F8 Presentation

ACCA Paper F8
Audit and Assurance (INT)

December 2011 Exams
Syllabus
A Audit framework and regulation
B
C D E
Internal audit
Planning and risk assessment Internal control Audit evidence
F
G
Review
Reporting
Examiner and Exam Format

Question 1 Question 2 10 Question 3 Question 4 Question 5 Total Questions with short practical scenarios covering topics such as: internal audit, risk assessment, planning, controls, evidence, conclusions and reporting 20 20 20 100 Application of audit procedures to a scenario Short factual questions on ISAs and other knowledge-based areas 30
Chap 1
Definition of an audit
An audit is the independent examination of the financial statements of an entity by a duly appointed auditor. Once the examination is done, the auditor provides a report to the shareholders that the FS show a ture and fair view.
Objective of an audit
Auditor to state an opinion as to whether the FS:
Give a true and fair view Are prepared in accordance with applicable frameworks
Types of external audits

Statutory
Required by law to undertake an audit (all public and large companies)
Non-Statutory
No legal requirement to do so.
Reasons to undertake a nonstatutory audit

Providing assurance to the owners over financial results Making accounts more acceptable to tax authorities Making a sale of the business more easy Providing assurance to those providing finance to the business
Accountability, stewardship and agency.

Stewardship: someone is responsible of taking care of something on behalf of another person. Ex. directors. Accountability: people in positions of power can be held to account for their actions. Agency: where an agent acts on behalf of a principle to perform tasks for them.
Materiality
If the omission or misstatement of an item in the FS could influence the economic decision of users, that item is said to be material. Errors found by an auditor in the FS could be substantial, influencing the decision of the investors. Hence such an error is known as a material misstatement.
Types of assurance engagements:

The framework permits only 2 types of assurance engagement: reasonable assurance engagement) limited assurance engagement)
Reasonable assurance engagement

Auditor gathers sufficient evidence to conclude that the subject matter agrees in all material respects to the agreed criteria. The assurance given is in the form of positive assurance, meaning that in their opinion, the subject has been prepared in accordance with the criteria required.
Reasonable assurance engagements provide high level of assurance.
Reasonable assurance engagement

An example of a reasonable assurance engagement is an audit. Auditor gives his report in the form of positive assurance
The financial statements have been prepared in accordance with applicable legislation and standards
Limited assurance engagement

Auditor gathers sufficient appropriate audit evidence to be satisfied that the subject matter is probable in the circumstances.
Report given in the form of negative assurance

Nothing has come to our attention that causes us to believe that the financial statements are not prepared (in all material aspects) in accordance with an applicable financial reporting framework.
Limited assurance engagement

Limited assurance engagements provide moderate assurance. An example of a limited assurance engagement is a review. A review engagement is undertaken b an auditor using less evidence than required by an audit. The users of the review report will be those who have commissioned the review, example banks, and not the shareholders.
Chap 2
Regulatory environment
International Federation of Accountants:
Serves to strengthen the profession worldwide Serves the public interest, and Promote adherence to high quality standards.
International Auditing and Assurance Standards Board:

Subsidiary of the IFAC and sets International Standards on Auditing.
Duty of auditors
Form an opinion as to whether the FS provide a true and fair view, and prepared in accordance with applicable accounting standards.
Prepare and issue a report. It is the management of the company who has the responsibility of preparing the FS.
Benefits of statutory audits

Investors more able to rely on the information provided in the FS Management able to verify that the systems / controls in pace are effective Management are less likely to undertake fraudulent activities if they know that an audit is to take place Auditor will highlight any weaknesses in a management letter.
Appointment, resignation and removal

Appointment Member of a recognised supervisory board ex ACCA Allowed to act as an auditor by that board
Or
Directly authorised by the state

Appointment Resolution at each general meeting (reappointment not automatic). Directors pre first GM and to fill casual vacancy.

Exclusions by law Those involved with the management off a company cannot audit it:
Directors Employees Business partners

Removal Special notice sent to auditor Auditors can make representations about why they should stay in office. If resolution passed, company must notify regulatory authority. Auditors must deposit statement of circumstances at companys office + sent to regulatory authority. Auditors can receive notice and speak at GM where their term of office would have expired.
chap3
Corporate Governance
Corporate governance system by which companies are directed and controlled. Corporate governance - concerned with matters such as directors responsibilities, board of directors, audit committee and relationship with external auditors. The focal point of corporate governance is to ensure that companies are run in the interests of their shareholders and the wider community.
OECD: Principles of Corporate Governance

Ensuring the basis for an effective corporate governance framework making sure everyone involved is aware of their individual responsibilities so no party is in doubt as to what they are accountable for. The rights of shareholders management should recognise that they are agents of the shareholders and act in their interests. The equitable treatment of shareholders
All shareholders should be treated fairly and in a just manner.
The rights of stakeholders The corporate governance framework encourage active cooperation between the entities and stakeholders in creating wealth, jobs and the sustainability of financially sound entities.
OECD: Principles of Corporate Governance

Disclosure and transparency The corporate governance framework should ensure that timely and accurate disclosure is made on all material matters regarding the entity, including the financial situation, performance, ownership and governance of the entity. Responsibility of the board The corporate governance framework should ensure the strategic guidance of the entity, the effective monitoring of management by the board, and the boards accountability to the entity and its shareholders.
Combined Code of Corporate Governance

The Board Should meet regularly Rigorous/transparent nomination process Directors to submit for re-election Roles of chairman and CEO to be separate Board should establish a sound system of internal control Audit committee should be established Consider the need for internal audit
Corporate governance in action

Segregation of roles
Chairman of the board and CEO must be different people.
Chairman:
Ensures full information and discussion at board meetings Runs the board of directors
CEO:
Ensures the operational functioning of the company
One person might end up having too much power and decisions might be taken which are not in the best interest of the shareholders.

Audit committees - structure
At least one member should have relevant financial expertise. At lest 2 NEDs for smaller companies, and 3 for larger ones.
Listed companies should have and audit committee with at least 3 NEDs

Audit committees - role
To improve the quality of financial reporting and increase the confidence of the public in the FS Assist directors in meeting their responsibilities in respect of financial reporting. Provide a channel to external auditors to report concerns or issues. Review the companys internal control systems Strengthen the position of internal audit by providing greater independence from management.

Audit committees - advantages
Provides the internal audit function with an independent reporting mechanism. Without this management may be tempted to hide unfavourable reports. leaves top management free to manage by providing expertise on financial reporting Ensures that corporate governance requirements are brought to attention of the board Ensure that proper internal control systems are maintained. Communication between directors, external audit and management is facilitated.

Audit committees - disadvantages
Finding NEDs with the necessary expertise may be difficult Additional costs will be involved
Chap 4
PROFESSIONAL ETHICS AND ACCAS CODE OF CONDUCT
ACCA sets out a code of ethics for members and disciplinary action is taken against those who fail to uphold them.

The fundamental principles are the following: Integrity
Members should be straightforward and honest in all business and professional relationships
Members should not allow bias, conflicts of interest or undue influence of others to override professional or business judgements. duty to maintain professional knowledge and skill at a level required to ensure that a client or employer receives competent professional service
Objectivity
Professional competence and due care

Confidentiality
respect the confidentiality of information acquired as a result of professional and business relationships and should not disclose any such information to third parties without proper or specific authority or unless there is a legal or professional right or duty to disclose
Professional behaviour
Members should comply with relevant laws and regulations and should avoid any action that discredits the profession.
Threats to objectivity
Five potential threats are identified in the ACCAs code of ethics. Safeguards are suggested in order to counter each of the threats.
1. Self interest - when the auditor has either a financial or personal interest in the client. Examples:
Dependence on client
If a client makes up too high a percentage of an auditors income, they may be afraid of losing the income.
Safeguard If a Listed company makes up more than 10% of a firms income, they should not audit that client. (15% for non listed companies)
1. Self interest
Examples:
Lowballing
Lowballing is setting a very low fee either to attract new clients or ensure further work. Safeguard Auditors should not set fees in this way, the fee must be based on a pre-determined level of work required.
1. Self interest
Examples:
Loans, Guarantees and overdue fees
If an auditor fears he may not get such items paid back his objectivity may be threatened. In this case significant overdue fees constitute a loan.
Safeguard Do not offer loans, guarantees or allow fees to go unpaid for a significant time.
1. Self interest
Other Examples:
Hospitality and Benefits Contingent Fees Financial or Business interest Financial interest such as shares etc.
2. Self review threat - if an auditor provides other services to a client such as Tax advice, then the auditor will be reviewing their own work during the course of the audit. Examples:
Accounting Services If an auditor prepares the accounts it is 100% sure that they will be reviewing their own work. They may be tempted to hide errors to save face. Safeguard - Auditor must not undertake accounting services for a client is they are a LISTED company.
2. Self review threat
Examples:
IT If the auditor advises on or installs accounting software for a client this will have to be reviewed during the audit. Safeguard - If the IT system is important to a significant part of the accounting system, the auditor should not design, provide or implement it.
Examples:
Valuation Services A valuation made by the auditor could have a material effect on the financial statements. Safeguard If valuation requires a degree of judgement and have a material effect on the financial statements, then the auditor should not undertake to provide it.
Examples:
Valuation Services A valuation made by the auditor could have a material effect on the financial statements. Safeguard If valuation requires a degree of judgement and have a material effect on the financial statements, then the auditor should not undertake to provide it.
Other Examples:
Tax Services Corporate Financial Services Internal Audit Services Former Employee of Client joining Audit Firm
3. Familiarity threat - If the auditor is too familiar with the client, then this may give rise to a familiarity threat. Examples:
Participation in Client Affairs The auditor may be too familiar with the client and be unwilling to upset them. Safeguard Auditor cannot be a director, employee or business partner of client. Cannot be part of team if have been one of these in the last 2 years.
3. Familiarity threat
Examples:
Family/Personal Relationship An auditor may be unwilling to criticise or upset a family member if they work for the client. Safeguard No member of the audit team may have a family member or close personal relation in the client firm.
3. Familiarity threat
Examples:
Audit Partners joining client If a partner joins the client firm this may affect the judgement of the auditors involved. Safeguard All links to audit firm severed. Removed from audit team as soon as appointment made. If made director or key management and has worked for auditor in previous two years the audit firm must resign. (Can be reappointed after 2 yr period is up).
3. Familiarity threat Examples:
Acting as Auditor for prolonged period If a partner has acted as auditor for a client for too long a period, they may become complacent or over familiar with them. Safeguard - If client is listed company engagement partners should act for maximum of 5 yrs with 5 yr break in between rotations.
A Key audit partner must have a break of 2 yrs after a period of 7 yrs and senior staff on listed audits should also not act for more than 7 yrs. For non-listed clients it is advised that partners act for no longer than 10 years.
4. Advocacy threat - Advocacy threat is where an auditor represents the client or is involved in representing them. Examples:
Legal Services If an auditor provides legal services, they may be perceived to take the same view as the client and therefore lose independence. Safeguard No legal services to be offered to client or defence in dispute material to the financial statements.
4. Advocacy
Examples:
Corporate Financial Services
May be seen to be less than independent if advising on such matters

Safeguard Dont negotiate on clients behalf with the bank or advise on debt restructuring
5. Intimidation threat
Intimidation threat is simply what it says, i.e. that the auditor feels unable to give an independent opinion for fear of losing the client or upsetting someone. The safeguards will be the same as those outlined above.
Dealing with Threats

The way in which an audit firm should deal with potential threats to independence is to have in place procedures to: Identify any potential threats Evaluate what level of risk they pose Check that necessary safeguards are in place Correct any problems if necessary.
Confidentiality
Information should only be disclosed by auditors: If the client has given their consent Under a legal obligation e.g. money laundering, terrorism, drug trafficking If required by regulatory body e.g. FSA Under a court order If in the public interest e.g. environmental pollution.
Engagement letters
Define auditors responsibilities Written evidence of auditors acceptance Send to board of directors/or audit committee prior first audit Identify any reports to be produced in addition to audit report Update for changes
Engagement letters
Contents:
Objective of audit Management responsibilities Applicable reporting framework Test nature inherent responsibilities Unrestricted access to records Confidentiality of reports Planning Fees Role of Internal audit
Chap 5
Internal audit
A department within the company which oversees internal control systems and ensures that procedures are in place to ensure good corporate governance.
Internal audit
Provides assurance to the board by:
Reporting on and monitoring the effectiveness of internal controls. Assisting with implementation of required accounting standards. Ensuring that laid down procedures are being followed. Liaising with external auditor to reduce time and expense of external audit. Ensures compliance with OECD Principles.
Internal audit
One of the key concepts surrounding internal audit is the independence of internal audit from management. Ways to keep internal audit independent are to: Have them report to an independent committee i.e. the Audit Committee. Ensure that the internal audit function is well regarded by other departments. Have a whistle blowing function for internal audit to report serious misconduct when found.
Outsourcing of Internal audit

Advantages
The provider will have specialist staff. Cost of employing and training full time staff is avoided. Outsourcing provides an immediate internal audit department. The time scale is flexible with the contract for the appropriate time. Independence may be improved. Audit methodology and technologies will be up to date.
Disadvantages
If Internal and External audit are provided by the same firm (prohibited under ethics rules in UK) then there may be a conflict of interest. Independence may not be ensured by outsourcing due to threat of management not renewing the contract. The cost of outsourcing may be so high as to encourage the firm not to have an internal audit function at all. Lack of understanding of firms culture, objectives and attitudes. The standard of service provided cannot be controlled. Blurring of the distinction between internal and external audit function.
Types of Internal audit assignments

Value for Money
Value for money can be broken down into 3 sectors:

Economy: Are goals achieved at a minimum cost (still paying attention to quality)? Efficiency: Are resources being used to maximise output? Effectiveness: Are objectives being achieved?
These three areas can be thought of as Input Process Output.
Inputs Economy As cheap as possible given quality Process Efficiency Perform the process as efficiently as possible Outputs Effectiveness These match objectives set
Chap 6
ISA 200 Overall Objective of the Independent Auditor

To obtain reasonable assurance, the auditor shall obtain sufficient appropriate audit evidence to reduce audit risk to an acceptably low level. Audit risk = the risk that the auditor expresses an inappropriate audit opinion.
ISA 200 Overall Objective of the Independent Auditor
In order for the auditor to reduce audit risk he identifies the areas which are more likely to be risky, and then he plans the audit testing accordingly.
The need to plan

- required by ISA 300 to plan the audit so that the engagement will be performed in an effective manner. - planning will make the audit address salient issues and hence less time is wasted. - ensuring the correct audit team is in place - the team is working efficiently
ISA 300 Audit planning

The audit plan involves a number of activities:
Risk Assessment - the identification of risk will determine the entire audit process Audit Strategy - The audit strategy sets out the scope, timing and direction of the audit.

The scope of the audit will be determined by the reporting framework applied as well as any industry specific requirements The timing of the audit will set out any deadlines applicable and the dates of the interim and final audit visits.
The direction of the audit will be determined by the identification of high risk areas and materiality.

Prevention and detection of fraud is the responsibility of management. The risk of fraud is important to the auditor because it may lead to a material misstatement. This will impact the audit strategy in the following ways: Testing may be focused on the areas in which fraud is suspected. The auditor may choose not to rely on the representations of management if they are suspected of involvement in fraud. Materiality may be reduced. Evidence provided by the client may not be relied upon. The auditor may have to generate more 3rd party evidence.
Knowledge of the business - KOB

Auditors are required to obtain an understanding of their clients, their business and their internal controls. The purpose is to identify the risks that the business is exposed to and how these could lead to a risk of material misstatement in the financial statements.
Knowledge of the business - KOB

This generally includes: Industry and regulatory factors; Operations of the entity; Ownership and governance structures; Type of investments it makes; Accounting policies used by the entity; Entitys objectives;
Where to get the info from?

Information from the audit firm ex. partner; Information from external sources ex. newspaper; Information from past audits; Information from the client ex. website;
Understanding the entity and its environment

We are required to: Make enquiries with management and others within the company; Analytical procedures; Observation and inspection.
Analytical procedures
Evaluation of financial information, used in: Planning stage of the audit; Testing stage of the audit; Review stage of the audit;
They incorporate the comparison of: Current and prior year figures; Current and budgeted/forecast figures; Client and industry averages.
At the planning stage analytical procedures are useful to gain an understanding of the clients performance over the last 12 months and to identify any changes.
Chap 7
ISA 320 Materiality

Information is material if its omission or misstatement could influence the economic decisions of users taken on the basis of the financial statements.
ISA 320 Materiality

Materiality is important to the auditor because if a material item is incorrect, the financial statements will not show a true and fair view.
ISA 320 Materiality

Establishing materiality: (1) 0.5-1% of turnover (2) 5-10% of profit before tax (3) 1-2% of total assets
Prevention and detection of fraud and error
ISA 240 recognises that misstatement in the financial statements can arise from fraud or error. The first one being intentional and the latter being unintentional.
Fraud
Fraud can be split into 2 types:
Fraudulent financial reporting

Misstating the accounts of the company
Misappropriation of assets
Theft of companys assets
The auditors responsibility

Obtaining reasonable assurance that the financial statements are free from material misstatement, either due to fraud or error; Communicate any identification of fraud to management;
The directors responsibility

Prevent and detect fraud; Implement an effective system of internal control;
Chapter 8
Risk assessment
Audit risk The risk that the auditor expresses an inappropriate opinion on the financial statements.
Risk assessment
Audit risk:
Inherent risk x control risk x detection risk
Inherent risk
This is the risk related to the nature of the activities of the company. Considered in the planning stages of the audit.
Inherent risk
Examples:
Consumables
Auditor might be concerned about items being expired
Clothing
Auditor might be concerned about items becoming out of fashion
Electronics
Auditor might be concerned about stock becoming obsolete
Control risk
Risk of material misstatement due to inadequate internal controls within the business
Control risk
Examples:
No segregation of duties No controls over assets No controls over IT Large number of signatories
Detection risk
The work carried out by the auditor does not uncover a material misstatement that exists This may be due to sampling and nonsampling risk
Detection risk
Sampling risk The risk that the conclusion reached because of a sample being taken would differ from the conclusion given had the whole population been tested. i.e. the sample taken was not correct!!!
Detection risk
Non-sampling risk The risk that the conclusion reached by the auditor would be incorrect due to factors other than the sample being taken.
Example: Procedures used Interpretation of results
Affecting audit risk
Auditor cannot affect inherent risk or control risk as these are internal to the client.
Affecting audit risk
If the auditor assesses both the inherent risk and control risk as being high, he has to make sure that detection risk is low, so as to even out the other results.
Reducing detection risk
Increase amount of tests Increase sample
Chap 9
Internal Control Systems

Controls set up by the management of a company to carry out the business of the company in an orderly and efficient manner.

The purpose of internal controls is to help prevent fraud and errors which would make the accounting information incorrect.

strong controls by the entity =
auditor relies on info. produced
Components of an Internal Control System

1 - Control activities
Approval and Control of Documents (approval by senior management) Controls over IT (passwords etc) Reconciliations Arithmetical Accuracy Control Accounts Restricted access to physical assets Compare physical counts with accounting records Segregation of Duties

2 Risk assessment
Management should be undertaking regular risk assessments to ensure that all risks are identified and mitigated.

3 Information system
The auditor must obtain an understanding of the information system, including the related business processes, relevant to financial reporting. The auditor must decide what areas of the information system are relevant to the financial reporting of the entity and only concentrate on those systems.

4 Monitoring of controls
Controls may be monitored either by management or by the internal audit function if one exists. The auditor may be able to rely on some of the work of internal audit, but must first gain an understanding of how controls are monitored and how effective the monitoring is.

5 The control environment
The control environment refers to the framework around which the controls of the organisation operate. Management attitude will largely determine the nature of the control environment.
Controls over IT systems

(i) General controls
protect the system by restricting access through passwords, usernames etc. Other general controls will include back-up procedures, controls over changes to the system or software, controls to prevent access to sensitive data.
Controls over IT systems

(ii) Application controls
specific control procedures over the accounting applications that are built into the system. They will include checks to ensure the arithmetical accuracy of transactions as well as controls preventing the reversing of transactions
Chapter 10
Internal control and the audit

Tests of control test the systems in place by determining whether the controls over it are sufficient or not. If the control in place is strong, then the auditor is able to place reliance on the information generated by that particular system. Substantive procedures on the other hand are procedures to gain direct assurance over a figure in the financial statements
Internal control fraud and error
If the auditor decides that the internal controls are strong, this may mean that they may not have to gain less evidence from other sources.
Chapter 11
Specific internal controls - Revenue

Taking orders
CONTROL OBJECTIVE
Orders should be raised accurately. The customer should be credit worthy. Credit limits should not be exceeded. The company should be able to fulfil the order.
CONTROL PROCEDURE
All orders should be in writing from customer or confirmed with customer. All customers undergo credit checks.
Credit limits should be checked before accepting an order.

Inventory should be checked before issuing an order.

Dispatch of goods
CONTROL OBJECTIVE
All orders should be sent to the warehouse. The goods required should be in inventory. The correct goods should be sent to the correct customers.
CONTROL PROCEDURE
Order pads or computer generated orders should be sequentially numbered to ensure none go missing. Goods should be selected from inventory using the customers order. The order should be authorised and signed when goods selected. Match GDN with customer order. Customer signs GDN & returns to company. GDN recorded and filed with sequential numbers.

Raising invoice
CONTROL OBJECTIVE
An invoice should be raised for all deliveries. The invoice should be for the correct amount. Any credit notes should be valid and authorised.
CONTROL PROCEDURE
GDN sent to invoicing dept. Invoice raised to match and copy attached to GDN and filed sequentially.
Order agreed to GDN. GDN agreed to invoice.

Invoice agreed to price list. Above checked and signed by person in authority. All credit notes allocated and copy attached to invoice to which it relates. All credit notes authorised by line manager.

Recording of the sale
CONTROL OBJECTIVE CONTROL PROCEDURE
All sales should be recorded. The correct amount should be recorded for each sale. The sale should be recorded against the correct customer.
Review debtors ledger for credit balances where invoices may not have been recorded.
Reconcile the debtors ledger.

Check all entries to invoices Send out statements to all customers regularly.

Receipt of payment
All customers should pay the correct amount. All invoices should be paid.
Cash received agreed to invoice. Review aged listing and investigate old balances.
Chase up old outstanding amounts.

All receipts should be recorded. The correct amount should be recorded. Perform regular bank reconciliations Lodge cash and cheques to the bank regularly. Ensure that segregation of duties exists
The payment received should be allocated to the correct customer.

All money banked promptly.
Review customer statements. Retention of customer remittance details
Specific internal controls Purchases

Raise requisition and place order
The requisition should be for a valid business reason. The cost of the requisition should be reasonable. Items should only be requisitioned when required. Orders should be raised for all requisitions.
Line manager authorises all requisitions. All purchasing is centralised. Suppliers used are approved. Inventory levels checked before ordering. Sequentially pre-numbered requisition pads with order matched to requisition. Orders confirmed in writing. Check price is the same as price list being used.

Goods received
For all orders that are made, the goods are actually received.
The goods should be the correct goods as ordered. The quality of the goods should be acceptable. The quantity of goods received should be as ordered.
All goods received are delivered to one area which is secure.

Records are updated as soon as the goods arrive. Sequentially numbered purchase order matched to the GRN and checked correct. Inspect the goods received to ensure quality and quantities. Sign and authorise GRN

Receipt of invoice
Invoices should be received for all goods received. All invoices received are for valid purchases. All invoices have the correct items, quantities and prices. All invoices should be arithmetically correct.
When goods received a copy of the GRN (sequentially numbered) sent to invoicing dept. and matched to invoice. Items checked to invoice to ensure validity. Invoice checked, signed and authorised for payment.

Recording of the purchase
The correct amount should be recorded for all purchases. All purchases should be recorded. The transaction should be recorded in the correct supplier account.
All invoices checked and stamped. All invoices filed away should therefore be stamped. Suppliers statements should be reconciled regularly Reconcile purchase ledger control account.

Payment to supplier
CONTROL OBJECTIVE
All invoices should be paid. All invoices should be paid on time. All invoices should be paid only once. All invoices should be paid at the correct amount.
CONTROL PROCEDURE
All invoices stamped as paid when done. Ensure system in place to pay on time to retain credit limits and supplier goodwill. Ensure stamped invoice is not paid again by keeping separate once paid. Vouch payment amount to invoice amount. All invoices should be authorised before payment. All payments should be authorised.
All payments should be for valid business expense.
Specific internal controls - Payroll

Timesheets submitted
CONTROL OBJECTIVE
All of the sheets or cards should be received. All sheets or cards should be valid All of the hours submitted should have been actually worked.
CONTROL PROCEDURE
The number of sheets or cards should be counted to ensure the number matched the number of employees. Access to additional sheets or cards should be restricted. All sheets and cards should be authorised by line managers.

Inputting of information
All information should be input with none missed or omitted.

Information should be input accurately.
Totals should be checked.

Sheets should be signed once input. No duplicate employees should be possible on the system.
No information should be included twice.

No bogus employees should exist.
Passwords and usernames should restrict access to data.

New employees should only be set up on the computer by a senior manager. Segregation of duties should exist.

Standing data / date kept for long term inputted
Managers should authorise and promptly inform the payroll dept of leavers and joiners. Regular checks of standing data should be undertaken by senior management. Forms should be signed to verify leavers/joiners are recorded on the system. Changes should be authorised by senior member of staff.
Payments to leavers should cease once they have left.

The data on the system should be accurate.

Processing and recording of payroll
The payroll calculations should be correct. The correct wages, PAYE & NICs should be recorded on the system.
A sample printed out and checked manually.

System produces report automatically for over/under payments. Print out signed by clerk to confirm accuracy. Senior management review to ensure reasonable.

Payment made to staff
All staff should receive payment. No bogus employees should be paid. The correct amount should be paid to staff.
If cash wages are paid ensure that two people are present when payment is made.
BACS summary should be reviewed by manager and authorised prior to payment.

List of BACS payments should be reviewed to verify all payments made.
Specific internal controls Inventory

Goods arrive into inventory
All goods should be protected from theft on arrival.

New deliveries should be kept separate from returns. Goods received should be of suitable quality. Inventory should be recorded. Only inventory ordered should be accepted.
Locations kept secure with access restricted.

Separate areas for new deliveries and returns. Goods checked for quality on arrival.
Purchases cycle controls should be in place. (see above)

Inventory stored until needed
Inventory should be stored safely and securely to ensure good condition. Oldest inventory should be used first to prevent obsolescence.
Ensure that storage area is weather proof, has fire protection and is at the correct temperature. Ensure inventory system is based on FIFO. Access to stores should be restricted.
Inventory should be protected from theft.
Warehouse should have a single secured exit.

Materials leave stores to go to production
The correct amount of inventory should be sent to the production centre. The correct type of materials should be sent.
The production manager should authorise all requisitions from stores. Requisition orders should be checked to goods sent out. Standard quantities of materials could be used.

Finished goods sent to customers
The correct goods should be sent. Quality should be maintained.
The same procedures as the sales cycle apply here.
Records should be updated promptly and accurately.

Inventory is counted
The count should be accurate.
Counted areas marked to prevent double counting. Managers check accuracy by spot counts. Counting done in pairs. Employees dont count areas they are responsible for.
Count sheets sequentially numbered.

Controls over inventory arrivals during the count.
Specific internal controls - Cash

Cash amounts should be safeguarded
Cash should be locked in safe. Access to cash restricted. Security movements for large amounts.
Perform surprise cash count. Ensure only authorised staff have access to cash. Check sequential numbering of cash receipts. Check mail is opened by two members of staff to reduce the chance of fraud.
Banking times/routes varied.

Cash held at premises is kept to a minimum
Cash should be banked regularly. Cash balances in tills should be emptied regularly
Check all cash lodged intact to bank regularly. All lodgements are authorised. Examine bank reconciliations and ensure regularly performed.
Investigate old outstanding items.

Withdrawals authorised
Limited number of authorised signatories. Banking online should have restricted access. Cheques should not be signed in advance. Cheque books should be kept under lock and key.
Cheque book should be reviewed to ensure no cheques are missing and no cheques are signed in advance. Verify that cash payments are arithmetically correct. Direct debits should be consistent and authorised.
Petty cash balances should be counted and checks made that controls are in place over petty cash.
Chapter 12
Reporting control weaknesses

If management are interested, the auditor can also offer to provide what is called a MANAGEMENT LETTER whereby weaknesses in the controls of the company are highlighted.

The weaknesses highlighted in this letter are those found during the audit testing and not necessarily all the weaknesses in the controls of the company.

It should be highlighted that:
The list only includes weaknesses that came to light during the audit The report is for the sole use of the company No disclosure should be made to 3rd parties without prior notification to the auditor No responsibility is assumed to other parties.

the structure of the report will be as follows: (i) WEAKNESSES (ii) CONSEQUENCE (iii) RECOMMENDATION
Chapter 13
Audit evidence
ISA 500 mentions that different assertions apply to different figures in the financial statements. These different figures include: Transactions and events Account balance Presentation and disclosure
Transactions and events

Mainly, figures relating to transactions and events relate to entries which are reflected in the statement of comprehensive income / income statement.
Account balance
Items found in the balance sheet
Presentation and Disclosure

The notes to the accounts, which incorporate how the financial statements have been presented and items disclosed.
Transactions and events

COMPLETENESS: all transactions that should have been recorded,
have been recorded.
OCCURRENCE:
transactions which have been recorded, have occurred and pertain to the company.
CUT-OFF: transactions have been accounted for in the proper accounting

period
CLASSIFICATION: transactions have been recorded in the proper

accounts
ACCURACY:
transactions have been recorded appropriately
Account Balance
COMPLETENESS: all assets, liabilities and equity
that should have been recorded, have been recorded.
EXISTENCE: assets, liabilities and equity really exist RIGHTS AND OBLIGATIONS: the company has
a right over the asset and the obligation over the liability
VALUATION: assets, liabilities and equity are correctly

valued in the financial statements
Presentation and Disclosure

COMPLETENESS: all disclosures that should have
been disclosed, have been disclosed.
OCCURRENCE: disclosed events have been

recorded and pertain to the entity
CLASSIFICATION: disclosures are appropriately

presented and expressed.
ACCURACY: disclosures have been disclosed

appropriately
How to test these assertions.

INSPECTION OF RECORDS/TANGIBLE ASSETS invoices, contracts etc. OBSERVATION observation of events like mail opening, stocktake etc ENQUIRY asking management, accountant, staff. CONFIRMATION contacting third parties RECALCULATION example depreciation, accruals. RE-PERFORMANCE redo procedures like stock take, reconciliations ANALYTICAL PROCEDURES comparing the figures.
How to test these assertions

COMPLETENESS
Inspection of records Analytical review Recalculation confirmation

RIGHTS AND OBLIGATIONS
Inspection of records Confirmation

VALUATION AND ALLOCATION
Inspection of records Recalculation Confirmation

EXISTENCE
Inspection of assets Confirmation

OCCURANCE
Inspection of records Inspection of assets Enquiry

ACCURACY
Re performance Analytical review confirmation
Chapter 14
Audit evidence
ISA 500 states that.. The objective of the auditor is to design and perform audit procedures in such a way to enable the auditor to obtain sufficient appropriate audit evidence to be able to draw reasonable conclusions
Audit evidence
SUFFICIENT EVIDENCE
There must be ENOUGH evidence to support the auditors opinion. Determining whether evidence is sufficient depends on:
Risk of material misstatement Results of tests of controls Size of population being tested Size of sample selected Quality of evidence obtained
Audit evidence
APPROPRIATE EVIDENCE This is made up of:
Reliability of evidence Relevance of evidence
Reliability
Evidence is considered reliable when: It is obtained from independent sources Generated internally but subject to effective internal control Obtained directly by the auditor In documented form In original form
Relevance
To be relevant, audit evidence has to address the objective of the procedure.
Accounting estimates
Characteristics of accounting estimates: Confirmation of estimates is difficult Prone to inaccuracy No physical evidence Prone to management bias
Accounting estimates
The auditor must obtain an understanding of: Managements assessment of the estimates How the estimate is actually done
Not for profit organisations

Properties of a not for profit organisation: Lower risk activity is relatively simple Direct control by owners persons coming up with the idea of an NFP are the ones who have total control Simpler systems

Evidence implications: Same auditing rules apply
Quantity of evidence may be well less than for a larger organisation

It may be more efficient to carry out 100% testing ie no sampling

Problems: Management override
No segregation of duties
Less formal approach

Differences from privately owned entities NFPs:
Do not have profit maximisation as their main objective

Do not have external shareholders Will not distribute dividends

Problems auditing NFPs Weaker systems due to:
Lack of segregation of duties Use of volunteers Less formalised systems and controls
Income received by way of donation Assessing going concern may be difficult
Opening balances and comparative information

When taking on new clients, the auditor must ensure that: Opening balances are correct
Prior period closing balances have been brought forward correctly

Appropriate accounting policies been consistently used or changes appropriately disclosed.
Opening balances and comparative information

Audit procedures: Consult clients management
Reviewing documentation of prior period

Consulting previous auditor and reviewing his working papers Substantive testing if all the above are unsatisfactory
Chapter 15
Audit sampling
CONTROLS TESTING
LARGE SAMPLE TO BE SELECTED
SMALLER SAMPLE TO BE SELECTED
IMP: SUBSTANTIVE TESTING MUST BE ALWAYS CONDUCTED!!!
Audit sampling
Substantive procedures are carried out on samples of the transactions making up a figure in the financial statements.
The amount of substantive testing can be varied depending on the size of the sample being chosen.
Due to the auditor choosing a SAMPLE he cannot give ABSOLUTE ASSURANCE.
Ways to extract a sample

(i)Statistical sampling
(ii)Non-Statistical sampling
Statistical sampling
An approach to sampling that uses: Random selection of samples; and Probability theory to evaluate the results
Considerations when designing a sample

The purpose of the procedure Combination of procedures being performed Nature of evidence sought Possible misstatements
Types of samples
Random selection: use of random number tables Systematic selection: sampling interval used Monetary unit sample: selecting sample based on the value Haphazard selection: no structured technique but one avoids bias Block selection: involves selecting a block of items which are next to each other in the population.
Non-Statistical sampling
Judgement is used to select items to be tested. This usually leads to focusing on higher value items.
Chapter 16
Audit documentation
Imp things to note:
1. If the working papers do not exist, then the auditor will be unable to prove how and why the opinion expressed was arrived at. Working papers should provide evidence that a qualified practitioner could easily follow and report the same conclusions. Unclear working papers are USELESS.
2.
3.
Audit file structure

Planning stage:
1. 2. 3. 4. 5. 6. 7. Risk assessment. Materiality. Knowledge of the business. Use of any experts. Composition of the audit team. Timing. Reporting (does the client form part of a group of companies to which we must report?)

Testing:
1. 2. 3. 4. 5. 6. 7. Property plant and equipment Intangible assets Receivables Cash Payables Share capital Etc.work carried out on the specific sections which we ll be auditing. Each section will contain its lead schedule

Completion and review:
1. 2. 3. 4. 5. Final analytical review Documentation of issues found Subsequent events Specific topic questions etc
The lead schedule

Components of a lead schedule
1. 2. 3. Title: client name / year end / prepared by section / subject Prior year figures References
Chapter 17
Analytical Procedures
Used to highlight unusual figures in order to focus the audit on them or to establish that a trend has continued.
compulsory at the planning and final stage of the audit. Also an effective tool for gathering evidence throughout the audit.
Profitability Ratios
Gross margin (gross profit/sales)100 Net margin (net profit/sales)100 ROCE (profit before interest and tax / share capital + reserves + borrowings)
Liquidity Ratios
Receivables days (receivables/sales)365 Payables days (payables/purchases)365 Inventory days (inventory/cost of sales)365 Current ratio (current assets/current liabilities) Quick ratio (current assets inventory/current liabilities)
Whether or not to rely on analytical procedures:
Suitability not suitable for every assertion Reliability auditor may only rely on data generated from a system with strong controls Degree of precision some figures will not have a recognisable trend over time or be comparable Acceptable variation variations having an immaterial impact on the financial statements will not hold as much interest to the auditor as those that do
Chapter 18
Auditing specific items

Questions in the exam will focus on a scenario with the audit of specific items. For this section of the exam paper, the approach to such a question should focus on three things: What are the assertions for the item in the question. What procedures should be carried out to test the balance? Always relate these steps to the scenario in the question a list of procedures not relevant to the scenario will not get any marks!
Receivables
Payables
Tangible Non Current Assets
Non Current Liabilities
Bank and Cash
Inventory
Chapter 19
THE WORK OF OTHERS

ISA 600 deals with the use of the work of an expert by the auditor.
The auditor may not have the expertise to make judgements on all aspects of a clients business and may seek help in the form of an expert. Examples of this are specialist inventory, property valuation and complex work in progress.
If the auditor chooses to rely on the work of an expert, they must ensure that the expert is independent and sufficiently competent.
THE WORK OF OTHERS

The auditor will decide whether the expert is competent based on their qualifications and their experience.
If an expert in the inventory of the entity being audited is consulted on valuation of inventory, but works for a subsidiary of the entity then the auditor may consider them to be not sufficiently independent.
The auditor should make no reference to the use of the work of others in the audit report. It is the auditors opinion in the report and the work of others is simply one type of evidence that may be used, if sufficient and reliable, to come to that opinion.
THE WORK OF OTHERS

ISA 610 sets out the considerations the auditor must make before relying on work carried out by internal audit. The auditor should consider: Whether the internal audit staff are sufficiently independent to retain objectivity. The qualifications and technical competence of the internal audit staff. The professionalism of the staff and the standing of internal audit within the organisation. Are internal audit constrained in any way by management?
THE WORK OF OTHERS

If these considerations are fulfilled the auditor may assess the reliability of the work carried out by internal audit by ensuring: Internal audit working papers are well documented hand have been reviewed. Evidence gained by internal audit is sufficient and appropriate. Any conclusions drawn are reasonable and valid. Management have acted on recommendations made by internal audit.
Chapter 20
Computer assisted audit techniques
USING THE COMPUTER TO TEST OR ASSIST THE AUDITOR IN TESTING DURING THE AUDIT PROCEDURES
CAATS
EXAMPLES:
1. 2. 3. 4. 5. 6. To run client data to check for errors To extract samples Check calculations Produce reports Match transactions Create test data, input it in the clients system and compare the result to what was expected (auditing around the computer input vs output).
Chapter 21
Subsequent events and going concern

During the audit it is likely that the auditor will come across errors in the FS. The auditor should keep a record of these and report to management. The auditor will not be concerned with immaterial errors, however, individual immaterial errors could aggregate to amount to a material misstatements. Also, there might be material misstatements.

If management amend material errors, then the auditor will issue an unqualified report.
If management do not amend the errors then a qualified report will be issued.

Between the year end and the date of signing the audit report, the auditor has an active duty to search for all material events.

Between the date of signing the audit report and the date of issue (usually AGM date), this turns to a passive duty.

Subsequent events review
Review of post year end management accounts Review of post year end board minutes etc
Adjusting vs non-adjusting events

Adjusting events
Provide additional evidence relating to conditions existing at the balance sheet date.
Example: a debtor going bankrupt after year end.
Adjusting vs non-adjusting events

Non-adjusting events
Events taking place after balance sheet date but do not fall under the definition of adjusting events.
Example: fire destroying inventory after balance sheet date.
Subsequent events
A question on subsequent events will usually involve a scenario with events which you must decide are adjusting or non-adjusting events.
NO
IS THE EVENT MATERIAL?

YES
NO ACTION REQUIRED
DOES THE EVENT PROVIDE ADDITIONAL EVIDENCE OF CONDITIONS EXISTING AT THE YEAR END?
YES
NO
ADJUSTING EVENT
NON-ADJUSTING EVENT
FINANCIAL STATEMENTS MUST BE ADJUSTED IF MANAGEMENT REFUSE THE AUDIT REPORT WILL BE QUALIFIED.
NO REQUIREMENT TO ADJUST THE FINANCIAL STATEMENTS EVENT MUST BE DISCLOSED - IF MANAGEMENT REFUSE THEN QUALIFY THE AUDIT REPORT FOR DISAGREEMENT
Going concern review

Consider economic conditions of the industry in which the company is operating Contact providers of finance to the business to ensure they are happy to continue to do so. Assess managements intentions of the future. Review any budgets
Chapter 22
Management representations
The auditor may ask management to confirm in writing certain issues which arose during the audit. There are specific and non-specific items to be included in the management representation letter. Specific items: those required by ISAs Non-specific items: items relevant to that particular audit. Ex. No evidence was available on specific elements of the FS.
Chapter 23
Audit reports
ISA 700 sets out the elements /contents of an audit report. They are: Title Identifies the report as an Independent Auditors Report Addressee The shareholders i.e. for whom the report is produced. Introductory Paragraph Sets out which pages in the report have been subject to audit and which have not. Statement of responsibilities of management Management have prepared financial statements in accordance with GAAP and representing a true and fair view. Application of accounting policies and estimates as well as responsibilities for systems and controls. Statement of responsibilities of auditor The audit was planned and assessed the risk of material misstatement considering internal controls and obtaining sufficient appropriate evidence. That the auditor will express an opinion.
Audit reports
Scope Paragraph Standards under which the audit was conducted, the processes and the test basis as well as the appropriateness of policies and disclosures. Opinion Do the statements present a true and fair view? Are they prepared according to applicable GAAP and legislation? Auditors signature Auditor or firm is registered and authorised to conduct the audit. Date of the Report Signed after approved by directors on the same day. Auditors address le on specific elements of the FS.
Audit reports
If the auditor disagrees with some aspect of the financial statements or is unable to state that they provide a true and fair view, then a modified audit report will be issued.
There are two types of modified audit report: An unqualified audit report with an emphasis of matter paragraph A qualified audit report.
Emphasis of matter
If the auditor wishes to draw attention to a particular matter, but agrees with the financial statements an emphasis of matter paragraph will be included in the audit report.
The matter referred to will be fully disclosed in the accounts and the auditor is simply drawing the users attention to it. The paragraph will make it clear that the opinion is not qualified and will be given a separate heading after the opinion paragraph.
Qualified Reports
There are two reasons that an auditor may qualify an audit report:
Disagreement Limitation of scope
Disagreement
A qualified report for the reason of disagreement will be issued if the auditor disagrees with the application of accounting policies, the policies used, treatment of a particular item or the adequacy of disclosures. The disagreement can be such that it is either:
Material Material and pervasive
Material
A material disagreement will mean that the auditor agrees with the rest of the financial statements, but disagrees with that particular element of them. In this situation the auditor will qualify the audit with an except for paragraph i.e. In our opinion, except for the effect on the financial statements of the matter referred to in the preceding paragraph, the financial statements give a true and fair view,
Material and pervasive

A disagreement which is material and pervasive is of such significance that the financial statements do not give a true and fair view. In such a situation an adverse opinion is issued i.e. the financial statements do not give a true and fair view.
Limitation of scope
If the auditor is unable to form an opinion, then the report will be qualified for limitation of scope. Limitation of scope will be due to being unable to obtain sufficient evidence which should have been available. A material limitation of scope will mean that the auditor agrees with the rest of the financial statements, but is unable to agree with that particular element of them. In this situation the auditor will qualify the audit with an except for paragraph i.e. In our opinion, except for the matter referred to in the preceding paragraph, the financial statements give a true and fair view,
Limitation of scope
A limitation of scope which is material and pervasive is of such significance that auditor is unable to state whether the financial statements give a true and fair view. In such a situation a disclaimer of opinion is issued i.e. the auditors do not express an opinion on the financial statements.

F8 Presentation

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

F8 Presentation

Uploaded by

Copyright:

Available Formats

ACCA Paper F8

Audit and Assurance (INT)

Examiner and Exam Format

Types of external audits

Reasons to undertake a nonstatutory audit

Accountability, stewardship and agency.

Types of assurance engagements:

Reasonable assurance engagement

Reasonable assurance engagements provide high level of assurance.

Reasonable assurance engagement

Limited assurance engagement

Report given in the form of negative assurance

Limited assurance engagement

International Auditing and Assurance Standards Board:

Benefits of statutory audits

Appointment, resignation and removal

Directly authorised by the state

Appointment, resignation and removal

Appointment, resignation and removal

Appointment, resignation and removal

OECD: Principles of Corporate Governance

OECD: Principles of Corporate Governance

Combined Code of Corporate Governance

Corporate governance in action

Corporate governance in action

Corporate governance in action

Corporate governance in action

Corporate governance in action

PROFESSIONAL ETHICS AND ACCAS CODE OF CONDUCT

PROFESSIONAL ETHICS AND ACCAS CODE OF CONDUCT

Professional competence and due care

PROFESSIONAL ETHICS AND ACCAS CODE OF CONDUCT

May be seen to be less than independent if advising on such matters

Dealing with Threats

Outsourcing of Internal audit

Types of Internal audit assignments

Value for money can be broken down into 3 sectors:

These three areas can be thought of as Input Process Output.

ISA 200 Overall Objective of the Independent Auditor

ISA 200 Overall Objective of the Independent Auditor

The need to plan

ISA 300 Audit planning

ISA 300 Audit planning

ISA 300 Audit planning

Knowledge of the business - KOB

Knowledge of the business - KOB

Where to get the info from?

Understanding the entity and its environment

ISA 320 Materiality

ISA 320 Materiality

ISA 320 Materiality

Prevention and detection of fraud and error

Fraudulent financial reporting

The auditors responsibility

The directors responsibility

Inherent risk x control risk x detection risk

Affecting audit risk

Affecting audit risk

Reducing detection risk

Increase amount of tests Increase sample

Internal Control Systems

Internal Control Systems

Internal Control Systems