Audit Workbook

ACCA
AA
Audit and Assurance
Integrated Workbook
Audit and Assurance
British library cataloguing-in-publication data

A catalogue record for this book is available from the British Library.
Published by:
Kaplan Publishing UK
Unit 2 The Business Centre
Molly Millars Lane
Wokingham
Berkshire
RG41 2QZ
© Kaplan Financial Limited, 2022
The text in this material and any others made available by any Kaplan Group company does not amount to advice
on a particular matter and should not be taken as such. No reliance should be placed on the content as the basis
for any investment or other decision or in connection with any advice given to third parties. Please consult your
appropriate professional adviser as necessary. Kaplan Publishing Limited and all other Kaplan group companies
expressly disclaim all liability to any person in respect of any losses or other claims, whether direct, indirect,
incidental, consequential or otherwise arising in relation to the use of such materials. Printed and bound in Great
Britain.
Acknowledgements
These materials are reviewed by the ACCA examining team. The objective of the review is to ensure that the
material properly covers the syllabus and study guide outcomes, used by the examining team in setting the
exams, in the appropriate breadth and depth. The review does not ensure that every eventuality, combination or
application of examinable topics is addressed by the ACCA Approved Content. Nor does the review comprise a
detailed technical check of the content as the Approved Content Provider has its own quality assurance
processes in place in this respect.
This product contains copyright material and trademarks of the IFRS Foundation®. All rights reserved. Used
under licence from the IFRS Foundation®. Reproduction and use rights are strictly limited. For more information
about the IFRS Foundation and rights to use its material please visit www.ifrs.org.
Disclaimer: To the extent permitted by applicable law the Board and the IFRS Foundation expressly disclaims all
liability howsoever arising from this publication or any translation thereof whether in contract, tort or otherwise
(including, but not limited to, liability for any negligent act or omission) to any person in respect of any claims or
losses of any nature including direct, indirect, incidental or consequential loss, punitive damages, penalties or
costs.
Information contained in this publication does not constitute advice and should not be substituted for the services
of an appropriately qualified professional.
The IFRS Foundation logo, the IASB logo, the IFRS for SMEs logo, the ‘Hexagon Device’, ‘IFRS Foundation’,
‘eIFRS’, ‘IAS’, ‘IASB’, ‘IFRS for SMEs’, ‘IASs’, ‘IFRS’, ‘IFRSs’, ‘International Accounting Standards’ and
‘International Financial Reporting Standards’, ‘IFRIC’, NIIF® and ‘SIC’ are Trade Marks of the IFRS Foundation.
Trade Marks
The Foundation has trade marks registered around the world (‘Trade Marks’) including ‘IAS®’, ‘IASB®’, ‘IFRIC®’,
‘IFRS®’, the IFRS® logo, ‘IFRS for SMEs®’, IFRS for SMEs® logo, the ‘Hexagon Device’, ‘International Financial
Reporting Standards®’, NIIF® and ‘SIC®’.
Further details of the Foundation’s Trade Marks are available from the Licensor on request.
This product contains material that is ©Financial Reporting Council Ltd (FRC). Adapted and reproduced with the
kind permission of the Financial Reporting Council. All rights reserved. For further information, please visit
www.frc.org.uk or call +44 (0)20 7492 2300.
P.2
CONTENTS
Page
L7 Knowledge, Skills and Behaviours 1
Chapter 1 Introduction to assurance 5
Chapter 2 Rules and regulation 21
Chapter 3 Corporate governance 31
Chapter 4 Ethics and acceptance 53
Chapter 5 Risk 83
Chapter 6 Planning 115
Chapter 7 Evidence 157
Chapter 8 Systems and controls 203
Chapter 9 Internal audit 263
Chapter 10 Procedures 281
Chapter 11 Completion and review 337
Chapter 12 Reporting 371
Chapter 13 References 415
This document references IFRS® Standards and IAS® Standards, which are authored
by the International Accounting Standards Board (the Board), and published in the
2021 IFRS Standards Red Book.
P.3
Audit and Assurance
Integrated Workbook Icons
Additional Question Practice/Reading
Advantage
British Values
Definition/Terminology
Difficult Point
Disadvantage
Example
Ethics
Exam question styles
P.4
Audit and Assurance
Exam Technique Point
Formulae/Important Calculation
Illustration
Key Point
Legal/Regulation
Overview/Model Answers
PER Requirements
Notes
Risks
Study Text Questions
Question
P.5
Audit and Assurance
Quality and accuracy are of the utmost importance to us so if you spot an error in any
of our products, please send an email to [email protected] with full
details, or follow the link to the feedback form in MyKaplan.
Our Quality Coordinator will work with our technical team to verify the error and take
action to ensure it is corrected in future editions.
P.6
Audit and
Assurance
L7 Knowledge, Skills and Behaviours
As per the Level 7 Accountancy/Taxation Professional Apprenticeship standard, you

will need to demonstrate that you have the necessary Knowledge, Skills and
Behaviours.
The list below shows the relevant knowledge, skills and behaviours that you will have
demonstrated whilst studying for this subject. We have also linked these to relevant
examples and questions in the Integrated Workbook.
For qualification only students, it is also useful to understand which professional skills
and behaviours you are developing throughout this subject.
1
Knowledge An accountancy or taxation professional will be able to:
Assurance, risk Provide a degree of assurance that stakeholders can trust

and control information (financial and non-financial) regarding the
organisation, as relevant to their role. In doing so, they will be
able to exercise professional judgement and consider both risks
and risk management approaches.
Business Demonstrate knowledge of key business objectives and

acumen measurements of success.
Financial Prepare, analyse and interpret an organisation's financial

information information (both for internal and external purposes), as relevant
to their role.
Legislation Understand, interpret and apply the legislation, standards and

principles that apply to Standards and their role. This may
include, but not be limited to, accounting standards, auditing
Principles standards, taxation legislation, ethical codes and
internal principles adopted by an organisation.
Strategic Apply their judgement and make sustainable business decisions

business (including recommendations for good governance) using
management financial and non-financial information. Support strategic
and governance decision making with meaningful financial analysis and project
appraisal. Present a balanced conclusion, with supporting
evidence, which includes internal and external factors.
2
Audit and Assurance
Skills An accountancy or taxation professional will be able to:
Building Build trusted and sustainable relationships with individuals and

relationships organisations. Consistently support individuals and collaborate
to achieve results as part of a team.
Business insight Influence the impact of business decisions on relevant and

affected communities based on an appreciation of different
organisations and the environments in which they operate.
Communication Communicate in a clear, articulate and appropriate manner.

Adapt communications to suit different situations, individuals or
teams.
Ethics and Identify ethical dilemmas, understand the implications and

integrity behave appropriately. Understand their legal responsibilities,
both within the letter and the spirit of the law, as well as be
aware of the procedures for reporting concerns over potentially
unethical activities.
Leadership Take ownership of allocated projects and effectively manage

their own time and the time of others. Demonstrate good
project management skills to deliver high quality work within
the appropriate timeline. Act as a role model and motivate
others to deliver results.
Problem solving Evaluate information quickly and draw accurate conclusions.

and decision Assess a problem from multiple angles to ensure all relevant
making issues are considered. Gather the appropriate facts and
evidence in order to make decisions effectively.
3
Behaviours An accountancy or taxation professional will be able to:
Adds Value Anticipate an individual’s organisations future needs and

requirements. Identify opportunities that can add value for the
individual and organisation.
Continuous Take responsibility for their own professional development by

improvement seeking out opportunities that enhance their knowledge, skills
and experience.
Flexibility Adapt approach to assist organisations and individuals to

manage their conflicting priorities as circumstances change.
Professional Apply a questioning mind to conditions which may indicate a

scepticism possible misstatement of financial information due to error or
fraud.
4
Chapter 1
Introduction to assurance
Outcome
By the end of this session you should be able to:
 understand the concept of audit and other assurance engagements
 describe the limitations of external audits
and answer questions relating to these areas.
One of the PER performance objectives (PO4) is governance risk

and control. You contribute to effective governance in your area.
You evaluate, monitor and implement risk management
procedures, complying with the spirit and the letter of policies,
laws and regulations. Working through this chapter should help
you understand how to demonstrate that objective.
The underpinning detail for this chapter in your Integrated Workbook can
be found in Chapter 1 of your Study Text
5
Chapter 1
Overview
ASSURANCE
Elements Levels and

External
of types of Reviews
audits
assurance assurance
6
Elements of assurance
An assurance engagement is one in which a practitioner

expresses a conclusion designed to enhance the degree of
confidence of the intended users other than the responsible party
about the outcome of the evaluation or measurement of a subject
matter against criteria.
1.1 Key elements
Practitioner
3 Party Involvement Intended user
Responsible party
Subject Matter
E.g. financial statements, other
financial data, systems
Suitable Criteria
E.g. accounting standards,
UK Corporate Governance Code
Sufficient and To enable a conclusion or opinion to

appropriate evidence be formed
Written Assurance
Report
Expressing a conclusion or opinion
7
Chapter 1
1.2 The 3 party relationship
Responsible
Practitioner Intended User
Party
Depends on the Usually the

Assurance firm
assignment directors
Example 1
Buying a house
Need for assurance
There is a risk that a person pays a large sum of money to purchase a

structurally unsafe property which needs further expenditure to make it
habitable. To reduce this risk, it is normal for house buyers to pay a property
surveyor to perform a structural assessment of the house.
With this information the potential buyer can then make their decision whether
or not to buy the house with the confidence that they know its structural
condition.
Five elements
3 parties – surveyor (practitioner), buyer (intended user) and seller

(responsible party).
Subject matter – house.
Suitable criteria – building regulations/best practice.
Evidence – obtained by the surveyor performing an inspection of the property.
Written assurance report – surveyor’s report identifying any structural

deficiencies.
8
9
Chapter 1
Levels and types of assurance
2.1 Limited and reasonable assurance
Limited assurance Reasonable assurance
Moderate/lower level of High but not absolute level of

assurance assurance
Conclusion expressed
Opinion expressed positively
negatively
‘Nothing has come to our

attention which causes us to
‘In our opinion, the financial
believe that these
statements give a true and fair
assumptions do not provide a
view.’
reasonable basis for the
forecast.’
E.g. engagement to examine a E.g. audit of financial

forecast statements
10
The confidence inspired by a reasonable assurance report is designed to be greater

than that inspired by a limited assurance report.
Therefore:
 There are more regulations/standards governing a reasonable assurance

assignment
 The procedures carried out in a reasonable assignment will be more thorough
 The evidence gathered will need to be of a higher quality.
2.2 Different types of assurance engagement
The following are some examples of assurance engagements:
 Audit of financial statements
 Review of financial statements
 Examination of a forecast
 Review of internal controls
11
Chapter 1
External audit
3.1 External audit
External audits are governed by International Standards on Auditing

(ISAs).
ISA 200 Overall Objectives of the Independent Auditor and the Conduct
of an Audit in Accordance with International Standards on Auditing
states the objectives of an auditor are to:
 Obtain reasonable assurance about whether the financial statements as a

whole are free from material misstatement, whether due to fraud or error.
 Express an opinion on whether the financial statements are prepared, in all

material respects, in accordance with an applicable financial reporting
framework.
 Report on the financial statements, and communicate as required by ISAs, in

accordance with the auditor's findings.
3.2 Need for external audit
 Shareholders provide the finance for a company and may or may not be
involved in the day to day running of the company.
 Directors manage the company on behalf of the shareholders in order to

achieve the objectives of that company (normally the maximisation of
shareholder wealth).
 The directors must prepare financial statements to provide information on

performance and financial position to the shareholders.
 The directors have various incentives to manipulate the financial statements

and show a different level of performance.
 An external audit provides an independent verification of the financial

statements to ensure they give a true and fair view.
12
3.3 Benefits of an audit
 Higher quality information which is more reliable, giving investor’s faith in and
improving the reputation of the market.
 Independent scrutiny and verification may be valuable to management.
 Reduces the risk of management bias, fraud and error by acting as a deterrent.
An audit may also detect bias, fraud and error.
 Enhances the credibility of the financial statements, e.g. for tax authorities or
lenders.
 Deficiencies in the internal control system may be highlighted by the auditor.
3.4 Limitations of an audit
An audit cannot provide confirmation that the financial statements are 100% accurate
due to the nature of financial reporting, the nature of the audit procedures performed
and the timeliness of financial reporting.
 Financial statements include subjective estimates and other judgmental

matters.
 Internal controls may be relied on which have their own inherent limitations.
 Representations from management and other client generated evidence are

less reliable than independent evidence or evidence obtained directly by the
auditor.
 Evidence is often persuasive not conclusive.
 Do not test all transactions and balances, only a sample are tested.
13
Chapter 1
3.5 Expectation gap
Misconceptions about the role of an auditor are referred to as the expectation gap.
Examples of the expectation gap:
 A belief that the auditor tests all transactions and balances. Tests are performed
on a sample basis.
 A belief that the auditor will detect all fraud. The auditor is required to provide
reasonable assurance that the financial statements are free from material
misstatement, which may be caused by fraud.
 A belief that the auditor is responsible for preparing the financial statements.
This is the responsibility of management.
 A belief that an unmodified auditor’s opinion guarantees that the company is a

going concern.
14
Question 1
Which TWO of the following are objectives of the external auditor?
A To consider the adequacy of the accounting records which have been

maintained
B To confirm the company will continue trading for the foreseeable future
C To obtain an understanding of the internal control system in place
D To access the books and records of the company
This question allows you to demonstrate knowledge of Assurance, risk

and control.
Solution
The correct answers are A and C.
The auditor does not guarantee the going concern status of the company.
Accessing the books and records of the company represents one of the rights
of the auditor which enables them to achieve their objectives.
15
Chapter 1
Review engagements
 A review engagement is an example of a limited assurance engagement.
 A company which is not legally required to have an audit may choose to have a
review of its financial statements instead.
 The procedures will mainly focus on analytical procedures and enquiries of

management.
 A lower level of assurance is given than an audit but it is less costly and less
disruptive.
16
Question 2
Your firm has been invited to provide assurance over the financial statements
of Morocco Co. The directors are unsure whether the engagement should be
a review or an audit of the financial statements and would like you to explain
the difference. They would also like you to explain the advantages and
disadvantages of having an audit rather than a review.
Required:
Explain the difference between a review and an audit of the financial

statements and describe the advantages and disadvantages of having
an audit.
This question allows you to demonstrate knowledge of Assurance, risk and

control and the skill of Communication.
Solution
Difference between audit and review of financial statements
 A review of the financial statements will provide limited assurance

whereas an audit will provide reasonable assurance.
 Limited assurance provides a lower level of assurance (confidence) that

the financial statements (the subject matter) which states whether
anything has come to the attention of the assurance provider that causes
them to believe the financial statements have not been prepared in all
material respects with the appropriate financial reporting framework (the
suitable criteria).
 Reasonable assurance provides a high level of assurance as to whether

or not the financial statements conform in all material respects with the
appropriate financial reporting framework.
 In order to provide the high level of assurance required, the work

performed in an audit will be more comprehensive than that required for
a review. Tests of controls as well as substantive procedures will be
performed during an audit whereas a review will mainly involve enquiries
and analytical procedures.
17
Chapter 1
Solution continued
Advantages of an audit
 As the work performed is more comprehensive there is a greater chance

of detecting fraud and error.
 Deficiencies in controls may be identified which the directors will then be

able to rectify.
 An audit will provide greater confidence to the users of the financial

statements, such as providers of finance, about the reliability and
credibility of the information, which may make it easier to obtain finance.
 Scrutiny by an independent third party may be valuable to management.
Disadvantages of an audit
 As the work performed is more comprehensive, more time will be

required which may be disruptive for the client.
 As an audit is more time consuming, the fee to be paid to the assurance

provider will be greater than that for a review.
18
Question 3
Which of the following describes the level of assurance which will be
provided following a review of a five-year profit forecast?
A Limited assurance, positive conclusion
B Reasonable assurance, negative conclusion
C Limited assurance, negative conclusion
D No assurance

and control.
Solution
The correct answer is C.
For a review of a forecast, the most appropriate level is assurance is limited

assurance provided through a negative conclusion due to the inherent
uncertainty of forecasting.
19
Chapter 1
For further reading, visit Chapter 1 from the Study Text.
You should now be able to answer TYU questions 1, 2 and 3 from the Study
Text.
20
Chapter 2
Rules and regulation
Outcome
 describe the regulatory environment within which external audits take place
One of the PER performance objectives (PO4) is governance

risk and control. You contribute to effective governance in your
area. You evaluate, monitor and implement risk management
21
Chapter 2
Overview
RULES AND REGULATION
Legal Professional
requirements standards
22
Legal requirements
National law affects:
 Which companies are required to have an audit
 Who can and cannot carry out an audit
 Auditor appointment, removal and resignation
 The rights and duties of an auditor.
1.1 Which companies require an audit
In most countries, companies are required by law to have an audit, although small or
owner-managed companies are often exempt. This is because there is less value in
an audit for these companies.
Note that these exemptions often do not apply to companies in certain regulated
sectors, e.g. financial services companies or companies listed on a stock exchange.
1.2 Who can and cannot carry out an audit
To be eligible to act as auditor, a person must be:
 A member of a Recognised Supervisory Body (RSB), e.g. ACCA, and allowed

by the rules of that body to be an auditor, or
 Someone directly authorised by the state.
A person cannot be auditor of a company if they are:
 Excluded by law: Those who manage or work for the company and those who
have business or personal connections cannot audit the company.
 Excluded by the Code of Ethics: Auditors must also comply with a Code of
Ethics. The Code of Ethics requires the auditor to consider any factors that
would prevent them acting as auditor, such as independence, competence or
issues regarding confidentiality.
23
Chapter 2
24
1.3 Auditor appointment, removal and resignation
Appointment of auditors
In most cases, the shareholders (members) of the company appoint the

auditor by voting them in.
Auditors of public companies are appointed from one AGM to the next
one.
Auditors of private companies are appointed until they are removed.
The following parties can also appoint the auditor if for any reason the shareholders
have not been able to:
 Directors – can appoint the first auditor or to fill a ‘casual vacancy’. This requires
the members’ approval at a members' meeting. In some countries the auditor
may be appointed by the directors as a matter of course.
 Secretary of State – if no auditor is appointed by the members or directors.
25
Chapter 2
Removal of auditors
Arrangements for removing the auditor have to be structured in such a way that:
 The auditor has sufficiently secure tenure of office, to maintain independence of

management.
 The auditor can be removed if there are doubts about their continuing ability to
carry out their duties effectively.
Removal of the auditor can usually be achieved by a simple majority at a general

meeting of the company.
There are some safeguards, such as a specified notice period, to prevent the
resolution to remove the auditor being ‘sprung’ on the meeting.
The auditor can circulate representations stating why they should not be removed if
applicable.
A statement of circumstances must be sent to the company and the regulatory

authority to set out issues surrounding the cessation of office whenever and however
they cease to be auditor.
Resignation of auditors
In practice, if the auditor and management find it difficult to work together, the auditor
will usually resign.
On resignation, the auditor issues written notice of the resignation and a statement of
circumstances to the members and regulatory authority.
26
1.4 Rights and duties of an auditor
Rights during appointment as auditor
 Access to the company’s books and records at any reasonable time.
 To receive information and explanations necessary for the audit.
 To receive notice of and attend any general meeting of members of the

company.
 To be heard at such meetings on matters of concern to the auditor.
 To receive copies of any written resolutions of the company.
Rights on removal/resignation
 To request a General Meeting of the company to explain the circumstances of

the resignation.
 To require the company to circulate the notice of circumstances relating to the

resignation.
Duties of the auditor
The external auditor's primary duty is to audit the financial statements and provide an
opinion on whether the financial statements give a true and fair view (or are fairly
presented in all material respects).
They may have additional reporting responsibilities required by local national law,
such as confirming that the financial statements are properly prepared in accordance
with those laws.
27
Chapter 2
Professional standards
IFAC promotes international regulation of the accountancy profession.
One of the subsidiary boards of IFAC is the International Audit and Assurance
Standards Board (IAASB).
It is the IAASB’s responsibility to develop and promote International Standards on

Auditing (ISAs).
 ISAs are professional guidance that auditor’s must follow to ensure each audit
is performed consistently and to a required standard of quality.
 ISAs are not legal requirements. If a country has a law in place which is
inconsistent with the requirements of the ISAs, local law should be followed.
 ISAs are written in the context of an audit of the financial statements but can be
applied to the audit of other historical financial information.
 ISAs must be applied in all but exceptional cases. Where the auditor deems it
necessary to depart from an ISA to achieve the overall aim of the audit, this
departure must be justified.
National standard setters
 may develop their own auditing standards and ethical standards
 may adopt and implement ISAs, possibly after modifying them to suit national
needs.
In the event of a conflict between the two sets of guidance, local regulations will
apply.
28
The role of professional bodies
Professional bodies (such as the ACCA and ICAEW) promote quality within the
profession through provision of:
 Rigorous qualifications
 Support to members
 Technical expertise to governments on accounting and business matters.
To obtain membership to a professional body, a person must:
 Successfully complete the exams provided by that body
 Be able to demonstrate appropriate practical experience (usually a minimum of

three years)
 Complete an ethical assessment.
To maintain membership a member must:
 Demonstrate continuing professional development (CPD) to ensure knowledge

and skills are kept up to date.
 Comply with a code of ethics and conduct to ensure they act in a professional
manner at all times.
If a member is found not to have complied with the rules of the professional body,
disciplinary action will be taken which may involve fines, reprimands, suspension
from membership for a limited time or withdrawal of membership.
29
Chapter 2
Text.
30
Chapter 3
Corporate governance
Outcome
 discuss the objectives, relevance and importance of corporate governance
 discuss the provisions of international codes of corporate governance (such as

OECD) that are most relevant to auditors
 describe good corporate governance requirements relating to directors’

responsibilities (e.g. for risk management and internal control) and the reporting
responsibilities of auditors
 evaluate corporate governance deficiencies and provide recommendations to

allow compliance with international codes of corporate governance
 analyse the structure and roles of audit committees and discuss their benefits
and limitations
 explain the importance of internal control and risk management
 discuss the need for auditors to communicate with those charged with
governance
31
Chapter 3
One of the PER performance objectives (PO4) is governance risk

and control. You contribute to effective governance in your area.
You evaluate, monitor and implement risk management
32
Overview
Objectives
CORPORATE
GOVERNANCE
Audit Auditor
committees reporting
Corporate
Governance Code
33
Chapter 3
Objectives
1.1 Importance of corporate governance
Corporate governance is the means by which a company is operated

and controlled.
The aim of corporate governance is to ensure that companies are run well in the
interests of their shareholders, employees, and other key stakeholders such as the
wider community.
A company following good corporate governance principles should be less exposed
to risk of directors abusing their powers.
Advantages of following good corporate governance principles:
 Greater transparency
 Greater accountability
 Efficiency of operations
 Better able to respond to risks
 Less likely to be mismanaged
1.2 Relevance of corporate governance to the external auditors

A company complying with good corporate governance principles is likely to have a
stronger control environment, therefore less risk of material misstatement in the
financial statements.
External auditors may be required to report on whether companies are compliant with
corporate governance regulations.
There is significantly more communication between audit committees and external
auditors in the current environment. If the company, including the audit committee,
demonstrates good corporate governance, the external auditor will have someone
with which to share responsibility. This should result in the company taking more
responsibility for its actions, the independence of the auditor being greater, and the
overall quality of the audit being higher.
34
Corporate Governance Code
The UK Corporate Governance Code provides the following

guidance.
Corporate
Governance Code
Board leadership Composition, Audit, risk and

and company succession internal
purpose and evaluation control
Division of
Remuneration
responsibilities
35
Chapter 3
2.1 Board leadership and company purpose
Principles
 Each company should have an effective board who take collective responsibility
for the long term success of the company.
 The board should ensure that the necessary resources are in place for the
company to meet its objectives.
 The board should establish a framework of effective controls to enable risk to be

assessed and managed.
 The board should encourage participation from shareholders and stakeholders.
 The workforce should be able to raise matters of concern.
Main provisions
 The board should describe in the annual report how opportunities and risks to
the future success of the business have been considered and addressed.
 The board should assess and monitor culture. Where behaviour throughout the
business is not consistent with the purpose, values or strategy, the board
should ensure management have taken corrective action.
 The chair should seek regular engagement with major shareholders. The board
as a whole should understand the views of the shareholders.
 The board should understand the views of the company’s other key
stakeholders and describe how their interests have been considered in board
discussions. For engagement with the workforce, the company should use a
director appointed from the workforce, a workforce advisory panel or a
designated non-executive director (NED).
 The workforce should be able to raise concerns in confidence and anonymously

(‘whistleblowing’).
 The board should take action to manage conflicts of interest.
 Directors’ concerns about the operation of the board or management of the

company that cannot be resolved should be minuted. On resignation, a NED
should provide a written statement to the chair for circulation to the board if they
have any concerns.
36
37
Chapter 3
2.2 Division of responsibilities
Principles
 The chair leads the board and is responsible for its overall effectiveness.
 The chair should ensure effective contribution of all board members.
 The chair should ensure that directors receive clear, accurate and timely
information.
 The board should be balanced so that no individual or small group of individuals

can dominate board decisions.
 NEDs should have sufficient time to meet their board responsibilities and should
hold management to account.
 The board should ensure it has the policies, processes, information, time and
resources it needs to function effectively and efficiently.
Main provisions
 The chair should be independent on appointment.
 The chair and chief executive roles should not be taken by the same individual
and the chief executive should not become the chair of the same company.
 At least half the board, excluding the chair should be independent NEDs.
 The board should identify the independent NEDs in the annual report.
 One of the independent NEDs should be appointed as a senior independent

director to provide a sounding board for the chair.
 The NEDs and the senior independent director should meet without the chair
present at least annually to appraise the chair’s performance.
 NEDs appoint and remove executive directors and scrutinise performance

against agreed performance objectives.
38
2.3 Composition, succession and evaluation
Principles
 Appointments to the board should be subject to a formal, rigorous and
transparent procedure.
 An effective succession plan should be maintained for board and senior
management.
 Appointments and succession should be based on merit and objective criteria
and should promote diversity.
 The board and its committees should have a combination of skills, experience
and knowledge.
 Annual evaluation of the board should consider its composition, diversity and
how effectively members work together to achieve objectives.
Main provisions
 A nomination committee (NC) should be established to appoint board members.
 A majority of the committee members should be independent NEDs.
 The chair should not be a member of the committee when the committee is
dealing with the appointment of their successor.
 All directors should be subject to annual re-election.
 The chair should not remain in post for more than nine years from the date of
their first appointment. This period can be extended for a limited time to
facilitate effective succession planning.
 Open advertising and/or an external search consultancy should be used for the
appointment of the chair and NEDs.
 There should be a formal and rigorous annual evaluation of the performance of
the board, its committees, the chair and the individual directors.
 The annual report should describe the work of the NC including the process
used in making appointments, how the board evaluation has been conducted,
the policy on diversity and inclusion and the gender balance of those in senior
management.
39
Chapter 3
Question 1
Fusilli Co has a board of directors comprising four executive directors and
three non-executive directors including the chair. The chair is due to retire next
year and the chief executive has been proposed as the replacement due to
her experience.
Required:
Explain why the proposal does not comply with corporate governance
regulations.
This question allows you to demonstrate knowledge of Legislation and the skill
of Communication.
Solution
To comply with corporate governance regulations, the chief executive cannot

become the chair as the chair must be independent on appointment. The
company must advertise externally or use an external agency to find a
replacement.
In addition, the board is not balanced as there must be an equal number of

executive and non-executive directors, excluding the chair. Therefore two
more non-executive directors must be appointed.
40
2.4 Remuneration
Principles
 Remuneration should be designed to promote the long-term sustainable

success of the company.
 Executive remuneration should be aligned to the company purpose, values and

long-term strategy.
 The board should establish formal and transparent procedures for developing
the policy for executive directors' remuneration.
 No director should be involved in setting his/her own pay.
Main provisions
 A remuneration committee (RC) comprising a minimum of three independent

NEDs should be established.
 The chair cannot chair the RC and can only be a member if they were
independent on appointment.
 The RC should determine the policy for executive director remuneration and set
remuneration for the chair, executive directors and senior management.
 Workforce remuneration and related policies should be taken into account when
setting the policy for executive director remuneration.
 NED remuneration should be determined by the board, reflecting time

commitment and responsibilities of the role and should not include share
options or other performance related elements.
 Remuneration schemes should promote long-term shareholdings by executive

directors. Shares awards should be released for sale on a phased basis and be
subject to a total vesting and holding period of five years or more.
 Remuneration schemes should include provisions that enable a company to

recover or withhold sums or share awards.
 Only basic salary should be pensionable and pension contribution rates should
be aligned with those available to the workforce.
 Notice or contract periods should be one year or less. New directors may be
offered longer periods but the period should reduce after the initial period.
 When determining the executive director remuneration policy and practices the
committee should ensure remuneration arrangements are transparent, easy to
understand, predictable, proportionate, and aligned to culture.
41
Chapter 3
42
Question 2
The directors of Farfalle Co are paid a substantial fixed salary plus an annual
profit-related bonus. Fixed salaries are decided by the chief executive
following an annual appraisal of each director’s performance. All directors
have been in their roles for over five years and have contractual notice periods
of two years. The company is planning to list on a stock exchange in the next
six months.
Required:
Describe the actions Farfalle Co will need to take once listed to become
compliant with corporate governance regulations.
This question allows you to demonstrate knowledge of Legislation and the skill
of Problem solving and decision making.
Solution
Once listed, the company must comply with corporate governance regulations.
This will require the directors’ remuneration to be redesigned.
A remuneration committee will need to be established which will be
responsible for setting the remuneration policy.
Workforce remuneration should be taken into consideration to ensure
directors are not paid excessively in comparison with employees.
Remuneration should promote long-term sustainable success of the company.
The fixed salary should be more modest to avoid directors being rewarded for
poor performance.
The annual profit-related bonus should be stopped as this can encourage
short term benefits as the expense of long term success. Share options with a
minimum vesting period of five years could be introduced to replace the profit-
related bonus.
In addition, the notice period of all directors should be reduced to a maximum
of one year.
43
Chapter 3
2.5 Audit, risk and internal control
Principles
 The board should establish formal and transparent policies and procedures to
ensure the independence and effectiveness of internal and external audit
functions and satisfy itself on the integrity of financial and narrative statements.
 The board should present a fair, balanced and understandable assessment of

the company’s position and prospects.
 The board should establish procedures to manage risk, oversee the internal
control framework, and determine the nature and extent of the principal risks the
company is willing to take in order to achieve its long-term strategic objectives.
Main provisions
 The board should establish an audit committee (AC) of independent NEDs, with
a minimum membership of three, or in the case of smaller companies, two.
 The chair of the board should not be a member of the audit committee.
 The committee as a whole must have competence relevant to the sector in

which the company operates.
 The directors should explain in the annual report their responsibility for
preparing the annual report and accounts.
 The board should monitor the company’s risk management and internal control
systems and, at least annually, carry out a review of their effectiveness and
report on that review in the annual report.
 The board should state whether it considers it appropriate to adopt the going
concern basis of accounting in preparing the financial statements, and identify
any material uncertainties to the company’s ability to continue to do so over a
period of at least 12 months from the date of approval of the financial
statements.
 The board should explain in the annual report how it has assessed the
prospects of the company, over what period it has done so and why it considers
that period to be appropriate.
44
45
Chapter 3
Audit committees
3.1 Composition, objectives and functions of an audit committee
Audit committees
Composition Objectives Function
Minimum 3
Increase public Monitor financial
independent non-
confidence statements
executive directors
At least one with Provide financial

Review controls
financial expertise awareness
Independent of Monitor and

Strengthen
operational review internal
independence
management audit
Monitor
independence of
external auditor
46
3.2 Benefits of an audit committee
 Improved credibility of the financial statements through an impartial review of

the financial statements and discussion of significant issues with the external
auditors.
 Increased public confidence in the audit opinion as the audit committee will
monitor the independence of the external auditors.
 Stronger control environment as the audit committee help to create a culture of

compliance and control.
 The internal audit function will report to the audit committee increasing their
independence and adding weight to their recommendations.
 The skills, knowledge and experience (and independence) of the audit

committee members can be an invaluable resource for a business.
 It may be easier and cheaper to arrange finance, as the presence of an audit

committee can give a perception of good corporate governance.
 It will be less of a burden to meet listing requirements if an audit committee

(which is usually a listing requirement) is already established.
3.3 Problems of an audit committee
 Difficulties recruiting the right non-executive directors who have relevant skills,
experience and sufficient time to become effective members of the committee.
 Expensive as members of the committee will be paid for their time.
47
Chapter 3
Question 3
Which of the following responsibilities should be included within the
terms of reference for the audit committee?
1 Reviewing and monitoring the external auditor’s independence and

objectivity
2 Appointing and removing the external auditors
3 Evaluating and monitoring the effectiveness of the internal audit function
A 1, 2 and 3
B 1 and 2 only
C 1 and 3 only
D 2 and 3 only
This question allows you to demonstrate knowledge of Legislation.
Solution
The audit committee makes recommendations in relation to the appointment

and removal of the external auditors but it is the shareholders who are
responsible for their appointment and removal.
48
Auditor reporting
ISA 700 (UK) Forming an Opinion and Reporting on Financial Statements requires
the auditor to report by exception in the auditor’s report of a company disclosing
compliance with the UK Corporate Governance Code where the annual report
includes:
 A statement given by the directors that they consider the annual report and
accounts taken as a whole is fair, balanced and understandable and provides
the information necessary for shareholders to assess the entity’s performance,
business model and strategy, that is inconsistent with the knowledge acquired
by the auditor in the course of performing the audit.
 A section describing the work of the audit committee that does not appropriately
address matters communicated by the auditor to the audit committee.
 An explanation, as to why the annual report does not include such a statement
or section that is materially inconsistent with the knowledge acquired by the
auditor in the course of performing the audit.
 Other information that, in the auditor’s judgment, contains a material

inconsistency.
49
Chapter 3
Question 4
You are an audit manager working for Tortellini & Co which has audited
Fettuccine Co for the last seven years. The board has decided that
Fettuccine Co should be listed on a stock exchange and the board has asked
Tortellini & Co to advise the company on how to become compliant with
corporate governance guidelines.
Which of the following are typical requirements contained within best

practice corporate governance guidelines?
1 The remuneration committee should only consist of independent non-

executive directors
2 The chief executive officer should be responsible for leadership of the

board and ensuring its effectiveness
3 The non-executive directors should provide constructive challenge and

strategic guidance
4 The audit committee’s key role is appointing and liaising with the external
auditor
A 1 and 3 only
B 2 and 4 only
C 1, 3 and 4
D 2, 3 and 4
This question allows you to demonstrate knowledge of Legislation.
Solution
The correct answer is A.
It is the chairman, not the chief executive officer who is responsible for the
board.
The audit committee will liaise with the external auditor, although this is not its
key role, but is not responsible for their appointment. The audit committee may
make recommendations regarding the appointment of the external auditor but
appointment is normally by the shareholders at a general meeting.
50
51
Chapter 3
Text.
Study Text Chapter 16: TYUs 16 and 17.
52
Chapter 4
Ethics and acceptance
Outcome
 define and apply the fundamental principles of professional ethics
 define and apply the conceptual framework
 discuss the safeguards to offset the threats to the fundamental principles
 describe the auditor’s responsibility with regard to auditor independence,

conflicts of interest and confidentiality
 discuss the requirements of professional ethics and ISAs in relation to the

acceptance/continuance of audit engagements
 explain the preconditions for an audit
 explain the process by which an auditor obtains an audit engagement
 discuss the importance and purpose of engagement letters and their contents
53
Chapter 4
One of the PER performance objectives (PO1) is ethics and

professionalism. The fundamental principles of ethical behaviour
mean you should always act in the wider public interest. You need
to take into account all relevant information and use professional
judgement, your personal values and scepticism to evaluate data
and make decisions. You should identify right from wrong and
escalate anything of concern. You also need to make sure that
your skills, knowledge and behaviour are up-to-date and allow you
to be effective in your role. Working through this chapter should
help you understand how to demonstrate that objective.
54
Overview
ETHICS AND ACCEPTANCE
Acceptance of
Code of ethics
engagements
 Conceptual  Acceptance
framework considerations
 Fundamental  Preconditions for

principles an audit
 Threats and  Engagement

safeguards letter
 Confidentiality
 Conflicts of
interest
55
Chapter 4
The Code of Ethics
1.1 Independence
Professional accountants have a responsibility to act in the public interest.
In order to be trusted the assurance provider needs to be independent of their client.
Independence is freedom from situations and relationships where

objectivity would be perceived to be impaired by a reasonable and
informed third party.
1.2 Conceptual framework

There are two main approaches to ethical guidance:
Principles based Rules based

 Requires compliance with the spirit  May be easier to follow because
of the guidance rules are clearly defined
 Requires the accountant to use  Needs frequent updating to ensure
professional judgment the guidance applies to new
situations
 Flexible, so can be applied to new,
unusual or rapidly changing  May encourage accountants to
situations interpret requirements narrowly in
order to get round the spirit of the
 Principles may be applied across requirements
national boundaries where laws
may not  Virtually impossible to be able to
deal with every situation that may
 Can still incorporate specific rules arise, particularly across various
for ethical situations likely to affect national boundaries and in a
many firms. dynamic industry.
A conceptual framework relies on a principles-based approach rather than a rules-

based approach.
The International Ethics Standards Board for Accountants (IESBA) has issued the
International Code of Ethics for Professional Accountants which follows a conceptual
framework approach.
56
1.3 Fundamental ethical principles
There are five fundamental ethical principles which professional

accountants must follow.
Principle Description
Members must be straightforward and honest in all

Integrity
professional and business relationships.
Members must not allow bias, conflict of interest or

Objectivity undue influence of others to override professional or
business judgments.
Members must attain and maintain professional

Professional competence
knowledge and skill at an appropriate level and must act
and due care
diligently in accordance with professional standards.
Information on clients must not be disclosed without

Confidentiality appropriate authority or used for personal advantage of
members or third parties.
Members must comply with relevant laws and avoid any

Professional behaviour
action that would discredit the profession.
57
Chapter 4
Example 1
Integrity – The audit firm made a mistake when calculating the amount of
expenses to be recharged to the client and overcharged them. The client did
not notice and has paid the full amount. To comply with the principle of
integrity the audit firm must inform the client and repay the amount
overcharged.
Objectivity – The audit firm earns 40% of its income from one company by
providing audit and non-audit services. The audit firm should not be
dependent on a client for fees as this will impair objectivity and affect the
outcome of the audit. The firm will not want to upset the client for fear of losing
them, therefore the auditor may ignore material misstatements in the financial
statements rather than request them to be adjusted.
Professional competence and due care – The audit firm did not allow
sufficient time to complete the audit of a client and as a result some of the
planned audit procedures were not performed. The auditor will not have
obtained sufficient appropriate evidence which is required by ISAs. As a result,
the audit has not been performed with professional competence and due care.
Confidentiality – a member of the audit team has told friends and family to
buy shares in an audit client as they expect the share price will rise when the
financial statements are published next week. The auditor must not disclose
information about the client outside of the audit team as this is a breach of
confidentiality.
Professional behaviour – Outside of working hours an auditor was involved

in a road traffic accident but left the scene in order to avoid any punishment.
Leaving the scene of an accident is a criminal act. Such behaviour discredits
the profession and is a breach of the fundamental principle of professional
behaviour.
This example demonstrates knowledge of Legislation and the skill of

Ethics and integrity.
58
Question 1
Which of the following statements relating to codes of professional
ethics are correct?
1 Codes of professional ethics are prescriptive ethical rules which

professional accountants should consider in every situation
2 A code of professional ethics allows a professional accountant to apply

fundamental ethical principles to a given situation
3 A code of professional ethics encourages professional accountants to

think about more than just legal compliance
4 Compliance with codes of professional ethics is a legal requirement for

professional accountants
A 1 and 2
B 1 and 3
C 2 and 3
D 3 and 4
Solution
The correct answer is C. Codes of professional ethics, including ACCA’s Code

of Ethics and Conduct adopt a principles based approach rather than being a
prescriptive set of rules. This approach identifies fundamental principles,
threats to these principles and safeguards which can be put in place. This
approach requires the professional accountant to use professional judgment
when applying ethical principles to any given situation. Compliance with codes
of professional ethics is a professional requirement. On this basis, statements
1 and 4 are incorrect.
59
Chapter 4
1.4 Threats to independence
The auditor must identify any threats to independence, assess the significance of the
threats and implement safeguards to mitigate or eliminate the threat.
IDENTIFY THREATS
ASSESS THREATS
APPLY SAFEGUARDS
IF NECESSARY
REDUCE THE THREAT TO

ELIMINATE THE THREAT
AN ACCEPTABLE LEVEL
60
Threat Definition Examples
Self-interest Where the auditor has a  Owning shares in a client

financial or other interest
that will inappropriately  Fee dependency
influence their judgment or
behaviour  Gifts and hospitality
 Employment with the client
 Overdue fees
Familiarity The auditor becomes too  Long association

sympathetic to, or trusting
of, a client and loses  Personal relationships
professional scepticism
 Movement of staff between the
firm and client
Self-review The auditor will be unlikely  Accounts preparation

to admit to errors in their
own work, or may not  Internal audit
identify the errors in their
own work  Tax computations
Advocacy Promoting the position of  Representing the client

the client or representing
them in some way  Promoting the client
 Negotiating on behalf of the

client
Intimidation Actual or perceived  Fee dependency

pressures from the client,
or attempts to exercise  Personal relationships
undue influence over the
assurance provider  Audit partner leaves to join the
client
 Litigation with the client
61
Chapter 4
62
1.5 Safeguards
A safeguard is an action or measure that eliminates a threat, or

reduces it to an acceptable level. If the threat cannot be eliminated or
reduced to an acceptable level, the assurance provider must decline or
resign from the engagement.
Threat Examples of safeguards

Self-interest
Owning shares or having a  Sell the shares
financial interest in a client
Fee dependency Non-listed clients:
 Increase the client base to reduce dependency
 Have an independent review of the work
Listed clients:
 Fees from one client should not exceed 15% of
the firm’s fee income for two consecutive years
 Have an independent engagement quality
review (EQR) performed by a person not a
member of the audit firm
Gifts and hospitality  Only accept if trivial and inconsequential
 If trivial and inconsequential but offered as an
inducement to influence the auditor’s
behaviour, reject the offer
Employment with the client  The auditor should notify the firm of possible
employment
 Remove the person from the team
 Perform an independent review of significant
judgments made by that individual
Business relationships  The firm should not have a close business
relationship unless any financial interest is
immaterial and the business relationship is
insignificant to the client, firm or team member
 Purchase of goods and services is not a threat
if the transaction is in the normal course of
business and on commercial terms
63
Chapter 4
Threat Examples of safeguards

Overdue fees  Cease audit work until full or partial payment
has been made
 Do not issue the current year auditor’s report
until payment has been received
 Perform an independent review of the work
 Consider resigning if fees remain outstanding
for a significant amount of time
64
Familiarity
Long association Non-listed clients:
 Rotate individuals off the audit
 Change the role or nature of tasks the
individual performs
 Perform an EQR
Listed clients:
 Rotate the audit partner after 7 years and they
must serve a cooling-off period of 5 years
before returning to the client
 Where an EQR is rotated, a cooling-off period
of 3 years must be served
Personal relationships  Remove the person from the team
 Structure the team so that the individual does
not deal with matters that are the responsibility
of the family member
Movement of staff between  Review the work of the former audit team
the firm and client member
 Review the composition of the team
 Modify the audit plan
Audit partner leaves to join  For listed clients, financial statements covering
the client a 12 month period must have been issued by
the entity and the partner must not have been
involved in the audit of those financial
statements
Self-review
Self-review  Where non-audit services are provided,
separate teams must be used and an
independent review of the work must be
performed
 Non-audit services provided to listed clients
are more restricted
Accounts preparation Non-listed clients:
 Only services which are routine and
mechanical in nature can be provided
Listed clients:
 Accounts preparation, bookkeeping and payroll
services are prohibited
65
Chapter 4
Internal audit  For listed clients, services must not be in

relation to financial accounting systems
Tax calculations for Non-listed clients:
inclusion in the financial  Use a tax professional who is not an audit
statements team member to perform the service
Listed clients:
 Current or deferred tax calculations cannot be
performed if they are material to the financial
statements. Where figures are immaterial, the
safeguards for non-listed clients should be
applied
Tax planning and advice  Advice cannot be provided when the
effectiveness of the advice depends on a
particular accounting treatment
 Where advice can be given, a tax professional
who is not an audit team member must
perform the service
IT services Non-listed clients:
 Use an IT professional who is not an audit
team member to perform the service
Listed clients:
 No services can be provided in respect of IT
systems which are significant to the financial
statements or financial reporting
Valuation services Where services can be provided:
 Use a professional who is not an audit team
member to perform the service
Non-listed clients:
 Valuations which involve significant subjectivity
and which are material cannot be provided
Listed clients:
 Valuations which are material (regardless of
subjectivity) cannot be provided
66
Advocacy
Representing the client in a  A firm cannot act as an advocate for the audit
public tribunal or court client before a public tribunal or court if the
e.g. in a tax dispute matter would have a material effect on the
financial statements
 Where services are allowed, a professional

who is not an audit team member must
perform the service
Promoting the client  The audit firm must not act for the audit client
in this way. Any request for such services must
be politely declined
Negotiating on behalf of the Corporate finance services are prohibited where:
client for finance
 the effectiveness of the advice depends on a
particular accounting treatment or presentation
in the financial statements
 the audit team has reasonable doubt as to the

appropriateness of the accounting treatment
and
 the outcome will have a material effect on the

Where services are allowed, a professional who is

not an audit team member must perform the service
and the work must be reviewed by someone not
involved with the work
Intimidation
Litigation with the client  The significance of the threat depends on
materiality of the litigation and whether it
relates to a prior assurance engagement
 It may be possible to continue with the

engagement by discussing the matter with the
client and having an appropriate, independent
reviewer review the audit work
 If safeguards cannot be implemented,

withdraw from the engagement
67
Chapter 4
68
Question 2
You are an auditor in St Bernard & Co. Your firm has been approached by
Dalmatian Co to perform the external audit. The directors of Dalmatian Co
have requested that the audit fee is calculated as a percentage of the final
profit for the year. They have suggested that if the audit goes smoothly and if
the fee is acceptable, they will take the audit team to a major sporting event
with all expenses paid. The directors have also requested that the audit
engagement partner attends the monthly board meetings to support the
finance director with financial reporting and audit matters which arise.
Required:
Explain the ethical threats which may arise if the firm accepts the audit
of Dalmatian Co and for each threat suggest a safeguard to reduce the
risk to an acceptable level.
This question allows you to demonstrate the skills of Ethics, integrity and
Communication.
Solution
Threat Safeguard
Contingency fee
The directors of Dalmatian Co have The auditor must decline the

requested that the audit fee is request for a contingent fee and
calculated as a percentage of the final explain to the client that the audit
profit for the year. This is a fee cannot be based on profit. The
contingency fee and creates a self- audit fee must be calculated based
interest threat as the auditor may be on cost of the audit staff assigned
reluctant to communicate adjustments to the audit for the time required to
which would reduce profit and perform the audit plus any
therefore the audit fee. additional costs to be incurred e.g.
travel costs.
69
Chapter 4
Solution continued
Threat Safeguard
Invitation to major sporting event
The directors have suggested that if An all-expenses paid trip to a

the audit goes smoothly and if the fee major sporting event is unlikely
is acceptable, they will take the audit to be considered trivial and
team to a major sporting event with all inconsequential, therefore
expenses paid. The offer of gifts and should not be accepted.
hospitality creates a self-interest
threat. The might not want to raise
contentious issues with the client to
ensure the audit goes smoothly so
they get to go to the sporting event.
It can also create a familiarity threat as

the auditor may exercise less
professional scepticism as a result of
the offer.
Attendance at monthly board

meetings
The directors have also requested that The request must be declined as
the audit engagement partner attends the audit engagement partner
the monthly board meetings to support should not attend board meetings
the finance director with financial or assume any management
reporting and audit matters which responsibilities.
arise. This creates self-interest, self-
review and familiarity threats.
Decisions made at the board meetings
would be subject to scrutiny during the
audit and the audit team may be too
trusting of the decisions given the
influence of the audit engagement
partner. The audit engagement partner
may act in a manner that ensures a
good relationship with the client to
ensure reappointment when the time
comes.
70
Illustrations and further practice
More examples of threats and safeguards are given in Chapter 4 of

the Study Text.
71
Chapter 4
1.6 Confidentiality
The auditor has a duty of confidentiality which must not be breached except in certain
circumstances.
Disclosure of confidential information should only be made if:
(a) Disclosure is permitted by law and is authorised by the client or the employer.
(b) Disclosure is required by law, for example:
 Production of documents or other provision of evidence in the course of

legal proceedings.
 Disclosure to the appropriate public authorities of infringements of the law

that come to light.
(c) There is a professional duty or right to disclose, when not prohibited by law:
 To comply with the quality review of ACCA or another professional body.
 To respond to an inquiry or investigation by ACCA or a regulatory body.
 To protect the professional interests of a professional accountant in legal

proceedings.
 To comply with technical standards and ethics requirements.
72
1.7 Conflicts of interest
A conflict of interest arises when the same audit firm is appointed for two companies
that interact with each other, for example:
 Companies that compete in the same market
 Companies which trade with each other
Where a conflict of interest exists, the firm’s work should be arranged to avoid the
interests of one being adversely affected by those of another and to prevent a breach
of confidentiality.
In order to ensure this, the firm must:
1 Notify all affected clients of the conflict and obtain their consent to act.
2 Implement safeguards to manage the threat.
The following safeguards should be considered:
 Separate engagement teams (with different engagement partners and team

members).
 Procedures to prevent access to information, e.g. physical separation of the

team members by using teams from different offices of the firm, and
confidential/secure data filing.
 Signed confidentiality agreements by the engagement team members.
 Regular review of the application of safeguards by an independent partner.
If effective safeguards cannot be implemented, the firm must decline, or resign from
one or more conflicting engagements.

Now try TYU question 1 from Chapter 4 in the Study Text.
73
Chapter 4
74
Acceptance
2.1 Accepting/continuing an audit engagement
An audit firm should only take on clients and work of an appropriate level of risk.
The following matters should be considered before accepting a new engagement or

client.
Professional Independence Management

clearance and objectivity integrity
Preconditions Money
for an audit laundering
Acceptance
considerations
Reputation of
Resources
the client
Professional
Fees Risks
competence
Continuance
Once the audit is complete, the audit firm must revisit the acceptance considerations
to ensure it is appropriate to continue with the engagement for the following year.
75
Chapter 4
2.2 Professional clearance
If offered an audit role, the prospective audit firm must obtain

professional clearance from the outgoing auditor.
The process for obtaining professional clearance is as follow:
 Ask the client for permission to contact the existing auditor (and refuse the
engagement if the client refuses).
 Contact the outgoing auditor, asking for all information relevant to the decision
whether or not to accept appointment (e.g. overdue fees, disagreements with
management, breaches of laws and regulations, doubt over management
integrity).
 The existing auditor must ask the client for permission to respond to the
prospective auditor.
 If the client refuses permission, the existing auditor should notify the prospective
auditor of this fact.
 If a reply is not received, the prospective auditor should try and contact the
outgoing auditor by other means e.g. by telephone.
 If a reply is still not received, the prospective auditor may still choose to accept
but must proceed with care.
 If a reply is received, consider the outgoing firm's response and assess if there
are any ethical or professional reasons why they should not accept
appointment.
The outgoing firm must:
 Seek client permission to communicate with the prospective auditor.
 Respond to requests for information.
 Either state that there are no matters of which the prospective auditor should be
aware, or set out any such matters.
76
2.3 Preconditions for an audit
Auditors should only accept a new audit engagement, or continue an existing audit
engagement if the 'preconditions for an audit' required by ISA 210 Agreeing the
Terms of Audit Engagements are present.
ISA 210 requires the auditor to:
 Determine whether the financial reporting framework to be applied in the

preparation of the financial statements is acceptable.
 Obtain the agreement of management that it acknowledges and understands its

responsibilities for the following:
– Preparing the financial statements in accordance with the applicable

financial reporting framework.
– Internal control necessary for the preparation of the financial statements to

be free from material misstatement.
– Providing the auditor with access to information relevant for the audit and
access to staff within the entity.
If the preconditions for an audit are not present, the auditor should discuss the matter
with management, and should not accept the engagement unless required to do so
by law or regulation.
77
Chapter 4
2.4 Engagement letters
 The engagement letter specifies the nature of the contract between the audit
firm and client.
 The engagement letter must be signed before the audit commences.
Engagement letter
Purpose Main contents
 Objective and scope

 Minimise the risk of
misunderstandings  Responsibilities
 Confirm acceptance of  Financial reporting
the engagement framework
 Set out the terms and  Form and content of
conditions reports
Additional contents
 Basis of fees
 Reference to
professional
standards
 Need for a written

representation letter
 Limitations of an audit
78
Changes to the engagement letter
The engagement letter must be reviewed each year to ensure it is up to date.
The auditor should issue a new engagement letter if the scope or context of the
assignment changes after initial appointment.
Reasons for issuing a new engagement letter include:
 Changes to statutory duties due to new legislation
 Changes to professional duties, for example, due to new or updated auditing

standards
 Changes to other services as requested by the client
In addition, the auditor may need to remind the client of the engagement terms if:
 There have been recent changes in senior management
 There are indications that the client does not understand the engagement terms
 There has been a significant change in ownership

Look at Illustration 2 in Chapter 4 of the Study Text which shows
the wording of an engagement letter.
79
Chapter 4
Question 3
Explain WHY the following factors should be considered by the auditor
prior to accepting a new audit client.
Pre-acceptance factors Explanation
The outgoing auditor’s response
Management integrity
Pre-conditions for an audit

This question allows you to demonstrate knowledge of Legislation and
the behaviour of Professional scepticism.
Solution
Pre-acceptance Explanation
factors
The outgoing The auditor should consider the outgoing auditor’s
auditor’s response response to assess whether there are any ethical
or professional reasons why the firm should not
accept appointment.
Management integrity If the auditor has reason to believe that

management lack integrity, there is a greater risk of
fraud and intimidation and the audit should not be
accepted.
Pre-conditions for an The auditor can only accept an audit engagement if
audit the preconditions are present. The preconditions
confirm that management will use an acceptable
financial reporting framework for preparing the
financial statements and confirms that management
acknowledges and understands its responsibilities
for:
 Internal control necessary for the preparation

of the financial statements
 Providing the auditor with access to

information relevant for the audit.
80
81
Chapter 4
You should now be able to answer TYU questions 2, 3, 4 and 5 from the Study
Text.
Knowledge Check Test: Audit framework and regulation on MyKaplan.
Study Text Chapter 16: TYU questions 1 and 2.
82
Chapter 5
Risk
Outcome
 explain the need to plan and perform audit engagements with an attitude of
professional scepticism, and to exercise professional judgment
 explain the components of audit risk
 describe the audit risks in the financial statements and explain the auditor’s
response to each risk
 define and explain the concepts of materiality and performance materiality
 explain and calculate materiality levels from financial information
 explain how auditors obtain an initial understanding of the entity, its

environment and the applicable financial reporting framework
 describe and explain the nature, and purpose of, analytical procedures in
planning
 compute and interpret key ratios used in analytical procedures
83
Chapter 5
One of the PER performance objectives (PO18) is to is to

prepare for and plan the audit process. You plan and control the
engagement process, including the initial investigation. You also
plan and monitor the audit programme – legally and ethically.
Working through this chapter should help you understand how to
demonstrate that objective.
84
Risk
Overview
Audit risk
Professional RISK
Materiality
scepticism ASSESSMENT
Understanding Analytical
the entity procedures
85
Chapter 5
Components of audit risk
1.1 Audit risk model
Audit risk: the risk that the auditor expresses an inappropriate opinion
on the financial statements. Audit risk comprises the risk of material
misstatement and detection risk.
AUDIT RISK
Risk of material
Detection risk
misstatement
Non-
Inherent Control Sampling
sampling
risk risk risk
risk
Audit risk = Inherent risk × Control risk × Detection risk

The auditor can only influence detection risk, as inherent risk and
control risk are influenced by the client. In order to reduce audit risk to
an acceptable level, the auditor must reduce detection risk, for example,
by assigning more experienced people to the audit team, performing a
wider range of procedures and testing larger sample sizes.
86
Risk
1.2 Risk of material misstatement
Risk of material misstatement: the risk that the financial statements

are materially misstated prior to the audit commencing.
The financial statements may be materially misstated for 3 main reasons:
 Numbers are misstated – e.g. overstatement of receivables due to bad debts

not being written off, or controls not working effectively at preventing, detecting
and correcting misstatements when financial information is entered into the
accounting system or when the financial statements are prepared.
 Disclosures are missing or inadequate – e.g. going concern disclosures being

omitted.
 The basis of preparation is inappropriate – the going concern basis has been
used when the break up basis should have been used.
Risk of material misstatement comprises inherent risk and control risk.
87
Chapter 5
1.3 Inherent risk
Inherent risk: the susceptibility of an assertion about transactions,

balances or disclosure to a misstatement that could be material, before
consideration of any related internal controls.
Inherent risk factors may be qualitative or quantitative. Qualitative inherent risk

factors include:
 Complexity
 Subjectivity
 Change
 Uncertainty
 Susceptibility to misstatement due to management bias.
Balances and transactions will be more susceptible to misstatement if they have a

complex accounting treatment or if the accounting treatment is subjective and relies
on management judgment.
It is essential that the auditor has a good knowledge of the accounting standards in
order to identify if the client’s accounting treatment is wrong resulting in misstatement
of the financial statement figures.
In most cases there is a risk that management may introduce bias and interpret the
requirements of the accounting standard in a way which enables them to show a
desired result, e.g. by overstating assets or revenue.
88
Risk
Below is a list of the main accounting standards examined in the Audit

and Assurance exam with an example audit risk for each standard.
Tutorial note: This is not a complete list of all audit risks that could
arise.
IAS® 1 Presentation of Financial Statements
There is a risk of inadequate disclosure of going concern uncertainties if the directors

do not make such disclosures which are required by IAS 1.
IAS 2 Inventories
There is a risk that inventory may be overstated if the company has not valued the
inventory at the lower of cost and net realisable value. This may be indicated by an
increase in the inventory holding period.
IAS 10 Events After the Reporting Period
There is a risk that receivables are overstated if the company does not adjust the
financial statements in respect of the bankruptcy of a customer after the year end
where that customer is included as a receivable at the year end.
IAS 16 Property, Plant and Equipment
There is a risk of overstatement of property, plant and equipment if expenditure on

repairs is treated as capital expenditure.
IAS 37 Provisions, Contingent Liabilities and Contingent Assets
There is a risk that provisions are overstated if the recognition criteria of IAS 37 have
not been met, e.g. if no obligation exists at the year end.
IAS 38 Intangible Assets
There is a risk that intangible assets are overstated if the recognition criteria of
IAS 38 have not been met for development costs, e.g. if research costs are treated
as development expenditure.
IFRS® 15 Revenue From Contracts With Customers
There is a risk that revenue is overstated if the company has recognised revenue
before the performance obligations within the contract have been fulfilled.
89
Chapter 5
Other accounting standards which are included in the list of examinable

documents but which are not examined regularly are:
 IAS 27 Separate Financial Statements
 IAS 7 Statement of Cash Flows
 IAS 28 Investments in Associates and Joint Ventures
 IFRS 3 Business Combinations
 IFRS 10 Consolidated Financial Statements
90
Risk
Example 1
Inherent risk
At the start of the financial year, Coriander Co introduced a one-year

assurance type warranty on all products sold. A warranty provision has not
been recognised as the finance director has explained that it is too soon to
determine the likely level of claims. Provision liabilities and expenses are
understated as a provision should have been made based on the experience
of claims made during the year.
This example demonstrates the behaviour of Professional scepticism.
91
Chapter 5
1.4 Control risk
Control risk: the risk that a misstatement is not prevented, detected or

corrected by the entity’s controls.
The client should have controls in place, such as authorisation, segregation of duties,
reconciliations, physical access controls etc. to prevent and detect misstatements
occurring when transactions are initiated, processed and recorded.
If effective controls are in place, the control system will either prevent the
misstatements from occurring, or will detect misstatements that have occurred and
the client can take action to correct them.
If controls are not working effectively or are not in place, control risk will increase and
there will be a greater risk of misstatements occurring in the financial statements.
Controls are covered in more detail in the chapter ‘Systems and controls’.
Example 2
Control risk
On a weekly basis, the financial accountant of Saffron Co performs a bank

reconciliation. Any discrepancies are identified, investigated and resolved.
The bank reconciliation is then reviewed by the financial controller.
This control process reduces the risk of errors in the cash book and therefore
reduces the risk of misstatement of the cash figure in the financial statements.
This example demonstrates knowledge of Assurance, risk and control.
92
Risk
1.5 Detection risk
Detection risk: is the risk that the procedures performed by the auditor
do not detect a misstatement that exists and could be material.
Detection risk is made up of sampling and non-sampling risk.
 Sampling risk: the risk that the conclusion drawn from the results of a sample
test is different from the conclusion that would have been drawn had the whole
population been tested.
 Non-sampling risk: the risk of drawing the wrong conclusion for other reasons.
Non-sampling detection risks include situations such as:
 First year of auditing the client therefore a lack of cumulative knowledge and
experience.
 The client is putting the auditor under undue time pressure resulting in the audit
being rushed and misstatements possibly going undetected.
 The client operates from multiple sites and the auditor may not be able to visit
each site during the audit to obtain audit evidence.
Detection risk is influenced by the auditor in the way they respond to the risk
assessment. This is covered in section 3.3 of this chapter.
Example 3
Detection risk
Harissa Co, an audit client, operates in 25 locations around the country.

Material amounts of inventory are stored in ten of the locations. Your firm does
not have sufficient resource available to attend the inventory counts in all
locations and therefore counts in only seven locations will be attended.
Detection risk of the auditor is increased as they will not be able to confirm
existence and completeness of inventory in the locations not visited, therefore
will be less likely to detect if inventory is materially misstated.
93
Chapter 5
94
Risk
Materiality
Materiality: Misstatements, including omissions, are considered to be

material if they, individually or in the aggregate, could reasonably be
expected to influence the economic decisions of users taken on the
basis of the financial statements.
Materiality
By size By nature
 ½ – 1 % Revenue  Compliance with laws

and regulations
 5 – 10% Profit
 Compliance with debt
 1 – 2 % Total assets covenants
 Turn a profit to a loss
 Transactions with
directors
Performance materiality is an amount set at less than materiality for

the financial statements as a whole, to reduce the risk that the
aggregate of smaller misstatements in individual account balances or
classes of transactions could exceed materiality for the financial
statements as a whole.
95
Chapter 5
Question 1
Materiality
You are planning the audit of Nutmeg Co a company with a profit before tax of
$115,000 and total assets of $600,000. During your planning meeting with the
client you are told the following information:
1 A customer owing a debt of $5,000 has gone bankrupt and Nutmeg Co
will not receive payment for this debt. The finance director has informed
you that the debt will be written off in next year’s financial statements.
2 An error during the manufacturing process has resulted in inventory
worth $7,500 failing to meet quality control checks. The inventory cannot
be used or sold and will be scrapped post year end.
3 Invoices totalling $5,750 have not been recorded in the accounting
system.
4 Laws and regulations require disclosure of directors’ salary and bonuses
in the notes to the financial statements. The directors have agreed to
disclose salary details but do not wish to disclose bonuses.
Comment on whether each of the issues above are material to the
Solution
1 The debt of $5,000 represents 4.3% of profit before tax and 0.8% of total
assets. This is not material as it is less than the materiality thresholds for
both profit and total assets.
2 The inventory of $7,500 represents 6.5% of profit before tax and 1.25%
of total assets. This is material as it exceeds the materiality thresholds
for both profit and total assets.
3 The invoices of $5,750 represent 5% of profit before tax and 0.96% of

total assets. This is material to profit although not material to total assets.
This should be treated as material by the auditor.
4 Disclosure of transactions between the company and the directors such

as salaries and bonuses are material by nature. Therefore, even though
we have not been told the amount of the bonuses, the lack of disclosure
will mean the financial statements are materially misstated.
96
Risk
97
Chapter 5
Risk assessment
3.1 Purpose of risk assessment
 Identify areas of the financial statements where misstatements are likely to

occur early in the audit.
 Plan procedures that address the significant risk areas identified.
 Carry out an efficient, focused and effective audit.
 Reduce the risk of issuing an inappropriate audit opinion to an acceptable level.
 Minimise the risk of reputational and punitive damage.
3.2 Risk assessment procedures
 Enquiries with management, of appropriate individuals within the internal audit

function (if there is one), and others (with relevant information) within the client
entity (e.g. about external and internal changes the company has experienced)
 Analytical procedures
 Observation (e.g. of control procedures)
 Inspection (e.g. of key strategic documents and procedural manuals).
98
Risk
3.3 Responses to risk assessment
 Emphasising the need for professional scepticism. This means demonstrating

an attitude that includes a questioning mind, being alert to conditions which may
indicate possible misstatement due to fraud or error, and a critical assessment
of audit evidence.
 Assigning more experienced staff to complex or risky areas of the engagement.
 Changes to the nature, timing and extent of direction and supervision.
 Incorporating additional elements of unpredictability in the selection of further

audit procedures.
 Making changes to the overall audit strategy, e.g.
– The auditor’s determination of performance materiality.
– Placing less reliance on the results of systems and controls testing.
– Performing more substantive procedures.
– Consulting external experts on technically complex or contentious matters.
The responses above are the methods used by the auditor to reduce
detection risk, and as a result, audit risk.
99
Chapter 5
Understanding the entity
The entity The environment
 Organisational structure  Industry conditions

 Governance  Complex laws and
 The business model and regulations
business risks that affect  Impact of new legislation
the financial statements  Competition
 Objectives and strategies  Economic conditions
 Incentives and pressures  Product technology
 Changes in key personnel  Cyclical or seasonal activity
 Key customers and  Operations exposed to
suppliers volatile markets
 Financing activities
What the auditor

should understand
The applicable financial The entity’s system of

reporting framework internal control
 Industry-specific practices  Control environment

 Revenue recognition  The entity’s risk
 Financial instruments assessment process
 Foreign currency  The entity’s process to
 Unusual or complex monitor internal controls
transactions  The information system
 Expected changes in  Control activities
financial reporting  Control deficiencies
 Areas for which there is a  The internal audit function
lack of authoritative  The use of IT in the
guidance internal control system
100
Risk
Your firm The client
Partner Discussion
Manager briefing Observation
Industry experts Website/brochures
Last year’s team Analytical procedures
How to obtain an
understanding
You Other
Past experience Industry surveys

Credit reference agencies
Companies House
Internet search
101
Chapter 5
Analytical procedures
5.1 Definition
Evaluations of financial information through analysis of plausible

relationships among both financial and non-financial data and
investigation of identified fluctuations, inconsistent relationships or
amounts that differ from expected values.
5.2 Purpose of preliminary analytical procedures
Analytical procedures are used at the planning stage to:
 Assist in assessing the risks of material misstatement in order to provide a basis

for designing and implementing responses to the assessed risks
 Help identify the existence of unusual transactions or events, and amounts,

ratios, and trends that might indicate matters that have audit implications
 Assist the auditor in identifying risks of material misstatement due to fraud.
5.3 Performing analytical procedures
Analytical procedures include comparisons of the entity’s financial information with,

for example:
 Comparable information for prior periods.
 Anticipated results of the entity, such as budgets or forecasts, or expectations of

the auditor, such as an estimation of depreciation.
 Similar industry information, such as a comparison of the entity’s ratio of sales

to accounts receivable with industry averages or with other entities of
comparable size in the same industry.
Data analytics can be used to perform analytical procedures such as comparison of

actual amounts with budgeted amounts.
102
Risk
You may be asked to calculate ratios in the exam to help identify

audit risks.
You will not receive a formula sheet in the exam therefore you
must learn the ones given below.
Performance
Ratio Formula Indicator of risk
An increase in gross
profit margin may
Gross profit Gross profit indicate overstatement of
margin × 100% revenue or
Revenue
understatement of cost
of sales
An increase in operating
profit margin may
Operating profit Operating profit indicate overstatement of
margin × 100% revenue or
Revenue
understatement of
expenses
An increase in ROCE
Return on
Operating profit may indicate
capital
× 100% overstatement of profit or
employed Equity + Non-current liabilities understatement of non-
(ROCE)
current liabilities
103
Chapter 5
Liquidity
Ratio Formula Indicator of risk
Current assets A decrease in the

Current ratio
Current liabilities current or quick ratio
may indicate cash flow
Current assets excluding inventory problems which could
Quick ratio
Current liabilities impact going concern
An increase in gearing
Debt may indicate too much
Gearing reliance on debt which
Debt + Equity could impact going
concern
Operating profit A decrease in interest

Interest cover cover may indicate
Finance charge going concern issues
104
Risk
Efficiency
Ratio Formula Interpretation
An increase in the trade

Trade
receivables collection
receivables Trade receivables
× 365 period may indicate
collection Revenue overstatement of
period
receivables
An increase in the
inventory holding period
Inventory Inventory
× 365 may indicate
holding period Cost of sales overstatement of
inventory
An increase in the trade

payables payment
Trade payables Trade payables period may indicate
payment period × 365 cash flow problems
Purchases
which could impact
going concern
An increase in asset
turnover may indicate
Revenue overstatement of
Asset turnover
Total assets revenue or
understatement of
assets
105
Chapter 5
Question 2
Analytical procedures
You are an audit senior working on the audit of Lemongrass Co. The following
draft financial information has been provided to you to perform preliminary
analytical procedures.
20X5 20X4
Revenue 247,450 233,500
Gross profit 61,900 49,000
Receivables 24,350 6,500
Payables 17,000 8,500
Inventory 35,000 15,000
Lemongrass Co sells culinary herbs and spices to restaurants and grocery

stores. During the year, a contract was signed with a major supermarket chain
which has put a strain on cash flow. The contract with the supermarket chain
allows a credit period of 30 days compared with 10 days for all other
customers. The new contract also requires that orders can be fulfilled within
24 hours, therefore sufficient inventory must be available at all times.
Required:
Calculate the THREE ratios listed in the table below, for BOTH years, to
assist you in planning the audit of Lemongrass Co.
Note: Formulas are NOT required to be shown.
This question allows you to demonstrate knowledge of Financial
information.
106
Risk
Solution
Results of analytical procedures
20X5 20X4
Trade receivables 36 days 10 days

collection period
(24,350/247,450 × (6,500/233,500 ×
365) 365)
Trade payables 33 days 17 days

payment period*
(17,000/(247,450 – (8,500/(233,500 –
61,900) × 365)) 49,000) × 365))
Inventory holding 69 days 30 days

period*
(35,000/(247,450 – (15,000/(233,500 –
61,900) × 365)) 49,000) × 365))
* Cost of sales has been calculated using revenue minus gross profit
107
Chapter 5
Exam focus
A typical exam question will ask for audit risks and responses of the
auditor to address those risks.
Remember that an audit risk may be a risk of material misstatement or a detection

risk.
When describing a risk of material misstatement your answer should have three
elements to it:
1 The information taken from the scenario which indicates a risk, e.g. the
company has recently upgraded its production facility.
2 Which balances in the financial statement could be wrong and how they could
be wrong, e.g. property, plant and equipment may be overstated and expenses
understated.
3 A link between points 1 and 2 e.g. because the company may have capitalised
expenditure which should have been expensed.
When describing a detection risk your answer should include:
1 The information taken from the scenario which indicates a detection risk,
e.g. the company is a new audit client.
2 An explanation of why this creates a risk, e.g. the audit firm has no cumulative
knowledge and experience of the company.
3 A statement that this increases the detection risk of the auditor.
108
Risk
A common mistake that students make in exams is to explain business risks rather
than audit risks. Business risks are not examinable in this syllabus. Take care to
ensure your answer is relevant to the requirement.
Factor Audit risk NOT Audit risk

Customers are Receivables may be overstated Bad debts may arise
struggling to pay and expenses understated if bad reducing the profits of
debts debts are not written off the company
The client operates Inventory may be overstated and Inventory may have to
in a fast paced expenses understated if the be written off reducing
industry inventory is obsolete and net the profits of the
realisable is lower than cost company
The company has There may be inadequate The company may not
cash flow problems disclosure of going concern be a going concern
uncertainties in the financial
statements
Another common mistake is to suggest a response that is not an auditor response or

is an auditor response not directly relevant to the risk given.
Audit risk Relevant auditor response Irrelevant response

Receivables may be Inspect after date cash receipts Obtain external
overstated and from customers confirmation from
expenses understated customers
if bad debts are not
written off
Inventory may be Obtain the aged inventory The company should
overstated and listing and review for old items. discount the inventory
expenses understated Discuss with management the in order to sell it
if the inventory is need for these items to be
obsolete and net written down
realisable is lower than
cost
There may be Review cash flow forecasts and Perform ratio analysis
inadequate disclosure evaluate the reasonableness of and review past
of going concern the assumptions performance of the
uncertainties in the company
109
Chapter 5
Question 3
Audit risk
Required:
Using the information provided and the ratios calculated in Question 2,

describe THREE audit risks and explain the auditor’s response to each
risk in planning the audit of Lemongrass Co.

control and the behaviour of Professional scepticism.
Solution
Audit risk Auditor’s response
Receivables Inspect post year end bank statements

to identify if receivables have paid.
The trade receivables collection period
has increased from 10 days to Review the aged receivables listing for
36 days. This is likely to be caused by old debts and discuss the need for
the more generous credit terms given allowance with management.
to the supermarket chain. However,
receivables may be overstated if
sufficient allowance for expected credit
losses has not been made.
Payables Review cash flow forecasts prepared

by management and perform
The trade payables payment period sensitivity analysis to assess whether
has increased from 17 days to the company is likely to be able to pay
33 days. This is likely to be caused by its debts when they fall due.
the impact on cash flow from the new
supermarket contract. If the cash flow Discuss with management how they
issues are significant enough to cause plan to resolve the cash flow issues
uncertainty over going concern, there and obtain written representation
is an audit risk due to lack of confirming they have disclosed all
disclosure. going concern uncertainties to the
auditor.
110
Risk
Inventory Review post year end sales invoices

to identify net realisable value and
The inventory holding period has compare with cost to ensure the
increased from 30 days to 69 days. inventory has been valued
This is likely to be caused by the need appropriately.
to keep more inventory to fulfil orders
within 24 hours as required by the new Review the aged inventory listing for
supermarket contract. If demand is not slow-moving inventory and discuss the
as high as anticipated, inventory may need for write-down with
be at risk of overvaluation if it is not management.
written down to the lower of cost and
net realisable value.
111
Chapter 5
Question 4
Following discussions with one of your firm’s clients, a jewellery manufacturer,
the audit engagement partner has advised that valuation of inventory has
been identified as an area of increased risk of material misstatement due to
concerns over the net realisable value of certain products.
Which of the following matters disclosed by the client is an indicator

that net realisable value could be lower than cost?
A General market prices for individual gemstones have remained static for
the last three years
B Demand for certain items of jewellery has increased marginally over the
past year
C Trade discounts given by suppliers have increased in the past year
D There has been an increase in the average time taken to manufacture

each individual jewellery piece
This question allows you to demonstrate knowledge of Financial

information.
Solution
The correct answer is D
An increase in the average time to manufacture individual items is likely to

increase the costs of production (labour and other direct production costs)
meaning costs will rise relative to the net realisable value.
The other answers are incorrect for the following reasons:
The general market price for individual stones remaining static will have no
impact on net realisable value or cost.
An increase in demand for completed items should increase the net realisable
value in comparison to cost.
An increase in trade discounts will reduce the cost of gems being bought for
manufacture into jewellery items therefore should increase the difference
between net realisable value and cost.
112
Risk
Now try TYU question 1 from Chapter 5 in the Study Text.
113
Chapter 5
You should now be able to answer TYU questions 2, 3, 4, 5 and 6 from the
Study Text.
114
Chapter 6
Planning
Outcome
 identify the overall objectives of the auditor and the need to conduct an audit in
accordance with ISAs
 identify and explain the need for, benefits of and importance of planning an
audit
 identify and describe the contents of the overall audit strategy and audit plan
 explain and describe the relationship between the overall audit strategy and the
audit plan
 explain the difference between an interim and final audit
 describe the purpose of an interim audit, and the procedures likely to be

adopted at this stage in the audit
 describe the impact of the work performed during the interim audit on the final
audit
 discuss the effect of fraud and misstatements on the audit strategy and extent
of audit work
 discuss the responsibilities of internal and external auditors for the prevention
and detection of fraud and error
 explain the auditor’s responsibility to consider laws and regulations
 explain the overall objectives and importance of quality management

procedures in conducting an audit
115
Chapter 6
 explain the quality management procedures which should be in place over

engagement resources, engagement performance, monitoring and remediation
and compliance with ethical requirements
 evaluate quality management deficiencies and provide recommendations to

allow compliance with quality management requirements
 explain the need for, and the importance of, audit documentation
 describe the form and contents of working papers and supporting

documentation
 explain the procedures to ensure safe custody and retention of working papers
One of the PER performance objectives (PO18) is to is to

prepare for and plan the audit process. You plan and control the
engagement process, including the initial investigation. You also
plan and monitor the audit programme – legally and ethically.
Working through this chapter should help you understand how to
116
Planning
Overview
Audit Audit Interim and

Purpose
strategy plan final audit
PLANNING
Fraud
Laws and
regulations
Quality
management
Documentation
117
Chapter 6
Planning process
1.1 Benefits of planning
 Attention is devoted to important areas
 Potential problems are identified and resolved on a timely basis
 The audit is organised to ensure it is performed in an effective and efficient way
 Staff with an appropriate level of competence can be selected
 Facilitates direction, supervision and review of audit work
 Coordinates the work of others such as experts and internal audit.
Planning ensures that the risk of performing a poor quality audit (and ultimately giving
an inappropriate audit opinion) is reduced to an acceptable level.
In order to achieve the overall objectives of the auditor, the audit must be conducted
in accordance with auditing standards.
1.2 Conducting the audit in accordance with auditing standards
 Ensures that the auditor is fulfilling all of their responsibilities.
 Allows a user to have as much confidence in one auditor's opinion as another's

and therefore to rely on one audited set of financial statements to the same
extent that they rely on another.
 Ensures that the quality of audits internationally, is maintained to a high

standard (thereby upholding the reputation of the profession).
 Provides a measure to assess the standard of an auditor's work (necessary

when determining their suitability as an authorised practitioner).
118
Planning
Example 1
Benefits of planning
During the audit of Louvre Co the following issues have been found:
Issue Explanation
During the year, the company took Had the audit been planned
out a bank loan however no properly, the auditor would have
procedures were included in the identified that a loan had been
audit plan as audit procedures for taken out and audit procedures
the current year were copied over would have been included in the
from the prior year audit file. This audit plan and the work performed
was only identified towards the end at the appropriate time rather than
of the audit. being rushed towards the end of
the audit.
An audit junior was assigned to the Had the audit been planned
audit of receivables as this balance properly, it would have been
has previously not been material identified that receivables was a
due to the company making 95% of more material balance this year
its sales on a cash basis. During the and a more senior audit team
year, the company allowed all member could have been assigned
customers to pay within 30 days to this section.
and most customers have used this
credit period. Receivables is now a
material balance and has increased
ten-fold compared with the prior
year.
As no significant changes were The additional procedures required
expected this year, the same for the audit of the bank loan and
amount of time has been budgeted receivables will require additional
for the audit as in the prior year. time. There may be other risks
present this year as compared with
last year meaning additional time
should have been allowed.
Audit quality has suffered due to the auditor demonstrating a lack of

professional scepticism by simply rolling forward the prior year audit
procedures and allowing the same amount of time as the previous year
without consideration of changes that have occurred during the year.
119
Chapter 6
120
Planning
1.3 Audit strategy
Reporting
objectives,
timing and
communication
 Timetable for Significant

Characteristics reporting factors,
of the  Communication preliminary
engagement with client, team engagement
and 3rd parties activities
 Materiality
 FR framework
 Risk assessment
 Industry Audit
reporting  Internal controls
strategy
 Need for
 Knowledge of
business scepticism
 Changes in laws
 Internal audit
and regulations
 Service  Significant
organisation Nature, timing developments
and extent of
 Automated tools resources
and techniques
 Availability of
client staff
 Selection of
audit team
 Budget
121
Chapter 6
1.4 Audit plan
The strategy sets the overall approach to the audit; the plan fills in the operational
details of how the strategy is to be achieved.
The audit plan should include specific descriptions of:
 The nature, timing and extent of the planned direction and supervision of
engagement team members and the review of their work.
 The nature, timing and extent of risk assessment procedures.
 The nature, timing and extent of further audit procedures, including:
– What audit procedures are to be carried out
– Who should do them
– How much work should be done (sample sizes, etc.)
– When the work should be done (interim vs. final)
 Any other procedures necessary to conform to auditing standards.
1.5 Interim and final audits
Interim audit Final audit
Timing Completed part way through a Takes place after the year-end at
client's accounting year a time agreed with the client
(i.e. before the year-end). which enables them to file their
financial statements with the
Early enough not to interfere with relevant authorities by the
year-end procedures at the client required deadline.
and to give adequate warning of
specific problems that need to be Generally a client would not want
addressed in planning the final the auditor to be performing the
audit. audit at the year-end as this will
cause disruption for the client’s
Late enough to enable sufficient year-end procedures.
work to be done to ease the
pressure on the final audit.
122
Planning
Interim audit Final audit
Purpose Allows the auditor to spread out To obtain sufficient appropriate

their procedures and enables evidence in respect of the
more effective planning for the financial statements to enable
final stage of the audit. the auditor’s report to be issued.
Useful when there is increased The auditor’s report will be

detection risk due to a tight issued once the final audit
reporting deadline. complete and this signifies the
end of the audit.
Work  Documenting systems  Statement of financial

performed position balances which will
 Evaluating controls only be known at the year-
end.
Additional activities that can be
performed include:  Transaction testing for
transactions that have
 Test specific and complete occurred since the interim
material transactions, e.g. audit took place.
purchasing new non-current
assets  Year-end journals which
may include adjustments to
 Test transactions such as the transactions tested at
sales, purchases and the interim audit.
payroll for the year to date
 Obtaining evidence that the
 Assess risks that will impact controls tested at the
work conducted at the final interim audit have
audit continued to operate during
the period since the interim
 Attend perpetual inventory audit took place.
counts.
 Completion activities such
as the going concern and
subsequent events reviews,
overall review of the
financial statements and
communication of
misstatements with
management and those
charged with governance.
123
Chapter 6
124
Planning
Impact of interim audit work on the final audit
 If the controls tested at the interim stage provided evidence that control risk is
low, fewer substantive procedures can be performed.
 If substantive procedures were performed at the interim stage, fewer

procedures will be required at the final audit in general.
 As fewer procedures are being performed, the final audit will require less time to
perform.
 The auditor's report can be signed closer to the year-end resulting in more
timely reporting to shareholders.
 If the interim audit identified areas of increased risk, for example, controls were
found not to be working effectively, increased substantive procedures will be
required at the final audit.
125
Chapter 6
Question 1
Which of the following does NOT appear in the audit strategy?
A Significant developments affecting the entity and its environment
B Consideration of whether the entity uses a service organisation
C Audit procedures in respect of payroll
D Consideration of skills and experience required in the audit team

and control and Legislation.
Solution
Audit procedures are included in the audit plan. Audit procedures are
designed once the audit strategy has been developed. In relation to payroll,
audit procedures included in the audit plan will depend on factors such as the
auditor’s assessment of internal controls and whether the entity uses a service
organisation. These factors are part of the audit strategy.
126
Planning
Question 2
It is 1 July 20X5. You are an audit manager responsible for the audit of
Smithsonian Co. The company has a year ending 30 September 20X5. An
interim audit is to be performed in August. The following events took place
during the year to date:
From December 20X4, the company extended its credit terms for customers
from 10 days to 30 days. As a result, a larger sample of customers will be
selected for external confirmation of year end balances.
Payroll was outsourced to a service provider with all data being transferred in
January 20X5 and the first payroll payments processed in February.
Significant plant and machinery was replaced in April 20X5 with surplus
assets being sold in May 20X5.
Which THREE of the following audit activities could be performed at the

interim audit in August?
A Obtain confirmation of year end receivables balances
B Test the accuracy of the data transfer to the payroll service provider
C Test controls over payroll processing at the service provider
D Perform final analytical procedures
E Testing of non-current asset additions and disposals
This question allows you to demonstrate the behaviour of Flexibility.
Solution
The correct answer is B, C and E.
The interim audit will be performed before the year end therefore the year end
receivables balances will not be known and cannot yet be tested.
Final analytical procedures are performed at the completion stage of the audit
therefore cannot be performed at this stage. Preliminary analytical procedures
could be performed at the interim audit using management accounts.
127
Chapter 6
128
Planning
Fraud and error
2.1 Definition
Fraud is an intentional act by one or more individuals among

management, those charged with governance, employees or third
parties, involving the use of deception to obtain an unjust or illegal
advantage.
Fraud can be split into two types:
 Fraudulent financial reporting – deliberately misstating the financial

statements to make the company's performance or position look better/worse
than it actually is.
 Misappropriation – the theft of a company’s assets such as cash or inventory.
Error is an unintentional misstatement.
129
Chapter 6
2.2 Responsibilities in respect of fraud and error
Directors Auditors
 Primary responsibility for the  Obtain reasonable assurance that

prevention and detection of fraud the financial statements, taken as
a whole, are free from material
 Implement an effective system of misstatement, whether caused by
internal control fraud or error
 Create a culture of honesty, ethical  Identify and assess the risks of

behaviour, and active oversight by material misstatement due to fraud
those charged with governance
 Maintain an attitude of professional
 Consider the need for an internal scepticism
audit department to act as a
deterrent for fraud  Consider potential for
management override of controls
 Internal audit may be used to:
 Discuss among the engagement
– Test the effectiveness of team, the client's susceptibility to
internal controls at preventing fraud
and detecting fraud and error
 Consider any incentives or
– Perform fraud investigations opportunities to commit fraud
– Perform surprise asset  Enquire how management

counts to identify assesses and responds to the risk
misappropriation of fraud
 Enquire of the client if they are

aware of any actual or suspected
fraudulent activity
Under current regulations, there is an unavoidable risk that some

material misstatements may not be detected even if properly planned in
accordance with ISAs as fraud is likely to be concealed. However, this
is an area under review due to public pressure that auditors should be
doing more to detect fraud and therefore auditor responsibilities may
increase in future.
130
Planning
2.3 Responses to assessed risks
 Use suitably experienced staff to audit areas of particular risk.
 Evaluate whether the accounting policies of the entity indicate fraudulent

financial reporting.
 Make audit procedures unpredictable so the client cannot hide fraud in areas
the auditor is not expected to test.
2.4 Audit procedures
 Review year-end journals and adjustments as these may be used to manipulate

the figures in the financial statements.
 Review accounting estimates and areas of management judgment for evidence

of bias.
 Review transactions outside the normal course of business which indicate

fraudulent financial reporting.
 Obtain written representation from management and those charged with

governance that they:
– acknowledge their responsibility for internal controls to prevent and detect

fraud
– have disclosed to the auditor the results of management’s fraud risk

assessment
– have disclosed to the auditor any known or suspected frauds
– have disclosed to the auditor any allegations of fraud affecting the entity’s
131
Chapter 6
2.5 Reporting of fraud
Those
3rd
Management charged with Shareholders
parties
governance
Communicate If the suspected If there is a

By modifying the
the fraud on a fraud involves duty to
auditor’s opinion
timely basis management report
2.6 Withdrawal from the engagement
In exceptional circumstances the auditor may consider it necessary to withdraw from

the engagement. This may be if fraud is being committed by management or those
charged with governance and therefore casts doubt over the integrity of the client
and reliability of representations from management.
The auditor should seek legal advice first as withdrawal may also require a report to
be made to the shareholders, regulators or others.
132
Planning
Question 3
It is 1 July 20X5. You are an audit manager responsible for the audit of
Rijksmuseum Co. The company has a year ending 30 September 20X5.
During the planning meeting with the finance director you are told that the
company is planning to list on a stock exchange in the next year. Manipulation
of the financial statements in order to make the listing successful has been
deemed a significant risk.
Which of the following is NOT an appropriate action to take in response

to the increased risk of fraudulent financial reporting?
A Increase cut-off testing for revenue and expenses
B Obtain a written representation from management confirming

management’s responsibility in respect of fraud
C Increase professional scepticism
D Withhold issuing the auditor’s report until after the stock exchange listing

Assurance, risk and control.
Solution
The correct answer is D.
Management may manipulate the financial statement figures through

inappropriate cut-off e.g. by bring revenue from next year into this year or
delaying recording expenses for this year and including them in next year’s
accounting records. Therefore increased cut-off testing should be performed.
A written representation in respect of fraud is required by ISA 240.
The auditor should always exercise professional scepticism when performing

the audit and this should be increased when there is a risk of fraud.
The auditor should not delay issuing the auditor’s report. If the auditor believes
the financial statements are materially misstated, or if they are unable to
obtain sufficient appropriate evidence, they should issue a report containing a
modified opinion. If they believe the fraud is so significant that they cannot
issue a report they should withdraw from the engagement.
133
Chapter 6
134
Planning
Laws and regulations
Guidance regarding responsibility to consider laws and regulations in an audit of

financial statements is provided in ISA 250 Consideration of Laws and Regulations in
an Audit of Financial Statements.
Non-compliance with laws and regulations may lead to material misstatement if

liabilities for non-compliance are not recorded, contingent liabilities are not disclosed,
or if it leads to going concern issues which would require disclosure or affect the
basis of preparation of the financial statements.
3.1 Definition
Non-compliance means acts of omission or commission by the entity,

either intentional or unintentional, which are contrary to the prevailing
laws or regulations. Non-compliance must specifically relate to the
business activities.
3.2 Responsibilities
Directors Auditors
 Responsible for ensuring the entity  Obtain sufficient appropriate

complies with relevant laws and evidence of compliance with laws
regulations and regulations generally
recognised to have a direct effect
 Monitor legal requirements on the financial statements
(e.g. accounting standards)
 Develop internal controls to ensure
compliance  Perform specified procedures to
help identify instances of non-
compliance with other laws and
regulations that may have a
material effect on the financial
statements (e.g. health and safety
regulations)
 Respond appropriately if non-

compliance is identified or
suspected
135
Chapter 6
136
Planning
3.3 Procedures
 Obtain a general understanding of the client's legal and regulatory environment.
 Inspect correspondence with relevant licensing and regulatory authorities.
 Enquire of management and those charged with governance as to whether the

entity is compliant with laws and regulation.
 Remain alert to possible instances of non-compliance e.g. reading board

minutes, inspecting correspondence from lawyers and through performing
substantive procedures.
 Obtain written representation that the directors have disclosed all instances of
known and possible non-compliance to the auditor.
3.4 Identification of non-compliance
When the auditor becomes aware of information concerning a possible instance of

non-compliance with laws or regulations, they should:
 Understand the nature of the act and circumstances in which it has occurred.
 Obtain further information to evaluate the possible effect on the financial

statements by performing the following procedures:
– Enquire of management of the penalties to be imposed.
– Inspect correspondence with the regulatory authority to identify the

consequences.
– Inspect board minutes for management's discussion on actions to be

taken regarding the non-compliance.
– Enquire of the company's legal department as to the possible impact of the

non-compliance.
137
Chapter 6
3.5 Reporting of non-compliance
Those
3rd
Management charged with Shareholders
parties
governance
Communicate If the non- If there is a

the non- compliance is a duty to By modifying the
compliance on a deliberate act by report e.g. to auditor’s opinion
timely basis management a regulator
3.6 Withdrawal from the engagement
The auditor may decide that they need to withdraw from the engagement (i.e. resign
as auditor) if:
 The non-compliance with laws and regulations is so serious that they can no
longer maintain a client relationship.
 There has been a breakdown of trust between the auditor and management.
 The auditor has doubts about the competence of management.
The auditor should seek legal advice before taking this course of action.
138
Planning
3.7 Responding to Non-compliance with Laws and Regulations (NOCLAR)
The ethical standard, Responding to Non-compliance with Laws and

Regulations (NOCLAR), provides guidance to accountants as to the
actions that should be taken if they become aware of an illegal act
committed by a client or employer.
The additional requirements have been introduced to address concerns

that the duty of confidentiality was acting as a barrier to the disclosure
of potential NOCLAR to public authorities in the appropriate
circumstances. Auditors were resigning from client relationships without
NOCLAR issues being appropriately addressed.
NOCLAR sets out responsibilities in relation to:
 Responding to identified or suspected non-compliance
 Communicating identified or suspected non-compliance with other auditors
 Documenting identified or suspected non-compliance.
The aims of the new regulations are to:
 Encourage an earlier response by management or those charged with

governance
 Mitigate adverse consequences for investors, creditors, employees and the

general public
 Enable timelier intervention from public authorities.
139
Chapter 6
Quality management
Relevant
ethical
requirements
Engagement QUALITY Engagement

resources MANAGEMENT performance
Monitoring and
remediation
140
Planning
4.1 Relevant ethical requirements
The firm should ensure compliance with the requirements of the ACCA Code of
Ethics and Conduct covered in the chapter ‘Ethics and acceptance’.
The engagement partner must:
 Identify, evaluate and address ethical threats.
 Remain alert throughout the audit for breaches of ethical requirements.
 Take appropriate action where ethical requirements have not been fulfilled.
 Prior to dating the auditor’s report, take responsibility for determining whether
ethical requirements have been fulfilled.
141
Chapter 6
4.2 Engagement resources
The engagement partner must ensure sufficient and appropriate resources are
assigned or made available to the engagement team.
Engagement resources include:
 Human resources
 Technological resources
 Intellectual resources
Human resources
The engagement team, auditor’s external experts and internal auditors who provide
direct assistance must be competent and capable to perform the audit.
Competence and capabilities includes consideration of:
 Practical experience
 Understanding of professional standards
 Expertise in IT or automated tools and techniques
 Ability to exercise professional scepticism and judgment
 Understanding of the firm’s policies and procedures.
Technological resources
Technological resources include technology to conduct meetings, communication

and automated tools and techniques. The auditor must be careful not to place too
much reliance on those resources.
Intellectual resources
Intellectual resources include audit methodologies, implementation tools, auditing

guides, templates and checklists. These allow for consistent application and
understanding of professional standards.
142
Planning
4.3 Engagement performance
Engagement performance comprises direction, supervision and review

of the engagement.
The audit is performed by the audit team which will consist of a mix of:
 audit juniors who will perform audit procedures over the low risk areas
 audit seniors who will audit the higher risk areas
 an audit supervisor who will be in charge of the audit team out at the client –
this will usually be one of the audit seniors
 an audit manager who will oversee the audit but will not necessarily be out at
the client site each day
 the audit engagement partner who takes ultimate responsibility for the audit
including deciding on the audit opinion.
143
Chapter 6
Example 2
Audit team composition
AUDIT ENGAGEMENT PARTNER
Direction/review
AUDIT MANAGER
Direction/supervision/review
ON-SITE AUDIT SUPERVISOR

TEAM Direction/supervision/review
AUDIT SENIOR AUDIT JUNIOR AUDIT JUNIOR

(3rd year) (2nd year) (1st year)
E.g. Inventory E.g. Receivables/ E.g. Cash/NCA

payables
144
Planning
Direction involves informing team members of their responsibility to:
 Contribute to the management and achievement of quality of the engagement
 Exercise professional scepticism
 Fulfil ethical requirements
 Understand the objectives of the work to be performed
 Address threats to the achievement of quality.
Supervision includes:
 Tracking the progress of the audit to ensure the objective of the work is
achieved and adequate ongoing resources are assigned
 Addressing issues arising and modifying the planned approach accordingly
 Identifying matters for consultation e.g. where the firm lacks appropriate internal
expertise
 Providing coaching to help develop skills and competencies
 Creating an environment where engagement team members can raise concerns

without fear of reprisal.
Review responsibilities include consideration of whether:
 The work has been performed in accordance with professional standards
 Appropriate consultations have taken place
 The work performed supports the conclusions reached
 The evidence obtained is sufficient and appropriate to support the auditor's

report
 The objectives of the engagement procedures have been achieved.
The engagement partner must review audit documentation at appropriate points

during the engagement including documentation of significant matters, significant
judgments and other matters relevant to the engagement partner’s responsibilities.
145
Chapter 6
146
Planning
Engagement Quality Review (EQR)
EQR is an objective evaluation of the significant judgments made by the

engagement team and the conclusions reached thereon, performed by
the engagement quality reviewer and completed on or before the date
of the engagement report.
An engagement quality reviewer is a partner, other individual in the

firm, or an external individual appointed by the firm to perform the
engagement quality review.
Listed entities and other high risk clients should be subject to an engagement quality
review. High risk clients include those which are in the public interest, those with
unusual circumstances and risks, and those where laws or regulations require an
EQR.
For audit engagements where an EQR is required, the engagement partner must:
 Determine that an EQR has been appointed.
 Cooperate with the reviewer and inform other team members of their
responsibility to do so.
 Discuss significant matters and significant judgments arising during the

engagement with the reviewer.
 Not date the auditor’s report until the completion of the EQR.
The engagement quality reviewer:
 Cannot be a member of the engagement team.
 Must have the competence and capabilities, including sufficient time, and the
appropriate authority to perform the EQR.
 Must comply with relevant ethical requirements and laws and regulations.
147
Chapter 6
4.4 Monitoring and remediation
To ensure the quality management system is effective in terms of design,

implementation and operation, the firm must:
 Monitor the system by inspecting a selection of completed engagements.
 Evaluate the severity, and investigate the root cause, of any deficiencies.
 Remediate the deficiencies in response to the root cause.
Annual evaluation is required to be undertaken.
148
Planning
Post-issuance review
Purpose To assess whether the firm's policies and procedures

were implemented during an engagement and to
identify any deficiencies therein
When After the auditor's report has been signed
Which files A selection of completed audit files
Conducted by A dedicated compliance or quality department/a

qualified external consultant/an independent partner
Matters considered Working papers should demonstrate that:

 Sufficient appropriate evidence has been obtained
 All matters were resolved before issuing the
auditor's report
 All working papers should be:
 On file
 Completed
 Signed as completed
 Evidenced as reviewed
Outcomes A report of the results will be provided to the partners of

the firm flagging deficiencies that require corrective
action. Recommendations will be made including:
 Communication of findings
 Additional quality reviews
 Training
 Changes to the firm's policies and procedures
 Disciplinary action
149
Chapter 6
Question 4
Select whether the following statements are true or false in respect of
quality management.
This question allows you to demonstrate knowledge of Legislation,

Solution
The audit engagement partner will review all

working papers on the audit file before False
issuing an opinion
Briefing of audit team members about the

True
client forms part of the direction of the audit
If any issues arise during the audit, the

supervisor must resolve or refer the issues True
to the audit manager or partner
An engagement quality review must be

False
performed for all engagements
150
Planning
151
Chapter 6
Documentation
Documentation
Form and Safe

content of custody
Purpose
working and
papers retention
5.1 Purpose of documentation
 Provides a sufficient appropriate record of the auditor’s basis for the auditor's
report.
 Provides evidence that the audit was planned and performed in accordance
with auditing standards and applicable legal and regulatory requirements.
 Assists the engagement team to plan and perform the audit.
 Assists members of the engagement team responsible for supervision to direct,

supervise and review the audit work.
 Enables the engagement team to be accountable for its work.
 Retains a record of matters of continuing significance to future audits.
 Enables engagement quality reviews and monitoring activities to be performed.
152
Planning
Working papers provide a record of:
 The planning and performance of the engagement
 The supervision and review of the work performed
 The evidence obtained which the assurance provider considers necessary, and
on which they have relied to arrive at their conclusion
 The quality control procedures carried out.
Working papers may be held as paper, film, electronic or other media.
If legal action is taken against the auditor, the audit file will provide the auditor's
defence in court. Working papers provide the proof that the auditor has not been
negligent in their duties.
5.2 Form and content of working papers
Audit work
performed
An
Evidence obtained
Audit experienced
documentation To auditor with To
must be allow no previous understand
sufficient connection Significant matters
with audit arising
Conclusions
reached
Working papers should show:
 Name of client  Objective
 Reporting date  Source of information
 File reference  Sample size
 Name of preparer/date  Work performed
 Name of reviewer/date  Results and conclusions drawn
 Subject of working paper  Analysis of errors
153
Chapter 6

Look at Illustration 1 in Chapter 6 of the Study Text which shows the
content of an example working paper.
5.3 Current and permanent audit files
Working papers prepared by the auditor may be useful for the current year only, or
may be useful for future audits as well as the current year audit. For this reason, the
auditor will maintain two audit files, a current audit file and a permanent audit file.
Current audit file contents Permanent audit file contents
 Audit strategy including:  Constitutional documents
– Materiality assessment  Organisation structure
– Deadlines  Background of the client’s business
– Staffing and budget  Title deeds
 Audit plan including:  Systems documentation
– Audit procedures performed  Copies of contracts and agreements
– Audit evidence obtained from  Directors’ service contracts

tests of controls and
substantive procedures
– Conclusions drawn
 Completion activities including:
– Going concern review
– Subsequent events review
– Final analytical procedures
– Summary of unadjusted
misstatements
– Final version of the financial

statements
154
Planning
5.4 Custody and retention of working papers
Assurance work must be kept confidential.
 Paper documents should be kept in a secure location.
 Electronic documents should be protected using suitable security measures.
 Auditors should keep all audit working papers required by auditing standards for
at least five years from the date of the auditor’s report.
155
Chapter 6
You should now be able to answer TYU questions 1, 2, 3 and 4 from the Study
Text.
Knowledge Check Test: Planning and risk assessment on MyKaplan.
156
Chapter 7
Evidence
Outcome
 explain why an auditor needs to obtain an understanding of internal control

relevant to the audit
 explain the assertions contained in the financial statements about classes of

transactions and events and related disclosures; and account balances and
related disclosures at the period end
 describe audit procedures to obtain audit evidence, including inspection,

observation, external confirmation, recalculation, re-performance, analytical
procedures and enquiry
 discuss the quality and quantity of audit evidence
 discuss the relevance and reliability of audit evidence
 discuss substantive procedures for obtaining audit evidence
 discuss and provide examples of how analytical procedures are used as

substantive procedures
 discuss the problems associated with the audit and review of accounting
estimates
 discuss the difference between tests of control and substantive procedures
 define audit sampling and explain the need for sampling
 identify and discuss the differences between statistical and non-statistical

sampling
157
Chapter 7
 discuss and provide relevant examples of the application of the basic principles
of statistical sampling and other selective testing procedures
 discuss the results of statistical sampling, including consideration of whether

additional testing is required
 explain the use of automated tools and techniques in the context of an audit,
including the use of audit software, test data and other data analytics tools
 discuss and provide relevant examples of the use of automated tools and
techniques including test data, audit software and other data analytics tools
 discuss why auditors rely on the work of others
 discuss the extent to which external auditors are able to rely on the work of
experts, including the work of internal audit
 explain the audit considerations relating to entities using service organisations
 explain the extent to which reference to the work of others can be made in the
independent auditor’s report
One of the PER performance objectives (PO19) is to collect and

evaluate evidence for an audit. Carry out an internal or external
audit from collecting evidence, through to forming an opinion.
You demonstrate professional scepticism and make sure
judgements are based on sufficient valid evidence. Working
through this chapter should help you understand how to
158
Evidence
Overview
Assertions Qualities Procedures
Automated AUDIT EVIDENCE Selecting

tools and items for
techniques testing
Using the work

of others
Experts Internal audit

 Auditor’s  Reliance
Service
expert on IA work
organisation
 Management  Direct
expert assistance
159
Chapter 7
Qualities of audit evidence
ISA 500 Audit Evidence requires auditors to ‘obtain sufficient appropriate audit
evidence to be able to draw reasonable conclusions on which to base the audit
opinion’.
Audit evidence
Sufficient (quantity) Appropriate (quality)
Depends on factors such as:

 Risk
 Materiality Reliable Relevant
 Nature of internal
control system
 Reliability
 Size of population
Proves one or
more of the
financial
statement
assertions
Source Format
 Auditor generated  Original/written
 Third party  Copy/oral
 Client generated
160
Evidence
Example 1
Sources of audit evidence
The auditor of Pyrenees Co is testing the non-current asset balance in the

financial statements. To do this the auditor can obtain evidence from a variety
of sources:
Auditor generated: a proof in total of the depreciation charge can be

performed to assess whether the charge appears reasonable.
Third party: a valuation report can be obtained from an auditor’s expert

confirming the market value of land and buildings at the reporting date.
Client generated: the auditor will use the client’s non-current asset register as
a basis for testing individual assets, e.g. selecting assets to verify physical
existence.
161
Chapter 7
Question 1
The following audit evidence has been gathered relating to the accuracy of the
depreciation charge for Scafell Co:
1 Proof in total calculation performed by an audit team member
2 Written representation from the directors of Scafell Co confirming the

accuracy of the depreciation charge
3 Verbal confirmation from the finance director of Scafell Co confirming the

accuracy of the depreciation charge
4 Recalculation of the depreciation charge by an internal audit team

member of Scafell Co
What is the order of reliability of the audit evidence starting with the
MOST RELIABLE first?
A 1, 2, 3, 4
B 1, 4, 2, 3
C 4, 1, 2, 3
D 4, 1, 3, 2
This question allows you to demonstrate the behaviour of Professional

scepticism.
Solution
The correct answer is B.
The most reliable evidence will be the work performed by the audit team
member as auditor generated evidence is the most reliable.
Verbal confirmation is the least reliable form of evidence as it can be disputed

or retracted.
Written confirmation is the next least reliable form of evidence as it is client

generated.
162
Evidence
163
Chapter 7
Financial statement assertions
Assertions: ‘Representations, explicit or otherwise, with respect to the

recognition, measurement, presentation and disclosure of information in
the financial statements which are inherent in management
representing that the financial statements are prepared in accordance
with the applicable financial reporting framework.’
2.1 Assertions relating to the Statement of profit or loss
Assertions about classes of transactions and events, and related

disclosures, for the period under audit
Transactions that have been recorded have occurred and
Occurrence
pertain to the entity
All transactions that should have been recorded have been
Completeness
recorded
Accuracy Amounts have been recorded appropriately
Transactions have been recorded in the correct accounting
Cut-off
period
Classification Transactions have been recorded in the proper accounts
Transactions and events are appropriate aggregated and
Presentation clearly described, and related disclosures are relevant and
understandable
164
Evidence
2.2 Assertions relating to the Statement of financial position
Assertions about account balances, and related disclosures, at the

period end
Existence Assets, liabilities and equity interest exist
Rights and The entity owns the assets, and liabilities are the
obligations obligations of the entity
All assets, liabilities and equity interests that should have
Completeness
been recorded have been recorded
Accuracy, valuation Assets, liabilities and equity interests are included in the
and allocation financial statements at appropriate amounts
Assets, liabilities and equity interests have been recorded
Classification
in the proper accounts
Presentation Assets, liabilities and equity interests are appropriate
aggregated and clearly described, and related disclosures
are relevant and understandable
165
Chapter 7
Example 2
Testing the financial statement assertions
You are working on the audit of Kinabalu Co, auditing the trade payables
balance. The audit plan contains a number of different audit procedures to test
the relevant financial statement assertions.
Completeness: Select a sample of GRNs from just before the year end, trace
them to the related purchase invoice and into the payables ledger to ensure
they have been recorded.
Accuracy and valuation: Select a sample of purchase invoices listed in the

payables ledger and agree the details recorded in the ledger to the details on
the purchase invoices to ensure they have been recorded accurately.
Rights and obligations: Inspect post year end bank statements for payment
to ensure the invoiced amounts are the obligation of Kinabalu Co.
166
Evidence
Question 2
Which of the following procedures would NOT test for COMPLETENESS
(understatement) of the wages accrual in the statement of financial
position?
A Agree the payment of the final week’s wages from post year-end bank
statements to the accrual listing
B Agree the final week’s wage cost from the payroll listing to the accrual
listing
C Compare the accrual in the financial statements to the prior year and
investigate any significant differences
D Select a sample of employees from the final week’s payroll listing and
recalculate deductions

and control.
Solution
A good way to approach this style of question is to think about the objective of
a test in relation to the identified assertion before assessing each of the
procedures in turn.
Tests A, B and C would all test for understatement of the accrual through
agreement to the subsequent payment, year-end client listing or prior year
accrual.
Test D however would not test for understatement/completeness as the

recalculation of deductions is a test for accuracy and will provide the auditor
will no assurance that the correct amount has been accrued at the year end.
167
Chapter 7
Question 3
Match the audit procedures in relation to receivables to the relevant
assertion being tested by that procedure
1 Discuss the recoverability of old balances with the finance director
2 Obtain external confirmation of year end balances from a sample of

customers
Assertion options
A Completeness
B Existence
C Presentation
D Valuation

and control.
Solution
The correct answers are 1D and 2B.
If receivables balances are not recoverable they should be written off

otherwise receivables will be overvalued.
If a reply is received from a customer in response to an external confirmation

letter, this provides evidence that the customer and debt exists at the year
end date.
168
Evidence
169
Chapter 7
Procedures
3.1 Sources of audit evidence
Source
Substantive
Tests of control
procedures
Analytical
Tests of detail
procedures
Tests of control: Tests of control are designed to evaluate the

operating effectiveness of controls in preventing or detecting and
correcting material misstatement.
Substantive procedures: Substantive procedures are designed to

detect material misstatement at the assertion level.
Tests of detail: Tests of detail to verify individual transactions and

balances.
Substantive analytical procedures: Analytical procedures involve the

evaluation of financial information through analysis of plausible
relationships among both financial and non-financial data. As a
substantive procedure they help test the figures in the financial
statements for material misstatement.
170
Evidence
3.2 Tests of control

The stronger the control system the lower the control risk and as a
result, there is a lower risk of material misstatement in the financial
statements.
In order to be able to rely on controls the auditor will need to:

 Ascertain how the system operates
 Document the system in audit working papers
 Test the operation of the system
 Assess the design and operating effectiveness of the control system
 Determine the impact on the audit approach for specific classes of transactions,
account balances and disclosures.
A test of control provides evidence of whether a control procedure has operated
effectively.
Example 3
Testing controls
Everest Co holds inventory which is stored in a temperature controlled

warehouse with the temperature being monitored every 3 hours and a record
of the temperature taken being maintained and checked by the warehouse
manager.
To test this control, the auditor can inspect the record of temperatures
recorded for a sample of days throughout the year. They should also inspect
the records for evidence of warehouse manager’s review such as a signature.
If it is found that this control is not working effectively, inventory may not be
kept in a saleable condition which would affect the value at which it should be
recorded in the accounting records.
171
Chapter 7
3.3 Substantive procedures
 Test the numbers in the financial statements.
 The auditor may choose to rely solely on substantive testing where it is

considered to be a more efficient or more effective way of obtaining audit
evidence, e.g. for smaller organisations.
 The auditor may have to rely solely on substantive testing where the client's
internal control system cannot be relied on.
 Substantive procedures must always be carried out on material items.
ISA 330 The Auditor's Response to Assessed Risks requires the auditor to carry out
the following substantive procedures:
 Agreeing the financial statements to the underlying accounting records
 Examination of material journals
 Examination of other adjustments made in preparing the financial statements.
172
Evidence
Example 4
Substantive procedures
The financial statements of Andes Co contain a balance of $1m for the land
and buildings from which the company operates.
The auditor can test this balance by obtaining a property valuation report from
an expert to confirm that the balance of $1m is valued appropriately. This
substantive procedure tests the valuation assertion.
In addition, the auditor will also inspect the title deeds to the property for the
name of the client to confirm that Andes Co has the right to include the asset
in their financial statements. This substantive procedure tests the rights and
obligations assertion.
The auditor will also need to confirm the land and buildings are real which can
be confirmed through physical inspection. This substantive procedure tests
the existence assertion.
173
Chapter 7
Question 4
Which of the following procedures is a substantive procedure in relation
to non-current assets?
A Review board minutes for evidence of approval of capital expenditure
B Inspect a sample of assets included in the non-current asset register to

ensure each asset has a unique serial number or barcode
C Review the internal audit team’s working papers confirming the non-
current asset register has been reconciled to the physical assets on a
regular basis
D Inspect the purchase invoices for a sample of assets to confirm they are
in the name of the client

Solution
A good way to approach this style of question is to think about the objective of
a test, does it confirm a control is in place or does it test a financial statement
assertion.
Tests A, B and C would all test a control in relation to non-current assets such
as approval, reconciliation between the records and assets to ensure the
records are up to date, and serial numbers to enable the company to identify
the assets.
Test D tests the assertion of rights and obligations. If the client did not
purchase the asset, it should not be included in the financial statements.
174
Evidence
3.4 Types of audit procedure
ISA 500 sets out the following types of procedures:
 Inspection of assets or documents
 Observation
 Inquiry
 Confirmation
 Recalculation
 Re-performance
 Analytical procedures.
Example 5
Types of audit procedures
Inspection of documents and records
Used for tests of controls (TOC) and substantive procedures (SP)
 Inspect purchase invoices to confirm they have been stamped as paid or

authorised for payment by an appropriate signature (TOC)
 Inspect title deeds for the name of the client to confirm rights and
obligations (SP)
Inspection of tangible assets
Used for tests of controls and substantive procedures
 Inspect an asset to confirm it has the serial number assigned to it that is

recorded in the non-current asset register (TOC)
 Inspect inventory for evidence of damage which indicates NRV may be

lower than cost (SP)
175
Chapter 7
External confirmation from 3rd parties
 Obtain external confirmation of the year end balance from customers,

suppliers and the bank (SP)
 Obtain external confirmation of the effectiveness of controls at a service

organisation used by the client (TOC)
Observation of a process or procedure being performed by others
Used for tests of controls
 Observe the goods receipt process to ensure goods are checked against
the purchase order and are checked for condition
 Observe the inventory count to ensure it is being carried out in

accordance with the inventory count instructions
Recalculation
Used for substantive procedures
 Recalculate the receivables listing to ensure arithmetical accuracy
 Recalculate the depreciation charge to ensure arithmetical accuracy
Enquiry of knowledgeable people inside and outside of the entity
 Enquire of the internal audit department as to any internal control

deficiencies identified during their testing during the year (TOC)
 Enquire of management as to the reasons for revising depreciation rates

during the year (SP)
176
Evidence
177
Chapter 7
Using the work of others
4.1 Using the work of an expert
In certain circumstances auditors may need to rely on the work of, or consult parties
not involved in the audit process.
This may be where they lack technical knowledge and skills to gather evidence.
Experts may be involved in, for example:
 Property valuations
 Work in progress
 Legal provisions
An auditor’s expert is an individual or organisation whose work is used

by the auditor to assist in obtaining sufficient appropriate audit
evidence.
A management’s expert is an individual or organisation whose work is

used by the entity to assist in the preparation of the financial
statements.
Relying on the work of a management expert
ISA 500 Audit Evidence provides guidance on what the auditor should consider
before relying on the work of management's expert. This guidance is very similar to
that given in ISA 620.
The auditor must:
 Evaluate the competence, capabilities and objectivity of that expert.
 Obtain an understanding of the work of that expert.
 Evaluate the appropriateness of that expert’s work as audit evidence for the
relevant assertion.
178
Evidence
Relying on the work of an auditor’s expert
ISA 620 Using the Work of an Auditor's Expert states that the auditor should obtain
sufficient and appropriate evidence that the work of the expert is adequate for the
purpose of the audit.
Competence – qualifications,
experience, reputation, membership
of a professional body, published
Step 1: work
Decide which expert
Capability – ability to do the work
to use
Objectivity – business or personal
relationships, fee dependence
Agree in writing
 Nature, scope and objective of
Step 2: expert's work
Engagement  Roles and responsibilities
letter/contract  Nature, timing and extent of
communications and reports
 Confidentiality
 Consistency of findings with

other audit evidence
Step 3:  Relevance and reasonableness
Evaluate the expert's of assumptions
work for audit  Completeness and accuracy of
purposes source data
 If not deemed adequate, agree
further work
179
Chapter 7
Example 6
Using the work of an auditor’s expert
The directors of Kosciuszko Co have performed a revaluation of the

company’s land and buildings during the year. The auditor has decided to use
an auditor’s expert to obtain sufficient appropriate evidence that the valuations
are reasonable due to the lack of objectivity of the directors.
The firm of chartered surveyors selected does not perform consultancy

services or valuations for Kosciuszko Co and has no relationship with its
directors.
The person performing the valuation is registered with a professional body

and the auditor has confirmed this by inspecting the register of members.
The auditor has reviewed published articles in industry journals and on

professional social media platforms written by the expert and also held
discussions with them to ensure they are competent.
This example demonstrates knowledge of Assurance, risk and control

and Legislation, the skill of Ethics and integrity, and the behaviour of
Professional scepticism.
180
Evidence
4.2 Relying of the work of internal audit
An internal audit department forms part of the client's system of internal control.
Auditors may be able to cooperate with a client's internal audit department and place
reliance on their procedures in place of performing their own in areas such as:
 Tests of controls
 Risk assessment
 Fraud investigations
 Compliance with laws and regulations.
ISA 610 (Revised) Using the Work of Internal Auditors states that before relying on
the work of internal audit, the external auditor must assess the effectiveness of the
internal audit function and assess whether the work produced by the internal auditor
is adequate for the purpose of the audit.
Assess the internal audit function Assess the specific work that may be
relied upon
 Objectivity (consider status and  Whether the work was properly

reporting lines) planned, performed, supervised,
reviewed and documented
 Competence (consider resources,
training and proficiency)  Whether there is sufficient
appropriate evidence to support
 Systematic and disciplined the auditor’s conclusions
approach (consider planning,
supervision, review,  Whether the conclusions reached
documentation and quality control are appropriate.
for internal audit work).
The external auditor must re-perform some of the procedures that the internal auditor
has performed to ensure they reach the same conclusion.
The extent of the work to be performed on the internal auditor's work will depend on
the amount of judgment involved and the risk of material misstatement in that area.
181
Chapter 7
4.3 Using internal audit to provide direct assistance
External auditors can consider using the internal auditor to provide direct assistance
with gathering audit evidence under the supervision and review of the external
auditor.
 Can’t use IA for direct assistance if

laws and regulations prohibit
 IA staff used must be competent and
objective
Initial  Must not be given work which
considerations involves significant judgment, a high
risk of material misstatement or with
which the internal auditor has been
involved
 Planned work agreed with
management as not being excessive
 Management agree in writing that

IA can be used and they will not
interfere
 IA staff sign confidentiality
If IA are to be agreement
used for direct
 External auditor provides direction,
assistance supervision and review of IA’s work
 External auditor remains alert to the
risk that the IA is not objective or
competent
182
Evidence
Examples of work that the internal auditor may perform:
 Testing of the operating effectiveness of controls.
 Substantive procedures involving limited judgment.
 Observations of inventory counts.
 Tracing transactions through the information system relevant to financial

reporting.
 Testing of compliance with regulatory requirements.
183
Chapter 7
4.4 Service organisations
ISA 402 Audit Considerations Relating to an Entity Using a Service Organisation

deals with the auditor's responsibility to obtain sufficient appropriate evidence when a
client outsources functions to service organisations.
The client may outsource certain functions to another company – a service

organisation, e.g.
 Internal audit
 Receivables collection
 The entire finance function
 Payroll.
The auditor should:
 Gain an understanding of the services being provided to identify and assess the
risks of material misstatement.
 Assess the design and implementation of the internal controls of the service
provider.
 Visit the service provider to perform tests of controls.
 Contact the service provider's auditors to request a type 1 or type 2 report:
A Type 1 report provides a description of the design of the controls at the

service organisation prepared by the management of the service organisation.
It includes a report by the service auditor providing an opinion on the description
of the system and the suitability of the controls.
A Type 2 report is a report on the description, design and operating

effectiveness of controls at the service organisation. It contains a report
prepared by management of the service organisation. It includes a report by the
service auditor providing an opinion on the description of the system, the
suitability of the controls, the effectiveness of the controls and a description of
the tests of controls performed by the auditor.
 Consider whether sufficient appropriate evidence has been obtained and the
implications for the auditor's report.
184
Evidence
Example 7
Service organisations
Kilimanjaro Co uses a service organisation to perform its payroll processing.

The auditor of Kilimanjaro will need to obtain sufficient appropriate evidence
that payroll costs are not materially misstated. This would usually be achieved
by testing the client’s controls and performing substantive procedures on the
payroll figure but as the client does not perform their own payroll processing a
different approach must be taken.
The auditor can arrange with the service organisation to visit their premises
and perform tests of controls. Alternatively, the auditor of Kilimanjaro Co can
contact the service organisation’s auditor to request a type 1 or type 2 report
detailing the control system of the service organisation.
Substantive procedures can be performed in the usual way as payroll records

such as timesheets, contracts of employment, payslips and payroll ledgers will
still exist.
This example demonstrates knowledge of Assurance, risk and control,

Legislation, the skill of Problem solving and decision making, and the
behaviour of Flexibility.
185
Chapter 7
4.5 References to the work of others in the auditor's report
The auditor shall not refer to the work of others unless required by law or regulation.
If such reference is required by law or regulation, the auditor's report shall indicate
that the reference does not diminish their responsibility for the audit opinion.
186
Evidence
Question 5
Which of the following matters should the auditor consider prior to
placing reliance on the work of the expert?
1 The availability of alternative sources of audit evidence
2 The technical expertise required to perform the valuation
3 The availability of audit staff to complete the evaluation of the expert on a

timely basis
4 The extent to which the use of the expert can be referred to in the
auditor’s report
A 1 and 2
B 2 and 3
C 1 and 4
D 2 and 4
Solution
The requirements of ISA 500 Audit Evidence are applicable in determining

whether reliance can be placed on the expert. ISA 500 states that in order to
determine reliance, the auditor should consider whether there are other
sources of evidence available as if so the level of reliance will be reduced, and
to consider the technical expertise that the expert should possess in order to
carry out the work.
It is not appropriate for the auditor to consider at this stage whether staff can
be allocated to perform the work as the availability of staff and the ability to
perform the work should have been considered at the acceptance stage.
While the auditor in certain circumstances may need to refer to the fact that an
expert has been used, the responsibility to gather sufficient and appropriate
evidence on which to base the audit opinion remains solely with the auditor.
Therefore considering the extent to which reference can be made to the
expert is not an appropriate matter on which to base reliance.
187
Chapter 7
188
Evidence
Selecting items for testing
5.1 Selecting items for testing
There are three main choices for the auditor when selecting items for testing:
 Select all items to test (100% testing)
If the population is relatively small, or if the auditor requires a high level of

assurance over a balance, the auditor may choose to test all items in the
population.
 Selecting specific items for testing
Items with specific characteristics may be chosen for testing such as:
– High value items within a population
– All items over a certain amount
– Items to obtain information
Although less than 100% of the population is being tested, this does not
constitute sampling. As explained below, sampling requires all items in the
population to have a chance of selection. In the categories above, only the
items with the specific characteristics have a chance of selection.
 Sampling
Sampling: The application of audit procedures to less than 100% of

items within a population of audit relevance such that all sampling units
have a chance of selection in order to provide the auditor with a
reasonable basis on which to draw conclusions about the entire
population.
When sampling, the auditor must choose a representative sample.
If a sample is representative, the same conclusion will be drawn from that sample as
would have been drawn had the whole population been tested.
For a sample to be representative, it must have the same characteristics as the other
items in the population from which it was chosen.
In order to reduce sampling risk and ensure the sample is representative, the auditor
can increase the size of the sample selected or use stratification.
189
Chapter 7
5.2 Stratification
Stratification is used in conjunction with sampling. Stratification is the process of

breaking down a population into smaller subpopulations. Each subpopulation is a
group of items (sampling units) which have similar characteristics.
Example 8
Stratifying the population
Payroll costs in Himalaya Co comprise three cost centres:
Cost centre 1 (CC1) is for production workers paid a basic monthly salary,
overtime and a monthly production bonus.
Cost centre 2 (CC2) is for admin staff paid a monthly salary and an annual
discretionary bonus.
Cost centre 3 (CC3) is for management who are paid a monthly salary and an
annual performance related bonus based on the reported profit for the year.
The auditor can stratify the sample by breaking the population of payroll into
three subpopulations of CC1, CC2 and CC3 and test a sample of payroll
transactions from each. Costs within each subpopulation have the same
characteristics therefore stratification is appropriate.
This example demonstrates the skills of Business insight and Problem

solving and decision making and the behaviours of Flexibility and
Professional scepticism.
190
Evidence
5.3 Statistical and non-statistical sampling
Statistical sampling means any approach to sampling that uses:
 Random selection of samples, and
 Probability theory to evaluate sample results.
Any approach that does not have both of these characteristics is considered to be
non-statistical sampling.
5.4 Sampling methods
Statistical sampling methods
 Random selection – this can be achieved through the use of a random number
generator or table.
 Systematic selection – where a constant sampling interval is used (e.g. every

50th balance) and the first item is selected randomly.
 Monetary unit selection – selecting items based upon monetary values (usually
focusing on higher value items).
Non-statistical sampling methods
 Haphazard selection – auditor does not follow a structured technique but avoids
bias or predictability.
 Block selection – this involves selecting a block of contiguous (i.e. next to each
other) items from the population. To reduce sampling risk, many blocks should
be selected.
191
Chapter 7
5.5 Evaluating deviations and misstatements in a sample
Deviations
Any issues identified during a test of control are called deviations.
The auditor will:
 Determine a level of deviation they are willing to accept – tolerable deviation

rate.
 Test the sample stated in the audit plan.
 Extend the sample if deviations are identified.
 Compare the actual deviation rate to the tolerable deviation rate.
 Increase the level of substantive testing over the balance if the actual deviation
rate exceeds the tolerable deviation rate.
 Communicate the control deficiency causing the deviation with management

and those charged with governance.
Communication of control deficiencies is covered in more detail in the chapter
‘Systems and controls’.
192
Evidence
Misstatements
Any issues identified during a substantive test are called misstatements.
The auditor will:
 Determine a level of misstatement they are willing to accept – tolerable

misstatement.
 Test the sample stated in the audit plan.
 Consider the nature and cause of the misstatement. If the misstatement is an

anomaly (isolated), no further procedures are required as the misstatement is
not representative of further misstatements.
 Project the misstatement found in the sample across the population as a whole,
if the misstatement is not isolated.
 Compare the total projected misstatement to tolerable misstatement.
– If the total projected misstatement in the sample is less than tolerable

misstatement, the auditor may be reasonably confident that the risk of
material misstatement in the whole population is low and no further testing
will be required.
– If the total projected misstatement in the sample exceeds tolerable

misstatement, the auditor will extend the sample in order to determine the
total misstatement in the population.
 Communicate the misstatement with management and ask them to correct it.
Communication of misstatements is covered in more detail in the chapter
‘Completion and review’.
193
Chapter 7
Example 9
Evaluating misstatements
You have been auditing receivables with a balance of $200,000.
A sample of $5,000 was tested and an error of $20 was found.
When deciding what action to take regarding this error, the auditor cannot just
look at the value of $20, they must consider the effect of the error across the
population.
The error rate here is: (20/5,000) = 0.4%
The auditor should extrapolate this error rate across the population:
200,000 × 0.4% = $800
It is this figure which should be considered to determine if more testing is

needed.
This example demonstrates the behaviour of Professional scepticism.
194
Evidence
Automated tools and techniques
Automated tools
and techniques
Test data Audit software Data analytics
6.1 Test data and audit software
Test data Audit software
Use Test the computerised controls Substantive testing.

within the system.
Basic data analysis.
Description Data is put into the client’s Client data is analysed using
system. the auditor’s software.
Auditor can see if the system Auditor can check
correctly processes it. calculations and identify items
for testing quickly and easily.
Data may be real or dummy.
System testing may be done in a
live environment or using a copy
of the client’s system.
195
Chapter 7
Test data Audit software
Examples The auditor enters data e.g.  Re-performance of

addition or ageing of
 A timesheet with hours invoices.
outside the normal range to
check that the system  Identifying items for
rejects it. testing e.g. identify
credit balances on the
 A customer order that will receivables ledger.
exceed the credit limit to
ensure the system rejects  Preparation of reports.
it.
 Calculations of ratios.
 Sample selection.
Advantages  Enables the auditor to test  Calculations and casting

programmed controls of reports will be
which wouldn't otherwise quicker.
be able to be tested.
 More transactions can
 Once designed, costs be tested.
incurred will be minimal
unless the programmed  Computer files rather
controls are changed than printouts are
requiring the test data to be tested.
redesigned.
 Cost effective once set
up.
Disadvantages  Risk of corrupting the  Bespoke software

client's systems. (specific to one client)
can be expensive to set
 Requires time to be spent up.
on the client's system if
used in a live environment  Training of audit staff
which may not be will be required incurring
convenient for the client. additional cost.
 The audit software may
slow down or corrupt the
client's systems.
 If errors are made in the
design of the software,
issues may go
undetected by the
auditor.
196
Evidence
6.2 Data analytics
Data analytics is the science of examining large data sets (big data)
with the purpose of drawing conclusions about that information.
Data analytics are a current development in the auditing profession.
This audit methodology is increasing in use for larger audit firms and smaller firms
are expected to follow.
Data analytics are seen as a way of increasing audit quality.
Features of data analytics
 Allows the auditor to manipulate 100% of the data in a population quickly.
 Can be used throughout the audit to help identify risks, test the controls and as
part of substantive procedures.
 As with analytical procedures in general, the quality of data analytics depends

on the reliability of the underlying data used.
 Can incorporate a wider range of data. For example data can be extracted and
analysed from social media, public sector data, industry data and economic
data.
 Can be seen as a more comprehensive version of computer assisted audit

techniques.
197
Chapter 7
Benefits of data analytics
 Audit quality should increase as sampling risk is reduced or even eliminated as

complete data sets are subject to audit.
 As audit quality increases the auditor's liability risk is reduced.
 Audit procedures can be performed more quickly and to a higher standard

providing more time to analyse and interpret the results.
 Audit procedures can be carried out on a continuous basis rather than being
focused at the year-end.
 Reporting to the client and users will be more timely as the work may be
completed within weeks rather than months after the year-end.
 May result in more frequent interaction between the auditor and client over the
course of the year.
198
Evidence
6.3 Examples of the use of technology during the audit
Risk assessment
 Data analytics may be used to analyse the number of journals posted manually
and automatically by the system; the number of people processing journals and
the time of day the journals are posted. This can help with the auditor’s
assessment of risk due to fraud if:
– The number of manual versus automatic journals increases significantly.
– The number of people processing journals increases.
– Journals are posted outside of normal working hours.
 Data analytics may be used to perform ratio analysis at the risk assessment
stage to help identify risks of material misstatement.
 The information system of a client can be accessed directly or by download to

enable the auditor to obtain an understanding of how transactions flow through
the system.
Substantive procedures
 Drones may be used to perform inspections of inventory where the auditor is

unable to attend or physical access is restricted.
 Data analytics can be used to perform substantive analytical procedures such

as ratio analysis or trend analysis in respect of sales and purchases.
 Data analytics may be used to identify if ledgers with zero balances are due to a
number of offsetting transactions indicating that the ledger balance may be
significant.
199
Chapter 7
Example 10
Data analytics – Journal testing
The following represents an extract from the data analytics software used
during the audit of Luxembourg Co, a manufacturer:
There are a number of concerns arising from the extract which will require
further investigation:
The average journal size is very small. If this is due to automated journals it is
not a concern, but if manual journals are being posted for such insignificant
amounts it suggests inefficiency.
The manual journals are more significant to the audit as they are more
susceptible to fraud or error and on average each represents a larger
monetary amount (given that they represent 90% of value but only 30% of
volume).
200
Evidence
The processing of large journals by the finance director is not unusual

although the auditor should review such journals (particularly if there is a risk
of deliberate manipulation). However, the journals processed by the payroll
clerk are a greater concern as there is no obvious explanation for these.
It is possible that this could represent fraud, although there may be a

legitimate explanation. For example, the payroll clerk might be tasked with
processing monthly journals for statutory deductions.
As only 12 journals above $5,000 were processed the individual value of

some of those processed by M. Davis and/or T. Smith must have been very
high.
This example demonstrates knowledge of Financial information and the

behaviour of Professional scepticism.
201
Chapter 7
Study Text.
202
Chapter 8
Systems and controls
Outcome
 explain why an auditor needs to obtain an understanding of the components of

internal control relevant to the preparation of the financial statements
 describe and explain the five components of a system of internal control
 explain how auditors record systems of internal control including the use of
narrative notes, flowcharts and questionnaires
 evaluate internal control components, including deficiencies and significant

deficiencies in internal control
 discuss the limitations of internal control components
 describe computer systems controls including general IT controls and

information processing controls
 describe control objectives, control procedures, control activities, direct controls,

indirect controls and tests of control in relation to sales, purchases, payroll,
inventory, bank and cash and non-current assets
 discuss the requirements and methods of how reporting significant deficiencies

in internal control are provided to management and those charged with
governance
 explain, in a format suitable for inclusion in a report to management, significant

deficiencies within a system of internal control and provide control
recommendations for overcoming these deficiencies to management
203
Chapter 8

204
Overview
Effect on
Limitations Components IT controls
audit
SYSTEMS AND
CONTROLS
 Ascertain
Communicate
 Document deficiencies
 Test
Sales Purchases Payroll NCA Inventory Bank

and
cash
205
Chapter 8
Effect of controls on the audit
Control risk is one of the factors affecting the risk of material misstatement.
If a client’s system of internal control is designed appropriately,

implemented and working effectively, there will be less risk of material
misstatement in the financial statements as the controls will have either
prevented the misstatements from occurring in the first place, or will
have detected the misstatements and prompted action for them to be
corrected.
If control risk is low:
 The auditor can place more reliance on internal controls and evidence
generated internally within the entity.
 The quantity of detailed substantive procedures performed at the final audit

stage can decrease.
 The audit strategy and plan will be updated to reflect that fewer substantive
procedures may be required or smaller sample sizes can be tested at the final
audit stage.
If control risk is high:
 Increase the volume of procedures conducted at and after the year-end
 Increase the level of substantive procedures, in particular, tests of detail
 Increase the locations included in the audit scope
 Place less reliance on analytical procedures
 Place less reliance on written representations from management
 Obtain more evidence from external sources
 Update the audit strategy and plan to reflect the additional testing required at
the final audit stage.
206
Limitations of controls
The auditor can never eliminate the need for substantive procedures entirely.
There are inherent limitations to the reliance that can be placed on internal controls
due to:
 Human error
 Ineffective controls e.g. because of outdated systems
 Collusion of staff in circumventing controls
 The abuse of power by those with ultimate controlling responsibility

(i.e. management override)
 Use of management judgment on the nature and extent of controls it chooses to

implement e.g. it may not be considered cost effective to implement controls
over non-routine transactions
Example 1
Limitations of controls
Collusion
Within the payroll department, a payroll clerk processes timesheets and

overtime claims and the payroll manager authorises the payroll for payment,
however the clerk and manager are related and collude to enable the clerk to
increase the overtime paid to herself which she shares with the manager.
Management override
During the preparation of the financial statements, the finance director falsifies
the accounting records by posting a journal to increase revenue to show a
desired level of profit required to meet a loan covenant.
207
Chapter 8
208
Components of internal control
Components of
internal control
Control Control
Monitoring
environment activities
Entity’s risk Information

assessment system
process
3.1 Control environment
The control environment provides the foundation for the other

components of the internal control system and includes the governance
and management functions and the attitudes, awareness and actions
of those charged with governance and management concerning the
entity’s internal control and its importance in the entity.
Elements of the control environment
 How management’s responsibilities are carried out, demonstrating

management’s commitment to integrity and ethical values.
 How those charged with governance demonstrate independence from

management and exercise oversight of the internal control system.
 How the entity assigns authority and responsibility in pursuit of its objectives.
 How the entity attracts, develops and retains competent people including
recruitment policies, training policies and performance appraisals.
 How the entity holds individuals accountable for their responsibilities

e.g. performance measures and disciplinary policies.
 How management has responded to the findings and recommendations of the

internal audit function regarding identified control deficiencies.
209
Chapter 8
3.2 The entity’s risk assessment process
The process by which management in a business identifies business

risks relevant to financial reporting objectives and decides what actions
to take to address those risks.
The risk assessment process will involve the following steps:
Identify Decide on
Estimate the Assess the
relevant actions to
significance likelihood of
business address the
of the risks occurrence
risks risks
Threats to business objectives can lead to misstatement in the financial statements,

e.g. non-compliance with laws and regulations may lead to fines and penalties, which
require disclosure or provision in the financial statements.
If the client has robust procedures for assessing the business risks it faces, the risk
of misstatement overall will be lower.
3.3 The entity’s process to monitor the system of internal control
This is the client's continual process of evaluating the effectiveness of controls over
time and taking necessary remedial action.
Monitoring can be either ongoing or performed on a separate evaluation basis (or a

combination of both).
Monitoring of internal controls is often the key role of internal auditors.
210
3.4 The information system and communication
The information system relevant to financial reporting consists of all of the activities
and policies relevant to financial reporting and communication. It includes the
procedures within both computerised and manual systems.
The information system includes all of the procedures and records which are
designed to:
 Initiate, record, process and report transactions.
 Maintain accountability for assets, liabilities and equity.
 Resolve incorrect processing of transactions.
 Process and account for system overrides.
 Transfer information to the general/nominal ledger.
 Capture information relevant to financial reporting for other events and

conditions.
 Ensure information required to be disclosed is appropriately reported.
3.5 Control activities
Control activities are the policies (statements of what should or should not be done)
and procedures (actions to implement policies) to achieve the control objectives of
management and those charged with governance.
Examples of specific control activities include those relating to:
 Authorisation
 Reconciliations
 Verifications
 Physical or logical controls to prevent theft of assets or data
 Segregation of duties to reduce the risk of fraud.
Control activities, also known as control procedures, are designed to address a

control objective.
A control objective identifies the risk that the entity needs to manage i.e. the reason
for a control procedure or activity being required.
A control objective ensures something good happens or ensures something bad

does not happen.
211
Chapter 8
Example 2
Control objectives and activities
A typical risk that a business faces is the risk that employees may try and
claim for expenses that are not business related which will increase costs for
the company and reduce profit and cash.
A control objective for this risk is to ensure employees only claim for valid
business expenditure.
A control activity/procedure to address this objective is to require employees

to submit receipts or invoices to support the expense claim. A further control
would be for expense claims to be authorised by a responsible official before
reimbursement.

and Business acumen.
212
Question 1
Select the type of control activity being described.
1 Employees must give expense claims to a department manager for sign

off before it is passed to the payroll department before reimbursement
through the payroll system.
2 Swipe cards are issued to all employees. The access granted by the
swipe card is dependent on the person’s role and responsibility within the
organisation. For example, only warehouse staff can gain access to the
warehouse.
Answer options:
 Authorisation
 Reconciliation
 Physical or logical controls
 Segregation of duties
This question demonstrates knowledge of Assurance, risk and control

Solution
1 Authorisation: The department manager is required to authorise the

expense claim before it is reimbursed.
2 Physical or logical control: The swipe card physically prevents

employees from accessing areas which they do not need to access for
their job.
213
Chapter 8
Question 2
For each risk described, select a control activity which would mitigate
the risk for the business.
1 Sales could be made to uncreditworthy customers which would result in

irrecoverable debts.
2 The wrong goods could be sent to a customer resulting in complaints

from dissatisfied customers.
3 Sales invoices may not be raised for all processed orders resulting in
loss of revenue.
Answer options:
A Physical check of goods to details on the GDN and sales order before
despatch
B Segregation of duties between processing sales orders and raising of

sales invoices
C Bank reconciliation performed and reviewed by responsible official on a

regular basis
D Daily exception report produced detailing goods despatched notes not

matched to a sales invoice
E Credit checks performed for new customers and at regular intervals

thereafter
Solution
The correct answers are 1E, 2A, 3D.
Credit checks should be performed to ensure new customers are creditworthy

to reduce the risk of irrecoverable debts.
A physical check of the goods and GDN to the sales order before despatch
occurs will ensure the correct goods are sent to the customer. This will reduce
the risk of customer complaints.
A daily exception report detailing GDNs not matched to a sales invoice will
highlight if a sales invoice has not been raised for a processed order and the
issue can be promptly resolved.
214
215
Chapter 8
IT Controls
Computer controls fall into two categories: general controls and information
processing controls.
4.1 General controls
General IT controls support the continued proper operation of the IT

environment, including effective functioning of the information
processing controls and the integrity of information in the information
system.
Examples of general controls include:
 Password protection
 Back-up procedures
 Disaster recovery procedures
 Virus checks
 Firewalls
 Network access controls
 Systems testing and installation controls
 Restricting physical access to central computers by locks/keypads
 Staff training
216
Example 3
General IT controls
Pen testing: Specialist IT security companies can be used to perform

penetration (pen) testing where they will attempt to gain access to system
resources without having elevated system access. They will advise on
system security deficiencies where gaining systems access could cause a
system outage. Advice will then be given on how the system security can be
made more robust to deter genuine system hacks.
Firewall: A firewall is used to help protect the network by scanning data

ports and traffic and blocking anomalous activity. Without a firewall, malware,
hackers and viruses may be able to access the company’s data, either taking
it, or rendering it inaccessible or unusable.

217
Chapter 8
4.2 Information processing controls
Information processing controls relate to the processing of

information in IT applications or manual processes that directly address
risks to the integrity of information.
Examples include:
 Batch total checks
 Sequence checks
 Matching master files to transaction records
 Arithmetic checks
 Range checks
 Existence checks
 Authorisation
 Exception reporting
Example 4
Information processing controls
Batch totals: When a batch of invoices is entered into the system, the
system confirms the number of invoices entered which the clerk will check
against the number of physical invoices.
Range checks: When entering timesheet data into the payroll system the
system may have a range of acceptable numbers e.g. 3 – 10 hours as these
may be the number of hours typically worked in a day by any employee. If a
timesheet is entered with 15 hours, the system will flag that this is outside of
the acceptable range of values.
Exception reporting: An exception report will be generated by the system

when data, which does not change frequently such as employee’s salary or
bank details, is changed. The exception report can be reviewed by a
responsible official to ensure the changes are valid.
218
219
Chapter 8
Ascertaining and documenting systems
5.1 Ascertaining the systems
Procedures used to obtain evidence regarding the design and implementation of

controls include:
 Enquiries of relevant personnel.
 Observing the application of controls.
 Tracing a transaction through the system to understand what happens

(a walkthrough test).
 Inspecting documents, such as internal procedure manuals.
The auditor can also use their knowledge of the client and the operation of the
systems from prior years.
220
5.2 Documenting client systems
Documentation Advantages Disadvantages

method
Narrative notes  Simple to record  Time consuming to

prepare and
a written  Facilitate understanding cumbersome if system
description of the by all audit staff is complex
system
 Difficult to identify
missing controls
Flow charts  Easy to view the whole  Still a need for narrative
system notes
a diagrammatical
representation of  Easy to spot missing  Difficult to amend
the system controls
Internal control  Quick to prepare  Controls may be

questionnaire overstated
(ICQ)  Can ensure all controls
are present  Unusual controls
a list of common unlikely to be included
controls and the
client is asked
whether they have
them in place
Internal control  Controls less likely to  Checklist may contain

evaluation (ICEQ) be overstated control objectives not
relevant to the client
a list of risks and  Quick to prepare
the client is asked  Unusual risks and
to explain the control objectives may
controls they have not be identified
in place to mitigate
them
221
Chapter 8
ICQ wording ICEQ wording
Does a supervisor authorise all How does the company ensure that only
weekly timesheets? hours worked are recorded on timesheets?
Does the company perform a regular How does the company try to minimise the
credit check on all customers? risk of irrecoverable debts?
Does a manager or director authorise How does the company ensure goods are
purchase orders before an order is only purchased for a valid business use?
place?
Is a bank reconciliation performed How does the company ensure

regularly? discrepancies in the cash book are
identified and resolved?
Is a regular inventory count How does the company ensure its

performed? inventory system is up to date and
discrepancies in the inventory records are
identified?
Is a regular reconciliation performed How does the company ensure the non-
between the physical non-current current asset register is up to date and
assets and the non-current asset accurate?
register?
222
Testing the system
Tests of controls are performed only on those controls that the auditor has
determined are suitably designed to prevent, or detect and correct a material
misstatement in a relevant assertion.
Controls will only be worth testing if they are designed appropriately in the first place
(i.e. they are capable of preventing or detecting and correcting misstatements) and
implemented (i.e. the controls exist and the entity is using them).
When a control is not designed or implemented effectively, there is no benefit in

testing it.
A test of control involves the auditor obtaining evidence that the client has
implemented the controls and that they have worked effectively, during the period.
Typical methods of controls testing include:
 Observation of control activities
 Inspection of documents recording performance of the control
 Using test data.
223
Chapter 8
Question 3
For each control activity, describe a test of control the auditor can
perform to obtain evidence that the control is in place and working
effectively.
A Physical check of goods to details on the sales order before despatch
B Segregation of duties between processing sales orders and raising of

sales invoices
C Bank reconciliation performed and reviewed by responsible official on a

regular basis
D Daily exception report produced detailing goods despatched notes not

matched to a sales invoice
E Credit checks performed for new customers and at regular intervals

thereafter
Solution
A Observe the person performing the check of goods to GDN and sales
order and inspect the GDN for a signature as evidence that the check
has been performed.
B Review systems notes to understand the sales process and identify

which individuals are responsible for difference activities. Within the
computer system, look for the user ID/name/initials of the people
responsible for processing sales orders and sales invoices and ensure
these are different people.
C Review the bank reconciliations to ensure they are performed on a

regular basis and inspect the reconciliation for evidence of review by a
responsible official such as signature of the financial controller.
D Review the daily exception reports for existence. Look for evidence of
action being taken e.g. a signature acknowledging the exception and a
sales invoice within the system.
E Review a sample of customer files for credit reports ensure the date is
within the timescale specified by the client for credit checks to be
reperformed.
224
225
Chapter 8
Communicating deficiencies
ISA 265 Communicating Deficiencies in Internal Control to Those Charged with

Governance and Management requires the auditor to communicate deficiencies in
internal control to management.
Significant deficiencies should be communicated in writing to those charged with

governance.
Example 5
Report to management
Deficiency Consequence Recommendation
Credit checks are not Irrecoverable debts will Credit checks should be
performed for new reduce profit and cash performed for all new
customers. inflows and if not written customers and
off will result in repeated at regular
Sales may be made to overstatement of intervals to ensure
customers who are receivables. customers are
unable to pay. creditworthy.

and Business acumen, the skills of Business insight and
Communication and the behaviour of Adds value.
When the auditor reports deficiencies, it should be made clear that:
 The report is not a comprehensive list of deficiencies, but only those that have
come to light during normal audit procedures.
 The report is for the sole use of the company.
 No disclosure should be made to a third party without the written agreement of

the auditor.
 No responsibility is assumed to any other parties.
226
Sales system
8.1 Overview of the sales system
Control objectives Control procedures
Sales system
Order Goods Invoice Sale Cash

received despatched sent recorded received
227
Chapter 8
8.2 Sales system control objectives
Stage Objective: To ensure...
Ordering  Goods are only supplied to customers who pay promptly

and in full.
 All orders are processed.
Despatch  Orders are despatched promptly and in full to the correct

customer.
 All orders are despatched.
Invoicing  All goods despatched are invoiced.
 Invoices are raised accurately.
Recording  Only valid sales are recorded.
 All sales and related receivables are recorded and in the

correct accounts.
 Revenue is recorded in the period to which it relates.
 Sales are recorded accurately and related receivables

are recorded at an appropriate value.
Cash received  Cash received is allocated against the correct customer

and invoices to minimise disputes.
 Overdue debts are followed up on a timely basis.
 Irrecoverable debts identified and written off

appropriately.
228
Question 4
For the ordering, despatch and invoicing stages of the sales cycle,
identify a risk and suggest a control that the company should implement
to reduce the risk.
This question demonstrates knowledge of Assurance, risk and control and

Business acumen.
Solution
Stage Risk Control
Order Orders might get lost Sequential numbering of orders

received and not be fulfilled and a regular sequence check
causing the company performed to ensure the orders
to lose revenue. are complete.
Match orders to GDN and

perform a check for any
unmatched orders.
Goods Goods may be Before despatch, match the

despatched despatched to the goods against the order and
wrong customer, for GDN to ensure no errors.
the wrong quantity or Confirm the customer’s name on
the wrong type of the GDN to the order.
goods.
Invoice The invoice may not Match GDNs to invoices to

sent be raised, or be ensure all goods despatched are
raised for the wrong invoiced.
amount.
Agree the details on the invoice
to the GDN and price list.
For a sample of invoices,

perform a recalculation to check
the accuracy of the calculation.
229
Chapter 8
230
Example 6
Report to management – Sales system
The receivables ledger There is a risk that Additions and

clerk records new customers could be set amendments to master
customer details and up incorrectly resulting file data should be
credit limits in the in a loss of customer restricted so that only
customer master data goodwill and sales supervisors and above
file and these changes revenue. can make changes.
are not reviewed.
This could also An exception report of
The receivables ledger increase the risk of changes made should
clerk is not senior fraud and error in the be generated and
enough to be given accounting records. reviewed by a
access to making responsible official.
changes to master file
data.
231
Chapter 8
Purchase system
9.1 Overview of the purchase system
Purchase system
Order Goods Invoice Purchase

Payment
placed received received recorded
232
9.2 Purchase system control objectives
Ordering  All purchases are made with suppliers who have been
checked for quality, reliability and pricing.
 Purchases are only made for a valid business use.
 Orders are placed taking consideration of delivery lead

times to avoid disruption to the business.
Goods received  Only goods ordered by the company are accepted.
 Goods received are recorded promptly.
Invoice received  Invoices received relate to goods actually received.
 Invoices received relate to the company.
 Invoices received are correct in terms of quantities,

prices, discounts.
Recording  All purchases and related payables are recorded.
 Purchases are recorded accurately and relate payables

are recorded at an appropriate value.
 Purchases are recorded in the period to which they

relate.
 Purchases and payables are recorded in the correct

accounts.
Payment  Payments are only made for goods received.
 Payments are only made once.
 All payments are made on time.
233
Chapter 8
Question 5
For the ordering, goods received and invoicing stages of the purchases
cycle, identify a risk and suggest a control that the company should
implement to reduce the risk.
Solution
Stage Risk Control

Order Orders might be Authorisation of orders by a
placed placed for non- responsible official to ensure
business use or may they are for a valid business use.
be purchased from
Purchases can only be made
unreliable or
from an approved supplier. The
expensive suppliers.
approved supplier list should be
updated regularly.
Goods Goods may be Goods received must be
received received which were checked against an authorised
not ordered by the purchase order to ensure they
company or which match the order, and for
are damaged or condition to ensure they are not
incorrect. damaged on arrival.
Goods may be A sequentially numbered goods
received but not received note must be
recorded. completed by the warehouse
team.
Invoice The invoice may not Match GRNs to invoices to
received be received or may ensure an invoice is received for
be for an incorrect all goods received and confirm
amount. the invoice is for the correct
goods.
For a sample of invoices,
perform a recalculation to check
the accuracy of the calculation.
234
Example 7
Report to management – Purchases system
The finance director Without looking at the The finance director

authorises the total of detail of the payments should review the whole
the bank transfer list, as well as payments list prior to
payment list for supporting authorising.
suppliers. documentation, there is
a risk that suppliers As part of this, the
could be paid an amounts to be paid
incorrect amount, or should be agreed to
that sums are being supporting
paid to fictitious documentation, as well
suppliers. This will as reviewing the
result in misstatement supplier names to
of payables. identify any duplicates
or any unfamiliar
names.
The review should be

evidenced by the
finance director signing
the bank transfer list.
235
Chapter 8
236
Payroll system
10.1 Payroll system overview
Payroll system
Clock cards/Timesheets
Gross/net pay calculated
Standing data amendments
Payments to
Payroll costs
employees and tax
recorded
authorities
237
Chapter 8
10.2 Payroll system control objectives
Clock cards/  Employees are only paid for work actually done.
timesheets
Payroll  Only genuine employees are paid.

calculation
 Employees are paid at the correct rates of pay.
 Gross pay is calculated and recorded accurately.
 Net pay is calculated and recorded accurately.
Standing data  Standing data is kept up to date.

amendments
 Access to standing data is restricted to prevent fraud or
error occurring.
Recording  All payroll amounts are recorded.
 Payroll amounts are recorded accurately.
 Payroll costs are recorded in the period to which they

relate.
Payments to  Correct amounts are paid to the employees and taxation

employees and authorities.
tax authorities
 Payments are made on time.
 Payments are only made to valid employees.
238
Question 6
Identify the risks that could arise in the payroll cycle and suggest a
control that the company should implement to reduce the risk.
Solution
Stage Risk Control
Clockcards Employees could The clocking in and out process
clock in for absent must be supervised by a
friends responsible official to ensure
employees only clock in and out
for themselves.
Payroll Errors may be made A payroll manager should
calculations when calculating pay recalculate a sample of payroll
e.g. wrong salary, amounts to confirm accuracy.
rates, hours worked Rates, salaries and hours
should be agreed to contracts
and timesheets.
Standing Unauthorised Standing data changes should
data changes may be only be made by a responsible
amendments made to standing official.
data such as salary
and bank details A system generated exception
report should be produced
which details changes to
standing data and a payroll
manager should check that any
amendments on the report were
authorised.
239
Chapter 8
Example 8
Report to management – Payroll system
The wages calculations This could result in A senior member of the

are generated by the wages being over or payroll team should
payroll system and under calculated, recalculate the gross to
there are no checks leading to an additional net pay workings for a
performed. payroll cost or loss of sample of employees
employee goodwill and and compare their
If system errors occur misstatement of payroll results to the output
during the payroll costs. from the payroll system.
processing, this would These calculations
not be identified. should be signed as
approved before
payments are made.
240
241
Chapter 8
Inventory system
11.1 Inventory system overview
Inventory system
Goods received Goods despatched
Receipt recorded Despatch recorded
Inventory
movement recorded

Look at Chapter 8 section 10 in your Study Text for examples of the
control objectives, control procedures and tests of control relevant
to inventory.
242
Example 9
Report to management – Inventory system
The inventory count will If the same team are The counting teams
be undertaken by responsible for should be independent
teams of warehouse maintaining and of the warehouse.
staff. checking inventory, Members of alternative
then errors and fraud departments should
There should be a could be hidden undertake the counting
segregation of roles causing loss for the rather than the
between those who company. warehouse staff.
have day-to-day
responsibility for
inventory and those
who are checking it.
243
Chapter 8
Bank and cash system
12.1 Cash system overview
Bank and cash system
Request for
payment
Payment
authorisation
Payment Receipts
Payments and
receipts recorded
244
Example 10
Report to management – Bank and cash system
The reconciliations of This means that when The reconciliations

the tills to the daily exceptions arise, it will should be undertaken
sales readings are be difficult to identify on an individual till by
performed in total for all which till caused the till basis rather than in
tills at each store rather difference. Employees aggregate and any
than for each till. may have undertaken discrepancies noted
fraudulent transactions should be investigated
and cash may be immediately.
misstated.

Look at Chapter 8 section 11 in your Study Text for examples of the
control objectives, control procedures and tests of control relevant
to cash.
245
Chapter 8
Exam focus
The exam will regularly feature a requirement asking for identification

and explanation of control deficiencies from a scenario and
recommendations to overcome the deficiencies identified.
Control deficiencies
Identification of the deficiencies is usually quite straightforward. You should look for
information which indicates:
 Controls are missing e.g. Sales orders are not sequentially numbered.
 Controls are not effective e.g. Bank reconciliations are supposed to be

performed but often don’t get done due to lack of time.
Work with the information provided. Do not assume that because something isn’t
mentioned it isn’t happening.
Explanation of the deficiency requires you to give a business risk or a risk of

misstatement in the accounting records. It is not an explanation if you only say this
should not be done or this should be done. You must explain what the control would
achieve if it was in place and working effectively. The explanation needs to be
sufficiently detailed. If you only explain the deficiency in part you will not earn the
explanation marks.
Recommendations
The recommendation also needs to be sufficiently detailed. Try and recommend

which person within the company should perform the control and how frequently.
Sometimes a control requires more than one element to be effective therefore make
sure you suggest everything that needs to happen to make the control effective.
246
Control deficiency Recommendation
Poor Sales orders are not sequentially Orders should be sequentially

answer numbered. numbered.
Deficiency is not explained. Recommendation is not

Why does it matter if the sales sufficiently detailed. How does
orders are not sequentially the client know the sequence
numbered? is complete?
Better Sales orders are not sequentially Orders should be sequentially

Orders will be difficult to trace A sequence check should be

and orders may not be fulfilled. performed and any breaks in the
sequence investigated and
Deficiency is still not fully resolved.
explained.
What are the consequences to Recommendation is now
the company if it has sufficiently detailed.
unfulfilled orders?
Good Sales orders are not sequentially Orders should be sequentially

Orders will be difficult to trace A sequence check should be

and orders may not be fulfilled. performed and any breaks in the
sequence investigated and
Customers will be dissatisfied if resolved.
orders are not fulfilled resulting
in complaints and loss of future
revenue.
247
Chapter 8
The exam will regularly feature a requirement asking for identification

and explanation of the direct controls from the scenario. It will then
ask for tests of controls the auditor would perform to obtain evidence
that the control is working effectively.
Direct controls
Direct controls are control procedures which are properly designed, in place and
working effectively at addressing the risk of material misstatement at the assertion
level.
Read the scenario and look for mention of controls such as reconciliations being
performed, authorisation of transactions, segregation of duties, restricted access to
valuable items, etc.
A control is an activity performed that is in addition to the normal processing of the

system, to ensure that the system has operated as it should.
Make sure that there is nothing mentioned which would make the control ineffective.
For example, duties may be segregated between two individuals who are related.
This increases the risk of collusion which negates the control.
Tests of controls
A test of control is an audit procedure which will provide evidence as to whether the
control procedure is in place and working effectively.
The focus of a test of control is the control procedure.
Tests of controls are not substantive procedures. Therefore, when testing the control,
the auditor does not need to test the balance which will go into the financial
statements.
248
Direct control Test of control
Poor GDNs are matched to sales Agree the amount recorded on

answer invoices. the sales invoice and GDN to the
sales day book.
There is no explanation of the This is a substantive

control objective. procedure, not a test of
control. The objective of a test
of control is to confirm the
control is in place, i.e. that the
GDNs are matched to the
sales invoices.
Better GDNs are matched to sales Inspect the GDNs and sales
answer invoices. invoices.
This reduces the risk of errors.
The control explanation is too The test of control does not

vague. Reduces the risk of explain the objective of the
errors in what? test. What are we inspecting
the GDNs and invoices for?
Good GDNs are matched to sales Inspect a sample of GDNs and

answer invoices by a finance clerk and related invoices to confirm the
signed to confirm the matching details match and inspect for
has been performed. evidence of the finance clerk’s
signature confirming the
This ensures the customer is matching has been performed.
invoiced for the correct goods
which will reduce the risk of
disputes and ensure sales are
recorded accurately.
249
Chapter 8
250
Question 7
Sales and despatch system
Sales orders are received by telephone. Clerks note down the order details on
a three part pre-printed order form which is not sequentially numbered.
In respect of the sales system, identify and explain ONE deficiency and
provide a recommendation to address the deficiency.

control and Business acumen, the skills of Business insight and
Communication and the behaviour of Adds value.
Solution
Telephone orders are not The three part pre-printed orders

sequentially numbered. forms should be sequentially
numbered and on a regular basis
If orders are misplaced whilst in the despatch department should
transit to the despatch department, run a sequence check of orders
these orders will not be fulfilled. received. Where there are gaps in
the sequence, they should be
This will result in customer investigated to identify any missing
dissatisfaction. orders.
251
Chapter 8
Question 8
Sales and despatch system
Goods are sent to customers accompanied by a despatch note and all

customers are required to sign a copy of this. On return, the signed despatch
notes are given to the warehouse team to file.
In respect of the despatch system, identify and explain ONE DIRECT

CONTROL which the auditor may seek to place reliance on, and describe
a TEST OF CONTROL the auditor should perform to assess if the direct
control is operating effectively.
Solution
All customers are required to sign a Review the file of GDNs filed in the
copy of the despatch note which is warehouse for evidence of the
returned and filed by the warehouse customers’ signatures.
team.
This reduces the risk of disputes

with customers which reduces the
risk of non-payment by customers
or refunds being required.
This reduces the risk of

misstatement of receivables and
provision for refunds.
252
Question 9
Purchasing system
Receipts of goods from suppliers are processed by the warehouse team who
complete a sequentially numbered goods received note (GRN). The GRNs
are sent to the accounts department every two weeks for processing.
In respect of the purchasing system, identify and explain ONE

deficiency and provide a recommendation to address the deficiency.
Solution
Goods received notes (GRNs) are A copy of the GRNs should be sent
sent to the accounts department to the accounts department on a
every two weeks. daily basis.
This could result in delays in The accounts department should

suppliers being paid as the undertake a sequence check of the
purchase invoices could not be GRNs to ensure none are missing
agreed to a GRN and also for processing.
recorded liabilities being
understated.
Additionally, any prompt payment

discounts offered by suppliers may
be missed due to delayed
payments.
253
Chapter 8
Question 10
Purchasing system
Purchase invoices are input daily by the purchase ledger clerk who uses
information processing controls including batch totals and a hash total based
on the supplier number.
In respect of the purchasing system, identify and explain ONE DIRECT

CONTROL which the auditor may seek to place reliance on, and
describe a TEST OF CONTROL the auditor should perform to assess if
the direct control is operating effectively.

control and the skill of Business insight.
Solution
Information processing controls Observe the process of the

are used when inputting purchase purchase ledger clerk entering
invoices. purchase invoices to confirm that
application controls are used.
This reduces the risk of invoices
being entered incorrectly, being Inspect the system generated
entered twice or missed. report confirming the batch and
hash totals for a sample of dates.
This reduces the risk of
misstatement of purchases and
payables.
254
Question 11
Payroll system
Employees are required to clock in and out using an employee swipe card
which identifies the employee number and links to the hours worked report
produced by the computerised payroll system. Employees are paid on an
hourly basis for each hour worked. There is no monitoring/supervision of the
clocking in/out process.
In respect of the payroll system, identify and explain ONE deficiency and
Solution
There is no supervision of the The clocking in and out procedures

clocking in process. should be supervised by a responsible
official to prevent one individual
Employees can clock in multiple clocking in multiple employees.
employees simply by using their
employee swipe cards.
This will result in a substantially

increased payroll cost for the
company.
255
Chapter 8
Question 12
Payroll system
On a quarterly basis, exception reports relating to changes to the payroll

standing data are produced and reviewed by the payroll director.
In respect of the payroll system, identify and explain ONE DIRECT

CONTROL which the auditor may seek to place reliance on, and describe
a TEST OF CONTROL the auditor should perform to assess if the direct
control is operating effectively.
Solution
On a quarterly basis, exception Select a sample of quarterly exception

reports of changes to payroll standing reports and review for evidence of
data are produced and reviewed by review and follow up of any
the payroll director. unexpected changes by the payroll
director.
This ensures that any unauthorised
amendments to standing data are
identified and resolved on a timely
basis.
This reduces the risk of over or

understatement of payroll costs.
256
Question 13
Inventory system
Each inventory counting team is provided with sequentially numbered

inventory sheets which contain product codes and quantities extracted from
the inventory records.
In respect of the inventory system, identify and explain ONE deficiency

and provide a recommendation to address the deficiency.
Solution
The inventory sheets contain The count sheets should be

quantities as per the inventory sequentially numbered and contain
records. product codes and descriptions but no
quantities.
There is a risk that the counting
teams may simply agree with the pre-
printed quantities rather than counting
the balances correctly, resulting in
significant errors in inventory.
257
Chapter 8
Question 14
Inventory
Once each section has been counted, the counters flag the section to indicate
that it has been counted.
In respect of the inventory system, identify and explain ONE DIRECT

Solution
Once counted, the section is flagged Physically confirm that the completed
to indicate that it has been counted. sections of the warehouse have been
flagged to indicate that the goods
This reduces the risk that inventory have been counted.
will be counted twice or not counted
at all therefore reduces the risk of At the end of the count, review any
over or under statement of inventory. sections containing goods which have
not been flagged.
258
Question 15
Cash system
At each store at the end of the day, the tills are closed down by the store
manager who counts the total cash in all five tills and the sum of the credit
card vouchers and these totals are reconciled with the aggregated daily
readings of sales taken from each till.
In respect of the cash system, identify and explain ONE deficiency and
Solution
The reconciliations of the tills to the The reconciliations should be

daily sales readings are performed in undertaken on an individual till by till
total for all five tills at each venue basis rather than in aggregate and
rather than for each till. any discrepancies noted should be
investigated immediately.
This means that when exceptions
arise, it will be difficult to identify
which till caused the difference.
Therefore, employees may require

further till training or may have
undertaken fraudulent transactions.
259
Chapter 8
Question 16
Cash system
The daily sales readings from the tills along with the cash data and credit card
payment data are transferred daily to head office through an interface with the
sales and cash receipts records. A clerk oversees that this transfer has
occurred for all stores.
In respect of the cash system, identify and explain ONE DIRECT

Solution
The daily sales readings from the tills Compare the daily sales readings
along with the cash and credit card from individual stores to the sales and
data are transferred to head office cash receipt records within the
through a daily interface into the general ledger.
sales and cash receipts records.
Review the date on which the sales
This should ensure that sales and and cash receipt records were
cash records are updated on a updated to ensure this occurred
prompt basis and are complete and promptly. Any discrepancies should
accurate. be discussed with the clerk
responsible for overseeing this
process.
260
261
Chapter 8
You should now be able to answer TYU questions 1, 2, 3, 4, 5, 6, 7 and 8 from

the Study Text.
Study Text Chapter 16: TYU 7.
262
Chapter 9
Internal audit
Outcome
 discuss the factors to be taken into account when assessing the need for
internal audit
 discuss the elements of best practice in the structure and operations of internal
audit
 compare and contrast the role of external and internal audit
 discuss the scope of internal audit and the limitations of the internal audit
function
 explain outsourcing and the associated advantages and disadvantages of

outsourcing the internal audit function
 discuss the nature and purpose of internal audit assignments including value for
money, IT, financial, regulatory compliance, fraud investigations and customer
experience
 discuss the nature and purpose of operational internal audit assignments
 describe the format and content of audit review reports and make appropriate
recommendations to management and those charged with governance
263
Chapter 9

264
Internal audit
Overview
Need for Role of

internal internal
audit audit
INTERNAL AUDIT
Difference
between internal Outsourcing
and external audit
265
Chapter 9
Need for internal audit
Internal audit is an independent, objective assurance and consulting

activity designed to add value and improve an organisation’s
operations.
Companies must create a strong system of internal control in order to fulfil their
responsibilities.
Internal audit will evaluate the controls to ensure they are effective.
An internal audit department can be expensive to set up and run therefore the need
for one will depend on:
 Scale and diversity of activities
 Complexity of operations
 Number of employees
 Cost/benefit considerations
 The desire of senior management to have assurance and advice on risk and
control
 Current control environment – history of fraud or control deficiencies
266
Internal audit
Difference between internal and

external auditors
External audit Internal audit
Objective Express an opinion on the Improve the company's

truth and fairness of the operations by reviewing the
financial statements in a efficiency and effectiveness of
written report internal controls
Reporting Reports to shareholders Reports to management and

Availability of Publicly available Not publicly available. Usually

report only seen by management or
Scope of work Verifying the truth and Wide in scope and dependent
fairness of the financial on management's requirements
statements
Appointment and By the shareholders of the By the audit committee or board

removal company of directors
Relationship with Must be independent of May be employees (which limits

company the company independence) or an outsourced
function (which enhances
independence)
267
Chapter 9
268
Internal audit
Role of the internal audit function
3.1 Key activities of the internal audit function
Corporate Effectiveness
governance of controls
Reliability of Prevention
financial and detection
information Activities of fraud
Risk Value for

identification money
Compliance
with laws and
regs
3.2 Additional roles
 Fraud investigations
 IT systems reviews
 Mystery shopper visits
 Contract audits
 Asset verification
 Providing direct assistance to the external auditor
269
Chapter 9
3.3 Qualities of an effective internal audit function
 Sufficiently resourced, both financially and in terms of qualified, experienced

staff
 Well organised
 Independent and objective
 Chief internal auditor appointed by the audit committee
 No operational responsibilities
 Work plan agreed by the audit committee
 No limitation on the scope of their work i.e. full access to every part of the
organisation.
3.4 Limitations of internal audit
 Internal auditors may be employees of the company they are reporting on and
therefore may not wish to raise issues in case they lose their job.
 In smaller organisations in particular, internal audit may be managed by the

finance function. They will therefore have to report on the effectiveness of
financial systems that they form a part of and may be reluctant to say their
department (and manager) has deficiencies.
 If the internal audit staff have worked in the organisation for a long time,
possibly in different departments, there may be a familiarity threat as they will
be auditing the work of long standing colleagues and friends.
270
Internal audit
Question 1
Which TWO of the following should the internal audit team NOT be
involved in?
A Observing procedures carried out by employees of the company
B Reperforming procedures documented in procedures manuals
C Designing and implementing internal control procedures to address

deficiencies
D Reporting findings directly to the board of directors
E Authorising transactions and performing reconciliations

Solution
The correct answers are C and E.
The internal audit team should not be responsible for designing and
implementing internal control procedures such as authorisation and
reconciliations as this will create a self-review threat when they subsequently
test the effectiveness of the controls.
271
Chapter 9
272
Internal audit
Outsourcing the internal audit function
4.1 Advantages of an outsourced internal audit function
 Professional firms follow an ethical code of conduct and should

therefore be independent of the client and their management.
 Professional firms should have qualified, competent staff who

receive regular development and have a broader range of
expertise.
 Overcome a skills shortage as an outsourcing firm will have

specialist skills readily available.
 Professional firms can be employed on a flexible basis, i.e. on an

individual engagement basis rather than full time employment
which may prove more cost effective.
 Costs of employing permanent staff are avoided.
 The risk of staff turnover is passed to the outsourcing firm.
 Professional firms are responsible for their activities and hold

insurance.
 Greater focus on cost and efficiency of the internal audit work as

this will affect profitability.
 Access to new market place technologies without associated

costs, e.g. data analytic tools and audit software.
 Reduced management time in administering an in-house

department.
273
Chapter 9
4.2 Disadvantages of an outsourced internal audit function
 Professional firms lack the intimate knowledge and understanding

of the organisation that employees have.
 Engagements with professional firms are constrained by

contractual terms. Flexibility and availability may not be as high as
with an in-house function.
 Professional fees tend to be high. The decision may be based on

cost with the effectiveness of the function being reduced.
 Possible conflict of interest if provided by the external auditors. In

some jurisdictions (e.g. the UK), the external auditor of a listed
company is prohibited from providing internal audit services for the
same client where the service relates to internal controls over
financial reporting.
 Pressure on the independence of the outsourced function, for

example, if management threaten not to renew contract.
 Lack of control over the standard of service.
274
Internal audit
Internal audit assignments
Value for
money
Financial IA Operational
audit assignments audits
Audit of IT
systems
5.1 Value for money (VFM)
Value for money (VFM) is concerned with obtaining the best possible combination of
services for the least resources. It is often referred to as a review of the three Es:
 Economy – obtaining the best quality of resources for the minimum cost.
 Efficiency – obtaining the maximum departmental/organisational outputs with

the minimum use of resources.
 Economy – achievement of goals and targets.
5.2 Operational audit
An operational audit is a systematic review of the efficiency and effectiveness of

operations within the organisation. The focus of the audit is on the processes which
take place within the organisation to identify if they can be streamlined and
performed more efficiently. The more efficient a process is, the more profitable the
organisation should be.
275
Chapter 9
5.3 Audit of IT systems
In addition to consideration of whether the IT systems provide a reliable basis for the
preparation of financial information, internal audit will also consider whether:
 the company is getting value for money from its IT system.
 the procurement process for the IT system was effective.
 the ongoing management/maintenance of the system is appropriate.
5.4 Financial audit
The main aim of internal financial audits is to ensure that the information produced is
reliable and produced in an efficient and timely manner. If not, executive decisions
may be based on unreliable information.
A financial audit may also ensure mechanisms are in place for the early identification
of financial risk, such as:
 Adverse currency fluctuations
 Adverse interest rate fluctuations
 Cost price inflation.
276
Internal audit
Reporting
The internal audit report does not have a formal reporting structure and will generally
be for internal use only.
A typical report will include:
 Terms of reference – the requirements of the assignment.
 Executive summary – the key risks and recommendations that are described
more fully in the body of the report.
 Body of the report – a detailed description of the work performed and the
results of that work.
 Appendix – containing any additional information that doesn't belong in the

body of the report but which is relevant to the assignment.
277
Chapter 9
Question 2
Which TWO of the following statements are TRUE in respect of an
internal audit function?
A All companies must establish an internal audit function
B An internal audit function forms part of an entity’s internal control function
C Internal auditors must be qualified accountants
D Internal audit reports are publicly available with the audited financial
statements
E If an internal audit department is outsourced, independence is increased

Solution
The correct answers are B and E.
There is no requirement for companies to establish an internal audit function.

For some companies, the cost will outweigh the benefits.
There is no requirement for internal auditors to be qualified accountants,

however, they must be competent to do the work and many will be qualified
accountants.
Internal audit reports are internal documents used by management to monitor

and improve the controls within the company. They are therefore not publicly
available.
Independence is increased if the internal audit function is outsourced as the

internal auditors are not employed by the company they are evaluating and
are therefore more likely to highlight control deficiencies.
278
Internal audit
279
Chapter 9
Text.
Knowledge Check Test: Internal control on MyKaplan.
280
Chapter 10
Procedures
Outcome
 explain the audit objectives and the audit procedures to obtain sufficient
appropriate evidence in relation to:
– Receivables
– Inventory
– Payables and accruals
– Bank and cash
– Tangible and intangible non-current assets
– Non-current liabilities, provisions and contingencies
– Share capital, reserves and directors’ emoluments
– Revenue, purchases, payroll and other expenses
 discuss the problems associated with the audit and review of accounting
estimates
 describe why smaller entities may have different control environments and
describe the types of evidence likely to be available in smaller entities
 apply audit techniques to not-for-profit organisations
281
Chapter 10

282
Procedures
Overview
PROCEDURES
Receivables Statement of profit

or loss
Inventory
Share capital,
Bank and cash reserves and
emoluments
Non-current assets
Estimates
Payables,
provisions,
contingencies
283
Chapter 10
Exam focus
Audit procedures must be designed to respond to the specific risks of

material misstatement identified for each individual client. In the exam,
you should make your answers specific to the scenario.
1.1 How to write audit procedures
An audit procedure should be a clear instruction of how the audit evidence is to be

gathered.
It should contain an ACTION applied to a SOURCE to achieve an OBJECTIVE.
Verb/Action Object/Source Objective
 Inquire  Asset  E.g. financial

statement
 Observe  Document assertions
 Inspect  Entity Note: you need to
 Recalculate  Person state the purpose of
your procedure
 Reperform although you do not
have to use the exact
 Confirm to an external terminology of the
source financial statement
assertions.
In other words, it should describe what needs to be done, how it should be done and
why it should be done.
Tip: Read the procedure back and consider whether a person with no audit
experience will understand it.
284
Procedures
1.2 Examples
Example (i): Audit objective: Test the existence of non-current assets
Good procedure Badly worded procedure
Select a sample of assets from the Check a sample of assets.

non-current asset register and physically
inspect them to verify existence.
Explanation
The good procedure above clearly The badly worded procedure is not
states: sufficiently described:
 from where the sample should be  From which population should the
chosen – non-current asset sample be selected?
register
 How should the auditor ‘check’
 how they should be checked – existence?
physically inspect
 What are the assets being
 the objective of the test – checked for?
existence
285
Chapter 10
Example (ii): Audit objective: Test the accuracy of purchases
For a sample of purchase invoices listed Inspect a sample of invoices for

in the purchase day book (PDB), agree accuracy.
the amount on the invoice to the PDB to
ensure it is recorded accurately.
Explanation
The good procedure above clearly states: The badly worded procedure is not
sufficiently described:
 from where the sample should be
chosen – purchase day book  From which population should the
sample be selected?
 how they should be checked –
agree the amounts in the PDB and  What information on the invoice
invoice should be inspected?
 the objective of the test – accuracy
286
Procedures
Example (iii): Audit objective: Test the completeness of trade payables
Calculate the payables payment period Perform analytical procedures over

and compare with prior year to identify payables.
any unusual variation that could indicate
understatement. Discuss any significant
variation with management.
Explanation
The good procedure above clearly states: The badly worded procedure is not
sufficiently described:
 the type of analytical procedure to
be performed – payables payment  What type of analytical procedure
period should be performed?
 what it should be compared  How should it be performed?
against to make sense of the figure
– prior year ratio
 the objective of the test – to
identify unusual variations that
could indicate misstatement that
need to be discussed with
management
287
Chapter 10
1.3 How to design audit procedures
 Identify the financial statement assertion to be tested.
E.g. to test accuracy of a sale the auditor will need to agree the amount on the sales
invoice matches the amount recorded in the sales day book.
 Identify the sources of evidence available.
E.g. when testing payroll, evidence can come from payslips issued to employees.
The auditor can agree amounts recorded on the payslip to the amounts recorded in
the payroll payment list.
 Identify the types of procedure the auditor can use from ISA 500.
E.g. analytical procedures. When testing receivables, the auditor may calculate the
receivables collection period and compare it with the prior year to identify any
unusual variation.
288
Procedures
Directional testing
2.1 Directional testing
The concept of directional testing derives from the principle of double-entry

bookkeeping, i.e. for every debit there should be a corresponding credit.
Therefore any misstatement of a debit entry will also result in a misstatement of a

credit entry.
The auditor will primarily test debit entries (assets and expenses) for overstatement
and credit entries (liabilities and income) for understatement.
Testing for understatement tests the assertion of completeness and accuracy and
valuation.
Testing for overstatement tests the assertions of accuracy and valuation, existence,
rights and obligations, and occurrence.
2.2 Overstatement
Overstatement will occur if transactions or assets appear in the financial statements

that should not be recorded. For example inclusion of an asset that does not belong
to the company or inclusion a fictitious sale which has not occurred. In these
situations documentation to support the item will not exist.
To test for overstatement the auditor must select a sample of items from the financial
statements and accounting records and trace them through to the source of the
transaction.
Source of the
Financial Accounting
transaction/
statements records/ledger
Asset
289
Chapter 10
2.3 Understatement
Understatement will occur if a transaction occurs or an asset is acquired that is not

recorded in either the accounting records or financial statements.
To test for understatement the auditor must select a sample of items from outside of
the accounting records and trace them through to the accounting records and into the
Source of the
Accounting Financial
transaction/
records/ledger statements
Asset
Example 1
When testing for understatement (completeness) of sales the auditor can
select a sample of goods despatch notes (GDNs) and trace the details through
to the related sales invoice and sales day book. The total of the sales day
book can be agreed to the sales figure in the trial balance and finally into the
financial statements. This procedure provides evidence that the sale has been
recorded.
When testing for overstatement of sales (occurrence) the auditor can agree
the figure for sales in the financial statements to the trial balance and total of
the sales day book. They should then select a sample of sales invoices
recorded in the sales day book and trace the details through to the GDN. This
procedure provides evidence that the sale did occur.
290
Procedures
Bank and cash
3.1 Key assertions
 Existence
 Valuation
3.2 Sources of evidence
 Bank confirmation letter
 Bank reconciliation
 Cash book
 Bank statement
3.3 Key areas to consider
 Obtaining a bank confirmation
 Testing the bank reconciliation
 Reviewing the cash book
291
Chapter 10
Example 2
Bank reconciliation
Balance per bank statement £1067.00
Less unpresented cheques (£323.54)
Add outstanding lodgements £200.76
Differences £0.63
–––––––
Balance per cash book £944.85
–––––––

and Financial information, and the skill of Problem solving and decision
making.
292
Procedures
Question 1
You have been assigned to the audit of bank and cash for Tranquil Co.
Tranquil Co has a number of bank accounts and due to the nature of its
business will hold a significant amount of cash at head office at the year end.
Which of the following audit procedures included in the audit

programme will test for EXISTENCE of bank and cash?
A Agree a sample of accounts detailed on the bank confirmation letters to

the trial balance
B Review all relevant bank statements to verify that the accounts are held
under Tranquil Co
C Attend the cash count at the year end and reperform the count
D Review the disclosure included in the financial statements to verify only

bank accounts per the bank letters are disclosed

Solution
By attending the cash count and reperforming the count the auditor is able to
physically verify the existence of the cash.
Agreeing a sample of accounts detailed on the bank confirmation letters to the

trial balance provides evidence of completeness of bank and cash balances.
Reviewing bank statements to verify that they are in the name of the company
provides evidence of rights and obligations.
Review of disclosures provides evidence relating to presentation.
293
Chapter 10

Now try TYU 1 in Chapter 10 of the Study Text.
Look at Illustration 1 in Chapter 10 of the Study Text for an example

of a bank confirmation request.
294
Procedures
Non-current liabilities
4.1 Key assertions
 Completeness
 Bank confirmation letter
 Loan agreement
 Loan statement
 Cash book
 Bank statement
 Obtaining a bank confirmation
 Reviewing the loan agreement
 Reviewing the financial statement disclosure
295
Chapter 10
4.4 Procedures
Completeness
 Obtain a breakdown of all loans outstanding at the year-end, cast to verify

arithmetical accuracy and agree the total to the financial statements.
 Inspect bank confirmation letters for any loans listed that have not been
included in the financial statements.
Existence and Rights and obligations
 Agree the loan to the bank confirmation letter.
 Inspect the cash book for receipt of new loans during the year and loan
repayments made during the year.
Accuracy and valuation
 Agree the balance outstanding to the bank confirmation letter.
 Inspect the cash book for loan repayments made during the year.
 For the related finance cost in the statement of profit or loss, recalculate the
interest charge and any interest accrual in accordance with terms within the
loan agreement, to ensure mathematical accuracy: accuracy of finance costs in
the statement of profit or loss, completeness of accruals.
Rights and obligations
 Inspect the bank confirmation letter for the name of the client.
 Inspect the cash book for loan repayments made during the year.
Classification and presentation
 Inspect the bank confirmation letter for details of any security over assets and
agree the details to the disclosure in the financial statements.
 Inspect financial statements for disclosures of interest rates, and the split of the
loan between current and non-current.
 Recalculate the split between current and non-current liabilities.
 Inspect the loan agreement for restrictive covenants (terms) and determine the
effect of any loan covenant breaches. [If loan covenants have been breached
the loan may become repayable immediately and should therefore be included
as a current liability].
296
Procedures
Question 2
It is 1 July 20X5. Calm & Co are the external auditors of Peace Co for the year
ended 31 March 20X5. Peace Co has sourced external finance for the first
time during the year. The draft financial statements show non-current liabilities
in relation to loan finance of $1.2m.
Which of the following procedures should be performed to confirm the

loan liability balance at the year end?
1 Review directors’ board minutes for evidence of approval of the external

finance
2 Agree the loan payments recorded in the general ledger to the bank
statement to confirm capital has been repaid
3 Agree the year-end loan liability balance to the bank confirmation letter
4 Compare loan liabilities at the end of the year to balances in the previous
year
A 1 and 2
B 3 and 4 only
C 1, 3 and 4
D 2 and 3
Solution
Tracing loan payments from the general ledger to the bank statement allows
the auditor to confirm how much capital has been repaid and reconcile the
closing balance.
Confirmation of the balance to the bank letter provides 3rd party evidence of
the closing balance.
Reviewing the directors’ board minutes for evidence of approval confirms the
initial loan amount but not the balance at the year end. Comparing the loan
against the prior year balance does not confirm the current year balance is
correct.
297
Chapter 10
298
Procedures
Non-current assets
5.1 Key assertions
 Existence
 Valuation
 Completeness
 Rights and obligations
 Non-current asset register

 Purchase invoice
 Physical assets
 Ownership documents e.g. title deeds, registration documents, insurance policy
 Revaluation report from an independent expert
 Cash book/bank statements
 Depreciation policy and rates
 Capital expenditure budgets/capital replacement plans
 Existing assets
 Additions
 Disposals
 Revaluations
 Depreciation
 Reviewing the financial statement disclosure
299
Chapter 10
Question 3
It is 1 July 20X5. You are an audit supervisor and are conducting the year-end
audit of Silent Co. You are currently undertaking the audit testing in relation to
non-current assets.
Which TWO of the following procedures would provide substantive audit
evidence in respect of the COMPLETENESS assertion for plant and
machinery?
A For a sample of assets held in the factory and warehouse record the
asset identity number as marked on the asset and trace back to the
relevant entry in the non-current asset register
B Review board minutes to confirm that all major items of capital
expenditure are noted and have been authorised
C Trace a sample of costs recognised in the repairs and maintenance
account to invoices and determine the nature of the expenditure and
assess whether any capital items have been expensed
D For a sample of fully depreciated assets, enquire with management to
confirm whether the assets are still being used in the operations of
Silent Co
Solution
The correct answers are A and C.
Tracing from the asset to the non-current asset register provides evidence of
completeness as the total balance for plant and machinery will only be
complete if the assets sampled are recorded in the register. (Tracing from the
register to the physical asset would provide evidence of existence.)
The plant and machinery balance must also include all relevant capital
expenditure. If capital expenditure has been expensed in error, then the
balance will not be complete.
Reviewing board minutes for evidence of authorisation is a test of controls and

therefore does not provide substantive evidence. In addition, the fact that the
capital expenditure has been authorised does not mean that the
corresponding assets have been included in the accounting records.
Enquiry regarding the fully depreciated assets would provide evidence in

relation to valuation.
300
Procedures
301
Chapter 10
Question 4
It is 1 July 20X5. Sleepy Co has a year ended 30 June 20X5. At the end of
June 20X5 the company’s corporate headquarters building was revalued by a
reputable firm of surveyors.
Assuming a reliable valuation is obtained, which of the following

procedures should be performed to obtain sufficient appropriate
substantive evidence about the carrying amount of Sleepy Co’s
corporate headquarters?
1 Review the board minutes to ensure that the decision to revalue the
headquarters was approved by the board.
2 Agree the revalued amount in the valuation statement to the amount
recorded in the non-current asset register.
3 Recalculate the revaluation adjustment and agree that it is correctly
recorded in the revaluation surplus.
4 Confirm with the directors that all other assets in the same class as the
headquarters have been revalued and agree this to the accounting
policy disclosure.
A 2 and 3 only
B 1, 2 and 3
C 2, 3 and 4
D 1 and 4
and control and the behaviour of Professional scepticism.
Solution
The test described in (1) is a test of control (i.e. it provides evidence as to

whether the control of board approval has operated effectively) and therefore
does not provide substantive evidence.
The test described in (4) is a valid procedure but it provides evidence

regarding other assets, not the headquarters as specified in the requirement.
302
Procedures


of a depreciation proof-in-total calculation.
303
Chapter 10
Intangible non-current assets
6.1 Key assertions
 Existence
 Valuation
 Breakdown of expenditure during the year
 Invoices
 Timesheets
 Project plan
 Project test/trial results
 Cash flow forecasts
 Licence agreement
 Third party valuation report (e.g. for brand names and trademarks)
 Amortisation policy and rates
 Capitalisation criteria
 Supporting documentation for costs incurred
 Amortisation
304
Procedures
6.4 Procedures for development costs
Completeness
 Obtain a breakdown of costs capitalised, cast for mathematical accuracy and

agree to the amount included in the financial statements.
Existence
 For a sample of costs on the breakdown, agree to invoices or timesheets.
 Inspect board minutes for any discussions relating to the intended sale or use of
the asset once development is complete.
 Discuss the details of the project with management, to evaluate compliance with
IAS 38 Intangible Assets criteria.
 Inspect cash flow forecasts to confirm the company intends, and has the
money, to complete the development.
 Inspect project plans and other documentation, to evaluate compliance with IAS
38 criteria.
Valuation
 For a sample of costs on the breakdown, agree to invoices or timesheets.
 Inspect the budgets/forecasts for the next few years to ascertain the period over
which economic benefits are expected to be generated and compare with the
amortisation period.
 Recalculate the amortisation charge to verify arithmetical accuracy.
 Review board minutes/press reports/management accounts for signs of

impairment and discuss the need for write-off with management.
Presentation
 Review the financial statement disclosure in the draft financial statements to

ensure compliance with IAS 38: presentation.
305
Chapter 10
6.5 Procedures for other intangible assets
 Inspect purchase documentation for purchased intangible assets to confirm cost

and name of the client.
 For intangibles such as licences, inspect the licence agreement to confirm the
amortisation period corresponds to the licence period.
 Inspect specialist valuation report and agree to the amount included in the
general ledger and the financial statements.
 Inspect the financial statement disclosure in the draft financial statements to

ensure compliance with IAS 38.
306
Procedures
Inventory
7.1 Key assertions
 Existence
 Valuation
 Completeness
 Aged inventory listing

 Inventory
 Inventory count sheets
 Purchase invoices
 Goods received notes
 Sales invoices
 Goods despatch notes
 Client calculations of overhead allocation, absorption and apportionment,
percentage of completion
 Inventory count
 Valuation rules
 Obsolescence
 Year-end cut-off issues
 Multiple locations
 Work in progress
307
Chapter 10
7.4 Third party inventory
Some companies will not have space to store all of their inventory and may use a
third party storage facility.
The client may store its own goods at a third party site or may provide a storage
facility for third parties and hold inventory on their behalf.
Inventory stored at a third party site
The inventory held at the third party still needs to be counted and included in the
client’s inventory records.
The auditor will need to obtain sufficient appropriate audit evidence that the inventory
actually exists and belongs to the client.
Procedures include:
 Visit the third party site to verify existence of the inventory if material.
 Obtain external confirmation from the third party of the quantity and condition of
the inventory to confirm rights and valuation.
 Obtain a report from the third party’s auditors confirming the reliability of the
internal controls at the third party.
Inventory held on behalf of third parties
Some companies will not have space to store all of their inventory and may use a
third party storage facility.
This inventory does not belong to the client and should not be included in their
records.
During the client’s inventory count, inventory belonging to third parties should be
removed from the counting area to ensure it is not included.
308
Procedures
7.5 Standard costs
Standard costs are often used by manufacturing companies where it would be too
time-consuming to collect actual cost information for each individual unit produced.
The company establishes an expected cost of producing one item based on a normal
level of activity. This is used to value the inventory.
Any difference between actual cost and standard cost is taken to a variance account
in the statement of profit or loss. A large variance on the variance account would
indicate that the standard costs are not a close approximation of the actual costs and
therefore the inventory valuation will not be reliable.
Standard costs are more likely to be reliable if they are updated on a regular basis.
How frequently the standard costs should be updated will depend on how often the
cost of components used in the manufacturing process changes.
 Obtain the breakdown of the standard cost calculation and agree a sample of
costs to invoices.
 Enquire of management the basis for the standard costs and how often they are
updated to reflect current costs.
 Inspect the variance account and assess the level of variance for
reasonableness. Discuss with management any significant variances arising.
309
Chapter 10
7.6 Perpetual/continuous inventory counts
A continuous or perpetual inventory system is one which keeps a real time track of
inventory. As a sale is made, the inventory system is updated to reflect the reduction
in quantity. As goods are received, the system is updated to reflect the increase in
quantity. This enables the business to know its inventory balance at any point in time.
Over time, the inventory levels stated in the perpetual inventory system may
gradually diverge from actual inventory levels, due to unrecorded transactions or
theft, so periodically, a count should be performed to compare system balances to
actual quantities and the system can be updated accordingly.
Where the client uses a continuous inventory system, lines of inventory are counted
periodically (say monthly) throughout the year so that by the end of the year all lines
have been counted.
Where the client uses this type of system the auditor should:
 Attend at least one count to ensure that adequate controls are applied during
the counts (in the same way as for a year-end count).
 Inspect the number and value of adjustments made as a result of the count. If
significant adjustments are required each month, this would indicate that the
system figures for inventory cannot be relied on at the year-end and a full count
will be required.
If the system balance for inventory is deemed reliable as a result of these

procedures, further procedures to verify cut-off, valuation and rights will still be
required:
 Inspect purchase invoices to verify cost.
 Inspect post year-end sales invoices to verify NRV.
 Compare inventory holding period with prior year to identify any old or obsolete
inventory.
 Inspect purchase invoices for the name of the client to confirm rights and
obligations.
 Inspect GRNs and GDNs around the year-end to confirm correct cut-off.
310
Procedures
Advantages of perpetual counts
 Reduces time constraints for the auditor, and enables them to attend counts
relating to lines at greater risk of material misstatement.
 Slow-moving and damaged inventory is identified and adjusted for in the client's
records on a continuous basis meaning the year-end valuation should therefore
be more accurate.
Disadvantages of perpetual counts
 The auditor will need to obtain sufficient appropriate evidence that the system
operates effectively at all times, not just at the time of the count.
 Additional procedures will be necessary to ensure that the amount included for
inventory in the financial statements is appropriate, particularly with regard to
cut-off and year-end allowances.
311
Chapter 10
Question 5
Describe substantive procedures the auditor should perform to obtain
sufficient and appropriate audit evidence in relation to the VALUATION
of work in progress (WIP) and finished goods.

control, the skill of Problem solving and decision making, and the behaviours
of Professional scepticism and Flexibility.
Solution
 Obtain the breakdown of WIP and agree a sample of WIP assessed

during the inventory count to the WIP schedule, agreeing the percentage
completion to that recorded at the inventory count.
 For a sample of WIP and finished goods, obtain the relevant cost sheets
and agree raw material costs to recent purchase invoices, labour costs to
time sheets or payroll records and confirm overheads allocated are of a
production related nature.
 Discuss the basis of WIP valuation with management and assess its
reasonableness.
 Select a sample of items included in WIP at the year end and ascertain
the final unit cost price by verifying costs to be incurred to completion to
relevant supporting documentation. Compare to the unit sales price
included in sales invoices post year-end to assess NRV.
 Examine post year-end credit notes to determine whether there have

been returns which could signify that a write down is required.
 Select a sample of year-end finished goods and compare cost with post
year-end sales invoices to ascertain if net realisable value (NRV) is
above cost or if an adjustment is required.
 Review aged inventory reports and identify any slow moving goods,
discuss with management why these items have not been written down
or if an allowance is required.
 Calculate the inventory holding period and compare against the prior
year to identify whether inventory is turning over more slowly. Discuss
any significant differences with management and consider the need for
an allowance.
312
Procedures
313
Chapter 10
Receivables
8.1 Key assertions
 Existence
 Valuation
 Aged receivables listing
 Sales invoices
 Goods despatch notes
 Receivables confirmation letter
 Recoverability of debts
 External confirmation of balances
 Credit balances on the receivables ledger
 Returns/credit notes issued post year-end
 Policy for allowance for credit losses
 Prepayments
314
Procedures
8.4 External confirmation of receivables balances
The auditor will send a circularisation letter to a sample of customers asking them to
confirm the balance owed to the client at the year end.
This is considered to be a reliable source of evidence because it is documentary

evidence sent directly to the auditor from an external source. Circularisation letters
can be positive or negative.
A positive receivables circularisation requires customers to respond to the

auditor’s request for information.
The auditor can include the balance per the client’s ledger and ask the customer to
reply stating whether or not the balance is correct. This is only suitable if the risk of
material misstatement is low as the customer may confirm an incorrect balance if it is
in their favour.
Alternatively the auditor can ask the customer to respond by stating the balance they
believe they owe the client but the auditor does not provide the balance per the
client’s ledger to the customer.
A negative receivables circularisation requests customers to respond only if they

disagree with the balance provided by the auditor.
This is only suitable if the risk of material misstatement is low as the customer may
confirm an incorrect balance if it is in their favour or may not respond and the auditor
may interpret this as agreement of the balance when in fact the customer has not
checked the information.
315
Chapter 10
Steps in undertaking a positive receivables circularisation
 Obtain consent from the client to perform the circularisation.
 Obtain a list of trade receivables at the year end, cast this and agree it to the
receivables ledger control account total.
 Select a sample from the receivables list ensuring that a number of nil, old,
credit and large balances are selected.
 Circularisation letters should be prepared on the client’s letterhead paper,

requesting a confirmation of the year-end receivables balance, and for replies to
be sent directly to the auditor’s office using a pre-paid envelope.
 An appropriate member of client staff, such as the finance director, should be

requested to sign all the letters prior to them being sent out by a member of the
audit team.
 Where no response is received, follow this up with another letter or a phone call
and where necessary alternative procedures should be performed such as after
date cash testing and inspection of sales invoices and GDNs relating to the
receivable.
 When replies are received, they should be reconciled to the client’s receivables
records, and any differences such as cash or goods in transit should be
investigated further.
316
Procedures
Question 6
Describe substantive procedures the auditor should perform to obtain
sufficient and appropriate audit evidence in relation to the EXISTENCE
of receivables.

control, the skill of Problem solving and decision making, and the behaviours
of Professional scepticism and Flexibility.
Solution
 Select a sample of customers and request confirmation of balances

owed to the client at the year-end date.
 Select a sample of invoices included in the receivables ledger at the

year-end and trace them to a copy of the invoice, the related GDN and
the customer order.
 Review post year-end receipts from customers.


of a receivables confirmation letter.
317
Chapter 10
318
Procedures
Payables and accruals
9.1 Key assertions
 Completeness
 Aged payables listing
 Goods received notes
 Supplier statements
 Supplier circularisations
 Completeness
 Supplier statement reconciliations
 Debit balances on the payables ledger
 Accruals
319
Chapter 10
9.4 Procedures
Completeness
 Obtain a list of trade payables and accruals, cast to verify arithmetical accuracy
and agree to the general ledger and the financial statements.
 Reconcile the total of the individual payables accounts with the control account.
 Obtain supplier statements and reconcile these to the payables balances.

Investigate any reconciling items. Note: Supplier statement reconciliations
provide the most reliable evidence in respect of payables as they provide
external confirmation of the balance.
 If supplier statements are not available, select a sample of payable balances

and perform a trade payables circularisation, follow up any non-replies and any
reconciling items between balance confirmed and trade payables balance.
 Inspect after date payments, if they relate to the current year then follow
through to the payables ledger or accrual listing.
 Inspect invoices received after the year-end to ensure no further items need to
be accrued.
 Enquire of management their process for identifying goods received but not
invoiced and ensure that it is reasonable.
 Select a sample of goods received notes immediately before the year-end and
follow through to inclusion in the year-end payables balance. Note: also tests
cut-off of purchases.
 Compare the list of trade payables and accruals against the prior year list to
identify any significant omissions and discuss with management. (Analytical
procedure)
 Calculate the trade payables payment period and compare to prior year,
investigate any significant differences. (Analytical procedure)
Classification
 Inspect the payables ledger for any debit balances, for any significant amounts
discuss with management and consider reclassification as current assets.
320
Procedures
Valuation
 Recalculate a sample of accrued costs by reference to contracts and payment

schedules (e.g. loan interest). Note: also tests accuracy of purchases and other
expenses.
 Inspect invoices received post year-end to confirm the value of the liability and
assess whether the accrual is reasonable.
 Compare the list of trade payables and accruals against the prior year list to
identify any significant fluctuations and discuss with management. (Analytical
procedure)
321
Chapter 10
Provisions and contingencies
IAS 37 Provisions, Contingent Liabilities and Contingent Assets

requires an entity to recognise a provision if: a present obligation has
arisen as a result of a past event; payment is probable ('more likely than
not'); and the amount can be estimated reliably. If payment is only
possible, a contingent liability must be disclosed in the notes to the
A contingent asset can only be recognised if it is virtually certain to be

received. If it is probable that an inflow of economic benefits will result,
a disclosure should be made in the financial statements. If it is only
possible, it should be ignored.
10.1 Key assertions
 Completeness
 Board minutes
 Enquiry with management
 Written representation
 Existence of obligation at year-end
 Probability of payment
 Basis of provision
 Scope for manipulation
 Certainty of receipt for contingent assets
322
Procedures
Types of provision
 Legal provision
 Redundancy provision
 Warranty provision (assurance type)
Types of contingent asset
 Amounts due to be received from an insurance claim
 Amounts due to be received in respect of a legal claim
 Amounts due to be received from a liquidator in respect of an investment or

bankrupt receivable
10.4 Provisions and contingent liabilities procedures
 Obtain a breakdown of the provisions, cast it and agree the figure to the
financial statements: completeness, accuracy and presentation.
 Recalculate the liability and agree components of the calculation to supporting

documentation: completeness.
 Enquire with the directors or inspect relevant supporting documentation to

confirm that a present obligation exists at the year-end: rights and obligations.
 Inspect relevant board minutes to ascertain whether payment is probable:

existence.
 Inspect post year-end bank statements to identify whether any payments have
been made, compare actual payments to the amounts provided to assess
whether the provision is reasonable: valuation.
 Review the financial statement disclosure of the provisions and contingent

liabilities to ensure compliance with IAS 37: presentation.
 Obtain a written representation from management that they believe the

provisions and contingent liabilities are treated appropriately in the financial
statements, are valued appropriately and are complete: valuation and
completeness.
323
Chapter 10
10.5 Contingent assets procedures
 Review correspondence from third parties (lawyer, insurance company,

insolvency practitioner) regarding the value likely to be received and probability
of payment. Agree the figure into the disclosure note relating to the contingent
asset: existence, accuracy and valuation and presentation.
 Review correspondence from third parties (court, insurance company,

insolvency practitioner) confirming the amount awarded to the client. Agree the
figure to other receivables and other income within the financial statements:
accuracy and valuation, existence, rights and obligations, and presentation.
 Review post year end bank statements and cash book to confirm the amount
received: accuracy and valuation, existence, rights and obligations, and
presentation.

of procedures to be performed in relation to a warranty provision
and a legal provision.
324
Procedures
Question 7
You are an audit supervisor and are conducting the year-end audit of
Hush Co. The finance director has informed you that the company is closing
one of its offices and as a result, a number of employees will be made
redundant. A redundancy provision of $100,000 is included in the draft
Which of the following procedures would provide substantive audit

evidence in respect of the redundancy provision?
1 Review board minutes to ensure that the decision was made before the
year end and to confirm that payment of redundancy amounts is
probable.
2 Recalculate the redundancy provision and agree components of the
calculation to supporting documentation such as employee contracts.
3 Compare the provision with the prior year and discuss unusual
fluctuations with management.
4 Review the post year-end cash book to identify whether any redundancy
payments have been made, and if so, compare actual payments to the
provision.
A 2 and 3 only
B 1, 2 and 4
C 2, 3 and 4
D 1 and 4 only
Solution
The test described in (3) is not valid as a redundancy provision is not a

balance expected to be in the financial statements every year. The closure of
the office is not a recurring event therefore there would not have been an
equivalent provision last year.
325
Chapter 10
326
Procedures
Accounting estimates
Accounting estimates are inherently risky because they are about the
future, are often not supported by documentary evidence and therefore
accuracy may not be able to be verified.
There are many accounting estimates in the financial statements,

e.g. allowances for receivables, depreciation of property, plant and
equipment, provisions, etc.
Inherent risk is increased because management judgment is needed to determine

accounting estimates. As a result, estimates may be used to manipulate the financial
statements and show a desired result.
Professional scepticism is essential for the auditor to ensure the accounting

estimates are reasonable and are not being used to introduce bias into the financial
statements.
11.1 Key assertions
 Completeness
 Accuracy/valuation
 Cut-off
 Board minutes
 Enquiry with management
 Written representation
 Basis of estimate
 Scope for manipulation
327
Chapter 10
11.4 Procedures
 Obtain an understanding of how management identifies those transactions,

events or conditions that give rise to the need for an estimate.
 Enquire of management how the accounting estimate is made and the data on
which it is based.
 Determine whether events occurring up to the date of the auditor’s report (after
the reporting period) provide audit evidence regarding the accounting estimate.
 Review the method of measurement used and assess the reasonableness of

assumptions made.
 Test the operating effectiveness of the controls over how management made
the accounting estimate.
 Develop an expectation of the possible estimate (point estimate) or a range of

amounts to evaluate management’s estimate.
 Review the judgments and decisions made by management in the making of

accounting estimates to identify whether there are any indicators of
management bias.
 Evaluate overall whether the accounting estimates in the financial statements

are either reasonable or misstated.
 Obtain sufficient appropriate audit evidence about whether the disclosures in

the financial statements related to accounting estimates and estimation
uncertainty (e.g. contingent liabilities) are reasonable.
 Obtain written representations from management and, where appropriate, those

charged with governance whether they believe significant assumptions used in
making accounting estimates are reasonable.
328
Procedures
Share capital, reserves and directors’

emoluments
12.1 Share capital
 Agree authorised share capital and nominal value disclosures to underlying

shareholding agreements/statutory constitution documents.
 Inspect cash book for evidence of cash receipts from share issues and ensure
amounts not yet received are correctly disclosed as share capital called-up not
paid in the financial statements.
 Inspect board minutes to verify the amount of share capital issued during the
year.
 For a bonus issue, recalculate the amount of share capital issued and agree to
the journal entry.
12.2 Dividends
 Inspect board minutes to agree dividends declared before the year-end.

 Inspect bank statements to agree dividends paid before the year-end.
 Inspect dividend warrants to agree dividend payment.
12.3 Reserves
 Agree opening reserves to prior year closing reserves and reconcile

movements.
 Agree movements in reserves to supporting documentation (e.g. revaluation
reserve movements to the independent valuation report).
329
Chapter 10
12.4 Directors’ emoluments
 Obtain and cast a schedule of director's remuneration split between wages,

bonuses, benefits, pension contributions and other remuneration, and agree to
the financial statement disclosures.
 Inspect payroll records and agree the figures disclosed for wages, bonuses, and
pension contributions.
 Inspect bank statements to verify the amounts actually paid to directors.
 Inspect board minutes for discussion and approval of directors' bonus

announcements or other additional remuneration.
 Obtain a written representation from directors that they have disclosed director's
remuneration to the auditor.
330
Procedures
Statement of profit or loss
13.1 Payroll
Accuracy
 Recalculate the gross and net pay for a sample of employees and agree to the
payroll records.
 Recalculate the statutory deductions to confirm whether correct deductions for

this year have been made in the payroll.
 Agree the individual wages and salaries per the payroll listing to personnel
records and records of hours worked per clocking in cards.
 Select a sample of joiners and leavers, agree their start/leaving date to

supporting documentation, recalculate that their first/last pay packet was
accurately calculated.
 Agree the year-end tax liabilities to the payroll records and subsequent payment
to the post year-end cash book.
 Review monthly payroll charges, compare this to the prior year and budgets and
discuss with management for any significant variances.
 Perform a proof in total of total wages and salaries incorporating joiners and
leavers and the pay increase. Compare this to the actual wages and salaries in
the financial statements and investigate any significant differences.
331
Chapter 10
Completeness
 Agree the total wages and salaries expense per the payroll system to the trial
balance, investigate any differences.
 Agree the total net pay per the payroll records to the bank transfer listing of
payments and to the cashbook.
 Select a sample of joiners and agree their start/leaving date to supporting

documentation and confirm that new joiners are included in payroll from the
correct month.
 Select a sample of weekly overtime sheets and trace to overtime payment in

payroll records to confirm completeness of overtime paid.
 Compare the payroll figure for this year to last year to identify any unusual
fluctuations and discuss them with management.
 Perform a proof in total of total wages and salaries incorporating joiners and
leavers and the pay increase. Compare this to the actual wages and salaries in
the financial statements and investigate any significant differences.

Look at Chapter 10 Section 11 of the Study Text for more examples
of audit procedures over payroll and Illustration 5 for an example of
a payroll proof-in-total calculation.
332
Procedures
13.2 Revenue
Cut-off
 Inspect a sample of GDNs before and after the year-end and ensure they have
been recorded in the correct period.
Accuracy
 For a sample of sales invoices included in the sales day book, agree the
amounts to the sales invoices and company price list.
 Recalculate discounts and sales tax applied for a sample of large sales
invoices.
Completeness
 Select a sample of customer orders and agree these to the despatch notes and
sales invoices through to inclusion in the sales day book.
 Compare revenue against prior year and budget and investigate any significant
fluctuations.
 Calculate the gross profit margin and compare to prior year. Investigate any
significant fluctuations.
Occurrence
 Trace a sample of GDNs to the related sales invoice and into the sales day
book to ensure the sale is genuine.
 Inspect credit notes issued after the year-end, trace to GDN and invoice and
ensure the sale has been reversed.
333
Chapter 10
13.3 Purchases and other expenses
Cut-off
 Inspect GRNs before and after the year-end and ensure they have been
recorded in the correct period.
Accuracy
 For a sample of purchase invoices included in the purchases day book, agree
the amounts to the purchase invoices.
 Recalculate discounts and sales tax applied for a sample of large purchase
invoices.
Completeness
 Select a sample of purchase orders and agree these to the GRNs and purchase
invoices through to inclusion in the purchases day book.
 Compare expenses for each category year on year and investigate any
 Compare expenses against budget and investigate any significant fluctuations.
 Calculate the gross profit margin and compare with prior year. Discuss any
significant movement with management.
 Calculate the operating profit margin and compare with prior year. Investigate
any significant fluctuations.
Occurrence
 Trace a sample of GRNs to the related purchase invoice and into the purchases
day book to ensure the purchase is genuine.
 Inspect credit notes received after the year-end, trace to GRN and invoice and
ensure the purchase has been reversed.
 Inspect purchase invoices for the name of the client to ensure the purchases
pertain to the entity.
334
Procedures
335
Chapter 10
You should now be able to answer TYU questions 6, 7, 8, 9, 10 and 11 from the
Study Text.
Knowledge Check Test: Audit Evidence on MyKaplan.
Study Text Chapter 16: TYUs 8, 9, 10, 11, and 12.
336
Chapter 11
Completion and review
Outcome
 explain the purpose of a subsequent events review
 explain the responsibilities of auditors regarding subsequent events
 discuss the procedures to be undertaken in performing a subsequent events

review
 define and discuss the significance of the concept of going concern
 explain the importance of and the need forgoing concern reviews
 explain the respective responsibilities of auditors and management regarding

going concern
 identify and explain potential indicators that an entity is not a going concern
 discuss the procedures to be applied in performing going concern reviews
 discuss the disclosure requirements in relation to going concern issues
 discuss the reporting implications of the findings of going concern reviews
 explain the purpose of and procedure for obtaining written representations
 discuss the quality and reliability of written representations as audit evidence
 discuss the circumstances where written representations are necessary and the
matters on which representations are commonly obtained
337
Chapter 11
 discuss the importance of the overall review in ensuring that sufficient,

appropriate evidence has been obtained
 describe procedures an auditor should perform in conducting their overall

review of financial statements
 explain the significance of uncorrected misstatements
 evaluate the effect of dealing with uncorrected misstatements
One of the PER performance objectives (PO20) is to review and

report on the findings of an audit. You complete an audit,
preparing the formal documentation and reporting any control
deficiencies to management. You report back to managers in a
formal audit report. Working through this chapter should help you
understand how to demonstrate that objective.
338
Overview
Written Evaluation of
representations misstatements
COMPLETION AND
REVIEW
Subsequent
Going concern Overall review
events
339
Chapter 11
Subsequent events
ISA 560 Subsequent Events requires the auditor to obtain sufficient

appropriate evidence that subsequent events occurring between the
date of the financial statements and the date of the auditor's report have
been appropriately accounted for in accordance with IAS 10 Events
After the Reporting Period.
1.1 Adjusting and non-adjusting events
Adjusting events Non-adjusting events
Provide additional evidence about Provide evidence about conditions

conditions existing at the statement of arising after the statement of financial
financial position date. position date.
 Trade receivables become  Fire destroys inventory after the

irrecoverable debts year-end
 Inventory held at year-end is sold  Injury resulting in legal action

for less than cost after year-end occurs after year-end
 Estimate for a provision is revised  Takeover
Adjusting events must be adjusted in Non-adjusting events must be disclosed

the financial statements i.e. a DR and in the notes to the financial statements if
CR posted to correct the figure. material.
If a non-adjusting event impacts the going concern assumption, the event becomes
an adjusting event as the going concern basis of preparation may no longer be
appropriate.
340
1.2 Auditor responsibilities
Auditor’s Financial
Year-end
report statements
date
signed issued
Active duty Passive duty

Perform procedures to No obligation to perform
ensure subsequent events procedures but must take
have been accounted for action if they become aware
appropriately of events which would cause
a modified opinion
Between the date of the financial statements and the date of the auditor’s
report
 The auditor must perform audit procedures to ensure the client has complied
with the correct accounting treatment.
 If material adjusting events are not adjusted for, or material non-adjusting

events are not disclosed, the auditor will ask management to make the
necessary amendments to the financial statements.
 A written representation from management should be obtained stating that all

events requiring adjustment or disclosure have been adjusted or disclosed.
 If management refuse to amend the financial statements and the matter is

material, the audit opinion should be modified with either a qualified or adverse
opinion depending on whether the matter is material or material and pervasive.
341
Chapter 11
Audit procedures
 Enquiring of directors if they are aware of any subsequent events that require
adjustment in the financial statements.
 Enquiring into management's procedures for the identification of subsequent

events.
 Inspecting minutes of members’ and directors’ meetings.
 Reviewing accounting records including budgets, forecasts and interim

information.
 Obtaining written representation from management that all subsequent events

have been considered in the preparation of the financial statements.
 Inspecting correspondence with legal advisors.
 Enquiring of the progress with regards to reported provisions and contingencies.
 Inspecting after date receipts from receivables.
 Inspecting the cash book after the year-end for payments/receipts that were not
accrued for at the year-end.
 Inspecting the sales price of inventories after the year-end.
Example 1
Before the auditor’s report is signed
You are auditing Yangtze Co. The year-end is 31 December 20X5. The
auditor’s report is due to be signed next week. During a review of the board
minutes for the latest board meeting held two weeks ago you discover that a
customer has filed a legal claim against the company in respect of an accident
which occurred on the client’s premises during December 20X5. The
company’s lawyers believe the claim is likely to succeed. The claim is material
to the financial statements.
This is an adjusting event. The auditor must ask management to adjust the
financial statements to recognise a provision for the estimated compensation.
If management refuse, the auditor will issue a modified opinion.
342
After the auditor's report has been signed
 The auditor is under no obligation to perform audit procedures after the auditor's
report has been issued, however, if they become aware of a fact which would
cause them to issue a modified opinion, they must take action.
 The auditor should discuss the matter with management and consider if the
financial statements require amendment.
 Request management to make the necessary amendments.
 Perform audit procedures on those amendments.
 Issue a new auditor's report.
 If management does not amend the financial statements and the auditor's
report has not yet been issued to the client, the auditor can still modify the
opinion.
 If the auditor's report has been provided to the client, the auditor shall notify
management and those charged with governance not to issue the financial
statements before the amendments are made.
 If the client issues the financial statements despite being requested not to by
the auditor, the auditor shall take action to prevent reliance on the auditor’s
report.
After the financial statements are issued
 If the directors recall the financial statements and make amendments, the
auditor should perform audit procedures on the amendments to ensure they
have been put through correctly.
 The auditor will issue a new auditor's report including an emphasis of matter
paragraph to draw attention to the fact that the financial statements and
auditor's report have been reissued.
343
Chapter 11
Example 2
After the auditor’s report has been signed
Nile Co’s year-end is 31 December 20X5. The auditor’s report was signed last
week and issued to the client. The finance director has called you to inform
you that a customer has filed a legal claim against the company in respect of
an accident which occurred on the client’s premises during December 20X5.
The company’s lawyers believe the claim is likely to succeed. The claim is
material.
This is an adjusting event. The auditor must ask management to adjust the
financial statements to recognise a provision for the estimated compensation.
If management refuse, the auditor should ask management and those

charged with governance not to issue the financial statements until the
amendments have been made.
If the client refuses to make the amendments, the auditor should take action
to prevent reliance on the auditor’s report.
If the financial statements have already been issued to the shareholders, the
auditor must ask management to recall the financial statements and amend
them to recognise a provision for the estimated compensation. Management
must take action to inform anyone who has a copy of the issued financial
statements of the misstatement.
If the financial statements are recalled and amended, the auditor should issue
a new auditor’s report including an emphasis of matter paragraph.
If the client refuses to make the amendments, the auditor should take action
to prevent reliance on the auditor’s report.

and Legislation, the skill of Problem solving and decision making, and
the behaviours of Professional scepticism and Flexibility.
344
Question 1
Which of the following statements correctly describes the auditor's
responsibility in relation to subsequent events occurring between the
date on which the auditor's report is signed and the date on which the
financial statements are issued?
A The auditor should obtain sufficient and appropriate audit evidence and
design audit procedures to ensure that all subsequent events are
identified
B The auditor should obtain a list of subsequent events from the client and
include these in the written representation letter
C The auditor has no duty to perform any procedures after the date on
which the auditor's report is signed and therefore any subsequent events
in this period will be dealt with in next year's audit
D The auditor should discuss any subsequent events they become aware
of with the directors of the client to determine whether the financial
statements need amended
Solution
While the auditor is not required to perform specific procedures after the
signing of the auditor’s report, if information comes to light between the
signing of the auditor’s report and the date the financial statements are
issued, the auditor is required to discuss the matter with management and
determine whether the financial statements should be amended.
Option A sets out the auditor’s responsibilities in the period between the year
end and the date the auditor’s report is signed.
The auditor is required to obtain written representations in respect of

subsequent events but this would have been obtained prior to the auditor’s
report being signed. Therefore, B is not a valid response.
While the statement in C correctly identifies that the auditor has no duty to
perform subsequent events procedures after the auditor’s report is signed, it is
not always the case that events in this period will be dealt with next year as in
certain circumstances the current year financial statements may be amended.
345
Chapter 11
346
Question 2
It is 1 July 20X5. You are the audit manager responsible for the audit of
Yarra Co which has a year ended 31 March 20X5. On 6 April 20X5 it was
discovered that inventory with a value of $100,000 which was manufactured in
March was defective. The defective goods have no resale value and must be
scrapped. The financial statements have not been amended in respect of this
issue. The draft financial statements show total assets of $1 million.
Required:
Discuss whether the financial statements require amendment in order to

avoid a modified audit opinion.
Solution
The discovery of the defects after the year end is an adjusting event as the
inventory was manufactured before the year end and therefore the defects are
a condition in existence at the year end.
The financial statements should be adjusted as the inventory needs to be

written off as it has no resale value.
The value of the inventory requiring write-down is $100,000 which represents

10% of total assets which is material.
If the inventory is not written off, the financial statements will be materially
misstated and a modified opinion will be required.
The financial statements require amendment to avoid a modified opinion.
347
Chapter 11
Question 3
It is 1 July 20X5. You are the audit manager responsible for the audit of Spree
Co which has a year ended 31 March 20X5. On 6 April 20X5 it was
discovered that a customer owing a balance of $1,000 at 31 March 20X5 had
been declared bankrupt. The financial statements have not been amended in
respect of this issue. The draft financial statements show total assets of
$1 million.
Required:
Discuss whether the financial statements require amendment in order to

avoid a modified audit opinion.

control and Legislation, the skill of Problem solving and decision making, and
Solution
The bankruptcy of a customer so close to the year end is an adjusting event

as the condition causing the financial difficulties would have been in existence
at the year end and therefore the receivable is an irrecoverable debt.
The financial statements should be adjusted as the irrecoverable debt needs

to be written off.
The value of the irrecoverable debt is $1,000 which represents 0.1% of total
assets which is not material.
If the debt is not written off, the financial statements will not be materially
misstated and an unmodified opinion will be required.
The financial statements do not require amendment to avoid a modified

opinion.
348
349
Chapter 11
Going concern
ISA 570 Going Concern provides the following guidance.
2.1 Going concern concept
Going concern is the assumption that the entity will continue in

business for the foreseeable future. The foreseeable future is a
minimum of twelve months from the date of the financial statements.
 Financial statements are prepared on the basis that the reporting entity is a
going concern.
 A company should prepare its financial statements on a going concern basis

unless management intends to liquidate the entity or to cease trading or the
directors have no realistic alternative but to do so.
Where the assumption is made that the company will cease trading, the financial
statements are prepared using the break-up or liquidation basis under which:
 The basis of preparation and the reason why the entity is not regarded as a
going concern are disclosed.
 Assets are recorded at likely sale values.
 Inventory and receivables may need to be written down as inventory may be

sold for a lower price or may be scrapped, and receivables may not pay if they
know the company is ceasing to trade.
 Additional liabilities may arise (redundancy costs for staff, the costs of closing
down facilities, etc.).
350
2.2 Responsibilities for going concern
Directors Auditors
Assess the company’s ability to continue Evaluate the appropriateness of

as a going concern management’s use of the going concern
assumption
Prepare forecasts to help with this Conclude whether a material uncertainty

assessment exists and if so, assess the adequacy of
the client’s disclosure
Disclose any material uncertainties Report in accordance with ISA 570

relating to going concern in the financial Going Concern
statements
Public and political pressure following high profile corporate failures has
resulted in increased reporting requirements for auditors relating to
going concern which are covered in more detail in the chapter on
Reporting.
351
Chapter 11
2.3 Indicators of going concern problems
 Net current liabilities
 Negative cash flow
 Borrowing facilities not agreed or close to expiry of current agreement
 Inability to obtain credit from suppliers
 Sale of non-current assets to fund operating costs
 Loss of key staff
 Over-reliance on small number of customers or products
 Increasing competition
352
2.4 Procedures
 Analyse and discuss cash flow, profit and other relevant forecasts with
management. This should include assessment of the reasonableness of the
assumptions used to prepare the forecasts.
 Review the terms of debentures and loan agreements and determine whether
any have been breached.
 Read minutes of the meetings of shareholders, the board of directors and

important committees for reference to financing difficulties.
 Enquire of the entity’s lawyer regarding the existence of litigation and claims
and the reasonableness of management’s assessments of their outcome and
the estimate of their financial implications.
 Review events after the year-end to identify those that either mitigate or
otherwise affect the entity’s ability to continue as a going concern.
 Review correspondence with customers for evidence of any disputes that might
impact recoverability of debts and affect future sales.
 Review correspondence with suppliers for evidence of issues regarding

payments that might impact the company's ability to obtain supplies or credit.
 Review correspondence with the bank for indication that a bank loan or
overdraft may be recalled.
 Obtain written representations from management regarding its plans for the
future and how it plans to address the going concern issues.
353
Chapter 11
Question 4
You have been assigned the going concern section of the audit of
Zambezi Co. The company has had a difficult year with the loss of two major
customers due to bankruptcy, resulting in a decline of revenue of 40%. This
has impacted cash flow and the company has had to request an increase in
its loan facility with the bank.
Required:
Describe the audit procedures the auditor should perform in assessing

whether or not Zambezi Co is a going concern.

control, Business acumen and Legislation, the skill of decision making, and
Solution
 Discuss with management whether any new business has been signed
to replace the fall in revenue caused by the loss of the two major
customers and if so, review the signed contracts.
 Review correspondence with the bank for indication that the loan facility
will be extended.
 Review correspondence with customers for evidence of any issues that

might impact recoverability of other debts and affect future revenue.
 Analyse cash flow forecasts and discuss the reasonableness of the

assumptions used to prepare the forecasts with management.
 Read board meeting minutes for discussion of management’s plans to

address the cash flow issues.
 Obtain written representation from management regarding its plans for

the future and how it plans to address the going concern issues.
354
355
Chapter 11
2.5 Financial statements disclosures
Disclosures relating to going concern are required to be made by the directors in the
following circumstances:
 Where there is material uncertainty over the future of the company
 Where the going concern assessment has not covered a twelve month period
 Where the financial statements are prepared on a basis other than the going
concern basis
2.6 Reporting implications
The auditor should include a section titled Material Uncertainty Relating to Going
Concern in the auditor's report if the directors have appropriately disclosed going
concern uncertainties. This section will reference to the directors disclosure note.
The auditor should include an Emphasis of Matter paragraph in the auditor's report if
the directors have prepared the financial statements on the break-up basis and
disclosed that they have done this. The Emphasis of Matter paragraph will reference
to the directors disclosure note.
The auditor should modify the audit opinion if the directors have not made adequate
disclosure of any material uncertainty related to going concern or if the directors have
not prepared the financial statements on the appropriate basis.
356
Question 5
It is 1 July 20X5. You are an audit supervisor of Mara & Co and have been
assigned responsibility for completing the detailed going concern testing for
Tsavo Co for the year ended 30 April 20X5. Tsavo Co’s audit should be
finalised and the financial statements signed by 30 September 20X5.
Management’s assessment of Tsavo Co’s ability to continue as a going
concern covers the period to 30 November 20X5.
Which of the following actions should Mara & Co take in relation to

Tsavo Co’s going concern assessment?
A Request that management extends the assessment period to

30 September 20X6
B Request that management extends the assessment period to 30 April

20X6
C Perform additional audit procedures to confirm Tsavo Co’s going

concern status
D Review management’s assessment to 30 November 20X5 and only

request that it is extended if it raises doubt that Tsavo Co is a going
concern
Solution
ISA 570 requires that in evaluating the entity’s ability to continue as a going
concern the auditor must cover the same period as that used by management
to make its assessment. If management’s assessment covers a period of less
than twelve months from the date of the financial statements the auditor is
required to request management to extend its assessment period. In this case
the auditor must request that management extend the assessment period to
30 April 20X6.
Performing additional audit procedures would not resolve the fact that the
assessment period is not as required by ISA 570, therefore option C is not an
appropriate response in this instance.
357
Chapter 11
358
Overall review of the financial

statements
3.1 Procedures
 Review the financial statements to ensure:
– compliance with accounting standards and local legislation disclosure

requirements. This is sometimes performed using a disclosure checklist.
– accounting policies are sufficiently disclosed.
– they adequately reflect the information and explanations previously

obtained and conclusions reached during the course of the audit.
 Perform analytical procedures to corroborate conclusions formed during the

audit and assist when forming an overall conclusion as to whether the financial
statements are consistent with the auditor's understanding of the entity.
 Review the aggregate of the uncorrected misstatements to assess whether a

material misstatement arises. If so, discuss the potential adjustment with
management.
3.2 Purpose of review procedures
The auditor should assess whether:
 The audit work was performed in accordance with professional standards.
 Significant matters have been raised for further consideration and appropriate
consultations have taken place.
 There is a need to revise the nature, timing and extent of the work performed.
 The audit evidence gathered by the team is sufficient and appropriate to support
the conclusions reached and provide a basis for the audit opinion.
 The financial statements comply with the appropriate financial framework.
359
Chapter 11
Question 6
It is 1 July 20X5. You are an audit manager at Tiffey & Co, currently finalising
the audit of Yare Co for the year ended 31 March 20X5. You are performing
the final review in preparation for signing the auditor’s report. During the year
one of the company’s properties was revalued by an independent expert
valuer.
Which TWO of the following are audit procedures Tiffey & Co should
perform in conducting its overall review of the financial statements of
Yare Co?
A Make an assessment of Yare Co’s ability to continue as a going concern
B Design and perform analytical procedures to confirm the financial

statements are consistent with the auditor’s understanding of the entity
C Undertake money laundering identification procedures to reconfirm the

identity of the directors of Yare Co
D Assess the information obtained from the external expert in respect of

the property revaluation
E Obtain and retain documentation to confirm the legal title of all non-
current assets
F Reassess materiality to confirm whether it remains appropriate in the

context of Yare Co’s final financial statements
Solution
The correct answers are B and F.
ISA 520 Analytical Procedures requires the auditor to perform analytical

procedures near the end of the audit to assist the auditor when performing an
overall conclusion.
ISA 320 Materiality in Planning and Performing an Audit states that materiality
may need to be revised as the audit progresses. At the review stage of the
audit, the auditor considers whether the aggregate of uncorrected
misstatements is material. In doing so the auditor must consider whether the
materiality level is still appropriate.
360
Question 7
One objective of the final overall review stage of the audit is to ensure that the
evidence gathered in the course of the audit supports the audit opinion.
Which of the following questions, which are answered as part of the final
review, support this objective?
1 Was the audit plan suitably modified to allow for changing

circumstances?
2 Has the audit firm’s continued independence been considered?
3 Have all deficiencies in internal control been communicated to

management?
4 Has work been performed in accordance with relevant auditing, legal

and professional standards?
A 1 and 4
B 1 and 2
C 2 and 3
D 3 and 4
Solution
Revising the audit plan to allow for changing circumstances helps to ensure
that sufficient and appropriate audit evidence is obtained.
Performing audit work in accordance with relevant auditing, legal and

professional standards enhances the quality of the audit work and therefore
the evidence on which the audit opinion is based.
The audit firm should ensure that it remains independent throughout the audit
and the auditor is required to communicate deficiencies which are of sufficient
importance to merit management’s attention. However, neither of these issues
has a direct effect on the evaluation of audit evidence at the review stage and
its suitability for providing the basis for the audit opinion.
361
Chapter 11
362
Evaluation of misstatements
ISA 450 Evaluation of Misstatements Identified During the Audit provides the
following guidance.
4.1 During the audit

The auditor must:
 Accumulate a record of all identified misstatements, unless they are clearly
trivial.
 Consider if the existence of such misstatements indicates that others may exist,
which, when aggregated with other misstatements, could be considered
material. If so, consider if the audit plan and strategy need to be revised.
 Communicate all misstatements identified during the course of the audit to an
appropriate level of management on a timely basis and request that all
misstatements are corrected.
 If management refuses to correct some or all of the misstatements the auditor
should consider their reasons for refusal and take these into account when
considering if the financial statements are free from material misstatement.
4.2 At the end of the audit

Evaluate the effect of the uncorrected misstatements. If management have failed to
correct all of the misstatements reported to them, the auditor should:
 Revisit their assessment of materiality to determine whether it is still appropriate
in the circumstances.
 Determine whether the uncorrected misstatements, either individually or in
aggregate, are material to the financial statements as a whole.
 Communicate the uncorrected misstatements to those charged with governance
and explain the effect this will have on the audit opinion.
 Request a written representation from management and those charged with
governance that they believe the effects of uncorrected misstatements are
immaterial.
363
Chapter 11
Example 3
Evaluation of misstatements
During the audit of Severn Co you have identified the following misstatements:
1 A number of purchase invoices were received after the year-end which

related to goods received before the year-end. These are not included in
the accruals balance. The total of the invoices is $25,000.
2 A misstatement of $5,000 has occurred when depreciation has been

calculated.
3 The inventory balance includes damaged inventory valued at a cost of

$75,000. The damaged inventory can be sold for $80,000 if remedial
work costing $10,000 is undertaken.
Total assets are $200,000.
The misstatement relating to accruals is material individually at 12.5% of

assets. Material misstatements cannot be offset by other misstatements to
avoid a modified opinion therefore this misstatement must be adjusted.
The misstatements relating to depreciation and inventory of $5,000 each

represent 2.5% of assets. In aggregate this is 5% of assets which may be
considered material in the auditor’s judgment.
Management should be asked to correct all three misstatements.

and Legislation, the skills of Communication and Problem solving and
decision making, and the behaviours of Professional scepticism and
Flexibility.
364
Written representation letter
ISA 580 Written Representations provides the following guidance.
A written representation is a written statement by management

provided to the auditor to confirm certain matters or to support other
audit evidence.
5.1 Purpose
 To obtain evidence that management, and those charged with governance,

have fulfilled their responsibility (as agreed and acknowledged in the terms of
the audit engagement) for the preparation of the financial statements, including:
– Preparing the financial statements in accordance with an applicable

financial reporting framework.
– Providing the auditor with all relevant information and access to records.
– Recording all transactions and reflecting them in the financial statements.
 To support other audit evidence relevant to the financial statements if

determined necessary by the auditor or required by auditing standards, for
example:
– Plans or intentions that may affect the carrying value of assets or liabilities.
– Confirmation of values where there is a significant degree of estimation or

judgment involved, e.g. provisions and contingent liabilities.
– Formal confirmation of the directors’ judgment on contentious issues,

e.g. the value of assets where there is a risk of impairment.
– Aspects of laws and regulations that may affect the financial statements,
including compliance.
365
Chapter 11
 To support other audit evidence relevant to the financial statements required by

ISAs, for example:
– ISA 240 The Auditor's Responsibilities Relating to Fraud in an Audit of

Financial Statements
– ISA 250 Consideration of Laws and Regulations in an Audit of Financial

Statements
– ISA 450 Evaluation of Misstatements Identified during the Audit
– ISA 501 Audit Evidence – Specific Considerations for Selected Items
– ISA 540 Auditing Accounting Estimates and Related Disclosures
– ISA 560 Subsequent Events
– ISA 570 Going Concern
Note that written representations cannot substitute for more reliable

evidence that should be available and do not constitute sufficient
appropriate evidence on their own, about any of the matters with which
they deal.
366
5.2 Process for obtaining a written representation
 The auditor drafts the letter
 Wording is given to the client to print on client headed paper
 A responsible official within the client entity with knowledge of the matters
included signs the letter
 The letter must be signed and dated before the auditor’s report is finalised
 The letter is provided to the auditor
 The letter is reviewed by the auditor to ensure it provides sufficient appropriate

evidence.
5.3 Reliability of written representations
 The auditor must consider whether the written representation letter is consistent
with other forms of evidence obtained.
 The auditor must consider whether there are any concerns over the
competence, integrity or ethical values of management which could affect the
reliability of the written representation.
 If there are concerns over competence, integrity or ethical values the auditor
should consider withdrawing from the audit.
 If the auditor cannot withdraw, a disclaimer of opinion should be given.
 Similar considerations will apply if management refuses to provide a written

representation letter.

of a written representation letter.
367
Chapter 11
Question 8
For which of the following is the auditor MOST likely to request a written
representation from management?
A Appropriateness of depreciation rates
B Adequacy of allowance for receivables
C Confirmation of existence of a bank loan
D Completeness of directors’ bonuses

and control and Legislation, and the behaviour of Professional
scepticism.
Solution
Sufficient and appropriate evidence can be obtained through alternative

procedures for A, B and C. Directors may be reluctant to disclose full details of
their bonuses if they believe shareholders will not be in agreement with them.
The information will be confined to management, therefore a written
representation would be requested to confirm completeness of the information
provided to the auditor.
368
Question 9
You are completing the audit of Rhine Co. All audit work will be finished by
31 July 20X5. The auditor's report is due to be signed on 28 September 20X5.
Rhine Co's board plans to issue the financial statements on 21 October 20X5
which will be followed by an annual general meeting on 30 October 20X5.
Which of the following would be the most appropriate date for the
directors of Rhine Co to sign the written representation?
A 31 July 20X5
B 28 September 20X5
C 21 October 20X5
D 30 October 20X5

Solution
ISA 580 Written Representations states that the date of written

representations must be as near as practicable to, but not after the date of the
auditor’s report. The auditor’s report is due to be signed on 28 September
20X5, therefore this would be the most appropriate date for the directors to
sign the written representation.
369
Chapter 11
You should now be able to answer TYU questions 3, 4, 5, 6, 7 and 8 from the
Study Text.
370
Chapter 12
Reporting
Outcome
 identify and describe the basic elements contained in the independent auditor’s
report
 explain unmodified audit opinions in the auditor’s report
 explain the circumstances in which a modified audit opinion may be issued in

the auditor’s report
 explain the impact on the auditor’s report when a modified opinion is issued
 describe the format and content of key audit matters, emphasis of matter and
other matter paragraphs
 discuss the need for auditors to communicate with those charged with
governance
371
Chapter 12
One of the PER performance objectives (PO20) is to review and

report on the findings of an audit. You complete an audit,
preparing the formal documentation and reporting any control
deficiencies to management. You report back to managers in a
formal audit report. Working through this chapter should help you
understand how to demonstrate that objective.
372
Reporting
Overview
Reporting
Communicating
Independent
with those
auditor’s
charged with
report
governance
373
Chapter 12
The independent auditor’s report
1.1 Objectives of an auditor
When the audit work is complete, the auditor will prepare the auditor’s report
containing an opinion on the financial statements.
The objectives of an auditor, in accordance with ISA 700 (Revised) Forming an

Opinion and Reporting on Financial Statements, are:
 to form an opinion on the financial statements based upon an evaluation of their

conclusions drawn from audit evidence.
 to express clearly that opinion through a written report.
The auditor forms an opinion on whether the financial statements are prepared, in all
material respects, in accordance with the applicable financial reporting framework.

of an independent auditor’s report.
The content of the auditor’s report has evolved due to the need to
increase the user’s understanding of the audit process and the meaning
of the auditor’s report.
374
Reporting
375
Chapter 12
1.2 Elements of an independent auditor’s report
Element Purpose
Title To clearly identify the report as an Independent

Auditor's Report
Addressee To identify the intended user of the report
Auditor’s opinion Provides the auditor's conclusion as to whether the

financial statements give a true and fair view
Basis for opinion Provides a description of the professional standards

applied during the audit to provide confidence to
users that the report can be relied upon
Key audit matters To draw attention to any other significant matters

(if applicable) which the auditor communicated with those charged
with governance of which the users should be
aware, to aid their understanding of the entity
(Note: This section is only compulsory for listed
entities)
Material uncertainty related If there is disclosure of material uncertainties related

to going concern to going concern that must be brought to the
(if applicable) attention of the user
Emphasis of matter To draw attention to any other significant matters

(if applicable) disclosed by the entity of which the users should be
aware to aid their understanding of the entity
Other information To clarify that management are responsible for the

other information such as the Chair's statement. The
auditor's opinion does not cover the other
information and the auditor's responsibility is only to
read the other information and report in accordance
with ISA 720
Responsibilities of To clarify that management are responsible for

management and those preparing the financial statements and for the
charged with governance internal controls. Included to help minimise the
for the financial statements expectations gap
376
Reporting
Element Purpose
Auditor's responsibilities for To clarify that the auditor is responsible for expressing
the audit of the financial reasonable assurance as to whether the financial
statements statements give a true and fair view and express that
opinion in the auditor's report. The section also
describes the meaning of materiality and the auditor's
responsibilities in respect of risk assessment, internal
controls, going concern and accounting policies.
Included to help minimise the expectations gap
Report on Other Legal and To highlight any additional reporting responsibilities,

Regulatory Requirements if applicable. This may include responsibilities in
some jurisdictions to report on the adequacy of
accounting records, internal controls over financial
reporting, or other information published with the
Other matter To draw attention of the user to any other matters

(if applicable) related to the audit, auditor’s responsibilities or
auditor’s report of which the user should be aware
Name of the engagement To identify the person responsible for the audit
partner opinion in case of any queries
(Note: This name of the engagement partner is only
required for listed entities)
Signature Shows the engagement partner or firm accountable

for the opinion
Auditor’s address To identify the specific office of the engagement

partner in case of any queries
Date To identify the date up to which the audit work has

been performed. Any information that comes to light
after this date will not have been considered by the
auditor when forming their opinion. The report must
be signed and dated after the date the directors
approved the financial statements. Often, the
financial statements are approved and the auditor's
report signed on the same day
377
Chapter 12
Question 1
Which of the following must be included in an auditor’s report
containing an unmodified opinion?
1 A statement that the auditor believes the audit evidence obtained is

sufficient and appropriate
2 Title indicating the report is that of the independent auditor
3 Description of the meaning of materiality
4 A statement that the auditor is independent of the entity and has fulfilled
their ethical responsibilities
A 1, 2 and 3 only
B 1 and 3 only
C 2 and 4 only
D 1, 2, 3 and 4

Solution
Items described in (1) and (4) would be included in the basis for opinion
paragraph.
Item (2) would appear at the start of the auditor’s report so that the auditor’s
report is clearly distinguished from reports issued by others.
The item described in (3) would be included as part of the auditor’s

responsibilities for the audit of the financial statements section.
378
Reporting
379
Chapter 12
Auditor’s opinion
2.1 Audit opinions
The auditor’s opinion provides the auditor's conclusion as to whether the financial
statements give a true and fair view.
The audit opinion can be unmodified or modified.

Nature of issue Not material Material but Not Material and
Pervasive Pervasive
Misstatement Unmodified Qualified Opinion Adverse Opinion
opinion Except for ... FS do not give a
True and fair true and fair view*
view*
Inability to obtain Unmodified Qualified Opinion Disclaimer of
sufficient opinion Opinion
Except for ...
appropriate audit True and fair Do not express an
evidence view* opinion
* ISA 700 allows the wording ‘true and fair view’ or ‘fairly presents’.
380
Reporting
2.2 Unmodified opinion
When the auditor concludes that the financial statements are prepared,
in all material respects, in accordance with the applicable financial
reporting framework they issue an unmodified opinion in the auditor's
report.
The audit opinion will state that the financial statements give a true and fair view.
This will mean:
 The financial statements adequately disclose the significant accounting policies.
 The accounting policies selected are consistently applied and appropriate.
 Accounting estimates made by management are reasonable.
 Information is relevant, reliable, comparable and understandable.
 The financial statements provide adequate disclosures to enable the users to

understand the effects of material transactions and events.
 The terminology used is appropriate.
Example 1
Unmodified opinion
During the audit of Hunza Co, it was identified that a provision had been
included in the financial statements which did not meet the recognition criteria
of IAS 37 Provisions, Contingent Liabilities and Contingent Assets. The
misstatement was discussed with management and those charged with
governance but no adjustment has been made. The provision represents
0.3% of total assets and 3.2% of profit before tax. As the misstatement is not
material, the audit opinion will be unmodified. The opinion will state that the
financial statements give a true and fair view.

decision making, and the behaviour of Professional scepticism.
381
Chapter 12
382
Reporting
2.3 Modified opinion
Modified opinion
Inability to obtain
Material sufficient
misstatement appropriate
evidence
 The financial statements are  The auditor does not have

not prepared in all material sufficient appropriate
respects with the applicable evidence to be able to form
financial reporting an opinion
framework
 Qualified opinion – the
 Qualified opinion – the effect of any possible
misstatement is material but misstatement is material but
not pervasive not pervasive
‘TFV Except for...’ ‘TFV Except for...’
 Adverse opinion – the  Disclaimer of opinion – the
misstatement is material effect of any possible
and pervasive misstatement is material and
‘Do not give a TFV’ pervasive
‘Do not express an opinion’
383
Chapter 12
Reasons to modify the opinion
The auditor will need to modify the opinion when they conclude that:
 Based upon the evidence obtained the financial statements as a

whole are not free from material misstatement. This is where the
client has not complied with the applicable financial reporting
framework.
OR
 They have been unable to obtain sufficient appropriate

evidence to be able to conclude that the financial statements as a
whole are free from material misstatement. This is evidence the
auditor would expect to exist to support the figures in the financial
statements.
The nature of the modification depends on whether the auditor considers the matter
to be material but not pervasive, or material and pervasive, to the financial
statements.
Pervasive
A matter is considered 'pervasive' if, in the auditor's judgment:
 The effects are not confined to specific elements, accounts or items of the
 If so confined, represent or could represent a substantial proportion of the

financial statements, or
 In relation to disclosures, are fundamental to users' understanding of the

In brief, a pervasive matter must be fundamental to the financial statements,

therefore rendering them unreliable as a whole.
384
Reporting
Qualified opinion
 If the misstatement or lack of sufficient appropriate evidence is material but not
pervasive, the auditor will issue a qualified opinion.
 This means the matter is material to the area of the financial statements
affected but does not affect the remainder of the financial statements.
 ‘Except for’ this matter, the financial statements give a true and fair view.
 Whilst significant to users' decision making, a material matter can be isolated
whilst the remainder of the financial statements may be relied upon.
Example 2
Qualified opinion
During the audit of Beqaa Co, it was identified that revenue had been
recognised before the performance obligations within some of the contracts had
been fulfilled and therefore the recognition criteria of IFRS 15 Revenue from
Contracts with Customers had not been met. The misstatement was discussed
with management and those charged with governance but no adjustment has
been made. The misstatement represents 1.3% of total assets and 7.2% of
profit before tax. The misstatement is material but not pervasive as it does not
represent a substantial proportion of the assets or profit. The audit opinion will
be qualified. The opinion will state that except for the misstatement affecting
revenue, the financial statements give a true and fair view.

Look at Illustrations 5 and 6 in Chapter 12 of the Study Text for
examples of qualified opinions.
385
Chapter 12
Adverse opinion
An adverse opinion is issued when a misstatement is considered material and

pervasive. This will mean the financial statements do not give a true and fair
view.
Examples include:
 Preparation of the financial statements on the wrong basis.
 Non-consolidation of a subsidiary.
 Material misstatement of a balance which represents a substantial proportion of

the assets or profits e.g. would change a profit to a loss.
Example 3
Adverse opinion
During the audit of Waipio Co, it was identified that development costs had
been recognised within intangible assets which did not meet the recognition
criteria of IAS 38 Intangible Assets. The misstatement was discussed with
management and those charged with governance but no adjustment has been
made. The misstatement represents 80% of profit before tax. The
misstatement is material and pervasive as it represents a substantial
proportion of the profit for the year. An adverse opinion will be required. The
opinion will state that the financial statements do not give a true and fair view.

386
Reporting
Disclaimer of opinion
A disclaimer of opinion is issued when the auditor has not obtained sufficient
appropriate evidence and the effects of any possible misstatements could be
pervasive. The auditor does not express an opinion on the financial statements
in this situation.
Examples include:
 Failure by the client to keep adequate accounting records.
 Refusal by the directors to provide written representation.
 Failure by the client to provide evidence over a single balance which represents
a substantial proportion of the assets or profits or over multiple balances in the
Example 4
Disclaimer of opinion
During the audit of Fergana Co, the auditor was unable to obtain sufficient
and appropriate evidence over payroll costs for ten months of the year as the
payroll data was corrupted and the company did not have back-ups or paper
copies of the payroll reports. The issue was discussed with management and
those charged with governance but no alternative evidence was available.
Payroll costs represent 80% of profit before tax. The issue is material and
pervasive as it represents a substantial proportion of the profit for the year.
A disclaimer of opinion will be required. The auditor’s report will state that the
auditor does not express an opinion due to an inability to obtain sufficient and
appropriate evidence.

Look at Illustration 7 and 8 in Chapter 12 of the Study Text for
examples of an adverse opinion and a disclaimer or opinion.
387
Chapter 12
388
Reporting
Basis for opinion
3.1 Within a report containing an unmodified or modified opinion
The basis for opinion section refers to the professional standards the auditor has
followed in order to be able to form an opinion on the financial statements, to provide
confidence to users that the report can be relied upon.
3.2 Within a report containing a modified opinion
When the auditor decides to modify the opinion, they must amend the heading 'Basis
for Opinion' to 'Basis for Qualified Opinion', 'Basis for Adverse Opinion' or 'Basis for
Disclaimer of Opinion', as appropriate.
The section will explain the reason why the opinion is modified e.g. which balances
are misstated, which disclosures are missing or inadequate, which balances the
auditor was unable to obtain sufficient appropriate evidence over and why.
If possible, a quantification of the financial effect of the modification will be included.
If the material misstatement relates to narrative disclosures, an explanation of how

the disclosures are misstated should be included, or in the case of omitted
disclosures, the disclosure should be included if the information is readily available.
Where a qualified or adverse opinion is being issued, the auditor must amend the
statement '...the audit evidence is sufficient and appropriate to provide a basis for the
auditor's qualified/adverse opinion'.

Look at Illustration 5, 6, 7 and 8 in Chapter 12 of the Study Text for
examples of basis for opinion paragraphs.
389
Chapter 12
3.3 Summary of opinions and basis for opinions
Nature of issue Not material Material but Not Material and

Pervasive Pervasive
Misstatement Unmodified Qualified Opinion Adverse Opinion
opinion
Except for ... FS do not give a
True and fair true and fair view
view Basis for qualified
opinion Basis for adverse
Basis for opinion
opinion
Inability to obtain Unmodified Qualified Opinion Disclaimer of
sufficient opinion Opinion
appropriate audit Except for ...
evidence True and fair Do not express an
view Basis for qualified opinion
opinion
Basis for Basis for
opinion disclaimer
of opinion
390
Reporting
Key audit matters
4.1 Definition
Key audit matters are those that in the auditor's professional judgment
were of most significance in the audit and are selected from matters
communicated to those charged with governance.
ISA 701 Communicating Key Audit Matters in the Independent Auditor's Report
requires auditors of listed companies to determine key audit matters and to
communicate those matters in the auditor's report.
Auditors of non-listed entities may voluntarily, or at the request of management or

those charged with governance, include key audit matters in the auditor's report.
4.2 Purpose of the key audit matters section
The purpose of including these matters is to assist users in understanding the entity,
and to provide a basis for the users to engage with management and those charged
with governance about matters relating to the entity and the financial statements.
391
Chapter 12
4.3 What are key audit matters?
Key audit matters include:
 Areas of higher assessed risk of material misstatement, or significant risks

identified in accordance with ISA 315 (Revised) Identifying and Assessing the
Risks of Material Misstatement Through Understanding the Entity and its
Environment.
 Significant auditor judgments relating to areas in the financial statements that

involved significant management judgment, including accounting estimates that
have been identified as having high estimation uncertainty.
 The effect on the audit of significant events or transactions that occurred during
the period.
Specific examples include:
 Significant fraud risk
 Goodwill
 Valuation of financial instruments
 Fair values
 Effects of new accounting standards
 Revenue recognition
 Material provisions such as a restructuring provision
 Implementation of a new IT system, or significant changes to an existing system
392
Reporting
4.4 Inclusion in the auditor’s report
Each key audit matter should describe why the matter was considered to be
significant and how it was addressed in the audit.
Example 5
Key audit matters example – Revenue recognition
Why significant How addressed in the audit
Revenue amounted to $X million for  Testing controls over the

the year ended 31st December revenue systems
20X4. Revenue is recorded when the
service is provided, using complex  Performing analytical
information technology systems to procedures on revenue
track the point of service delivery
and, where necessary, estimates of  Examining manual journals
fair values for the services provided. related to revenue to assess
These fair value estimates involve a the fair values and timings of
significant degree of management revenue.
judgment.

Note that a matter giving rise to a qualified or adverse opinion, or a material

uncertainty related to going concern are by their nature key audit matters. However,
they would not be described in this section of the report. Instead, a reference to the
Basis for qualified or adverse opinion or the going concern section would be
included.
393
Chapter 12
4.5 What if there are no key audit matters to report?
If there are no key audit matters to communicate, the auditor shall:
 Discuss this with the engagement quality control reviewer, if one has been
appointed.
 Communicate this conclusion to those charged with governance.
 Explain in the key audit matters section of the auditor's report that there are no
matters to report.
394
Reporting
Additional communications
5.1 Types of additional communication
In certain circumstances auditors are required to make additional communications in

the auditor's report even though the financial statements show a true and fair view.
Issues requiring communication include:
 Material Uncertainty Related to Going Concern (ISA 570 Going Concern)
 Emphasis of Matter paragraph (ISA 706 Emphasis of Matter Paragraphs and

Other Matter Paragraphs in an Auditor's Report)
 Other Matter paragraph (ISA 706)
It is important to note that these do not impact the wording of the opinion and do
not constitute either a qualified, adverse or disclaimer of opinion.
395
Chapter 12
5.2 Material uncertainty related to going concern
Included when there is a material uncertainty regarding the going concern status
which the directors have adequately disclosed in the financial statements.
The auditor uses this section to draw the attention of the user to the client's
disclosure note.
Example 6
Material uncertainty related to going concern
McMurdo Co is currently experiencing significant cash flow issues. At the date

of the auditor’s report, there is still significant uncertainty as to whether the
company will be able to continue for the foreseeable future. The directors
have made full disclosure of the uncertainty relating to going concern in the
notes to the financial statements. An unmodified opinion will be issued as the
directors have fully disclosed the going concern issues. The auditor’s report
will include a material uncertainty related to going concern paragraph to
highlight the disclosure note made by the client to the users of the financial
statements.
396
Reporting
5.3 Emphasis of Matter paragraph
Used to refer to a matter that has been adequately presented or disclosed in the
financial statements by the directors.
The auditor's judgment is that these matters are of such fundamental importance to
the users' understanding of the financial statements that the auditor should
emphasise the disclosure.
Examples
 Major catastrophes that have had a significant effect on the entity's financial
position.
 An uncertainty relating to the future outcome of exceptional litigation or

regulatory action.
 A significant subsequent event occurs between the date of the financial

statements and the date of the auditor's report.
Position in the auditor's report
When a Key Audit Matters section is presented in the auditor’s report, an Emphasis
of Matter paragraph may be presented either directly before or after the Key Audit
Matters section, based on the auditor’s judgment as to the relative significance of the
information included in the Emphasis of Matter paragraph.
Example 7
Emphasis of matter
Dresden Co is currently involved in a legal case with a customer. The
outcome is unlikely to be known for some time but is likely to have a material
impact on the company. The directors have made full disclosure of the
significant uncertainty relating to the outcome of the legal case in the notes to
the financial statements and they have correctly accounted for the associated
costs. An unmodified opinion will be issued as the directors have correctly
accounted for the matter and made adequate disclosure. The auditor’s report
will include an emphasis of matter paragraph to highlight the disclosure note
made by the client to the users of the financial statements.
397
Chapter 12
 An Emphasis of Matter paragraph is not used to draw attention

to immaterial misstatements. The fact that they are immaterial
means they do not warrant the attention of the shareholders.
 An Emphasis of Matter paragraph can only be used when

adequate disclosure has been made of the matters mentioned
above. The auditor can only emphasise something that is already
included. Where adequate disclosure has NOT been made the
opinion will need to be modified and an Emphasis of Matter
paragraph should NOT be used.
 The heading of the paragraph can be amended to provide further

context, for example, Emphasis of Matter – Subsequent event.
 An Emphasis of Matter should not be used to highlight an issue

already included in the Key Audit Matters section. The auditor
must use judgment to determine which section they consider is the
most appropriate to highlight the issue.
398
Reporting
Question 2
All adjustments required by the auditors of Etschtal Co have been made to the
financial statements with the exception of an adjustment relating to faulty
goods held in inventory at the year end. The audit work concluded that the
cost of this inventory exceeded its net realisable value by $2.9m. The
directors dispute the audit team’s figures and believe that the realisable value
of the inventory still exceeds its cost. Profit before tax for the year was
$131.4m.
Which of the following correctly describes the effect of this matter on

the auditor’s report?
A Unmodified opinion with no further disclosure
B Unmodified opinion with disclosure in an emphasis of matter paragraph
C Qualified opinion due to material misstatement
D Qualified opinion due to inability to obtain sufficient appropriate audit

evidence

and control and Legislation, the skills of Communication and Problem
solving and decision making, and the behaviour of Professional
scepticism.
Solution
The amount of the disputed adjustment is not material, being 2.2% of profit
before tax, therefore there is no material misstatement.
An unmodified opinion would be issued meaning that options C and D are not
correct.
The nature of the issue is such that it would not be disclosed in an emphasis
of matter paragraph so option B is incorrect.
399
Chapter 12
400
Reporting
Question 3
Ossau Co issued 100,000 $1 ordinary shares in April 20X5. This is currently
not reflected in the financial statements for the year ended 31 March 20X5.
If no changes are made to the financial statements which of the

following audit opinions will be issued?
A Unmodified opinion as the share issue occurred after the year end
B Qualified opinion as the financial statements are materially misstated
C Qualified opinion as the auditor has not gathered sufficient, appropriate

evidence in respect of the share issue
D Unmodified opinion with an emphasis of matter paragraph drawing

shareholders’ attention to the share issue
Solution
The share issue represents a material non-adjusting subsequent event. So

while the transaction will not be recorded until after the year end, the event
should be disclosed in the financial statements for the year ended 31 March
20X5. This lack of disclosure means that the financial statements are
materially misstated and therefore if no changes are made the auditor should
issue a qualified opinion.
401
Chapter 12
5.4 Other Matter paragraph
Purpose
An Other Matter paragraph is included in the auditor's report if the auditor considers it
necessary to communicate to the users regarding matters that are not presented or
disclosed in the financial statements that, in the auditor's judgment, are relevant to
understanding the audit, the auditor's responsibilities, or the auditor's report.
 To communicate that the auditor's report is intended solely for the intended
users, and should not be distributed to or used by other parties.
 When law, regulation or generally accepted practice requires or permits the

auditor to provide further explanation of their responsibilities.
Position in the auditor's report
When an Other Matter paragraph is included to draw user's attention to a matter

relating to other reporting responsibilities addressed in the auditor's report, the
paragraph may be included in the Report on Other Legal and Regulatory
Requirements section.
When relevant to all auditors’ responsibilities or users' understanding of the auditor's

report, the Other Matter paragraph may be included as a separate section following
the Report on the Other Legal and Regulatory Requirements.
 An Other Matter paragraph does not include confidential

information or information required to be provided by management
 The heading may be amended to provide further context, for

example, Other Matter – Scope of the audit.

of an Other Matter paragraph.
402
Reporting
403
Chapter 12
Other information
6.1 What is other information?
Other information refers to financial or non-financial information, other

than the financial statements and auditor's report thereon, included in
the entity's annual report that is not necessarily subject to audit.
Examples:
 Chair's report
 Operating and financial review
 Social and environmental reports
 Corporate governance statements
6.2 Auditor responsibilities in relation to other information
If the auditor obtains the final version of the other information before the date of the
auditor’s report, they must read it to identify any material inconsistencies with the
financial statements or the auditor’s knowledge obtained during the audit.
If the auditor identifies a material inconsistency they should:
 Perform limited procedures to evaluate the inconsistency. The auditor should
consider whether it is the financial statements or the other information that
requires amendment.
 Discuss the matter with management and ask them to make the correction.
 If management refuses to make the correction, communicate the matter to
those charged with governance.
 If the matter remains uncorrected the auditor should withdraw from the
engagement if possible under applicable law or regulation as the issue casts
doubt over management integrity.
 If withdrawal is not possible, the auditor must describe the material
misstatement in the auditor's report.
404
Reporting
6.3 Content of the other information section
The Other information section:
 Identifies the other information obtained by the auditor prior to the date of the
auditor's report.
 States that the auditor has not audited the other information and accordingly
does not express an opinion or conclusion on that information.
 Includes a description of the auditor’s responsibilities with respect to the other

information.
 States either that the auditor has nothing to report, or, a description of the
material misstatement if applicable.
6.4 Purpose of the other information section
The auditor must not be knowingly associated with information which is misleading.
Misstatement of other information exists when the other information is incorrectly

stated or otherwise misleading (including because it omits or obscures information
necessary for a proper understanding of a matter).
Material misstatements or inconsistencies in the other information may undermine

the credibility of the financial statements and the auditor’s report.
405
Chapter 12
Example 8
Other information
The financial statements of Valtellina Co show a profit before tax of $1m for
this year and a comparative figure of $0.8m. The chair’s statement describes
the company as having a very successful year with profit before tax increasing
by 40%. The auditor has reviewed the audit work and is satisfied that the
financial statement figures are materially correct. The information in the chair’s
statement has been discussed with management and those charged with
governance but they have refused to make any amendment.
The audit opinion will be unmodified as the financial statements are not
materially misstated. The other information section with the auditor’s report
will need to describe the misstatement within the chair’s statement.
This example demonstrates knowledge of Assurance, risk and control,

Business acumen, Ethics and integrity and Legislation, the skills of
Communication and Problem solving and decision making, and the
behaviour of Professional scepticism.
406
Reporting
Question 4
The auditors have discovered that the chair’s report of Mattertal Co, a listed
company, is inconsistent with the financial statements and it has been
determined that the material inconsistency is in the chair’s report.
Which of the following auditor’s reports will be issued for Mattertal Co if

the directors refuse to amend the inconsistency?
A Qualified opinion with the material inconsistency explained in an other

matters paragraph
B Unmodified opinion with the material inconsistency explained in the other

information section
C Qualified opinion with the material inconsistency explained in an

emphasis of matter paragraph
D Unmodified opinion with the material inconsistency explained in the key

audit matters section
Solution
As with the previous question this question requires a detailed knowledge and
understanding of an ISA, in this case ISA 720 The Auditor’s Responsibilities
Relating to Other Information. As the financial statements are not misstated
the audit opinion will be unmodified. However, in accordance with ISA 720 as
there is an uncorrected material misstatement in the other information, the
auditor’s report must include a statement describing the issue in the other
information section.
407
Chapter 12
Exam focus – auditor’s reports
In the exam, a common requirement asks you to ‘Discuss the issue

and describe the impact on the auditor’s report’.
The following approach can be taken:
1 Discuss the issue
− Calculate the materiality of the issue.
− Explain the issue given in the scenario. This may be a misstatement that
has been caused by an inappropriate accounting treatment, or where the
auditor has been unable to obtain sufficient and appropriate evidence.
2 Explicitly state the type of issue arising
− Material misstatement
− Inability to obtain sufficient and appropriate evidence
− Material uncertainty relating to going concern
− A matter which is accounted for correctly, disclosed as a note by

management which the auditor wishes to highlight
− An inconsistency between the financial statements and the other

published information or a material misstatement within the other
information (not the financial statements)
− A matter which is accounted for correctly by a listed client, required

significant audit attention and the auditor wishes to include it as a key
audit matter
3 Conclude on the opinion:
− Unmodified opinion if there are no material issues arising from

misstatements or lack of sufficient, appropriate evidence
− Modified opinion if there are material issues arising from misstatements or

lack of sufficient, appropriate evidence
4 Where the opinion is to be modified, state whether the matter is material but
not pervasive or material and pervasive
408
Reporting
5 State the type of opinion and the key wording of that opinion
− Unmodified opinion – Present fairly/give a true and fair view
− Qualified opinion – Except for
− Adverse opinion – Do not present fairly/give a true and fair view
− Disclaimer of opinion – Do not express an opinion
6 State any other reporting implications
− Basis for modified opinion if the opinion is modified
− Material Uncertainty Related to Going Concern section if there are

uncertainties over going concern which have been adequately described
− Emphasis of Matter paragraph to highlight a disclosure
− Other Matter paragraph
− Other Information section needs to describe the inconsistency/material

misstatement in the other published information
− Key Audit Matter point for a listed entity.
409
Chapter 12
Question 5
It is 1 July 20X5. You are the manager responsible for the audit of
Moselle Co, a manufacturing company with a year ended 31 March 20X5. The
audit work has been completed and reviewed and you are due to issue the
auditor’s report in three days. The financial statements show revenue of
$15 million, profit before tax of $3 million, and total assets of $80 million.
The finance director of Moselle Co telephoned you this morning to tell you
about the announcement yesterday, of a significant restructuring of
Moselle Co, which will take place over the next six months. The restructuring
will involve the closure of a factory, and its relocation to another part of the
country. There will be some redundancies and the estimated cost of closure is
$250,000. The restructuring is not referred to in Moselle Co’s financial
statements.
Required:
Discuss the issue and describe the impact on the auditor’s report, if any,
if no amendment is made.
Solution
The announcement of a restructuring after the reporting date is a non-

adjusting event after the reporting date.
This is because the event does not provide evidence in relation to a condition
that existed at the year end.
The costs expected to be incurred for the restructuring represent 8.3% of

profit and 0.3% of assets and is therefore material to profit.
As this is a material non-adjusting event, the restructuring should be disclosed

in a note to the financial statements.
If no amendment is made, the financial statements will be materially

misstated.
410
Reporting
The misstatement is unlikely to be considered pervasive as it is an isolated

issue and does not represent a substantial proportion of the financial
statements.
The audit opinion will be modified with a qualified opinion.
The opinion will use the ‘except for’ wording.
The basis for opinion will change to a basis for qualified opinion and will
explain the reason for the qualified opinion.
Now try TYU question 3 from Chapter 12 of the Study Text.
411
Chapter 12
Communicating with those charged

with governance
ISA 260 (Revised) Communication with Those Charged with Governance and ISA
265 Communicating Deficiencies in Internal Control to Those Charged with
Governance and Management, require the external auditor to engage in
communications with management.
8.1 Objectives of communications
 To communicate the responsibilities of the auditor and an overview of the scope

and timing of the audit.
 To obtain information relevant to the audit.
 To report matters from the audit on a timely basis.
 To promote effective two-way communication.
412
Reporting
8.2 Matters to be communicated
 Auditor's responsibilities in relation to the audit.
 Planned scope and timing of the audit.
 Significant findings from the audit:
– Auditor's views about qualitative aspects of the entity's accounting

practices, policies, estimates and disclosures.
– Significant difficulties encountered during the audit, e.g. unavailability of

expected information.
– Significant matters discussed with management.
– Written representations requested.
– Circumstances that affect the form and content of the auditor's report, if
any. This includes any expected modifications to the auditor's report and
key audit matters to be communicated in accordance with ISA 701
Communicating Key Audit Matters in the Independent Auditor’s Report.
– Other matters arising significant to the oversight of the reporting process.
 Auditor independence.
8.3 Link with KAM
Some of the matters given above will be selected for inclusion in the Key Audit
Matters section of the auditor’s report for a listed company.
The purpose of including these matters is to assist users in understanding the entity.
413
Chapter 12
Study Text.
Knowledge Check Test: Review and reporting on MyKaplan.
414
Chapter 13
References
The Board (2021) IAS 1 Presentation of Financial Statements. London: IFRS

Foundation.
The Board (2021) IAS 2 Inventories. London: IFRS Foundation.
The Board (2021) IAS 7 Statement of Cash Flows. London: IFRS Foundation.
The Board (2021) IAS 10 Events after the Reporting Period. London: IFRS
Foundation.
The Board (2021) IAS 16 Property, Plant and Equipment. London: IFRS Foundation.
The Board (2021) IAS 27 Separate Financial Statements. London: IFRS Foundation.
The Board (2021) IAS 28 Investments in Associates and Joint Ventures. London:
IFRS Foundation.
The Board (2021) IAS 37 Provisions, Contingent Liabilities and Contingent Assets.
London: IFRS Foundation.
The Board (2021) IAS 38 Intangible Assets. London: IFRS Foundation.
The Board (2021) IFRS 3 Business Combinations. London: IFRS Foundation.
The Board (2021) IFRS 10 Consolidated Financial Statements. London: IFRS

Foundation.
The Board (2021) IFRS 15 Revenue from Contracts with Customers. London: IFRS
Foundation.
415
Chapter 13
416

Audit Workbook

Uploaded by

Copyright:

Available Formats

Audit Workbook

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Audit Workbook

Uploaded by

Copyright:

Available Formats

ACCA

Audit and Assurance

British library cataloguing-in-publication data

L7 Knowledge, Skills and Behaviours 1

Chapter 1 Introduction to assurance 5

Chapter 2 Rules and regulation 21

Chapter 3 Corporate governance 31

Chapter 4 Ethics and acceptance 53

Chapter 6 Planning 115

Chapter 7 Evidence 157

Chapter 8 Systems and controls 203

Chapter 9 Internal audit 263

Chapter 10 Procedures 281

Chapter 11 Completion and review 337

Chapter 12 Reporting 371

Chapter 13 References 415

Integrated Workbook Icons

Additional Question Practice/Reading

Exam question styles

Exam Technique Point

Study Text Questions

As per the Level 7 Accountancy/Taxation Professional Apprenticeship standard, you

Knowledge An accountancy or taxation professional will be able to:

Assurance, risk Provide a degree of assurance that stakeholders can trust

Business Demonstrate knowledge of key business objectives and

Financial Prepare, analyse and interpret an organisation's financial

Legislation Understand, interpret and apply the legislation, standards and

Strategic Apply their judgement and make sustainable business decisions

Skills An accountancy or taxation professional will be able to:

Building Build trusted and sustainable relationships with individuals and

Business insight Influence the impact of business decisions on relevant and

Communication Communicate in a clear, articulate and appropriate manner.

Ethics and Identify ethical dilemmas, understand the implications and

Leadership Take ownership of allocated projects and effectively manage

Problem solving Evaluate information quickly and draw accurate conclusions.

Behaviours An accountancy or taxation professional will be able to:

Adds Value Anticipate an individual’s organisations future needs and

Continuous Take responsibility for their own professional development by

Flexibility Adapt approach to assist organisations and individuals to

Professional Apply a questioning mind to conditions which may indicate a

By the end of this session you should be able to:

 understand the concept of audit and other assurance engagements

 describe the limitations of external audits

and answer questions relating to these areas.

One of the PER performance objectives (PO4) is governance risk

Elements Levels and

An assurance engagement is one in which a practitioner

1.1 Key elements

Sufficient and To enable a conclusion or opinion to

1.2 The 3 party relationship

Depends on the Usually the

Need for assurance

There is a risk that a person pays a large sum of money to purchase a

3 parties – surveyor (practitioner), buyer (intended user) and seller

Subject matter – house.

Suitable criteria – building regulations/best practice.

Evidence – obtained by the surveyor performing an inspection of the property.

Written assurance report – surveyor’s report identifying any structural

Levels and types of assurance

2.1 Limited and reasonable assurance