Professional Documents
Culture Documents
CL1-Advanced Audit & Assurance
CL1-Advanced Audit & Assurance
July 2022
SECTION 1
Question 01
1.1
1.2
1.3
1.4
1.5
1.6
1.8
1.9
1.10
(Total: 20 marks)
(a)
The company is using an integrated system to process transactions and the audit team
intends to rely on the controls, including automated and IT dependent controls. General
IT controls that relate to some or all applications are usually interdependent controls
(i.e. their operation is often essential to the effectiveness of application controls). For
instance, if the access controls are not properly defined, there is a doubt on the integrity
of data on the system.
Application controls may not be reliable when general IT controls are ineffective.
Therefore, it will be more efficient for the audit team to review the design of general IT
controls first, before reviewing the application controls which indicates the
pervasiveness of the general IT controls on the processing of transactions in an
application system.
(4 marks)
(b)
Learning outcome/s: 1.3.1
Study text reference: Volume I, Chapter 1 (Pages 54 and 56)
(i) Authorisation
- Manually check whether the transactions were authorised by the officers per
the control matrix.
- Check with the assistance of the IT auditor whether the system was
configured in such a way that without appropriate authorisations the system
prevents the processing of transactions.
- Check whether users could bypass the authorisation process or direct it to
someone else other than the authorised person(s).
- Check any exception reports for authorising the transactions.
(Total: 10 marks)
(a)
Controls that should be in place at WPL to mitigate the risks arising from the
cyberattack.
(5 marks)
(b)
(5 marks)
(Total: 10 marks)
(4 marks)
(b) Limited assurance engagement
This service involves the performance of limited procedures of an assurance
nature from which only the conclusion is expressed by KL Associates.
(2 marks)
(c)
(4 marks)
(Total: 10 marks)
The audit plan converts the audit strategy into a more detailed plan and includes
the nature, timing and extent of audit procedures to be performed by the
engagement team members in order to obtain sufficient appropriate audit
evidence to reduce audit risk to an acceptably low level.
An audit strategy provides the following planning benefits for the audit of financial
statements.
- Helps the auditor to devote appropriate attention to important areas of the
audit.
- Helps the auditor identify and resolve potential problems on a timely basis.
- Helps the auditor properly organise and manage the audit engagement so
that it is performed in an effective and efficient manner.
- Assists in the selection of engagement team members with appropriate levels
of capabilities and competence to respond to anticipated risks, and then
assign work to them properly.
- Facilitates the direction and supervision of engagement team members and
the review of their work.
(4 marks)
(b) The overall audit strategy sets the scope, timing and direction of the audit, and
guides the development of the more detailed audit plan. It helps to look at the
audit engagement with a broader perspective compared to an audit plan. The
preparation of an audit plan depends on the audit strategy. An audit strategy
involves defining various factors that are critical to an audit. It helps auditors
identify and set the audit objective. Similarly, it deals with the resources and
timing of the overall audit engagement.
For CLP, the following are examples of things which should be included.
• Whether the financial information to be audited has been prepared in
accordance with the relevant financial reporting framework.
• Whether computer-assisted audit techniques will be used and the effect of IT
on audit procedures.
• Availability of key finance personnel at CLP.
The strategy should ascertain the reporting objectives of the engagement to plan
the timing of the audit and the nature of the communications required. For CLP
this includes things such as:
• The audit timetable for reporting.
• Discussions with those charged with governance and the management
regarding the audit.
• The timings of the audit team meetings and review of work performed.
(iii) Important factors that will determine the focus of the engagement team’s
efforts
The strategy should consider the factors which, in the auditor’s professional
judgement, are significant in directing CLP’s audit team’s efforts. For CLP, the
following are examples of things which should be included.
(6 marks)
(Total: 10 marks)
Question 06
(a)
The following shortcomings were observed in the approach adopted by the audit team.
By ignoring debtors less than Rs. 50,000, government institutions and related parties
for the purpose of sampling, the following important principles have not been complied
with.
• The fact that the auditor should consider the risk of material misstatement on the
entire population.
• The fact that the auditor should attempt to ensure that all the items in the
population have a chance of selection.
In stratification, audit efforts are directed towards larger value items. However, the
audit team has not explained (there is no basis) why only 10 debtors out of the 30
largest debtors were selected in the audit documentation.
(4 marks)
(b)
This involves dividing the sample into discrete subpopulations (stratum) that have
identifying characteristics. In this case, the population may be stratified by
monetary value.
The sample may be made from each strata allowing effort to be directed to the
larger value items.
(In this question the examiner asked for alternative means of selecting the sample in
which the material balances have a greater probability of selection. Therefore, this
can be considered as a correct answer).
(3 marks)
(c)
(7 marks)
(d)
(2 marks)
(e)
(Total: 20 marks)
(a)
The new investment made by Green Investment PLC (GIP) is material to the
consolidated financial statements of GIP. This means it is a material component of GIP
and therefore the auditor of GIP is required to verify the amounts recognised in the
consolidated financial statements for the year ended 31 March 2022.
This could be done by obtaining evidence of the work performed by the associate
auditor or independently verifying the financial information of the associate company.
Since access to these sources are a limitation to the scope of the auditor’s work that has
been imposed as the group auditor of the GIP.
It is clear that possible effects of the inability to obtain sufficient appropriate audit
evidence is material. However, if not pervasive to the financial statements, the auditor
can describe the limitation to the scope and qualify the audit opinion in this regard. If
the auditor concludes that this matter is pervasive to the financial statements, the
auditor shall disclaim its opinion on the consolidated financial statements of GIP.
(5 marks)
(b)
• The overall way that the organisation is managed and controlled by the
governance body may not be clearly defined and visible. Therefore, unable to
identify potential issues relating governance and culture of an organisation.
• Certain processes and policies are not formally documented and more effort to
be put in understanding and evaluating the governance and culture of an
organisation and this will be judgmental as ths governance and culture may be
different from on organisation to another and it depends on other factors too.
• The internal auditors need more experience and competency on this areas given
the subjective nature of the audit. However, the internal auditors may lack
experience and competency in this are as more focus had been on traditional
internal audits.
(5 marks)
Area Conclusion
1. Revenue recognition This is not an area with significant risk (only some risk
exists). The cut-off issue prevails due to the time gap
between invoicing and delivery. However, the management
has taken appropriate steps, and this is not a judgmental
area. Hence, it is not required to report this as a KAM.
2. Impairment of This is a significant risk and judgmental area. The auditor
goodwill on the needs to focus on this area and report this as a KAM.
acquisition of
subsidiary
3. Debtors’ impairment This involves some level of judgment but given the use of a
simplified approach model it is not considered to be a
complex area. Therefore, at the outset this is not
considered to be a KAM.
(10 marks)
(Total: 20 marks)
The answers given are entirely by the Institute of Chartered Accountants of Sri Lanka
(CA Sri Lanka) and you accept the answers on an "as is" basis.
They are not intended as “Model answers’, but rather as suggested solutions.
The answers have two fundamental purposes, namely:
© 2013 by the Institute of Chartered Accountants of Sri Lanka (CA Sri Lanka).
All rights reserved. No part of this document may be reproduced or transmitted in any
form or by any means, electronic, mechanical, photocopying, recording, or otherwise,
without prior written permission of the Institute of Chartered Accountants of Sri Lanka
(CA Sri Lanka).