F8 Audit & Assurance Key Notes

Edition 4,Version 1
ISBN 978-1-84808-322-6
Published by
Get Through Guides Ltd.
65 Bedford Street South
Leicester LE1 3JR
United Kingdom
Website:
www.GetThroughGuides.com Email:
info@GetThroughGuides.com
Student Support Forum:
http://GetThroughGuides.co.uk/forum
All our rights reserved. No part of this publication may be reproduced, stored in a retrieval
system or transmitted, in any form or by any means, electronic, mechanical, photocopying,
scanning or otherwise, without the prior written permission of Get Through Guides Ltd.
No responsibility for any loss to anyone acting or refraining from action as a result of any
material in this publication can be accepted by the author, editor or publisher.
© Get Through Guides 2012
INDEX
Concept of audit & other assurance 1–4 Internal audit assignments 33 - 36
engagements
Statutory audits 5–8 Objective & general principles 37 – 38
Regulatory environment & corporate 9 - 16 Assessing the risks of material 39 – 40

governance misstatement
Professional ethics and ACCA’s Code of 17 – 24 Understanding the entity & its 41 – 42
Ethics and Conduct environment
Internal audit & corporate governance 25 - 26 Materiality, fraud, laws & 43 – 46

regulations
Difference between external auditor 27 – 28 Analytical procedures 47 – 50

and internal audit function
Scope of internal audit function 29 – 30 Planning an audit 51 – 52
Outsourcing the internal audit function 31 - 32 Audit documentation 53 – 54

INDEX
Internal control system 113 –116
55 – 60 Computer-assisted audit techniques
The use of internal control 117 – 120
system by auditors 61 – 62
Work of Others
Transaction cycles 63 – 66 Not-for-profit organisations 121 – 124
Tests of control 68 – 74 Subsequent events 125 – 128
Evaluation of internal control 75 – 78 129 – 134

Going concern
components
Communication on internal 79 – 80 135 –136

Written representation
control
Use of assertions by auditors 81 – 84 Audit finalisation & the final review 137 – 138
Audit procedures 85 – 92 Audit reports 139 – 142

Audit of specific items 93 – 104 The main points of G2 is included in
key notes for D6 & G1
Audit sampling and other 105 – 112 Internal audit reports 143 – 144
means of testing
Welcome to GTG’s Keynotes!
GTG has designed these keynotes so that they integrate completely with your Study Text.
Each chapter, or Study Guide is based on the ACCA Syllabus. All the Learning Outcomes have
been shrunk down into bite-size parts to help you remember them easily.
Features of GTG’s keynotes:

Icons
Expansion / to show
 Full colour – to make learning more memorable! clarification when
 Diagrams – to aid the learning process going from one box
 They highlight points, simply and succinctly to another
 Short sharp sentences – easy to memorise
 Clearly laid out Tip or important
point to remember
 Icons used to aid understanding
 Linked directly to Study Text
This is used for extra
clarification or exam focus
The SG name can be found at the bottom of the page, here. Page No. is here
Intro: this Study Guide discusses objectives & general principles of external audit
engagements, concepts of accountability, stewardship & agency, true & fair presentation,
reasonable assurance, level of assurance provided by audit & other review assignments.
Objective & general principles of external audit
Assurance engagement : a professional accountant in public practice expresses a conclusion

designed to enhance the degree of confidence of the intended users other than the responsible
party about the outcome of the evaluation or measurement of a subject matter against criteria.
General principles of external audit engagement

According to ISA,
my cost should
Compliance with code of ethics: issued by International Federation of be apportioned
Accountants covering independence, integrity, objectivity, confidentiality etc. over not more
than 3 years.
Performance of audit in accordance with ISAs: the auditor should consider
international standards as well as standards of the particular country (if they exist).
Audit with professional scepticism: if auditor has reason to suspect that fraud has taken
place then they should investigate.
Professional judgment: the auditor should exercise professional judgment in planning & performing
audit of FS.
Concept of Audit & Other Assurance Engagements 1

Audit Framework & Regulation 2
Accountability, stewardship & agency
Accountability Stewardship Agency
Some sort of responsibility given Responsibility to take care of Relationship where one
by one person to another, resources & in charge of person is engaged to
which is expected to be carried assets on behalf of someone represent another person in
out according to given else. transactions with third party
instructions
Steward
Relationship between owners & management

Management is Management is an
accountable to agent for
shareholders
shareholders
Management acts as a
steward for shareholders
FS
True & fair presentation Truck: actual cost is
$1,000,000 & deprecation is
$100,000
Accounts of an entity are
prepared in accordance with
facts, correct principles & Calculation is correct but life of truck has not been
applicable / accepted standards. estimated correctly .
It can’t be more than 5 years so FS are true but
not fair.
Reporting as means of communication to stakeholders & level of assurance
Audit provides reasonable assurance
Stakeholders who rely on the Reasons for not providing absolute assurance:
information in the FS :  inherent limitations of internal control system
 shareholders  nature of audit evidence
 employees  test checking by auditors
 directors / management
 bankers Nature of audit evidence Hello, Fair Ltd?
 taxation authorities I am the auditor of Hi Co.
 government Can you send me a written
 customers & suppliers balance confirmation statement?
Concept of Audit & Other Assurance Engagements 3

Assurance Services Level of Assurance

Audit: designed to result in the accountant
Reasonable
providing a positive opinion.
Review engagement: provides limited

Moderate & negative
assurance on FS and other information.
Agreed upon procedure: auditor performs

No assurance, only
certain procedures concerning individual items actual findings
of financial data.
Compilation: it involves collecting, classifying

No assurance, only
& summarising financial information rather than compilation
audit work.
Negative assurance : means that the auditor has not come across any adversity
regarding the subject matter reviewed. Therefore, it is appropriate for forecasts.
Intro: this Study Guide discusses the regulatory environment within which statutory audits
(SAs) take place, and the statutory regulations governing the appointment, removal &
resignation of auditors. It also explains the limitations of statutory audit & assesses its value.
Regulatory environment within which statutory audits take place
In many countries a statutory audit is

Regulatory environment within which a
required by statute.
statutory audit takes place:
 laws & regulations
1. national laws
2. laws specific to an industry ACCA Code of Ethics states that
a member cannot accept an audit in
 Code of Ethics of the professional body
which they have a conflict of interest
the auditor is a member of
 international regulations
 accounting & auditing standards According to IAS 2,
1. national inventory should be
2. international valued at lower of cost
or net realisable
value.
Statutory Audits 5
Smaller entity: an entity which typically possesses qualitative characteristics such as:
a) Concentration of ownership and management in a small number of individuals (often a single
individual – either a natural person or an enterprise that owns the entity provided the owner
exhibits the relevant qualitative characteristics); and
b) One or more of the following:
 Small size, for example as measured by turnover or net assets or employees;
 straightforward or uncomplicated transactions;
 simple record-keeping;
 few lines of business and few products within business lines;
 few internal controls;
 few levels of management with responsibility for a broad range of controls; or
 few personnel, many having a wide range of duties.
Reasons & mechanism to regulate auditors & provisions for appointment &
removal
Reasons to regulate auditors Mechanisms to regulate auditors
1. Protect public interest  Code of Ethics: non-compliance
 Audited FS taken as basis for financial decisions. referred to the disciplinary
 Auditor has a duty to prevent general public from committee.
being deceived.  Auditing standards: in case of non-
 Regulation necessary to maintain high compliance, auditor may be held
professional liable for professional negligence.
standards.  Laws & regulations.
2. Maintain dignity of the auditing profession.  Peer review: work of one auditor
3. Ensure auditor’s independence & competence checked by another auditor.
4. Bring in uniformity
Rights of an auditor Duties of an auditor
 right to access records
 right to information and explanations  adequate accounting records
 right to receive written resolution in the  compliance with legislation
same way as a member of the company
 verification of records
 right to attend and receive notice of meeting  truth and fairness
 right to speak and to be heard at general  adequate disclosure
meetings
Appointment of auditors Removal / resignation of auditors
By the shareholders in AGM. Generally majority consent of shareholders

required.
The person to be appointed as the auditor is Not applicable

required to hold a professional accountancy
qualification.
By Secretary of State or Ministry of Finance for Auditor submits a statement of circumstances.(or
state-owned companies. the fact that removal or resignation was innocent).
Statutory Audits 7
Objectives of a statutory audit: Limitations of SA

1. under IT Act: to certify taxable income
2. under Companies Act: to ensure:  Impossible to test all transactions
 Weaknesses in internal control system
 FS are free from material misstatement.  Audit evidence is persuasive rather
 FS comply with applicable laws & than conclusive
regulations.  Limitations of reporting framework
 Does not provide up-to-date
Principal activities of Statutory Audits (SA) position
 understanding entity & its environment
 assessing entity’s risk
 planning audit procedures
 testing controls
 collecting audit evidence
 overall review & audit report
Title deeds show that all buildings belong to a
Statutory audit adds value to the entity in certain entity but later on it is found that the
the following ways: title of one building is disputed & possession of
the property is not with the entity.
 compliance with applicable laws & regulations
 corporate governance & internal control This shows that most audit evidence is
system persuasive rather than conclusive.
 helps management reduce risk
Intro: this Study Guide discusses the development & status of ISAs, the importance of
corporate governance (CG) & provisions of international codes for CG .
Development & status of ISAs
155 members & associates

IFAC: spread across 118 countries
Development process of ISA
1. Research & consultation (task force)

2. Transparent debate (meeting,
drafting)
3. Exposure Draft for public
Main activity is to publish uniform set of auditing
comment
standards as a benchmark for professional accountants.
4. Consideration of comments
(meeting)
5. Affirmative approval (final
standard)
Regulatory Environment & Corporate Governance 9
Objective, relevance & importance of CG

CG set of policies & procedures which determine how an organisation functions
Objectives Importance
 Builds investor & shareholder confidence.
 To align interests of an organisation with  Organisation commits to being ethical, efficient &
those of its shareholders effective.
 To direct & control activities of  Helps BOD, executives & management to take
organisation ethical decisions.
 To ensure effectiveness, efficiency &  Provides a system of checks & balances.
ethics
of organisation as a whole
Need for auditor to communicate with those charged with governance
‘Audit matters of governance interest arising from the audit of financial statements’ that
need to be communicated with those charged with governance include:
 general approach, scope & limitation of audit
 any changes made to the accounting policies & practices
 any potential risk or exposures which need to be included in the statements
 any material risks relating to going concern status of entity
Manager pays personal
 any weakness in internal control system
bills from his corporate
 any occurrences of fraud
credit card (fraud).
 any material disagreements with management on FS
International codes of CG
OECD principles Executive director (ED): is primarily
 Effective CG framework responsible for carrying out the strategic plans
 Rights of shareholders & key and policies as established by the board of
ownership functions directors.
 Equitable treatment of Non-executive director (NED): does not
shareholders handle the day-to-day operational
 Role of stakeholders in CG responsibilities of the company.
 Disclosure & transparency
 Responsibilities of the board
UK corporate governance Code
Main principles Supporting principles Code provisions
 The board should meet

 Headed by an effective  Board has a role to provide
entrepreneurial leadership regularly
board & clear division
 Chairman is responsible  The roles of chairman and
Leadership of responsibilities at
for setting board’s agenda CEO should be performed by
the board level
different individuals.
 NED’s help to develop  NED’s to monitor reporting
of performance  One of the NEDs to be the
proposals on strategy
senior independent director


Effectiveness  Board should have  Board should be of  A nomination committee
appropriate skills & sufficient size to meet should be established to
experience to requirements of make recommendations to
discharge their duties business & appointed the board
& responsibilities members based on  All NEDs should be subject
effectively merit to election by shareholders
 Board to receive  Chairman to act on at the first AGM after their
induction on joining the appointment
& formal, rigorous performance evaluation  Evaluation of the board of
procedure while by the board , receive FTSE 350 companies to be
appointment of new timely information & conducted at least every
directors ensure that directors three years
update their skills
Accountability  Present a balanced  The board’s  Annual report should
and understandable responsibility to include:
assessment of the present a balanced and  the director’s
company’s position understandable responsibility
and prospects assessment extends to towards preparing the
interim and other price- accounts & reporting
responsibilities of auditors.
sensitive public reports
 explanation from directors
on going concern issues
Remuneration  Designed to  The performance-  Remuneration level for

attract, retain related elements of NEDs should be at par with
and motivate executive directors’ the responsibilities taken up
EDs remuneration should  Should have remuneration
be designed to committee of least three; for
promote the long- small companies, two
term success of the independent NEDs
company.
Relations with  Boards should  The chairman should  Companies should send
shareholders use AGMs as a ensure all directors notice to shareholders at
platform to are made aware of least 20 working days in
communicate their major advance of AGMs.
with investors shareholders’ issues
and concerns

Structure, role, drawbacks & limitations of audit committees
Role of audit committee
Oversee external audit Monitor the internal control systems
Discussing all matters on which external auditors Monitoring effectiveness of organisation’s risk
are required to report & scope of audit. assessment procedures.
Requesting any special investigations into areas Reviewing internal accounting & financial
of concern to BOD. controls of the organisation.
Discussing any differences between auditors & Ensuring organisation’s assets are adequately
management in terms of audit. safeguarded & financial & accounting reports
are timely & accurate.
Overseeing general performance of external Overseeing internal audit work of the

auditor. organisation.
Advantages of audit committee
 Public confidence increases
 Financial reporting complies with the reporting standards of company
 Guides the BOD for various CG requirements
 Gives suggestions for improvement in internal control system
 Gives explanations to external auditor
 Helps in risk management
Limitations of audit committee
 Does not have authority to appoint or dismiss auditors.
 Does not have as much technical expertise & knowledge as the auditors.
 Does not have thorough knowledge of the organisation’s operations & functioning as executive
directors would have.
 Adds to the cost incurred by the organisation.
 The board may feel that the audit committee has been formed to curtail its powers and allow
outsiders (NEDs) to run the company.
Importance of internal control & risk management
Importance of internal control & risk management
 Allows organisation to proactively identify & quickly respond to business risks.
 Allows organisation to safeguard both its tangible & intangible assets.
 Forces organisation to maintain records to ensure accurate & timely financial reporting.
 Helps organisation to comply with all relevant laws & regulations.
Responsibilities for an internal control system (ICS)
Management: Auditors: Board of Directors: ensure that

 Design & implement  Review & report on the  ICS is monitored.
effective ICS. effectiveness of the ICS.  ICS is reviewed by auditors.
 Ensure the system is  Recommend improvements  Recommendations made by
effectively working on a to the system. auditors are implemented.
continuous basis.

Intro: this Study Guide discusses the fundamental principles of professional ethics, the
conceptual framework, the requirements of professional ethics while accepting a new audit
engagement and the auditor’s responsibility regarding auditor’s independence, conflict of
interest & confidentiality.
Fundamental principles of professional ethics
Five fundamental ethical principles of a professional accountant (PA)
Professional Professional
Integrity Objectivity Confidentiality
competence & due care behaviour
Should be Comply with

Acting with Knowledge & skill, Never disclose
unbiased & relevant laws &
honesty & work diligently, confidential
impartial and regulations,
being fair & update information of
use professional avoid any
truthful judgment themselves, work clients to any third
action that
meticulously party unless legal
discredits the
duty or a legal
profession
right to do so
Professional Ethics & ACCA’s Code of Conduct 17

The conceptual framework
Helps members identify, evaluate & take mitigating action against all
risks that threaten compliance with ethical principles
Categories of threats which might make an accountant violate these ethical principles
Self interest threats Personal / financial interest in the organisation
An accountant has to review & revaluate their previous

Self review threats
judgements
A position / opinion to the point that subsequent objectivity

Advocacy threats
may be compromised
Familiarity threats Relationship with client stops being a purely professional one
Deterred from acting objectively by threats, actual / perceived

Intimidation threats
dismissal / replacement, being sued & reducing scope of audit
Conceptual framework outlines safeguards, which fall into 3 groups
Accountants required to study & are tested on

The profession / importance of ethics
legislation /
regulation
Investigate & take disciplinary action against
accountant found guilty of ethical misconduct
Implementing a system of internal control

The work
environment
Regular training programmes on ethics & corporate
governance
Attend regular training & professional development

programmes
Individual
Take advice from appropriate legal / regulatory
body in situations of uncertainty

Auditor’s responsibility regarding auditor’s independence, conflicts of interest &

confidentiality
Independence: attitude of mind characterised by integrity & objectivity. It includes

independence of mind & independence of appearance
Conflicts of interest : can be determined by identifying potential threats to the fundamental

principles of integrity, objectivity, confidentiality, professional behaviour, competence and due care
Some of the areas where the accountant can face a conflict of interest
Second opinion
when companies seek a second opinion from professional accountants when they are dissatisfied
with the audit of existing auditors.
Competitors as clients
clients who are in direct competition with each other.
ACCA’s model for resolution of ethical conflict
No
Yes
Does it involve Are there sufficient Refuse
Identify Yes Is the
non-compliance safeguards to to
the ethical threat
with fundamental eliminate / reduce perform
issue significant?
principles? threats? the act
No
No Yes
Proceed with caution
Exceptions to  Disclosure is permitted by law & authorised by client

 Disclosure is required by law
the rule of
 There is a professional duty / right to disclose
confidentiality when not prohibited by law.
Requirements of professional ethics for acceptance of new audit engagements
Obey all rules &

Consider
Act ethically regulations & do
ethical Ensure
& in best Be objective not engage in
responsibilities professional
interests of & any activities that
before signing
clients / independent may bring
engagement competence
profession disrepute to
letter & diligence
Profession

Preconditions in relation to the acceptance of new audit engagements
Recurring Evaluation of following factors helps the auditor decide whether they need
Audits to revise the terms of engagement for a recurring audit
 A change in the financial reporting standards.

 A need to include new terms in audit engagement.
 A regulatory / legal requirement to change audit terms.
 A change in the ownership / senior management of the client.
 A significant change in the nature / size of business of client.
 A misunderstanding by client on the objective and / or scope of the audit.
Determine whether Obtain an acknowledgement

the financial reporting from the management
framework to be relating to its
applied responsibility
in preparation of the Complied on various areas
FS
is acceptable
IF YES IF NO
IF YES
Accept the Audit Engagement Does it Comply with law
Process by which an auditor earns an audit engagement

Intro: this Study Guide provides a thorough understanding of the factors to be taken into
account when assessing the need for internal audit and the best practice in the structure &
operations of internal audit.
Factors to be considered when assessing the need for internal audit
Internal audit : assurance is provided of the reliability & effectiveness of an organisation’s risk
management, internal control & CG
All organisations need to identify:

 their long-term objectives; Internal audit examines
 activities to achieve these objectives; and tests the efficiency and
 risks involved in conducting these activities; and functioning of these systems
 establish internal control system to mitigate these risks.
Main objectives of internal auditing
 Assess whether management has met its responsibilities.

 Determine whether organisation complies with all laws & regulations.
 Determine whether all prescribed internal control policies & procedures are being complied with.
 Report unidentified risks & internal control weaknesses.
 Recommend any improvements to / changes in internal control system.
Internal audit and corporate governance 25

Internal audit 26
Benefits of effective internal audit function Internal audit function assists the BOD by:
Identifies weaknesses & areas for improvement  Working in close co-ordination with external
auditors to avoid duplication.
Feedback mechanism, independent assessment of  Providing advice on the implementation of
departments / processes new standards & accounting practices.
An objective evaluation of all potential risks  Auditing the reports reviewed by the
board.
Regular examination & evaluation of internal  Audit committee must also:
control system  monitor the internal audit function.
 conduct an annual review for internal audit
Reviews of operational & financial performance function.
 explain its absence in the annual report in
case of no internal audit function.
Effective internal audit systems have:
 internal auditors reporting directly to
organisation’s BOD / audit committee. Factors to be assessed before implementing
 qualified personnel with good working an internal auditing function:
knowledge.  scale, diversity & complexity of organisation’s
 sufficient staff to carry out effective internal activities
 whether any departments have a history of
audits.
problems
 detailed procedures & polices.  probability or possibility of fraud &
 regular reporting on periodic basis. corruption
 periodic reviews of auditors’ work .  costs versus benefits
 role of corporate governance
Intro: this Study Guide discusses the differences between the role of external (EA) and
internal audit (IA) regarding audit planning and the collection of audit evidence.
Role of internal and external auditor in audit planning
Internal Auditor (IA) External Auditor (EA)

Audit Objective Evaluation of internal controls Truth and fairness of the
financial statements
Timing of audit work Takes place continuously / Takes place at annual intervals
periodically
Extent of audit coverage Detailed audit procedures, & Test checking of books &
determining nature, timing & documents as well as enquiries
extent of EA procedures into scope & approach of IA.
Materiality Levels Substantially high to minimise Comparatively low as well as
audit risk, conducting the audit subject to modification & can
in greater detail. rely upon work of IA.
Review of internal audit reports Helps EA in devising audit
N.A. procedures so as to reduce
audit risk at acceptably low
levels.
Review of internal control Determines effectiveness of the Evaluates effectiveness of those
systems entire internal control system internal controls on which they
want to rely
Differences Between External Auditor & Internal Audit Function 27

Internal
Internal Audit
Audit 28
Role of internal and external auditor in collecting audit evidence
Internal auditor (IA) External auditor (EA)
Extent of audit Carries out relatively extensive Reviews effectiveness of internal audit
procedures used procedures to obtain audit evidence and then decides the extent of audit
to gather audit of reliability and effectiveness of the procedures required i.e. conducts
evidence whole operating system audit on test basis
Reliance on work Can rely on the work of experts, needs Can use the findings and audit
of others to evaluate the effectiveness and evidence gathered by the internal
appropriateness of this work, as far as auditor as well as rely upon work of
practicable experts
Ascertains the truthfulness and

Operating matters Concerned with operations of the
fairness of the FS; & audit is risk
entity; & audit is procedure based
based.
Scope of work Checks effectiveness of internal audit Determines if financial statements are
free from material misstatements
Sources of Observations, inspection of records,

assets, procedures, inquiry, analytical Includes evidence from internal and
evidence external sources such as bank reports
procedures
Intro: this Study Guide discusses the scope & limitations of internal audit function.
Scope & limitations of internal audit function
Refers to audit procedures deemed appropriate in the circumstances

Scope of auditing
to achieve objectives of audit.
Scope of internal audit includes:

 examination & evaluation of the adequacy & effectiveness of the internal control
system.
 review of reliability, integrity, adequacy & timeliness of the financial & operating
information.
 review of the system established for compliance with laws, regulations and
management policies.
 safeguarding the assets of the entity against various losses.
 determination of the effectiveness, efficiency and also the economy of the
operations of the entity.
 risk management Important for achieving objectives of

Internal auditor also
has to give  internal control organisation. It includes identifying & assessing
suggestions for processes
corporate all relevant risks.
improvements in:
governance
Scope
Scope ofof Internal
the Audit
Internal Function
Audit Function 29
Internal Audit 30
The GRN and the

cheque is signed by the Sometimes, a person
same person who is not an ACA,
ACCA, CPA is appointed
Attitude of management
poses a limitation on the IA
function
Bad internal
control system!!!
S
c
o
Limitations of p
internal e
Difficult to maintain independence as influenced by senior level management
audit
function n
oNo uniformity & no provision for internal audit given by IAS
t
A relatively new profession
d
e
f
i
n
e
d
Intro: this Study Guide discusses advantages & disadvantages of outsourcing internal audit.
Advantages & disadvantages of outsourcing internal audit
Advantages Higher level of

efficiency
Higher level of efficiency as well as reduction in costs
Provides broad range of expertise & experience
Risk of employee turnover is passed on
Fixed employee costs may be replaced by variable Cost reduction

fee for service.
Improves independence of internal audit function Expert at a cheap rate
Access to latest technology & software
Management time is saved
Employee training cost that is incurred to educate

them about principles, methods & techniques of Technology
internal audit, can be saved
Outsourcing the internal audit function 31

Internal Audit 32
Disadvantages
Internal audit
External audit
May sometimes become counterproductive if the external
audit firm takes up the internal audit responsibility. Overlapping roles
between
Independence of internal audit function may be internal &
jeopardised. external audit
Internal audit firm’s staff may be ignorant of
organisation’s objectives, culture or business.
If outsourcing decisions are taken for cost considerations Lack of control

the entity faces the risk of ineffective internal audit over audit staff
functions.
Flexibility & availability of audit personnel may be
adversely affected.
Risk of overlapping roles between internal & external
audit.
Lack of control over audit staff of outsourced firm.
Increases costs of company with no added loyalty to Increases costs of

company. company
Intro: this Study Guide discusses the nature & purpose of internal audit assignments
including value for money (VFM), IT, best value & financial. It also explains the nature &
purpose of operational internal audit assignments, including procurement.
Nature & purpose of internal audit assignments: VFM, IT, best value & financial
Criteria of VFM
VFM: Value for money is
important in both profit
seeking and not-for-profit
Economy Efficiency Effectiveness
organisations Available
funds are spent in the
provision of services in a
Incurring the way that maximises the
Maximising output Achieving desired
lowest possible benefits to the users of
input ratio objectives
cost to fulfil need the services.
Deficiencies of value for money audit
 No universal measure for output.

 Objectives of audit and measure of efficiency vary with the type of work being audited.
 Quality might be sacrificed to achieve economy and efficiency.
 It is not easy to measure effectiveness.
Internal Audit Assignments 33

Internal Audit
Internal Audit 34
Key areas of IT controls
Auditing general controls Auditing application controls
Auditing physical access
Review of existence of policies & controls Review of utilities of application
procedures for day-to-day software & business function
operations, availability of staff & Review of system of that application software
their skills and also include accessing soft files & performs
infrastructure & environment software
control as well as procedures in
place for back-ups, firewalls
hallenge  the need for service & the way it is provided

Best ompare  attributes of services provided with those provided by similar
organisations
value onsult
review  customers about whether or not services provided meet their
ompete needs
 to encourage fair competition
 Determining adequacy of controls in systems
Financial audit is the  Determining effectiveness of internal controls
traditional internal audit  Identifying misstatements & investigating fraud
function. It involves  Safeguarding assets
 Complying with laws & regulations
Nature & purpose of operational internal audit assignments
Operational audit An audit of the major operational processes of an organisation
Procurement: process of obtaining goods & services
Risks of misstatements include: Control (suggested to be applied)
 Fraudulent payments • Payment against authorised purchase only
 Delay in procurement • Placing order in written form only

 Buying inferior quality goods • Vendor selection through tendering process
 Purchasing at higher prices because of • Perpetual inventory management
wrong timing of purchase
• Release of payment only after quality
check
Marketing: set of processes for creating, communicating & delivering value to customer.
Exorbitant Advertisement in
Risk breach of
marketing related
Marketin
costs regulations
Preparation Cost- Approval of

Approval of
of budget benefit
g
design & Adherence to marketing

Control before analysis advertisement expenditure by
content of
incurring should be regulations authorised
advertisement
expenditure made person
Internal Audit Assignments 35

Internal Audit
Internal Audit 36
Treasury: makes the best use of available funds to maximise organisation’s wealth.
HRM: manages various activities associated with labour force of entity.
Failure to Failure to
Failure to Failure to get Failure to
employ right implement
Risk retain feedback on provide
person control
employees training
policies
Managemen
performance
Resource
Human
Obtain Identify
formal aptitude of On-job training
Control requisition incumbents to the new
before before placing recruits
recruitment them in job
Intro: this Study Guide discusses the overall objectives of the auditor and also the need to plan and
perform audits with an attitude of professional scepticism.
Overall objectives of an auditor
To obtain reasonable assurance that the FS as a whole are free from material
misstatement, due to fraud or error.
Objectives
To report on the FS & communicate audit matters as required by ISAs.
To express an opinion on whether the FS are prepared, in all material respects, in

accordance with an applicable financial reporting framework .
Need to plan & perform audit with an attitude of professional scepticism (PS) and exercise
professional judgement
Professional scepticism: an attitude that includes a questioning mind, being alert to conditions which
may indicate possible misstatement due to error or fraud & a critical assessment of evidence.
Attitude of professional scepticism should prevail when
audit evidence contradicts reliability of information conditions may circumstances require

other evidence is to be checked indicate possible fraud additional audit procedures
Objective & General Principles 37

Planning & Risk Assessment 38
Ethical issues
Assessing risk of material misstatement
Important
Professional Judgment
Obtaining sufficient audit evidence by designing

areas of
appropriate responses to assessed risks
application
Forming an opinion on FS based on conclusions drawn
from the audit evidence obtained
Provides appropriate record of the basis for auditor’s report
Provides evidence that audit was planned & performed
according to ISA
Documentation Enables another auditor to understand significant
professional judgments
Need to conduct an audit Needs to be supported by facts & circumstances of
according to ISAs engagement
Means that auditor has complied
with the requirements of: Need to conduct an audit in accordance with ISAs
1. ISA 200: overall objectives of the
independent auditor & conduct of an
audit in accordance with International Auditor Provides There is
Standards on Auditing. fulfills standards for consistency
2. the ISAs that are relevant to the responsibility audit work in
audit. reporting
Intro: this Study Guide discusses the components of audit risk and explains the risk of
material misstatements in the FS.
Audit risk: risk that the auditor expresses inappropriate audit opinion when FS are materially misstated.
Attach security
Risk of pilferage in a Components of audit risk Pilferage despite
tags to items
retail shop control systems & IA
Inherent risk Control risk Detection risk
Risk because of Internal control system Auditor’s checking & sampling

organisation’s business does not adequately procedures will not uncover any
& nature of industry mitigate all business risks existing irregularities or
misrepresentations
Risk of material misstatement
= Inherent Risk Control Risk x Detection Risk

Audit Risk x
Determined by Auditor Assessed by Auditor Managed

by Auditor
39
Assessing the risks of material misstatement
Risk of material misstatement in financial statements(FS)
Risk related pervasively to FS as a whole, potentially affecting many assertions E.g. non-
consolidation
Response to risks
of the FS of
Maintaining professional scepticism through the audit a subsidiary
Assigning more experienced staff due to
Risk of
inability to
misstatement Including experienced staff in audit team ascertain the
at FS level
fair values
Providing more supervision
of a few of
Incorporating additional elements of unpredictability while the
selecting further audit procedures subsidiary’s
material
Making general changes to nature, timing & audit procedures assets
Risk that FS are materially misstated prior to audit
Risk of Response to risks

E.g.
misstatement Significance of the risks overvaluation
at assertion Likelihood that material misstatements will occur of
level inventories
Characteristics of the class of transactions
due to
Nature of specific controls technological
developments
Intro: this Study Guide discusses how an auditor obtains an initial understanding of the
entity and its environment.
How auditor obtains initial understanding of entity & knowledge of business environment
Factors for understanding the entity & its environment

 Industry conditions – competition in the market, cyclical / seasonal
External factors activity, technological / other developments
 Regulatory environment – accounting principles, legislation &
regulations, government policies, taxation, regulatory framework
Refers to entity’s operations, its ownership & governance,
Nature of the entity
understanding of investment & financial activities
 Methods of accounting significant and unusual transactions
Entity’s selection & application of  Effect of significant accounting polices in areas where there is no
accounting policies including guidance
reasons for changes thereto  Changes in entity’s accounting polices
 Financial reporting standards and laws & regulations
The auditor has to assess how the business risks affect the financial
Objectives & strategies &
statements
significant business risk of entity
Measurement & review of entity’s Include analysis of performance of entity (e.g. if there exist material
financial performance variations from previous year, more testing will be needed).
Understanding the entity and its environment 41

Planning and risk assessment 42
Companies using e-commerce IAPS outlines that auditor must posses requisite IT & internet business
knowledge
Internal control Refer to section D
Obtaining an understanding of entity based on

risk assessment procedures
Inquiry of management Observation & inspection

Analytical procedures
& others within entity
 Those charged with governance  Observation: auditor

Include comparison of
 Internal audit personnel personally observes procedures
ratios that help auditors
 Employees when actually performed
to identify unusual items  Inspection: auditor examines
 Legal counsellors
 Marketing or sales personnel records & documents
Risk assessment procedures for the identification of risk of material misstatement
Risk assessment procedures: the audit procedures performed to obtain an understanding of the entity
and its environment, including the entity’s internal control, to identify and assess the risks of material
misstatement, whether due to fraud or error, at the financial statement and assertion levels.
Intro: this Study Guide explains the concepts of materiality, how to calculate materiality
levels from financial information, the effect of fraud and misstatements on audit strategy
adopted and the extent of audit work.
Concept of materiality & performance materiality
Materiality: level of misstatement that could affect the economic decision of user of FS
Determinants of materiality
Qualitative factors Quantitative factors
a] relative significance a] elements of FS
b] comparison with the corresponding previous year’s b] items on which users of entity’s FS tend to
figures focus
c] transactions of abnormal & non-recurring nature d] c] nature of entity, industry & economic
statutory requirement environment
e] regular checks d] entity’s ownership structure
f] recurring errors
Performance materiality: amount set by auditor at less than materiality, for FS as a whole to reduce
to an appropriately low level the probability that the aggregate of uncorrected / undetected
misstatements exceeds materiality for FS as a whole.
Analytical Procedures
Materiality, Fraud, Laws & Regulations 43
Performance materiality for the financial statements as a whole will be lower than:
 the materiality of the financial statements as a whole.
 the materiality levels of a particular class of transactions, account balances or disclosures.
Effect of fraud & error on audit strategy
Fraud: an intentional act by individuals, those charged with governance and/or employees involving use
of deception to obtain an illegal advantage.
Fraudulent
Alteration of an financial Intentional misapplication
accounting record reporting of accounting principles
Intentional omission of events / transactions
Misstatement: difference between amounts, classification, disclosure of reported FS items &

amounts, classification, disclosure of item required to be in accordance with applicable financial
reporting framework.
Theft of assets Misappropriation Embezzling receipts

of assets
Using the assets for personal use Making payment for goods not received
Risk assessment procedure
evaluate any evaluate other

inquire from
enquire with unusual & information
management
internal auditors unexplained about entity & its evaluate fraud /
about their
and those charged relationships that environment risk factors e.g.
assessment of risk
with governance have been identified which is helpful domination of
of material
about knowledge while performing for identifying management
misstatement due
of fraud analytical risk of material
to fraud in FS
procedures. misstatement
 To the appropriate level of management for further investigation
 On a timely basis
Communicati
 To those charged with governance in situation where auditors have doubts
on relating
about integrity of management
to fraud
 Either oral / written
 Communication with regulators & shareholders
Effect of fraud & error on audit strategy:
 Consider whether overall audit strategy needs to be revised
 Auditor should not assume that instance of fraud is isolated occurrence
 Communicate misstatements & their impact
 Perform further audit procedures to re-evaluate amount of
misstatement
 Perform extensive procedures
Analytical Procedures 45
Materiality, Fraud, Laws & Regulations
Primary responsibility with management

Responsibilities
relating to prevention
& detection of fraud & Internal auditor can assist management
error
External auditors and internal auditors should exercise due
care to uncover fraud
Auditor’s responsibilities concerning

compliance with laws & regulations
Not responsible for ensuring Should check compliance

compliance with applicable laws when:
However, should plan & perform  Laws & regulations provide a legal framework within
audit with an attitude of which the entity operates.
professional scepticism.  Laws & regulations materially affect the FS.
 Audit is conducted in accordance with specific laws.
Intro: this Study Guide discusses the concept of analytical procedures consisting of the
study of significant ratios, trends & other statistics & investigating unusual & unexpected
fluctuations & items.
Nature & purpose of analytical procedures in planning

Steps involved in analytical procedures:
 Evaluation of financial information Expectation
by study of plausible relationships
among both financial & non-financial Identificatio
data. n
 Investigation of identified fluctuations igation of unusual variances
Inves
& relationships that are inconsistent Performance of alternate procedures
with other relevant information. t
AP are comparisons of financial information of the entity with
Ratios from Results of other

previous Expected Industry comparable Expected
financial ratios average results divisions of the results
periods business
Purpose of analytical procedures
AP used as  Risk assessment procedures (planning stage)
 Substantive procedures
 Overall review of financial statements
Planning  Helps auditor to determine nature, timing & extent of audit procedures
 Highlights unusual transactions, events, amounts that have a significant effect
on FS i.e. help identify fraud and misstatements
Key ratios used in AP

Gross Profit % = (GP/Sales revenue) x 100 Expenses as a % of sales =
(Expense/Sales revenue) x 100
Current ratio = Current Assets /Current Liabilities Quick ratio = (Current Assets - Inventory)/Current
Liabilities
Inventory turnover = Cost of sales/Inventory Interest cover ratio = PBIT /Interest expenses
Average collection period = Average payable period =
(Receivables/Credit sales) x 365 (Payables/Credit purchases) x 365
Capital gearing ratio = Dividend cover ratio = Profit Before Interest &
Tax (PBIT)/ Dividend
Total long-term debt/Shareholders’ funds) x 100
Interest cover ratio = PBIT/Interest expense
Limitation of ratio There is no single correct value for a ratio

analysis
This ratio is too low
It depends upon the perspective of the analyst
This ratio is
very high
 Reliability of ratio analysis depends upon quality of the underlying

financial information.
 For comparison purposes information must be calculated on a
consistent basis.
 Logically related figures must be used to calculate a ratio.
 Ratios are not a conclusive test of accuracy of FS.
Remember that single ratios are meaningless

Intro: this Study Guide discusses the need for planning an audit, a description of the
contents of the audit strategy and audit plan as well as the difference between an interim
audit and a final audit.
Need for planning an audit & contents of overall audit plan & strategy
Audit strategy: Need for planning an audit:

Sets scope, timing &  Identifies important areas that require more attention
direction of audit &
 Identifies potential risks which affect audit as well as FS
guides development of
a more detailed audit  Ensures conduct of effective and efficient audit
plan.  Allocates work to assistants in proper manner for best utilisation
 Identifies need for experts & co-ordination of work of others
Content  Determines nature, timing & extent of audit procedures
 Understanding the entity’s environment

(Discussed in Study Guide C3) Converts audit strategy
 Ascertaining nature, timing and extent Audit into more a detailed plan
of resources necessary to perform the Plan and includes nature,
engagement timing and extent of audit
procedures.
Planning an Audit 51
Main audit Audit Plan

Relationship between audit
procedures during Contents strategy & audit plan
an interim audit
 Allocation of work
to assistants Audit Strategy Audit Plan
& duties
 Risk assessment  Allocation of time & cost 1. Prepared before 1. More detailed
 Formation of various teams
 Tests of control  Audit test the audit plan than audit
 Analytical procedures  Data gathering techniques 2.strategy
Specifies overall 2. Includes nature,
 Substantive procedures  Audit objectives guidelines for timing & extent of
 Types of audit evidence
desired developing audit audit procedures
Impact of the work plan
performed during the Purpose of an interim
interim audit on the final audit: to complete detailed Interim & final audit
audit procedural or vouching tests
with a view to speeding up of Interim Audit Final
Nature of work performed the final audit Audit
1. Conducted 1. Carried out at the
Early completion of audits
Final between two final end of accounting
Improved efficiency of Overall
audits period
internal controls
audit review 2. Voluntary 2. Compulsory
Minimum losses due to fraud
of FS
Early correction of errors stage 3. Decision to carry 3. Compulsorily starts
Letter
Quality of audit can be out audit depends after the end of
of
affected End of on the size of accounting period.
weakne
Higher cost interim entity
ss
& final
audits
Intro: this Study Guide discusses the need for and importance of audit documentation & the
procedures adopted by auditor to ensure safe custody & retention of working papers. It also
provides an understanding of which papers should be retained & how to ensure their safety, as
an auditor of an entity.
Need for & importance of audit documentation

Audit documentation (AD): record of audit procedures performed, relevant audit evidence obtained &
conclusions the auditor reached.
Need for & importance of AD

 Facilitates adequate planning
 Facilitates supervision & review of audit work
 Provides basis of audit report
 Allows discussion of audit findings with management
 Provides defence against negligence charges
 Serves as guide for succeeding auditors
 Serves as data bank
Preparation of working papers, supporting documentation & ensuring safe custody
Audit records serve as an important basis for understanding audit programmes, objectives and activities.
Audit Documentation 53
Features & nature of AD: List of total debt

 Working papers (WP) must be informative & avoid Party name Address Amount
irrelevant & unnecessary details. Mr X XXXXXX XXXXX
Mr XXXXXX XXXXX
 WP should have design & layout which leads to
Y
better
understanding & should be indexed. Audit staff of Alex Ltd were asked for
 Information conveyed must be accurate, legible & list of total debts but they also gave
very addresses which is an irrelevant &
clear in thought & expression. unnecessary detail.
 The information is confidential & should not be disclosed
Control Factors affecting the form, content & extent of AD:
to the required to ensure safe custody
client’s staff.
of AD:  Nature of engagement
 Maintain log (when & by whom document  Nature, size & complexity of the entity’s internal control
was created & changed)  Nature of audit procedures
 Prevent unauthorised changes to  Nature & extent of exception identified
documentation  Specific audit methodology & technology
 Protect from theft
Permanent file Contains matter of continuing importance;
Types of audit for long term use
file Broadly concerned with accounts being audited;
Current file
for immediate use
The retention period for audit engagements ordinarily is no shorter than five years from the date of the
auditor’s report.
Intro: this Study Guide explains the internal control systems (ICS), why an auditor needs to
obtain an understanding of the ICS, a description of the key components of the ICS and the
difference between tests of control & substantive procedures.
Internal control (IC) activities relevant to audit
IC is a process which is effected by an entity’s board of directors, management and other personnel.
IC provides reasonable assurance regarding achievement of objectives in the following areas
Efficiency & effectiveness Reliability of financial Compliance with applicable

of operation reporting laws & regulations
Can be ensured by:

 adhering to all management policies
 safeguarding assets and records
Internal Control Systems 55

Internal Control 56
Objectives of
internal controls
Avoid fraud, error, Point out when &

wastes & where corrective
insufficiencies action can be taken
Enable auditors to Determine the nature,

Ensure accuracy of
effectively plan the extent & timing of
all records, data &
audit tests to be performed
statements
Enable auditors to
Understand the
determine the
internal control
degree of reliance
system
on the FS
Identify types Consider factors Design effective

of potential that affect the risk substantive
misstatements of misstatement procedures
Key components of internal control system
Internal control system consists of:

1. the control environment (CE)
2. the entity’s risk assessment process
3. the information system including the related business process
relevant to financial reporting and communication
4. control activities relevant to the audit & monitoring control
Communication & enforcement

of integrity & ethical values
Human resources policies
Commitment to competence
& practices
Control environment
Assignment of authority includes
Participation by those charged
& responsibility with governance
Management philosophy &

Organisational structure operating style

Internal Control 58
Tests of control: Auditor evaluates Control environment (CE): Lower the risk of
controls by performing own tests of better the CE material misstatement
control:
 review of relevant document Measures to achieve good CE: providing discipline;
 enquiries of management & adopting control measures
employees
Entity’s risk assessment process
Steps involved in testing the risk assessment process
1 Identification of business risks relevant to financial reporting
2 Estimation of the significance of risks
3 Assessment of the likelihood of their occurrence
Information System 4 Decision about actions to manage them
An information system consists of  Initiates, records, processes & reports entity transactions
hardware components, software,  Maintains accountability for the related assets, liabilities,
people, procedures & data. and equity
The auditor has to obtain an understanding of the
following areas of the information system (IS)
Classes of significant transaction (ST); significant to the FS
Procedures by which transactions are initiated, recorded,
processed & reported
Accounting of ST
How the IS captures events & conditions other than ST
Financial reporting process used to prepare the entity’s FS
Control activities
 Are there policies & procedures that ensure management directives are followed
 Applicable to both IT & manual systems
 Auditors should understand the control activities to avoid material misstatements & to design
further audit procedures responsive to assessed risk
Authorisation Performance Physical Segregation

reviews control of duties
Information
processing

Internal Control 60
Monitoring of controls is a process of assessing the effectiveness of internal control performance

over time.
Testing of IC involves:
 periodic assessment of the existing controls
 making necessary modifications for changes.
Tests of control & substantive procedures

Substantive procedures Tests of control
Designed to detect material misstatement at Obtain audit evidence about the operating
the assertion level. effectiveness of controls.
Gather evidence of account balances & Controls are tested through inquiry, observation and
transactions as to their completeness, documentation.
validity, accuracy. Tests are carried out only on those controls where
Specifically responsive to there are material misstatements in order to prevent
identified significant risk. / detect & correct them.
Timing of substantive procedures: Previous year’s tests can be relevant to the current
year if they haven’t changed.
 at the time of annual closing
 a few months before the year end. Controls relating to significant risks to be tested every
year.
Less effective than tests of detail, as used as
a supplementary technique. Other controls may be tested every three years.
Intro: this Study Guide explains the use of internal control questionnaires (ICQs). It also
explains how auditors identify deficiencies in Internal Control System & how those
deficiencies limit the extent of auditors’ reliance on those systems.
How auditors record internal control systems
 Narrative record: ideal for small, simple system descriptions
 Flowcharts: pictorial representations of document flows & ICS
 ICQs: contain pre-designed questions in order to ensure that all features
of the system are assessed
 ICEQ: contain questions which look at control objectives and whether or
not these are met
How auditors identify deficiencies and significant deficiencies in ICS
Weaknesses in ICS may be due to This is the weak link

in the ICS. I need
to concentrate on
 improper design of the system the area controlled
 ineffective implementation by this link!
Use of internal control systems by auditors 61

Internal control 62
Identification of deficiencies in design of Identification of deficiencies in

ICS implementation of ICS
Obtain & evaluate organisation chart and written Inspection of documents e.g. purchase orders to
policies and procedures confirm authorisations
Discuss with audit committee Observation of procedures e.g. inventory count
Obtain & evaluate authorisation policy Enquiry of personnel
Obtain & evaluate various reports Re-performance e.g. confirming that purchase
vouchers have supporting GRNs & POs
Examine feedback from suppliers & customers Recalculations e.g. calculation of depreciation
How deficiencies limit the extent of auditor’s reliance on the ICS
If the controls are not effective the external

Auditor evaluates the ICS to determine the
auditor should increase the level of
extent to which they can rely on the system.
substantive procedures to be carried out.
Intro: this Study Guide explains, analyses & provides examples of internal control procedures
& control activities and provides examples of computer system controls.
Control activity: policies and procedures which help to ensure that the management
directives are followed.
Specific control activities include those relating to
Authorisation Performance Information Segregation Physical

reviews processing of duties
Authorisation: approval of transaction / process by authorised person (AP)
controls
Process for  inspect validity of documents

approval by AP  approve transaction by initialling & dating document
Entity needs to  all the important transactions & processes which require to be authorised
identify  level of authority that is responsible for the authorisation
Benefits of  important transactions & processes have the approval of officials designated
authorisation by management
 the entity complies with the policies of the entity
Transaction Cycles 63
Internal Control 64
2) Performance review (PR) Steps included in PR
Management review performance to

find out whether the results are
Step 2
according to expectations & whether
the goals have been met.
Step 1
3) Information processing
Application controls Manual Authorisation: only authorised persons can use the
or automated procedures software.
operating at business Completeness: transactions are complete.
process level Accuracy: transactions are accurately recorded.
support the effective functioning of application

General IT
controls by helping to ensure continued and
controls
proper operation of information systems
4) Physical controls Designed to ensure physical security of assets
Examples:
 securing assets by employing personnel to guard assets
 permitting access to strong-room of a bank only to authorised persons
 placing indelible identification marks on non-current assets such as
laptops
5) Segregation of duties - reduces risk of errors & fraud
E.g. responsibilities for authorising transactions, recording transactions and maintaining

custody of assets are given to different people.
Transaction cycle (TC): policies & sequence of procedures for

processing a particular type of transaction.
Transaction Cycles 65
Internal Control 66
Control objectives
The control activity required at each stage in a transaction cycle
E.g. in a transaction of revenue, control activity is required at the following stages
 Receipt and execution of the order You need to think logically at each and every
 Recording sales stage of the transaction cycle. For detailed
 Receipt of payment from customers explanation, refer to the Study Text.
Revenue Purchases Payroll
Timely execution of all orders. Procured on time Paid on time
Accuracy of sales invoices Purchases at optimum prices Paid at the correct rates
Accurately recorded Accurately recorded Accurately recorded
Purchases meet the required Payments are made according to Paid for work of entity
quality standards agreed terms
No missing revenue Procurement is for genuine Paid to the right people.

reasons
Intro: this Study Guide explains & tabulates tests of control suitable for inclusion in audit
working papers and lists examples of application controls & general IT controls.
Application controls (Examples)
Application controls include: Control over processing & computer data files
 control over input
 control over processing and  File labels, run to run controls
computer data files  Control total, batch total
 control over output  On-screen prompts, audit trail
 control over standing data
 Authorisation of input documents
Authorisation  Data input to be made by
controls authorised persons only
Control over Completeness

 Document count
input  Financial control total
control
 Review of output against expected value
Accuracy  Check digit

controls  Range checks
 Existence checks
Tests of Control 67
Internal Control 68
Control over output Control over standing data
 Reasonableness check  Amendments to data must be made by

 Authorised users to output files authorised person.
 Error listing  Log should be maintained for all
amendments made to standing data.
General IT controls include: Establish an

 organisation and management controls organisational
 application systems’ development and Organisation framework over IT
maintenance controls & activities
 computer operation controls management
 system software controls
 data entry and program controls control They control policies &
 other controls procedures segregation
of duties
Application systems’ development & maintenance controls
System software controls
 Testing of the system
 Control over program changes  Authorisation of new software
 Authorisation & maintenance of new version  Testing of new software
 Trained staff to use new programs
 Proper documentation of new
 Maintenance of program log
 Consideration of appropriate standards while designing software
 Restricted access to system documentation  Restricted access to software
Data entry & Computer operation
Other controls
program controls controls
 Processing errors detected & 

 Access to data & program corrected
virus protection for all programs
restricted to authorised  back-up for all system programs
 Only authorised users to  control environment
persons
have
access to computer operations
 Authorised structure over  disaster recovery
 Use of system for authorised
transaction entered into
purposes only
 network security (call back &
system needs to be encryption)
 Authorised programs need to be  access control
ensured
used
Explain & tabulate tests of control
Tests of control are performed by a combination of various methods, namely:

 Observation
 Enquiry
 Inspection
 Re-performance
 Recalculation
Tests of Control 69
Internal Control 70
Revenue – Transaction cycle and Test of control
Goods Receipt of
Order dispatched & Invoice payment from
received services raised customer
executed
Order received Goods dispatched & Invoice raised Receipt of payment from
service executed customers
 Check whether  Determine the  Verify the price list and  Verify the reconciliation
the sale orders missing numbers confirm that it is statement for the
are sequentially from the sales authorised. difference between
numbered. invoices recorded  Verify that the invoices ledger a/c & vendor
 Verify that in the system. are authorised. statement a/c.
authorised  Verify whether the  Check the  Observe whether cash is
credit rating dispatch orders reconciliation for received only by the
sheet was are authorised. differences. cashier.
available on  Verify insurance  Verify the files for
record. policies for loss overdue accounts.
in  Verify the authorisation
transit of bad debts.
Purchase – Transaction cycle and Test of control
Receipt
Placement of Recording of Payments Goods
of orders materials transactions made returned
Placement of Receipt of Recording of Payment made Goods

orders materials returned
transactions
 Verify that the  Take report of  Verify payable  Observe  Cross check
order is issued by GRNs which are ledger a/c. whether the
an authorised not supported  Confirm that segregation of DN with
person. by relevant purchase duties is original
 Check with POs. vouchers match followed. purchase
management why  Test whether GRNs and POs.  Verify whether voucher.
orders are placed GRNs are bill to bill
with unauthorised approved. payments are
vendors. made.
Tests of Control 71
Internal Control 72
Inventory – Transaction cycle and Test of control
TC TOC
Inventory received GRNs should be properly sequenced.
Stores ledger to be properly cross-referenced.
Inventory storage Proper storage facility.

Issue from stores Cross-check the issue slip with the production plan.
Verify the issue slip.
Issue of finished Check the missing sales invoice numbers .
goods
Check the report of sales return.
Periodic review Slow-moving / non-moving is undertaken by management.
Safeguarding of Verify insurance policies for the inventories.

inventory
Check the report of sales return.
Inventory Auditors to be present during verification of inventory.

verification
Verify the discrepancy list & find out the corrective actions
taken.
Test of control - Revenue and capital expenditure
Purchase of car Fuel for car is

is capital revenue
expenditure expenditure
To check both types of expenses the auditor can:

 check the balance confirmation certificates from the suppliers
 observe the procedure for documentation
 Check whether the capital expenditure exceeds the budget.

 Capital expenditure:
general points
 Check whether these expenses are properly authorised by management.
 View organisation structure & organisation’s policies.
 Make a surprise visit for physical verification.
 Capital expenditure:  Check management guidelines for verification of assets.
safe custody  Verify the discrepancy report and find out the corrective steps taken.
 Check whether ownership documents are kept in safe custody .
 Select the vouchers of high value revenue expenses & check if the
 Revenue expenditure: procedure is followed.
general points
 Check why expenditure exceeds budget.
Tests of Control 73
Internal Control 74
Test of control - Payroll
General points  Observe the procedure for preparation & authorisation of the pay
sheet.
Calculation of gross wages  Staff attendance machine to be kept near the security gate .
 Check salary calculation.
 Check that the access to software is restricted by use of password.
 Verify changes to master file.
 Verify company policy for changes to pay rates .
 Re-perform comparison of payroll data.
Test of control – Bank & cash

General points  Review organisation policy & authorisation policy.
 Verify all types of cash and bank transactions.
Receipts  Verify cheques deposited into bank accounts.
Custody and control of  Verify physical verification of cash every week.
cash, cheque books and  Procedure for safe custody of cash.
bank accounts  Review daily cash balance versus maximum cash balance.
 Verify the insurance policy.
Recording of transactions  Verify that the cash balance matches the cash docket.
 Verify bank reconciliation statement.
 verify amount debited by bank.
Intro: this Study Guide discusses the limitations of internal control components in the context
of fraud & error & also the need to modify the audit strategy & plan. It also discusses how to
identify & explain management’s risk assessment process.
Limitations of internal control components in the context of fraud & error
IC systems help in early detection & prevention of fraud & error
However, the IC system, even if well-designed & well-implemented, does not

completely eliminate the possibility of fraud or error.
Internal control systems have inherent limitations
Limitations in control activities

Limitation in
IT system
Ineffective Ignoring Inherent limitations

implementation controls Unauthorised
of control for minor Person responsible for access
activities activities internal control to sensitive data
Evaluation of Internal Control Components 75

Internal Control 76
Limitations of control environment Limitations in the entity’s

risk assessment process:
Non-implementation of codes of conduct & other
policies regarding acceptable business practices
Non-priorititsation of risks
Ineffective communication of ethical values leading to fraud & errors
Non-clarity of ethical values of the entity leading to

fraud & errors Other limitations:
Ineffective commitment to competence due to High turnover rate:

human  Accounting staff
inefficiencies  Internal audit staff
 Information technology staff
Fraudulent practices by those charged with
governance Unreasonable demands on auditor
Incorrect assignment of authority & responsibility Restrictions placed on auditors

Improper controls leading to ineffective management Domineering management behaviour
attitudes & actions towards financial reporting &
information processing
Incorrect risk assessment leading to ineffective
management philosophy & operating style
Need to modify audit strategy & plan following the results of tests of control
Tests of control : performed in order to obtain audit evidence about efficiency of ICS. It helps to
decide the nature, timing & extent of audit procedures. Effectiveness of
control system
Modification to the audit plan in the event of:
 unexpected results
 changes in audit evidence
 changes in conditions
Effect of results of tests of control on the audit plan:

 obtain more persuasive audit evidence for greater reliance on effectiveness of control.
 If results are effective (no deficiencies in the ICS), no change in audit plan.
Management’s risk assessment process with reference to internal control

components
1 Identify business risks relevant to financial reporting objectives
2 Estimate the significance of the relevant risks
3 Assess the likelihood of the risks occurring
4 Take decisions on actions to address

those risks
Evaluation of Internal Control Components 77
Internal Control 78
Identification of business risks relevant to: Classification of risks of misstatement

 financial reporting objectives
 authorisation High risk
 completeness & accuracy
 evaluation of balance Medium risk
 presentation, classification & disclosure Low risk
 access to assets No risk
 substantiation of balances
 rights & obligations
Decide how to  Methods of managing risks

manage these risks  Creation of risk management plan
Decision on action to
manage risks
Risk transfer: Risk avoidance: Risk retention: Risk reduction: adopting

causing another party avoiding an activity accepting the loss methods to reduce the
to accept the risk which carries risk when it occurs severity of the loss
Intro:this Study Guide discusses how the reporting of internal control deficiencies and
recommendations to overcome those deficiencies are provided to management.
Reporting of internal control deficiencies (ICD) and recommendations
External auditor’s responsibility for detecting & reporting ICD
Not responsible
Only deficiencies noticed during course of audit should be communicated
Deficiencies in an IC exist when:

Control is incorrectly designed / implemented / operated
Control necessary to prevent, or detect and correct, misstatements in the FS on a timely basis is missing
Matters to consider for determining whether a deficiency in internal control is
significant
 Possibility that the deficiencies may result in material misstatements in the FS

 Possibility that the related asset / liability is vulnerable to loss / fraud
 Likelihood that while determining estimated amounts, internal control may have failed to cover all
the significant matters
 Amounts in the FS may be exposed to the deficiencies
 Number of activities occurring in the account balance or class of transactions may be exposed to the
deficiencies
Communication on Internal Control 79

Internal Control 80
Method and mode of communication of deficiencies
To be made in writing and by way

Written communication of a letter called a management
letter
Method of
Can be made orally in
communication cases where it is urgent
Oral communication to communicate the
matter to management
so that quick action can
be taken
Time of Do not sleep over it.

As soon as possible
communication Communicate ASAP!!!
Directly to the management or

Level of communication to those charged with
governance
Intro:this Study Guide explains about the assertions contained in the FS & the use of
assertions in obtaining audit evidence
Assertions contained in the financial statements (FS)

FS are a summary of management’s assertions
Assertions: representations by management, explicit or otherwise, that are embodied in FS.
Types of assertion
Occurrence  Transaction actually took place.

 Transaction relate to the entity.
Completeness  All transactions have been recorded. No transactions have been left out.
 All assets, liabilities, equity interests (capital & reserves) & other disclosures
have been included in the FS.
Accuracy
 Amounts & other data have been recorded appropriately.
Valuation &  All items in FS have been included at correct values according to company policy.
allocation  Allocations or valuation adjustments required have been made correctly.
 Financial and other information are disclosed fairly and at appropriate amounts.
Use of Assertions by Auditors 81

Audit Evidence 82
Cut-off  Transactions & events have been recorded in the correct accounting
period.
Classification  Transactions & events have been recorded in the proper ledger accounts.
 Classification in the FS is appropriate to management policy.
Existence  Assets, liabilities & equity interests actually exist at the SOFP date.
Rights &  The entity is free to use or dispose of the asset as it sees fit.
obligations  The entity is obliged to pay the liabilities in the SOFP.
Understandability  Disclosures should be expressed as clearly as possible.
Implicit assertions
To be understood by user of FS even if they are not explicitly stated

Importance of evidence testing
FS contain assertions Auditor gains assurance on them Auditor gives an opinion

through collection of evidence that they are fairly stated
Auditor should verify Users rely on the statements Users’ confidence is

evidence carefully & take decisions enhanced
Categories of assertions tested
Transaction testing Account balance testing Disclosure testing
 Auditor tests the assertions.  Auditor tests the assertions  Auditor looks for evidence
 Auditor looks for evidence behind the balance. related to the assertions
related to the assertions in  Auditor looks for evidence in the presentation &
the transactions & events. related to the period end disclosures made.
balances.
Use of Assertions by Auditors 83

Audit Evidence 84
completeness Measurement Accuracy Existence
Occurrence Presentation & Rights &

Disclosure obligations
Cutoff
Classification
Transactions & events (during the period) (income + expenses) COA+C2
Period end balances (assets, liabilities & equity) CMRE
Presentation & disclosure (in the financial statements) COMPAR

Intro:this Study Guide explains the quality and quantity of evidence obtained, how
analytical procedures are used as substantive procedures, the reason for different control
environments of smaller entities, types of evidence available, procedures applied to opening
balances and comparative information.
The sources & relative merits of the different types of evidence available
Source Test assertions regarding
Inspection of records or Ownership, cut-off, operation of controls,

documents existence of paper assets such as shares
Inspection of tangible
Existence of tangible assets
assets
Observation Completeness & accuracy (operations of control)
Inquiry Any assertions, but has corroborative value only
Confirmation existence & valuation
Audit Procedures 85
Audit Evidence 86
Recalculation Accuracy
Re-performance Accuracy &

valuation
Completeness, accuracy, valuation &
classification
Examples of how analytical procedures are used as substantive procedures

Substantive procedures: audit procedures designed to detect material misstatements at assertion
level; they include:
(a) tests of detail (of classes of transactions, account balances & disclosures )
(b) substantive analytical procedures
there is a large volume of predictable transactions

Substantive relationships between data exist & continue
analytical procedures
are suitable when the risk of material misstatement is insignificant
tests of detail are directed towards the same assertion

Step 1 Determine suitability of applying the analytical procedures
Substantive 1
analytical procedures Step 2 Depends upon control
Evaluate reliability of data
2 over source, comparability
Step 3 Check if the expectation is sufficiently precise & nature of information
3
Step 4
Determine acceptable difference between expected values & recorded amounts
4
Step 5 Find out the actual difference Depends upon materiality
5 & desired level of
Step 6 If actual difference > expected difference; investigate, obtain assurance
6 adequate explanations & appropriate corroborative evidence
Problems associated with the audit & review of accounting estimates (AE)
In the absence of a precise means
Approximation of a monetary amount of measurement
AE
Further audit procedures to be designed &  AE are appropriate
performed to check whether  AE are appropriately disclosed
Problems associated with audit & review of AE
Great risk of material misstatement relating to AE, audit procedures require an assessment of the use of
assumptions, use of judgements and evaluation of the work of experts. Hence, such reviews can be
carried out only by audit seniors.
Audit Procedures 87
Audit Evidence 88
Responses to the assessed risks of material misstatement
Determine if the events Test how management made

occurring provide audit the accounting estimate &
evidence regarding the data on which it is based
accounting estimate
Test the operating

effectiveness of the Develop a range to
controls over how evaluate management’s
management made the point of estimate
accounting estimate
Further substantive procedures to respond to significant risks

Auditor evaluates:
 how management has considered alternative assumptions, & why it has rejected them
 whether significant assumptions are responsible
 management’s intent to carry out specific courses of action
Disclosures related to accounting estimates

 Accounting estimates are correct
 If they give rise to significant risks, the auditor shall evaluate the adequacy of the disclosures
Indicators of possible management bias: Written Representations
the auditor shall review management’s decisions in making Whether management believes
accounting estimates. that significant assumptions
are reasonable
Different control environments & the types of evidence available in smaller entities
have simpler & less formal No extensive description of

procedures accounting procedures,
Smaller sophisticated controls & written
have fewer employees
entities have policies
different
Internal controls are not formally Less segregation of duties
control
documented, yet effective
environment
Role of governance may be
Increases the risk of overriding of
undertaken by the owner-manager
controls
when there are no other owners
I will use this car for
non-official purposes Have to do what he says or
only. Yet let the else I’ll lose my job!
business pay for it &
debit non-current asset
account Owner- Employee
Manager
Audit Procedures 89
Audit Evidence 90
Substantive procedures suitable Limitations of evidence available due to control risk

for small entities  Limited segregation of duties may lead to increased risk of
 Inspection of records or manipulation of records
documents  Owner manager may ensure that some transactions are
 Inspection of tangible assets not
 Inquiry
 Confirmation recorded or are not recorded accurately
Auditor’s responsibilities & procedures to be applied in
 Recalculation & relation to opening balances and comparative information.
re-
performance
 Analytical Audit procedures for initial engagements
procedures If prior period FS not
If prior period FS audited audited Audit conclusions
Judge sufficiency & appropriateness May not be possible to Insufficient evidence on opening
of evidence perform certain procedures balance(OB)- qualified opinion
Consider professional competence & Obtain management Misstatement in OB affecting current

independence of previous auditor representation period FS – qualified/adverse opinion
Perform additional procedures to Inconsistent application of accounting

verify material misstatement policies(AP) – qualified/modified opinion
Modified opinion in previous audit report
relevant to current period FS – modified
opinion
Auditor’s responsibilities & procedures to be applied in relation to opening balances
and comparative information.
Audit procedures for comparative information
Auditor will evaluate whether  It agrees with the prior period (PP)
 The accounting policies are consistent with PP
If material misstatement  Prior period FS revised: gather sufficient evidence
affecting PP comes to light  If not revised: confirm appropriate disclosures in current period FS
Obtain written representation
from management  Regarding any restatement made
Auditor’s reporting responsibilities:
Details Regarding corresponding figures Regarding comparative FS
Prior period(PP)FS audited by 1.That PP audited by another auditor

another auditor/predecessor, 2.Type of opinion expressed
report should indicate: 3. Date of report
Prior period FS not audited, That previous year’s corresponding That previous year FS are not
report should indicate: figures are unaudited audited
If material misstatement found Comparative figures should be Current auditor should report to
in FS: adjusted & disclosed in FS appropriate level of management
Audit Procedures 91
Audit Evidence 92
Sufficient appropriate audit evidence

Audit Evidence
Sufficient Appropriate
Quantity: sufficient
to support the audit Relevant Reliable
opinion
Factors to consider  External evidence is more reliable than

 Contributes to conclusions
 Source and reliability of internal
that assist in forming an
available information  Internal evidence is more reliable
opinion by the auditor
 Experience of earlier when the related controls are effective
audits  Evidence obtained directly by the
 Results of audit auditor is more reliable than indirect
procedures evidence
 Risk assessment
 Documentary evidence is more
 Nature of accounting and
reliable
internal control systems
 Materiality  Original documents are more reliable
than photocopies or facsimiles.
Intro: this Study Guide discusses the substantive procedures and audit programs for auditing
receivables, inventory, payables & accruals, bank & cash, tangible non-current assets &
long-term liabilities, share capital & director’s emoluments.
Auditing of receivables, inventory, payable & accruals, bank & cash
Receivables include: Receivables (R)

 the amount to be recovered in cash
 services to be received in return for the prepayments made
Audit evidence is reliable if:

 it is obtained from independent sources outside the entity.
 it is obtained directly by the auditor. Auditor is taking
 it exists in documentary form. confirmation of balance
 it is in the form of original documents. directly from debtor
Assertions validated by direct confirmations: Best audit evidence:

 existence of the accounts as at a certain date direct confirmation of balance
 assertion of rights & obligations at a given date, obtained by
 any allocations or valuation (partial) adjustments required in FS an auditor directly from
 the operation of cut-off procedures debtors.
Disadvantage Customers may not reply to the request
Audit of Specific Items 93

Audit Evidence 94
Auditor selects a sample
Non-response : failure of confirming party
Circularisation to respond, or fully respond, to a positive
procedure confirmation request, or a confirmation
Informs client of list
request returned undelivered.
Discusses client’s objections

Positive Requests a reply in each case
Letters are prepared
Negative Requests a reply only if balance is different
Client signs them
Exception: response that indicates a
difference between information
Auditor sends the request letters to customers requested to be confirmed, or contained
in the entity’s records, and information
Asking for replies directly to the auditor provided by the confirming party.
Auditor records replies received
Considers the accounts that do not agree
Performs alternative procedures for those who do not reply

Positive confirmation request: request asking the respondent to reply to the auditor in all cases
Positive confirmation requests Negative confirmation requests

from receivables
Expected to provide less reliable audit evidence
1. Client’s receivables to reply than the use of positive confirmation requests.
to the auditor requests in all The auditor does not know whether non-response
cases: means agreement or merely that the debtor has
a) confirming that the given not bothered to respond.
information is correct.
b) provide correct information in Negative confirmation requests are suitable
case of incorrect information. when
 Assessed risk of material misstatement is
2. If the client’s receivables lower.
responds: treated as reliable  Auditor has obtained sufficient appropriate
audit evidence. evidence relating to efficiency of the controls.
 A large number of small balances is involved.
3. In cases of no response from  Substantial errors are not expected.
client’s receivables: apply  The auditor has no reason to believe that
alternative audit procedures. respondents will disregard these requests.
Negative confirmation: respondents to reply
only in the event of disagreement with the
information provided

Audit Evidence 96
Purpose of substantive procedures on accounts receivables:
 All receivables are recorded (Completeness)
 All receivables relate to entity (Rights & obligations)
 Valuation is proper; allowance for receivables has been created (Valuation & allocation)
 Receivables do exist (Existence)
 The transaction has actually occurred (Occurrence)
 The transaction is properly recorded (Accuracy)
 Receivables are recorded in the correct period (Cut-off)
 Information has been recorded & classified under appropriate headings (Classification)
 The disclosures are understandable (Understandability)
Auditing of Important & high risk  has substantial effect on the profit of the entity
Inventory area of audit  subject to an element of estimation
Purpose of substantive procedures on inventory:

 All inventories are recorded (Completeness)
 All inventories relate to entity (Rights & obligations)
 Valuation is proper
 Inventories exist physically
 Entity has right to dispose of or use inventories (Rights & obligations)
 Information has been recorded & classified under appropriate headings (Classification)
 The disclosures are understandable
 Purchases & sales that are recorded relate to inventories bought & sold (Occurrence)
Auditor should attend the physical counting of the inventory. Needs to focus on:
 counting each item only once
 the procedures used to estimate physical quantities, where applicable, like coal piles
 identifying slow moving / damaged / third party items
 arrangements regarding movement of inventory
Physical counting
Auditor’s attendance during physical counting
Reason for physical

counting
Observe Apply Two Direct

counting alternative way confirmations Taken as basis for
on procedures in check for inventory preparing financials
alternative case by in third party
days in attendance is auditor custody
impractical Establishes reliability of
case of the perpetual inventory
inability to system (PIS)
attend
For inventory under the custody & control of third party, the auditor would usually obtain
direct confirmation.

Audit Evidence 98
Elements of payables: Auditing of payables & accruals
 trade payables
 loan payables Best evidence is supplier statement reconciliations as it helps judge
 accruals whether the amount shown as payable to a supplier is fairly stated.
 taxes payable
Purpose of substantive procedures
 All payables are recorded.
(Completeness)
 All payables relate to entity.
(Rights & obligations)
 Valuation is proper, discounts
available are recorded.
 Payables do exist.
 Entity has obligation to pay
money.
(Rights & obligations)
 Payables are recorded in correct
period. (Cut-off)
 Information has been recorded &
classified under appropriate
headings. (Classification)
 The disclosures are
understandable.

Audit Evidence 100
Auditing of bank & cash
Elements of bank confirmation reports:
 the client’s name

 account description number
 balances on all bank accounts held by the client
 the confirmation date
 details of security given
 any documents or assets held for safe custody
 details of consignment arrangements
Purpose of substantive procedures
 All bank & cash balances are recorded. (Completeness)

 All bank & cash balances belong to entity. (Rights & obligations)
 Valuation is proper, balances are fully reconciled with bank certificates.
 All bank & cash balances exist.
 Entity has right to receive money against bank balances. (Rights & obligations)
 All bank & cash balances are recorded in correct period. (Cut-off)
 Information has been recorded & classified under appropriate headings. (Classification)
 The disclosures are understandable.
Substantive procedures
 Tests of detail of transactions: verify

that transactions are properly
recorded & interest calculations are
correct.
 Tests of account balances: obtain a
confirmation letter from the bank /
financial institution.
 Disclosures: verify that details of
securities, interest, etc. are fully
disclosed & short-term & long-term
parts of a liability are separately
disclosed.
Liability to pay money

Audit Evidence 102
Tangible & non-current assets & long-term liabilities
Non-current assets
Purpose of substantive procedures:

 All non-current assets are recorded. (Completeness)
 All non-current assets relate to entity. (Rights & obligations)
 Valuation is proper, impairment is made where appropriate.
 Assets exist physically.
 Entity has right to dispose of or use the assets. (Rights & obligations)
Right to
Non-current liabilities
dispose f
o
Purpose of substantive procedures asset
 All non-current liabilities are recorded. (Completeness)
 All non-current liabilities relate to entity. (Rights &obligations)
 Valuation is proper.
 Liabilities do exist.
 Entity has obligation to pay money against non-current liabilities. (Rights &
obligations)
Audit Evidence 104
Share capital, reserves & director’s emoluments
Audit procedures for share capital
Assertion Audit procedures
Account balances at the period end
Completeness, valuation & allocation (all shares Balance in share capital a/c must be reconciled with
issued / allotted are recorded) balances appearing in the statutory records
Rights & obligations ( i.e. right to ownership of Verify the updated share register to confirm the
shares) & existence (shares have been issued) ownership of shares
Classes of transactions
Completeness (share transactions are recorded) Trace the entries from the application form to the
allotment register
Accuracy & occurrence (all entries relate to Trace a sample of entries from the cash book and
entity journal into the ledger accounts
Presentation and disclosures
Completeness (all disclosures relating to share Confirm that the disclosures relating to share
capital and reserves have been included) capital are made in the FS
Intro: this Study Guide explains the need for audit sampling & distinguishes between
statistical & non-statistical sampling. It discusses the application of basic principles of
statistical sampling and other selective testing procedures. It also discusses the results of
statistical sampling.
Audit sampling (AS)
AS involves Less than 100% All sampling units have a chance of

application of of items within a selection in order to provide a reasonable
to Such that
audit population of basis on which audit conclusions are
procedures audit relevance drawn about the entire population
Need for sampling
Prohibitive costs for Time constraints on Audit gives reasonable

checking all items completion of audit assurance
Audit Sampling & Other Means of Testing 105

Audit Evidence 106
Selecting specific items for Is an effective way of However it does not

testing gathering audit evidence constitute audit sampling
High value, key items or Verification of debit balances

unusual items in supplier’s accounts
Instances of
how specific All items over a certain Verification of all expenses
items may be amount over $10,000
selected is
as follows Items to obtain Verification of Memorandum
information of Association of entity
Items to test control Use judgement instead of

activities sampling
Distinguish between statistical & non-statistical sampling

Statistical Random selection of sample
sampling Use of probability to evaluate sample results, including measurement of sampling risk
Non-statistical sampling Sampling approach that does not have characteristics of statistical sampling
Random Sample items selected at random so that each sampling
selection unit has a fair chance of being selected
Sample items selected by using e.g. interval of

Systematic time, interval of
a constant interval between
selection items
selected items
Methods of selecting a
A block of 25
Haphazard Sample items selected arbitrarily ,
sales invoices is
selection usually by manual choice
selected
sample
Sequence or
Sample items selected sequentially or in block
block selection
Method where every $1 in a population has equal

chance of being selected for testing So, the receivables
Monetary unit
balances are added up and, say, the population is
sampling
moved through, say, $5,000 at a time to pick a
customer’s account to examine.

Audit Evidence 108
Basic principles of statistical sampling and other selective testing procedures
Audit evidence is obtained by performing
Risk assessment procedures Test of controls Substantive

procedures
Procedure of sampling
Plan the Select the Perform the Consider sample

sample sample audit procedure results
Stratification: process of dividing Sampling risk: auditor’s

a population into subpopulations, conclusion based on a sample
each of which is a group of may be different from the
sampling units which has similar conclusion if the entire population
characteristics (often monetary were subjected to the same audit
value) procedure
Acceptable or tolerable error: maximum error in a population that the auditor is willing to
accept.
Error that For tests of Rate of deviation from the prescribed control
is control activity the auditor is willing to accept
acceptabl
e to an For tests of Amount less than or equal to the materiality
auditor details of the misstatement in the given area
Sampling risk Non-sampling risk
 Arises from the possibility that the auditor’s  Arises from factors that cause the auditor to
conclusion, based on a sample, may be reach an erroneous conclusion for any
different from the conclusion reached if entire reason not related to the size of the sample.
population were subjected to the same audit  It can be reduced by better knowledge,
procedure. planning & review about client & industry
 It can be reduced by increasing the sample sector & more experienced audit team
size. members.
Determine sample risk: The goal is that the sample should represent the population within the specified
tolerances.
Confidence level & sampling risk: Probability that sample will be representative of the population.

Audit Evidence 110
Precision level: specifies the range of values within which the sample estimate represents the universe
characteristic.
Statistical sample is selected in one of the following ways
Systematic Random number tables are used to Computer assisted audit

sampling select the items to be a sample techniques
Results of statistical sampling, including consideration of whether additional

testing is required
Factors to consider when evaluating sample results: The supplier’s statement does not
 nature & cause of errors identified reflect this purchase. It could be a
 effects of errors on audit objectives fictitious one.
 effects of errors on other areas of the audit
This will have an effect on the
audit of inventory as well.
Steps to review the sample results
Step 1: Nature & cause of Deviations & Misstatements: investigate nature & cause of any deviation or
misstatements identified.
Step 2: Projecting of misstatement: Found in the sample of the population to enable the auditor to obtain
a broad view of misstatement
Step 3:

Audit Evidence 112
Intro: this Study Guide discusses use of computer-assisted audit techniques, test data and audit
software for the transaction cycles and computer in relation to the administration of the audit.
Use of computer-assisted audit techniques in the context of an audit
Computer-assisted audit techniques (CAATs) are the

applications of auditing procedures using the computer The latest tool which
as an audit tool. helps me in my audit!!!
CAATs are used to perform various audit procedures like:

 test of details of transactions and balances
 extraction of data for sampling
 analytical procedures
 compliance test of general controls
 compliance test of application controls
 penetration testing (evaluating the security of a computer system or network)
Computer Assisted Audit Techniques 113

Audit Evidence 114
Why CAATs are required

 Large volume of data makes it impossible to apply manual procedure.
 CAATs save audit time.
 CAATs can be used to highlight unusual transactions.
 Lack of hard copy evidence make it impossible to carry out a manual audit.
 Some audit processes are too complex to be carried out manually.
Use of test data and audit software for the transaction cycles
Test data tests clients’ programs. It is data generated by the auditor in order to test processing logic,
calculations and controls actually programmed in computer applications.
To test whether invalid

transactions are Test data
rejected by system
Should test all A few unreasonable

Ideally include the possible logical items should be
data of both valid alternatives & included, for testing
& invalid items calculations that a reasonableness
program can check
perform
 Test data that is processed during a normal production run is called live test data.
 As against this, test data that is processed during a special run outside the normal
production run is known as dead test data.
Control procedures related to test data
Decide on the computer processes that are

Choose suitable data.
to be tested.
Predict the results of the test data and

Run test data live if it is possible compare them with the actual test data
output
Remove fictitious data included as test data

If test data is to be run dead then consider
from files before the client uses those files
availability of time & the expenses involved
for normal processing
Computer Assisted Audit Techniques 115

Audit Evidence 116
Audit software consists of
Package programs Purpose written programs Utility programs
Generalised computer programs Designed to perform in Not specially designed

designed to help in audit specific circumstance for audit purpose but
an auditor can use these
tools
Control Procedures for audit software
Verify whether skilled employees use Ensure that the data files used are complete, accurate and
selected tools. identical to the files currently used by the client.
Confirm whether tool set is appropriate According to the client’s applications the software is
to audit objectives. amended.
Ensure that the client’s files are not
corrupted or damaged.
Intro: this Study Guide explains the extent to which auditors are able to rely on the work of
experts and on the work of internal auditor, audit considerations for entities using service
organisations, reasons auditors rely on the work of others and the extent to which reference to
the work of others can be made in audit reports.
The extent to which auditors are able to rely on the work of experts
Auditor’s expert is an individual or organisation possessing special skill, knowledge &
experience in a particular field other than accounting & auditing, whose work in that field is used by
the auditor in obtaining sufficient appropriate audit evidence.
Management expert is an individual/organisation possessing expertise in a field other than

accounting/auditing whose work is used by entity in preparing financial statements(FS).
Scope of expert’s work Factors to be considered while deciding

whether to use an auditor’s expert
Obtain understanding of entity & its environment
a) Whether management has used
Identify the risk of material misstatement Determine management expert in preparing FS
& implement responses to assessed risks Design & b) Nature & significance of matter and its
perform further audit procedures to complexity
respond to assessed risks c) Risks of material misstatement
Evaluate sufficiency & appropriateness of audit d) Expected nature of procedures to respond
evidence obtained to identified risks
Work of Others 117

Audit Evidence 118
Nature, Competence, capability & objectivity

timing & of auditor’s expert
extent of
audit Obtaining an understanding of the Evaluation & adequacy of
procedures field of expertise of auditor’s expert the work includes:
whether that whether any whether the

expert’s field has professional or whether the nature of internal
areas of specialty other standards assumptions and and external data
that are relevant and regulatory or methods used are or information the
to the audit legal requirements auditor’s expert
appropriate apply uses is correct
Evaluation of the work of an auditor’s expert

includes ascertaining
where the work involves use of relevance & relevant factors adequacy &
significant assumptions, reasonableness relating to conclusions appropriateness
relevance of those assumptions of their findings on their report of source data
The extent to which external auditors are able to rely on the work of internal audit
Extent of reliance by external auditor
Adequacy of work Effect of adequate work on Using specific

of internal nature & timing of external work of internal
auditor for audit auditor’s procedures auditors
purpose
Objectivity of Technical Work of internal auditor Effective communication

internal competence of carried out with due between internal &
audit internal auditors professional care external auditor
function
Depends on: Audit considerations relating to entities using service organisations
- Level of reporting Outsourcing of recording of transactions &
- Freedom from conflicting processing of related data but not authorisation
Outsourcing
responsibilities & maintenance of accountability
to service
- Freedom from restrictions
organisation
placed on internal audit
Outsourcing
including all the work related
authorisation to accounting
& maintenance of
function
- Attitude of management accountability
towards internal audit reports
Work of Others 119

Audit Evidence 120
Understanding Nature of service provided by service organisation

impact of Auditor
service Nature & materiality of transactions processed/accounts
should organisation on
The degree of interaction between the activities of the service
consider internal control
of entity organisation and the user entity
 Facts to be provided to user entity

Agreement between  Responsibilities for initiating transactions
user entity &  Form of records
service  Types of reports on its controls
organisation provide  User auditor’s rights to access accounting records
information about
 A report which comments on design of IC, effectiveness & refers to tests.
Additional  Contacting service organisation to obtain specific information.
procedures  Visiting service organisation & performing procedures which provide
Why auditors
 to avoid onwork information about relevant controls.
rely of
duplication
 Using another auditor to perform procedures which provide information
the
 to work of others
concentrate more on high risk areas
about relevant controls.
 to improve trust of shareholders
A reference to the auditor’s expert’s work should be made in
 to reduce cost
the audit
Extent to report
whichcontaining
reference an to
unmodified
work ofopinion,
othersonly
canif
 to improve efficiency & effectiveness
required
be made byin
lawaudit
or regulation.(ISA
report 401 & 620)
Intro: this Study Guide explains the approach that has to be adopted while auditing
not-for-profit organisations and the differences between the audit of these organisations and
the audit of for-profit organisations.
Not-for-profit organisations
Not-for-profit Organisations whose Other than e.g. serving

organisations are primary objective is making profits the society
/ members
Any profit made by

organisation
Not distributed to any of its

Goes back into operations to carry
members
out organisation’s objectives
Not for Profit Organisation 121

Audit Evidence 122
Few sources of income

There is
concentration of
ownership &
Small
management
entity is Unsophisticated record keeping
an entity
in
which One or more of the
following are also
found Limited internal controls
Audit techniques
Obtaining understanding of an By obtaining & examining its constitution, by-laws,

entity & its environment rules & regulations
Audit of not-for-profit organisations
Risk assessment Generally control risk is high
On basis of risk, draft audit plan, generally need to

Planning
perform extensive substantive procedures
Determining adequacy & Where IC not effective and/or audit evidence not
effectiveness of internal controls available, auditor should perform substantive
(IC) testing
Audit evidence gathering Management representation: important evidence

procedures for not-for-profit organisations
Overall review Same as for for-profit organisation
Content of audit report depends upon audit

Audit report
assignment, nature of audit, etc.
Not for Profit Organisation 123

Audit Evidence 124
Audit of small not-for-profit organisations
Characteristics of small not-for-profit organisations & its impact on audit
May not exist, manager may control operations of the entity

Internal control system
Auditor normally has to extensively perform substantive audit procedures.
Unavailability of sufficient
In this case, auditor may obtain management representation & evaluate
appropriate audit
its reliability.
evidence
Accounts may be maintained by people with little knowledge of
Lack of experts in
accounting. In this case, auditor should ensure that his scope of work is
accounting
clearly defined in the letter of engagement.
To determine whether the grants, donations, membership fees etc. are
Purpose of audit of a not- utilised to meet organisation’s objectives. Where the audit is a statutory
for-profit organisation requirement, the auditor has to express an opinion on the truth and
fairness of FS.
Accept donations & grants to create funds and use that money for
charitable purposes. Auditor has to ensure that the grants, donations etc.
Sources of money
are utilised for the purpose for which they are obtained & are not
misappropriated.
Intro: this Study Guide explains the purpose of subsequent events review and discusses the
procedures to be undertaken in performing a subsequent events review.
Subsequent events
Events after the reporting period : events both favourable & unfavourable which occur between date
of FS & date when FS are authorised for issue.
 Adjusting events : events that provide evidence of conditions that existed at the date of FS.
 Non-adjusting events: events that arose after reporting period but are material enough to require
disclosure in FS.
Need for review of adjusting & non-adjusting events
Subsequent events may materially FS will not provide true & fair view of financial position
affect reliability of FS of entity unless subsequent events are reviewed
Management may manipulate the treatment of subsequent events, especially when they
affect the going concern status of the entity. In this case, by considering subsequent events,
the auditor may, to some extent, prevent the readers from being deceived.
Subsequent
Subsequent Events
Events 125
Review 126
ISA 560 divides subsequent events into
Events occurring up to the date Facts discovered after the Facts discovered after the
of auditor’s report date of auditor’s report but FS have been issued
before the FS are issued
Auditor has full Management has the responsibility to No obligation on the

responsibility to review inform the auditor of any events auditor to enquire
all the events up to occurring in this period or the auditor about any such events
date of audit report should investigate if they become
aware of the fact
Procedure followed by auditor for review of subsequent events (SE)

Review of procedure performed by management to Gather necessary information from legal
identify SE. counsel concerning any litigation.
Review minutes of various executive & committee Obtain necessary information from
meetings. management.
Read the interim financial report, budgets, cash Obtain written representation from
flow statements & other management reports. management.
Auditor not responsible for  Discuss the matter with
conducting continuing
management
review of these events
 Consider if FS need to be
amended
If they become aware of  Inquire how management
a fact which may intends to address the
Facts discovered materially affect the FS matter in FS
after date of
auditor’s report but
before issue of FS Auditor should issue a new
If the FS are amended
audit report on amended FS
If management does not

If FS are subsequently amend the FS & auditor  If report has not been issued,
released feels that it is important to auditor should express a
amend FS qualified or adverse opinion in
their report.
 If report has already been
Auditor should consider issued, they should notify
whether FS need to be those charged with
amended governance not to issue FS &
audit report to third parties.
Subsequent
Subsequent Events
Events 127
Review 128
Auditor not responsible for enquiring

into events occurring after FS have
been issued
If auditor becomes aware of facts

They should consider
that existed at the date of audit
need for revision of
report, which would modify the
FS
Facts discovered report
after FS have
been issued
If FS revised, auditor should issue a new report & ensure that it is
made available to those to whom the previous report was issued
If management doesn't take proper

precautions to issue revised audit report /
FS, auditor should consider legal action
Intro: this Study Guide discusses the various issues relating to the concept of going concern,
such as the need for going concern reviews along with the audit procedures to be applied in
relation to going concern reviews.
Significance of going concern & importance of its review
Going Entity which has ability to remain in business in foreseeable future

concern
An entity should not prepare its FS using the going concern assumption if management:
 intends to liquidate the entity
 intends to cease trading
 has no realistic alternative but to do so
Importance of review of Credibility of FS is affected by GC assumption

going concern (GC)
GC assumption is critical in ascertaining value of
assets & liabilities of business
Legal action might be initiated against auditor if entity ceases to operate in spite of GC
assumption being considered appropriate in most recently conducted audit
Going Concern 129

Review 130
Auditors’ & management’s responsibilities regarding going concern
Management Responsibility of Auditor
 Assess the GC status for the future  Consider appropriateness of

period of 12 months management’s GC assumption in
preparation of FS
 Disclose uncertainties that might affect  Decide whether there exists a material
the GC status uncertainty
 Disclose the fact If statements not  Conclude the implication of the GC
prepared on a GC basis status on the auditor’s report
Recommendations
Financial indicators Operating indicators
Adverse key financial ratio Loss of key management personnel (and no
Negative operating cash flows as indicated replacements)
from historical or prospective financial Loss of a major market or franchisee
statements Shortages or loss of key suppliers or customers
Inability to pay account payables on due Difficulties with labour unions
dates
Loss of licence or changes in law that may adversely
Change from credit to cash on delivery
affect the entity
transactions with suppliers
Management intentions to liquidate the entity or to
Inability to comply with loan agreements
cease operations
Fixed term borrowings approaching maturity
Other indicators
without any intention of renewal
Short term borrowings used to finance non- Non-compliance with capital or other statutory legal
current assets requirements
Large arrears of dividends payable Pending legal proceedings against the entity
Consistent substantial operating losses Changes in law or regulation or government policy
expected to affect the entity adversely
Material deterioration in assets used
Uninsured or underinsured catastrophes occur
primarily for the purpose of generating cash
flows Mitigating factors: Refer to factors that can reduce
Inability to obtain finance to develop key the effect of identified conditions that cast a doubt on
new products the entity’s ability to continue as a going concern
Going Concern 131

Review 132
Going concern review by the auditor
Auditor’s procedure for review of GC
Planning the audit & performing risk assessment
Evaluating management’s assertions
Further procedure when events or conditions are

identified
Review management's plan for future actions
Gather sufficient appropriate audit evidence
Seek representation letter from management

Implication of going concern assumption not being met
Entity will be classified as Any events /uncertainties that
FS will be prepared on
entity with discontinued might affect GC status of entity
alternative basis
operations need to be disclosed in FS
Non-current assets and Non-current assets More provisions Additional

liabilities will be are recorded at should be created for liabilities
classified as current realisable value inventory and should be
assets and liabilities receivable provided
Reporting implication in relation to the going concern issues

Effect on Audit report
Appropriate evidence FS Disclosure
= Unmodified opinion & explanatory emphasis of matter
+
+ X =
Qualified/adverse opinion
+
X X = Adverse opinion (i.e. modified opinion)
No assessment made = Qualified/disclaimer opinion
Going Concern 133

Review 134
Intro: this Study Guide discusses the purpose of & procedure for obtaining written
representations (WR), quality & reliability of WR as audit evidence, circumstances where WR
are necessary & the matters on which representations are commonly obtained.
Purpose , procedure, quality and reliability for obtaining WR
Written representation: a written statement by management provided to the auditor to

confirm certain matters or to support other audit evidence.
Purpose of written representations:

 acknowledgement of responsibility for the FS by management
 used as audit evidence when other audit evidence is excepted to be unavailable
 requirement of ISA 580
 acknowledges representations previously made verbally by management
 minimises misunderstandings between management & auditor
 reasonable assurance about effective working of internal control system .
Quality & reliability of WR

 Written evidence is given by a responsible person, therefore more reliable
 Internal evidence - management may manipulate information, therefore less reliable
 Auditors need to view it with professional skepticism
Written Representation 135

Review 136
Evaluation of reliability Seek corroborative audit evidence
auditor is concerned about management's competence,

Evaluate consistency integrity etc: determine the effect of that on reliability of
of representation with representations
other evidence, if any, auditor concludes that written representation is not reliable:
in case take appropriate action such as issuing modified report
the matter remains unresolved; auditor should consider its

potential effect on the audit opinion
representation is not consistent; auditor should perform

procedures to attempt to resolve the matter
Circumstances where WRs are necessary:
 for design & implementation of internal control system to prevent or detect error
 uncorrected aggregated financial misstatements
 sufficient appropriate audit evidence not available for any subject matter which is material
 it is a matter of judgement or opinion of management
 there are subsequent events, related party transactions, contingent liabilities
Intro: this Study Guide explains the importance of the overall review of evidence
obtained and the significance of uncorrected misstatements.
The importance of the overall review of evidence obtained

After completing the audit work, a senior auditor should conduct an overall review of FS
Overall review of FS
Review of FS, analytical Sufficiency & appropriateness of Other procedures

procedures audit evidence
 Subsequent events
Analytical procedures are Auditor should assess
commonly used during the whether information  Going concern status
overall review of the gathered & audit evidence  Written representation
evidence obtained. obtained during audit are  Unadjusted misstatement
sufficient & appropriate.  Evaluation of accounting
policies used
Purpose of overall review of evidence
To form an opinion on the FS To consider need for further audit procedures
Audit Finalisation & Final Review 137

Review 138
Review ensures that

 FS are prepared using acceptable accounting polices that are applied consistently.
 Information & results of operations included in FS are compatible.
 Adequate disclosures are made.
 FS comply with all statutory and other requirements.
 The overall review enables the auditors to form an audit opinion on the FS.
The significance of uncorrected misstatements
Unadjusted misstatements: aggregate of errors that an auditor discovers & that have not been
corrected or adjusted in FS.
Steps for dealing with uncorrected misstatements
Material
Agrees
Ask management to adjust FS Immaterial
Disagrees
Modify audit report Check adjusted FS and give audit report
Intro: this Study Guide discusses the format & content of unmodified audit reports &
modified reports.
Format & content of unmodified reports

An unmodified audit report (AR): is issued by the auditor when they are able to express an unmodified
opinion & no modification to AR is necessary.
Unmodified reports
Title  should be clearly stated in auditor’s report
 indicates that audit has been conducted according to relevant ethical
requirements
Addressee  audit report (AR) should be addressed to concerned people i.e. to shareholders or
those charged with governance
Opening /  name of entity whose FS have been audited & title of each FS
introductory  the fact that statements have been audited
paragraph  title of each of the financial statements
should include  reference to accounting policies & explanatory notes
 date & period of audit covered
Management’s  relating to preparation & presentation of FS
responsibility  relating to designing & implementing internal controls, selecting & applying
(MR) for FS appropriate accounting policies & making reasonable accounting estimates
Audit reports 139

Reporting 140
Auditor’s  should be clearly disclosed in AR

responsibility  according to ISA 700, AR should state that:
 audit was carried out in accordance with ISAs
 reasonable care was exercised while planning audit procedures
 audit ensures that FS are free from material misstatement
 audit procedures followed by auditor depend upon their judgement
 audit involves valuation of whether proper accounting policies have been used
 auditor believes that sufficient audit evidence has been obtained
Auditor’s  AR should state auditor’s observations on FS.
opinion & other  Auditor can express either an unmodified or a modified opinion
reporting  An auditor issuing an unmodified report should:
responsibilities  disclose if FS are true & fair in all material respects
 identify country of origin / jurisdiction of reporting standards
 identify legal & regulatory requirements applicable to area of jurisdiction
Auditor  AR should be signed in :

signature  the name of audit firm
 the personal name of auditor
 both
Date of report Date when auditor has obtained sufficient appropriate audit evidence
Auditor’s Name / location country / jurisdiction where auditor practises

address
Basis for audit opinion
Auditor’s conclusion on the audit opinion would be based on the following factors:
 sufficiency and appropriateness of audit evidence

 materiality of uncorrected misstatements
 adequacy of disclosures relating to selection and application of accounting policies
 appropriateness of accounting policies selected
 consistency of the entity’s accounting policies with the applicable financial framework
 reasonableness of accounting estimates used by the entity
 qualitative characteristics of financial information i.e. whether relevant, reliable,
comparable and understandable
 fair presentation of financial information
Audit reports 141

Reporting 142
Circumstances under which an auditor issues various types of report

Audit opinion
Unmodified audit opinion: is issued by the Modified audit opinion: auditor modifies an
auditor when they are able to express an audit opinion when they cannot give an
unqualified opinion and no modification to the unmodified opinion; in such cases, they modify
audit opinion it is necessary. the expression “true and fair”.
FS is true & fair Qualified opinion

 Inability to obtain sufficient appropriate
Standard audit evidence ( SAAE)
 SAAE available, but misstatements in
financial statement (FS)
 Matter material but not pervasive to FS
Unmodified Auditor’s Modified audit
Disclaimer of opinion
audit opinion opinion opinion
 Inability to obtain SAAE
Emphasis of  Matter material as well as pervasive to FS
matter Adverse opinion
 FS is true &  SAAE available, but misstatements in FS
fair  Matter material as well as pervasive to FS
 Discloses
matters of
importance
Intro: this Study Guide discusses the format and content of internal audit review reports and
making appropriate recommendations to management and those charged with governance.
Format of internal audit review reports
Due attention should be paid to the format of the report.
 brief objectives and scope of audit

 executive summary highlighting significant observations
 detailed report
 observations (duly supported by sufficient evidence, as far as possible in terms of quantitative
data)
 implications
 recommendations
 comments of the auditee
 appendices giving supporting data
The report should be brief, specific, to the point and based on facts and figures.
Positive points should also be highlighted.
Internal Audit Reports 143

Reporting 144
Recommendations must be in respect of:

Typical format of the report contains:
Strengthening controls Cover of report

Improving efficiency of processes Terms of reference
Avoiding wastage & losses Executive summary

Suggesting corrective action to overcome Major observations / findings and
deficiencies recommendations
Adherence of management policies & Comments of the auditee
procedures Appendices
Recommendations should not be based on

mere theoretical concepts
Types of audit report provided in Oral reports

internal audit assignments Such situations occur when emergency action
 Formal reports needs to be taken and the auditor cannot wait
 Shorter, memorandum reports until the preparation of the report to convey the
 Presentations information.

F8 Audit & Assurance Key Notes

Uploaded by

Copyright:

Available Formats

You might also like

F8 Audit & Assurance Key Notes

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

F8 Audit & Assurance Key Notes

Uploaded by

Copyright:

Available Formats

Edition 4,Version 1

Statutory audits 5–8 Objective & general principles 37 – 38

Regulatory environment & corporate 9 - 16 Assessing the risks of material 39 – 40

Internal audit & corporate governance 25 - 26 Materiality, fraud, laws & 43 – 46

Difference between external auditor 27 – 28 Analytical procedures 47 – 50

Scope of internal audit function 29 – 30 Planning an audit 51 – 52

Outsourcing the internal audit function 31 - 32 Audit documentation 53 – 54

Tests of control 68 – 74 Subsequent events 125 – 128

Evaluation of internal control 75 – 78 129 – 134

Communication on internal 79 – 80 135 –136

Audit procedures 85 – 92 Audit reports 139 – 142

Features of GTG’s keynotes:

Objective & general principles of external audit

Assurance engagement : a professional accountant in public practice expresses a conclusion

General principles of external audit engagement

Concept of Audit & Other Assurance Engagements 1

Accountability, stewardship & agency

Accountability Stewardship Agency

Relationship between owners & management

Concept of Audit & Other Assurance Engagements 3

Assurance Services Level of Assurance

Review engagement: provides limited

Agreed upon procedure: auditor performs

Compilation: it involves collecting, classifying

Regulatory environment within which statutory audits take place

In many countries a statutory audit is

Appointment of auditors Removal / resignation of auditors

By the shareholders in AGM. Generally majority consent of shareholders

The person to be appointed as the auditor is Not applicable

Objectives of a statutory audit: Limitations of SA

Development & status of ISAs

155 members & associates

Development process of ISA

1. Research & consultation (task force)

Objective, relevance & importance of CG

Main principles Supporting principles Code provisions

 The board should meet

Regulatory Environment & Corporate Governance 11

Main principles Supporting principles Code provisions

Remuneration  Designed to  The performance-  Remuneration level for

Regulatory Environment & Corporate Governance 13

Overseeing general performance of external Overseeing internal audit work of the

Management: Auditors: Board of Directors: ensure that

Regulatory Environment & Corporate Governance 15

Fundamental principles of professional ethics

Five fundamental ethical principles of a professional accountant (PA)

Should be Comply with

Professional Ethics & ACCA’s Code of Conduct 17

The conceptual framework

Self interest threats Personal / financial interest in the organisation

An accountant has to review & revaluate their previous

A position / opinion to the point that subsequent objectivity

Deterred from acting objectively by threats, actual / perceived

Accountants required to study & are tested on

Implementing a system of internal control

Attend regular training & professional development

Professional Ethics & ACCA’s Code of Conduct 19

Auditor’s responsibility regarding auditor’s independence, conflicts of interest &