Professional Documents
Culture Documents
Syllabus
A Audit framework and regulation
B
C D E
Internal audit
Planning and risk assessment Internal control Audit evidence
F
G
Review
Reporting
Chap 1
Definition of an audit
An audit is the independent examination of the financial statements of an entity by a duly appointed auditor. Once the examination is done, the auditor provides a report to the shareholders that the FS show a ture and fair view.
Objective of an audit
Auditor to state an opinion as to whether the FS:
Give a true and fair view Are prepared in accordance with applicable frameworks
Non-Statutory
No legal requirement to do so.
Materiality
If the omission or misstatement of an item in the FS could influence the economic decision of users, that item is said to be material. Errors found by an auditor in the FS could be substantial, influencing the decision of the investors. Hence such an error is known as a material misstatement.
Chap 2
Regulatory environment
International Federation of Accountants:
Serves to strengthen the profession worldwide Serves the public interest, and Promote adherence to high quality standards.
Duty of auditors
Form an opinion as to whether the FS provide a true and fair view, and prepared in accordance with applicable accounting standards.
Prepare and issue a report. It is the management of the company who has the responsibility of preparing the FS.
chap3
Corporate Governance
Corporate governance system by which companies are directed and controlled. Corporate governance - concerned with matters such as directors responsibilities, board of directors, audit committee and relationship with external auditors. The focal point of corporate governance is to ensure that companies are run in the interests of their shareholders and the wider community.
The rights of stakeholders The corporate governance framework encourage active cooperation between the entities and stakeholders in creating wealth, jobs and the sustainability of financially sound entities.
CEO:
Ensures the operational functioning of the company
One person might end up having too much power and decisions might be taken which are not in the best interest of the shareholders.
Listed companies should have and audit committee with at least 3 NEDs
Chap 4
ACCA sets out a code of ethics for members and disciplinary action is taken against those who fail to uphold them.
Objectivity
Professional behaviour
Members should comply with relevant laws and regulations and should avoid any action that discredits the profession.
Threats to objectivity
Five potential threats are identified in the ACCAs code of ethics. Safeguards are suggested in order to counter each of the threats.
Threats to objectivity
1. Self interest - when the auditor has either a financial or personal interest in the client. Examples:
Dependence on client
If a client makes up too high a percentage of an auditors income, they may be afraid of losing the income.
Safeguard If a Listed company makes up more than 10% of a firms income, they should not audit that client. (15% for non listed companies)
Threats to objectivity
1. Self interest
Examples:
Lowballing
Lowballing is setting a very low fee either to attract new clients or ensure further work. Safeguard Auditors should not set fees in this way, the fee must be based on a pre-determined level of work required.
Threats to objectivity
1. Self interest
Examples:
Loans, Guarantees and overdue fees
If an auditor fears he may not get such items paid back his objectivity may be threatened. In this case significant overdue fees constitute a loan.
Safeguard Do not offer loans, guarantees or allow fees to go unpaid for a significant time.
Threats to objectivity
1. Self interest
Other Examples:
Hospitality and Benefits Contingent Fees Financial or Business interest Financial interest such as shares etc.
Threats to objectivity
2. Self review threat - if an auditor provides other services to a client such as Tax advice, then the auditor will be reviewing their own work during the course of the audit. Examples:
Accounting Services If an auditor prepares the accounts it is 100% sure that they will be reviewing their own work. They may be tempted to hide errors to save face. Safeguard - Auditor must not undertake accounting services for a client is they are a LISTED company.
Threats to objectivity
2. Self review threat
Examples:
IT If the auditor advises on or installs accounting software for a client this will have to be reviewed during the audit. Safeguard - If the IT system is important to a significant part of the accounting system, the auditor should not design, provide or implement it.
Threats to objectivity
2. Self review threat
Examples:
Valuation Services A valuation made by the auditor could have a material effect on the financial statements. Safeguard If valuation requires a degree of judgement and have a material effect on the financial statements, then the auditor should not undertake to provide it.
Threats to objectivity
2. Self review threat
Examples:
Valuation Services A valuation made by the auditor could have a material effect on the financial statements. Safeguard If valuation requires a degree of judgement and have a material effect on the financial statements, then the auditor should not undertake to provide it.
Threats to objectivity
2. Self review threat
Other Examples:
Tax Services Corporate Financial Services Internal Audit Services Former Employee of Client joining Audit Firm
Threats to objectivity
3. Familiarity threat - If the auditor is too familiar with the client, then this may give rise to a familiarity threat. Examples:
Participation in Client Affairs The auditor may be too familiar with the client and be unwilling to upset them. Safeguard Auditor cannot be a director, employee or business partner of client. Cannot be part of team if have been one of these in the last 2 years.
Threats to objectivity
3. Familiarity threat
Examples:
Family/Personal Relationship An auditor may be unwilling to criticise or upset a family member if they work for the client. Safeguard No member of the audit team may have a family member or close personal relation in the client firm.
Threats to objectivity
3. Familiarity threat
Examples:
Audit Partners joining client If a partner joins the client firm this may affect the judgement of the auditors involved. Safeguard All links to audit firm severed. Removed from audit team as soon as appointment made. If made director or key management and has worked for auditor in previous two years the audit firm must resign. (Can be reappointed after 2 yr period is up).
Threats to objectivity
3. Familiarity threat Examples:
Acting as Auditor for prolonged period If a partner has acted as auditor for a client for too long a period, they may become complacent or over familiar with them. Safeguard - If client is listed company engagement partners should act for maximum of 5 yrs with 5 yr break in between rotations.
A Key audit partner must have a break of 2 yrs after a period of 7 yrs and senior staff on listed audits should also not act for more than 7 yrs. For non-listed clients it is advised that partners act for no longer than 10 years.
Threats to objectivity
4. Advocacy threat - Advocacy threat is where an auditor represents the client or is involved in representing them. Examples:
Legal Services If an auditor provides legal services, they may be perceived to take the same view as the client and therefore lose independence. Safeguard No legal services to be offered to client or defence in dispute material to the financial statements.
Threats to objectivity
4. Advocacy
Examples:
Corporate Financial Services
Threats to objectivity
5. Intimidation threat
Intimidation threat is simply what it says, i.e. that the auditor feels unable to give an independent opinion for fear of losing the client or upsetting someone. The safeguards will be the same as those outlined above.
Confidentiality
Information should only be disclosed by auditors: If the client has given their consent Under a legal obligation e.g. money laundering, terrorism, drug trafficking If required by regulatory body e.g. FSA Under a court order If in the public interest e.g. environmental pollution.
Engagement letters
Define auditors responsibilities Written evidence of auditors acceptance Send to board of directors/or audit committee prior first audit Identify any reports to be produced in addition to audit report Update for changes
Engagement letters
Contents:
Objective of audit Management responsibilities Applicable reporting framework Test nature inherent responsibilities Unrestricted access to records Confidentiality of reports Planning Fees Role of Internal audit
Chap 5
Internal audit
A department within the company which oversees internal control systems and ensures that procedures are in place to ensure good corporate governance.
Internal audit
Provides assurance to the board by:
Reporting on and monitoring the effectiveness of internal controls. Assisting with implementation of required accounting standards. Ensuring that laid down procedures are being followed. Liaising with external auditor to reduce time and expense of external audit. Ensures compliance with OECD Principles.
Internal audit
One of the key concepts surrounding internal audit is the independence of internal audit from management. Ways to keep internal audit independent are to: Have them report to an independent committee i.e. the Audit Committee. Ensure that the internal audit function is well regarded by other departments. Have a whistle blowing function for internal audit to report serious misconduct when found.
Disadvantages
If Internal and External audit are provided by the same firm (prohibited under ethics rules in UK) then there may be a conflict of interest. Independence may not be ensured by outsourcing due to threat of management not renewing the contract. The cost of outsourcing may be so high as to encourage the firm not to have an internal audit function at all. Lack of understanding of firms culture, objectives and attitudes. The standard of service provided cannot be controlled. Blurring of the distinction between internal and external audit function.
Inputs Economy As cheap as possible given quality Process Efficiency Perform the process as efficiently as possible Outputs Effectiveness These match objectives set
Chap 6
In order for the auditor to reduce audit risk he identifies the areas which are more likely to be risky, and then he plans the audit testing accordingly.
The direction of the audit will be determined by the identification of high risk areas and materiality.
Analytical procedures
Evaluation of financial information, used in: Planning stage of the audit; Testing stage of the audit; Review stage of the audit;
Analytical procedures
They incorporate the comparison of: Current and prior year figures; Current and budgeted/forecast figures; Client and industry averages.
Analytical procedures
At the planning stage analytical procedures are useful to gain an understanding of the clients performance over the last 12 months and to identify any changes.
Chap 7
ISA 240 recognises that misstatement in the financial statements can arise from fraud or error. The first one being intentional and the latter being unintentional.
Fraud
Fraud can be split into 2 types:
Misappropriation of assets
Theft of companys assets
Chapter 8
Risk assessment
Audit risk The risk that the auditor expresses an inappropriate opinion on the financial statements.
Risk assessment
Audit risk:
Inherent risk
This is the risk related to the nature of the activities of the company. Considered in the planning stages of the audit.
Inherent risk
Examples:
Consumables
Auditor might be concerned about items being expired
Clothing
Auditor might be concerned about items becoming out of fashion
Electronics
Auditor might be concerned about stock becoming obsolete
Control risk
Risk of material misstatement due to inadequate internal controls within the business
Control risk
Examples:
No segregation of duties No controls over assets No controls over IT Large number of signatories
Detection risk
The work carried out by the auditor does not uncover a material misstatement that exists This may be due to sampling and nonsampling risk
Detection risk
Sampling risk The risk that the conclusion reached because of a sample being taken would differ from the conclusion given had the whole population been tested. i.e. the sample taken was not correct!!!
Detection risk
Non-sampling risk The risk that the conclusion reached by the auditor would be incorrect due to factors other than the sample being taken.
Example: Procedures used Interpretation of results
Auditor cannot affect inherent risk or control risk as these are internal to the client.
If the auditor assesses both the inherent risk and control risk as being high, he has to make sure that detection risk is low, so as to even out the other results.
Chap 9
Management should be undertaking regular risk assessments to ensure that all risks are identified and mitigated.
Chapter 10
If the auditor decides that the internal controls are strong, this may mean that they may not have to gain less evidence from other sources.
Chapter 11
CONTROL PROCEDURE
All orders should be in writing from customer or confirmed with customer. All customers undergo credit checks.
CONTROL PROCEDURE
Order pads or computer generated orders should be sequentially numbered to ensure none go missing. Goods should be selected from inventory using the customers order. The order should be authorised and signed when goods selected. Match GDN with customer order. Customer signs GDN & returns to company. GDN recorded and filed with sequential numbers.
CONTROL PROCEDURE
GDN sent to invoicing dept. Invoice raised to match and copy attached to GDN and filed sequentially.
All sales should be recorded. The correct amount should be recorded for each sale. The sale should be recorded against the correct customer.
Review debtors ledger for credit balances where invoices may not have been recorded.
All customers should pay the correct amount. All invoices should be paid.
Cash received agreed to invoice. Review aged listing and investigate old balances.
The requisition should be for a valid business reason. The cost of the requisition should be reasonable. Items should only be requisitioned when required. Orders should be raised for all requisitions.
Line manager authorises all requisitions. All purchasing is centralised. Suppliers used are approved. Inventory levels checked before ordering. Sequentially pre-numbered requisition pads with order matched to requisition. Orders confirmed in writing. Check price is the same as price list being used.
For all orders that are made, the goods are actually received.
The goods should be the correct goods as ordered. The quality of the goods should be acceptable. The quantity of goods received should be as ordered.
Invoices should be received for all goods received. All invoices received are for valid purchases. All invoices have the correct items, quantities and prices. All invoices should be arithmetically correct.
When goods received a copy of the GRN (sequentially numbered) sent to invoicing dept. and matched to invoice. Items checked to invoice to ensure validity. Invoice checked, signed and authorised for payment.
The correct amount should be recorded for all purchases. All purchases should be recorded. The transaction should be recorded in the correct supplier account.
All invoices checked and stamped. All invoices filed away should therefore be stamped. Suppliers statements should be reconciled regularly Reconcile purchase ledger control account.
CONTROL PROCEDURE
All invoices stamped as paid when done. Ensure system in place to pay on time to retain credit limits and supplier goodwill. Ensure stamped invoice is not paid again by keeping separate once paid. Vouch payment amount to invoice amount. All invoices should be authorised before payment. All payments should be authorised.
CONTROL PROCEDURE
The number of sheets or cards should be counted to ensure the number matched the number of employees. Access to additional sheets or cards should be restricted. All sheets and cards should be authorised by line managers.
The payroll calculations should be correct. The correct wages, PAYE & NICs should be recorded on the system.
All staff should receive payment. No bogus employees should be paid. The correct amount should be paid to staff.
If cash wages are paid ensure that two people are present when payment is made.
Inventory should be stored safely and securely to ensure good condition. Oldest inventory should be used first to prevent obsolescence.
Ensure that storage area is weather proof, has fire protection and is at the correct temperature. Ensure inventory system is based on FIFO. Access to stores should be restricted.
The correct amount of inventory should be sent to the production centre. The correct type of materials should be sent.
The production manager should authorise all requisitions from stores. Requisition orders should be checked to goods sent out. Standard quantities of materials could be used.
Counted areas marked to prevent double counting. Managers check accuracy by spot counts. Counting done in pairs. Employees dont count areas they are responsible for.
Cash should be locked in safe. Access to cash restricted. Security movements for large amounts.
Perform surprise cash count. Ensure only authorised staff have access to cash. Check sequential numbering of cash receipts. Check mail is opened by two members of staff to reduce the chance of fraud.
Cash should be banked regularly. Cash balances in tills should be emptied regularly
Check all cash lodged intact to bank regularly. All lodgements are authorised. Examine bank reconciliations and ensure regularly performed.
Limited number of authorised signatories. Banking online should have restricted access. Cheques should not be signed in advance. Cheque books should be kept under lock and key.
Cheque book should be reviewed to ensure no cheques are missing and no cheques are signed in advance. Verify that cash payments are arithmetically correct. Direct debits should be consistent and authorised.
Petty cash balances should be counted and checks made that controls are in place over petty cash.
Chapter 12
Chapter 13
Audit evidence
ISA 500 mentions that different assertions apply to different figures in the financial statements. These different figures include: Transactions and events Account balance Presentation and disclosure
Account balance
Items found in the balance sheet
OCCURRENCE:
transactions which have been recorded, have occurred and pertain to the company.
ACCURACY:
Account Balance
COMPLETENESS: all assets, liabilities and equity
that should have been recorded, have been recorded.
EXISTENCE: assets, liabilities and equity really exist RIGHTS AND OBLIGATIONS: the company has
a right over the asset and the obligation over the liability
Chapter 14
Audit evidence
ISA 500 states that.. The objective of the auditor is to design and perform audit procedures in such a way to enable the auditor to obtain sufficient appropriate audit evidence to be able to draw reasonable conclusions
Audit evidence
SUFFICIENT EVIDENCE
There must be ENOUGH evidence to support the auditors opinion. Determining whether evidence is sufficient depends on:
Risk of material misstatement Results of tests of controls Size of population being tested Size of sample selected Quality of evidence obtained
Audit evidence
APPROPRIATE EVIDENCE This is made up of:
Reliability of evidence Relevance of evidence
Reliability
Evidence is considered reliable when: It is obtained from independent sources Generated internally but subject to effective internal control Obtained directly by the auditor In documented form In original form
Relevance
Accounting estimates
Characteristics of accounting estimates: Confirmation of estimates is difficult Prone to inaccuracy No physical evidence Prone to management bias
Accounting estimates
The auditor must obtain an understanding of: Managements assessment of the estimates How the estimate is actually done
No segregation of duties
Less formal approach
Chapter 15
Audit sampling
CONTROLS TESTING
LARGE SAMPLE TO BE SELECTED
Audit sampling
Substantive procedures are carried out on samples of the transactions making up a figure in the financial statements.
The amount of substantive testing can be varied depending on the size of the sample being chosen.
(ii)Non-Statistical sampling
Statistical sampling
An approach to sampling that uses: Random selection of samples; and Probability theory to evaluate the results
Types of samples
Random selection: use of random number tables Systematic selection: sampling interval used Monetary unit sample: selecting sample based on the value Haphazard selection: no structured technique but one avoids bias Block selection: involves selecting a block of items which are next to each other in the population.
Non-Statistical sampling
Judgement is used to select items to be tested. This usually leads to focusing on higher value items.
Chapter 16
Audit documentation
Imp things to note:
1. If the working papers do not exist, then the auditor will be unable to prove how and why the opinion expressed was arrived at. Working papers should provide evidence that a qualified practitioner could easily follow and report the same conclusions. Unclear working papers are USELESS.
2.
3.
Chapter 17
Analytical Procedures
Used to highlight unusual figures in order to focus the audit on them or to establish that a trend has continued.
Analytical Procedures
compulsory at the planning and final stage of the audit. Also an effective tool for gathering evidence throughout the audit.
Analytical Procedures
Profitability Ratios
Gross margin (gross profit/sales)100 Net margin (net profit/sales)100 ROCE (profit before interest and tax / share capital + reserves + borrowings)
Analytical Procedures
Liquidity Ratios
Receivables days (receivables/sales)365 Payables days (payables/purchases)365 Inventory days (inventory/cost of sales)365 Current ratio (current assets/current liabilities) Quick ratio (current assets inventory/current liabilities)
Analytical Procedures
Whether or not to rely on analytical procedures:
Suitability not suitable for every assertion Reliability auditor may only rely on data generated from a system with strong controls Degree of precision some figures will not have a recognisable trend over time or be comparable Acceptable variation variations having an immaterial impact on the financial statements will not hold as much interest to the auditor as those that do
Chapter 18
Receivables
Payables
Inventory
Chapter 19
The auditor may not have the expertise to make judgements on all aspects of a clients business and may seek help in the form of an expert. Examples of this are specialist inventory, property valuation and complex work in progress.
If the auditor chooses to rely on the work of an expert, they must ensure that the expert is independent and sufficiently competent.
If an expert in the inventory of the entity being audited is consulted on valuation of inventory, but works for a subsidiary of the entity then the auditor may consider them to be not sufficiently independent.
The auditor should make no reference to the use of the work of others in the audit report. It is the auditors opinion in the report and the work of others is simply one type of evidence that may be used, if sufficient and reliable, to come to that opinion.
Chapter 20
USING THE COMPUTER TO TEST OR ASSIST THE AUDITOR IN TESTING DURING THE AUDIT PROCEDURES
CAATS
EXAMPLES:
1. 2. 3. 4. 5. 6. To run client data to check for errors To extract samples Check calculations Produce reports Match transactions Create test data, input it in the clients system and compare the result to what was expected (auditing around the computer input vs output).
Chapter 21
If management do not amend the errors then a qualified report will be issued.
Subsequent events
A question on subsequent events will usually involve a scenario with events which you must decide are adjusting or non-adjusting events.
NO
NO ACTION REQUIRED
DOES THE EVENT PROVIDE ADDITIONAL EVIDENCE OF CONDITIONS EXISTING AT THE YEAR END?
YES
NO
ADJUSTING EVENT
NON-ADJUSTING EVENT
FINANCIAL STATEMENTS MUST BE ADJUSTED IF MANAGEMENT REFUSE THE AUDIT REPORT WILL BE QUALIFIED.
NO REQUIREMENT TO ADJUST THE FINANCIAL STATEMENTS EVENT MUST BE DISCLOSED - IF MANAGEMENT REFUSE THEN QUALIFY THE AUDIT REPORT FOR DISAGREEMENT
Chapter 22
Management representations
The auditor may ask management to confirm in writing certain issues which arose during the audit. There are specific and non-specific items to be included in the management representation letter. Specific items: those required by ISAs Non-specific items: items relevant to that particular audit. Ex. No evidence was available on specific elements of the FS.
Chapter 23
Audit reports
ISA 700 sets out the elements /contents of an audit report. They are: Title Identifies the report as an Independent Auditors Report Addressee The shareholders i.e. for whom the report is produced. Introductory Paragraph Sets out which pages in the report have been subject to audit and which have not. Statement of responsibilities of management Management have prepared financial statements in accordance with GAAP and representing a true and fair view. Application of accounting policies and estimates as well as responsibilities for systems and controls. Statement of responsibilities of auditor The audit was planned and assessed the risk of material misstatement considering internal controls and obtaining sufficient appropriate evidence. That the auditor will express an opinion.
Audit reports
Scope Paragraph Standards under which the audit was conducted, the processes and the test basis as well as the appropriateness of policies and disclosures. Opinion Do the statements present a true and fair view? Are they prepared according to applicable GAAP and legislation? Auditors signature Auditor or firm is registered and authorised to conduct the audit. Date of the Report Signed after approved by directors on the same day. Auditors address le on specific elements of the FS.
Audit reports
If the auditor disagrees with some aspect of the financial statements or is unable to state that they provide a true and fair view, then a modified audit report will be issued.
There are two types of modified audit report: An unqualified audit report with an emphasis of matter paragraph A qualified audit report.
Emphasis of matter
If the auditor wishes to draw attention to a particular matter, but agrees with the financial statements an emphasis of matter paragraph will be included in the audit report.
The matter referred to will be fully disclosed in the accounts and the auditor is simply drawing the users attention to it. The paragraph will make it clear that the opinion is not qualified and will be given a separate heading after the opinion paragraph.
Qualified Reports
There are two reasons that an auditor may qualify an audit report:
Disagreement Limitation of scope
Disagreement
A qualified report for the reason of disagreement will be issued if the auditor disagrees with the application of accounting policies, the policies used, treatment of a particular item or the adequacy of disclosures. The disagreement can be such that it is either:
Material
A material disagreement will mean that the auditor agrees with the rest of the financial statements, but disagrees with that particular element of them. In this situation the auditor will qualify the audit with an except for paragraph i.e. In our opinion, except for the effect on the financial statements of the matter referred to in the preceding paragraph, the financial statements give a true and fair view,
Limitation of scope
If the auditor is unable to form an opinion, then the report will be qualified for limitation of scope. Limitation of scope will be due to being unable to obtain sufficient evidence which should have been available. A material limitation of scope will mean that the auditor agrees with the rest of the financial statements, but is unable to agree with that particular element of them. In this situation the auditor will qualify the audit with an except for paragraph i.e. In our opinion, except for the matter referred to in the preceding paragraph, the financial statements give a true and fair view,
Limitation of scope
A limitation of scope which is material and pervasive is of such significance that auditor is unable to state whether the financial statements give a true and fair view. In such a situation a disclaimer of opinion is issued i.e. the auditors do not express an opinion on the financial statements.