SUGGESTED SOLUTIONS

CL1 – Advanced Audit and Assurance

July 2022
 SECTION 1
Question 01

1.1

Learning outcome/s: 3.1.1

Study text reference: Volume I, Chapter 10 (Page 317)
Correct answer: A

1.2

Learning outcome/s: 4.1.2

Study text reference: Volume II, Chapter 15 (Page 435)
Correct answer: B

1.3

Learning outcome/s: 7.5.2

Study text reference: Volume II, Chapter 19 (Page 595)
Correct answer: C

1.4

Learning outcome/s: 7.5.3

Study text reference: Volume II, Chapter 19 (Page 592)
Correct answer: A

1.5

Learning outcome/s: 3.2.1

Study text reference: Volume I, Chapter 10 (Page 318)
Correct answer: B

1.6

Learning outcome/s: 4.2.1

Study text reference: Volume I, Chapter 19 (Pages 437 – 439)
Correct answer: D

CL1 Suggested Solutions July - 2022 Page 2 of 16

1.7

Learning outcome/s: 7.4.1

Study text reference: Volume II, Chapter 19 (Pages 583 and 584)
Correct answer: B

1.8

Learning outcome/s: 2.7.1

Study text reference: Volume I, Chapter 6 (Pages 196 – 198)
Correct answer: D

1.9

Learning outcome/s: 7.5.1

Study text reference: Volume II, Chapter 19 (Page 592)
Correct answer: D

1.10

Learning outcome/s: 7.1.1

Study text reference: Volume II, Chapter 18 (Page 568)
Correct answer: D

(Total: 20 marks)

CL1 Suggested Solutions July - 2022 Page 3 of 16

 SECTION 2
Question 02

(a)

Learning outcome/s: 1.3.1

Study text reference: Volume I, Chapter 1 (Page 54)

The company is using an integrated system to process transactions and the audit team
intends to rely on the controls, including automated and IT dependent controls. General
IT controls that relate to some or all applications are usually interdependent controls
(i.e. their operation is often essential to the effectiveness of application controls). For
instance, if the access controls are not properly defined, there is a doubt on the integrity
of data on the system.

Application controls may not be reliable when general IT controls are ineffective.
Therefore, it will be more efficient for the audit team to review the design of general IT
controls first, before reviewing the application controls which indicates the
pervasiveness of the general IT controls on the processing of transactions in an
application system.
(4 marks)

(b)
Learning outcome/s: 1.3.1
Study text reference: Volume I, Chapter 1 (Pages 54 and 56)

(i) Authorisation
- Manually check whether the transactions were authorised by the officers per
the control matrix.
- Check with the assistance of the IT auditor whether the system was
configured in such a way that without appropriate authorisations the system
prevents the processing of transactions.
- Check whether users could bypass the authorisation process or direct it to
someone else other than the authorised person(s).
- Check any exception reports for authorising the transactions.

(ii) Reliability of the data picked from the master data

- Test whether the standard data could be changed by the user when initiating
the transactions (e.g. change the selling price without appropriate
authorisation).
- Check whether the master data could be changed/deleted by anyone without
authorisation.
- Check whether any exception report highlights any changes made including
unauthorised changes to the standing data.
(6 marks)

(Total: 10 marks)

CL1 Suggested Solutions July - 2022 Page 4 of 16

Question 03

(a)

Learning outcome/s: 4.4.1

Study text reference: Volume II, Chapter 15 (Page 446)

Controls that should be in place at WPL to mitigate the risks arising from the
cyberattack.

• Installation of antivirus and malware protection software in the computers and

servers used by WPL.
• Installation of a firewall to manage inward and outward communications
between WPL’s systems and third-party systems.
• Raising awareness of staff to be wary of unusual or unsolicited emails by
conducting formal training as well as sending regular communications, and
obtaining annual confirmation from staff for their compliance.
• Regular upgrading of operating systems to ensure that all security updates are
installed in servers and user machines.
• Regular updating of software to ensure that applications are up-to-date with the
latest versions.
• Regular back-ups of data to revert to the unencrypted version.

(5 marks)

(b)

Learning outcome/s: 7.2.1

Study text reference: Volume II, Chapter 18 (Pages 553 and 554)

Action plan with corrective actions

Element of the system of Action plan

quality control
Firm and leadership • Develop an internal culture of quality with
responsibilities for quality within regular messaging and leading by example.
the firm. • Have a succession plan for new partner
admissions with the growth of the firm.
• Develop business strategies with appropriate
focus given to quality, and implement them
effectively.
• Provide appropriate training on SLQC 1 so that
sufficient understanding is provided on its
requirements.
• Appoint an individual/group to oversee quality
in the operations of the firm.

CL1 Suggested Solutions July - 2022 Page 5 of 16

Human resources • Have a robust staff development plan so the
staff is motivated to stay with the firm longer
than they intend to.
• Have a robust recruitment plan.
• Revisit the compensation structure and other
welfare aspects.
• Perform staff evaluations and promote staff
per the results of the evaluation.
• Assign the engagement staff on a systematic
basis and monitor the process.

(5 marks)

(Total: 10 marks)

CL1 Suggested Solutions July - 2022 Page 6 of 16

Question 04

Learning outcome/s: 6.2.1

Study text reference: Volume II, Chapter 17 (Pages 517, 518, 519 and 540)

(a) This is an attestation engagement. In the scenario, KL Associates is engaged to

provide an assurance report to determine whether the integrated report (subject
matter) is prepared in accordance with the International Integrated Reporting
Council’s (IIRC’s) International Framework. The company prepares the integrated
report itself measuring the integrated report in line with the criteria (i.e. IIRC’s
International Framework), and the professional accountant (KL Associates)
provides an assurance report which is appended to the integrated report.

(4 marks)
(b) Limited assurance engagement
This service involves the performance of limited procedures of an assurance
nature from which only the conclusion is expressed by KL Associates.

(2 marks)
(c)

1. Conduct interviews with executives, senior management and relevant staff to

understand the internal controls, governance structure and reporting process
relevant to the report.
2. Review the relevant internal policies and procedures developed by the
company, including those relevant to determining what matters most to the
company’s stakeholders, how the company creates value, the company’s
external environment, strategy, approaches to putting members first,
governance and reporting.
3. Review the description of the company’s strategy and how the company
creates value in the report, and enquire from management whether the
description accurately reflects their understanding.
4. Assess the suitability and application of the content elements of the
Framework in the report.
5. Assess the alignment between the company’s strategy, the disclosures on
how the company creates value and what matters most to the company’s
stakeholders.
6. Review board minutes to ensure consistency with the contents of the report.
7. Review the report in its entirety to ensure it is consistent with the overall
knowledge obtained during the assurance engagement.
8. Obtain a letter of representation from the management on the contents of the
company’s integrated report.

(4 marks)

(Total: 10 marks)

CL1 Suggested Solutions July - 2022 Page 7 of 16

Question 05

Learning outcome/s: 2.2.1

Study text reference: Volume I, Chapter 5 (Pages 166 – 169)

(a) Importance of audit planning

The audit plan converts the audit strategy into a more detailed plan and includes
the nature, timing and extent of audit procedures to be performed by the
engagement team members in order to obtain sufficient appropriate audit
evidence to reduce audit risk to an acceptably low level.

An audit strategy provides the following planning benefits for the audit of financial
statements.
- Helps the auditor to devote appropriate attention to important areas of the
audit.
- Helps the auditor identify and resolve potential problems on a timely basis.
- Helps the auditor properly organise and manage the audit engagement so
that it is performed in an effective and efficient manner.
- Assists in the selection of engagement team members with appropriate levels
of capabilities and competence to respond to anticipated risks, and then
assign work to them properly.
- Facilitates the direction and supervision of engagement team members and
the review of their work.
(4 marks)

(b) The overall audit strategy sets the scope, timing and direction of the audit, and
guides the development of the more detailed audit plan. It helps to look at the
audit engagement with a broader perspective compared to an audit plan. The
preparation of an audit plan depends on the audit strategy. An audit strategy
involves defining various factors that are critical to an audit. It helps auditors
identify and set the audit objective. Similarly, it deals with the resources and
timing of the overall audit engagement.

Main matters to be included in the audit strategy document

(i) Characteristics of the engagement

T he audit strategy should consider the main characteristics of the engagement

that define its scope.

For CLP, the following are examples of things which should be included.
• Whether the financial information to be audited has been prepared in
accordance with the relevant financial reporting framework.
• Whether computer-assisted audit techniques will be used and the effect of IT
on audit procedures.
• Availability of key finance personnel at CLP.

CL1 Suggested Solutions July - 2022 Page 8 of 16

 (ii) Reporting objectives, timing of the audit and nature of communications

The strategy should ascertain the reporting objectives of the engagement to plan
the timing of the audit and the nature of the communications required. For CLP
this includes things such as:
• The audit timetable for reporting.
• Discussions with those charged with governance and the management
regarding the audit.
• The timings of the audit team meetings and review of work performed.

(iii) Important factors that will determine the focus of the engagement team’s
efforts

The strategy should consider the factors which, in the auditor’s professional
judgement, are significant in directing CLP’s audit team’s efforts. For CLP, the
following are examples of things which should be included.

• Determination of materiality for the audit.

• Preliminary identification of areas where there may be higher risks of
material misstatement.
• Preliminary identification of material components and account balances.
• Evaluation of whether the auditor may plan to obtain evidence regarding
the effectiveness of internal controls.
• Identification of recent significant entity-specific, industry, financial
reporting or other relevant developments.
• Results of the previous audit.
• The need to maintain professional scepticism when gathering and
evaluating audit evidence.

(6 marks)

(Total: 10 marks)

CL1 Suggested Solutions July - 2022 Page 9 of 16

 SECTION 3

Question 06

(a)

Learning outcome/s: 3.3.1

Study text reference: Volume I, Chapter 13 (Page 382)

The following shortcomings were observed in the approach adopted by the audit team.

By ignoring debtors less than Rs. 50,000, government institutions and related parties
for the purpose of sampling, the following important principles have not been complied
with.
• The fact that the auditor should consider the risk of material misstatement on the
entire population.
• The fact that the auditor should attempt to ensure that all the items in the
population have a chance of selection.

In stratification, audit efforts are directed towards larger value items. However, the
audit team has not explained (there is no basis) why only 10 debtors out of the 30
largest debtors were selected in the audit documentation.
(4 marks)

(b)

Learning outcome/s: 3.4.1

Study text reference: Volume I, Chapter 13 (Pages 384 and 385)

Alternative means of sampling material balances are as follows.

a. Stratified monetary unit sampling

This involves dividing the sample into discrete subpopulations (stratum) that have
identifying characteristics. In this case, the population may be stratified by
monetary value.

The sample may be made from each strata allowing effort to be directed to the
larger value items.

(In this question the examiner asked for alternative means of selecting the sample in
which the material balances have a greater probability of selection. Therefore, this
can be considered as a correct answer).

b. Value weighted selection (monetary unit sampling)

When performing test of details, it may be efficient to identify sampling as the

individual monetary units that make up the population. In this method, each
monetary unit in a population has an equal chance of being selected for testing.

CL1 Suggested Solutions July - 2022 Page 10 of 16

 Audit effort is directed to the larger value items because they have a greater
chance of selection and can result in smaller sample size.

(3 marks)

(c)

Learning outcome/s: 3.7.1

Study text reference: Volume I, Chapter 14 (Page 411)

Acquisition of Buttons & Flood damage

Thread (Pvt) Limited (B&T)

(i) Whether FS According to LKAS 10 Events According to LKAS 10 this

require After the Reporting Period, the event occurred after the
amendment acquisition of a subsidiary reporting period and it is not
after the year-end is a non- an event that provides
adjusting event, as it is evidence of a condition that
unrelated to a condition existed at the year-end. Hence
existing at the year-end. If non- this is a non-adjusting event.
adjusting events after the However, the value of the total
reporting date are material, damage to the inventory is
non-disclosure could influence material and therefore non-
the economic decisions of disclosure could influence the
users taken on the basis of the economic decisions of users
financial statements. taken on the basis of the
financial statements.
As a disclosure has not been
provided, and this represents a The financial statements
significant acquisition, there is should be amended
non-compliance with the incorporating the said
requirements of LKAS 10. The disclosure.
financial statements should be
amended incorporating the
said disclosure.

(ii) Audit • Review a copy of the legal • Obtain a breakdown of the

procedures agreement pertaining to inventory stored at the
the acquisition, including warehouse on 18 April
the date that control 2022 and compare it to
passed to ML. earlier records or dispatch
documents to ascertain the
• Review the due diligence likely level of inventory at
report received pertaining the time of the flood.
to the acquisition, detailing
the value of assets • Review correspondence
purchased, and the from the insurance
consideration paid. company confirming the
amount of the claim.

CL1 Suggested Solutions July - 2022 Page 11 of 16

 • Review the financial
statements of B&T, to
determine whether it
represents a significant
acquisition for the group,
therefore warranting a
disclosure in the financial
statements of ML.

• Review the minutes of

board meetings and
executive committee
meetings.

(7 marks)

(d)

Learning outcome/s: 3.3.1

Study text reference: Volume I, Chapter 13 (Pages 389 and 390)

Audit procedures to confirm opening balances

• Review the predecessor auditor’s working papers.

• Review the most recent financial statements and the prior year auditor’s report
for information relevant to opening balances, including disclosures.
• Agree the opening balances to the prior year’s financial statement closing balances
to confirm whether they have been correctly brought forward to the current year.
• Determine whether the opening balances reflect the application of appropriate
accounting policies.
• Consider whether procedures performed in the current period provide evidence
over the opening balances (e.g. verifying collections from opening debtors,
verifying closing inventory and performing rollback procedures).

(2 marks)

(e)

Learning outcome/s: 2.3.1

Study text reference: Volume I, Chapter 4 (Pages 123 – 129)

According to SLAuS 240 The Auditor’s Responsibilities Relating to Fraud in an Audit of

Financial Statements, both the management and those charged with governance are
primarily responsible for preventing and detecting fraud. An auditor conducting an
audit in accordance with SLAuSs is responsible for obtaining reasonable assurance that
the financial statements taken as a whole are free from material misstatement, whether
caused by fraud or error. Therefore, it is not the auditor’s primary responsibility to
detect fraud.

CL1 Suggested Solutions July - 2022 Page 12 of 16

The material misstatements arising due to fraud can be difficult for the auditor to
detect. This is because fraud is deliberately hidden by the perpetrators using
sophisticated accounting techniques established to conceal the fraudulent activity. This
means that material frauds could go undetected, even if appropriate procedures have
been carried out.
(4 marks)

(Total: 20 marks)

CL1 Suggested Solutions July - 2022 Page 13 of 16

Question 07

(a)

Learning outcome/s: 5.1.1

Study text reference: Volume II, Chapter 16 (Pages 473 – 476)

The new investment made by Green Investment PLC (GIP) is material to the
consolidated financial statements of GIP. This means it is a material component of GIP
and therefore the auditor of GIP is required to verify the amounts recognised in the
consolidated financial statements for the year ended 31 March 2022.

This could be done by obtaining evidence of the work performed by the associate
auditor or independently verifying the financial information of the associate company.
Since access to these sources are a limitation to the scope of the auditor’s work that has
been imposed as the group auditor of the GIP.

It is clear that possible effects of the inability to obtain sufficient appropriate audit
evidence is material. However, if not pervasive to the financial statements, the auditor
can describe the limitation to the scope and qualify the audit opinion in this regard. If
the auditor concludes that this matter is pervasive to the financial statements, the
auditor shall disclaim its opinion on the consolidated financial statements of GIP.

(5 marks)

(b)

Learning outcome/s: 8.6.1

Study text reference: Volume II, Chapter 20 (Pages 651 and 652)

• The overall way that the organisation is managed and controlled by the
governance body may not be clearly defined and visible. Therefore, unable to
identify potential issues relating governance and culture of an organisation.
• Certain processes and policies are not formally documented and more effort to
be put in understanding and evaluating the governance and culture of an
organisation and this will be judgmental as ths governance and culture may be
different from on organisation to another and it depends on other factors too.
• The internal auditors need more experience and competency on this areas given
the subjective nature of the audit. However, the internal auditors may lack
experience and competency in this are as more focus had been on traditional
internal audits.

(5 marks)

CL1 Suggested Solutions July - 2022 Page 14 of 16

(c)

Learning outcome/s: 5.2.2

Study text reference: Volume I, Chapter 13 (Pages 464 – 469)

Area Conclusion
1. Revenue recognition This is not an area with significant risk (only some risk
exists). The cut-off issue prevails due to the time gap
between invoicing and delivery. However, the management
has taken appropriate steps, and this is not a judgmental
area. Hence, it is not required to report this as a KAM.
2. Impairment of This is a significant risk and judgmental area. The auditor
goodwill on the needs to focus on this area and report this as a KAM.
acquisition of
subsidiary
3. Debtors’ impairment This involves some level of judgment but given the use of a
simplified approach model it is not considered to be a
complex area. Therefore, at the outset this is not
considered to be a KAM.

On the other hand, a material misstatement is noted and

even if the engagement team opts to consider this as a
KAM, it cannot be done as it has to be reported under the
‘basis for qualified opinion’ section separately.
4. Going concern Per the given facts this will result in having an Emphasis of
Matter (EoM) paragraph in the auditor’s report.

There is potentially some degree of overlap between

matters which could be disclosed as KAMs or in an EoM
paragraph. Where SLAuS 701 applies, SLAuS 706 states
that the use of an EoM paragraph is not a substitute for a
description of individual KAMs. In other words, if the
matter meets the definition of a KAM it should be disclosed
as such.

Where a KAM is also judged to be fundamental to the users’

understanding of the financial statements, the auditor may
wish to highlight its relative importance. This could be
done, for example, by presenting the matter as the first
matter in the KAM section. If a matter is not determined to
be a KAM but is fundamental to the users’ understanding of
the financial statements and the auditor wishes to draw
attention to the matter, it should be disclosed in the EoM
paragraph.

(10 marks)

(Total: 20 marks)

CL1 Suggested Solutions July - 2022 Page 15 of 16

 Notice of Disclaimer

The answers given are entirely by the Institute of Chartered Accountants of Sri Lanka
(CA Sri Lanka) and you accept the answers on an "as is" basis.
They are not intended as “Model answers’, but rather as suggested solutions.
The answers have two fundamental purposes, namely:

1. to provide a detailed example of a suggested solution to an examination question; and

2. to assist students with their research into the subject and to further their understanding
and appreciation of the subject.
The Institute of Chartered Accountants of Sri Lanka (CA Sri Lanka) makes no warranties
with respect to the suggested solutions and as such there should be no reason for you to
bring any grievance against the Institute of Chartered Accountants of Sri Lanka (CA Sri
Lanka). However, if you do bring any action, claim, suit, threat or demand against the
Institute of Chartered Accountants of Sri Lanka (CA Sri Lanka), and you do not
substantially prevail, you shall pay the Institute of Chartered Accountants of Sri Lanka's
(CA Sri Lanka’s) entire legal fees and costs attached to such action. In the same token, if
the Institute of Chartered Accountants of Sri Lanka (CA Sri Lanka) is forced to take legal
action to enforce this right or any of its rights described herein or under the laws of Sri
Lanka, you will pay the Institute of Chartered Accountants of Sri Lanka (CA Sri Lanka)
legal fees and costs.

© 2013 by the Institute of Chartered Accountants of Sri Lanka (CA Sri Lanka).
All rights reserved. No part of this document may be reproduced or transmitted in any
form or by any means, electronic, mechanical, photocopying, recording, or otherwise,
without prior written permission of the Institute of Chartered Accountants of Sri Lanka
(CA Sri Lanka).

CL1 Suggested Solutions July - 2022 Page 16 of 16

CL1- Suggested Solutions July 2022