Theory:

Elements of assurance engagement

1) A three-party relationship comprising of:

- The intended user who is the person who requires the assurance report
- The responsible party, which is the organisation responsible for preparing the subject
matter to be reviewed
- The practitioner who is the professional who will review the subject matter and
provide the assurance
2) A suitable subject matter. The subject matter is the data which the responsible party has
prepared and which requires verification.
3) The subject matter is then evaluated or assessed against suitable criteria in order for it
to be assessed and an opinion provided
4) Sufficient and appropriate evidence in order to give the required level of assurance.
5) A written assurance report containing the conclusion or opinion which is given by the
practitioner to the intended user.

Difference between Interim audit and Final audit

Interim audit 1) Part of audit which take part before the year-end
2) Interim audit is used to undertake procedures which would be difficult to
perform at the year-end because of time pressure.
3) There is no requirement to undertake interim audit; factor to consider
when deciding whether to have one:
- Size and complexity of the company
- Effectiveness of internal controls
Final audit 1) Take place after the year-end
2) Concludes the auditor forming and expressing an opinion on the financial
statements for the whole year.
3) Final opinions take account of conclusions formed at both the interim and
final audit.

Explain the benefits of audit planning

1) Helping auditors to devote appropriate attention to important areas of the audit

2) Helping the auditor to identify and resolve potential problem on a timely basis
3) Helping the auditor to properly organise and manage audit engagement so that it is
performed in an effective and efficient manner.
4) Facilitating the direction and supervision of engagement team members and the review of
their work.
5) Assisting, where applicable, in coordination of work done by experts.

Safeguards to appropriately managed conflict of interest

1) Client and its competitor should be notified that audit firm would be acting as auditors for
each company and consent should be obtained from management of each company.
 2) Audit firm should consider advising one or both clients to seek for additional independent
advice.
3) Audit firm should ensure they appoint separate teams, with different partners and team
members to each client; once an employee has worked on one audit, then they should be
prevented from being on the audit of the competitor for a period of time known as
establishing a ‘Chinese Wall’.
4) Audit firm must set a clear guideline for members of each engagement team on issues of
security and confidentiality. These guidelines could be included withing the audit
engagement letters sent to each client.
5) Audit firm should consider the use of confidentiality agreements signed by all members of
the engagement teams of both clients.
6) Regular monitoring of the application of the above safeguards should be undertaken by a
senior individual in audit firm not involved in either audit.

Purpose of an audit engagement letter

The letter outlines both the responsibilities of audit firm and the audit client. Its purpose is to:
1) Minimise risk of misunderstanding between the auditor and the client
2) Confirm acceptance of the engagement; and
3) Forms the basis of contract outlining the terms and conditions of the engagement.

Items to be included in the audit engagement letter

1) The objective and scope of the audit
2) The responsibilities of the auditor
3) The responsibilities of management
4) The expectation that management will provide written representations
5) The basis on which the audit firm will calculate its fees
6) Any restrictions on the auditor’s liability

5 Factors to consider before accepting audit client

1) The outgoing auditor’s response
Prior to accepting an audit engagement, the auditor is required to contact the previous
auditors, after obtaining permission from client, to ask for all information relevant to the
decision as to whether or not the firm should accept the appointment.

The auditor should consider the outgoing auditor’s response to assess whether there are
any ethical or professional reasons why the firm should not accept the appointment.

2) Management integrity
If the engagement partner of the audit firm has reason to believe that client’s
management lack integrity, there is a greater risk of fraud and intimidation. Audit firm
need to consider management integrity because if there are serious concerns regarding
this, the audit firm should not accept the audit engagement.

3) Pre-conditions for an audit

The audit firm can only accept an audit engagement if the preconditions are present. The
preconditions confirm that management will use an acceptable financial reporting
 framework in preparing financial statement and confirms that management
acknowledges and understands its responsibilities for:
- Preparing the financial statements in accordance with the applicable financial
reporting framework
- Internal control necessary for the preparation of the financial statements to be free
from material misstatement; and
- Providing the auditor with access to information relevant for the audit and access to
staff within the entity to obtain audit evidence.
If the preconditions are not present, audit firm cannot accept the audit engagement.

4) Independence and objectivity

The auditor must consider whether there are any threats to independence and objectivity
which cannot be reduced to an acceptably low level by the use of appropriate safeguards.
If such threats are present and cannot be sufficiently mitigated, audit firm should not
accept the audit engagement.

5) Resources available at the time of audit

Audit firm must have adequate resources with relevant experience available at the time
the audit of the client is likely to be carried out. All audit staff deployed to the audit of
client must be capable of carrying out the audit in accordance with ISAs. If adequate
resources will not be available, audit firm must not accept the audit engagement.

Audit supervisor’s responsibilities in relation to SUPERVISING and REVIEWING the audit

assistant’s work (Need to write in paragraph)

Supervising 1) Keep track of the progress of the audit engagement to ensure the
audit timetable is met and audit manager and partner are kept
updated of the progress.
2) Consider the competence and capabilities of individual members of
engagement team, whether they have sufficient time to carry out
their work, whether they understand their instructions and whether
the work is being carried out in accordance with the planned
approach to the audit.
3) Address any significant matters arising during the audit, considering
their significance and modifying the planned approach appropriately.
4) Responsible to identify matters for consultation or consideration by
the audit manager or engagement partner.
Reviewing 1) Review the work completed as to whether this work has been
performed in accordance with professional standards and other
regulatory requirements.
2) Review the work completed as to whether the work performed
supports conclusions reached and has been appropriately
documented.
3) Consider whether all significant matters have been raised for partner
attention and where appropriate consultations have taken place,
whether appropriate conclusions have been documented.

Define and explain MATERIALITY and PERFORMANCE MATERIALITY

Materiality
 Materiality is defined as ‘Misstatements, including omissions, are considered to be material if
they, individually or in the aggregate, could reasonably be expected to influence the economic
decisions of users taken on the basis of the financial statements.’ (1)

If the financial statements include a material misstatement, then they will not present fairly (give
true and fair view) the position, performance and cashflows of the entity. (2)

A misstatement may be considered material due to its size (quantitative) and/or due to its nature
(qualitative) or a combination of both. The quantitative nature of a misstatement refers to its
relative size. A misstatement which is material due to its nature (qualitative) refers to an amount
which might be low in value but due to its prominence and relevance could influence the user’s
decision, for example, directors’ transactions. (3)

Materiality is often calculated using benchmarks such as 5% of PBT, 1% of TA and 0.5% of Rev.
These values are useful as a starting point for assessing materiality, however, the assessment of
what is material is ultimately a matter of the auditor’s professional judgement. (4)

In assessing materiality, the auditor must consider that a number of errors with a low value may,
when aggregated, amount to a material misstatement.

Performance materiality
Performance materiality is defined as ‘The amount set by the auditor at less than materiality for
the financial statements as a whole to reduce an appropriately low level of probability that the
aggregate of uncorrected and undetected misstatements exceeds materiality for the financial
statements as a whole.’

Hence the performance materiality is set at a level lower than overall materiality for the financial
statements as a whole. It is used for testing individual transactions, account balances and
disclosures. The aim of performance materiality is to reduce the risk that the total of all errors in
balances, transactions and disclosures exceeds overall materiality.

The use of Analytical procedures during THREE stages of audit

1) Planning stage – Analytical procedures must be use as risk assessment procedures in

order to help the auditor to obtain an understanding of the entity and assess the risk of
material misstatement.
2) Final audit stage – To obtain sufficient appropriate audit evidence. Substantive
procedures can either be tests of detail (TOD) or substantive analytical procedures (SAP)
3) Final review stage – Auditor must design and perform AP which assist them when
forming an overall conclusion as to whether the financial statements are consistent with
the auditor’s understanding of the entity.

Auditor’s responsibilities in prevention and detection of fraud and error

Audit firm must conduct an audit in accordance with ISA 240 and is responsible for obtaining
reasonable assurance that the financial statements taken as a whole are free from material
misstatement, whether caused by fraud or error. (1)

In order to fulfil this responsibility, the audit firm is required to identify and assess the risks of
material misstatement of the financial statements due to fraud. (2)
 They need to obtain SAAE regarding the assessed ROMM due to fraud through designing and
implementing appropriate responses. In addition, audit firm must respond appropriately to fraud
or suspected fraud identified during the audit. (3)

Audit firm is responsible to maintain professional scepticism throughout the audit, considering the
potential for management to override of controls and recognising the fact that audit procedures
which are effective in detecting error may not be effective in detecting fraud. (4)

Discussion must be held within the team regarding the risk and responsibilities for fraud and error
to ensure that the whole engagement team is aware of them. For members not present, client’s
audit engagement partner should determine which matters should be communicated to them. (5)

Preconditions for the audit

Refer to Factors to consider before accepting audit engagement

Areas to be included in the Audit Strategy Documents

1) Main characteristics of the engagement
The audit strategy should consider the main characteristics of the engagement, which
define its scope. Following example should be included:
- Whether the financial information to be audited has been prepared in accordance
with the relevant financial reporting framework
- Whether automated tools and audit techniques will be used and the effect of IT on
audit procedures.
- The availability of key personnel at client’s company.

2) Reporting objectives, timing and nature of communication

It should ascertain the reporting objectives of the engagement to plan the timing of the
audit and the nature of the communications required such as:
- The audit timetable for reporting including the timing of interim and final stages.
- Organisation of meetings with client’s management to discuss any audit issues arising.
- Any discussions with management regarding the reports to be issued.
- The timings of the audit team meetings and review of work performed.

3) Significant factors affecting the audit

The strategy should consider the factors which, in the auditor’s professional judgement,
are significant in directing client’s audit team’s efforts, such as:
- The determination of materiality for the audit.
- The need to maintain a questioning mind and to exercise professional scepticism in
gathering and evaluating audit evidence.

4) Pre-liminary engagement activities and knowledge from previous engagements.

It should consider the results of preliminary audit planning activities and, where
applicable, whether knowledge gain on other engagements for client is relevant, such as:
- Results of any test over the effectiveness of internal controls
- Evidence of management’s commitment to the design, implementation and
maintenance of sound internal controls.
 5) Nature, timing and extent of resources
The audit strategy should ascertain the nature, timing and extent of resources necessary
to perform the audit, such as:
- The selection of the audit team with experience of this type of industry.
- Assignment of audit work to the team members
- Setting the audit budget.

Define audit risk and the components of audit risk

Audit risk is the risk that the auditor expresses an inappropriate audit opinion when the
financial statements are materially misstated. Audit risk is a function of two main components,
being the risk of material misstatement and detection risk. Risk of material misstatement is made
up of a further two components, inherent risk and control risk.

Inherent risk is the susceptibility of an assertion about a class of transaction, account balance
or disclosure to a misstatement which could be material, either individually or when aggregated
with other misstatements, before consideration of any related controls.

Control risk is the risk that a misstatement which could occur in an assertion about a class of
transaction, account balance or disclosure and which could be material, either individually or
when aggregated with other misstatements, will not be prevented, or detected and corrected, on
a timely basis by the entity’s controls.

Detection risk is the risk that the procedures performed by the auditor to reduce audit risk to
an acceptably low level will not detect a misstatement which exists and which could be material,
either individually or when aggregated with other misstatements. Detection risk is affected by

stupider
sampling and non‐sampling risk

Factors which would indicate that an engagement letter for existing audit client should be
revised
- Any indication that the entity misunderstands the objective and scope of the audit, as
this misunderstanding would need to be clarified.
- Any revised or special terms of the audit engagement, as these would require
inclusion in the engagement letter.
- A recent change in senior management or significant change in ownership. The letter
is signed by a director on behalf of those charged with governance. If there have been
significant changes in management, they need to be made aware of what the audit
engagement letter includes.

:÷*
- A significant change in nature or size of the entity’s business. The approach taken by
the auditor may need to change to reflect the change in the entity and this should be
clarified in the engagement letter.
- A change in other reporting requirements. Other reporting requirements may be
stipulated in the engagement letter; hence If these change, the letter should be
, updated.
it is

ooo Sources of information relevant to gain an understanding about the new client
E
ii.
☆ & ☆
iii.
MY :÷:*
1) Prior year financial statements

¥
Provides information in relation to the size of a company as well as the key accounting
policies, disclosure notes and whether the audit opinion was modified or not.

2) Discussions to the previous auditors/access to their files

Provides information on key issues identified during the prior year audit as well as the
audit approach adopted.

3) Prior year report to management

If this can be obtained from the previous auditors or from management, it can provide
information on the internal control deficiencies noted last year. If these have not been
rectified by management, then they could arise in the current year audit as well and
may impact the audit approach.

4) Discussions with management

Provides information in relation to the business, any important issues which have arisen
or changes to accounting policies from the prior year

5) Review board minutes

Provides an overview of key issues which have arisen during the year and how those
charged with governance have addressed them.

6) Company website
Recent press releases from the company may provide background on the business during
the year as this will help in identifying the key audit risks

Quality control procedures

1) Briefing/direction of the team

The audit team should be informed of their responsibilities, the objectives of their work,
the nature of the client’s business and any other relevant information to enable them to
perform their work efficiently and effectively. This will enable them to identify material
misstatements and know which areas require greater attention

2) Supervision – tracking the progress of the audit

The audit supervisor should keep track of the progress of the audit in order to ensure the
work is being completed on time or whether action needs to be taken such as bringing in
additional staff to help complete the work or whether to agree an extended deadline with
the client.

3) Supervision – addressing significant matters

The audit supervisor will also ensure that significant matters are being dealt with
promptly. If issues are resolved as soon as they are identified the audit is more likely to be
completed within the agreed timeframe.

4) Supervision – considering competence of team

 The audit supervisor will consider the competence of the audit team and will provide
additional coaching if required. The supervisor should be available for the team members
to refer to in case of any queries

5) Review of work
Each team member’s work should be reviewed by someone more senior. This is to ensure
the work has been to the required standard. The reviewer may identify additional work
that needs to be performed before a conclusion can be drawn reducing the risk that
material misstatements go undetected.

Method for documenting internal control systems , its advantages and disadvantages
Methods Descriptions Advantages Disadvantages
Narrative notes Narrative notes Simple to records; May prove to be too
consist of written after discussion with cumbersome,
description of the staff members, these especially if the
system. They detail discussions are easily system is complex or
what occurs in the written up as notes. heavily automated
system at each stage
and include details of Easy to understand by Can make it more
any controls which all members of audit difficult to identify
operate at each stage. team, especially junior missing internal
members who might controls as the notes
find alternative record the detail but
methods too complex. not identify control
exceptions clearly.
Flowcharts Flowcharts are a Easy to view the Sometimes be difficult
diagrammatic system in its entirety to amend, as any
illustration of internal as it is all presented amendments may
control system. Lines together in one require the whole
usually demonstrate diagram. flowchart to be
the sequence of withdrawn.
events and standard Due to the use of
symbols are used to standard symbols for There is still the need
signify controls or controls, it can be for narrative notes to
documents. effective in identifying accompany the
missing controls. flowchart and hence it
can be a time-
consuming method.
Questionnaires Internal control Quick to prepare, It can be easy for the
questionnaires (ICQs) which means they are staff members to
or internal control timely method for overstate the level of
evaluation recording the system. the controls present
questionnaires as they are asked a
(ICEQs) contain a list If drafted thoroughly series of questions
of questions for each they ensure that all relating to potential
major transaction controls present controls.
cycle. within the system are
considered and A standard list of
ICQs are used to recorded, hence questions may miss
assess whether missing controls or out unusual or more
 controls exist whereas deficiencies are clearly bespoke controls used
ICEQs assess the highlighted by the by the company.
effectiveness of the audit team.
controls in place.

Matters to consider in determining whether deficiency in internal control is significant.

1) The likelihood of the deficiencies leading to material misstatements in the financial
statements in the future.
2) The subjectivity and complexity of determining estimated amounts.
3) The interaction of the deficiency with other deficiency in internal control.
4) The financial statement amount exposed to the deficiencies
5) The susceptibility to loss or fraud of the related asset or liability
6) The importance of the controls to the financial reporting process

Limitations of internal control components

1) Human error – mistakes made by those responsible for performing controls
2) Ineffective controls – controls which do not work as intended
3) Collusion of staff – Staff work together (collude) to bypass the control of segregation of
duties
4) The abuse of power by those with ultimate controlling responsibility (management
override) – management may falsify accounting records or post unauthorised journals to
present a different result in the financial statements.
5) Use of management judgement on the nature and extent of controls it chooses to
implement.

Cover letter
Board of directors
Amber Heart Co
21 Under the Sea
Atlantic City
Shark Boy Country

1 March 20X5

Dear Sirs,

Audit of Amber Heart Co for the year ended 30 April 20X5

Please find enclosed the report to management on deficiencies in internal controls identified
during the audit for the year ended 30 April 20X5. The appendix to this report considers
deficiencies in the sales and dispatch system and recommendations to address those deficiencies.
 Please note that this report only addresses the deficiencies identified during the audit and if
further testing had been performed, then more deficiencies may have been reported.

This report is solely for the use of management and if you have any further questions, then please
do not hesitate to contact us.

Yours faithfully
An audit firm (audit firm name)
TCGM responsibility: to ensure that the operations
are conducted in accordance with the provisions of
laws and regulations. This includes with laws and
Importance of communicating with those charged with governance regulations that determine amts and disclosure in
FS.
It is important for the auditors to report to those charged with governance as it helps in the
following ways:
- It assists the auditor and those charge with governance in understanding matters
related to audit, and in developing a constructive working relationship. This
relationship is developed while maintaining the auditor’s independence and
objectivity.
- It helps TCG in fulfilling their responsibility to oversee the financial reporting process,
thereby reducing the risks of material misstatement of the financial statements.
- It promotes effective two-way communication between the auditor and TCG.
- It helps the auditor in obtaining, from TCG, information relevant to the audit for
example assisting the auditor in understanding the entity and its environment.

Matters to be communicated to TCG

1) If any suspected frauds are identified during the audit, these must be communicated.
2) The auditor’s responsibilities with regards to provide an opinion on the financial
statements and that they have carried out their work in accordance with ISAs.
3) Any key audit risk identified during the planning stage should be communicated.
4) The auditor should explain the planned approach to the audit as well as the audit
timetable.
5) TCG should be notified on any written representations required by the auditor.

Role of Internal audit VS External audit

External audit Internal audit

Objective Express an opinion on the
truth and fairness of the
financial statements in a
written report
Reporting Reports to shareholders
Availability of report Publicly available
Scope of work Verifying the truth and
fairness of the financial
statements
Improve the company’s
operations by reviewing the
efficiency and effectiveness
of internal controls
Report to TCGM
Not publicly available.
Usually only seen by TCGM.
Wide in scope and
dependent on
management’s
requirements
 Appointment and removal
Relationship with company
By the shareholders of the By the audit committee or
company BOD
Must be independent of the May be employees (which
company limits independence) or an
outsourced function (which
enhances independence)

Assignments for internal audit departments (IAD)

Value for money review – The IAD could be asked to assess whether client is obtaining
value for money in areas such as capital expenditure.

Review of financial/operational controls – The IAD could undertake reviews of controls

at client’s head office or any other areas and make recommendations to management
over such areas.

IT system review – The IAD could be asked to perform over the computer environment
and controls.

Regulatory compliance – The IAD could help to monitor compliance with these
regulations.

Types of control activities

1) Segregation of duties
Assignment of roles or responsibilities to ensure the tasks of authorising and recording
transactions and maintaining custody of assets are carried out by different people,
thereby reducing the risk of fraud and error in the normal course of their duties. For
example, the payables ledger clerk recording invoices in the payable ledger, and the
finance director authorising the payment of those purchase invoices

2) Authorisation
Approval of transactions by a suitably responsible official or higher level of management
to ensure transactions are valid and genuine. For example, authorisation by a responsible
official of all purchase orders.

3) Verifications
Controls which compare two or more items with each other or compare an item with a
policy. Verifications include information processing controls such as the use of batch
control totals when entering transactions into the system.

4) Physical or logical controls

Restricting access to physical assets as well as computer programs and data files, thereby
reducing the risk of theft of assets or data. For example, cash being stored in a safe which
only a limited number of employees are able to access.

5) Reconciliations
 Reconciliations compare two or more data elements to confirm completeness or accuracy
of the data. For example, the cash book being reconciled to the bank statements on a
regular basis to identify any discrepancies which can then be resolved on a timely basis.

Definition of professional scepticism

Professional scepticism is defined as an attitude which includes a questioning mind, being alert to
conditions which may indicate possible misstatement due to fraud or error, and a critical
assessment of audit evidence.

Factors to be considered in determining the suitability of using AP procedures as SP.

- Nature of the balance or class of transactions. Analytical procedures are more suitable
to large volume transactions that are predictable over time such as payroll, sales, and
expenses.
- Reliability of the information being analysed. If the information being analysed is
unreliable, the results of the analytical procedures will be unreliable. Reliability of the
information will be affected by source, nature and effectiveness of internal controls.
- Relevance to the assertion being tested. Analytical procedures would usually not be
used to test the existence assertion of a tangible asset such as inventory or property,
plant and equipment as physical inspection of the asset would provide more reliable
evidence.
- Precision of expectation. The auditor should consider whether a sufficiently precise
expectation can be developed to be able to identify a material misstatement. If not,
there is limited use in using analytical procedures.
- Amount of difference between expected amounts and recorded amounts that is
acceptable. This will depend on the level of materiality and the desired level of
assurance required by the auditor.

Internal control components

1) Control environment
Refers to the set of controls, processes and structures that address:
- How management’s oversight over the entity’s system of internal control by
TCG
- The entity’s assignment of authority and responsibility
- How entity attracts, develops and retains competent individuals

2) Entity’s risk assessment process

The entity’s risk assessment process covers how the entity identifies business risks
relevant to financial reporting objectives, assesses the significance of those risks including
the likelihood of occurrence, and how the entity addresses those risks.

3) The entity’s process to monitor the system of internal control

This is the client's ongoing process of evaluating the effectiveness of controls over time
and taking necessary remedial action in respect of control deficiencies. If the entity has
an internal audit function, it will assist with monitoring process.
4) The information system and communication
The information system and communication consist of all of the activities and policies
relevant to the preparation of the financial statements. It includes the procedures within
both computerised and manual systems to initiate, record, process, and report entity
transactions. It also looks at how the entity communicates significant matters that
support the preparation of the financial statements and related reporting responsibilities
in the information system.

5) Control activities relevant to the audit

Control activities are designed to ensure proper application of policies in all the other
components of the entity’s system of internal control. These include segregation of
duties, verifications, reconciliations, physical or logical controls and authorisations.
Subsequent events stages summary

S1 : FS approved and AR signed :

- perform additional audit procedures (PALMS+W)

:
- Consider adjustment/disclosure in FS
- Determine implications on AR if refuse to adjust

S2 : FS issued to member
No responsibilities unless auditor is aware :
- Discuss with mgmt on action
- Perform further procedures only on changes
- Take appropriate action - issue new FS and new AR

S3 : AGM
No responsibilities unless auditor is aware :
- Discuss with mgmt on action
- Perform further procedures only on changes
- Take appropriate action- request to withdraw the FS&recall AR, issue new fs and new AR.

GC Procedures (PALMS + W + G) /

- Review post year mgmt Accounts to assess if in line with cash flow forecast.
- With the client’s permission, enquire the client’s lawyers as to the existence of any
Litigation and if so, the likely outcome of the litigation.
- Review the post year end board Minutes to identify any other issues which might
indicate further financial difficulties fir the company.
- Perform audit tests in relation to Subsequent events ti identify any items which
might indicate or mitigate the risk of GC not being appropriate.
- Obtain a Written representation confirming the director’s view that co is a GC.
- A enquiry the dtors, Consider whether the GC basis is appropriate for the
preparation of the FS.
GC disclosure (adequate/inadequate)

Adequate : include a material uncertainty related to GC (MUREC) & OD renewal

pending. State that audit opinion is not modified. State MU and cross reference to the
disclosure note. Include after the opinion and basis of opinion paragraph.

Inadequate: audit opinion need to modified- material misstatements. Failure to disclose

adequately = material not pervasive. Qualified opinion will be issued. Except for “failure
to disclose”, the FS give a T&F view.
 Procedures for final review :

- Review compliance with accounting standards and local legislation disclosure.

- Review te disclosure of the accounting policies mainly where changes been made.
- Review to ensure consistency with the auditor’s knowledge of the business and the
results of their work.
- Review aggregate of incorrect mistatements to assess whether material in aggregate.

Objective of WR

- WR are necessary information the auditor requires in connection with the audit
entity’s fs.
- Required to confirm mgmt and where appropriate, TCGM responsibility for the

t
preparation of the financial statement and for the completeness of the information
provided to the auditor.
- Required for judgemental areas where the auditor has to rely on management
explanation.
- Required to confirm that mgmt have communicated to auditor all weakness in
internal control of which mgmt aware.

Steps obtaining WR

- WR are normally in the form of a letter, written by the company’s mgmt and
addressed to the auditor.
- The letter is usually requested from mgmt but can also be requested from the chief
operating officer or chief financial officer.
- Throughout the fieldwork, the audit team will note any areas where representation
may be required.
- During the final review stage, the auditors will produce a draft representation letter.
- The directors will review this and then produce it on their letterhead.
- It will be signed by the directors and dated as the date the audit report is signed
but not after.
Determining Significant weakness in internal control

- the likelihood of the deficiencies leading to material misstatements in the fs in the

future.
- the subjectivity and complexity to determine related asset or liability.
- the volume of activity that has been occurred or could occur in the account balance or
class of transactions exposed to the deficiencies.
- the important of control to the financial reporting process.

Treatment of misstatements

1. Factual misstatements - there is no doubt

2. Judgemental misstatements - differences arising from the judgements of management
accounting estimates, or the selection or application of accounting policies that the auditor
considers inappropriate.
3. Projected misstatements - auditor’s best estimate of misstatements in population, involving
the projecting of misstatements identified in audit samples to the entire populations from
which the samples were drawn.

ISA 450 : request mgmt to correct the misstatements. If refused, auditor must ascertain
the reason.
- consider whether the aggregate of uncorrected misstatements (ind or aggregate) in the fs
are material.
- A required to communicate all uncorrected misstatements and their affect to mgmt.
- A will request for WR from mgmt and TCG if believe immaterial.

If GC assumptions is inappropriate: fs should be prepared on a break up/nrv basis.