AUDIT PRACTICE AND ASSURANCE SERVICES: A1.

CHAPTER 1: INTRODUCTION TO AUDIT AND ASSURANCE

A. WHY THE NEEDS FOR AUDITING SERVICES?

Answer:

1. Compliance
- An audit is essential to ensure that the requirements of the companies Act and the
International Financial Reporting Standards have been complied with
- An audit is also essential to ensure that the company operates within the rules and
guidelines of the industry that govern it, and make sure that the company is always
compliant with the latest laws and amendments. One way to accomplish this is to make
use of an auditing service and ensure that the company will be looked after. An auditing
service provider will be able to conduct regular audits into every part of the company’s
business and identify areas where they need to improve. If the company’s business fails
to comply with a law or a guideline, they will be made aware of this and they will be
able to correct it so that they are not liable for a fine or penalty fees.
2. Separation of ownership and Management
- The need for an external audit primarily stems from the separation of ownership and
Management in large companies in which shareholders nominate directors to run
the affairs of the company on their behalf. As the directors report on the financial
performance and position of the company, shareholders need assurance over the
accuracy of the financial statements before placing any reliance on them. External audit
provides reasonable assurance to the owners of the company that the financial
statements, as reported by the directors, are free from material misstatements.
- If you take an example of a large liability company, we can clearly distinguish between
the providers of funds and those who control those funds. The providers of funds are
shareholders, creditors and other third parties who have loans to the company. Those
charged with the responsibility of controlling those funds are usually called directors
and management.
- Since the providers of funds are divorced from the control of those funds it would
seem logical that the controllers should on a regular basis give a report to the
providers of the funds on changes in the resources and claims. This report of the
controllers or directors should be in the form of annual accounts which consist of the
balance sheet, the profit and loss account, statement of changes in equity and cash flows
statement.

Page 1 of 94
So, audit is needed because the report of directors lacks credibility, in that:

i. It may contain errors

ii. It may fail to disclose frauds
iii. It may be misleading inadvertently (without intention / accidentally)
iv. It may be misleading deliberately (on purpose/ intentionally / willfully,)
v. It may fail to disclose all relevant information.

B. ASSURANCE

1. Definition

"An engagement in which a practitioner expresses a conclusion designed to enhance the degree
of confidence of the intended users other than responsible party, about the outcome of the
evaluation or measurement of a subject matter against criteria."

2. The elements of an assurance engagement

[ACCA June 2013 Q5 (a)]

There are 5 elements of an assurance engagement:

(i) A three-party relationship:

 the practitioner (i.e. the reviewer of the information);

 the intended users (of the information); and
 The responsible party (i.e. the preparer of the information / Management).

(ii) The subject matter (set of financial statements evaluated);

(iii) Suitable criteria: benchmarks used to evaluate or measure the subject matter (e.g.
IFRS / IAS / LAW….);
(iv) Sufficient appropriate evidence to establish an opinion; and
(v) A written report

Page 2 of 94
 C. LEVELS (TYPES / KINDS) OF ASSURANCE ENGAGEMENTS
[ACCA 2009 Q4 (d), June 2012 Q1 (c) and June 2008 Q5 (d)]

1. Introduction

We introduce by saying that there are two levels of assurance:

- Reasonable assurance / positive assurance that is provided by audit engagements

- Negative assurance / Limited assurance that is provided by review engagements.

The level of assurance provided by audit and review engagements is explained as follows:

Audit engagements

External Audit – A high but not absolute level of assurance is provided, this is known as reasonable
assurance. This provides comfort that the financial statements are true and fair and are free of
material misstatements.

Review engagements

Review engagements where an opinion is being provided, the practitioner gathers sufficient
evidence to be satisfied that the subject matter is plausible; in this case negative assurance is given
whereby the practitioner confirms that nothing has come to his attention which indicates that the
subject matter contains material misstatements.

NOTE: It is not possible to give an absolute level of assurance

According to International Standards on Auditing ISAs, auditor is required to obtain reasonable

assurance whether financial statements give true and fair view or in others words he must be
reasonably sure that financial statements are free from material misstatements.

Again, we must emphasize he needs to be reasonably sure and NOT absolutely sure. There is a
big difference if you are absolutely sure about something or reasonably sure.

Such limitations that restrict the auditor to gain absolute assurance are known as Inherent
limitations of an Audit.

2. Inherent Limitations Of An Audit

Inherent limitations of an audit arise due to the following reasons:

o Use of judgment in establishing estimates for reporting purposes

o Human error
o complexity of the transactions involved
o Use of sampling techniques by the auditor in conducting different audit procedures

Page 3 of 94
 o Auditor does not have investigative rights and cannot demand certain information
or evidence from management if refused by the management
o Cost-benefit limitations i.e. conducting audit engagement requires resources which
auditor might not have or in auditor’s judgment cost of gaining additional assurance
will be higher than the benefit gained and thus not obtained.

3. Related Services (Audit Related Services)

In addition to audit services, auditors provide other services. These can be classified as:

Assurance engagements
 Audits
 Reviews

Non-assurance Engagements (related services)

 Agreed upon Procedures
 Compilations

3.1 Reviews

The objective of a review of financial statements is to enable an auditor to state whether, on the
basis of procedures which do not provide all the evidence that would be required in an audit,
anything has come to the auditor’s attention that causes the auditor to believe that the
financial statements are not prepared, in all material respects, in accordance with an identified
financial reporting framework

A review comprises inquiry and analytical procedures, which are designed to review the reliability
of an assertion that is the responsibility of one party for use by another party. While a review
involves the application of audit skills and techniques and the gathering of evidence, it does not
ordinarily involve an assessment of accounting and internal control systems, tests of records and
of responses to inquiries by obtaining corroborating evidence through inspection, observation,
confirmation and computation, which are procedures ordinarily performed during an audit.

Although the auditor attempts to become aware of all significant matters, the procedures of a
review make the achievement of this objective less likely than in an audit engagement, thus the
level of assurance provided in a review report is correspondingly less than that given in an audit
report.

3.2 Agreed-upon Procedures (ISRS4400)

The objective of these procedures is to report on the factual findings of procedures as agreed
with the client

In an engagement to perform agreed-upon procedures, an auditor is engaged to carry out those

procedures of an audit nature to which the auditor and the entity and any appropriate third parties

Page 4 of 94
have agreed and to report on factual findings. The recipients of the report must form their own
conclusions from the report by the auditor. The report is restricted to those parties that have agreed
to the procedures to be performed since others, unaware of the reasons for the procedures, may
misinterpret the results.

3.3 Compilations (ISRS 4410)

The objective of compilations is to collect, summarize and classify financial information i.e.
using accounting rather than auditing expertise into understandable form e.g. financial
statements

In a compilation engagement, the accountant is engaged to use accounting expertise as opposed to

auditing expertise to collect, classify and summarize financial information. This ordinarily entails
reducing detailed data to a manageable and understandable form without a requirement to test the
assertions underlying that information. The procedures employed are not designed and do not
enable the accountant to express any assurance on the financial information. However, users of the
compiled financial information derive some benefit as a result of the accountant’s involvement
because the service has been performed with due professional skill and care.

D. AUDIT FUNCTION (MEANING AND OBJECTIVES OF AUDITING)

1. What is Audit?
An audit is an exercise, of which the objective is, to enable an independent auditor to
express an opinion on whether a set of financial statements is prepared in a true and fair
manner in accordance with an identified financial reporting framework.

2. Objectives of an audit
i. Primary Objectives Of Audit

In overall, there are two Primary / main objectives of audit:

 To obtain reasonable assurance about whether the financial statements as a whole are free
from material misstatement, whether due to fraud or error, thereby enabling the auditor to
express an opinion on whether the financial statements are prepared, in all material
respects, in accordance with an applicable financial reporting framework.

 To report on the financial statements, and communicate as required by the ISAs in

accordance with the auditor's findings.

ii. Secondary / Subsidiary Objectives Of Audit

These are such objectives which are set up to help in attaining primary objectives. They are as
follows:

Page 5 of 94
 - Detection and prevention of errors
Errors are those mistakes which are committed due to carelessness or negligence or lack of
knowledge or without having vested interest. So, they are to be checked carefully. Errors are of
various types. Some of them are:
* Errors of principle: when a transaction is entered in wrong head or class of accounts
* Errors of omission: Where in the full transaction is omitted from the books of accounts
* Errors of commission: Where we have entered the correct amounts but in wrong person
account
* Compensating errors: An error on the debit side being compensated by an error of equal amount on the credit
side
* Error of complete reversal: This is where the correct accounts are used but each transaction is shown on the
wrong
side of the account
* Errors of Original Entry: A wrong amount is recorded in the subsidiary book and posted to the accounts

- Detection and prevention of frauds

Frauds are those acts which are committed knowingly with some vested interest on the direction
of top level management. Management commits frauds to deceive tax, to show the effectiveness
of management, to get more commission, to sell share in the market or to maintain market price of
share etc. Detection of fraud is the main job of an auditor. Such frauds are as follows:
* Misappropriation of cash
* Misappropriation of goods
* Manipulation of accounts

E. TYPES OF AUDITS

1. Based on Business Ownership

i. Statutory audit:
Statutory Audit is compulsory audit prescribed under statute i.e law. It can be
conducted only by a qualified Certified Public Accountant. Appointment of
auditors, removal, remuneration, rights, duties, liabilities is governed as per the
Provisions of the respective law applicable to the company. Scope of the audit
work and all other terms are as laid down by the law.

Statutory audit is conducted after preparation of final accounts. The

statutory auditor has to report whether the balance sheet and profit and loss
account are drawn upon conformity with law and whether they show a true and
fair view. The statutory auditor has to submit report to the shareholder (s). His
salary is fixed by shareholder (s). In case of Rwanda the concerns and the
corresponding acts are as shown in the following table:

Page 6 of 94
 1 Companies RDB Companies Act : Chapter IV Article 238 – 250 P179

2 Banks BNR Banking Act

3 Insurance Companies BNR Insurance Act

4 Cooperative Societies RCA Cooperative Societies Act

5 Tax Payers RRA Tax Audit under Income Tax Act: Chapter III Article 7 P186

ii. Government Audit:

Government audit deals with the audit of revenues and expenditures of the State as well as local
government organs, public enterprises, joint enterprises the state is participating.

Who conduct it?

In Rwanda, the Government audit is conducted by the Office of Auditor General (OAG)

OAG report to who?

OAG report to chamber of Deputies and submit a copy of the report to the:

- President of the republic

- Cabinet
- President of the supreme court
- Prosecutor general of the republic

iii. Non-statutory Audit:

Example:

- Sole proprietorship
- Partnership
- Individuals
- Non-profit organizations

Non-statutory audit is voluntary audit. It is not compulsory under any law (see Companies Act:
Chapter IV Article 251 P185). Terms and conditions of the audit are determined as per the
agreement made between the auditor and proprietor. And Terms and conditions between the
client and the auditor define the scope of the auditor’s work. Voluntary audit also covers non-
financial audit, internal audit, management audit, social audit, operational audit etc.

Page 7 of 94
2. Based on Time
i. Interim audit:
Interim audit is done mid-year to report half year results i.e 6 months. It is
conducted to find out the interim profit and know how the financial position at the
end of a part of the accounting year.

When conducted?
a. Interim dividends:
Interim audit is advisable when a company intends to pay interim dividends.
Interim audit would ensure that there are enough profits to justify payment of
interim dividends.
b. Sale of business:
In case of a partnership firm, interim audit becomes necessary on admission,
retirement, or death of a partner, dissolution of partnership, sale of a firm, and
valuation of goodwill
c. Changes in firm:
Interim audit is conducted when the business is proposed to be sold, to fix the
purchase consideration.

ii. Continuous audit:

An auditing process that examines accounting practices continuously throughout
the year. Thus in continuous audit, accounting and auditing work is done almost
side by side. Continuous audit, however, does not mean the audit work goes on for
365 days of the year. The auditor may make periodical visits, say, every one or two
or three months during the year and at the end of year we would verify the final
statement of account.
When conducted?
a. Where the volume of transaction is very large and complex
b. Where the management requires monthly or quarterly audited statements of
accounts or the statements of accounts are required immediately after the
accounting year.
iii. Final audit
Generally, it starts after the close of the financial period. There is very little impact on
prevention of errors and frauds. It is best suited for small and medium sized business. It
saves in terms of time, energy and money.

Page 8 of 94
 F. AUDIT OF SMALL ENTITIES
1. The Characteristics and meaning of “small entity”

A small entity is any entity in which:

a. Company must be a private company

b. Company must not be a bank or insurance entity
c. Company must not be a part of a group
d. Concentration of Decision-making Power: There is concentration of ownership and
management in a small number of individuals often a single individual (“owner-
manager”).
e. Few sources of income;
f. Non-complex Operations: Generally, small entities are less complex in organization,
operations and activities than larger ones;
g. Lack of Formal Systems and Authorization Procedures: Although often adequate for
operational purposes, small entity systems and authorization procedures are frequently
informal and flexible;
h. Poor record-keeping: Small entities don’t keep sufficient accounting records to comply
with any relevant statutory or regulatory requirements and to meet the needs of the entity,
including the preparation and audit of a financial report;
i. Management and employees have only limited accounting skills.

2. Arguments for and against small company audits

The principles applied in an audit are the same for large and small companies. Due to the nature
of small companies as noted above, problems can arise with the reliability of internal control
systems. In fact in small companies Control Risk is high. The audit of a small entity differs from
the audit of a large entity as documentation may be poor.
On the other hand, audits of small entities are ordinarily less Complex and may be performed
using fewer assistants.

G. METHODOLOGY OF AN AUDIT

Audit methodology is comprised of various procedures which represent a categorization of audit

steps / process in partly sequential and most frequently interdependent manner.

The audit steps (processes) are summarized below:

Audit methodology is comprised of various procedures which represent a categorization of audit

steps in partly sequential and most frequently interdependent manner:

i. Ascertain terms of the engagement (terms of reference)

Page 9 of 94
 ii. Determine team skills and competence
iii. Understand the entity’s business
iv. Understand entity wide internal control and the risk of fraud
v. Obtain high-level understanding of the accounting system
vi. Follow-up of previous year’s recommendations
vii. Identify significant provisions of laws and regulations
viii. Plan the audit work and Develop preliminary audit strategy
ix. Perform tests of controls
x. Update combined risk assessments
xi. Perform substantive testing procedures
xii. express an opinion- Audit report

H. ISA 200: OVERALL OBJECTIVES OF THE INDEPENDENT AUDITOR AND

THE CONDUCT OF AN AUDIT IN ACCORDANCE WITH
INTERNATIONAL STANDARDS ON AUDITING

1. ISA 200 states that there are two overall objectives of the auditor.

 To obtain reasonable assurance about whether the financial statements as a whole are free
from material misstatement, whether due to fraud or error, thereby enabling the auditor to
express an opinion on whether the financial statements are prepared, in all material
respects, in accordance with an applicable financial reporting framework.

 To report on the financial statements, and communicate as required by the ISAs in

accordance with the auditor's findings.

Page 10 of 94
CHAPTER 2: THE AUDITOR AND THE AUDIT ENVIRONMENT

A. AUDITOR’S REPORT AND OPINION

Introduction

Auditor's Professional Judgment About the

Pervasiveness of the Effects or Possible
Effects on the Financial Statements

MATERIAL BUT MATERIAL AND

NATURE OF MATTER
NOT PERVASIVE PERVASIVE

Financial statements are materially

Qualified opinion Adverse opinion
misstated (disagreement)

Inability to obtain sufficient appropriate Disclaimer of

Qualified opinion
evidence (limitation) opinion

DESCRIPTION AUDIT OPINION

Accounts show a true and fair view Unqualified audit opinion

Some Material items do not show a true

and fair view, but accounts show a true and Qualified audit opinion
fair view except for those material items

A true and fair view is not shown because

disagreements are pervasive to the
accounts. i.e. there is a significant number Adverse audit opinion
of material disagreements that do not show
a true and fair view

Auditor cannot tell whether a true and fair

view is given at all due to a limitation in Disclaimer of opinion
scope

TYPES OF AUDIT OPINION

i. Unqualified Opinion
ii. Qualified opinion
iii. Adverse opinion
iv. Disclaimer of Opinion

Page 11 of 94
 B. CIRCUMSTANCES GIVING RISE TO MODIFIED REPORTS
1. “limitation on scope of the audit”
If the auditor has not received all the information and explanations he deems necessary for
the purpose of his audit, then he needs to consider that there has been a limitation imposed
on the scope of his audit. This consideration will affect his opinion.
2. “disagreement with management”
Auditor may disagree with management about matters such acceptability of accounting
policies selected, the methods of their application or their adequacy of disclosure in
financial statements. This will affect his opinion.

C. RESPONSIBILITIES IN RELATION TO FINANCIAL STATEMENTS

Management’s Responsibility for the Financial Statements
- The management is responsible for the preparation and fair presentation of the financial
statements in accordance with International Financial Reporting Standards and the requirements
of Companies Act.
- Management are responsible for prevention and detection of frauds and errors within the company
- Management are responsible for safeguarding the assets of the company

Auditor’s Responsibility
Auditors’ responsibility is to express an independent opinion on the financial statements prepared
by management for whether they are prepared in a true and fair manner in accordance with an
identified financial reporting framework.

D. SPECIAL PURPOSE REPORTS

Auditors may issue special reports on financial statements:

i. Summarized financial statements

These may be prepared by management in order to inform user groups such as
shareholders or bankers of the company’s financial position and the results of its
operations.
The auditor should not report on these summarized financial statements unless he has
expressed an audit opinion on financial statements from which the summary information
is derived.
ii. Distributions of dividend
Distributions in certain jurisdictions e.g. Rwanda and Ireland such as dividends can only
be made out of accumulated realized accumulated profits less accumulated realized
losses.

Page 12 of 94
 iii. Revised accounts
The revision of accounts may be undertaken by a replacement or a supplementary note.
The auditor has no duty to search for any further evidence which may affect the accounts
to which the report relates. However, if such a matter comes to his attention, he should
discuss any appropriate revision with management. If management is unwilling to revise
the accounts, then the auditor should consider taking legal advice.

E. REPORTING TO MANAGEMENT

Auditor reports relevant audit matters to management and will often produce a management
letter detailing control weaknesses observed during an audit.

F. CORPORATE GOVERNANCE
[ACCA Dec. 2011 Q4 (a &b)]

Definition of Corporate Governance

- “Corporate governance is the system by which Companies are directed and controlled.”
G. CODES OF BEST PRACTICE OF CORPORATE GOVERNANCE

The following three prominent codes have been formed for corporate governance and are
considered best practice in modern times:

 The Cadbury report

 The combined Code
 Sarbanes – Oxley Act of 2002

1. The Cadbury Report

i. Introduction to Cadbury Report

George Adrian Cadbury was a Director of the Bank of England from “1970–1994” and of IBM
from “1975-1994”. He was Chairman of the UK Committee on the Financial Aspects of Corporate
Governance which published its Report and Code of Best Practice ("Cadbury Report and Code")
in December 1992.

Page 13 of 94
Cadbury Report’s Definition for Corporate governance
- Corporate governance is a relationships between a company’s management, its board, its
shareholders and other stakeholders
- Corporate governance is also the structure through which objectives of the company are
set, and the means of achieving those objectives and monitoring performance are
determined
- Corporate governance Focuses on preventing corporate collapses such as Enron collapse

Cadbury Report 1992

- The Cadbury Report: titled Financial Aspects of Corporate Governance, is a report of a

committee chaired by Adrian Cadbury that sets out recommendations on the arrangement
of company boards and accounting systems to lessen corporate governance risks and
failures.
- The report was published in 1992. The report's recommendations have been adopted in
varying degree by the European Union, the United States, the World Bank, and others.

Corporate Governance Parties as stated by Cadbury Report

- Shareholders: Those that own the company.

- Directors (Non-Executive & Executive): Guardians of the Company’s assets for the
Shareholders. Directors, often referred to as the board of directors, are often appointed
or elected by the shareholders. These stakeholders are legally accountable for many
actions of the corporation. The board of directors decides important issues and
develops the long-term strategies of a corporation.
- Managers / Officers: who the company’s assets use. Officers are employees who serve
the directors as top-level management.

Principals (Codes of Best Practice) of Corporate Governance as stated by Cadbury Report

Accountability:
- Ensure that management is accountable to the Board of Directors
- Ensure that the Board of Directors is accountable to shareholders
Fairness:
- Protect Shareholders rights
- Treat all shareholders including minorities, equitably
- Provide effective redress for violations
Transparency:
- Ensure timely, accurate disclosure on all material matters, including the financial
situation, performance, ownership and corporate governance
Independence: Independent Directors and Advisers i.e. free from the influence of others
Page 14 of 94
ii. UK Public Limited Companies and Cadbury Report
The Cadbury report was aimed at directors of all UK Public Limited Companies, but directors
of all companies are encouraged to apply the code. The directors should state in the financial
statements, normally through the directors’ report, whether they comply with the code and must
give any reasons for non-compliance.

The Cadbury report covered a number of areas including the board of directors, non-executive
directors, executive directors and external audit function. Some of provisions include:

 Board of Directors
- They should meet on a regular basis
- They should have clearly accepted division of responsibilities, so no one person has
complete power
- The post of Chairman and CEO should be separate
- Decisions which require a single signature or several signatures need to be laid out in a
formal schedule, and procedures must be put in place to ensure that the schedule is
followed.
 Non-Executive Directors
- They are not involved in the day to day running of the company and should bring their
independent judgment to bear in the affairs of the company. Such affairs may include
key appointments and standards of conduct
- There should be no business or financial connection between the company and non-
executive directors other than fees and a shareholding
- Appointments of non-executive directors should be for a specific term and automatic re-
appointment is discouraged.
 Executive Directors
- They run the company on a day to day basis and should have service contracts in place
of not more than three years, unless approved by shareholders
- Directors’ emoluments should be fully disclosed in the financial statements and should
be distinguished between salary and performance based pay.
 External audit
- Disclosing fees for external audit in the financial statements should safeguard against
the threat of objectivity where auditors offer services to their audit clients
Page 15 of 94
 - Formal guidelines concerning audit rotation should be drawn up by the accounting
profession.
- There is a need for auditors to report on going concern. This is now reflected in auditing
standards.

2. The Combined Code

UK stock exchange issues guidelines on a regular basis. In 1998, it issued the combined code.
This combined key guidance from various reports including the Cadbury Report into the code.

Some of its principles include:

- Every company should have an effective board
- There should be a clear divisions of responsibilities at board level
- There should be an appropriate balance of executive and non-executive directors
- A formal procedure for appointment to the board should exist
- The board should implement a good system of internal control.
- The board should have meaningful communication with the shareholders and should use
Annual General Meeting (AGM) to communicate with investors

UK stock exchange rules require that the annual report includes a statement of how a company
has applied the principles of the combined code and must disclose whether there has been
compliance with those principles. Auditors should review this statements.

Although the UK stock exchange rules require the code to be complied with, there is no statutory
duty for companies to do so. It is in fact a voluntary code, because making the code obligatory
may create an excessive burden of requirement especially for small companies.

Page 16 of 94
3. Sarbanes – Oxley Act Of 2002

Enron raised serious questions about self-regulation. In response the Sarbanes – Oxley Act of 2002
was passed in the USA. This set up improved corporate governance including enhanced internal
controls and improved levels of auditor’s independence. This has led to attempts to strengthen
regulation in a number of other countries too.

Enron Corporation was an American energy, commodities, and Services Company based
in Houston, Texas. It was founded in 1985 as the result of a merger between Houston
Natural Gas and Inter-North, both relatively small regional companies. Before its
bankruptcy on December 2, 2001, Enron employed approximately 20,000 staff and was
one of the world's major electricity, natural gas, communications and pulp and paper
companies, with claimed revenues of nearly $101 billion during 2000. Fortune named
Enron "America's Most Innovative Company" for six consecutive years.

At the end of 2001, it was revealed that its reported financial condition was sustained by
institutionalized, systematic, and creatively planned accounting fraud, known since as the Enron
scandal. Enron has since become a well-known example of willful corporate fraud and
corruption. The scandal also brought into questions the accounting practices and activities of
many accounting firms in the United States and was a factor in the enactment of the Sarbanes–
Oxley Act of 2002. The scandal also affected the greater business world by causing the dissolution
of the Arthur Andersen accounting firm.

Fortune: is a multinational business magazine, published and owned by Time Inc. and
headquartered in New York City.

Sarbanes–Oxley Act of 2002: The Sarbanes–Oxley Act of 2002, enacted July 30, 2002), also known
as the "Public Company Accounting Reform and Investor Protection Act" and "Corporate and
Auditing Accountability, Responsibility, and Transparency Act" and more commonly called
Sarbanes–Oxley, Sarbox or SOX, is a United States federal law that set new or expanded
requirements for all U.S. public company boards, management and public accounting firms.

Page 17 of 94
 Summary of Sarbanes-Oxley Act of 2002

i. Introduction

The Sarbanes-Oxley Act (SOX) was passed by Congress in 2002. The Act, along with subsequent
regulations adopted in 2003 and 2004, affected the responsibilities of boards of directors,
corporate managers and external auditors with respect to financial reporting.

Also, the act established the Public Companies Accounting Oversight Board (PCAOB) that is now
responsible for oversight of financial statement audits of publicly-traded corporations and the
establishment of auditing standards in the U.S. The primary purpose of SOX was to increase
investor confidence in the financial reports provided by corporations. To achieve this purpose, the
Act established the PCAOB to oversee external auditing and corporate governance issues that
potentially affect the reliability of financial reports. Further, SOX increased the responsibilities of
corporate managers for producing reliable financial reports and specified restrictions on the
activities of external auditors to increase their independence from their audit clients.

Though there are many provisions in the legislation and subsequent regulations, three issues are
of primary importance for accounting. These involve the financial reporting responsibilities of the
PCAOB, corporations (including their boards of directors and managers), and external
auditors.

ii. Responsibilities of the Public Companies Accounting Oversight Board

(PCAOB)
- Public Companies Accounting Oversight Board (PCAOB) reports to the Securities
and Exchange Commission (SEC), which appoints members of the Board
- The Board has five full-time members
- The Board establishes auditing standards for external audits of publicly traded
companies and oversees the accounting firms that provide these audits
- Accounting firms that provide external audits of companies that report to the SEC
must register with the PCAOB and report to the PCAOB information about their
audit clients, audit fees, and the services provided to clients.
- As part of its oversight responsibilities for accounting firms, the PCAOB issues
standards for accounting firms that provide guidance concerning auditor ethics and
independence; supervision, hiring, and development of audit personnel; and client
acceptance and continuation
- Also, the PCAOB is responsible for inspecting auditing firms to ensure their
compliance with SOX regulations and professional auditing standards.
- The PCAOB is responsible for investigating potential violations of SOX regulations,
the Board’s rules, and professional accounting standards. The Board may impose
sanctions on accounting firms, including suspension from auditing public companies
and civil penalties. The Board may refer these matters to the SEC and the
Department of Justice for further legal action if it believes such action is needed

Page 18 of 94
iii. Responsibilities of Corporations
- The Sarbanes-Oxley Act affects corporations that are required to report financial
information to the Securities and Exchange Commission (SEC).
- These corporations must provide a certification from the Chief Executive Officer
(CEO) and Chief Financial Officer (CFO) along with their financial reports.
- The officers certify that the financial reports comply with requirements of the
Securities Exchange Act of 1934 and contain information that fairly presents, in all
material respects, the financial condition and results of operations of the issuer.
- A company’s balance sheet reports its financial condition and its income statement
and statement of cash flows report its results of operations.
- Consequently, the officers are required to confirm that the corporation’s financial
statements reliably represent its economic activities.

The reports signed by the CEO and CFO must state that:
 they have reviewed the financial reports
 the reports are not misleading
 the reports fairly present the company’s financial condition and results of operations
 the officers are responsible (1) for establishing and maintaining an adequate system of
internal controls sufficient to ensure reliable financial reporting and (2) for assessing the
effectiveness of those controls
 The officers have disclosed to the company’s audit committee and external auditors (1)
significant deficiencies in the company’s controls identified in their assessment and any
significant changes in the controls and (2) any fraud involving management or employees
who have a significant role with respect to internal controls.

Board’s functions (Role / responsibilities)

- Strategic planning
- Selection, performance appraisal and compensation of senior executives
- Communication with shareholders
- Ensuring that ethical standards are maintained and that the company complies with the
laws”
- Review and approve significant corporate actions.
- Review and monitor implementation of management’s strategic plans.
- Review and approve the Company’s annual operating plans and budgets.
- Monitor corporate performance and evaluate results compared to the strategic plans
and other long-range goals.
- Review and approve Company’s financial controls and reporting systems.
- Review and approve the Company’s financial statements and financial reporting.
- Review the Company’s ethical standards and legal compliance programs and
procedures.

Page 19 of 94
 Responsibilities of audit committee
- SOX also effectively mandates that corporations create audit committees as part of their boards
of directors.
- Members of the audit committee must be independent of corporate management, meaning that
managers of a corporation cannot serve on the audit committee.
- The audit committee is responsible for selection, compensation, and oversight of the
corporation’s external auditor. Thus, the audit committee, rather than corporate management,
is the primary contact for a corporation’s external auditor.
- The audit committee must include a member who is a financial expert. A financial expert is
defined as someone who has an understanding of generally accepted accounting principles,
internal controls, financial statements, and audit committees and who has experience preparing,
auditing, analyzing, or evaluating financial statements.
- The audit committee must approve of any services provided by the external auditor, particularly
those that are not directly related to the financial audit. These services must be disclosed in
reports to the SEC.

A corporation’s financial reports must disclose all material off-balance sheet transactions and
activities that have a material effect on the corporation’s current or future financial condition. Off-
balance sheet items usually involve obligations that do not fit the definition of liabilities that must
be reported on the balance sheet. Corporations also must disclose on a rapid and current basis
material changes in their financial conditions and operations.

A corporation also must disclose whether it has a code of ethics for its top managers.
Among other things, a code of ethics should promote honest behavior, accurate and timely
disclosure of financial information, and compliance with laws and regulations. A corporation is
required to make its code of ethics available to the public.

iv. Responsibilities of External Auditors

A corporation’s external auditor must provide timely information to the audit committee about
important accounting practices and policies adopted by corporate management and any
discussion between the auditor and management about alternative practices or policies. Any
disagreements between the auditor and management about these matters also must be disclosed
to the audit committee.

The Sarbanes-Oxley Act (SOX) prohibits external auditors are from providing certain services
to a client corporation. These include:
 bookkeeping or other services relating to the accounting records or financial statements
of the audit client;
 financial information systems design and implementation;
 appraisal or evaluation services, fairness opinions or contribution-in-kind reports;
 actuarial services;
 internal audit outsourcing services;
 management functions or human resources;
 broker or dealer, investment advisor, or investment banking services;
 legal services and expert services unrelated to the audit;
Page 20 of 94
  And any other service that the accounting board (PCAOB) determines, by regulation, is
impermissible.

The auditor must attest to and report on management’s assessment of a corporation’s internal
controls. The auditor is responsible for examining the client firm’s internal control system and
verifying that the system is adequate to provide reasonable assurance of reliable financial reporting
information. The auditor expresses an opinion concerning management’s assertions about its
internal control system. This opinion is based on the results of the auditor’s assessment and appears
in a report that accompanies the company’s audited financial statements. This report is in addition
to the auditor’s attestation concerning the financial statements themselves.

The external auditor must be independent of management in fact and appearance. As part of this
requirement, Sox mandates that the CEO, CFO, and Chief Accounting Officer cannot have been
employed by the company’s external auditor during the one-year period preceding the audit. It is
not uncommon for employees of audit firms to take positions with client corporations. SOX limits
the ability of corporations to hire employees from their external audit firms.

v. Conclusion

The Sarbanes-Oxley Act has had profound effects on financial accounting and auditing practices.
Some provisions of the Act and related regulations are still being implemented, and we will
undoubtedly see revisions and additions to some of these provisions. The extent to which these
provisions are successful in increasing the reliability of financial reporting remains to be seen.
However, there is no question that the way that boards of directors, corporate managers, and
external auditors approach their responsibilities has changed and that greater efforts are being
made to ensure that timely and accurate financial information is provided to investors.

Page 21 of 94
CHAPTER 3: THE AUDITORS LEGAL, ETHICAL & PROFESIONAL
RESPONSIBILITIES – Part 1

A. PROFESSIONAL & ETHICAL RESPONSIBILITIES

1. The fundamental Principles (codes of Ethics) governing the auditor’s professional

Responsibilities are the following:

A professional accountant shall comply with the following fundamental principles:

 Integrity – to be straightforward and honest in all professional and business relationships.

 Objectivity – to not allow bias, conflict of interest or undue influence of others to override
professional or business judgments.
 Professional Competence and Due Care – to maintain professional knowledge and skill at
the level required to ensure that a client or employer receives competent professional services
based on current developments in practice, legislation and techniques and act diligently and in
accordance with applicable technical and professional standards.
 Confidentiality – to respect the confidentiality of information acquired as a result of
professional and business relationships and, therefore, not disclose any such information to
third parties without proper and specific authority, unless there is a legal or professional right
or duty to disclose, nor use the information for the personal advantage of the professional
accountant or third parties.
 Professional Behavior – to comply with relevant laws and regulations and avoid any action
that discredits the profession.

2. Independence

It is essential that auditors are independent and impartial, not only in fact but also in appearance.
In other words the auditor is independent if the threats to auditors are absent.

Threats to ethical behavior (threats to auditor’s Independence) [ACCA June 2010 Q4 (a & b)]

Compliance with Code of Ethics and Conduct fundamental principles can be threatened by a
number of areas. The six categories of threats, which may impact on ethical risk, are:
– Self-interest threats
– Self-review threats
– Advocacy threats
– Familiarity threats
– Intimidation threats
– Management threats

Page 22 of 94
Examples for each category (Only one example required per threat):

Self-interest threats
– Undue dependence on fee income from one client
– Close personal or business relationships
– Financial interest in a client
– Incentive fee arrangements
– Concern over employment security
– Commercial pressure from outside the employing organization
– Inappropriate personal use of corporate assets.

Self-review threats
– Member of assurance team being or recently having been employed by the client in a position
to influence the subject matter being reviewed
– Involvement in implementation of financial system and subsequently reporting on the
operation of said system
– Same person reviewing decisions or data that prepared them
– An analyst, or member of a board, audit committee or audit fi rm being in a position to exert a
direct or significant influence over the financial reports
– The discovery of a significant error during a re-evaluation of the work undertaken by the
member
– Performing a service for a client that directly affects the subject matter of an assurance
engagement.

Advocacy threats
– Acting as an advocate on behalf of a client in litigation or disputes
– Promoting shares in a listed audit client
– Commenting publicly on future events in particular circumstances
– Where information is incomplete or advocating an argument which is unlawful.

Familiarity threats
– Long association with a client
– Acceptance of gifts or preferential treatment (significant value)
– Over familiarity with management
– Former partner of firm being employed by client
– A person in a position to influence financial or non-financial reporting or business decisions
having an immediate or close family member who is in a position to benefit from that
influence.

Intimidation threats
– Threat of litigation
– Threat of removal as assurance firm
– Dominant personality of client director attempting to influence decisions
– Pressure to reduce inappropriately the extent of work performed in order to reduce fees.

Management threats
– Making and taking decisions which are the responsibility of management.

Page 23 of 94
 3. Confidentiality [ACCA Dec 2011 Q4 (c)]

Code of Ethics and Conduct addresses the area of auditor confidentiality and states that auditors
acquiring information in the course of their professional work should not disclose any such
information to third parties without first obtaining permission from their clients.
Confidentiality is an implied term of auditors’ contracts with their clients. For this reason auditors
should not disclose confidential information to other persons, against their client’s wishes. The
obligation of confidentiality continues even though a professional relationship has ended.

Exceptions / Situations where disclosure is or may be required

There are, however, circumstances where auditors may disclose information to third parties
without first obtaining permission. These circumstances are the following:

 statutory right or duty to disclose: Auditors are obliged to make disclosure where, for
example, there is a statutory right or duty to disclose, such as if the auditor suspects the
client is involved in money laundering, terrorism, drug trafficking or human trafficking in
which case they must immediately notify the relevant authorities.

 Court order: In addition, auditors must make disclosure if compelled by the process of
law, for example under a court order, under which they are obliged to disclose information.

 Public interest – An auditor may disclose information which would otherwise be

confidential if disclosure can be justified in the ‘public interest’. This would be perhaps if
those charged with governance are involved in fraudulent activities;

 Protect Auditors interest – auditors may disclose information to defend themselves

against a negligence action, disciplinary proceedings or if suing for unpaid fees;

Under ISA 250: consideration of laws and regulations in an audit of financial statements, if
auditors become aware of a suspected or actual occurrence of non-compliance with laws and
regulation which give rise to a statutory right or duty to report, they should report it to the proper
authority immediately.

4. Areas of controversy (incompatibility) to independence and confidentiality:

a. Independence

 Multiple services
Many audit firms offer a wider variety of work to their clients. An auditor is not
independent in relation to a listed company if they provide certain non-audit services,
such as bookkeeping, internal audit, management or human resources function.

Page 24 of 94
  Specialist services
Services such as valuation of intangible assets, where carried by a firm who are also a
company’s auditor can lead to a self-review threat. A firm should not therefore audit a
client’s accounts which include specialist work carried out by themselves.

 Second opinions
Second opinions are acceptable but not if the current auditor is pressurized to accept
the second opinion. i.e, second opinion is not accepted if the second auditor finds that
that client company wants opinion shopping. Opinion shopping Is an unlawful action
of seeking auditors that are willing to search for an auditor that will issue an unqualified
opinion on a company’s financial statements, by doing so, a business has a better
chance of convincing creditors, lenders, and investors to give the firm funding, since
these parties rely on the auditor’s opinion when making funding decisions. If a
company suddenly changes its audit firm, this may be a sign that it is opinion
shopping. In order to avoid this, there should be constant communication between the
two auditors.

The second auditing firm has a duty to seek permission from the client to approach the
outgoing auditors. Without such communication, the second opinion may be formed
negligently, as the second opinion may be based on inadequate evidence.

b. Confidentiality

 Conflicts of interest
Conflicts of interest can arise when a firm has two or more audit clients, and the clients
are in direct competition with each other e.g. major banks. An audit firm can argue that
different audit teams are involved and can maintain independence and confidentiality.
 Insider dealing
Auditors should see the duty not to deal as an insider as an extension of their duty of
confidentiality to their clients.

B. AUDITORS DUTIES & RIGHTS

i. Duties:

 Collect and analyze data to detect deficient controls, non-compliance with laws,
regulations, and management policies.

 Report to management about asset utilization and audit results, and recommend changes
in operations and financial activities.

 Prepare detailed reports on audit findings.

 Inspect account books and accounting systems for efficiency, effectiveness, and use of
accepted accounting procedures to record transactions.

Page 25 of 94
  Examine and evaluate financial and information systems, recommending controls to
ensure system reliability and data integrity.

 Prepare, analyze, and verify annual reports, financial statements, and other records, using
accepted accounting and statistical procedures to assess financial condition and facilitate
financial planning.

 Examine inventory to verify journal and ledger entries.

 Examine whether the organization's objectives are reflected in its management activities,
and whether employees understand the objectives

 Examine records and interview workers to ensure recording of transactions and

compliance with laws and regulations.

 Audit payroll and personnel records to determine unemployment insurance premiums,

workers' compensation coverage, liabilities, and compliance with tax laws

ii. Rights

 Rights to access the books and records.

Company auditor has rights to access the books and records of the company. He can refer to any
book.

 Right to get explanations from company staff.

Company auditor has right to get explanations from company staff. If such explanations are not
received he modifies his report

 Right to visit branches.

Company auditor has right to visit branches. But there should be no separate auditors to those
branches and it should be a home branch.

 Right to seek legal and technical advises.

Company auditor has right to seek legal and technical advises. But, in his report, he should
express his own opinion but not that of experts concern

 Right to claim remuneration.

Company auditor has right to claim remuneration. His remuneration will be fixed by appointing
authority and it will be paid by company

Page 26 of 94
  Right to refuse to commence the audit.

Company auditor has right to refuse to commence the audit. Till making the records up to date,
he cannot start his work

 Right to question the board.

Company auditor has right to question the board. Board also should give explanation to him

 Right to modify his report.

Company auditor has right to modify his report. If he comes across any dis-satisfactory point, he
can mention the same in his report

 Right of indemnity.

Company auditor has right of indemnity. He can reimburse expenses incurred by him in
connection with conduction of audit work

Page 27 of 94
 CHAPTER 4: THE AUDITORS LEGAL, ETHICAL & PROFESIONAL
RESPONSIBILITIES – Part 2

A. AUDITOR’S RESPONSIBILITIES IN RELATION TO FRAUD AND FOR THE

ENTITIES COMPLIANCE WITH LAWS & REGULATIONS

1. Auditor’s responsibilities in relation to fraud

An auditor’s main concern in an audit is the risk of a material misstatement in the financial
statements. The material misstatements can arise from fraud or error.

An auditor’s responsibility in relation to fraud is to consider the risk of a material

misstatement in the financial statements due to fraud.

- An error
it is an unintentional misstatement in the financial statements, whether an omission of
an amount or disclosure.
- Fraud
it is intentional act by one or more individuals among management, employees or third
parties, involving in obtaining an unjust or illegal advantage.

ISA 240 the auditor’s responsibility to consider fraud in an audit of financial statements, states
quite clearly that the primary responsibility for prevention and detection of fraud rests with
management and those charged with governance of the entity.

The auditor does not have a specific responsibility to prevent or detect fraud, but he must
consider whether it has caused a material misstatement in the financial statements.

2. Types of fraud

There are two types of fraud of intentional misstatement:

i. Fraudulent financial reporting

ii. Misappropriation of assets

Fraudulent financial reporting

 Manipulation, falsification, or alteration of accounting records or supporting

documentation from which accounts are prepared
 Intentional omission from the accounts, transactions or other significant information
 Intentional misapplication of accounting principles relating to amounts

Misappropriation of assets

This involves the theft of a company’s assets e.g

 Embezzling receipts
Page 28 of 94
 Stealing physical assets
 Causing the company to pay for something they never received
 Using the company’s assets for own personal use

3. Compliance with Law And Regulation

Companies are statutorily bound to comply with laws and regulations. Some of the laws and
regulations affecting companies are:

 Company law
 Health and safety regulations
 Employment law
 Civil law, both tort and contract
 Environmental law and regulations.

The auditor should identify the laws and regulations the client operates within.

ISA 250 consideration of laws and regulations in an audit of financial statements

establishes standards and guidance on the auditor’s responsibilities to consider laws and
regulations in an audit of financial statements. The auditor should recognize that non-
compliance by the client with laws and regulations may materially affect the financial
statements.

Reporting non-compliance

 The auditor should communicate to the appropriate level of management any

identified non-compliance.
 If the auditor suspects senior management, he should communicate to the next higher
level, such as the audit committee.
 The auditor may have a statutory duty to report fraudulent behavior to a regular
outside entity for example the police authorities.
 In case of money laundering and human traffic it may be appropriate to report the
matter directly to the appropriate authority

Page 29 of 94
 B. AUDITOR’S RESPONSIBILITIES DEFINED BY CASE LAW ARISING FROM
NEGLIGENCE AND RELATED EXPOSURE AND CONSEQUENCES

1. Introduction

Auditors are potentially liable for both Statute law (Criminal liabilities /offences) and Tort of
negligence (Civil liabilities / offences). The former occur when individuals or organizations
breach a government imposed law; in other words criminal law governs relationships between
entities and the state. Civil law, in contrast, deals with disputes between individuals and/or
organizations.

2. Types of professional liability

i. Statute law (Criminal liabilities /offences).

 An auditor could be found to be guilty of insider dealing, which is a criminal offence

 Auditor could found guilty of a criminal offence in respect of money laundering issues as
to their failure to report any known suspicions to the proper authority
 Failure to report issues that are required under company law.

Audit is also subject to legislation prescribed by the Companies Act. This includes many sections
governing who can be an auditor, how auditors are appointed and removed and the functions of
auditors.

This means that auditors could be prosecuted in a criminal court for either knowingly or
recklessly issuing an inappropriate audit opinion.

ii. Tort of negligence (Civil liabilities / offences).

Negligence is based on customary / common law. It seeks to provide compensation to loss

suffered by one due to another’s wrongful neglect.

There are two pieces of civil law of particular significance to the audit profession; contract law
and the law of tort. These establish the principles for auditor liability to clients and to third
parties, respectively.

 Under contract law: parties can seek remedy for a breach of contractual obligations.
Therefore shareholders can seek remedy from an auditor if they fail to comply with the
terms of an engagement letter. In this case; an auditor could be sued by the shareholders.
 Under the law of tort: auditors can be sued for negligence if they breach a duty of care
towards a third party who consequently suffers some form of loss.

To succeed the injured party must prove:

 A duty of care existed

 The duty of care was breached
 The actual breach caused the loss
Page 30 of 94
 iii. Who could take an action against an auditor?

 The company (client)

 The shareholders
 The bank
 Other lenders
 Other interested parties

3. Litigation avoidance
One way of dealing with litigation is to try and avoid it. How?

 Have clear client acceptance procedures, use an engagement letter

 Perform all audit work in accordance with standards and best practice
 Have sensible and effective quality control procedures in place
 Issue appropriate disclaimer. Auditors may attempt to limit their liability by issuing
disclaimers, although this may not always be effective

C. MISCONDUCT

Misconduct includes any act or default that is likely to bring discredit to the member, relevant
firm or registered student.

A member should comply with relevant laws and regulations and should avoid any action that
discredits the profession.

A member found guilty of misconduct by competent court shall be liable to disciplinary action,
the penalties for which are at the discretion of the professional bodies committees dealing with
this area.

Misconduct could include:

 Deception
 Forgery
 Theft
 Dishonesty

Page 31 of 94
 D. PROFESSIONAL INDEMNITY INSURANCE

Most professions insist that auditors take out professional indemnity insurance. This is insurance
against civil claims made by clients and third parties arising out of the work undertaken by a
firm.

Fidelity guarantee is insurance against liability arising through any acts of fraud or dishonesty
by an employee of a firm in respect of money or goods held in trust by the firm. Insurance is
important in order to compensate the client as it is highly unlikely the firm would have the
necessary resources to fully compensate a client. It also provides some protection for the firm
against bankruptcy.

The accountancy firms have been interested in trying to limit their liability for partners in the
event of negligence.

E. AUDITOR’S APOINTMENT PROCEDURES

1. preconditions before accepting the audit engagement [ACCA June 2010 Q4 (c)]

Auditors should only accept a new audit engagement, or continue an existing audit engagement
if the 'preconditions for an audit' required by ISA 210 Agreeing the terms of audit engagements
are present.

ISA 210 requires the auditor to:

 Make sure there are no ethical issues which would prevent you from accepting this
assignment.
 Make sure that you are professionally qualified to carry out the work requested and that
your firm has the resources available in terms of staff, expertise and time.
 Check out references for the directors of the client especially if they are unknown to the
audit firm.
 Consult previous auditor and establish from them whether there is anything that you
should know about this vacancy.

2. Conditions to fulfill after accepting the assignment

 Make sure the resignation of the previous auditors has been properly carried out and
that the new appointment is valid. A board resolution of the company is required.
 Submit a letter of engagement to the directors of the client company and ensure it is
signed before any audit work is carried out.

Page 32 of 94
 3. Engagement letters

The engagement letter will be sent before the audit. It specifies the nature of the contract
between the audit firm and the client and minimizes the risk of any misunderstanding of the
auditor's role.

It should be reviewed every year to ensure that it is up to date but does not need to be reissued
every year unless there are changes to the terms of the engagement. The auditor must issue a new
engagement letter if the scope or context of the assignment changes after initial appointment.

ISA 210 requires the auditor to consider whether there is a need to remind the entity of the
existing terms of the audit engagement for recurring audits and many firms choose to send a new
letter every year, to emphasize its importance to clients.

The contents of the engagement letter

The contents of a letter of engagement for audit services are listed in ISA 210 Agreeing the
Terms of Audit Engagements. They should include the following:

 The objective and scope of the audit;

 The responsibilities of the auditor;
 The responsibilities of management;
 The identification of an applicable financial reporting framework; and
 Reference to the expected form and content of any reports to be issued
 Auditing fees.

In addition to the above the engagement letter may also make reference to:

 The unavoidable risk that some material misstatements may go undetected due to the
inherent limitations in an audit;
 Arrangements regarding the planning and performance of the audit;
 The expectation that management will provide written representations;
 The agreement of management to make available to the auditor draft financial statements
and other information in time to complete the audit in accordance with the proposed
timetable;
 The agreement of management to inform the auditor of facts that may affect the financial
statements;
 The basis on which fees are computed and billing arrangements;
 A request for management to acknowledge receipt of the engagement letter and to agree
the terms outlined;
 Agreements concerning the involvement of auditors experts and internal auditors; and

 Restrictions to the auditor's liability

Page 33 of 94
CHAPTER 5: AUDIT PLANNING AND SUPERVISION

A. MATERIALITY (ISA 320)

Materiality is defined as follows:

ISA 320 Audit Materiality is one of the International Standards on Auditing. It serves to expect
the auditor to establish an acceptable materiality level in design the audit plan.

Materiality: The amount by which the Financial Statements must change in order to change the
decisions made by users of the Financial Statements. (Information is material if its omission or
misstatement could influence the economic decisions of users taken on the basis of the financial
statements).

A misstatement is: A difference between the amounts, classification, presentation, or disclosure

of a reported financial statement item and the amount, classification, presentation, or disclosure
that is required for the item to be in accordance with the applicable financial reporting
framework. Misstatements can arise from error or fraud

Calculating materiality level

The first consideration when calculating materiality at the planning stage is the assessed risk
associated with the business. There is an inverse relationship between risk and materiality. The
higher the assessed risk of material misstatement within the financial statements, the lower the
materiality and vice versa. This means that larger samples will be selected in response to the higher
assessed risk and as such low materiality results in larger samples, higher materiality levels result
in smaller sample sizes.

There are a number of benchmarks which can be selected to help calculate materiality and a range
of materiality percentages that could be used when calculating materiality. ISA 320 doesn’t
specifically mention the ranges of percentages that can be used as again this is left to the auditor’s
judgment, however, common percentages used are shown below.
Ideally the one selected by the auditor should be the benchmark that most represents the needs of
the users of the financial statements. Examples of the more common benchmarks and percentages
are as follows:

Revenue (0.5%to 1%)

Total Assets (2%to 3%)
Net assets (2%to 5%)
Profit after tax (5%to10%)
Profit before Tax (5 %)
Gross profit (0.5%to 1%)

Remember if assessed risk is high then the lower percentages for calculating materiality will be
selected. If assessed risk is low then the higher percentages will be used.

Page 34 of 94
Materiality problems

 Materiality is a matter of judgment

 Percentage guidelines need to be used carefully. i.e, what figure do you select to base the
percentage on: gross profit, profit after tax, asset?

B. AUDIT RISK AND ITS COMPONENTS [ACCA Dec 2008 Q4 (b)]

1. Introduction

Audit risk is the risk that the auditor will express an inappropriate / wrong opinion. Audit risk is
composed by the following elements:

Risk of material misstatement (Inherent Risk and Control Risk)

Detection Risk

i. Risk of material misstatement:

Risk that the financial statements are materially misstated even before the start of any audit
work. It is split into two:

 Inherent Risk (IR):

Is the risk of a material misstatement in the financial statements arising due to error or omission
as a result of factors other than the failure of controls.

Factors that may causing Inherent Risk:

 Complexity.
 Results of Previous Audits: If material misstatements were discovered in the previous
audit, it is possible that same kind of material misstatements may have occurred in the
current year.
 Nature of the Client’s Business: A business whose inventory becomes obsolete quickly
experiences high inherent risk.
 Related Parties: Transactions between parent and subsidiary entities, and transactions
between management or the owner and the entity, are considered related party
transactions.
 Prior-period misstatements: If a company has made mistakes in prior years that weren’t
material (meaning they weren’t significant enough to have to change), those errors still
exist in the financial statements.

Page 35 of 94
  Control Risk (CR):

Risk that client's internal control system will fail to prevent/ detect/correct errors – client
controlled

ii. Detection Risk (DR)

Risk that auditor's procedures will fail to detect errors –auditor controlled

C. BUSINESS RISK

Business risk is the possibility that a company will have lower than anticipated profits, or that it
will experience a loss rather than a profit.

1. Financial risk: is a risk of loss associated with financial transactions that include
company loans in risk of default (the firm is unable to pay its obligation)
2. Operational risk: Probability of loss occurring from the internal inadequacies of a firm
or a breakdown in its controls, operations, or procedures or losing a major supplier or
physical disasters or loss of key personnel.
3. Compliance Risks: is a risk of loss associated the regulatory environment in which your
business operates, and can often be related to unintended or accidental breaches of tax,
trading, or other laws.

D. AUDIT STRATEGIES / AUDIT APPROACHES

1. Introduction

ISA 300 necessitates that the overall audit strategy should be established at the beginning, and
updated and amended as required during the course of the audit.

The purpose of the overall audit strategy is to develop an effective response to the risk of
material misstatement. The auditor considers what they found in preliminary planning activities
such as client acceptance, ethical position of the audit firm and their understanding of the entity
and its environment, including its internal control, to develop an effective and efficient overall
audit strategy that will appropriately respond to assessed risks.

The overall audit strategy includes consideration of planned audit responses to specific risks
through the development of the audit plan. The overall audit strategy also helps the auditor
determine the resources required for the engagement, including engagement staffing.

For example if you decide the organization is new and doesn't have proper controls in place,
you will decide not to rely on any controls and perform only substantive testing- this is Audit
Strategy.

Page 36 of 94
 2. Audit strategies / audit approaches

Essentially there are five different audit approaches:

i. The risk - based approach

ii. The systems and controls based - approach
iii. The balance sheet approach
iv. The substantive procedures approach / cycles and transactions
v. Business risk approach
vi. Analytical procedures approach
vii. Use of Computer-assisted audit techniques (CAATs)

 The risk - based approach

In this approach, audit resources are directed towards those areas of the financial statements that
may contain misstatements (either by error or omission) as a consequence of the risks faced by the
business

 The systems and controls based - approach

This approach requires auditors to assess the effectiveness of the internal controls of an entity, and
then to direct substantive procedures primarily to those areas where it is considered that systems
objectives will not be met. Reduced testing is carried out in those areas where it is considered
systems objectives will be met i.e. if the controls are ineffective, the control risk is high and it is
important to undertake higher levels of substantive testing.

 The balance sheet approach

In this approach, substantive procedures are focused on balance sheet (statement of financial
position) accounts, with only very limited procedures being carried out on income statement/profit
and loss account items.

 The substantive procedures approach / cycles and transactions

This is also referred to as the vouching approach or the direct verification approach.
In this approach, audit resources are targeted on testing large volumes of transactions and account
balances without any particular focus on specified areas of the financial statements.

 Business risk approach

Business risks are the factors that could prevent or hinder the achievement of organizational goals
and objectives as a result of the external and internal factors, pressure, and forces brought to bear
on the entity and ultimately, the risk associated with the entity’s survival and profitability. Business
risk arises from conditions and forces within the entity’s internal environment, industry forces and
macro-environmental forces.

Examples of business risks include:

 Loss of customers
 Increase in production costs
 Cash flow problems
 Decline in product demand
 Litigations and claims
Page 37 of 94
  Technological obsolescence
 Increase in market competition
 Political and economic instability

 Analytical procedures approach

These procedures are important at all stages of the audit, such as planning, substantive procedures
and the overall review. It consists of comparing items like current financial information with prior
year financial information etc.

Practical techniques of analytical procedures

 Gross profit margins

 Average collection period
 Stock turnover
 Current ratio
 Acid test ratio
 Debt to equity ratio
 Return on capital employed

Related items

 Payables and purchases

 Inventories and cost of sales
 Loans and interest
 Receivables and bad debts
 Receivables and sales

 Use of Computer-assisted audit techniques (CAATs)

'Computer-assisted audit techniques (CAATs) or computer-assisted audit tools and

techniques (CAATTs) is a growing field within the audit profession. CAATs are the practice
of using computers to automate the audit processes. If the auditor finds that the computerized
control and systems are effective, the auditor will perform reduced substantive tasting
(CAATs).

E. KNOWLEDGE OF THE ENTITY AND ITS ENVIRONMENT

ISA 315 understanding the entity and its environment and assessing the risks of material
misstatements establishes standards and guidance on obtaining an understanding of the entity
and its environment including its internal control and on assessing the risks of material
misstatements in financial statements.

In order to obtain this understanding of their clients the auditor must obtain information about
the following matters:

Page 38 of 94
  Relevant industry, regulatory and other external factors (including the financial reporting
framework);
 The nature of the entity, including:
o its operations;
o its ownership and governance structures;
o the types of investment it makes; and
o The way it is structured and financed.
 The entity's selection and application of accounting policies;
 The entity's objectives, strategies and related business risks;
 The measurement and review of the entity's financial performance; and
 The internal controls relevant to the audit.

F. RESPONSE TO ASSESSED RISKS OF MATERIAL MISSTATEMENT.

1. introduction

IAS 330 is the recognition that assessing risk is at the core of the audit process, and it specifies
that the auditor is required to obtain an understanding of the key risks (sometimes described as
‘significant’ risks) relevant to the financial statements. ISA 330 requires that auditors should carry
out tests of control and substantive procedures.

2. Tests of control

Tests of control evaluate the operating effectiveness of controls in preventing, or detecting and
correcting, material misstatements at the assertion level.

The aim of a test of control is to check that an audit client’s internal control systems are
operating effectively.

Example tests of control over wages and salaries

- Inspect numerical sequence of clock cards/timesheets; if any breaks in the sequence are
noted, enquire of management as to missing payroll records.
- Review a sample of timesheets/clock cards for evidence of authorization of overtime by a
responsible official.
- Observe whether there is adequate segregation of duties between human resources and
payroll departments.

3. Meaning of substantive testing / procedures

Substantive procedures are aimed at detecting material misstatements at the assertion level.
They include tests of details of transactions, balances, disclosures and substantive analytical
procedures.

So, the aim of a substantive procedure is to ensure that there are no material errors at the
assertion level in the client’s financial statements.

Page 39 of 94
Example substantive procedures over wages and salaries
- Perform a proof in total of total payroll taking into account joiners and leavers and any
annual pay rise, compare any trends to prior years and discuss significant fluctuations
with management.
- For a sample of employees, recalculate the gross and net pay and agree to the payroll
records to verify accuracy.
- Re-perform calculation of statutory deductions to confirm whether correct deductions for
this year have been included within the payroll expense

4. Meaning and definition of Audit Evidence [ACCA Dec 2009 Q2 (a)]

Audit evidence is all the information, whether obtained from audit procedures or other sources
that is used by the auditor in arriving at the conclusions on which the auditor's opinion is based.

Audit evidence is information obtained during a financial audit and recorded in the audit working
papers.

ISA 500: audit evidence states that the auditor should use assertions for classes of transactions,
account balances, and presentation and disclosures in sufficient detail to form a basis for the
assessment of risks of material misstatement and the design and performance of further audit
procedures.

G. DOCUMENTATION

1. Audit plan [ACCA Dec 2009 Q1 (a)]

The audit plan is much more detailed than the overall strategy because it includes details of the
nature, timing and extent of the specific audit procedures to be performed. The audit plan should
include specific descriptions of:

 the nature, timing and extent of risk assessment procedures;

 the nature, timing and extent of further audit procedures, including:
o what audit procedures are to be carried out
o who should do them
o how much work should be done (sample sizes, etc)
o When the work should be done (interim vs. final).
o Any other procedures necessary to conform to ISA's.

Planning Objectives

"The objective of the auditor is to plan the audit so that it will be performed in an effective
manner." (ISA 300 Planning and Audit of Financial Statements).

Page 40 of 94
Audits are potentially complex, risky and expensive processes for an accountancy firm. Although
firms have internal manuals and standardized procedures it is vital that engagements are planned
to ensure that the auditor:

 Devotes appropriate attention to important areas of the audit;

 Identifies and resolves potential problems on a timely basis;
 Organizes and manages the audit so that it is performed in an effective and efficient
manner;
 Selects team members with appropriate capabilities and competencies;
 Directs and supervises the team and reviews their work; and
 Effectively coordinates the work of others, such as experts and internal audit.

The purpose of all this is to ensure that the risk of performing a poor quality audit (and ultimately
giving an inappropriate audit opinion) is reduced to an acceptable level.

The planning process steps

i. Understand the entity and its environment

ii. Understanding of internal control
iii. Assess risk of material misstatement
iv. Calculate planning materiality
v. Respond to assessed risk (audit strategy)

2. Audit program

It’s the detailed audit plan. Audit program are lists of audit procedures to be performed by audit
staff in order to obtain sufficient appropriate evidence. The audit program is an important part of
the auditor’s working papers and records a significant part of the audit evidence required to
justify the audit opinion.

This generally involves specific instructions to audit team members as to what, and how much,
evidence must be collected and evaluated, as well as who will collect and analyze the data and
when this should be done.

3. Working papers (audit documentation)

What are Working Papers?

 Material that auditor prepares in connection with performance of the audit

 Record of Audit Procedures Performed
 Relevant Audit Evidence Obtained
 Conclusions the Auditor Reached
 Also termed as “Audit Documentation
 Audit File (One or more folders or other storage media / Physical or Electronic
Form)

Page 41 of 94
 Contents of working paper

Each audit working paper must be headed with the following information:

 The name of the client

 The period covered by the audit
 The subject matter
 The file reference
 The initials (signature of the member of staff who prepared the working paper)
 The date on which it was prepared
 The initials (signature of the member of staff who reviewed the working paper)
 In the case of audit papers prepared by client staff, the date the working papers were
received, and the initials of the audit team member who carried out the audit work

4. Conclusion on audit documentation

All evidence obtained during an audit should be documented. The auditor’s working papers are
the evidence of all the work done which supports his audit opinion.

Working papers should be reviewed by more senior members of staff before an audit conclusion
is reached. The review should consider whether:

 The work has been performed in the line with the detailed audit programs
 The work performed and the results thereof have been adequately documented
 Any significant matters have been resolved or are reflected in the audit opinion
 The objectives of the audit procedures have been achieved

The following documentation should be reviewed on a timely basis:

 The overall audit strategy and the detailed audit plan

 The assessment of inherent and control risks
 The results of control and substantive procedures and the conclusions drawn from them
 The proposed audit adjustments to the financial statements

In some cases, particularly large complex audits, personnel not involved in the audit may be
asked to review some or all of the audit work. This is sometimes known as a peer review or a
hot review.

Page 42 of 94
 H. QUALITY CONTROL SYSTEM (QUALITY ASSURANCE SYSTEM

Auditing standards stress the importance of quality control, both at the audit firm level and the
audit engagement level.

Quality control (QC) is a procedure or set of procedures intended to ensure that a manufactured
product or performed service adheres to a defined set of quality criteria or meets the requirements
of the client or customer.

QUALITY
CONTROL

AT INDVIDUAL AUDIT
ENGAGEMENTS LEVEL AT FIRM LEVEL

planning Leadership
supervision ethics
review client relationships
human resources
engagement performance
monitoring

1. Quality control at firm level

Elements of a system of Quality control at firm level

i. Leadership responsibilities for quality within the firm

ii. Ethical requirements
iii. Acceptance and continuity of client relationships and specific engagements
iv. Human resources
v. Engagement performance
vi. Monitoring
 Leadership
The firm should establish policies and procedures designed to promote an internal
culture based on the recognition that quality is essential in performing engagements. It
is the leadership of the company that are ultimately responsible for the firms system of
quality control. Leadership must come from the top down and with that in mind the
standard recommends that a senior management person should assume the overall
responsibility.

Page 43 of 94
  Ethics
The firm should establish policies and procedures designed to provide it with
reasonable assurance that the firm and its personnel comply with relevant ethical
requirements. Such ethical requirements include the fundamental principles of
integrity, objectivity, professional competence & due care, confidentiality and
professional behavior.

 Acceptance and continuity of client relationships and specific engagements

Before accepting the assignment engagement audit firm should consider (1) the
integrity of the client (2) its competence to perform the engagement, (3) its
capabilities, time and resources to do so and (4) can comply with ethical requirements

 Human resources
Audit firm should have sufficient personnel with the necessary experience, competence
and ethical principles necessary to perform audits in accordance with the professional
standards and regulatory and legal requirements.

 Engagement performance
Audit firm should have sufficient personnel with the necessary experience, competence
and ethical principles necessary to perform audits in accordance with the professional
standards and regulatory and legal requirements. Firms would normally achieve this
through the use of standardized documentation.

 Monitoring

Types of monitoring activities

 Ongoing evaluation
 Periodic inspection of selected audits.

2. Quality control at engagement level

ISA 220 quality control for audits of historical financial information, requires firms to implement
quality control procedures over individual audit assignments.

IAS 220 states that the engagement team should implement quality control procedures that are
applicable to the individual audit engagement.

The engagement partner should:

 Take responsibility for the overall responsibility on each audit engagement to which the
partner is assigned.
 Consider whether members of the engagement team have complied with ethical
requirements
Page 44 of 94
  Be satisfied that appropriate procedures regarding the acceptance and continuance of the
client relationships and specific audit engagements have been followed.
 Be satisfied that the engagement team has the appropriate capabilities, competence and
time to perform the audit engagement in accordance with professional standards and
regulatory and legal requirements, and to enable an auditor’s report that is appropriate in
the circumstances.

Note to the System of Quality Control:

In some cases, particularly large complex audits, personnel not involved in the audit may be
asked to review some or all of the audit work. This is sometimes known as a peer review or a
hot review.

Page 45 of 94
CHAPTER 6: INTERNAL CONTROL SYSTEM
[ACCA June 2010 Q3 (a & b)]

1. Introduction

The internal control system - includes all the policies and procedures adopted by the directors and
management of an entity with the objective of ensuring:

- The safeguarding of assets

- The prevention and detection of fraud and error
- The accuracy and completeness of the accounting records
- The timely preparation of financial information

2. Elements of an effective internal control system

In an “effective” internal control system, the following five components work to support the
achievement of an entity’s mission, strategies and related business objectives.

- Control Environment Components

 Integrity and Ethical Values

 Board of Directors and Audit Committee
 Organizational Structure / Organizational Chart
 Assignment of Authority and Responsibility
 Human Resource Policies and Procedures

- Risk Assessment Components

 Company Objectives
 Risk Identification and Analysis
 Managing Risks

- Control Activities Components

 Segregation of duties
 Physical controls (e.g. Use of safes; use of dogs; use of cameras; periodic inventory
checks etc.)
 Authorization and approval
 Reconciliation of accounts
 recording transactions properly in the accounting system
 checking arithmetical calculations
 Personnel control (performance appraisal; training etc.)
 Supervision
 Outsourcing

Page 46 of 94
- Information and Communication Components

 Reporting
 Corporate communication (e-mails; meetings; what sup; etc.)
 Quality of Information
 Effectiveness of Communication

- Monitoring Components

 Supervisory activities
 Review of performance report
 Reporting deficiencies

Page 47 of 94
CHAPTER 7: ASSERTIONS

1. Introduction

Assertions = claims = representations = declaration = affirmation.

Audit Assertions are the implicit or explicit claims and representations made by the management
responsible for the preparation of financial statements regarding the appropriateness of the various
elements of financial statements and disclosures.

Audit Assertions are also known as Management Assertions / Financial Statement Assertions.

2. Management assertions fall into the following three classifications:

i. Transaction-level assertions
ii. Account balance assertions
iii. Presentation and disclosure assertions

(i) Transactions - level assertions:

The following items are classified as assertions related to transactions, mostly in regard to the
income statement:

- Occurrence
- Completeness
- Accuracy
- Cut-off
- Classification

 Accuracy: The assertion is that the full amounts of all transactions were recorded,
without error.
 Classification: The assertion is that all transactions have been recorded within the correct
accounts in the general ledger.
 Completeness: The assertion is that all business events to which the company was
subjected were recorded.
 Cutoff: The assertion is that all transactions were recorded within the correct reporting
period.
 Occurrence: The assertion is that recorded business transactions actually took place.

(ii) Account balance assertions:

The following items are classified as assertions related to the ending balances in accounts, and so
relate primarily to the balance sheet:

- Existence
- Rights and obligations
- Completeness
- Valuation and allocation
Page 48 of 94
  Completeness: The assertion is that all reported asset, liability, and equity balances have
been fully reported.
 Existence: The assertion is that all account balances exist for assets, liabilities, and
equity.
 Rights and obligations: The assertion is that the entity has the rights to the assets it owns
and is obligated under its reported liabilities.
 Valuation: The assertion is that all asset, liability, and equity balances have been
recorded at their proper valuations.

(iii) Presentation and disclosure assertions:

The following five items are classified as assertions related to the presentation of information
within the financial statements, as well as the accompanying disclosures:

- Occurrence
- Completeness
- Classification and understandability
- Accuracy and valuation

 Accuracy: The assertion is that all information disclosed is in the correct amounts, and
which reflect their proper values.
 Completeness: The assertion is that all transactions that should be disclosed have been
disclosed.
 Occurrence: The assertion is that disclosed transactions have indeed occurred.
 Rights and obligations: The assertion is that disclosed rights and obligations actually
relate to the reporting entity.

3. Summary on assertions

In preparing financial statements, management is making implicit or explicit claims (i.e.

assertions) regarding the recognition, measurement and presentation of assets, liabilities, equity,
income, expenses and disclosures in accordance with the applicable financial reporting
framework (e.g. IFRS).

For example, if a balance sheet of an entity shows buildings with carrying amount of $10
million, the auditor shall assume that the management has claimed that:

 The buildings recognized in the balance sheet exist at the period end;
 The entity owns or controls those buildings;
 The buildings are valued accurately in accordance with the measurement basis;
 All buildings owned and controlled by the entity are included within the carrying amount
of $10 million.

Page 49 of 94
 4. Examples on assertions

i. Assertions relating to classes of transactions

Assertions Explanation Examples: Salaries & Wages Cost

Salaries & wages expense has been incurred

Transactions recognized in
during the period in respect of the personnel
the financial statements have
Occurrence employed by the entity. Salaries and wages
occurred and relate to the
expense does not include the payroll cost of any
entity.
unauthorized personnel.

All transactions that were

supposed to be recorded have Salaries and wages cost in respect of all personnel
Completeness
been recognized in the have been fully accounted for.
financial statements.

Salaries and wages cost has been calculated

Transactions have been
accurately. Any adjustments such as tax deduction
Accuracy recorded accurately at their
at source have been correctly reconciled and
appropriate amounts.
accounted for.

Salaries and wages cost recognized during the

Transactions have been
period relates to the current accounting period.
Cut-off recognized in the correct
Any accrued and prepaid expenses have been
accounting periods.
accounted for correctly in the financial statements.

Salaries and wages cost has been fairly allocated

between:
Transactions have been
-Operating expenses incurred in production
classified and presented
Classification activities;
fairly in the financial
-General and administrative expenses; and
statements.
-Cost of personnel relating to any self-constructed
assets other than inventory.

Page 50 of 94
 ii. Assertions relating to assets, liabilities and equity balances at the period end

Assertions Explanation Examples: Inventory balance

Assets, liabilities and equity

Inventory recognized in the balance sheet exists
Existence balances exist at the period
at the period end.
end.

All assets, liabilities and All inventory units that should have been
equity balances that were recorded have been recognized in the financial
Completeness supposed to be recorded have statements. Any inventory held by a third party
been recognized in the on behalf of the audit entity has been included in
financial statements. the inventory balance.

Entity has the right to

Audit entity owns or controls the inventory
ownership or use of the
recognized in the financial statements. Any
Rights & recognized assets, and the
inventory held by the audit entity on account of
Obligations liabilities recognized in the
another entity has not been recognized as part of
financial statements represent
inventory of the audit entity.
the obligations of the entity.

Inventory has been recognized at the lower of

cost and net realizable value in accordance with
IAS 2 Inventories. Any costs that could not be
Assets, liabilities and equity reasonably allocated to the cost of production
Valuation balances have been valued (e.g. general and administrative costs) and any
appropriately. abnormal wastage has been excluded from the
cost of inventory. An acceptable valuation basis
has been used to value inventory cost at the
period end (e.g. FIFO, AVCO, etc.)

Page 51 of 94
 iii. Assertions relating to presentation and disclosures

Assertions Explanation Examples: Related Party Disclosures

Transactions with related parties

Transactions and events disclosed
disclosed in the notes of financial
Occurrence in the financial statements have
statements have occurred during the
occurred and relate to the entity.
period and relate to the audit entity.

All related parties, related party

All transactions, balances, events
transactions and balances that should
and other matters that should have
Completeness have been disclosed have been
been disclosed have been disclosed
disclosed in the notes of financial
in the financial statements.
statements.

The nature of related party

Disclosed events, transactions, transactions, balances and events has
balances and other financial matters been clearly disclosed in the notes of
have been classified appropriately financial statements. Users of the
Classification &
and presented clearly in a manner financial statements can clearly
Understandability
that promotes the understandability determine the financial statement
of information contained in the captions affected by the related party
financial statements. transactions and balances and can
easily ascertain their financial effect.

Transactions, events, balances and

Related party transactions, balances
Accuracy & other financial matters have been
and events have been disclosed
Valuation disclosed accurately at their
accurately at their appropriate amounts.
appropriate amounts.

Page 52 of 94
CHAPTER 8: AUDIT METHODS / AUDIT TECHNIQUES / AUDIT STRATEGIES /
AUDIT PROCEDURES / PROCEDURES OF OBTAINING AUDIT
EVIDENCE / SUBSTANTIVE PROCEDURES / SUBSTANTIVE TESTS /
TEST OF CONTROLS / AUDITORS RISK ASSESSMENT PROCEDURES
/ AUDITOR’S APPROACH IN RELATION TO FRAUD / AUDITORS
RESPONSES TO RISKS IDENTIFIED.

i. Inspection

Inspection refers to examining documents and records.

ii. Observation

Observation refers to looking at a client's policy or procedure being performed.

iii. External confirmation

External confirmation refers to written response to auditor by third parties.

iv. Recalculation

It refers to checking mathematical and arithmetical accuracy of records.

v. Re-performance

It refers to auditor’s execution of procedures / controls (e.g, re-performing sales transaction to

ensure that inventory control system correctly updates inventory levels. Re-performance
techniques may be performed manually or through the use of computer-assisted audit techniques
(CAATs).

vi. Test of details

This method involves examining the transactions, balances and disclosures in the client books.

vii. Analytical procedures

This method involves conducting a study of important ratios and trends and examining unusual
fluctuations and items.

viii. Inquiry

Inquiry is the use of questionnaire to:

 obtain knowledge of the entity;

 develop the preliminary audit approach;

ix. Confirm ……
x. Visit …….
Page 53 of 94
xi. Review………
xii. Examine……..
xiii. Check…..
xiv. Consider…..
xv. Determine……
xvi. Discuss…..
xvii. Obtain …….
xviii. Select a sample of……
xix. Reconcile…..
xx. Compare…….
xxi. Assess ……….
xxii. Undertake …….
xxiii. Agree with ……..
xxiv. Identify….
xxv. Quantify ……..
xxvi. Verify ………
xxvii. Respond to …..
xxviii. Communicate with …….

Page 54 of 94
CHAPTER 9: FINANCIAL STATEMENT ITEMS INTERNAL CONTROLS
[ACCA Dec 2007 Q1 & Q3 (b) & Jun 2011 Q1]

Example1: inventory internal controls

The following table is showing the various assertions together with the inventory internal control
objectives and internal controls:

while setting Control objectives Controls

inventory controls,
management will
concentrate on the
following areas:

Occurrence and  All inventory movements are  Pre-numbered documentation such

existence authorized and recorded as GDNs and GRNs in use.
 Reconciliations of inventory records
with general ledger.
 Segregation of duties

 Inventory included on the  Physical safeguards in place to

statement of financial position ensure inventory is not stolen.
physically exists.  Separate responsibilities for
maintenance of records and
custodianship
 Inventory counted regularly.
Completeness  All purchases and sales of  Procedures in place to include
inventory have been recorded inventory held at third parties and
in the accounting system. exclude inventory held on
consignment for third parties.
 Reconciliations of accounting
records with physical inventory.
Rights and  Inventory records only include  Procedures in place to include
obligations items that belong to the entity. inventory held at third parties and
exclude inventory held on
consignment for third parties.
Accuracy,  Inventory quantities have been  Periodic or annual comparison of
classification and accurately determined inventory with amounts shown in
valuation continuous (perpetual) inventory
records.
 Standard costs reviewed by
management.
 Review of cost accumulation and
variance reports.

Page 55 of 94
 while setting Control objectives Controls
inventory controls,
management will
concentrate on the
following areas:

 Inventory is properly stated at  Inventory managers review

the lower of cost and NRV inventory regularly to identify slow-
moving, obsolete and excess
inventory.
Cut-off  All purchases and sales of  All dispatch documents processed
inventory are recorded in the daily to record the dispatch of
correct accounting period. finished goods.
 All goods inwards reports processed
daily to record the receipt of
inventory.
 Reconciliations of inventory records
with general ledger.
Presentation and  Inventory transactions and  Orders for materials and production
disclosure assertions balances are properly data forms used to process goods
identified and classified in the through manufacturing.
financial statements
 Disclosures relating to  Approval by Finance Director
classification and valuation
are sufficient.

Example2: sales internal controls

The table shows the various assertions of the revenue cycle, together with internal control
objectives, and internal controls.

while setting sales Control objectives Controls

controls, management
will concentrate on the
following areas:

Occurrence and  One person is not responsible  Segregation of duties

existence for taking orders, recording  Sales recorded only with
sales and receiving payment approved sales order form and
 Recorded sales transactions shipping documentation.
represent goods shipped.  Accounting for numerical
sequences of invoices
 Monthly customer statements
sent out and customer queries
and complaints handled
independently.
Page 56 of 94
 while setting sales Control objectives Controls
controls, management
will concentrate on the
following areas:

Occurrence and  Goods and services are only  Authorization of credit terms to
existence supplied to customers with customers (senior staff
good credit rating authorization, references / credit
 Goods and services are checks for new customers,
provided at authorized prices regular review of credit limits).
and on authorized terms.  Authorization by senior staff
required for changes in other
customer data such as address,
etc.
 Order not accepted unless credit
limits reviewed first.
 Authorized price lists and
specified terms of trade in
practice
Completeness  All revenue relating to goods  Accounting for numerical
dispatched is recorded. sequences of invoices.
 All goods and services sold  Shipping documentation is
are correctly invoiced. matched to sales invoices.
 Sales invoices are reconciled to
the daily sales report.
 An open-order file is maintained
and reviewed regularly.
Accuracy  All sales and adjustments are  Sales invoices and matching
correctly journalized, documents required for all
summarized and posted to the entries.
correct accounts.
Cut-off  Transactions have been  All shipping documentation is
recorded in the correct period forwarded to the invoicing
section on a daily basis.
 Daily invoicing of goods
shipped.
Classification  All transactions are properly  Chart of accounts in place.
classified in accounts.  Codes in place for different
types of products or services.

Page 57 of 94
 CHAPTER 10: FINANCIAL STATEMENT ITEMS AUDIT
[ACCA Dec 2007 Q1 & Q3 (b) & Jun 2011 Q1]

Example 1: Inventory audit verification methods

The following table is showing the inventory audit objectives and audit procedures:

While auditing Audit objectives Tests of controls

the inventory,
the auditor will
concentrate on
the following
areas:

Occurrence and  All inventory  Review documentation in use.

existence movements are  Review a sample of reconciliations to confirm they are
authorized and performed and then reviewed by an independent person.
recorded  Observe and evaluate proper segregation of duties.

 Inventory  Review security systems in place (e.g. locked

included on the warehouses, etc.)
statement of  Review policies and procedures in place; discuss
financial procedures with relevant staff.
position  Review procedures for counting inventory.
physically  Attend inventory count.
exists.
Completeness  All purchases  Review entity’s procedures relating to consignment
and sales of inventory.
inventory have  Review reconciliations performed and whether reviewed
been recorded by independent person.
in the
accounting
system.
Rights and  Inventory  Review entity’s procedures relating to consignment
obligations records only inventory.
include items
that belong to
the entity.

Page 58 of 94
While auditing Audit objectives Tests of controls
the inventory,
the auditor will
concentrate on
the following
areas:

Accuracy,  Inventory  Review and test entity’s procedures for taking physical
classification and quantities have inventory.
valuation been  Review and test entity’s procedures for developing
accurately standard costs.
determined  Inspect variance reports produced.
 Inventory is  Discuss with inventory managers how this is done.
properly stated  Observe the procedure being performed.
at the lower of
cost and NRV
Cut-off  All purchases  Inspect documentation to confirm daily processing.
and sales of  Inspect documentation to confirm daily processing.
inventory are  Review reconciliations performed.
recorded in the
correct
accounting
period.
Presentation and  Inventory  Review entity’s procedures and documentation used to
disclosure transactions classify inventory.
assertions and balances
are properly
identified and
classified in
the financial
statements
 Disclosures  Review entity’s working papers for evidence of review.
relating to
classification
and valuation
are sufficient.

Page 59 of 94
 Example2: sales audit verification methods

The table shows the various assertions of the revenue cycle, together with audit objectives,
controls and tests of controls

While auditing Audit objectives Tests of controls

the sales, the
auditor will
concentrate on
the following
areas:

Occurrence and  One person is  Observe and evaluate whether proper segregation of duties
existence not responsible is operating.
for taking  Test a sample of sales invoices for authorized sales order
orders, form and shipping documentation.
recording sales  Examine application controls for authorization.
and receiving
payment

Occurrence and  Goods and  Review entity’s procedures for granting credit to customers.
existence services are  Examine a sample of sales orders for evidence of proper
only supplied credit approval by the appropriate senior staff member.
to customers  Examine application controls for credit limits.
with good  Review all new customer files to ensure satisfactory credit
credit rating references have been obtained.
 Goods and  Compare prices and terms on a sample of sales invoices to
services are the authorized price list and terms of trade.
provided at
authorized
prices and on
authorized
terms.

Completeness  All revenue  Review and test entity’s procedures for accounting for
relating to numerical sequences of invoices.
goods  Trace a sample of shipping documents to the sales invoices
dispatched is and ledger.
recorded.  Review a sample of reconciliations performed.
 All goods and  Inspect the open- order file for unfilled orders.
services sold
are correctly
invoiced.
Accuracy  All sales and  Vouch recorded sales to supporting documents.
adjustments
are correctly
journalized;
Page 60 of 94
 While auditing Audit objectives Tests of controls
the sales, the
auditor will
concentrate on
the following
areas:

Cut-off  Transactions  Compare dates on sales invoices with dates of

have been corresponding shipping documentation.
recorded in the  Compare dates on sales invoices with dates recorded in the
correct period sales ledger.
Classification  All  Review sales ledger for proper classification.
transactions  Examine a sample of sales invoices for proper classification.
are properly  Test application controls for proper codes.
classified in
accounts.

Page 61 of 94
CHAPTER 11: AUDIT EXECUTION – OTHER CONSIDERATIONS

A. AUDIT SAMPLING

ISA 530 Audit Sampling - defines the audit sampling as the application of audit procedures to less
than 100% of items within a population of audit relevance such that all sampling units have a chance
of selection in order to provide the auditor with a reasonable basis on which to draw conclusions about
the entire population’.

1. Sampling risk

Sampling risk is the risk that the auditor’s conclusions based on a sample may be different from the
conclusion if the entire population were the subject of the same audit procedure.

2. Methods of sampling

The sampling methods below can be summarized into statistical and

Non-statistical sampling as follows:

STATISTICAL SAMPLING NON-STATISTICAL SAMPLING

 Random sampling  Haphazard sampling

 Systematic sampling  Block selection
 Monetary unit sampling

Statistical sampling allows each sampling unit to stand an equal chance of selection. The use of non-
statistical sampling in audit sampling essentially removes this probability theory and is wholly
dependent on the auditor’s judgment. Keeping the objective of sampling in mind, which is to provide
a reasonable basis for the auditor to draw valid conclusions and ensuring that all samples are
representative of their population, will avoid bias.

ISA 530 recognizes that there are many methods of selecting a sample, but it considers five principal
methods of audit sampling as follows:

•random selection
•systematic selection
•monetary unit sampling
•haphazard selection, and
•block selection

Random selection
This method of sampling ensures that all items within a population stand an equal chance of selection
by the use of random number tables or random number generators. The sampling units could be physical
items, such as sales invoices or monetary units.

Page 62 of 94
Systematic selection
The method divides the number of sampling units within a population into the sample size to generate
a sampling interval. The starting point for the sample can be generated randomly, but ISA 530
recognizes that it is more likely to be ‘truly’ random if the use of random number generators or random
number tables are used.

Monetary unit sampling

The method of sampling is a value-weighted selection whereby sample size, selection and evaluation
will result in a conclusion in monetary amounts. The objective of monetary unit sampling (MUS) is to
determine the accuracy of financial accounts. The steps involved in monetary unit sampling are to:

•determine a sample size

•select the sample
•perform the audit procedures
•evaluate the results and arriving at a conclusion about the population.

Haphazard sampling
When the auditor uses this method of sampling, he does so without following a structured technique.
ISA 530 also recognizes that this method of sampling is not appropriate when using statistical sampling
(see further in the article).Care must be taken by the auditor when adopting haphazard sampling to
avoid any conscious bias or predictability. The objective of audit sampling is to
Ensure that all items that make up a population stand an equal chance of selection. This objective cannot
be achieved if the auditor deliberately avoids items that are difficult to locate or deliberately avoids
certain items.

Block selection
This method of sampling involves selecting a block (or blocks) of contiguous items from within a
population. Block selection is rarely used in modern auditing merely because valid references cannot
be made beyond the period or block examined. In situations when the auditor uses block selection as a
sampling technique, many blocks should be selected to help minimize sampling risk.
An example of block selection is where the auditor may examine all the remittances from customers in
the month of January. Similarly, the auditor may only examine remittance advices that are numbered
300 to 340.

B. RELATED PARTIES

Related Parties are the following transactions:

 Transactions between the company and its sister companies

 Transactions between the parent and its subsidiaries,
 Transactions between the company and its branches
 Transactions between the parent and its owners
 Transactions between the company and management / employees.

Page 63 of 94
Existence and disclosure of related parties

The auditor should review information provided by management identifying the names of all known
related parties and should perform the following audit procedures in respect of the completeness of
this information:

 Review the entity’s procedures for identification of related parties

 Review the income tax returns and other information supplied to regulatory agencies
 Review prior year working papers for names of known related parties

Transactions with related parties

The auditor should review information provided by management identifying related party transactions
and should be alert for other material related party transactions. When obtaining an understanding of
the entity’s internal control, the auditor should consider the adequacy of control activities over the
authorization and recording of related party transactions. During the course of the audit, the auditor
needs to be alert for transactions which appear unusual in the circumstances. Examples include:

 Transactions which have abnormal terms of trade, such as unusual prices

 Transactions which lack an apparent logical business reasons for their occurrence
 Transactions processed in an unusual manner
 High volume or significant transactions with certain customers or suppliers as compared with
others
 Unrecorded transactions such as the receipt or provision of management services at no charge.

During the course of the audit, the auditor carries out audit procedures which may identify the
existence of transactions with related parties. Examples include:

 Performing detailed tests of transactions and balances

 Reviewing minutes of meetings of shareholders and those charged with governance.
 Reviewing accounting records for large or unusual transaction or balances, paying
particular attention to transactions recognized at or near the end of the reporting period

Examining identified related party transactions

In examining the identified related party transactions, the auditor should obtain sufficient appropriate
audit evidence as to whether these transactions have been properly recorded and disclosed.

The auditor considers performing audit procedures such as:

 Discussing the purpose of the transaction with management

 Confirming the terms and amount of the transaction with the related party
 Obtaining information from an unrelated third party

Page 64 of 94
 C. GOING CONCERN

ISA 570 states that, when planning and performing audit procedures and in evaluating the results, the
auditor should consider the appropriateness of management’s use of the going concern assumption in
the preparation of the financial statements.

1. The Going Concern Assumption / Principle

The going concern principle is the assumption that an entity will remain in business for at least twelve
months. An entity is assumed to be a going concern in the absence of significant information to the
contrary (going concern problems). An example of such contrary information is an entity’s inability to
meet its obligations as they come due without substantial asset sales or debt restructurings. If such were
not the case, an entity would essentially be acquiring assets with the intention of closing its operations
and reselling the assets to another party.

2. Possible indicators of going concern problem

Financial

 Net liability or net current liability position.

 Fixed-term borrowings approaching maturity without realistic prospects of renewal or
repayment; or excessive reliance on short-term borrowings to finance long-term assets.
 Indications of withdrawal of financial support by creditors.
 Negative operating cash flows indicated by historical or prospective financial statements.
 Adverse key financial ratios.
 Substantial operating losses or significant deterioration in the value of assets used to generate
cash flows.
 Arrears or discontinuance of dividends.
 Inability to pay creditors on due dates.
 Inability to comply with the terms of loan agreements.
 Change from credit to cash-on-delivery transactions with suppliers.
 Inability to obtain financing for essential new product development or other essential
investments.

Operating

 Management intentions to liquidate the entity or to cease operations.

 Loss of key management without replacement.
 Loss of a major market, key customer(s), franchise, license, or principal supplier(s).
 Labour difficulties.
 Shortages of important supplies.
 Emergence of a highly successful competitor

Page 65 of 94
Other

 Non-compliance with capital or other statutory requirements.

 Pending legal or regulatory proceedings against the entity that may, if successful, result in
claims that the entity is unlikely to be able to satisfy.
 Changes in law or regulation or government policy expected to adversely affect the entity.
 Uninsured or underinsured catastrophes when they occur.

3. Directors' responsibilities

 There are no material uncertainties that may cast significant doubt about the company’s ability
to continue as a going concern;
 There are material uncertainties related to events or conditions that may cast significant doubt
about the company’s ability to continue as a going concern but the use of the going concern
basis remains appropriate; or
 The use of the going concern is not appropriate.

 It is the directors' responsibility to assess the company's ability to continue as a going concern
when they are preparing the financial statements.
 If they are aware of any material uncertainties which may affect this assessment, then IAS 1
requires them to disclose such uncertainties in the financial statements.
 When the directors are performing their assessment they should take into account a number of
relevant factors such as:
o current and expected profitability
o debt repayment
o sources (and potential sources) of financing.

4. Auditors' responsibilities

ISA 570 clearly outlines the objectives of the auditor in respect of the use of the going concern basis
in the accounts:

 To obtain sufficient appropriate evidence regarding the appropriateness of management’s use

of the going concern basis;
 To conclude, on the basis of the audit evidence, whether a material uncertainty exists in
respect of events or conditions that may cast significant doubt about the entity’s ability to
continue as a going concern; and
 To determine the implications for the auditor’s report.

 ISA 570 Going Concern states that the auditor needs to consider the appropriateness of
management's use of the going concern assumption.
 The auditors need to assess the risk that the company may not be a going concern.
 The auditor will also need to obtain sufficient appropriate evidence that the company is a
going concern.

Where there are going concern issues, the auditor needs to ensure that the directors have made sufficient
disclosure of such matters in the notes to the financial statements

Page 66 of 94
D. SUBSEQUENT EVENTS- ISA 560 [ACCA Dec 2011 Q5] & [ACCA Dec 2008 Q5 (a)]

Page 67 of 94
Summary

Financial statements are authorized for issue when they are authorized for issue by those charged with
governance and control which is normally the board of directors.

If financial statements are to be approved by the shareholders in their meeting they are deemed
authorized for issue when the board of directors authorizes them for issue to shareholders. If the
financial statements are to be approved by a supervisory board consisting solely of non-executives,
they are deemed issued when they are presented to the supervisory board by the management.

Page 68 of 94
 E. ACCOUNTING ESTIMATES

An approximation in a financial statement of the amount to be credited or debited on items for which
there is no precise means of measurement, such as depreciable assets or provisions for a loss from a
lawsuit. Estimates are based on the judgment and specialized knowledge derived from past experience.

Examples of accounting estmates

Common accounting estimates include:

 inventory valuations (net realizable value; need for impairments)

 depreciation method and useful life
 all provisions and contingent liabilities
 irrecoverable debts and allowances for receivables
 tangible asset valuations where revaluations have occurred

The problem with estimates

Accounting estimates are of particular concern to the auditor as, by their nature, there may not be any
physical evidence to support them and they are prone to inaccuracy. They are also subjective and
therefore prone to management bias. If the directors wished to manipulate the accounts in any way,
accounting estimates are an easy way for them to do this. The auditor must take care when auditing
estimates to ensure this has not been the case.

Procedures for auditing estimates

In accordance with ISA 540 Auditing Accounting Estimates auditors need to obtain an understanding of:

 How management identifies those transactions, events and conditions that give rise to the need
for estimates; and
 How management actually makes the estimates, including the control procedures in place to
minimise the risk of misstatement.

ISA 540 also requires the auditor to:

 Evaluate the degree of uncertainty associated with an accounting estimate; and

 Consider if estimates with a high degree of uncertainty give rise to significant risks.

In response to this assessment auditors should perform the following further procedures:

 Review of the outcome of the estimates made in the prior period (or their subsequent re-
estimation);
 Consider events after the reporting date that provide additional evidence about estimates made
at the year-end;
 Test the basis and data upon which management made the estimate (e.g. review mathematical
methods);
 Test the operating effectiveness of controls over how estimates are made;
 Develop an independent estimate to use as a point of comparison; and
 Consider whether specialist skills/knowledge are required (e.g. lawyer).
Page 69 of 94
 F. COMMITMENT AND CONTINGENCIES

IAS 37- Provisions, Contingent Liabilities and Contingent Assets, states that appropriate
recognition criteria and measurement bases are applied to provisions, contingent liabilities and
contingent assets and that sufficient information is disclosed in the notes to the financial statements
to enable users to understand their nature, timing and amount.

Key definitions [IAS 37.10]

Provision: a liability of uncertain timing or amount.

Contingent liability:

 a possible obligation depending on whether some uncertain future event occurs, or

 a present obligation but payment is not probable or the amount cannot be measured reliably

Contingent asset:

 a possible asset that arises from past events, and

 Whose existence will be confirmed only by the occurrence or non-occurrence of one or more
uncertain future events not wholly within the control of the entity

Examples of contingencies

 Guarantees, e.g. bank guarantee

 Completion of contracts
 Pending litigation
 Income tax disputes
 Product warranties

Procedures of obtaining audit evidence of contingencies

The auditor should carry out audit procedures in order to become aware of any litigation and claims
involving the entity, which may results in a material misstatement of the financial statements. Such
procedures would include the following:

 Make appropriate inquiries of management including obtaining representations.

 Auditors usually ask management to write a statement acknowledging they disclosed all
known contingent liabilities
 Reviewing minutes of meeting and legal correspondences
 Examining legal expense account.
 Use any information obtained from discussions with any in-house legal department.

Page 70 of 94
 G. MANAGEMENT REPRESENTATIONS

Definition: A management representation letter is a form of letter written by management and

addressed to auditors. The letter attests to the accuracy of the financial statements that the company has
submitted to the auditors for their analysis. The CEO and the most senior accounting person (such as
the CFO) are usually required to sign the letter. It would ordinarily be dated the same date as the
auditor’s report.

In essence, the letter states that all of the information submitted is accurate, and that all material
information has been disclosed to the auditors. The auditors use this letter as part of their audit evidence.
The letter also shifts some blame to management, if it turns out that some elements of the audited
financial statements do not fairly represent the financial results, condition, or cash flows of the business.
Following is a sample of the representations that may be included in the management representation
letter:

Typical contents of a letter of representation (SEEN)

H. USING THE WORK OF OTHERS

1. Use of expert (Reliance on the work of expert)

Professional audit staff are highly trained and educated, but their experience and training is limited to
accountancy and audit matters. In certain situations it will therefore be necessary to employ someone
else with different expert knowledge to gain sufficient, appropriate audit evidence.

ISA 620 using the work of others: states that the auditor is not expected to have the expertise of a
person trained to engage in the practice of another profession such as an actuary, or engineer. For this
reason an Auditor may need to use the work of an expert to obtain sufficient appropriate audit evidence.

EXPERT: a person or firm possessing special skill, knowledge and experience in a particular field
other than accounting and auditing.

Determining the Need to Use the Work of an Expert

In obtaining an understanding of the entity and performing further procedures in response to assessed
risks, the auditor may need to obtain, in conjunction with the entity or independently, audit evidence in
the form of reports, opinions, valuations and statements of an expert. Examples include the following:

 Valuations of certain types of assets, for example, land and buildings, plant and machinery,
works of art, and precious stones.
 Determination of quantities or physical condition of assets, for example, minerals stored in
stockpiles, underground mineral and petroleum reserves, and the remaining useful life of plant
and machinery.
 Determination of amounts using specialized techniques or methods, for example, an actuarial
valuation
 The measurement of work completed and to be completed on contracts in progress.
 Legal opinions concerning interpretations of agreements, statutes and regulations.
Page 71 of 94
Competence and Objectivity of the Expert

When planning to use the work of an expert, the auditor should evaluate the professional competence
of the expert. This will involve considering the expert’s:

(a) Professional certification or licensing by, or membership in, an appropriate professional body;
and
(b) Experience and reputation in the field in which the auditor is seeking audit evidence.

2. Reliance on the work of internal audit

Internal audit's work can be relied upon, but only if it meets the needs of the external auditor.

The basic issue here is the same as with using the work of any other expert: you cannot just rely on
their work, but must decide whether it is actually suitable for the external audit. In the case of work
done by internal audit, ISA 610 Using the work of internal audit, states that the external auditor must
determine:

 Whether internal audit's work can be used at all

 If the work can be used, in which areas and to what extent? Is the work adequate for the
purposes of the external audit?

Assessing the internal audit function

Determining what work can be used involves considering three main things:
(i) Internal audit's organizational status and relevant policies and procedures. Are the internal
auditor’s objective?
(ii) The level of competence of the internal audit function
(iii) Whether the internal audit function applies a systematic and disciplined approach, including
quality control

Steps when relying on internal audit

Step 1: Discuss the planned use of internal audit work with the internal audit function
Step 2: Read the relevant internal audit reports to understand the nature and extent of audit
procedures performed and the findings.
Step 3: Carry out and document 'sufficient audit procedures' on the internal audit work to
be used to assess its adequacy for the purposes of the audit

Page 72 of 94
 I. OPENING BALANCES

Opening balances are based on the closing balances of the prior period and reflect transactions of an
accounting polices applied to the prior period.

ISA 510 provides guidance on when the financial statements of an entity are audited for the first time
and when the financial statements for the prior period were audited by another auditor.

For initial audit engagements, the auditor should obtain sufficient appropriate audit evidence that:

 The opening balances do not contain misstatements that materially affect the current period’s
financial statements,
 The prior period’s closing balances have been correctly brought forward to the current period.
 The materiality of the opening balances relative to the current period balances.

Where the prior period accounts were not audited or where the auditor has not obtained sufficient
appropriate evidence, he must perform other procedures. Example would include:

 In respect of current assets and liabilities, some audit evidence can usually be obtained as
part of the current periods audit procedures such as the collection of opening debtors during
the current period. This will provide some evidence of their existence, rights and obligations,
completeness and valuation at the beginning of the period.
 The opening stock position may require observing a current physical count and then
reconciling it back to the opening position.
 For non-current assets and liabilities, the auditor may be able to obtain external
confirmation of opening balances with third parties

NOTE: if, after performing audit procedures, the auditor is unable to obtain sufficient appropriate
audit evidence concerning opening balances, the auditor’s report should include:

 A qualified opinion
 An adverse opinion or
 A disclaimer of opinion

J. COMPARATIVES

ISA 710 Comparative Information - Corresponding Figures and Comparative Financial Statements
requires that comparative figures comply with the identified financial reporting framework and that
they are free from material misstatement.

The IASB's Framework for the Preparation and Presentation of Financial Statements and IAS 1
Presentation of Financial Statements both require that financial statements show comparatives.

Page 73 of 94
K. AUDITOR’S RESPONSIBILITIES BEFORE AND AFTER DATE OF AUDIT REPORT

Page 74 of 94
 L. AUDITOR’S RESPONSIBILITY FOR OTHER DOCUMENTS (OTHER
INFORMATION)

ISA 720 the Auditor’s Responsibilities Relating to Other Information. It defines ‘’other
information’’ as a financial and non-financial information, other than that included in the audited
financial statements.

ISA 720, states that an auditor should read the other information to identify material inconsistencies
with the audited financial statements.

“A material inconsistency” exists when other information contrasts information contained in the
financial statements.

Page 75 of 94
CHAPTER 12: COMPUTER INFORMATION SYSTEM [ACCA, Dec. 2012, Q1 (c)]

Computer Assisted Audit Techniques (CAATs) or Computer Aided Audit Tools or Computer
Assisted Audit Tools and Techniques (also sometimes referred to as CAATTs) are becoming more
popular throughout audit profession.

Simply, CAATs are used to simplify or automate the data analysis process. Firms that have taken
the use of CAATs to the next level have realized many benefits of using these tools.

Page 76 of 94
CHAPTER 13: PUBLIC SECTOR AUDITING

A. THE ROLE OF THE OFFICE OF THE AUDITOR GENERAL

The Office of Auditor General (OAG) of Rwanda was established in 1998 and began its
operations in 2000. The 2003 constitution of the Republic of Rwanda recognized OAG as the
Supreme Audit Institution and defined it as an independent office vested with legal personality,
financial and administrative autonomy.

The Auditor General’s role is to audit the finances and activities of the government institutions
and agencies. In undertaking this task, the Auditor General will scrutinize the public sector for
potential instances of wastage, inefficiency or ineffectiveness, and report his findings to
Parliament.

Reporting directly to the Parliament, the Auditor General is an ‘ally of the people and Parliament’.
He must act independently in carrying out all his powers and duties.

Independence is the cornerstone of public sector audit. The Auditor General must be free from
pressure, influence or interference from any source that may erode that independence.

B. THE LEGAL ENVIRENMENT IN WHICH OAG AND AUDITIES FUNCTION

The Supreme Audit Institution (SAI) of Rwanda is OAG of state finances

Responsibilities

The Auditor General is responsible for:

 auditing the Annual Report on State Finances

 conducting examination of financial statements and control audits and issuing audit
opinions for over public sector agencies
 undertaking wide-ranging performance examinations to ensure there are adequate controls
within government agencies, compliance with the relevant legislation; and most
importantly efficiency, effectiveness and economy of agency operations or programs
 Reporting the results of audits to Parliament in an objective, competent, insightful and
timely manner.

Reporting by OAG

OAG reports to the chamber of deputies and submit copy of the report to:

 The president of the republic

 Cabinet
 President of the supreme court
 Prosecutor general of the republic

Page 77 of 94
 C. SPECIFIC CONSIDERATIONS OF PUBLIC SECTOR AUDITING

The public sector auditors should:

 Plan each audit with a thorough understanding of the audited business and its environment
 Focus on risk areas of error, fraud, or other irregularities
 Work closely with internal auditors.

D. THE ROLE OF INTOSAI

The International Organization of Supreme Audit Institutions (INTOSAI) is a worldwide

affiliation of governmental entities. Its members are Auditor General Offices of nations. The OAG
of Rwanda is a member of INTOSAI

The important role of SAIs in promoting the efficiency, accountability, effectiveness and
transparency of public administration, which is conducive to the achievement of internationally
agreed development goals.

Objectives
i. Professional standards- to establish effective frameworks for the adoption of professional
standards that correspond to the demands and expectations of member institutions.
ii. Capacity building
iii. Knowledge share
iv. To promote the organization and governance of OAGs

Page 78 of 94
CHAPTER 14: PROFESSIONAL APPOINTMENTS

A. ADVERTISING
- Auditors are like anyone else in business and in business it is necessary to advertise.
But this advertising should be aimed at informing the public in an objective manner
and should be in good taste (satisfying esthetical standards).
- IFAC and ICPAR have stated that auditing firms should be honest and truthful and
should not make any exaggerate claims for the services or the experience they have
gained. In addition they should not make any disparaging references or
unsubstantiated comparisons to the work of others.
- A firm must have a practicing certificate to describe themselves as registered auditors

B. TENDERING

Client companies can change auditors. In this regard an auditing firm may be approached to
submit a tender for an audit. When approached to tender, an audit firm must consider whether
they want to do the work and they must have regard for the ethical considerations such as
independence and professional competence. In addition they need to consider fees and some
other practical issues.

Fees: an auditing firm may quote whatever fee is deemed to be appropriate. The fact that one
may quote a lower fee than another auditor is not itself unethical. The fees should be set
considering the following:

 What does the job involve? Is it audit and / or tax or is other complicated work?
 Which staff will need to be involved

The practice of undercutting fees has been called lowballing. Note that a lower fee may seem to
have a negative impact on an auditor’s perceived independence but there other factors to
consider:
- auditors operate in a market like any other business where supply and demand very
often dictate the price
- auditing firm has increased productivity, whether through the use of more
sophisticated IT or experience gained through understanding the client’s business.

C. CHANGE IN AUDITORS

The reasons why clients change auditors

i. Audit fee
- The fee may be perceived to be too high
- Other similar auditing firms may be getting audit services for less fee
Page 79 of 94
 - The client may put the audit out to tender to see whether the price is
actually negotiable, even though he may have no intention of changing his
auditor
ii. Audit firm may not seek re-election
- For ethical reason, such as they doubt the integrity of management
- Conflicts of interest may have arisen e.g. competition between clients
- The auditor may not want to reduce the audit fee.
iii. Size of the company (client)
- The client may be growing at such a rate that the audit firm no longer has
the necessary resources, staff, time, and expertise, to allow it to retain the
audit. (remember the principle of professional competence ad due care)
iv. Other reasons
- As part of the safeguards against the threats to independence, audit
rotation is needed

Page 80 of 94
CHAPTER 15: PRACTICE MANAGEMENT & REGULATORY ENVIRONMENT

A. RISKS TO WHICH AUDIT FIRMS ARE EXPOSED

A key risk facing any audit firm is that the business will fail. In this respect an audit firm is no
different from any other business venture.

Risks specific to audit firms

 Litigation against the firm

 Client loss (changes in auditor)
 Disciplinary action by the professional body
 Loss of key audit personnel
 Competition

B. WHAT ARE THE CURRENT TRENDS

There are three distinct types of audit firms:

i. Big four
ii. Medium sized
iii. Small

This size is classified by their fee income earned.

Page 81 of 94
CHAPTER 16: PERFORMANCE MEASUREMENT

1. introduction

Performance measurement includes a series of measures within the company designed to ensure
that the employees are accountable to management for their performance. Performance measures
can be analyzed over financial and operational areas:

 Financial measures: using key financial ratios. Financial performance could also be
assessed in further detail for example, by analysis of sales by product, region, division,
comparisons between the performance of the company and its competitors or its budget.
 Operational measures: indicators of operational performance will vary within
different businesses. Measures could include data such as sales per sales person and
number of new products launched each year.

2. Value for money audits

Value for money audits have the following key characteristics:

 Economy: obtaining input at the lowest acceptable cost

 Efficiency: maximizing output for a given input or achieving the minimum input for a
given output.
 Effectiveness: ensuring that outputs of a service have the desired impacts.

Page 82 of 94
CHAPTER 17: FORENSIC AUDITS

1. Definition
“Forensic auditing” is the process of gathering, analyzing and reporting on data, for the
purpose of finding facts and evidence in the context of financial disputes or legal disputes or
irregularities.

“Forensic auditing” is the investigation of a fraud or presumptive fraud with a view to gathering
evidence that could be presented in a court of law

The word “forensic” means “suitable for use in a court of law”.

Forensic accounting or Forensic auditing or Forensic investigation may be applied in the

following areas:

i. Fraud investigation
ii. Negligence:
for example: personal injuries, fatal accidents, medical negligence, professional
negligence, fires and other forms of damage caused by negligence. The measure of
damage is to put the injured person back in the financial position they would have been
before the negligence.
iii. Calculating and quantifying losses and economic damages, whether suffered through
tort or breach of contract
iv. Disagreements relating to company acquisitions and business valuation
v. Assessing loss before setting insurance claims
vi. Divorce settlement, to uncover assets that one spouse is trying to hide.
vii. Partnership dissolution, to uncover assets that some partner(s) is/are trying to hide

2. Distinction among Forensic Accounting, Forensic Investigation and Forensic Audit

Forensic Accounting.
Forensic accounting is an aspect of accounting that refers to the practical steps Certified Fraud
Examiners take in order to gather evidence relevant to alleged fraudulent activities.

Forensic Investigation
The utilization of specialized investigative skills in carrying out an inquiry conducted in such a
manner that the outcome will have application to a court of law. A Forensic Investigation may be
grounded in accounting, medicine, engineering or some other discipline.

Forensic Audit
‘Forensic auditing’ refers to the specific procedures carried out in order to produce evidence. Audit
techniques are used to identify and to gather evidence to prove, for example, how long the fraud
has been carried out, and how it was conducted and concealed by the perpetrators. Evidence may
also be gathered to support other issues which would be relevant in the event of a court case.

Page 83 of 94
CHAPTER 18: WHISTLEBLOWING

A whistleblower is an individual in an organization who makes disclosures in the public interest

about dangerous or illegal activities, in order that the misconduct or perceived misconduct can be
addressed.

A whistleblower is a person who exposes any kind of information or activity that is deemed illegal,
unethical, or not correct within an organization. This disclosure should be in in the public interest.

Whistleblowing can either occur internally within the employing organization or externally, and
should not be used as a method of resolving a personal complaint.

Whistleblowing arrangements within an organization should act as to:

- Encourage openness
- Promote transparency
- Help protecting the reputation of the company and senior management.

Setting up for Whistleblowing procedures within an organization strengthens corporate

governance and ethics.

Page 84 of 94
CHAPTER 19: INTERNAL AUDIT AND OUTSOURCING

A. INTERNAL AUDIT
1. introduction

Internal auditor is an employee of or engaged by the company. Internal audit is an entity’s unit
involved in helping organizations achieve their objectives. It is concerned with evaluating and
improving the effectiveness of risk management, particularly control risk.

2. ISA 610 Using the work of internal audit by external auditors

The external auditors must evaluate:

 the technical competence of the internal audit function;

 Quality control procedures over the review and supervision of internal audit staff
members and appropriate planning and direction.
 whether the internal audit function is carried out with due professional care; and
 Whether there is likely to be effective communication between the internal and external
auditor.
 Whether the work was performed by people with adequate technical training and
proficiency;
 Whether the work was properly supervised, reviewed and documented;
 Whether sufficient and appropriate evidence has been obtained to be able to draw
reasonable conclusions;
 Whether the conclusions reached are appropriate in the circumstances;
 Whether any unusual matters are properly resolved.

3. role of internal audit in corporate governance

Internal audit plays a key role in good corporate governance. Corporate governance may be
defined as oversight of a corporation's policies, procedures and practices. This oversight helps to
ensure that the business is operated in the best interests of the corporation and its shareholders.
The process of managing corporate governance is usually handled by a board of directors. The
corporation may employ a staff of internal auditors to test and monitor internal controls.

Internal auditor monitors the risk management within a company and reports to the board.

4. Risk Management

The responsibility to manage risk in a company rests with the management. They must identify,
control and monitor the risk. Internal auditor is ideally placed to monitor this risk. He can on
continual process:

 advise on the optimum design of systems and monitor their operation

 advise on improvements required to existing systems
 Provide assurance on systems set up for various departments.
Page 85 of 94
 5. Types Of Internal Audits
 Operational Audit – An operational audit evaluates performance of a particular function
or department to assess its efficiency and effectiveness. ...
 Compliance Audit – A compliance audit evaluates an area's adherence to established laws,
standards, regulations, policies, and/or procedures

B. OUTSOURCING
1. Introduction
Companies only tend to outsource those functions which are not key competencies.
2. Why Do Companies Outsource?

Examples of outsourcing benefits include:

 Financial efficiency: outsourcing can reduce costs. Many organizations may not have the
size and cash flow to support a full-time staff.
 Capitalization on Specialized Knowledge: Independent consultants will often specialize in
particular industries and bring an in-depth knowledge of that industry, utilizing years of
experience to support the organization, regardless of the age or experience of the particular
organization.

3. What Can You Outsource?

Companies may outsource accounting services, IT, cleaning etc.

4. Advantages And Disadvantages Of Outsourcing

Advantages:

 improved focus on core business activities - outsourcing can free up your business to focus
on its strengths, allowing your staff to concentrate on their main tasks and on the future
strategy
 increased efficiency - choosing an outsourcing company that specialises in the process or
service you want them to carry out for you can help you achieve a more productive, efficient
service, often of greater quality
 controlled costs - cost-savings achieved by outsourcing can help you release capital for
investment in other areas of your business

Disadvantages:

 confidentiality and security - which may be at risk

 lack of flexibility - contract could prove too rigid to accommodate change
 management difficulties - changes at the outsourcing company could lead to friction
 instability - the outsourcing company could go out of business
Page 86 of 94
 C. IMPACT OF OUTSOURCING ON AN AUDIT

CONSIDERATIONS OF THE AUDITOR

1.The purpose of this International Standard on Auditing (ISA 402) is to establish standards and
provide guidance to an auditor where the client uses a service organization. This ISA also describes
the service organization auditor’s reports which may be obtained by the entity’s auditors.

2.The auditor should consider how an entity’s use of a service organization affects the client’s
internal control systems so as to identify and assess the risk of material misstatement and to design
and perform further audit procedures.

3.A client may use a service organization such as one that executes transactions and maintains related
accountability or records transactions and processes related data (e.g., a computer systems service
organization). If a client uses a service organization, certain policies, procedures and records
maintained by the service organization may be relevant to the audit of the financial statements of
the client.

SERVICE ORGANIZATION AUDITOR’S REPORTS

1. When using a service organization auditor’s report, the auditor should consider the nature of
and content of that report.
2. The report of the service organization auditor will ordinarily be one of two types as follows:
Type A – Report on the Design and Implementation of Internal Control
a) A description of the service organization’s internal control, ordinarily prepared by the
management of the service organization; and
b) An opinion by the service organization auditor that:
i) the above description is accurate;
ii) the internal control is suitably designed to achieve their stated objectives; and
iii) the internal controls have been implemented.
Type B – Report the Design, Implementation and Operating Effectiveness of Internal Control
a) A description of the service organization’s internal control, ordinarily prepared by the
management of the service organization; and
b) An opinion by the service organization auditor that:
i) The above description is accurate;
ii) The internal controls is suitably designed to achieve their stated objectives;
iii) The internal controls have been implemented; and
iv) The internal controls are operating effectively based on the results from the tests of
control. In addition to the opinion on operating effectiveness, the service organization
auditor would identify the tests of control performed and related results.

Page 87 of 94
 The report of the service organization auditor will ordinarily contain restrictions as to use
(generally to management, the service organization and its customers, and entity’s auditors).
3. The auditor should consider the scope of work performed by the service organization auditor
and should evaluate the usefulness and appropriateness of reports issued by the service
organization auditor.
4. While Type A reports may be useful to the auditor in obtaining an understanding of the internal
control, an auditor would not use such reports as a audit evidence about the operating
effectiveness of controls.
5. In contrast, Type B reports may provide such audit evidence since tests of control have been
performed. When a type B report is to be used as audit evidence about operating effectiveness
of controls, the auditor would consider whether the controls tested by the service organization
auditor are relevant to the entity’s transactions, account balances and disclosures, and related
assertions, and whether the service organization auditor’s tests of control and the results are
adequate. With respect to the latter, two key considerations are the length of the period covered
by the service organization auditor’s tests and the time since the performance of those tests.
6. For those specific tests of control and results that are relevant, the auditor should consider
whether the nature, timing and extent of such tests provide sufficient appropriate audit evidence
about the operating effectiveness of the internal control to support the auditor’s assessed risks
of material misstatement.
7. The auditor of a service organization may be engaged to perform substantive procedures that
are of use to the entity’s auditor. Such engagements may involve the performance of procedures
agreed upon by the entity and its auditor and by the service organization and its auditor.
8. When the auditor uses a report from the auditor of a service organization, no reference should
be made in the entity’s auditor’s report to the auditor’s report on the service organization.

Page 88 of 94
CHAPTER 20: PROSPECTIVE FINANCIAL INFORMATION

A. INTRODUCTION

Forecasts may be of interest to users more so than historical information. Auditors may carry out
a review or an assurance on the forecasts. Prospective financial information is based on
assumptions about events that may occur in the future and possible actions by an organization
(client).

ISAE3400 The Examination of Prospective Financial Information provides more detailed

guide lines on this.
ISAEs = International Standards on Assurance Engagements

B. REPORTING ON PROSPECTIVE FINANCIAL INFORMATION

It is difficult to give assurance on such information as it is considered highly subjective.

Forecasts / projections generally relate to capital expenditure, profits and cash flows.

C. ACCEPTING AN ENGAGEMENT

1. Before accepting an engagement to examine prospective financial information, the auditor

would consider the following things:

 The intended use of the information.

 Whether the information will be for general or limited distribution.
 The nature of the assumptions, that is, whether they are best-estimate or hypothetical
assumptions.
 The elements to be included in the information.
 The period covered by the information.
 Staff experience

D. PROCEDURE

In performing an examination of prospective financial statements, the practitioner should

consider the following:

 The nature and background of the entities’ business

 The accounting policies used and whether they have been consistently applied in the
preparation of the projections
 The assumptions on which the projections are based
 The degree of accuracy and reliability of previous forecast and the frequency with which
they are revised
 How the projection allows for factors which may have a high degree of risk
 The arithmetic accuracy of all calculations

Page 89 of 94
 E. EXPRESSING AN OPINION

The same level of assurance cannot be given for prospective information as can for say a set
of historical financial statements (audit).

ISAE 3400, suggests that an auditor should express an opinion to include:

 A statement of negative assurance as to whether the assumptions are reasonable

 An opinion whether the financial information is properly prepared having regard to the
assumptions and is presented in accordance with relevant financial reporting.

The report itself should also contain:

 A title that includes the word independent

 addressee
 Identification of the prospective financial statements presented
 Identification of the responsible party and a statement that the prospective financial
statements are the responsibility of the responsible party
 A statement that the practitioner’s responsibility is to express an opinion on the
prospective financial statements based on his or her examination
 The accountant’s signature,
 The date of the report.

Page 90 of 94
Example of a Report on Prospective Financial Information

Independent auditor’s report

[Appropriate addressee]

Introduction

We have examined the projection in accordance with the International Standard on Assurance
Engagements applicable to the examination of prospective financial information. Management is
responsible for the projection including the assumptions set out in Note X on which it is based.

This projection has been prepared for (describe purpose). As the entity is in a start-up phase the
projection has been prepared using a set of assumptions that include hypothetical assumptions
about future events and management's actions that are not necessarily expected to occur.
Consequently, readers are cautioned that this projection may not be appropriate for purposes other
than that described above.

Based on our examination of the evidence supporting the assumptions, nothing has come to our
attention which causes us to believe that these assumptions do not provide a reasonable basis for
the projection, assuming that (state or refer to the hypothetical assumptions). Further, in our
opinion the projection is properly prepared on the basis of the assumptions and is presented in
accordance with [name of standard]

AUDITOR

Date

Address

Page 91 of 94
CHAPTER 21: GROUP AUDITS

A. GROUP ACCOUNTING AND THE HOLDING COMPANY AUDITORS

The duty of principal auditor is to report on group accounts (financial statements).

“Principal auditor” means the auditor with responsibility for reporting on financial statements of an entity
whose financial statements include financial information from one or components audited by another
auditor.

“Other auditor” means an auditor other than principal auditor, with responsibility for reporting on the
financial information of a component that is included in the financial statements audited by the principal
auditor.

“Component” means a division, branch, subsidiary, joint venture, associated company or other entity
whose financial information is included in the financial statements audited by the principal auditor.

The principal auditor has sole responsibility for reporting on group financial statements even where they
include amounts derived from accounts that have been audited by other auditor.

The principal auditor has the rights:

 To require from other auditor the information and explanation

 To require from the principal company the necessary information and explanations fron subsidiaries
that they deem necessary.

B. PRINCIPAL AUDITORS AND OTHER AUDITORS

“ISA 610: Using the work of others”

When planning to use the work of another auditor, the principal auditor should:

 Consider the professional competence of the other auditor in the context of the specific
assignment.
 Advise the other auditor of the independence requirements regarding both the entity and the
component and obtain written representation as to compliance with them.
 Advise the other auditor of the use of the other auditor’s work and report and make sufficient
arrangements for the coordination of their efforts at the initial planning stage of the audit. The
principal auditor would inform the other auditor of matters such as areas requiring special
consideration, procedures for the identification of intercompany transactions that may require
disclosure and the timetable for completion of the audit.
 Advise the other auditor of the accounting, auditing and reporting requirements and obtain written
representation as to compliance with them.
 Consider the significant findings of the other auditor.
 The nature of his relationship with the firm acting as other auditor.

Page 92 of 94
 C. CONSOLIDATION PROCESS

After receiving the subsidiaries’ accounts, the principal auditor can audit the consolidated accounts. An
important part of this work will be reviewing the consolidation adjustments that fall into two categories:

 Permanent adjustments
 Adjustments for the current year.

The following audit steps are involved in consolidation process:

 The group engagement team shall design and perform further audit procedures on the consolidation
process to respond to the assessed risks of material misstatement of the group financial statements
arising from the consolidation process. This shall include evaluating whether all components have
been included in the group financial statements.
 The group engagement team shall evaluate the appropriateness, completeness and accuracy of
consolidation adjustments and reclassifications, and shall evaluate whether any fraud risk factors
or indicators of possible management bias exist.
 If the financial information of a component has not been prepared in accordance with the same
accounting policies applied to the group financial statements, the group engagement team shall
evaluate whether the financial information of that component has been appropriately adjusted for
purposes of preparing and presenting the group financial statements.
 The group engagement team shall determine whether the financial information identified in the
component auditor’s communication is the financial information that is incorporated in the group
financial statements.
 If the group financial statements include the financial statements of a component with a financial
reporting period-end that differs from that of the group, the group engagement team shall evaluate
whether appropriate adjustments have been made to those financial statements in accordance with
the applicable financial reporting framework

NOTE: the principal auditors are often requested to carry out consolidation. In these circumstances the
auditors is acting as an accountant and auditor and care must be taken to ensure that the audit function is
carried out and evidenced as appropriate.

D. JOINT AUDITS

A joint audit can be defined as one “where two or more auditors are responsible for an audit engagement
and jointly produce an audit report to the client”. The relationship between principal and other auditors is
not the same as that between auditors involved in a joint audit.

Reasons for joint audits

Two or more firms could act as joint auditors for the following reasons:

 in a new acquisition the parent entity may insist that their auditors act jointly with those of the
new subsidiary.
 An entity operating from many distant locations may find it useful to have joint auditors.

Page 93 of 94
  Overseas subsidiaries may need to employ local audit firms to satisfy the laws of the country in
which they operate. These local auditors may act jointly with the group auditors.
 Some entities may prefer to use local auditors while at the same time enjoying the greater range of
services offered by a large international firm.

Before accepting appointment as a joint auditor it will be necessary to consider the experience and
standards of the other firm.

The allocation of work between the firms needs to be agreed and the auditors should agree whether joint
or separate engagement letters will be sent.

Both firms must sign the audit report and both are responsible for the whole audit. They are jointly liable
in the event of litigation.

E. AUDIT OF FOREING SUBSIDIARIES

Some difficulties and possible solutions in audit foreign subsidiaries would include:

 Difficulties with languages might be overcome by using a member of the office who speaks the
language or the use of translator.
 Cultural differences can be tackled by the auditor’s learning about the country
 Differences in local accounting, auditing conventions and legislation can be overcome through
learning before the audit begins.
 Auditors may face difficulties of obtaining the necessary work permit to work within the country.
The auditors should seek help from the client company.

F. RECENT DEVELOPMENT

A new exposure draft of ISA 600 contains two new definitions referring to related and unrelated
auditors.

“A related auditor” is an auditor from the group auditor’s firm or from a network firm who operates
under, and complies with, common monitoring policies and procedures and performs work on one or
more components for the purpose of group financial statements.

“An unrelated auditor” is an auditor other than group or related auditor who performs work on one or
more components for the purpose of the group financial statements.

The group auditor must:

 Consider the ethics, professionalism and quality control of the other auditors
 Determine the risks of material misstatement at group level
 Determine materiality level for the other auditors to use
 Determine what type of tests other auditors will carry out in response to assessed risks
 Evaluate the adequacy of the other auditors work
 Communicate various matters to management of the group.

Page 94 of 94