of charities and trade AUDITING AND
unions INVESTIGATION
Subject to any adjustments that may be required when the actual amount of
revenue expenditure referred to above is known, in our opinion the accounts
give a true and fair view of Qualified audit report. Disagreement - except:
omission of branch financial affairs.
We have audited the accounts set out on pages .... to .... of this
return. Our audit was conducted in accordance with approved
Auditing Standards except that the scope of our work was limited by
the matter referred to below.
Except for the effects of the adjustments which would have been
shown to be necessary has the information indicated in the paragraph
above been received, in our opinion the accounts give a true and fair
view of '
The terms of the audit will depend on the requirements set out in the trade
union rules as confirmed in the engagement letter. In most cases, however,
the audit report will be required to be in true and fair terms.
Review Questions
What are the key audit areas peculiar to charities?
List 10 indications of an effective internal controls system in Trade
Unions
UEW/IEDE 155
AUDITING AND Unit 3, section 3: Auditing of the financial statements of charities and trade
INVESTIGATION unions
156 UEW/IEDE
Unit 3, section 3: Auditing of the financial statements of charities and trade AUDITING AND
AUDITING AND
This page was left blank for yourunions
notes INVESTIGATION
INVESTIGATION
UEW/IEDE 157
GROUP ACCOUNTS AUDIT
AUDITING AND
UNIT 3 SECTION
INVESTIGATION
4
Unit 3, section 4: Group accounts audit
158 UEW/IEDE
AUDITING AND
Unit 3, section 4: Group accounts audit INVESTIGATION
Planning
Communication between the principal and subsidiary auditors is necessary
in the planning phases in order to resolve matters such as the following:
Evidence required by the principal auditor for the purposes of verifying
consolidation adjustments such as profits on inter-company stocks.
Differences in accounting policies and the need for information to
enable the subsidiaries account to be brought into line with group
policies on consolidation. This may be particularly important for foreign
subsidiaries where reporting requirements differ from those acceptable
in the country of the parent company.
Additional audit procedures for foreign subsidiaries where local auditing
standards differ from those of the parent company.
Additional audit procedures in situations where audit materiality and
audit risk at the group levels are potentially greater than those pertaining
to the subsidiary. For example, the extent of a contingent liability on the
group as a whole may only be apparent when the cumulative effect of
guarantees given by each subsidiary is considered.
Anticipated problems based on past experience and a review of up-to-
date information, such as management accounts.
Overall Audit Strategy and Audit Plan in accordance with ISA 300
requires that the group engagement team shall establish an overall group
audit strategy and shall develop a group audit plan. The group
engagement partner shall review the overall group audit strategy and
group audit plan
UEW/IEDE 159
AUDITING AND
INVESTIGATION Unit 3, section 4: Group accounts audit
160 UEW/IEDE
AUDITING AND
Unit 3, section 4: Group accounts audit INVESTIGATION
Audit Procedures
Ascertain the group'sprocedures for accounting for and reconciling such
balances.
Ascertaining the procedure for reconciling and eliminating such
balances on consolidations.
If the procedures are satisfactory and the amounts involved are not
material check that:
the balances on the consolidation worksheets are in agreement with
the audited accounts of each company, and
UEW/IEDE 161
AUDITING AND
INVESTIGATION Unit 3, section 4: Group accounts audit
Audit Procedures
Identify and determine the appropriateness of procedures adopted by the
parent company for identifying inter-company profits in stock.
Request the auditors of other group companies to verify:
the schedule of inter-company stock as supplied to the parent
company and indicating whether the carrying value of that stock is
other than at purchase cost.
162 UEW/IEDE
AUDITING AND
Unit 3, section 4: Group accounts audit INVESTIGATION
UEW/IEDE 163
AUDITING AND
INVESTIGATION Unit 3, section 4: Group accounts audit
Accounting Policies
In order for the group accounts to give a true and fair view they should be
prepared using consistent accounting policies. It is therefore necessary for
all the group companies to adopt uniform accounting policies wherever
practicable. There may be situations where the adoption of uniform
accounting policies by all group companies is not always possible. Some
subsidiaries may follow different accounting policies because of local
accounting requirements.
Consolidation Adjustments
Certain types of adjustments are required purely for the purpose of
preparing the group accounts referred to as consolidation adjustments. These
include:
adjustments required because certain subsidiary companies have based
their financial statements on accounting policies different from those of
the rest of the group.
Adjustments for unrealized inter-company profits on transfer of stocks
and fixed assets
Adjustments for inter-company management charges.
Adjustments for in-transit items.
The group auditor must make sure that he obtains the necessary information
to ensure that all such adjustments are reflected in the group accounts.
Accounting Periods
Section 127 (10) of the Companies Code 1963, Act 179 requires that "a
holding company's directors shall secure that, except where in their opinion
there are good reasons against it in which case their reasons shall be
164 UEW/IEDE
AUDITING AND
Unit 3, section 4: Group accounts audit INVESTIGATION
"If the financial year of a subsidiary does not coincide with that of the
holding company the group accounts shall, unless the Registrar shall
otherwise direct, deal with the subsidiary's profit or loss for, and the state of
affairs as at the end of, its financial year ending last before that of the
holding company."
Particular care should be taken in the case of group companies where there
are significant trading relationships between them. Their financial
statements should relate to the same periods and be made up to the same
date. If they were not, it is difficult to see how the group accounts could
give a true and fair view unless all significant transactions were adjusted.
Window-arresting between group companies could distort the view given by
the group accounts.
Loss-making Subsidiaries
The auditor may need to consider the following aspects:
If a subsidiary company continues to make losses, the directors may
consider there has been a permanent fall in value of the holding
company's investment. This could involve:
writing down the cost of the investment in the subsidiary to below
cost in the separate accounts of the holding company; and
writing down goodwill on consolidation, through the consolidated
profit and loss account in the group accounts.
The auditor will need to examine the extent of support by the holding
company, the subsidiary cash flow projections and the extent of disclosure
of guarantees in the group financial statements.
Restrictions on Distributions
There may be significant restrictions on the ability of the holding company
to distribute group retained profits because of statutory, contractual or
exchange control restrictions. There may be variety of restrictions, some of
which may be relatively short-term in nature. These may include:
Profits which have been appropriated to statutory reserves because of
legal requirement in a particular country.
UEW/IEDE 165
AUDITING AND
INVESTIGATION Unit 3, section 4: Group accounts audit
Foreign Subsidiaries
The problems of auditing a foreign subsidiary include the following:
The geographical location of the subsidiary. If the auditing firm has an
office in the country in which the subsidiary operates, then the audit
client will probably choose the holding company's auditor as the auditor
of the subsidiary company. However, this may not be the case if the
holding company auditor does not have such a representation.
166 UEW/IEDE
AUDITING AND
Unit 3, section 4: Group accounts audit INVESTIGATION
Review Questions
What is inter-company profit?
Identify two special consideration for planning and control of group
audit
What factors should be considered by the Principal Auditor in the
reliance on the work of other Auditor
UEW/IEDE 167
GOING CONCERN EVALUATIONS
AUDITING AND
UNIT 3 SECTION
INVESTIGATION
5
Unit 3, section 5: Going concern evaluations
After reading through the section, the learner should be able to:
identify factors that show that a business is facing going-concern
difficulty
describe the audit evidence to be gathered in relation to going-concern
status of a business
describe the auditing procedures required in assessing going concern
disclosures in financial statements
168 UEW/IEDE
AUDITING AND
Unit 3, section 5: Going concern evaluations INVESTIGATION
UEW/IEDE 169
AUDITING AND
INVESTIGATION Unit 3, section 5: Going concern evaluations
The auditor shall remain alert throughout the audit for audit evidence of
events or conditions that may cast significant doubt on the entity’s ability to
continue as a going concern.
170 UEW/IEDE
AUDITING AND
Unit 3, section 5: Going concern evaluations INVESTIGATION
A material uncertainty exists when the magnitude of its potential impact and
likelihood of occurrence is such that, in the auditor’s judgment, appropriate
disclosure of the nature and implications of the uncertainty is necessary for:
In the case of a fair presentation financial reporting framework, the fair
presentation of the financial statements, or
In the case of a compliance framework, the financial statements not to
be misleading.
UEW/IEDE 171
AUDITING AND
INVESTIGATION Unit 3, section 5: Going concern evaluations
172 UEW/IEDE
AUDITING AND
Unit 3, section 5: Going concern evaluations INVESTIGATION
relating to the going concern assessment, the auditor shall perform those
additional audit procedures necessary, as well as consider the effect on the
auditor’s conclusion regarding the existence of a material uncertainty,
Financial
Net liability or net current liability position.
Fixed-term borrowings approaching maturity without realistic prospects
of renewal or repayment; or excessive reliance on short-term borrowings
to finance long-term assets.
Indications of withdrawal of financial support by creditors.
Negative operating cash flows indicated by historical or prospective
financial statements.
Adverse key financial ratios.
Substantial operating losses or significant deterioration in the value of
assets used to generate cash flows.
Arrears or discontinuance of dividends.
Inability to pay creditors on due dates.
Inability to comply with the terms of loan agreements.
Change from credit to cash-on-delivery transactions with suppliers.
Inability to obtain financing for essential new product development or
other essential investments.
Operating
Management intentions to liquidate the entity or to cease operations.
Loss of key management without replacement.
Loss of a major market, key customer(s), franchise, license, or principal
supplier(s).
Labour difficulties.
Shortages of important supplies.
Emergence of a highly successful competitor.
Other
Non-compliance with capital or other statutory requirements.
Pending legal or regulatory proceedings against the entity that may, if
successful, result in claims that the entity is unlikely to be able to satisfy.
Changes in law or regulation or government policy expected to
adversely affect the entity.
UEW/IEDE 173
AUDITING AND
INVESTIGATION Unit 3, section 5: Going concern evaluations
Review Questions
What is meant by the statement “These accounts have been prepared on
a going concern basis”?
What procedures should auditors carry out in order to obtain an
assurance that a company is a going concern? (You may assume auditors
have no initial reasons to doubt the company’s ability to continue as a
going concern)
174 UEW/IEDE
AUDITING
AUDITING AND
AND
Unit 3, section
This page
5: Going
is left concern
blank forevaluations
your notes INVESTIGATION
INVESTIGATION
UEW/IEDE 175
AUDIT REPORTING TO MEMBERS – UNMODIFIED AUDIT
AUDITING AND
UNIT 3 SECTION
INVESTIGATION
6
Unit 3, section
REPORT 6: Audit reporting to members – Unmodified audit report
After reading through the chapter, the learner should be able to:
describe the purpose, significance and content of audit report
describe the forms of opinions an auditor can express on a financial
statement
The auditor should evaluate the conclusions drawn from the audit evidence
obtained as the basis for forming an opinion on the financial statements.
176 UEW/IEDE
AUDITING AND
Unit 3, section 6: Audit reporting to members – Unmodified audit report INVESTIGATION
The accounting policies selected and applied are consistent with the
financial reporting framework and are appropriate in the circumstances;
Auditor’s Report
The auditor’s report should be in writing. A written report encompasses
both reports issued in hard copy format and those using an electronic
medium.
UEW/IEDE 177
AUDITING AND
INVESTIGATION Unit 3, section 6: Audit reporting to members – Unmodified audit report
The directors are responsible for the preparation of financial statements that
give a true and fair view in accordance with International Financial
Reporting Standards and with the requirements of the Companies Act, 1963
(Act 179) and for such internal control, as the directors determine is
necessary to enable the preparation of financial statements that are free from
material misstatements whether due to fraud and error.
Auditor’s responsibility
Opinion
In our opinion, the accompanying financial statements give a true and fair
view of the financial position of Meridian Port Services Limited as at 31
December 2013 and of its financial performance and its cash flows for the
178 UEW/IEDE
AUDITING AND
Unit 3, section 6: Audit reporting to members – Unmodified audit report INVESTIGATION
The Companies Act, 1963 (Act 179) requires that in carrying out our audit
we consider and report on the following matters. We confirm that:
we have obtained all the information and explanations which to the best of
our knowledge and belief were necessary for the purposes of our audit;
in our opinion proper books of account have been kept by the Company, so
far as appears from our examination of those books; and
the Company’s balance sheet (statement of financial position) and profit and
loss account ( part of statement of comprehensive income) are in agreement
with the books
Intelligent Auditors
XXXX April 2014
Unmodified Opinion
This is also referred to as an unqualified opinion. In this form of opinion,
that auditor reports that the financial statements give a true and fair view.
The essential thing is there is nothing that has come to the auditor’s
attention which suggests that the accounts are materially misstated
Modified Opinion
This is simply any other opinion other than an unmodified opinion. It
comprises qualified opinion, adverse opinion and disclaimer of opinion.
Uniformity in the form and content of each type of modified report will
further the user’s understanding of such reports. Accordingly, this chapter
includes suggested wording of modifying phrases for use when issuing
modified reports.
UEW/IEDE 179
AUDITING AND
INVESTIGATION Unit 3, section 6: Audit reporting to members – Unmodified audit report
The principles relating to the circumstances when the auditor’s report needs
to be modified are, however, also applicable to reports on other
engagements related to the audit of historical financial information, such as
general purpose financial statements for entities of a different nature (for
example, a not-for-profit organization
180 UEW/IEDE
AUDITING AND
Unit 3, section 6: Audit reporting to members – Unmodified audit report INVESTIGATION
UEW/IEDE 181
AUDITING AND
INVESTIGATION Unit 3, section 6: Audit reporting to members – Unmodified audit report
When there is a limitation on the scope of the auditor’s work that requires
expression of a qualified opinion or a disclaimer of opinion, the auditor’s
report should describe the limitation and indicate the possible adjustments to
the financial statements that might have been determined to be necessary
had the limitation not existed.
182 UEW/IEDE
AUDITING AND
Unit 3, section 6: Audit reporting to members – Unmodified audit report INVESTIGATION
auditors for the company. Owing to the nature of the Company’s records,
we were unable to satisfy ourselves as to inventory quantities by other audit
procedures.
Opinion
In our opinion, except for the effects of such adjustments, if any, as might
have been determined to be necessary had we been able to satisfy ourselves
as to physical inventory quantities, the financial statements give a true and
fair view of (or present fairly, in all material respects,) the financial position
of ABC Company as of December 31, 20X1, and of its financial
performance and its cash flows for the year then ended in accordance with
International Financial Reporting Standards.
Limitation on Scope
Disclaimer of Opinion
Report on the Financial Statement
(Omit the sentence stating the responsibility of the auditor.)
(The paragraph discussing the scope of the audit would either be omitted or
amended according to the circumstances.)
UEW/IEDE 183
AUDITING AND
INVESTIGATION Unit 3, section 6: Audit reporting to members – Unmodified audit report
Basis of Opinion
As discussed in Note X to the financial statements, no depreciation has been
provided in the financial statements which practice, in our opinion, is not in
accordance with International Financial Reporting Standards. The provision
for the year ended December 31, 20X1, should be xxx based on the straight-
line method of depreciation using annual rates of 5% for the building and
20% for the equipment.
Accordingly, the fixed assets should be reduced by accumulated
depreciation of xxx and the loss for the year and accumulated deficit should
be increased by xxx and xxx, respectively.
Opinion
In our opinion, except for the effect on the financial statements of the matter
referred to in the preceding paragraph, the financial statements give a true
and fair view of (or present fairly, in all material respects,) the financial
position of ABC Company as of December 31, 20X1, and of its financial
performance and its cash flows for the year then ended in accordance with
International Financial Reporting Standards.
Opinion
In our opinion, except for the omission of the information included in the
preceding paragraph, the financial statements give a true and fair view of (or
present fairly, in all material respects,) the financial position of ABC
Company as of December 31, 20X1, and of its financial performance and its
cash flows for the year then ended in accordance with International
Financial Reporting Standards.
Opinion
In our opinion, because of the effects of the matters discussed in the
preceding paragraph(s), the financial statements do not give a true and fair
184 UEW/IEDE
AUDITING AND
Unit 3, section 6: Audit reporting to members – Unmodified audit report INVESTIGATION
view of (or do not present fairly, in all material respects,) the financial
position of ABC Company as of December 20, 19X1, and of its financial
performance and its cash flows for the year then ended in accordance with
International Financial Reporting Standards.
Guidance
Pervasive – A term used, in the context of misstatements, to describe the
effects on the financial statements of misstatements or the possible effects
on the financial statements of misstatements, if any, that are undetected due
to an inability to obtain sufficient appropriate audit evidence. Pervasive
effects on the financial statements are those that in the auditor’s judgment:
Are not confined to specific elements, accounts or items of the financial
statements;
If so confined, represent or could represent a substantial proportion of
the financial statements; or
In relation to disclosures, are fundamental to users’ understanding of the
financial statements.
UEW/IEDE 185
AUDITING AND
INVESTIGATION Unit 3, section 6: Audit reporting to members – Unmodified audit report
Review Questions
Under what circumstances will an audit report be modified
What is meant by material but not pervasive
State the elements in a typical audit report
186 UEW/IEDE
AUDITING IN A COMPUTERISED ENVIRONMENT
XXXXXXX 4
UNIT Unit X, section X: XXXXXXX
At the end of this session students will be able to understand the basic
principles of auditing in a computer in an Electronic Data Processing
Environment
188 UEW/IEDE
AUDITING AND
This page is left blank for your notes INVESTIGATION
UEW/IEDE 189
AUDITING IN AN EDP ENVIRONMENT
UNIT 4AND
AUDITING SECTION
INVESTIGATION
1
This section explains the Electronic Data Processing (EDP) environment
and how the Information Technology keeps changing and through
innovation and creativity, the world is realizing results in the use of IT. The
impact of this evolution on auditing cannot be under-estimated. Keep
reading to learn more about the changes in audit processes in such
environments of higher technological advancements.
The aim of this lesson is to understand what auditors should ordinarily know
about the information technology and how they can carry out audits
smoothly applying the relevant auditing standards.
EDP Environment
Electronic Data Processing system brings to mind a system where the use of
Information Technology (IT) is encouraged and adopted. Television, Mobile
phones, computers (desk top, lap tops, notebooks, and tablets), are all
physical evidence of technological changes. We also have logical evidence
with electronic data transfers, software, computer programmes, interchange,
internet and many others.
190 UEW/IEDE
AUDITING AND
Unit 4, section 1: Auditing in an EDP environment INVESTIGATION
also uses computer assisted audit techniques (CAATs). With the advent of
embedded audit facilities there is an increase in the use of this approach.
The overall objectives and scope of an audit do not change when an audit is
conducted in a computer information systems (CIS) environment. The
application of auditing procedures may, however, require the auditor to
consider techniques known as Computer Assisted Audit Techniques
(CAATs) that use the computer as an audit tool for enhancing the
effectiveness and efficiency of audit procedures.
CAATs are computer programs and data that the auditor uses as part of the
audit procedures to process data of audit significance, contained in an
entity’s information systems. The purpose of this Guidance Note is to
provide guidance in the use of CAATs. This Guidance Note describes
computer assisted audit techniques including computer tools, collectively
referred to as CAATs. This Guidance Note applies to all uses of CAATs
when a computer of any type or size is involved whether that computer is
operated by the entity or by a third party.
Review Questions
Explain Electronic Data Processing environment
Describe the approaches to auditing in an EDP Environment
UEW/IEDE 191
INTERNAL CONTROLS IN AN EDP ENVIRONMENT
AUDITING AND
UNIT 4 SECTION
INVESTIGATION
2
Unit 4, section 2: Internal controls in an EDP environment
At the end of this session students should be able to understand and the
whole system of controls in an EDP Environment.
General Controls
This cover the environment within which applications are developed,
maintained and operated. Examples include, controls over system
development such as proper authorization and documentation; prevention of
unauthorized changes to programs; job scheduling; physical protection of
files; segregation of duties; back-up facilities; internal audit environment;
insurance cover.
These are policies and procedures that relate to many applications and
support the effective functioning of application controls. They apply to
mainframe, mini-frame and end-user environments. General IT controls that
maintain the integrity of information and security of data commonly include
controls over the following:
data centre and network operations
system software acquisition, change and maintenance
program change
access security
application system acquisition, development, and maintenance (ISA 315
(Redrafted))
192 UEW/IEDE
AUDITING AND
Unit 4, section 2: Internal controls in an EDP environment INVESTIGATION
Administrative controls
Controls over ‘data centre and network operations’ and ‘access security’
include those that:
prevent or detect errors during program execution, e.g. procedure
manuals, job scheduling, training and supervision; all these prevent
errors such as using wrong data files or wrong versions of production
programs
prevent unauthorised amendments to data files, e.g. authorisation of jobs
prior to processing, back up and physical protection of files and access
controls such as passwords
Ensure the continuity of operations, e.g. testing of back - up procedures,
protection against fire and floods.
Application Controls
This covers the transactions and standing data used by each application. The
data here relates to computer-based application system and controls are
specific to each application. The objectives of application controls which
may be manual or programmed, are to ensure the completeness and
accuracy of records and the validity of the entries made therein. Examples
of application controls include data input validation, agreement of batch
totals, reconciliations, identification of omissions and missing data or
UEW/IEDE 193
AUDITING AND
INVESTIGATION Unit 4, section 2: Internal controls in an EDP environment
Input controls
These ensure that every transaction to be processed is received, processed
and recorded accurately and completely. These controls should ensure that
only valid and authorized information is entered and that transactions are
only processed once (duplication problems). Auditors therefore consider
input authorization; one-for-one checking of output to source documents;
sequence and digit checking, matching of input to master file data;
procedures covering re-submissions; reasonable checks; batch integrity;
batch controls and balancing; error reporting and handling.
The most common example of programmed controls over the accuracy and
completeness of input are edit (data validation) checks when the software
checks that data fields included on transactions by performing:
reasonableness check, e.g. net wage to gross wage
existence check, e.g. that a supplier account exists
character check, e.g. that there are no alphabetical characters in a sales
invoice number field
range check, e.g. no employee’s weekly wage is more than $2,000
Check digit, e.g. an extra character added to the account reference field
on a purchase invoice to detect mistakes such as transposition errors
during input.
194 UEW/IEDE
AUDITING AND
Unit 4, section 2: Internal controls in an EDP environment INVESTIGATION
When data is input via a keyboard, the software will often display a screen
message if any of the above checks reveal an anomaly, e.g. ‘Supplier
account number does not exist’.
Processing Controls
Processing procedures and controls ensure the reliability of application
program processing. The auditor needs to understand the procedures and
controls that are exercised over processing to evaluate what exposures are
covered by these controls and what exposures remain. Under this, auditors
consider batch reconciliation; summary processing; transaction files (checks
for correct files used for processing); review of output reports; manual
recalculations; editing; limit checks on calculated amounts; system control
parameters (where entries in these files would alter controls); standing data (
include data such as names and address of stakeholders which does not
frequently change).
Output Controls
These controls provide assurance that the data delivered to users will be
presented, formatted and delivered in a consistent and secure manner. These
controls include logging and information security; computer generation of
negotiable instruments, signatures and forms; balancing and output error
handling; report distribution; verification of receipt of reports; control totals,
one-for-one checking of amendments; record counts; maintenance of back-
ups, etc.
UEW/IEDE 195
AUDITING AND
INVESTIGATION Unit 4, section 2: Internal controls in an EDP environment
The purpose of master file controls is to ensure the ongoing integrity of the
standing data contained in the master files. It is vitally important that
stringent ‘security’ controls should be exercised over all master files.
These include:
Appropriate use of passwords, to restrict access to master file data
The establishment of adequate procedures over the amendment of data,
comprising appropriate segregation of duties, and authority to amend
being restricted to appropriate responsible individuals
Regular checking of master file data to authorised data, by independent
responsible official processing controls over the updating of master files,
including the use of record counts and control totals.
Review Questions
Explain general controls and application controls
196 UEW/IEDE
AUDITING
AUDITING AND
AND
Unit 4, section 2: Internal
This controls
page is left
in an
blank
EDPfor
environment
your notes INVESTIGATION
INVESTIGATION
UEW/IEDE 197
COMPUTER-ASSISTED AUDIT TECHNIQUES (CAATS)
AUDITING AND
UNIT 4 SECTION
INVESTIGATION
3
Unit 4, section 3: Computer-assisted audit techniques (CAATS)
Dear The third section of the third unit focuses on the IT auditing techniques
applied in gathering evidence, determining the computer programmes to use
in the audit and the effect of each technique used on both the client and the
auditor. The IT jargons should not scare you because each technical term
has been explained in the section.
Test Data — data used by the auditor for computer processing to test the
operation of the enterprise’s computer programs. There are other more
complex techniques.
Audit Software
Audit software may be used during many audit testing procedures. Its use is
particularly appropriate during substantive testing of transactions and
balances, as it can scrutinize large, volumes of data and extract information,
leaving skilled manual resources to concentrate upon the investigation of the
results.
198 UEW/IEDE
AUDITING AND
Unit 4, section 3: Computer-assisted audit techniques (CAATS) INVESTIGATION
The following are examples of how software could be applied to the audit of
wages:
Select a random sample of employees from the payroll master file; the
auditor could then trace the sample back to contracts of employment in
the HR department to confirm existence
Report all employees earning more than $1,000 per week
Compare the wages master file at the start and end of the year to identify
starters and leavers during the year; the auditor would then trace the
items identified back to evidence, such as starters’ and leavers’ forms (in
the HR department) to ensure they were valid employees and had been
added or deleted from the payroll at the appropriate time (the auditor
would need to request that the client retain a copy of the master file at
the start of the year to perform this test)
Check that the total of gross wages minus deductions equates to net pay.
UEW/IEDE 199
AUDITING AND
INVESTIGATION Unit 4, section 3: Computer-assisted audit techniques (CAATS)
Utility programs - These are used by the entity to perform common data
processing functions such as sorting and printing files. For example, when
using a terminal, it is necessary to use existing enquiry programs to refer to
data held on files, or to obtain a print-out of a file. In many cases, however,
the client’s own programs will not provide all the facilities needed by the
auditor. It is likely that the team responsible for writing the enquiry
programs produced the rest of the system and there is therefore a danger that
the same defects apply to all such programs in the system.
200 UEW/IEDE
AUDITING AND
Unit 4, section 3: Computer-assisted audit techniques (CAATS) INVESTIGATION
able to justify the costs of using the program to the benefit in audit terms of
its use.
Version of files used in the test: The audit software only tests the old files
or irrelevant files for testing purpose. It is however preferable to use the
software on the actual files of the client. The permission of the client is
needed and the software must be carefully tested prior to its use on ‘live’
data. An alternative approach is to run the programs against copies of the
data file. To be valid there must be adequate general controls to ensure that
the client uses the same files. Provided this is so, the use of copy files
enables the auditor to be more flexible in deciding when to test and to retain
the copy files for further testing.
Test Data
This refers to data that are used to test a computer program. Depending on
the purpose of the test, the data may be production data (files) or data
created by either information system (IS) or the customer (User). Audit test
data consists of data submitted by the auditor for processing by the client’s
computer-based accounting system. It may be processed during a normal
production run (running test data ‘live’) or during a special run at a point in
time outside the normal cycle (running the test data ‘dead’).
Test data could be held in the form of a batch of documents put through the
system to test both manual and computer controls. It is more often meant to
refer to data recorded on magnetic tape or disk used to test programmed
controls. Its primary use is in the testing of application controls. This is
useful to the external auditor, the programmers, analysts and internal
auditors as part of systems development and monitoring procedures.
Sometimes, there may be scope for co-operation between internal and
external auditors in creating such test data.
Approach and Use of test data - There are three major approaches to the
use of test data.
UEW/IEDE 201
AUDITING AND
INVESTIGATION Unit 4, section 3: Computer-assisted audit techniques (CAATS)
Dummy Data in a Special Run: In this method the auditor creates special
data and uses it against copies of the client’s data files. The dangers
associated with ‘live’ testing are therefore largely eliminated although the
interaction of one file with another must still be carefully considered.
It is still essential to obtain the client’s permission and this reduces the
independence the test. If special test runs are used, an artificial testing
environment is created. It is also necessary to obtain assurance that the
program being used in the test run is identical to that used by the client for
production runs and not a special program kept aside for the auditor’s use.
Recording: The use of test data does not necessarily provide visible
evidence of the audit work
Other techniques
There are increasing numbers of other techniques that can be used; the main
two are:
Integrated test facility – used when test data is run live; involves the
establishment of dummy records, such as departments or customer
202 UEW/IEDE
AUDITING AND
Unit 4, section 3: Computer-assisted audit techniques (CAATS) INVESTIGATION
accounts to which the dummy data can be processed. They can then be
ignored when client records are printed out, and reversed out later.
UEW/IEDE 203
IMPACT OF INFORMATION TECHNOLOGY ON AUDITING
AUDITING AND
UNIT 4 SECTION
INVESTIGATION
4
Unit 4, section 4: Impact of information technology on auditing
At the end of this session students should be able to appreciate the impact of
information technology is having on auditing
Planning
The Appendix to ISA 300 (Redrafted) states ‘the effect of information
technology on the audit procedures, including the availability of data and
the expected use of computer - assisted audit techniques’ as one of the
characteristics of the audit that needs to be considered in developing the
overall audit strategy.
Risk assessment
'The auditor shall obtain an understanding of the internal control relevant to
the audit.’ (ISA 315 (Redrafted).The application notes to ISA 315 identify
the information system as one of the five components of internal control. It
requires the auditor to obtain an understanding of the information system,
including the procedures within both IT and manual systems. In other
words, if the auditor relies on internal control in assessing risk at an
assertion level, s/he needs to understand and test the controls, whether they
204 UEW/IEDE
AUDITING AND
Unit 4, section 4: Impact of information technology on auditing INVESTIGATION
For instance, when answering the ICE question, ‘Can liabilities be incurred
but not recorded?’, the auditor needs to consider manual controls, such as
matching goods received notes to purchase invoices – but will also consider
application controls, such as programmed sequence checks on purchase
invoices. The operation of batch control totals, whether programmed or
performed manually, would also be relevant to this question.
Testing
‘The auditor shall design and perform further audit procedures whose
nature, timing and extent are based on and are responsive to the assessed
risks of material misstatement at the assertion level.’ (ISA 330 (Redrafted)).
This statement holds true irrespective of the accounting system, and the
auditor will design compliance and substantive tests that reflect the
strengths and weaknesses of the system. When testing a computer
information system, the auditor is likely to use a mix of manual and
computer-assisted audit tests.
There may not also be any proper records for e-commerce transactions, and
electronic records may be more easily destroyed or altered than paper
records without leaving evidence of such destruction or alteration. The
auditor considers whether the entity's security of information policies, and
security controls as implemented are adequate to prevent unauthorized
changes to the accounting system or records, or to systems that provide data
to the accounting system.
UEW/IEDE 205
AUDITING AND
INVESTIGATION Unit 4, section 4: Impact of information technology on auditing
The auditor may test automated controls, such as record integrity checks,
electronic date stamps, digital signatures, and version controls when
considering the integrity of electronic evidence. Depending on the auditor's
assessment of these controls, the auditor may also consider the need to
perform additional procedures such as confirming transaction details or
account balances with third parties.
Some firms fail to put enough into the upfront costs. They have to make
sure the whole firm understands what technology can do, and make sure the
skill sets to apply that technology across many different engagements is
adequate. Auditors must now be skilled in extracting client data, or
facilitating the extraction of the data through the client.
Review Questions
Outline the challenges in using computer based systems in auditing
206 UEW/IEDE
AUDITING
AUDITING AND
AND
Unit 4, section 4: Impact ofThis
information
page is left
technology
blank foron
your
auditing
notes INVESTIGATION
INVESTIGATION
UEW/IEDE 207
FRAUD IN COMPUTER AUDIT
AUDITING AND
UNIT 4 SECTION
INVESTIGATION
5
Unit 4, section 5: Fraud in computer audit
At the end of this session, students should be able to understand the various
types of computer fraud
208 UEW/IEDE
AUDITING AND
Unit 4, section 5: Fraud in computer audit INVESTIGATION
This ‘crime of the century’ took place during the ‘sixties and ‘seventies at
Equity Funding, the USA financial services and life assurance group.
Although the conception of the fraud required no computer, other than to
provide immensity of scale, it was the first widely publicised case of
computer crime which demonstrated the manipulative possibilities of
electronic data processing when it comes under the untrammelled control of
the criminal mind, while also subject to totally ineffective audit.
The fraud involved massive collusion among senior employees, but should
have been detected by the application of round through the computer audit
procedures. Phony life insurance policies were imbibed into the computer
programme and coded 99 so as to suppress unwanted print-outs. This was an
example of computer related data diddling, since all policies were recorded
on the computer and the reinsurers relied on computer produced print-outs
which had been altered fraudulently.
UEW/IEDE 209
AUDITING AND
INVESTIGATION Unit 4, section 5: Fraud in computer audit
Audit confirmations should always include direct contact with the other
auditors on matters such as inter-company balances, and should require
the submission and exchange of complete copies of all the book entries
in the respective accounts during the period under review.
A credit department supervisor was able to alter the age of overdue account
balances so as to avoid their being printed out and thus adversely affecting
his performance evaluation.
Fraudulent payments to:
Creditors
Employees,
Others, typically pension and insurance claims.
210 UEW/IEDE
AUDITING AND
Unit 4, section 5: Fraud in computer audit INVESTIGATION
Review Questions
State and explain the various types of computer fraud
UEW/IEDE 211
Unit 4, section
EFFECTS 6: Effects of electronic commerce
OF ELECTRONIC on the audit
COMMERCE ON THEof financial
AUDIT
AUDITING AND
UNIT 4 SECTION
INVESTIGATION
6
statements
OF FINANCIAL STATEMENTS
At the end of the chapter, you should be able to describe the effect of
electronic commerce on the audit of financial statements.
212 UEW/IEDE
Unit 4, section 6: Effects of electronic commerce on the audit of financial AUDITING AND
statements INVESTIGATION
(IT) and Internet business knowledge may be required. The risks involved in
the entity's use of e- commerce and the entity's approach to managing those
risks, particularly the adequacy of the internal control system, including the
security infrastructure and related controls, as it affects the financial
reporting process need to be understood.
The auditor will have to determine the nature, timing and extent of audit
procedures and evaluate audit evidence considering the effect of the entity's
dependence on e-commerce activities on its ability to continue as a going
concern. In some circumstances, the auditor may decide to use the work of
an expert, for example if the auditor considers it appropriate to test controls
by attempting to break through the security layers of the entity's system.
UEW/IEDE 213
AUDITING AND Unit 4, section 6: Effects of electronic commerce on the audit of financial
INVESTIGATION statements
The Internet lacks the clear, fixed geographic lines of transit that
traditionally have characterized the physical trade of many goods and
services. In many cases, particularly where goods or services can be
delivered via the Internet, e-commerce has been able to reduce or eliminate
many of the limitations imposed by time and distance.
214 UEW/IEDE
Unit 4, section 6: Effects of electronic commerce on the audit of financial AUDITING AND
statements INVESTIGATION
UEW/IEDE 215
AUDITING AND Unit 4, section 6: Effects of electronic commerce on the audit of financial
INVESTIGATION statements
When the entity uses a service organization, certain policies, procedures and
records maintained by the service organization may be relevant to the audit
of the entity's financial statements. The auditor considers the outsourcing
arrangements used by the entity to identify how the entity responds to risks
arising from the outsourced activities.
Risk Identification
Management faces many business risks relating to the entity's e-commerce
activities, including:
Loss of transaction integrity, the effects of which may be compounded
by the lack of an adequate audit trail in either paper or electronic form;
Pervasive e-commerce security risks, including virus attacks and the
potential for the entity to suffer fraud by customers, employees and
others through unauthorized access;
Improper accounting policies related to, for example, capitalization of
expenditures such as website development costs, misunderstanding of
complex contractual arrangements, title transfer risks, translation of
foreign currencies, allowances for warranties or returns, and revenue
recognition issues such as:
Whether the entity is acting as principal or agent and whether gross
sales or commission only are to be recognized;
If other entities are given advertising space on the entity's web site,
how revenues are determined and settled (for example, by the use of
barter transactions);
The treatment of volume discounts and introductory offers (for example,
free goods worth a certain amount); and
Cut off (for example, whether sales are only recognized when goods and
services have been supplied);
Noncompliance with taxation and other legal and regulatory
requirements, particularly when Internet e-commerce transactions are
conducted across international boundaries;
Failure to ensure that contracts evidenced only by electronic means are
binding;
Over reliance on e-commerce when placing significant business systems
or other business transactions on the Internet; and
Systems and infrastructure failures or 'crashes'.
216 UEW/IEDE
Unit 4, section 6: Effects of electronic commerce on the audit of financial AUDITING AND
statements INVESTIGATION
The auditor uses the knowledge of the business obtained to identify those
events, transactions and practices related to business risks arising from the
entity's e-commerce activities that, in the auditor's judgment, may result in a
material misstatement of the financial statements or have a significant effect
on the auditor's procedures or the auditor's report.
These may all be in different jurisdictions. This may give rise to a risk that
taxes due on cross-jurisdictional transactions are not appropriately
recognized.
UEW/IEDE 217
AUDITING AND Unit 4, section 6: Effects of electronic commerce on the audit of financial
INVESTIGATION statements
noncompliance by the entity with laws and regulations may materially affect
the financial statements. ISA 250 also requires that, in order to plan the
audit, the auditor should obtain a general understanding of the legal and
regulatory framework applicable to the entity and the industry and how the
entity is complying with that framework. That framework may, in the
particular circumstances of the entity, include certain legal and regulatory
issues related to its e-commerce activities.
While ISA 250 recognizes that an audit cannot be expected to detect non-
compliance with all laws and regulations, the auditor is specifically required
to perform procedures to help identify instances of noncompliance with
those laws and regulations where noncompliance should be considered
when preparing financial statements. When a legal or regulatory issue arises
that, in the auditor's judgment, may result in a material misstatement of the
financial statements or have a significant effect on the auditor's procedures
or the auditor's report, the auditor considers management's response to the
issue. In some cases, the advice of a lawyer with particular expertise in e-
commerce issues may be necessary when considering legal and regulatory
issues arising from an entity's e-commerce activity.
Security
The entity's security infrastructure and related controls are a particularly
important feature of its internal control system when external parties are
able to access the entity's information system using a public network such as
the Internet. Information is secure to the extent that the requirements for its
authorization, authenticity, confidentiality, integrity, non-repudiation and
availability have been satisfied.
218 UEW/IEDE
Unit 4, section 6: Effects of electronic commerce on the audit of financial AUDITING AND
statements INVESTIGATION
The entity will ordinarily address security risks related to the recording and
processing of e-commerce transactions through its security infrastructure
and related controls. The security infrastructure and related controls may
include an information security policy, an information security risk
assessment, and standards, measures, practices, and procedures within
which individual systems are introduced and maintained, including both
physical measures and logical and other technical safeguards such as user
identifiers, passwords and firewalls. To the extent they are relevant to the
financial statement assertions the auditor considers such matters as:
The effective use of firewalls and virus protection software to protect its
systems from the introduction of unauthorized or harmful software, data
or other material in electronic form;
The effective use of encryption, including both:
Maintaining the privacy and security of transmissions through, for
example, authorization of decryption keys; and
Preventing the misuse of encryption technology through, for example,
controlling and safeguarding private decryption keys;
Controls over the development and implementation of systems used to
support e- commerce activities;
Whether security controls in place continue to be effective as new
technologies that can be used to attack Internet security become
available; and
Whether the control environment supports the control procedures
implemented. For example, while some control procedures, such as
digital certificate-based encryption systems, can be technically
advanced, they may not be effective if they operate within an inadequate
control environment.
Transaction Integrity
The auditor considers the completeness, accuracy, timeliness and
authorization of information provided for recording and processing in the
entity's financial records (transaction integrity). The nature and the level of
sophistication of an entity's e-commerce activities influence the nature and
extent of risks related to the recording and processing of e-commerce
transactions.
UEW/IEDE 219
AUDITING AND Unit 4, section 6: Effects of electronic commerce on the audit of financial
INVESTIGATION statements
Process Alignment
Process alignment refers to the way various IT systems are integrated with
one another and thus operate, in effect, as one system. In the e-commerce
environment, it is important that transactions generated from an entity's web
site are processed properly by the entity's internal systems, such as the
accounting system, customer relationship management systems and
inventory management systems (often known as 'back office' systems).
Many web sites are not automatically integrated with internal systems. The
way e-commerce transactions are captured and transferred to the entity's
accounting
system may affect such matters as:
The completeness and accuracy of transaction processing and
information storage;
The timing of the recognition of sales revenues, purchases and other
transactions;
Identification and recording of disputed transactions.
Review Questions
Discuss the effects of Electronic Commerce on the audit of financial
statements
220 UEW/IEDE
INTERNAL AUDITING
XXXXXXX 5
UNIT Unit X, section X: XXXXXXX
222 UEW/IEDE
AUDITING AND
This page is left blank for your notes INVESTIGATION
UEW/IEDE 223
PROFESSIONAL PRACTICE OF INTERNAL AUDITING
AUDITING AND
UNIT 5 SECTION
INVESTIGATION
1
Unit 5, section 1: Professional practice of internal auditing
Internal auditors are not responsible for the execution of company activities;
they advise management and the Board of Directors (or similar oversight
body) regarding how to better execute their responsibilities. As a result of
their broad scope of involvement, internal auditors may have a variety of
higher educational and professional backgrounds.
224 UEW/IEDE
AUDITING AND
Unit 5, section 1: Professional practice of internal auditing INVESTIGATION
UEW/IEDE 225
AUDITING AND
INVESTIGATION Unit 5, section 1: Professional practice of internal auditing
Chief Audit Executives are accountable for overall conformance with the
Standards. This responsibility is demonstrated through the quality assurance
and improvement program which assesses conformance with the Definition
of Internal Auditing, the Code of Ethics, and the Standards.
Standards
1130 – Impairment to Independence or Objectivity: If independence or
objectivity is impaired in fact or appearance, the details of the impairment
must be disclosed to appropriate parties. The nature of the disclosure will
depend upon the impairment.
226 UEW/IEDE
AUDITING AND
Unit 5, section 1: Professional practice of internal auditing INVESTIGATION
1210.A1 – The chief audit executive must obtain competent advice and
assistance if the internal auditors lack the knowledge, skills, or other
competencies needed to perform all or part of the engagement.
Performance Standards
2000 – Managing the Internal Audit Activity
The chief audit executive must effectively manage the internal audit activity
to ensure it adds value to the organization. The internal audit activity is
effectively managed when: The results of the internal audit activity’s work
achieve the purpose and responsibility included in the internal audit charter
UEW/IEDE 227
AUDITING AND
INVESTIGATION Unit 5, section 1: Professional practice of internal auditing
Standards. The internal audit activity adds value to the organization (and its
stakeholders) when it provides objective and relevant assurance, and
contributes to the effectiveness and efficiency of governance, risk
management, and control processes.
2100 – Nature of Work: The internal audit activity must evaluate and
contribute to the improvement of governance, risk management, and control
processes using a systematic and disciplined approach.
2110 – Governance: The internal audit activity must assess and make
appropriate recommendations for improving the governance process in its
accomplishment of the following objectives:
Promoting appropriate ethics and values within the organization;
Ensuring effective organizational performance management and
accountability;
Communicating risk and control information to appropriate areas of the
organization; and
Coordinating the activities of and communicating information among
the board, external and internal auditors, and management.
2110. A2 – The internal audit activity must assess whether the information
technology governance of the organization supports the organization’s
strategies and objectives.
2120 – Risk Management: The internal audit activity must evaluate the
effectiveness and contribute to the improvement of risk management
processes
The internal audit activity may gather the information to support this
assessment during multiple engagements. The results of these engagements,
when viewed together, provide an understanding of the organization’s risk
management processes and their effectiveness.
228 UEW/IEDE
AUDITING AND
Unit 5, section 1: Professional practice of internal auditing INVESTIGATION
UEW/IEDE 229
AUDITING AND
INVESTIGATION Unit 5, section 1: Professional practice of internal auditing
230 UEW/IEDE
AUDITING AND
Unit 5, section 1: Professional practice of internal auditing INVESTIGATION
2330. C1 – The chief audit executive must develop policies governing the
custody and retention of consulting engagement records, as well as their
release to internal and external parties. These policies must be consistent
with the organization’s guidelines and any pertinent regulatory or other
requirements.
UEW/IEDE 231
AUDITING AND
INVESTIGATION Unit 5, section 1: Professional practice of internal auditing
communication before issuance and for deciding to whom and how it will
be disseminated. When the chief audit executive delegates these duties, he
or she retains overall responsibility.
Accurate communications are free from errors and distortions and are
faithful to the underlying facts. Objective communications are fair,
impartial, and unbiased and are the result of a fair-minded and balanced
assessment of all relevant facts and circumstances. Clear communications
are easily understood and logical, avoiding unnecessary technical language
and providing all significant and relevant information. Concise
communications are to the point and avoid unnecessary elaboration,
superfluous detail, redundancy, and wordiness. Constructive
communications are helpful to the engagement client and the organization
and lead to improvements where needed. Complete communications lack
nothing that is essential to the target audience and include all significant and
relevant information and observations to support recommendations and
conclusions. Timely communications are opportune and expedient,
depending on the significance of the issue, allowing management to take
appropriate corrective action.
2500 – Monitoring Progress: The chief audit executive must establish and
maintain a system to monitor the disposition of results communicated to
management. He must establish a follow-up process to monitor and ensure
that management actions have been effectively implemented or that senior
management has accepted the risk of not taking action.
2500.C1 – The internal audit activity must monitor the disposition of results
of consulting engagements to the extent agreed upon with the client.
232 UEW/IEDE
AUDITING AND
Unit 5, section 1: Professional practice of internal auditing INVESTIGATION
the matter with senior management. If the chief audit executive determines
that the matter has not been resolved, the chief audit executive must
communicate the matter to the board.
Review questions
Explain the role of internal auditing.
Outline the purpose of international standards on the professional
practice of internal auditing
Explain what is meant by terms,
Attribute standards
Performance standards
UEW/IEDE 233
INTERNAL AUDITING AND RISK MANAGEMENT
AUDITING AND
UNIT 5 SECTION
INVESTIGATION
2
Unit 5, section 2: Internal auditing and risk management
The internal audit function may help the organization address its risk of
fraud through a fraud risk assessment. Risk management is a major part of
the internal audit function.
Background
The scope of internal auditing within an organization is broad and must
cover the organization's governance, risk management and internal controls.
Internal auditors are not responsible for ensuring risk management but must
facilitate in the process and must adopt risk-based audit approach in order to
add value and assist the organization achieve its objectives.
Management responsibility
The driving force for the enterprise is the CEO and board of directors. This
is where the key decisions are made regarding the strategy that will
234 UEW/IEDE
AUDITING AND
Unit 5, section 2: Internal auditing and risk management INVESTIGATION
transform the mission into firm results. The board has a key role in
overseeing the risk management process.
Managers are responsible for ensuring that their staff, systems, and budgets
are applied to delivering the set strategy. They do this by breaking down the
longer-term corporate strategy into more manageable shorter-term chunks
that are handed out to their workforce and associates. The workforce is in
effect the engine room of the organization. Empowering organizations allow
people to make decisions on the front line and flex their responses to the
needs of customers and clients. In terms of implementing solutions, the
responsibilities of senior management have been outlined in the banking
operational risk management framework.
Management are responsible for identifying risk and for the internal control
environment. Internal audit reviews the risk assessments and the internal
controls in place to ensure they are effective. When risk assessments are not
explicit or not documented, the internal auditor may work with management
to document them and make them explicit.
The role of the risk manager is not to manage risk but to ensure that
common procedures and practices are adopted throughout the organization,
that line managers have responsibility for identifying and managing risk in
their own areas and to provide a cohesive overview and reporting line to the
board.
UEW/IEDE 235
AUDITING AND
INVESTIGATION Unit 5, section 2: Internal auditing and risk management
The audit role then reflects the degree of risk maturity, and auditors may
need to swing into action to kick-start the process. Although there is much
flexibility in establishing an early audit role, it is important that this is part
of a negotiated position with the board and audit committee. As such, the
audit charter needs to set this role as a way of defining expectations.
The internal audit function may help the organization address its risk of
fraud via a fraud risk assessment, using principles of fraud deterrence.
Internal auditors may help companies establish and maintain Enterprise Risk
Management processes. Internal auditors also play an important role in
helping companies execute risk assessment or are typically part of the risk
assessment team in an advisory role.
236 UEW/IEDE
AUDITING AND
Unit 5, section 2: Internal auditing and risk management INVESTIGATION
Audit Charter
The audit charter is a brief document, but building on this platform, the
auditor should be able to provide a full range of important services
including:
Strategy
Internal audit functions may also develop functional strategies described in
multi-year strategic plans. Professional guidance on building an Internal
Audit strategic plan was issued by the Institute of Internal Auditors in July
2012 via a Practice Guide called Developing the Internal Audit Strategic
Plan. A key aspect of developing IA strategy is to understand the
expectations of stakeholders, such as the Audit Committee and top
management. This helps guide the IA function in its mission of helping the
organization address the risks it faces. Specific topics considered in IA
strategic planning include:
UEW/IEDE 237
AUDITING AND
INVESTIGATION Unit 5, section 2: Internal auditing and risk management
The audit universe will normally be influenced by the results of the risk
management process. The organisation’s strategic plan should have been
created considering the environment in which the organization operates.
These same environmental factors would likely impact the audit universe
and assessment factors would likely impact the audit universe and
assessment of relative risk.
Audit plans must be carefully thought through, and the impact of the risk
management process can be seen in the way standards are set covering the
way auditors should plan their work.
238 UEW/IEDE
AUDITING AND
Unit 5, section 2: Internal auditing and risk management INVESTIGATION
been identified and assessed. The preliminary survey will ask several key
questions:
How objectives are set, and are these objectives aligned to corporate
objectives?
What is the level of risk awareness among managers and staff, and have
staff expressed any concerns about the way risk is being dealt with?
Are those clearly defined roles and responsibilities and assigned risk
owners for each aspect of the business?
Audit Evidence
Evidence determines whether the information recorded about risks in each
part of the organization can be verified or at least supported by good
evidence. One risk management standard asks that the risk process be
reviewed and several general questions addressed and answered as a result
of this review:
What is the reliability of the information?
How confident are we that the list of risks is comprehensive?
Is there a need for additional research into specific risks?
Are the objectives and scope covered adequately?
Have the right people been involved in the risk identification process?
UEW/IEDE 239
AUDITING AND
INVESTIGATION Unit 5, section 2: Internal auditing and risk management
An audit report may have an executive summary; a body that includes the
specific issues or findings identified and related recommendations or action
plans; and appendix information such as detailed graphs and charts or
process information. Each audit finding within the body of the report may
contain five elements, sometimes called the "5 C's":
Condition: What is the particular problem identified?
Criteria: What is the standard that was not met? The standard may be a
company policy or other benchmark.
Cause: Why did the problem occur?
Consequence: What is the risk/negative outcome (or opportunity
foregone) because of the finding?
Corrective action: What should management do about the finding? What
have they agreed to do and by when?
240 UEW/IEDE
AUDITING AND
Unit 5, section 2: Internal auditing and risk management INVESTIGATION
Under the IIA standards, a critical component of the audit process is the
preparation of a balanced report that provides executives and the board with
the opportunity to evaluate and weigh the issues being reported in the proper
context and perspective. In providing perspective, analysis and workable
recommendations for business improvements in critical areas, auditors help
the organization meet its objectives.
One crucial aspect of auditing the risk management process is the role of
the risk register. This document becomes a focal point for the entire
audit process.
Internal auditing evolved to satisfy management needs, and the most
effective audit staffs keep management and organizational objectives at
the forefront of their own planning and activities.
Management are responsible for identifying risk and for the internal
control environment. Internal audit reviews the risk assessments and the
internal controls in place to ensure they are effective.
Review questions
Explain the role of internal auditing in risk management.
Describe the audit processes involved in risk management.
What your opinion, what is the responsibility of management towards
risk assessment and management.
UEW/IEDE 241
INTERNAL AUDITING & CORPORATE GOVERNANCE
AUDITING AND
UNIT 5 SECTION
INVESTIGATION
3
Unit 5, section 3: Internal auditing & corporate governance
In the U.S., these include Enron and MCI Inc. (formerly WorldCom). Their
demise is associated with the U.S. federal government passing the Sarbanes-
Oxley Act in 2002, intending to restore public confidence in corporate
governance. Comparable failures were recorded Australia are associated
with the eventual passage of the CLERP 9 reforms. Similar corporate
failures in other countries stimulated increased regulatory interest (e.g.,
Parmalat in Italy).
Corporate governance has also been more narrowly defined as "a system of
law and sound approaches by which corporations are directed and controlled
focusing on the internal and external corporate structures with the intention
of monitoring the actions of management and directors and thereby,
mitigating agency risks which may stem from the misdeeds of corporate
officers.
242 UEW/IEDE
AUDITING AND
Unit 5, section 3: Internal auditing & corporate governance INVESTIGATION
UEW/IEDE 243
AUDITING AND
INVESTIGATION Unit 5, section 3: Internal auditing & corporate governance
While internal auditors are not independent of the companies that employ
them, independence and objectivity are the cornerstone of their professional
standards. The required organizational independence from management
enables unrestricted evaluation of management activities and personnel and
allows internal auditors to perform their role effectively. Although internal
auditors are part of company management and paid by the company, the
primary customer of internal audit activity is the entity charged with
oversight of management's activities. This is typically the Audit Committee,
a sub-committee of the Board of Directors. Organizational independence is
effectively achieved when the chief audit executive reports functionally to
the board.
244 UEW/IEDE
AUDITING AND
Unit 5, section 3: Internal auditing & corporate governance INVESTIGATION
Family control
Family interests dominate ownership and control structures of some
companies, and it has been suggested that the oversight of family controlled
companies is superior to those "controlled" by institutional investors (or
with such diverse share ownership that they are controlled by management).
The significance of institutional investors varies substantially across
countries. The largest pools of invested money are designed to maximize the
benefits of diversified investment by investing in a very large number of
different companies with sufficient liquidity. A recent study by Credit
Suisse found that companies in which "founding families retain a stake of
more than 10% of the company's capital enjoyed a superior performance
over their respective sectorial peers." One of the biggest strategic
advantages a company can have is blood ties," according to a Business
Week study.
UEW/IEDE 245
AUDITING AND
INVESTIGATION Unit 5, section 3: Internal auditing & corporate governance
Internal controls
Internal controls monitor activities and then take corrective action to
accomplish organisational goals. These controls include:
246 UEW/IEDE
AUDITING AND
Unit 5, section 3: Internal auditing & corporate governance INVESTIGATION
Review questions
Describe the role of internal auditing in ensuring good corporate
governance
Identify the responsibilities of board of directors in achieving good
corporate governance.
How can stakeholders interests be satisfied?
UEW/IEDE 247
CONTROL SELF - ASSESSMENT
AUDITING AND
UNIT 5 SECTION
INVESTIGATION
4
Unit 5, section 4: Control self-assessment
By the end of this section, these students should become aware of:
knowing what control self-assessment is
types or approaches to effective CSA
purpose of conducting CSA in our offices.
ways of performing a CSA in our offices.
benefits of CSA
ways of maintaining the use of CSA
Background
CSA is a tool used in many institutions to assess their own controls and
risks, and also increase the ability to achieve their objectives.
IIA defines CSA as a process through which internal control
effectiveness is examined with the objective of providing reasonable
assurance that all objectives are met.
CSA comes from frameworks of good corporate governance such as
Committee of Sponsoring Organisations (COSO).
CSA is a highly interactive and collaborative tool that is designed to
focus on those areas and issues of most importance to the department.
This requires participation and commitment from top management
within the Departments and Faculties
Meaning of CSA
Auditing improves performance of every institution, but traditional audit
is not enough to detect fundamental institutional weaknesses because
Auditors do not “own” the process and do not make the absolute
assessments and evaluations.
Control Self-Assessment (CSA) is a management technique that allows
managers and work teams directly involved in departmental functions
and processes to participate or contribute in assessing the organisation’s
risk management and control processes.
CSA is a means of monitoring the strength of an organisation by
collecting information on the state of institutional controls. And
assessing the risks to achieve its objectives through recommendation for
change within the organisation.
Purpose of CSA
To emphasize management’s responsibilities for developing and
monitoring internal controls set to achieve set objectives.
CSA identify obstacles to departmental strength and opportunities and
helps agree appropriate actions to improve these deficiencies.
248 UEW/IEDE
AUDITING AND
Unit 5, section 4: Control self-assessment INVESTIGATION
Approaches of CSA
The most common approaches to CSA include:
Facilitated team meetings
CSA surveys
These are performed by staff whose day-to-day role is within the
functional area which is being controlled.
CSA becomes more impactful when staff have in-depth knowledge of
how the department’s processes operate. Staff within each Department
must have a wealth of information about internal controls and fraud.
Facilitated team meeting
Facilitated team meetings are the most popular form of CSA. The
facilitated sessions consist of six to 15 employees who are subject on a
day-to-day basis to the internal controls being evaluated. A trained
facilitator guides the meeting, and another individual records the
activity. Anonymity can be promoted by using “groupware” software.
CSA survey
The survey approach uses questionnaires to elicit data about controls, risks,
and processes. It differs from traditional internal control questionnaires used
by auditors because the operational employees (not the auditors) use the
survey results to self-evaluate the controls or processes.
Benefit of CSA
CSA has more advantages over other assessment tools because it is an
inclusive tool that sets an expectation of high performance and a high
level of knowledge about the work structure and policies.
It also creates clear lines for accountability for control, reducing the risk
of fraud and creating an organisation with lower risk profile.
The key advantage to implementing a CSA program includes early
detection of risks as well as weaknesses in the internal control system.
UEW/IEDE 249
AUDITING AND
INVESTIGATION Unit 5, section 4: Control self-assessment
Review questions
What is control self-assessment?
Identify the main purpose of control self-assessment in appraising the
performance of departmental staff.
Discuss some benefits of control self-assessment
250 UEW/IEDE
AUDITING
AUDITING AND
AND
Unit 5,
This
section
page4:
is Control
left blank
self-assessment
for your notes INVESTIGATION
INVESTIGATION
UEW/IEDE 251
QUALITY ASSURANCE AND IMPROVEMENT
AUDITING AND
UNIT 5 SECTION
INVESTIGATION
5
Unit 5, section 5: Quality assurance and improvement programme
PROGRAMME
Background
Internal auditing’s quality assurance and improvement program (QAIP) is
designed to provide reasonable assurance to the various stakeholders of the
internal audit activity that the activity:
Performs its work in accordance with its charter, which is consistent
with The Institute of Internal Auditors’ International Standards for the
Professional Practice of Internal Auditing (Standards) and Code of
Ethics.
Operates in an effective and efficient manner.
Is perceived by stakeholders as adding value and improving internal
auditing’s operations (PA 1310-1). To that end, internal auditing’s
QAIP:
Covers all aspects of the internal audit activity (1300). In this regard,
a list of the features to be considered for the QAIP, from PA 1300-1
Continually monitors the internal audit activity’s effectiveness
(1300)
Assures compliance with the Standards and Code of Ethics (1300)
Helps the internal audit activity add value and improve
organizational operations (1300)
Includes both periodic and ongoing internal assessments (1311)
Includes an external assessment at least once every five years, the
results of which are communicated to the board of directors through
the audit committee of the board of directors (1312, 1320)
The chief audit executive (CAE) is ultimately responsible for the QAIP,
which covers all types of internal audit activities, including consulting.
Internal Assessments
Ongoing Reviews – Ongoing assessments are conducted through:
Supervision of engagements
Regular, documented review of work papers during engagements by
appropriate internal audit staff
Audit policies and procedures used for each engagement to ensure
compliance with applicable planning, fieldwork, and reporting standards
252 UEW/IEDE
AUDITING AND
Unit 5, section 5: Quality assurance and improvement programme INVESTIGATION
External Assessments
General Considerations – External assessments should appraise and
express an opinion about internal auditing’s conformance with the
Standards and includes recommendations for improvement as appropriate.
UEW/IEDE 253
AUDITING AND
INVESTIGATION Unit 5, section 5: Quality assurance and improvement programme
Administrative Matters
This policy will be updated appropriately for changes in the Standards or
internal auditing’s operating environment.
254 UEW/IEDE
AUDITING AND
Unit 5, section 5: Quality assurance and improvement programme INVESTIGATION
Organization Name
Quality Assessment Process
Draft 9/25/20XX
Planning
Prepare project action plan.
Discuss scope, methodology, and time frame.
Discuss standards and other criteria for assessment.
Discuss need for comprehensive self-assessment.
Identify, agree on, and recruit quality assessment (QA) team member(s).
Review completed self-assessment documentation.
Schedule on-site QA dates.
Finalize engagement letter.
Discuss expense reimbursement documentation and related procedures.
Make travel arrangements.
UEW/IEDE 255
AUDITING AND
INVESTIGATION Unit 5, section 5: Quality assurance and improvement programme
Fieldwork
Meet with CAE and team member(s).
Set up QA work area.
Review timetable and interview appointments, entrance conference,
interviews, and exit conference.
Make assignments to team member(s).
Conduct entrance conference.
Review self-assessment documentation.
Obtain records not included in self-assessment documentation.
Begin interviews.
Document interviews.
Meet with CAE and request work papers for two or more audit projects
[preferably (a) projects completed within the most recent 12- to 18-
month period and (b) that reflect the work of various internal auditors/IA
workgroups].
Seek CAE input on noteworthy accomplishments.
Seek CAE input on opportunities for improvement.
Complete QA schedules.
Complete QA interviews.
Request additional information as appropriate.
Schedule additional interviews as appropriate.
Provide status updates to the CAE at least once each work day (e.g.,
noteworthy accomplishments, potential issue areas, questions).
Schedule exit conference date, time, place, and invitees (CAE; CEO;
board representative, if available; and others).
Develop draft issues and recommendations.
Request CAE input on draft issues and recommendations.
Finalize issues and recommendations.
Conduct exit conference.
Revise project action plan as appropriate.
256 UEW/IEDE
AUDITING AND
Unit 5, section 5: Quality assurance and improvement programme INVESTIGATION
Report Writing
Develop draft report.
Provide draft report to CAE for review and input, including CAE
response to QA recommendations, if any.
Incorporate CAE input as applicable.
Provide second draft of report to CAE for review and input.
Make courtesy contact with the CAE.
Solicit CAE input on QA process improvements.
Finalize and distribute final report.
Follow-Up
Make summary presentation to audit committee/board as appropriate.
Revise standard QA materials to reflect lessons learned, improved
methodologies, etc.
Make follow-up courtesy contact with the CAE.
Review questions
What are the activities is conducting both an internal and external
assessment program.
Outline the steps in the quality assessments process
Differentiate between a control self-assessment program and quality
assessments program.
UEW/IEDE 257
AUDIT COMMITTEE EFFECTIVENESS
AUDITING AND
UNIT 5 SECTION
INVESTIGATION
6
Unit 5, section 6: Audit committee effectiveness
Management has deep insight into the organization and its challenges, and
therefore is best positioned to recommend what information the audit
committee needs. Management also prioritizes the resources and training
that are essential to the committee effectively discharging its
responsibilities. Management should expect rigorous questioning from the
audit committee. If management doesn't provide clear responses or is overly
defensive, that should raise a red flag for the committee. Having active
communications with management outside the committee meetings allows
the Committee to have a good understanding of issues as they arise.
Questions the audit committee can use to initiate discussions with company
management about financial reporting. Many of these questions are drawn
from the 2010 Center for Audit Quality Report, Deterring and Detecting
258 UEW/IEDE
AUDITING AND
Unit 5, section 6: Audit committee effectiveness INVESTIGATION
It's also vital to have an environment that encourages open dialogue and
face-to- face discussions with management personnel from a wide cross
section of the business throughout the year. For instance, Audit committees
should regularly meet privately with the CFO. Private or executive sessions
are appropriate to discuss sensitive matters, such as the considerations
around the performance of the internal audit director and the external
auditors. These sessions can also be an opportunity for a committee to find
out if other developments or issues have surfaced that management believes
the committee should be asking about or spending more time discussing.
UEW/IEDE 259
AUDITING AND
INVESTIGATION Unit 5, section 6: Audit committee effectiveness
reference and its own effectiveness and recommend any necessary changes
to the board. The board should also review the audit committee’s
effectiveness annually.
The audit committee should report to the board on how it has discharged its
responsibilities, including:
The significant issues that it considered in relation to the financial
statements and how these issues were addressed;
Its assessment of the effectiveness of the external audit process and its
recommendation on the appointment or reappointment of the external
auditor; and
Any other issues on which the board has requested the committee’s
opinion.
Where there is disagreement between the audit committee and the board,
adequate time should be made available for discussion of the issue with a
view to resolving the disagreement. Where any such disagreements cannot
be resolved, the audit committee should have the right to report the issue to
the shareholders as part of the report on its activities in the annual report.
It is also desirable that at least one member of the committee must have
recent and relevant financial experience. What constitutes ‘relevant
experience’ may seem relative, but generally, it is interpreted to mean a
professional qualification from one of the accountancy bodies or a higher
academic qualification in accounting/finance, backed by relevant practical
experience.
Often, the ‘expert’ will be a retired finance director from another company
or a former partner of an accountancy firm. It is highly recommended that in
the interest of independence, the board should exclude its own former
finance directors and auditors.
Given the complexity of the issues usually faced by an audit committee, it’s
essential that its members receive proper induction and training.
260 UEW/IEDE
AUDITING AND
Unit 5, section 6: Audit committee effectiveness INVESTIGATION
In the United States, the 2002 Sarbanes-Oxley Act caused internal audit to
be allocate significant resources to support management in documenting and
testing internal control over financial reporting. Internal audit can perform a
wide variety of work, unfortunately, people in the company don't understand
UEW/IEDE 261
AUDITING AND
INVESTIGATION Unit 5, section 6: Audit committee effectiveness
Typically internal audit usually cover areas such as assessing the company's
key risks and how well they're mitigated; assessing IT security; and
conducting investigations. But it cannot be significantly involved in
implementing internal controls it may have to test at a later time.
Examples of the work internal auditors can do, on a spectrum from basic
compliance to consulting, as well as the implications of such work.
Assist in testing internal control over financial reporting/provide
assistance
to the external auditors
On a rotational or risk ranked basis, audit the company's major operating
units and functions (e.g., IT, payroll)
Perform legal and regulatory compliance audits; for example, health and
safety audits
Consult with management on process improvement and operational
efficiency, especially related to major company initiatives, such as new
products or entry into new markets
Internal audit's role should be reflected in its charter. A charter sets out
internal audit's purpose, authority, reporting structure, and responsibilities
and should specify the group cannot perform responsibilities that could
hinder its objectivity. In addition to planned audits and site visits, some
internal audit departments use a continuous audit process which may
involve ongoing control evaluations or risk assessments. This approach
helps identify errors and fraud on a timely basis, and creates a stronger
internal control environment across the company. Many audit committees
review internal audit's charter annually, and approve any changes to the
charter.
262 UEW/IEDE
AUDITING AND
Unit 5, section 6: Audit committee effectiveness INVESTIGATION
The audit committee chair can reinforce the reporting relationship through
periodic contact with the internal audit director between audit committee
meetings. In major companies, sometimes this interaction is monthly. The
audit committee chair needs to have a good relationship with the internal
audit director
Easing the formality of reporting can help the committee ensure internal
audit can provide timely reporting on operational or management issues that
may arise. Plus, these meetings send the right tone-at-the-top message to
internal audit and management.
UEW/IEDE 263
AUDITING AND
INVESTIGATION Unit 5, section 6: Audit committee effectiveness
Typically both management and the audit committee play a role in the
hiring of the internal audit director. And astute committee chair knows the
importance of conducting an exit interview with the outgoing director to
learn of any pertinent issues. Audit committees should be involved in hiring
the internal audit director, evaluating his or her performance, and being
satisfied with that individual's compensation.
The Standards call for such assessments to be conducted at least every five
years. The audit committee should understand the competency of the
external reviewers and the results of both the internal and external quality
assessments. The committee will also need to understand how internal audit
is adjusting its work or processes to address major findings and areas for
improvement.
Committees can also seek input from the external auditors. External auditors
work with internal audit functions from different companies and can share a
perspective on how well the department performs compared to others.
Committees should also understand any red flags. For example, if the
external auditors decide to place no reliance on internal audit's work or
choose not to leverage any internal audit staff to assist with audit testing, the
committee should understand why.
Discussions with the CEO, CFO and other members of management will
provide additional views, including how internal audit is perceived
throughout the company and whether the function approaches its work with
a client service mentality.
Finally, the audit committee will have its own point of view through its
interactions with internal audit.
Other factors the audit committee may want to problem
Is internal audit focused on the right reports to management?
Is internal audit issuing timely topics?
264 UEW/IEDE
AUDITING AND
Unit 5, section 6: Audit committee effectiveness INVESTIGATION
Model Audit
Committee Charter
Purpose
To assist the board of directors in fulfilling its oversight responsibilities for
the financial reporting process, the system of internal control, the audit
process, and the organization’s process for monitoring compliance with
laws and regulations and the code of conduct.
Authority
The audit committee has authority to conduct or authorize investigations
into any matters within its scope of responsibility. It is empowered to:
Appoint, compensate, and oversee the work of any registered public
accounting firm employed by the organization.
Resolve any disagreements between management and the auditor
regarding financial reporting.
Pre-approve all audit and nonaudit services.
Retain independent counsel, accountants, or others to advise the
committee or assist in the conduct of an investigation.
Seek any information it requires from employees — all of whom are
directed to cooperate with the committee’s requests — or external
parties.
Meet with the organization’s officers, external auditors, or outside
counsel as necessary.
Composition
The audit committee will consist of at least three, and no more than six,
members of the board of directors. The board or its nominating committee
will appoint committee members and the committee chair.
UEW/IEDE 265
AUDITING AND
INVESTIGATION Unit 5, section 6: Audit committee effectiveness
Meetings
The audit committee will meet at least four times a year, with authority to
convene additional meetings as circumstances require. All audit committee
members are expected to attend each meeting in person or via
teleconference or videoconference. The audit committee will invite
members of management, auditors, or others to attend meetings and provide
pertinent information as necessary. It will hold private meetings with
auditors (see below) and executive sessions. Meeting agendas will be
prepared and provided in advance to members, along with appropriate
briefing materials. Minutes will be prepared.
Responsibilities
The committee will carry out the following responsibilities:
Financial Statements
Review significant accounting and reporting issues, including complex
or unusual transactions and highly judgmental areas, and recent
professional and regulatory pronouncements, and understand their
impact on the financial statements.
Review with management and the external auditors the results of the
audit, including any difficulties encountered.
Review the annual financial statements and consider whether they are
complete, consistent with information known to committee members,
and reflect appropriate accounting principles.
Review other sections of the annual report and related regulatory filings
before release and consider the accuracy and completeness of the
information.
Review with management and the external auditors all matters required
to be communicated to the audit committee under generally accepted
auditing standards.
Understand how management develops interim financial information,
and the nature and extent of internal and external auditor involvement.
Review interim financial reports with management and the external
auditors before filing with regulators, and consider whether they are
complete and consistent with the information known to audit committee
members.
Internal Control
Consider the effectiveness of the organization’s internal control system,
including information technology security and control.
266 UEW/IEDE
AUDITING AND
Unit 5, section 6: Audit committee effectiveness INVESTIGATION
Internal Audit
Review with management and the chief audit executive (CAE) the
charter, activities, staffing, and organizational structure of the internal
audit function.
Have final authority to review and approve the annual audit plan and all
major changes to the plan.
Ensure there are no unjustified restrictions or limitations, and review and
concur in the appointment, replacement, or dismissal of the CAE.
At least once per year, review the performance of the CAE and concur
with the annual compensation and salary adjustment.
Review the effectiveness of the internal audit function, including
compliance with The Institute of Internal Auditors’ International
Standards for the Professional Practice of Internal Auditing.
On a regular basis, meet separately with the CAE to discuss any matters
that the committee or internal auditing believes should be discussed
privately.
External Audit
Review the external auditors’ proposed audit scope and approach,
including coordination of audit effort with internal auditing.
Review the performance of the external auditors and exercise final
approval on their appointment or discharge.
Review and confirm the independence of the external auditors by
obtaining statements from the auditors on relationships between the
auditors and the organization, including nonaudit services, and
discussing the relationships with the auditors.
On a regular basis, meet separately with the external auditors to discuss
any matters that the committee or auditors believe should be discussed
privately.
Compliance
Review the effectiveness of the system for monitoring compliance with
laws and regulations and the results of management’s investigation and
follow-up (including disciplinary action) of any instances of
noncompliance.
Review the findings of any examinations by regulatory agencies and any
auditor observations.
Review the process for communicating the code of conduct to the
organization’s personnel and for monitoring compliance therewith.
UEW/IEDE 267
AUDITING AND
INVESTIGATION Unit 5, section 6: Audit committee effectiveness
Reporting
Regularly report to the board of directors about committee activities,
issues, and related recommendations.
Provide an open avenue of communication among internal auditing, the
external auditors, and the board of directors.
Report annually to the shareholders, describing the audit committee’s
composition, responsibilities and how they were discharged, and any
other information required by rule, including approval of nonaudit
services.
Review any other reports the organization issues that relate to the audit
committee responsibilities.
Other Responsibilities
Perform other activities related to this charter as requested by the board
of directors.
Institute and oversee special investigations as needed.
Review and assess the adequacy of the audit committee charter annually,
requesting board approval for proposed changes, and ensure appropriate
disclosure as may be required by law or regulation.
Confirm annually that all responsibilities outlined in this charter have
been carried out.
Evaluate the audit committee’s and individual members’ performance on
a regular basis.
Review questions
Describe the role of the audit committee in evaluating the internal audit
performance.
Give some functions of the audit committee
Describe the relationship between the internal audit and the audit
committee
Explain how the audit committee has oversight responsibility over
management in an organisation.
268 UEW/IEDE
SPECIALISED AUDIT
XXXXXXX 6
UNIT Unit X, section X: XXXXXXX
Hello dear learner! You are welcome to the last unit of this course module.
The unit is divided into six sections and in each section we are going to treat
specific issues that introduce you to specialised audit. We will explain of
social and environmental auditing, investigative audits, forensic audits,
Value for money (VFM) audit, Tax Audit, information system audit.
270 UEW/IEDE
AUDITING AND
This page is left blank for your notes INVESTIGATION
UEW/IEDE 271
SOCIAL AND ENVIRONMENTAL AUDITING
AUDITING AND
UNIT 6 SECTION
INVESTIGATION
1
Unit 6, section 1: Social and environmental auditing
This first section of the fourth unit covers reviews relating to environment
which require certain specific considerations in the planning, execution and
reporting of audits.
After reading through this section, the learner should be able to:
explain the objective on environmental auditing
identify risk associated to environments of businesses
describe the steps and procedures to be followed in conducting an
environmental audit
Background
Environmental safety and health auditing developed in the early 1970s,
largely among companies operating in environmentally intensive sectors
such as oils and chemicals. Environmental matters are becoming significant
to increasing number of entities, and may in certain circumstances, have a
material impact on their financial statements. Environmental auditing has
spread rapidly with a corresponding development of the approaches and
techniques adopted. This section will expose students to basics in
environmental auditing.
Domestic laws and regulations have differed among countries and depended
on a number of factors that cannot be fully controlled by technology. This
has made it steadily more difficult for a company to ascertain whether a
specific plant in a particular country is complying with all of the relevant
legislation.
272 UEW/IEDE
AUDITING AND
Unit 6, section 1: Social and environmental auditing INVESTIGATION
Public awareness - The public has become increasingly aware of, and
vocal about, environmental and safety issues. Companies have had to
demonstrate to the public that they are managing environmental risks
effectively.
UEW/IEDE 273
AUDITING AND
INVESTIGATION Unit 6, section 1: Social and environmental auditing
274 UEW/IEDE
AUDITING AND
Unit 6, section 1: Social and environmental auditing INVESTIGATION
In addition, the scope of an audit can vary from simple compliance testing
to a more rigorous examination, depending on the perceived needs of the
management. The technique is applied not only to operational
environmental, health and safety management, but increasingly also to
product safety and product quality management, and to areas such as loss
prevention. If the intention of auditing is to help ensure that these broad
areas are managed properly, then all of these individual topics must be
reviewed. Items which may be addressed in audits, including environment,
health, safety and product safety are shown in table 54.1.
UEW/IEDE 275
AUDITING AND
INVESTIGATION Unit 6, section 1: Social and environmental auditing
Pre-audit steps
Pre-audit steps include the administrative issues associated with planning
the audit, selecting the personnel for the audit team (often from different
parts of the company or from a specialized unit), preparing the audit
protocol used by the organization and obtaining background information
about the facility.
If auditing is new, the need for education of those involved in the audit
process (the auditors or those being audited) should not be underestimated.
This also applies to a multinational company extending an audit programme
in its home country to subsidiaries abroad. In these situations, the time spent
on explanation and education will pay dividends by ensuring that the audits
are approached in a spirit of cooperation and are not seen as a threat by the
local management.
276 UEW/IEDE
AUDITING AND
Unit 6, section 1: Social and environmental auditing INVESTIGATION
Obtaining background information about a site and its processes can help to
minimize the time spent onsite by the audit team and to focus its activities,
thus saving resources.
The composition of the audit team will depend on the approach adopted by a
particular organization. Where there is a lack of internal expertise, or where
resources cannot be devoted to the audit activity, companies frequently use
independent consultants to conduct the audits for them. Other companies
employ a mix of in-house staff and external consultants on each team to
ensure an “independent” view. Some large companies use only in-house
staff for audits, and have environmental audit groups for this specific
function. Many major companies have their own dedicated audit staff, but
also include an independent consultant on many of the audits they carry out.
Onsite steps
Understanding the internal controls. As a first step, it is necessary to
develop an understanding of the controls that are in place or are thought
to be in place. These will include assessing formal procedures and
practices; record keeping and monitoring; inspection and maintenance
programmes and physical controls for containing spills. The audit team
gathers information on the various controls by observation, interviewing
staff and the use of detailed questionnaires.
Assessing strengths and weaknesses of internal controls. Evaluating the
strengths and weaknesses of internal controls provides the rationale for
conducting subsequent audit steps. Auditors will look for indicators such
as clearly defined responsibilities, competence of personnel, appropriate
documentation and records and systems of authorization. It is more
important to determine whether the system is effective than whether it is
sophisticated.
Gathering audit evidence. The audit team attempts to verify that the
steps and controls work as intended. Evidence may be collected through
inquiry (e.g., asking a plant operator what he or she would do if there
were a major chemical spill), observation (e.g., watching specific
activities and operations in progress) and testing (checking records to
confirm compliance with regulations).
Recording audit findings. All the information obtained is recorded
(usually on the audit protocol document and as working papers), and a
comprehensive record of the audit and the state of the facility at the time
is thus produced. Where a deficiency is found, it is noted as an audit
“finding”.
Evaluating the audit findings. The audit team integrates and evaluates
the findings of the individual team members. There may also be
common findings. For some observations, an informal discussion with
the plant manager may be sufficient; for others, inclusion in the formal
report will be appropriate.
UEW/IEDE 277
AUDITING AND
INVESTIGATION Unit 6, section 1: Social and environmental auditing
Reporting the audit findings. This usually is done at a meeting with the
plant management at the end of the team’s visit. Each finding and its
significance can be discussed with the plant personnel. Prior to leaving
the site, the audit team will often provide a written summary of findings
for the plant management, to ensure that there are no surprises in the
final report.
Post-audit steps
Following the onsite work, the next step is to prepare a draft report, which is
reviewed by the plant management to confirm its accuracy. It is then
distributed to senior management according to the requirements of the
company.
The other key step is to develop an action plan to address the deficiencies.
Some companies ask for recommendations for corrective action to be
included in the formal audit report. The plant will then base its plan on
implementing these recommendations. Other companies require the audit
report to state the facts and the deficiencies, with no reference to how they
should be corrected. It is then the responsibility of the plant management to
devise the means of remedying the failings.
Once an audit programme is in place, future audits will include past reports-
and progress in the implementation of any recommendations made therein-
as part of their evidence.
278 UEW/IEDE
AUDITING AND
Unit 6, section 1: Social and environmental auditing INVESTIGATION
UEW/IEDE 279
AUDITING AND
INVESTIGATION Unit 6, section 1: Social and environmental auditing
Interest and action were stimulated in the late 1980s by the Friends of the
Earth (1989). A number of authorities prepared environmental charters,
follow-up environmental strategies and action plans, which are generally
referred to as Green Plans (Raemaekers et al.. 1991 and Raemaekers, 1993).
It was not long before leading authorities also realised the greater corporate
performance and environmental benefits of the broader and deeper
approaches of the internal and external auditing (COSLA, 1992).
Typically public sector audits cover a number of target areas such as:
energy use;
recycling;
hardwoods from sustainable sources;
environmental education;
habitat conservation and creation;
280 UEW/IEDE
AUDITING AND
Unit 6, section 1: Social and environmental auditing INVESTIGATION
Inevitably there are issues which may have been overlooked or might be
misinterpreted, and further and clearer guidance will be necessary. SNH
along with the Countryside Commission and the Countryside Council for
Wales have commissioned guidance on the treatment of countryside and
conservation issues within State of the Environment Reports.
Trends/future developments
Audit programmes are becoming a standard environmental management tool
and pressures for the disclosure of audit results are increasing. Public
statements of environmental information with external validation are
required by those participating in the European or local authority Eco-
Management and Audit Scheme.
UEW/IEDE 281
AUDITING AND
INVESTIGATION Unit 6, section 1: Social and environmental auditing
Public sector bodies and local authorities are adapting auditing methods
to establish baselines of environmental performance.
Environmental auditing must be implemented in a systematic and
constructive manner
Environmental audits have traditionally dealt with the environmental
effects of industrial processes and, to a lesser extent, with resource
consumption.
Review Questions
Define Environmental auditing
Describe the auditing procedures in carrying out an environmental audit
Explain why EPA should assess the environment of businesses before
issuing operating permit
282 UEW/IEDE
AUDITING
AUDITING AND
AND
Unit 6, section 1:
This
Social
pageand
is left
environmental
blank for your
auditing
notes INVESTIGATION
INVESTIGATION
UEW/IEDE 283
INVESTIGATIVE AUDITS
AUDITING AND
UNIT 6 SECTION
INVESTIGATION
2
Unit 6, section 2: Investigative audits
This section will throw some light on how investigations are generally
carried out by auditors. Investigations are not part of the work of an auditor.
However, auditors are trained in investigative techniques and are known to
be independent and to have integrity. Consequently, auditors are frequent
asked to carry out investigations. Students need to understand the basics in
investigation.
Investigations
Investigations are simply examinations of or enquires into something or
somebody commissioned by a client for a purpose. This may takes place as
a result of a report of unusual or suspicious activity on the part of an
individual or a department. It is usually focused on specific aspects of the
work of a department or individual. Investigative Auditing deals with
innocent errors and abnormal or invalid financial incidents/events having
fraudulent potential or capable of bringing undesired financial implications
to the investigated subject.
Stages of Investigations
Obtain precise written instructions from the client
Clear view of the object of the investigation
The scope of the assignment
The degree of details and the secrecy to be observed
Line of reporting
Professional etiquette – Auditors must be communicated with, both to
observe the usual courtesies and to obtain their cooperation
284 UEW/IEDE
AUDITING AND
Unit 6, section 2: Investigative audits INVESTIGATION
UEW/IEDE 285
AUDITING AND
INVESTIGATION Unit 6, section 2: Investigative audits
Review Questions
Define an Investigation
List the stages in an investigation
What is back duty Investigation
286 UEW/IEDE
AUDITING
AUDITING AND
AND
Unit
This 6,
page
section
is left
2:blank
Investigative
for youraudits
notes INVESTIGATION
INVESTIGATION
UEW/IEDE 287
FORENSIC AUDITS
AUDITING AND
UNIT 6 SECTION
INVESTIGATION
3
Unit 6, section 3: Forensic audits
Background
Forensic auditing is the verification (attestation) that the transactions are
valid and that the underlying documentation and other sources of
verification can support the reported amounts. It is used to provide
credibility to financial activities in legal matters, sometimes requiring expert
testimony. It expands far beyond a routine audit, which is intended to grant
assurance. Forensic auditing by nature is intent upon proving or disproving
values, actions, intents, etc. Everything is suspect. A forensic audit may
involve subpoenaing of nonstandard records as well. By the time an audit is
escalated to the forensic level, there are many red flags in the air.
288 UEW/IEDE
AUDITING AND
Unit 6, section 3: Forensic audits INVESTIGATION
Types of investigation
The forensic accountant could be asked to investigate many different types
of fraud. It is useful to categorise these types into three groups to provide an
overview of the wide range of investigations that could be carried out. The
three categories of frauds are corruption, asset misappropriation and
financial statement fraud.
UEW/IEDE 289
AUDITING AND
INVESTIGATION Unit 6, section 3: Forensic audits
Corruption
There are three types of corruption fraud: conflicts of interest, bribery, and
extortion. Research shows that corruption is involved in around one third of
all frauds.
The fraudster may not benefit financially, but rather receives an undisclosed
personal benefit as a result of the situation. For example, a manager may
approve the expenses of an employee who is also a personal friend in order
to maintain that friendship, even if the expenses are inaccurate. Bribery is
when money (or something else of value) is offered in order to influence a
situation. Extortion is the opposite of bribery, and happens when money is
demanded (rather than offered) in order to secure a particular outcome.
Asset misappropriation
By far the most common frauds are those involving asset misappropriations,
and there are many different types of fraud which fall into this category. The
common feature is the theft of cash or other assets from the company, for
example:
Cash theft – the stealing of physical cash, for example petty cash, from
the premises of a company.
Fraudulent disbursements – company funds being used to make
fraudulent payments. Common examples include billing schemes, where
payments are made to a fictitious supplier, and payroll schemes, where
payments are made to fictitious employees (often known as ‘ghost
employees’).
Inventory frauds – the theft of inventory from the company.
Misuse of assets – employees using company assets for their own
personal interest.
290 UEW/IEDE
AUDITING AND
Unit 6, section 3: Forensic audits INVESTIGATION
Conducting an investigation
The process of conducting a forensic investigation is, in many ways, similar
to the process of conducting an audit, but with some additional
considerations. The various stages are briefly described below.
Gathering evidence
In order to gather detailed evidence, the investigator must understand the
specific type of fraud that has been carried out, and how the fraud has been
committed. The evidence should be sufficient to ultimately prove the
identity of the fraudster(s), the mechanics of the fraud scheme, and the
amount of financial loss suffered. It is important that the investigating team
is skilled in collecting evidence that can be used in a court case, and in
keeping a clear chain of custody until the evidence is presented in court. If
any evidence is inconclusive or there are gaps in the chain of custody, then
the evidence may be challenged in court, or even become inadmissible.
UEW/IEDE 291
AUDITING AND
INVESTIGATION Unit 6, section 3: Forensic audits
Evidence can be gathered using various techniques, such as: testing controls
to gather evidence which identifies the weaknesses, which allowed the fraud
to be perpetrated using analytical procedures to compare trends over time or
to provide comparatives between different segments of the business
applying computer assisted audit techniques, for example to identify the
timing and location of relevant details being altered in the computer system
discussions and interviews with employees substantive techniques such as
reconciliations, cash counts and reviews of documentation.
Reporting
The client will expect a report containing the findings of the investigation,
including a summary of evidence and a conclusion as to the amount of loss
suffered as a result of the fraud. The report will also discuss how the
fraudster set up the fraud scheme, and which controls, if any, were
circumvented. It is also likely that the investigative team will recommend
improvements to controls within the organisation to prevent any similar
frauds occurring in the future.
Court proceedings
The investigation is likely to lead to legal proceedings against the suspect,
and members of the investigative team will probably be involved in any
resultant court case. The evidence gathered during the investigation will be
presented at court, and team members may be called to court to describe the
evidence they have gathered and to explain how the suspect was identified.
It is imperative that the members of the investigative team called to court
can present their evidence clearly and professionally, as they may have to
simplify complex accounting issues so that non-accountants involved in the
court case can understand the evidence and its implications.
292 UEW/IEDE
AUDITING AND
Unit 6, section 3: Forensic audits INVESTIGATION
Review Questions
Outline the primary objectives of a forensic audit
Describe the procedures in conducting a financial statement fraud
investigation
Who can initiate a forensic audit exercise?
UEW/IEDE 293
VALUE FOR MONEY (VFM) AUDIT
AUDITING AND
UNIT 6 SECTION
INVESTIGATION
4
Unit 6, section 4: Value for money (VFM) audit
This section is to explain the value for money concept and highlight the step
in reviews towards attaining the maximum benefit in every transaction.
Background
‘Value for money’ (VFM) is a term used to assess whether or not an
organisation has obtained the maximum benefit from the goods and services
it both acquires and provides, within the resources available to it. Some
elements may be subjective, difficult to measure, intangible and
misunderstood. Judgment is therefore required when considering whether
VFM has been satisfactorily achieved or not. It does not only measures the
cost of goods and services, but also takes account of the mix of quality, cost,
resource use, fitness for purpose, timeliness, and convenience to judge
whether or not, together, they constitute good value.
294 UEW/IEDE
AUDITING AND
Unit 6, section 4: Value for money (VFM) audit INVESTIGATION
Approach to VFM
In achieving, and seeking to achieve, VFM, there are many objectives
for organisational behaviour and activity to be taken into account. These
include:
the culture of the organisation, for example, continually striving to
do more at the appropriate quality for less money
adopting good practice
clearly defining the organisation's aims, strategies and policies
providing an organisational structure which promotes accountability,
through placing power at the point where responsibility is required
to be taken, together with appropriate control and oversight
exercised at a higher level
being committed to effective communication and staff development
so that the culture and aims of the organisation permeate to, and are
identifiable at, all levels within the organisational structure
Providing an appropriate infrastructure in systems, resources and
training.
UEW/IEDE 295
AUDITING AND
INVESTIGATION Unit 6, section 4: Value for money (VFM) audit
It is clear that conducting VFM studies is not the only way to show a
commitment to VFM. Existing management practices that seek to
integrate VFM principles and the active promotion of a culture of
continuous improvement are two alternative approaches. Conducting a
VFM study does not, in itself, demonstrate VFM: this is dependent on
the result of the study and on any action taken in response to its findings.
VFM studies are frequently undertaken in conjunction with other
organisations. This enables comparisons to be made (including the use
of benchmarking techniques) and each can draw upon good practice
identified elsewhere.
There is no right answer as to who should undertake a VFM study. The
people involved in a study should, between them, have a basic range of
skills, including an understanding of VFM study methodology and
project management, and knowledge of the subject. They may be
internal staff or external experts. Internal auditors also often have the
knowledge, skills and experience to contribute to such work. Routine
internal audit work should always keep in mind the arrangements for
VFM. Any issues identified can be reported as part of that routine work.
296 UEW/IEDE
AUDITING AND
Unit 6, section 4: Value for money (VFM) audit INVESTIGATION
Review Questions
Explain the concept of Value For Money
Describe the 'three Es' in Value For Money
Outline some objective in achieving VFM
UEW/IEDE 297
TAX AUDIT
AUDITING AND
UNIT 6 SECTION
INVESTIGATION
5
Unit 6, section 5: Tax audit
Dear This Section is to highlight the need for tax reviews when conducting
audit in a company. Students will be taken through some offences and
penalties affecting companies and some test question useful to inform the
setting of audit objectives.
Taxation
Tax is a financial charge or other levy imposed on an individual or a
legal entity by a State. It is a compulsory payment for which no value or
service has to be rendered in return. It is based on a system of laws
passed by Parliament and interpreted by the Judiciary, giving effect to
what one must assume to be the democratic will of the citizens.
It is not a voluntary payment or donation, but an enforceable
contribution and it is a contribution imposed by government. When
taxes are not fully paid, civil penalties (such as fines) or criminal
penalties (such as imprisonment) may be imposed on the non-paying
entity or individual.
Taxation is a systematic (legal and administrative) process and a means
of mobilizing revenue from private sector to public sector treasury
through compulsory monetary payments on taxable persons and
transactions.
Direct Tax
Direct taxes are based on the notion that taxes on income and capital and are
levied directly on chargeable persons such as individuals and companies. In
this form of taxation both the impact and incidence of tax are on the person
to whom the incomes or gains accrue. Direct tax includes income tax on
individuals and companies, which are administered by the Domestic Tax
Revenue Division (DTRD) of the Ghana Revenue Authority (GRA).
Indirect Tax
Indirect Taxes are on expenditure through production and consumption.
They are levied on the ownership of goods and services. They are said to be
indirect because the impact is on the person immediately paying the tax
298 UEW/IEDE
AUDITING AND
Unit 6, section 5: Tax audit INVESTIGATION
whereas the incidence may be on a different person, say the consumer. For
example an importer and the consumer in which the impact of the tax is on
the importer, whereas the incidence of tax is on the consumer i. e. the person
who ultimately bears the burden of the tax.
A company typically faces these four major tax types.
Company Income Tax (“CIT”)
Payroll
Withholding Tax (“WHT”)
Value Added Tax (“VAT”)
All tax auditors need to obtain reasonable assurance that tax returns are free
from any material misstatement, whether due to fraud or error.
Payroll
Employers are required to withhold taxes from payments to employees and
remit these taxes to the GRA on or before the 15th day of the month
following the month to which the tax relates to. A penalty of 20% of tax
payable is imposed if the period of default is within three months and 30%
if it exceeds. Additionally, employers are required to deduct SSF
contribution of 5.5% from the basic salaries of employees and make
additional contribution of 13%. These amounts are further split between
SSNIT and a private fund trustee. A cumulative monthly penalty of 3%
exists if there is a default on payment to SSNIT. There are other punitive
measures that could be brought against directors of the company. The
auditor should be concerned about whether:
PAYE taxes are paid on time;
PAYE taxes are accurately computed;
UEW/IEDE 299
AUDITING AND
INVESTIGATION Unit 6, section 5: Tax audit
300 UEW/IEDE
AUDITING AND
Unit 6, section 5: Tax audit INVESTIGATION
default continues
Failure to account for tax Interest at BoG rate
collected
Evasion of tax payment 3x tax evaded + 5yrs imprisonment or
both
Falsification or alteration of GH ¢200 – GH ¢1,000 or 5yrs or both
documents & forfeiture of goods involved to State
Failure to maintain proper records -deliberate & reckless – GH ¢1,000 or
5yrs or both
-other reason – GH ¢500 or 1yr or both
Unauthorised collection of tax 10x amount of tax or 5yrs or both
Obstruction of an officer of GH ¢50 – GH ¢500 or 1yr
VATS in the performance of his imprisonment
duties
Making false or misleading -knowingly & recklessly – GH ¢1,000
statement or 5yrs or both
-other reason – GH ¢500 or 1yr or both
UEW/IEDE 301
AUDITING AND
INVESTIGATION Unit 6, section 5: Tax audit
302 UEW/IEDE
AUDITING AND
Unit 6, section 5: Tax audit INVESTIGATION
Review Questions
Which tax types should an auditor focus on in reviewing a company
List any two offences with their penalties that companies can be liable to
Why should auditors focus on the tax impact on the companies they
audit?
UEW/IEDE 303
INFORMATION SYSTEM AUDIT
AUDITING AND
UNIT 6 SECTION
INVESTIGATION
6
Unit 6, section 6: Information system audit
304 UEW/IEDE
AUDITING AND
Unit 6, section 6: Information system audit INVESTIGATION
UEW/IEDE 305
AUDITING AND
INVESTIGATION Unit 6, section 6: Information system audit
306 UEW/IEDE
AUDITING AND
Unit 6, section 6: Information system audit INVESTIGATION
UEW/IEDE 307
AUDITING AND
INVESTIGATION Unit 6, section 6: Information system audit
Review Questions
List five aspects the IS auditors will need to look at under the following key
areas:
The Process of Auditing Information Systems
Governance and Management of IT
Information Systems Acquisition, Development, and Implementation
Information Systems Operations, Maintenance and Support
Protection of Information Assets
308 UEW/IEDE