8: AUDIT AND ASSURANCE SIR AHMED SHAFI AUDIT PLANNING AND DOCUMENTATION AUDIT DOCUMENTATION Its stated that audit procedure which has not been documented is assured not to have been performed. That is why all procedures performed are required to be documented. They are documented on a piece of paper called “working papers”. WORKING PAPERS ‘Working papers are records of: Y Procedures performed Y Evidence obtained ¥ Conclusions required. Inventory checking and bank confirmations are examples. WHY WORKING PAPERS ARE IMPORTANT/ ADVANTAGES / OBJECTIVES OF WORKING PAPERS Act as proof Help in legal issues Control i.e helps partner in checking work of team. Helps for next year audit planning especially in case of opening balance SKN Examples of working papers: Information obtained during audit for understanding entity and its environment. Information regarding accounting and internal control system efficiently. Extracts or copies of important legal documents. Analysis of significant transactions. Various audit procedures performed during audit. Third party confirmations. Key agreements and contracts. Form and content of working papers Form and content of working papers is also called qualities and features of good working papers. They are affected by matters such as: Size and complexity of entity Nature of procedures to be performed Identified risks Significance of evidence obtained Exceptions identified But they should clearly identify the following: KARR 75|Page CamScanner Scanned with CamScannerF8: AUDIT AND ASSURANCE SIR AHMED SHAFI Firm name Name of client b/s date subject (inventory, record, etc) reference (FA, CA,001, 002) procedure performed evidence obtained who prepared (sign) who received (sign ) any other issues date o which prepared review date RARER KK ‘There are Two types of working papers © current working papers © permanent working papers Current working papers: They are also called current audit files which are relevant for current audit always in hand. They should have the following: = financial statement * reconciliation errors sampling ‘third party communication Permanent working papers: They are permanent audit files. They are fixed in nature and kept in box. They should have the following: = engagement letter = Memorandum & Articles of association "Lease and sales agreement = Previous year accounts FOR HOW LONG TO RETAIN WORKING PAPERS Different bodies have different guidelines ‘© ACCA recommends minimum 7 years retention after that up to auditor to decide. * Working papers is the property of the auditor, can it be disclosed to third party? (confidentiality) Can be disclosed to management but if it will create doubt on independence then not. 76 |Page CamScanner Scanned with CamScannerF®: AUDIT AND ASSURANCE ‘SIR AHMED SHAFI STANDARDIZED AND AUTOMATED WORKING PAPERS Traditionally were manual. * Now standardized (pre printed standard) questionaries’ by (ICAP /ACCA) Automated working papers have now been prepared via excel or audit software, making documentation work much easier. ‘Advantages of automated working papers | Disadvantages of automated working papers 2 Less errors © Virus = Neater and cleaner ‘= _ Electricity dependency Time saved ‘© Boredom (auto audit ) ‘© _ Easy transmission via internet AUDIT PLANNING ‘When planning starts few weeks before start of the audit. ‘The auditor should plan an audit so that engagement will performed in an efficient and effective manner. Mandatory as well as needs to be documented. Advantages/importance of planning: Helps auditor devote appropriate attention to important areas. Helps auditor identify and resolve problems on a timely basis. Helps properly organize audit so that performed in effective manner. Helps in selection of appropriate team members. Helps direction, supervision and review of work. Assist in coordination of work done by auditor and expert. Note: planning an audit involves establishing the “overall audit strategy” and “developing an audit plan” (there are two parts) © Audit strategy is the overall strategy which sets at direction, scope and timing of audit. Strategy is then converted into a detailed audit plan CONTENTS OF Al MATTERS TO CONSIDER IN ESTABLISHING AUDIT STRAY Understanding entity and its environment Financial reporting framework ‘Avalablit of client personnel Nature of buyers segments ‘What resources are to be deployed Use of experts vyvyvy 77|Page CamScanner Scanned with CamScanner8: AUDIT AND ASSURANCE > Selection of team > Engagement budgetry ‘SIR AHMED SHAFI ‘© Audit plan is more detailed than audit strategy which tells nature, timing and extent of audit procedures. CONTENTS OF DETAILED AUDIT PLAN/MATTERS TO CONSIDER IN AUDIT PLAN Timetable of planned audit work. Materially etc. vvvv Description of nature, timing and extent of planned risk assessment procedures. Description of nature, timing and extent of planned audit procedures. INTERIM AND FINAL AUDIT Auditors usually carry out audit work in one or more sittings. This is referred to as interim and final audit. ‘Main audit is final audit as at that time report is issued. But if all work is kept for end time, may fall short of time. That's why auditor does some work before, this is called interim audit. For example purchases figure will come at year end , so will be audited in end but purchase cycle can be checked before whether its working fine or not (interim). Similarly Designing of procedures can be earlier (interim) but procedures will be performed in end (final). INTERIM AND FINAL AUDIT PROCEDURES Interim audit procedures may includ! Final audit procedures include: ‘© Inherit risk assessment and gaining an understanding of the entity ‘© Recording the entity's system of internal control ‘© Evaluating the design of internal controls ‘© Carrying out tests of control on the ‘company's internal controls to ensure they are operating as expected * Performing substantive testing of transactions/balances to gain evidence that the books and records are a reliable basis for the preparation of financial statements © Identification of issues that may have an impact on work to take place at the final audit Substantive procedures involving verification of statement of financial position balances and amounts in the statement of profit or loss Obtaining third party confirmations Analytical procedures relating to figures In the financial statements, Subsequent events review Agreeing to the financial statements to the accounting records Examining adjustments made during the process of preparing the financial statements Consideration of the going concern status of the entity Performing tests to ensure that the conclusions formed at the interim audit are stil valid Obtaining written representations 78 Page CamScanner Scanned with CamScannerFB: AUDIT AND ASSURANCE SIR AHMED SHAFI Impact of interim audit work on the final audit in general ‘The benefit of spreading audit procedures over an interim and final audit is that it is possible to provide shareholders and other users of the financial statements with the audited accounts sooner than if all audit procedures were carried out at a final audit taking place after the year end. Performing audit procedures before the period-end can assist in identifying significant matters at an early stage of the audit and help resolve them with management's assistance or develop an effective audit approach to address them. This reduces the time taken at the final audit to gain the remaining sufficient appropriate audit evidence needed. MATERIALITY ‘all that information because of whose omission/ misstatement our decision would not change is immaterial information. *All that information whose omission/misstatement, individually or in aggregate could influence the decision of user on financial statement is material information. HOW MATERIALITY IS ASSESSED? In assessing level of materiality, auditor must: 1. Consider both quantity and quality of misstatements. Quantity refer to size and quality refers that amount may be low in value but could influence use’s decision like director's transactions. 2. Consider setting performance materiality level, which is set below materiality and is used for particular transactions. 3. Assessment of materiality is ultimately a matter of auditor's professional judgement, the following benchmarks and percentages may be appropriate profit after tax 5% Bross profit 0.5-1% revenue 0.5%-1% totalassets 1%-2% Net assets 2%-5% profit before tax $%-10% PERFORMANCE MATERIALITY lf we determine materiality as 5% of PAT and it comes to $100000, a number of transactions with less ‘than $100000 may be dismissed on the grounds that it is immaterial. For this reason auditor is required ‘to set performance materiality, which is lower than total materiality and this means a lower threshold is applied. 79|Page CamScanner Scanned with CamScannerFB: AUDIT AND ASSURANCE SIR AHMED SHAFI “Performance materiality is the amount set by auditor at less than materiality for financial statement as ‘a whole to reduce to an appropriately low level the probability that aggregate of uncorrected misstatements exceeds total materiality.” 4 Planning materiality is also called tolerable error. (CAN LEVEL OF MATERIALITY BE REVISED? Yes, if there is: 1. Change in auditor's understanding of entity and its operations. 2. Change in circumstances during audit. 3. Revision of risk. 1Y AUDITOR NEEDS T MATERIALITY 4. During planning of audit: Auditor will plan to spend more time on areas which are material. During the audit: Aut F will focus more attention in material transactions. 3. Reading opinion: Materiality helps auditors to decide what opinion to give. DOCUMENTATION OF MATERIALITY 1SA requires following to be documented: 1. Materiality for financial statement as a whole 2. Performance materiality 3. Any revisions of materiality 80| Page CamScanner Scanned with CamScannerF8: AUDIT AND ASSURANCE SIR AHMED SHAFI UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT The auditor is required to obtain understanding of entity and its environment to be able to assess risk of, material misstatements. ‘Three important questions are: ‘Why? ‘Y To identify and assess the risks of material misstatement in the financial statements ¥ Toenable the auditor to design and perform further audit procedures Y To provide a frame of reference for exercising audit judgement, for example, when setting audit materiality What? Industry, regulatory and other external factors, including the applicable financial reporting framework Y Nature of the entity, including operations, ownership and governance, investments, structure and financing ¥ Entity’s selection and application of accounting policies Y Objectives and strategies and related business risks that might cause material misstatement in the financial statements ¥ Measurement and review of the entity's financial performance ¥_ Internal control (which we shall look at in detail in Chapter 9) How? Y Inquiries of management, appropriate individuals within the internal audit function and others within the entity Y Analytical procedures ¥ Observation and inspection Y Prior period knowledge Y Client acceptance or continuance process Discussion by the audit team of the susceptibility of the financial statements ‘material misstatement _ Information from other engagements undertaken for the entity 81/ Page CamScanner Scanned with CamScannerF8: AUDIT AND ASSURANCE SIR AHMED SHAFI FRAUD AND ERROR FRAUD, The term fraud refers to an international act by one or more individuals among management, those charged with governance, employees or third parties involving the use of deception to obtain an unjust or illegal advantage. Fraud involving one or more members of management or those charged with governance is referred to as "Management Fraud”; fraud involving only employees of the entity is referred to as “Employee Fraud”. ‘Types of fraud: = Misstatement resulting from Misappropriation of Assets. = Misstatement resulting from Fraudulent Financial Reporting, EXAMPLES OF MISAPPROPRIATION OF ASSETS: 1, Embezzling receipts e.g, Diverting business receipts into personnel bank accounts. 2. Stealing physical assets or intellectual property e.g. stealing inventory for use or sale, stealing ‘Stlap forresale ot dlstiosing tech data.to competitors ate, 3. Causing an entity to pay for goods or services not received e.g. (payments to fictitious vendors, payment to fictitious employees) 4, Using an entity's assets for personal use e.g (using company cars and computers) 5. Misappropriation of assets is often accompanied by false or misleading records or documents in ‘order to conceal the fact that the assets are missing or have been pledged without proper authorization. EXAMPLES OF FRAUDULENT FINANCIAL REPORTING: 1. Manipulation falsification or alteration of accounting records or supporting documentation. 2. Misrepresentation or intentional omission from the financial statements of events, transactions or other significant information. 3. Intentional/ misapplication of accounting principles relating to the amounts, classification ‘manner of presentation or disclosure. Fraudulent financial reporting also involves fraud via management override of controls. Such fraud can be committed by management overriding controls using such techniques as: 1. Recording fictitious journals entries. (fraudulent entries) 2. Inappropriately adjusting assumptions used to estimate account balances. 3. Omitting, advancing or delaying recognition in the financial statements of events and transactions. 4. Concealing or not disclosing facts that could affect the amounts recorded in the financial statements. 5. Altering records and terms related to significant and unusual transactions. 82|Page CamScanner Scanned with CamScannerFB: AUDIT AND ASSURANCE SIR AHMED SHAFI Responsibility of management and those charged with governance in relation to fraud The primary and forecast responsibilty for the prevention and detection of fraud rests with both those charged with Governance and the management. Itis important that management with the oversight of those charged with governance place a strong ‘emphasis on fraud prevention and detection, which may Reduce Opportunities for fraud to take place and act as fraud deterrence, which will persuade individual and employees not to commit fraud because of the likelihood of detection and punishment. This involves a commitment to creating a culture of honesty and ethical behavior which can only be reinforced by an active oversight by those charged with Governance. (Strong Control Environment). Responsibilities of auditor in relation to fraud and error: ‘An auditor conducting an audit in accordance with ISA 240 The Auditor's Responsibilities Relating to Fraud in an Audit of Financial Statements is responsible for obtaining reasonable assurance that the financial statements taken as a whole are .... from material misstatement, whether caused by fraud or error. In order to fulfill this responsibility auditors are required to identify and assess the risks of material misstatement of the financial statements due to fraud. ‘The auditor will need to obtain sufficient appropriate audit evidence regarding the assessed risks of material misstatement due to fraud, through designing and implementing appropriate responses. In addition, the auditor must respond appropriately to fraud or suspected fraud identified during the audit. When obtaining reasonable assurance, the auditor is responsible for maintaining professional skepticism throughout the audit, considering the potential for management override of controls and recognizing the fact that audit procedures that are....... In detecting error may not be effective in detecting fraud, To ensure that the whole engagement team is aware of the risks and responsibilities for fraud and error, ISA s require that a discussion is held within the team. For members not present at the meeting the engagement partner should determine which matters are to be communicated to them. Obtaining written representations in fraud: ISA 240 requires the auditor to obtain written representations from management and those charged with governance that: '* They acknowledge their responsibility for the design, implementation and maintenance of internal control to prevent and detect fraud. ‘* They have disclosed to the auditor management's assessment of the risk of fraud in the financial statements. ‘* They have disclosed to the auditor their knowledge of fraud/ suspected fraud involving management, employees with significant roles in internal control, and others where fraud could have a material effect on the financial statements. '* They have disclosed to the auditor their knowledge of any allegations of fraud suspected fraud communicated by employees, former employees, analysts, regulators or others, [Page CamScanner Scanned with CamScannerF8: AUDIT AND ASSURANCE SIR AHMED SHAFI Communication of fraud to those charged with governance: If the auditor identifies fraud or receives information that a fraud may exist, the auditor shall report this ‘on a timely basis to the appropriate level of management. If the auditor identifies or suspects fraud involving management, employees with significant roles in internal control, and others where fraud could have a material effect on the financial statements, he shall communicate this on a timely basis to those charged with governance. ‘The auditor also needs to consider whether there is 2 responsibility to report to the regulatory or enforcement authorities- the auditor's professional duty of confidentiality may be overridden by laws and statutes in certain jurisdictions. NON COMPLIANCE Compliance means follow all laws, rules and regulations. If laws, rules and regulations are not followed this is called non-compliance. INDICATORS OF NON-COMPLIAN ‘The following factors may indicate non-compliance with laws and regulations: + Investigations by regulatory authorities and government departments Payment of fines or penalties Payments for unspecified services or loans to consultants, related parties, employees or ‘government employees Sales commissions or agents’ fees that appear excessive Purchasing at prices significantly above/below market price Unusual payments in cash Unusual transactions with companies registered in tax havens Payment for goods and services made to a country different to the one in which the goods and services originated ‘© Payments without proper exchange control documentation ‘© Existence of an information system that fails to provide an adequate audit trail or sufficient evidence * Unauthorized transactions or improperly recorded transactions ‘© Adverse media comment 84|Page CamScanner Scanned with CamScannerF8: AUDIT AND ASSURANCE SIR AHMED SHAFI AUDIT PROCEDURES WHEN NON-COMPLIANCE IS IDENTIFIED OR SUSPECTED, The following table summarises audit procedures to be performed when non-compliance is identified or suspected. Non-compliance: audit procedures ‘Obtain understanding of nature of act and circumstances ‘Obtain further information to evaluate possible effect on financial statements Discuss with management and those charged with governance ‘Consider need to obtain legal advice if sufficient information not provided and matter is material Evaluate effect on auditor's opinion if sufficient information not obtained Evaluate implications on investment and reliability of written representations REPORTING IDENTIFIED OR SUSPECTED NON-COPLIANCE The auditor shall communicate with those charged with governance, but if the auditor suspects that those charged with governance are involved, the auditor shall communicate with the next higher level of authority such as the audit committee or supervisory board. If this does not exist, the auditor shall consider the need to obtain legal advice. The auditor shall consider the impact on the auditor's report if he/she concludes that the non- ‘compliance has a material effect on the financial statements and has not been adequately reflected or is prevented by the management and those charged with governance from obtaining sufficient appropriate audit evidence to evaluate whether non-compliance is material to the financial statements. The auditor shall determine whether identified or suspected non-compliance has to be reported to the regulatory and enforcement authorities, Although the auditor must maintain the fundamental principle of confidentiality, in some jurisdictions the duty of confidentiality may be overridden by law or statute. (CAAT’s) COMPUTER ASSISSTED AUDIT TECHNIQUES CAAT’s are the use of computer for audit work. In some cases there are large volumes of data and processes are too complex, in such cases we use CAT'S ‘Advantages of CAAT's: 1. Auditors can test programs controls as well as general internal controls (log in id and passwords) associated with clients system. CAAT’s reduce waste of time on manual routine calculations, increasing efficiency. Auditors can test greater number of items more quickly. CAAT'S are cost effective in long term if client does not change its system. CAAT’s help in increasing sample size which reduces overall risk. peer 85 | Page CamScanner Scanned with CamScanner8: AUDIT AND ASSURANCE SIR AHMED SHAFI Disadvantages of CAAT's: Setting up software needed for CAAT can be time consuming and costly. Audit staff will need to be trained so that they have sufficient level of IT knowledge. Not all client system will be compatible with software used for CAAT’s, ‘There is a risk that live client data is corrupted and lost during use of CAAT’s. pepe ‘There are two common types of CAAT’s Test data © Audit software ‘Test Data: Test data techniques are used in conducting audit procedures by entering data into an entity’s computer system, and comparing results obtained with predetermined (to be/ should have been) results. Test data is used for Test of controls Advantages of test data: 1) Provides evidence that software or computer system used by the client is working effectively. 2). Future costs are likely to be low if client does not change its system. Disadvantages of test data: 1. Initial time and costs may be high. 2. Test data only tests operation of system at a single point of time and not for the whole period under review. Audit software: ‘Audit software consists of computer programs used by auditors as part of their auditing procedures to process data of audit significance from entity's accounting system (used for substantive procedures). Advantages of audit software: 1. It can perform calculations more quickly than manual. 2. Audit software makes it possi 3._ Iti cost effective in long term if client does not change its system. 4, Itcan increase sample size reducing overall risk Disadvantages of audit software: Costs of designing tests using audit software can be substantial. Experienced and trained staff will be required resulting in increased cost. If errors are made I design of software, time and costs may waste. If audit software is used during live running system, there is a risk that system is disrupted. Pee 86 [Page CamScanner Scanned with CamScannerF8: AUDIT AND ASSURANCE SIR AHMED SHAFI General audit procedures that could be carried out using audit software (CAAT’s) ‘* Scan file to search for large and unusual items. Select a sample of items for testing which is representative of popul: Cast the items to ensure accuracy. Verify access to system is limited to authorize personnel only. Perform analytical review by comparing with prior year to identify differences. General audit procedures that could be carried out using test data(CAAT’s) CONTROLS: TEST DATA 1) System identifies when a customer's account balance exceeds limit 1) Enter few transactions which are within credit limits, system should accept. Also enter few transactions above credit limit, system should reject 2) Discounts are only given after approval 2) Enter discounts without approval system should reject 3) Website is integrated with inventory system 3) Enter an order not in stock, system should reject it 4) System allows dispatcher of goods only after authorities 4) Enter transactions with authorization, to be accepted by system, enter transactions without authorization, system should reject it ‘Auditing around the computer ‘Auditing through the computer Involves picking source documents at normal and verifying corresponding outputs with inputs example, multiply unit price with units sold to ensure revenue figure is correct. Involves auditor trying to understand the system. Consists auditing the computer processing system or data produced by the system to determine how much reliance can be placed on controls programmed in the system. 87|Page CamScanner Scanned with CamScannerF8: AUDIT AND ASSURANCE SIR AHMED SHAFI Examples 1) Charities 2) Hospitals 3) Schools 4) Clubs 5) Societies 6) Associates ‘An audit of NFPO may vary from “ for profit audit” due to: * Objectives Purpose for which audit is required When carrying out an audit of NFPO, itis vital that auditor establishes: ‘Whether a statutory audit is required If audit is not required, what are objectives of engagement What the engagement is to report on To whom report should be addressed What form report should take The audit risk. The audit risk: There are certain risks applicable for NFPO that may not be applicable to other small companies. These are: 1. Inherent Risk: The regulation is quite complex Donations are quite significant Establishing ownership and timing of voluntary income is difficult specially where funds are raised by non-controlled bodies * Theres lack of predictable incorte There is uncertainty of future income There is complexity of tax rules Certain key statistics are sensitive, such as proportion of resources used in administration ‘They have to avoid buildup of reserves which appear excessive 2 Control Risk: Directors /trustees commit less time to organize affairs Directors/trustees are not that qualified Frequency of board/ trustee meetings is less 88|Page CamScanner Scanned with CamScanner8: AUDIT AND ASSURANCE ‘SIR AHMED SHAFI ‘+ Trustees may not be independent from each other ‘+ What is the division of duties between management and trustees. ‘Audit reporting for NEPO: For NFPO where statutory audit is required, the same report will be issued as discussed earlier. ‘When NFPO is having an audit for benefit of members/trustees or a government funded entity is being audited, standard audit report may not be required. However, auditor should make following matters alter: Addressee of report What report relates to Scope of engagement Responsibilities of auditor and management trustees © Work done Opinion drawn 89|Page CamScanner Scanned with CamScannerF8: AUDIT AND ASSURANCE ‘SIR AHMED SHAFL ANALYTICAL PROCEDURES of analytical procedures: Analytical procedures are used in obtaining an understanding of an entity and its environment and in the overall review at the end of the audit. ‘Analytical procedures’ actually means the evaluation of financial and other information, and the new review of plausible relationships in that information. The review also includes identifying fluctuations ‘and relationships that do not appear consistent with other relevant information or results. Analytical procedures can be used as: '* Comparison of comparable information to prior periods to identify unusual changes or fluctuations in amounts. '* Comparison of actual or anticipated results of the entity with budgets and/or forecasts, or the expectations of the auditor in order to determine the potential accuracy or those results. ‘+ Comparison to industry information either for the industry as a whole or by comparison to entities of similar size to the client to determine whether receivable days, for example, are reasonable. Objectives of ANALYTICAL PROCEDURES at different stages of audit: 1) Risk assessment stage:(START) At the beginning analytical procedures are used of the audit to help the auditor to obtain an understanding of the entity and assess the risk of material misstatement. Audit procedures can then directed to these 'isky areas. 2) Performance stage:(DURING| Analytical procedures can be used as substantive procedures in determining the risk of material misstatement AT assertion level during work on the income statement and statement of final position (balance sheet) 3) Opinion formation stage:{END) Analytical procedures help the auditor at the end of the audit in forming an overall conclusion as to whether the financial statements as a whole are consistent with the auditor's understanding of the entity. 90 [Page CamScanner Scanned with CamScannerF8: AUDIT AND ASSURANCE ‘SIR AHMED SHAFI AUDIT PROCEDURES AND SAMPLING 1) SERVICE ORGANIZATION: & User entity: itis the entity whose financial statements are being audited. User auditor: it isthe firm who audits financial statement of user entity. ‘Service organization: it is the organization providing service to user entity rega statement. Service auditor: it is the auditor of service organization who at the request of service organization provides assurance report on controls of services organization to user auditor. (May be possible KPMG thinks that God knows our client is taking service from which entity, they can take information Of service organization from service auditor). Example of service provided by service organizatio > Payroll processing > Maintenance of records etc. User auditor will check: Nature of contract between service organization and user entity (shares offered) Degree of interaction Nature of service provided Length of contract, vvvy User auditor must obtain understanding of service organization either through: ‘Report from service auditor. ‘Contacting service organization through user entity. ‘Visiting service organization to perform procedures. Sending another auditor to perform procedures ( provided competent and independent) Re i User auditor is solely responsible for audit opinion. No mentioning of service auditor name in audit report. If name mentioned, clearly state he is not responsible. 2) USING THE WORK OF AN EXPERT: Expert: Any person / firm having specialization in any field other than audit and accounting. Example: diamond, gold, cement, oil sector, aircraft engineering, etc. Management expert: A person/firm expert in field other than audit and accounting used by management to help prepare financial statement, ‘Audit expert: A person/firm expert in field other than audit and accounting used by auditor to help in gaining evidence, 91|Page CamScanner Scanned with CamScannerF8: AUDIT AND ASSURANCE ‘SIR AHMED SHAFI If auditor relies on work of experts, he will need to consider some factors: ‘© Independence Objectivity © License + Reputation * Qualification ISA 620 requires auditor to agree in writing the following with auditor’s expert: 1. Nature, scope and objectives of work. 2. Roles and responsibilities of auditor and expert. 3, Nature, timing and extent of communication between auditor and expert including form of report. 4. Confidentiality requirements ‘Auditor must review and supervise work of expert as in the end he will be responsible for opinion not the expert. Audit report not to mention name of expert, if mentioned it should clearly stated that he is not responsible. 3) USING THE WORK OF INTERNAL AUDITOR: External auditor can rely on work of internal auditor, but he will consider some factors: + Qualification * Objectivity + Independence (relative) Competence ‘© Status in the organization ‘+ Reporting structure (to audit committee or Management) ‘© Scope of work (what work is done, powers etc.) Documentation done by him External auditor must determine: ‘© Whether work of internal auditor can be used and if so to what extent. ‘© Whether work is appropriate for purpose of audit. ‘© Direct, supervise and review the work. External auditor must communicate with those charged with governance on how he intends to use the work of internal auditor. He must also communicate with internal auditor to improve communication. Lastly, before finally using the work, external auditor must read reports of internal audit function to ‘obtain an understanding of their work, They should check whether: 1. Work was properly planned, performed, supervised, reviewed and documented. 2. Whether SAAE was obtained by internal auditor on work. 3. Whether conclusions reached are appropriate. 92|Page CamScanner Scanned with CamScannerF8: AUDIT AND ASSURANCE ‘SIR AHMED SHAFI 4, External auditor may also re-exar sorte procedures performed by him. items already examined by internal auditor, may observe Direct assistance by internal auditors: Refers to use of internal auditors to perform audit procedures under direction, supervision and review of external auditors. (In some cases is completely not allowed) When external auditors have used direct assistance from internal auditors, external auditors must document: > Threat to objectivity of internal auditor and level of competence of internal auditor. > Basis for decision regarding nature and extent of work performed by internal auditor. > Who reviewed the work performed and date and extent of that review? 4) ACCOUNTING ESTIMATE: Financial statement are not on accurate basis, many items are an estimate like ones involve estinrated life, estimated scrap value, provisions etc. * Anestimate is an approximation of monetary amount in the absence of actual information. ‘Management is responsible for setting of estimate as they will prepare financial statement. Auditor is concerned because estimate creates more chances of fraud. For example, may be ‘management bonus is dependent on profits, they will decrease provision estimate to increase profit and get bonus (may be). ‘+ It is often difficult for the auditor to obtain accurate evidence on reliability of estimate. It is also difficult for auditor to challenge management estimate as management will always say we have a better understanding of business, Auditor must check: Basis of estimate (source) Reasonableness of estimate (method, assumptions) Review outcomes of estimates made previously Applicable FRF vvvy Ifauditor disagrees with management on estimates, he can perform procedures as follows: Evaluate whether estimates are reasonable Obtain SAAE that disclosure are correct If estimation gives rise to risk, evaluate estimation uncertainty Review judgements and decisions of management to check bias Obtain written representations Estimation uncertainty: Chances of estimate getting wrong. 4%-5% will work. Management point estimate: What management thinks. Audit point estimate: What auditor thinks regarding estimate. 93 [Page CamScanner Scanned with CamScannerFB: AUDIT AND ASSURANCE SIR AHMED SHAFI AUDIT RISK AUDIT RISK EXAMPLES: 1, Increased revenue or capital expenditure, there is a risk that items are incorrectly treated as 10. 1. 12. 13. 14. 15. 16. 17. 18, 19. 20. 21. 22. 23. 24, capital or revenue in financial statement. Increased R and D cost, there is a risk that Items are not properly treated as per IAS 38. Increase in provisions and contingent liabilities, there isa risk due to internal nature of these items. Decline in business/industry/margins or increase in competition, there is a risk of going concern issues. Increased bank loans, there is a risk of going concern issues due to high gearing. Elimination of layer of management/ employees made redundant, risk that company may not have made provision as per IAS 37. Assets/inventory ordered or procured at year erd with no certainty that they will be at year end, there is a risk of over/ under statement of inventory/ assets. There are various locations for storage of inventory, there is a risk that 100% verification Is ‘not possible. ‘Some inventory warehouses are owned and some are rented, risk that rented warehouses are included in PPE. Introduction of new accountingy/ IT systems during the year, risk that new systems may not completely get data from old systems. Revaluation of assets during the year, risk of assets getting over/ under valued in financial system. Doubtful/dubious product being manufactured, risk of going concern issues due to any law. ‘Top management/personnel left the company close to balance sheet data, risk of errors due to increased work load. Default of major customers/customers struggling to pay, risk of receivable balance being overstated. Significant internal control weaknesses in sales/purchase systems, risk of over/under statement of sales and purchases. Out of court settlement done with any party, risk that provisions were overstated. If there is work in progress in the company, risk that it may be over/under stated. Excess/ surplus inventory and fixed assets, rik of theft or misappropriation. First year of audit/ new audit client, risk of not detecting issues. Short time period for audit completion, risk of errors not being detected due to pressures. Sales/profit/asset related bonus being offered, risk sales/profit/asset being overstated. Disposal of fixed asset, risk that they are not removed from assets thereby overstating asset. Inventory not being valued at lower of cost or NRV, risk of over/under statement of inventory. Not making any adjustments if inventory is damaged, risk that inventory would be overstated. 95|Page CamScanner Scanned with CamScannerCOMPONENTS OF AUDIT RISK Audit risk is made up of the following components: Inherent risk is the susceptibility of an assertion about a class of transaction, account balance or disclosure to a misstatement that could be material either individually or when aggregated with other misstatements, before consideration of any related controls. Factors which may increase inherent risk include: Changes in the nature of the industry the company operates in. A high degree of regulation over certain areas of the business. Going concern issues and loss of significant customers. Expanding into new territories, Events or transactions that involve significant accounting estimates. Developing new products or services, or moving into new lines of business. The application of new accounting standards, Accounting measurements that involve complex processes. Pending litigation and contingent liabilities. vyyvvvvvyY Control risk is the risk that a misstatement, that could occur in an assertion about a class of transaction, account balance or disclosure and that could be material, elther individually or when aggregated with other misstatements, will not be prevented, or detected and corrected on a timely basis by the entity's internal control. The following factors may increase control risk: Changes in key personnel such as the departure of key management A lack of personnel with appropriate accounting skills. Deficiencies in internal control ‘Changes in the IT environment Installation of significant new IT systems related to financial reporting vyvyyY Detention risk is the risk that the procedures performed by the auditor to reduce audit risk to an acceptability low level will not detect a misstatement that exists and that could be material, either individually or when aggregated with other misstatements. Detection risk Is affected by sampling and non-sampling risk. Factors which may result in an increase include: Poor planning Inappropriate assignment of personnel to the engagement team Failing to apply professional skepticism Inadequate supervision and review of the audit work performed Incorrect sample sizes Incorrect sampling techniques performed vyyvvy (Note: Only one example of a factor increasing the relevant risk was needed for each component.) CamScanner 96 |Page.F8: AUDIT AND ASSURANCE SIR AHMED SHAFI Donald Co Donald Co operates an airline business. The company’s yearend Is 31 July 2011. You are the auct senior and you have started planning the aut. Your manager has asked you tohaveameetingwith the client and to identify any relevant audit risks so that the audit plan can be completed. From your meeting you ascertain the following Inorderto expand their fight network, Donald Co wil need to aaquire more airplanes; they have placed ordersfor another six planes at an estimated total cost of $20m and the company is not sure whether these planes will be received by the year end. In addition the company has spent an estimated $15m on refurbishing their existing planes. In order to fund the expansion Donald Co has applied for a loan of $25m. It has yet to hear from the bankastowhether it willend them the money. ‘The company receives bookings from travel agents as well as directly via their website. The travel agents are given a90-day credit period to pay Donald Co, however, due to difficult trading conditions a number of the recehables are struggling to pay. The website was launched 2010 and has consistently encountered dificuies wth customer ‘complaints that tickets have been booked and paid for online but Donald Co has no record of them and thence has sold the seat to another customer, Donald Co used to sell tickets via a large call center located near to their head office. However, in May they closed it down anc made the large workforce redundant, Required: Using the Information provided, describe FIVE audit risks and explain the auditor's response to each risk In planning the audit of Donald Co. (10 marks) Abrahams Co ‘Abrahams Co develops, manufactures and sells a range of pharmaceuticals and has a wide custorrer base across Europe and Asia, You are the audit manager of Nate & Co and you are planning the audit of ‘Abrahams Co whose financial year end is 31 January. You attended a planning meeting with the finance director and engagement partner and are now reviewing the meeting notes in order to produce the audit strategy and plan. Revenue for the year is forecast at $25 milion, During the year the company has spent $2:2 million on developing several new products. Some of these are in the early stages of development whilst others are nearing completion, The finance director has confirmed that all projects are likely to be successful and so he is intending to capitalize the full $2-2 million, Once products have completed the development stage, Abrahams begins manufacturing them. At the yearend It is anticipated that there will be significant levels of work in progress. In addition the company uses a standard costing method to value inventory; the standard costs are set when a product is first ‘manufactured and are not usually updated. In order to fulfill customer orders promptly, Abrahams Co hhas warehouses for finished goods located across Europe and Asia; approximately one third of these are third party warehouses where Abrahams just rents space. Cam®¢armnerF8: AUDIT AND ASSURANCE SIR AHMED SHAFI In September a new accounting package was introduced. This is a bespoke system developed by the information technology (IT) manager. The old and new packages were not run in parallel as it was felt that this would be too onerous for the accounting team. Two months after the system changeover the IT manager left the company; a new manager has been recrulted but is not due to start work until January. In order to fund the development of new products, Abrahams has restructured its finance and raised $1 million through issuing shares at a premium and $2-5 milion through a long-term loan. There are bank covenants attached to the loan, the main one relating to a minimum level of total assets. If these covenants are breached then the loan becomes immediately repayable. The company has a policy of revaluing land and buildings, and the finance director has announced that all land and buildings will be revalued as at the year end. The reporting timetable for audit completion of Abrahams Co is quite short, and the finance director ‘would like to report results even earlier this year. Required: (b) Using the Information provided, Identify and describe FIVE audit risks and explain the auditor's response to each risk in planning the audit of Abrahams Co. (10 marks) (c) Describe substantive procedures you should perform to obtain sufficient appropriate evidence in relation to: (I) Inventory held at the third party warehouses; and (Ii) Use of standard costs for Inventory valuation. (4 marks) (20 marks) CamScanner 98| Page8: AUDIT AND ASSURANCE SIR AHMED SHAFI Sunflower Stores Co Sunflower Stores Co (Sunflower) operates 25 food supermarkets. The company’s yearend is 31, December 2012. The audit manager and partner recently attended a planning meeting with the finance director and have provided you with the planning notes below. You are the audit senior, and this is your first year on this audit. In order to familiarise yourself with Sunflower, the audit manager has asked you to undertake some research in order to gain an understanding of Sunflower, so that you are able to assist In the planning process. He has then asked that you identify relevant audit risks from the notes below and also consider how the team should respond to these risks. Sunflower has spent $16 million in refurbishing all of its supermarkets; as part of this refurbishment programme thelr central warehouse has been extended and a smaller warehouse, which was only occasionally used, has been disposed of at a profit. In order to finance this refurbishment, a sum of $1°5 milion was borrowed from the bank. This Is due to be repaid over five years. The company will be performing a year-end inventory count at the central warehouse as well as at all 25, supermarkets on 31 December. Inventory is valued at selling price less an average profit margin as the finance director believes that this is a close approximation to cost. Prior to 2012, each of the supermarkets maintained thelr own financial records and submitted returns monthly to head office. During 2012 all accounting records have been centralized within head office. ‘Therefore at the beginning of the year, each supermarket’ opening balances were transferred into head office's accounting records. The increased workload at head office has led to some changes in the finance department and in November 2012 the financial controller left. His replacement will start in late December. Required: (a) List FIVE sources of information that would be of use in gaining an understanding of Sunflower Stores Co, and for each source describe what you would expect to obtain. (5 marks) (b) Using the Information provided, describe FIVE audit risks and explain the auditor's response to each risk in planning the audit of Sunflower Stores Co. (10 marks) (c) The finance director of Sunflower Stores Co is considering establishing an internal audit department. Required: Describe the factors the finance director should consider before establishing an Internal audit department.8: AUDIT AND ASSURANCE ‘SIR AHMED SHAFI Minty Cola Co Minty Cola Co (Minty) manufactures fizzy drinks such as cola and lemonade as well as other soft drinks and Its year end is 31 December 2013, You are the audit manager of Parsley & Co and are currently planning the audit of Minty. You attended the planning meeting with the engagement partner and finance director last week and recorded the minutes from the meeting shown below. You are reviewing these as part of the process of preparing the audit strategy. Minutes of planning meeting for Minty Minty’s trading results have been strong this year and the company is forecasting revenue of $85 million, which Is an increase from the previous year. The company has invested significantly in the cola and fizzy drinks production process at the factory. This resulted in expenditure of $5 million on updating, repairing and replacing a significant amount of the machinery used in the production process. As the level of production has increased, the company has expanded the number of warehouses it uses to store inventory. It now utilises 15 warehouses; some are owned by Minty and some are rented from third parties. There will be inventory counts taking place at all 15 of these sites at the year end. ‘Anew accounting general ledger has been introduced at the beginning of the year, with the old and new systems being run in parallel for a period of two months. Asa result of the increase in revenue, Minty has recently recruited a new credit controller to chase outstanding receivables. The finance director thinks it is not necessary to continue to maintain an allowance for receivables and so has released the opening allowance of $1-5 million. In addition, Minty has incurred expenditure of $4-5 million on developing a new brand of fizzy soft drinks, The company started this process in January 2013 and Is close to launching thelr new product Into the market place. ‘The finance director stated that there was a problem in November in the mixing of raw materials within the production process which resulted in a large batch of cola products tasting different. A number of these products were sold; however, due to complaints by customers about the flavour, no further sales of these goods have been made. No adjustment has been made to the valuation of the damaged inventory, which will still be held at cost of $1 million at the year end. {As in previous years, the management of Minty is due to be paid a significant annual bonus based on the value of year-end total assets. Required: (a) Explain audit risk and the components of audit risk. (5 marks) {b) Using the minutes provided, Identify and describe SIX audit risks, and explain the auditor's response to each risk, In planning the audit of Minty Cola Co, (12 marks) CamScanner 100|PageFB; AUDIT AND ASSURANCE SIR AHMED SHAFI ‘other than audit risks, that should be included within the audit strategy () identify the main areas, ample relevant to the audit. (4 marks) document for Minty Cola Co; and for each area provide an ex: (a) Describe substantive procedures the audit team should perform to obtain sufficient and appropriate audit evidence In relation to the following three matter (i) The treatment of the $5 million expenditure incurred on Improving the factory production process; (i) The release of the $1-5 million allowance for receivables; and (il) The damaged inventory. Note: The total marks will be split equally between each part. (9 marks) (30 marks) White & Co {a) In agreeing the terms of an audit engagement, the auditor is required to agree the basis on which the audit is tobe carried out. This involves establishing whether the preconditions for an audit are present and confirming that there is a common understanding between the auditor and management of the terms of the engagement. Required: Describe the process the auditor should undertake to assess whether the PRECONDITIONS for an audit are present. (3 marks) {b) List FOUR examples of matters the auditor may consider when obtaining an understanding of the entity. (2 marks) {c) You are the audit senior of White & Co and are planning the audit of Redsmith Co for the year ended 30 September 2010. The company produces printers and has been a client of your firm for two years; your audit manager has already had a planning meeting with the finance director. He has provided you with the following notes of his meeting and financial statement extracts. Redsmith’s management was disappointed with the 2009 results and so in 2010 undertook a number of strategies to improve the trading results. This included the introduction of a generous sales-related bonus scheme for their salesmen and a high profile advertising campalgn. In addition, as market conditions are difficult for their customers, they have extended the credit period given to them. The finance director of Redsmith has reviewed the inventory valuation policy and has included additional overheads incurred this year as he considers them to be production related. He is happy with the 2010 results and feels that they are a good reflection of the improved trading levels. CamScanner 101| PageF8: AUDIT AND ASSURANCE ‘SIR AHMED SHAFI Financial statement extracts for year ended 30 September DRAFT ACTUAL. 2010 2009 $m $m Revenue 230 18-0 Cost of sales (11-0) (10-0) Gross profit 120 80 Operating expenses (75) (40) Profit before interest and taxation 4s 40 Inventory 24 16 Recelvables 45 30 Cash - 23 Trade payables 16 12 Overdraft 09 - Required: Using the Information above: (i) Calculate FIVE ratios, for BOTH years, which would assist the audit senior in planning the audit; and (5 marks) (li) From a review of the above information and the ratios calculated, explain the audit risks that arise and describe the appropriate response to these risks. (10 marks) (20 marks) Rhino & Co You are the audit senior of Rhino & Co and you are planning the audit of Kangaroo Construction Co (Kangaroo) for the year ended 31 March 2013. Kangaroo specialises in building houses and provides a five-year bullding warranty to its customers, Your audit manager has held a planning meeting with the finance director, He has provided you with the following notes of his meeting and financial statement extracts: Kangaroo has had a difficult year; house prices have fallen and, as a result, revenue has dropped. In order to address this, management has offered significantly extended credit terms to thelr customers. However, demand has fallen such that there are still some completed houses in inventory where the selling price may be below cost. During the year, whilst calculating depreciation, the directors extended the useful lives of plant and machinery from three years to five years. This reduced the annual depreciation charge. The directors need to meet a target profit before interest and taxation of $05 million in order to be pald their annual bonus. In addition, to try and Improve profits, Kangaroo changed their main material supplier to a cheaper alternative. This has resulted in some customers claiming on their building warranties for extensive repairs. To help with operating cash flow, the directors borrowed $1 million from the bank during the year. This is due for repayment at the end of 2013. CamScannerFB: AUDIT AND ASSURANCE Financial statement extracts for year ended 31 March Revenue Cost of sales Gross profit Operating expenses Profit before interest and taxation Inventory Recelvables Cash Trade payables loan Required: Using the Information above: DRAFT 2013 $m 125 (7-0) ss (5-0) Os 19 34 08 16 10 ACTUAL 2012 $m 150 (8-0) 70 (5-1) 19 14 20 19 12 SIR AHMED SHAFI ()) Calculate FIVE ratios, for BOTH years, which would assist the audit senlor In planning the audit (5 marks) (Il) Using the Information provided and the ratios calculated, Identify and describe FIVE audit risks and explain the auditor's response to each risk in planning the audit of Kangaroo Construction Co. CamfeannerF8: AUDIT AND ASSURANCE SIR AHMED SHAFI Maple & Co You are the audit supervisor of Maple & Co and are currently planning the audit of an existing client, Sycamore Science Co (Sycamore), whose yearend was 30 April 2015. Sycamore is a pharmaceutical company, which manufactures and supplies a wide range of medical supplies. The draft financial statements show revenue of $35:6 million and profit before tax of $5:9 million. Sycamore’s previous finance director left the company in December 2014 after it was discovered that he had been claiming fraudulent expenses from the company for a significant period of time. A new finance director was appointed in January 2015 who was previously a financial controller of a bank, and she has expressed surprise that Maple & Co had not uncovered the fraud during last year’s audit. During the year Sycamore has spent $1-8 million on developing several new products. These projects are at different stages of development and the draft financial statements show the full amount of $18 million within intangible assets. In order to fund this development, $2:0 million was borrowed from the bank and Is due for repayment over a ten-year period. The bank has attached minimum profit targets as, part of the loan covenants. ‘The new finance director has informed the audit partner that since the year end there has been an increased number of sales returns and that in the month of May over $0'5 million of goods sold in April were returned. Maple & Co attended the year-end inventory count at Sycamore’s warehouse. The auditor present raised concerns that during the count there were movements of goods in and out the warehouse and this process did not seem well controlled. During the year, a review of plant and equipment in the factory was undertaken and surplus plant was sold, resulting in a profit on disposal of $210,000. Required: (a) State Maples & Co's responsibilities in relation to the prevention and detection of fraud and error. (4 marks) (b) Describe Six audit risks, and explain the auditor's response to each risk, In planning the audit of Sycamore Science Co, (12 marks) (c) Sycamore’s new finance director has read about review engagements and Is interested in the possibility of Maple & Co undertaking these in the future. However, she is unsure how these engagements differ from an external audit and how much assurance would be gained from this type of engagement. Required: (I) Explain the purpose of review engagements and how these differ from external audits; and (2 marks) (i) Describe the level of assurance provided by external audits and review engagements. (2 marks) (20 marks) CamScanner 104|PageFB: AUDIT AND ASSURANCE SIR AHMED SHAFI Amethyst & Co You are an audit supervisor of Amethyst & Co and are currently planning the audit of your client, ‘Aquamarine Co (Aquamarine) which manufactures elevators. Its year end is 31 July 2016 and the forecast profit before tax is $15:2 million. The company undertakes continuous production in its factory, therefore at the yearend itis anticipated that work in progress will be approximately $950,000. In order to improve the manufacturing process, ‘Aquamarine placed an order in April for $720,000 of new plant and machinery; one third of this order ‘was received in May with the remainder expected to be delivered by the supplier in late July or early ‘August. At the beginning of the year, Aquamarine purchased a patent for $1-3 million which gives them the exclusive right to manufacture specialized elevator equiprrent for five years. In order to finance this, purchase, Aquamarine borrowed $1-2 million from the bank which is repayable over five years. In January 2016 Aquamarine outsourced its payroll processing to an external service organisation, Coral Payrolls Co (Coral). Coral handles all elements of the payroll cycle and sends monthly reports to Aquamarine detailing the payroll costs. Aquamarine ran its own payroll until 31 December 2015, at which point the records were transferred over to Coral. The company has a policy of revaluing land and buildings and the finance director has announced that all land and buildings will be revalued at the year end. During a review of the management accounts for the month of May 2016, you have noticed that receivables have increased significantly on the previous year end and against May 2015. The finance director has informed you that the company is planning to make approximately 65 employees redundant after the year end. No decision has been made as to when this will be announced, but itis likely to be prior to the year end. Required: {b) Deseribe SIX audit risks, and explain the auditor's response to each risk, In planning the audit of Aquamarine Co. (12 marks) (c) Explain the additional factors Amethyst & Co should consider during the audit In relation to Aquamarine Co.'s use of the payroll service organisation. (3 marks) CamScanner 105 |Page