International Audit

PDF Certificate in International Auditing
course menu
Important Notes for PDF Download

PLEASE READ THIS FIRST
This pdf download document includes all you need to study

the Certificate of International Auditing course while not at
your computer.
However, you should note that some pages are not featured
in this printed pdf version. These are:
• answers to questions
• answers to exercises
• mock assessment
• tables of contents for each module
You will see that, because of this, sometimes the printed
document appears to ‘miss’ a page in the numbering on the
navigation menu.
These pages require your interaction and can only be seen

via the course online.
Thank you and enjoy the course.
© 2011 Association of Chartered Certified Accountants

Welcome Certificate in International Auditing
course menu page 1 of 4
Welcome to the course

The aim of this course is to give you an understanding of In order to expand on your knowledge from this course,
the requirements for the audit of financial statements in you may wish to take out an Auditing & Related Services
compliance with International Standards on Auditing Technical Subscription. This annual on-line subscription is
(ISAs). available from the IFAC website at www.ifac.org
The primary objectives of this course are: The course includes questions and interactive exercises
• to explain the role of the International Federation of which you should complete before moving on. Avoid
Accountants (IFAC) skimming the material in the hope that you will glean the
• to examine the basic principles and essential procedures appropriate points - you won’t, you must set aside time to
of ISAs on a standard-by-standard basis study the material fully.
• to provide guidance on how to apply ISAs in practice, with
the aid of illustrations and activities If you do need to get in touch with the course administrator
click here (NB. For your enquiry to be dealt with as quickly as
possible the subject line should read “Certificate in
International Auditing”).

Course navigation
To move from page to page, click the next and previous To access external web pages, all you need to do is click
buttons at the top and bottom of each page. the link that appears within the text of the page. Off-page
links always look and behave like this (this will launch the
Once in the course, all you need to do is click course menu at ACCA home page). Here are some tips for using external
the top of this page and select the module that you wish to pages:
study. • some external web pages are large, for example the IFAC
website at www.ifac.org; for ease of navigation maximize
To navigate directly to any page within the current module, your browser window using the maximize button (the
click centre button of the three at the top right of the window
module contents at the top of the page. frame)
• when you have finished with the external page use your
During exercises and activities you are invited to enter your browser’s close button (or File Close) to close the window;
answer and review the answers of others within the course the ACCA e-qualification course will remain open in
blog. another window for you to continue studying

Course contents and the learning process

You can work on this course whenever you like, 24 hours
a day, seven days a week.
You decide when you want or need to learn; you decide just
how long you will spend reviewing and revising a topic, and
you decide when you are ready to move on.
It should take you between 20 and 30 hours to complete, but

you can take as long as you wish to complete the course,
within the time limit of your course licence.
You can also download and print this course as an Acrobat

Reader document to use for study when you are not near a
PC. If you do not have Adobe® Acrobat® Reader installed on
your PC, click the ‘Get Adobe® Reader’ button:
To download the printable copy of this course (35mb) click the

file icon below:

International Standards on Auditing (ISAs)

This course covers the following ISAs:
200 Overall Objectives of the Independent Auditor and the
Conduct of an Audit in Accordance with International 500 Audit Evidence
Standards on Auditing 501 Audit Evidence - Specific Considerations for Selected
230 Audit Documentation items
240 The Auditor’s Responsibilities Relating to Fraud in an 505 External Confirmations
Audit of Financial Statements 510 Initial Audit Engagements - Opening Balances
265 Communicating Deficiencies in Internal Control to 520 Analytical Procedures
Those Charged with Governance and Management 530 Audit Sampling
300 Planning an Audit of Financial Statements
540 Auditing Accounting Estimates, Including Fair Value
315 Identifying and Assessing the Risks of Material Accounting Estimates and Related Disclosures
Misstatement Through Understanding the Entity and 550 Related Parties
Its Environment
570 Going Concern
320 Materiality in Planning and Performing an Audit
580 Written Representations
330 The Auditor’s Responses to Assessed Risks
610 Using the Work of Internal Auditors
402 Audit Considerations Relating to Entities Using a
Service Organisation 700 Forming an Opinion and Reporting on Financial
Statements
705 Modifications to the Opinion in the Independent
Auditor’s Report
706 Emphasis of Matter Paragraphs and Other Matter
Paragraphs in the Independent Auditor’s Report

Module 1: Auditing Standards Certificate in International Auditing
Module 1: What you will learn

In this module you will learn the following:
Standards on auditing
• the International Federation of Accountants (IFAC)
• the International Auditing and Assurance Standards Board
(IAASB)
• the framework of International Standards on Auditing
(ISAs)
• ISAs - what they represent and how they are set

Introduction
This module gives an overview of the standard setting The IAASB has recently completed its ‘Clarity Project’,
process and the role of International Standards on the objective of which has been to improve the
Auditing (ISAs). understandability of the ISAs, and to encourage
consistent application of them.
This update takes into account the changes that have taken
place since the last edition of this course was completed. In some cases the standards have undergone significant
changes and have been “revised” as well as “re-drafted”.
The new “Clarity” form standards will be effective for all audits
for periods beginning on or after 15 December 2009. These
materials reflect the content of the revised and redrafted ISAs.

Standards on auditing - IFAC - mission

IFAC - mission
In carrying out this mission, the IFAC:

“To serve the public interest, to continue to • provides leadership to the worldwide accountancy
strengthen the worldwide accounting profession profession in serving the public interest
• contributes to the efficient functioning of the international
and contribute to the development of strong
economy
international economies by establishing and • speaks out on public interest issues where the
promoting adherence to high-quality professional profession’s expertise is most relevant
standards, furthering the international convergence IFAC’s governing bodies, staff and volunteers are
of such standards and speaking out on public committed to the values of:
interest issues where the profession’s expertise is • integrity
• transparency
most relevant.” • expertise

Standards on auditing - IFAC - organisation

A non-profit, non-governmental, non-political
international organisation of 159 members and
associates from 124 countries representing more than 2.5
million accountants in public practice, industry and
commerce, the public sector, and education.
Through cooperation with member bodies and other
accountancy organizations, IFAC initiates, coordinates and
guides efforts to achieve international pronouncements for the
accountancy profession.
For further information on member bodies click on the

following link:
www.ifac.org/About/MemberBodies.tmpl

Standards on auditing - IFAC - membership

Membership is open to accountancy bodies recognized The Council:
by law or general consensus. ACCA was a founder • consists of one representative from each member body
member. • meets once a year
• decides constitutional questions
Members, who all subscribe to IFAC’s objectives and • elects members of the Board
support its work and the work of IASB, may be:
• full The Board:
• associate • is comprised of the President and 21 individuals from 18
• affiliate countries; the members are elected by council
• is responsible for setting policy and overseeing IFAC
The governance of IFAC rests with its Board and Council. operations, the implementation of programs, and the work
of IFAC technical committees and task forces
• board members have taken an oath of office to act with
integrity and in the public interest

Standards on auditing - IFAC - work program

Implementation
By standard-setting and technical committees, including:
IFAC
International International International International Professional Developing Compliance Transnational Small and Nominating
Auditing and Ethics Accounting Public Accountants Nations Advisory Auditors Medium Committee
Assurance Standards Education Sector in Business Committee Panel Committee Practices
Standards Board for Standards Acounting Committee (TAC) Committee
Board Accountants Board Standards
(IAASB) (IESBA) (IAESB) Board
(IPSAB)


IFAC has several standards setting boards, including: Ethics (IESBA): Aims to
• establish high quality ethical standards and other
International Auditing and Assurance Standards Board pronouncements for professional accountants that will
(IAASB): protect the public interest and strengthen public
• The IAASB serves the public interest by setting confidence in the accounting profession
independently and under its own authority, high quality • promote good ethical practices to IFAC member bodies
International Standards on Auditing and assurance and to the public at large
standards, and by facilitating the convergence of national • foster international debate on ethical issues faced by
and international auditing and assurance standards professional accountants
Education (IAESB): Aims to
• develop international education standards
• develop other guidance to assist member bodies and
accounting educators implement and achieve best
practice in accounting education


Terms of reference (continued): Compliance advisory panel:
• to review the national introduction of international
Public sector accounting (IPSASB): guidance - how it is monitored and the disciplinary
• to develop high quality financial reporting standards for procedures used by members to ensure compliance with it
use by public sector entities around the world
Transnational audit (TAC):
Professional Accountants in Business (PAIB) • this executive committee of the Forum of Firms (FoF) is
committee: open to all firms performing transnational audits
• to offer guidance in addressing a wide range of • members are expected to conform to FoF Quality
professional issues Standards and subject themselves to global peer review
• to encourage and support high quality performance by
professional accountants in business TAC’s objectives:
• to strive to build public awareness and understanding of • to oversee a global peer review process
the work they provide • to supervise the development of additional guidance
regarding transnational audit work that may not currently
Developing Nations Committee be available
• to support the development of the accounting profession
in developing nations by aiding their participation in the Small and Medium Practices (SMPs) Committee:
international standard-setting process • provides resources and facilitates the exchange of
• to ensure that other IFAC boards and committees give knowledge and best practices among SMPs and other
due consideration to issues relevant to the profession in accountants who serve small and medium entities (SMEs)
developing nations.
Nominating Committee:
• makes recommendations regarding the composition of
IFAC boards and committees


Increasing Investor Confidence The following three structures were created:
In recent years IFAC has implemented a series of reforms 1. PIOB – the Public Interest Oversight Board was
to increase confidence in the quality of its standards and established in February 2005, comprising 10 members
practices in auditing and assurance. appointed by regulators, to oversee IFAC’s audit and
assurance, ethics and education standard-setting activities. It
The reforms provide the following: also oversees IFAC’s Member Body Compliance Program;
• more transparent standard setting processes this is designed to encourage member bodies to adopt
• greater public and regulatory input into the processes international standards and to implement quality assurance
• regulatory monitoring and discipline programs in the areas of ethics (including
• public interest oversight independence), quality control, auditing and assurance.
2. MG – The Monitoring Group, comprising international
regulators and related organisations will update the PIOB
regarding significant events in the regulatory environment. It
is also the vehicle for dialogue between regulators and the
international accounting profession.
3. IRLG – The IFAC Regulatory Leadership Group,
includes the IFAC President, Deputy President, Chief
Executive, the Chairs of the IAASB, the Transnational
Auditors Committee, The Forum of Firms, and up to four other
members designated by the IFAC Board. The IRLG works
with the MG and addresses issues related to the regulation of
the profession.

Standards on auditing - IAASB - mission and operating procedures
Subcommittee selects subjects for detailed study
“To serve the public interest by setting high quality Subcommittee studies background information
auditing and assurance standards and by
Subcommittee issues an exposure draft
facilitating the convergence of international
for consideration by IAASB
standards, thereby enhancing the quality and
uniformity of practice throughout the world and If approved, ED is widely distributed for
strengthening public confidence in the global comment by member bodies
auditing and assurance profession.” Comments received are considered by IAASB
(and a revised ED issued if appropiate)

Standards on auditing - IAASB - scope and authority of documents issued

International Standards on Auditing (ISAs) International Auditing Practice Statements (IAPSs)
• to be applied in the audit of historical financial statements • provide practical assistance to auditors in implementing
• The Clarified ISAs are structured as follows: standards or to promote good practice
a. introduction including scope and effective date, •
b. objective,
c. definitions,
d. requirements,
e. application and other explanatory material (including
appendices)
• departure must be justified
• need only be applied to material matters
• do not override local regulations governing the audit in a
particular country
• if regulations differ or conflict, member bodies should
comply with obligations of membership (e.g. to work
towards implementation)

Standards on auditing - Framework - financial reporting framework

Financial statements are usually prepared and presented
annually and are directed toward the common
information needs of a wide range of users (i.e. “general
purpose financial statements”). Many users rely on financial
statements as their major source of information because they
do not have the power to obtain additional information to meet
their specific needs.
Financial statements need to be prepared in accordance

with one, or a combination of:
• International Financial Reporting Standards (IFRSs)
• National Financial Reporting Standards
• any other authoritative and comprehensive financial
reporting framework which has been designed for use in
financial reporting and is identified in the financial
statements, e.g. Companies Acts

Standards on auditing - framework - audit
“Level of assurance - concerns the degree of

satisfaction achieved that an assertion (e.g. a
financial statement assertion) being made by one
party (e.g. management) for use by another (e.g.
shareholders) is reliable.”
In an audit engagement, the auditor provides a high, but

not absolute, level of assurance that the information
subject to audit is free of material misstatement. This is
expressed positively in the audit report as “reasonable
assurance”.
In forming the audit opinion, the auditor obtains sufficient

appropriate audit evidence to be able to draw conclusions on
which to base that opinion.

Standards on auditing - framework - related services

These comprise:
• reviews
• agreed-upon procedures
• compilations
The Framework does not apply to other services provided

by auditors such as taxation, consultancy, and financial and
accounting advice.
Whereas reviews provide a moderate level of assurance

(expressed in the form of negative assurance), agreed-upon
procedures and compilation engagements are not intended to
express assurance.
Where no assurance is expressed, users have to assess

the procedures and findings reported and draw their own International Standard on Assurance Engagements
conclusions. (ISAEs) and International Standard on Review
Engagements (ISREs) are not covered by this course.

Standards on auditing - codification - ISAs

The codification of International Standards on Auditing Standards of fieldwork
(International Auditing Practice Statements) groups ISAs 1. Work should be adequately planned and supervised.
by subject matter as follows: 2. Internal control should be sufficiently understood to plan the
• 200 – 299 general principles and responsibilities nature, timing and extent of audit tests.
• 300 - 499 risk assessment and response to assessed 3. Sufficient competent evidential matter should be obtained.
risks
• 500 – 599 audit evidence Standards of reporting
• 600 – 699 using the work of others 1. The report is to state whether the financial statements are
• 700 – 799 audit conclusions and reporting presented in accordance with generally accepted
• 800 – 899 specialized areas* accounting principles (GAAP).
• 1000 – 1100 international auditing practice statements* 2. Identify inconsistencies in relation to the preceding period.
3. Unless otherwise stated financial statement disclosures are
*fall outside the scope of this course to be regarded as reasonably adequate.
4. The report shall:
• express opinion on the financial statements as a
whole; or
• assert, with reasons, that an opinion cannot be
expressed

What you have learned - standards on auditing

Having reviewed each of the topics above, you should
now be able to:
• describe the framework of International Standards on
Auditing (ISAs)
• outline ISAs - what they represent and how they are set

Frequently asked questions

Should all auditors perform their work in accordance with Currently, the answer to this is no. Audits are governed by
ISAs? local legislation and auditors should follow whichever
standards are required by law in their jurisdiction. In some
To reveal our answer click below: countries this may be the ISAs, in others, such as the UK, this
is currently the ISAs with certain additions and amendments,
but others, such as the USA, have their own local standards.
The IAASB involve local standard setters from around the

world in their discussions and the development of new
standards, which helps ensure greater acceptance of ISAs
and also means that changes in ISAs are often followed in
revision to local standards, meaning that there has been a
great deal of progress towards the harmonisation of auditing
standards in recent years.

Module review
There are two matters which you should appreciate at It is stated in the auditor’s report:
this stage: “These financial statements are the responsibility of the
company’s management. Our responsibility is to express an
An audit of financial statements is a specific example of opinion on these financial statements based on our audit.
an assurance service provided by a professional
accountant. Although the remainder of this course is devoted We conducted our audit in accordance with international
to specific international standards on auditing, many of the standards on auditing.”
basic principles and essential procedures can be applied to
other assurance and review engagements. This continues:
Although the auditor’s responsibilities to consider fraud
“Those standards require that we plan .... the audit ....”
in the audit of financial statements has been described in
Planning is the subject of the next module.
some detail, the primary responsibilities for the
prevention and detection of fraud lies with management.
The requirements which are described throughout the
remainder of this course are concerned with how the auditor
detects and reports on misstatement in the financial
statements however caused.

Module 1 quick quiz

Click next to continue

Module 1 quick quiz Certificate in International Auditing
course menu question 1 of 3
Question 1
The revised preface to “international standards on quality control, auditing, review and other related services” describes the scope
and authority of documents issued by the International Auditing and Assurance Standards Board.
The primary purpose of international standards on auditing is to:
A Prescribe the objectives and requirements

to be applied in the audit of financial
statements
B Establish a code of rules to cater for all
situations and circumstances which the
auditor might encounter
C Prescribe accounting requirements for
application in the presentation of financial
statements
D Provide practical assistance to auditors
and promote good practice

Question 2
Which of the following is not a standard setting board of IFAC?
A International Auditing and Assurance

Standards Board
B International Accounting Education
Standards Board
C International Accounting Standards Board
D International Ethics Standards Board for
Accountants

Question 3
Which of the following statements is not true of International Standards on Auditing?
A They are to be applied in the audit of

financial statements
B They contain objectives and requirements
and related guidance
C Departure from them must be justified
D They may override local regulations
governing the audit in a particular country

Module 2: Overall objectives Certificate in International Auditing

Overall objectives - ISA 200

• overall objectives of an audit of financial statements
• general principles governing auditors and their work
• the nature and scope of an audit

Introduction
This module is key to your understanding of what is required
of auditors under the ISAs. ISA 200 establishes the overall
objective and conduct of an audit and acts as an underpinning
for all of the other standards.
You will find that all of the concepts introduced in this module
are revisited in greater depth as you study the other more
detailed standards, each of which sets requirements for a
particular stage of the audit or for a particular procedure.

Overall objectives - ISA 200

Audit
The overall objectives of the auditor are to obtain

ISA 200: reasonable assurance about whether the financial statements
“Overall objectives of the independent auditor and as a whole are free from material misstatement, whether due
to fraud or error thereby enabling the auditor to express an
the conduct of an audit in accordance with opinion on whether the financial statements are prepared, in
international standards on auditing.” all material respects, in accordance with an applicable
financial reporting framework. The auditor must also report on
the financial statements and communicate in accordance with
To explain the purpose and scope of an audit of financial the auditor’s findings.
statements and the general principles governing the
auditor and the conduct of the audit.

Overall objectives - opinion

An auditor’s opinion enhances the credibility of financial The following is an extract from a typical auditor’s report:
statements, but the user cannot assume that it is an
assurance of future viability nor the efficiency or effectiveness We have audited the accompanying financial statements of ABC Company,
which comprise the balance sheet as at December 31, 20X1, and the
of management. income statement, statement of changes in equity and cash flow statement
for the year then ended, and a summary of significant accounting policies
and other explanatory information.
Responsibilities Management’s responsibility for the financial statements

Management is responsible for the preparation and fair presentation of
these financial statements in accordance with International Financial
Reporting Standards, and for such internal control as management
determines is necessary to enable the preparation of financial statements
that are free from material misstatement, whether due to fraud or error.
Auditor’s responsibility
Compliance with auditing standards Our responsibility is to express an opinion on these financial statements
based on our audit. We conducted our audit in accordance with International
Standards on Auditing. Those standards require that we comply with ethical
requirements and plan and perform the audit to obtain reasonable
assurance whether the financial statements are free from material
misstatement.

Overall objectives - opinion

Nature of audit examination An audit involves performing procedures to obtain audit evidence
“scope paragraph” about the amounts and disclosures in the financial statements. The
procedures selected depend on the auditor’s judgement, including the
assessment of the risks of material misstatement of the financial statements,
whether due to fraud or error. In making those risk assessments, the auditor
considers internal control relevant to the
entity’s preparation and fair presentation of the financial statements
in order to design audit procedures that are appropriate in the
circumstances, but not for the purpose of expressing an opinion on the
effectiveness of the entity’s internal control. An audit also includes
evaluating the appropriateness of accounting policies used and the
reasonableness of accounting estimates made by management, as
well as evaluating the overall presentation of the financial statements.
We believe that the audit evidence we have obtained is sufficient and

appropriate to provide a basis for our audit opinion.
Opinion
Opinion paragraph In our opinion, the financial statements give a true and fair view of (or
“present fairly, in all material respects,”) the financial position of ABC
Company as of December 31, 20X1, and of its financial performance
and its cash flows for the year then ended in accordance with
Financial reporting framework International Financial Reporting Standards.
The phrases “give a true and fair view” and “present fairly, in
all material respects,” when used to express the auditor’s
opinion, are equivalent.

Overall objectives - responsibility for the financial statements

Management is responsible for preparing and presenting
financial statements (e.g. in accordance with statutory and
other financial reporting requirements).
The auditor forms and expresses an opinion on financial

statements.
An audit of financial statements does not relieve

management of its responsibilities.

Overall objectives - fundamental concepts

“True and fair” Materiality
• the term is not defined in ISAs and “definitions” should • materiality is an expression of relative significance or
therefore be regarded with caution importance of a matter in the context of the financial
• truth relates to factual accuracy (bearing in mind statements as a whole
materiality)
• fairness relates to presentation of information and the • a matter is material if its omission or misstatement would
view conveyed to the reader reasonably influence the decisions of an addressee of the
• a degree of imprecision is inevitable because of inherent auditor’s report
limitations
• “view” indicates that a professional judgment has been
reached
• the concept of a “true and fair” view is constantly changing
(e.g. with developments in accounting standards)
• that the phrase is preceded in the statutes by the
indefinite article (“a”) suggests that more than one form of
presentation may satisfy the requirement
• a true and fair view generally implies that IFRSs, IASs and
IFRIC interpretations (of the IASC’s Financial Reporting
Interpretations Committee) have been complied with

Overall objectives - general principles - ethical

Objectivity
• in all professional and business judgements
• a state of mind which has regard to all considerations
“The auditor shall comply with relevant ethical relevant to the task but no other
requirements relating to audit engagements.” • presupposes intellectual honesty
Professional competence and due care

• should not accept work which cannot be competently
Independence undertaken, though advice/assistance may be obtained.
A firm should establish policies and procedures which should • professional work should be carried out with due skill,
enable it to communicate its independence requirements to its care, diligence and expedition, and with proper regard for
personnel and, where applicable, others subject to them; and technical and professional standards expected
identify and evaluate circumstances and relationships that
create threats to independence, and to take appropriate Confidentiality
action to eliminate those threats or reduce them to an • information acquired in the course of professional work
acceptable level by applying safeguards, or, if considered should not be disclosed to third parties without first
appropriate, to withdraw from engagement. obtaining the client’s permission
Integrity Professional behaviour

• in all professional, business and personal financial • courtesy and consideration
relationships • towards all with whom they come into contact while
• implies honesty, fair dealing and truthfulness performing work

Overall objectives - general principles - conduct of an audit of financial statements

The text of a whole standard is considered in order to
“The auditor shall comply with all ISAs relevant to understand and carry out the requirements of the ISA.
the audit.”
IAPSs provide interpretative guidance and practical
assistance to auditors in implementing ISAs.
ISAs provide objectives and requirements (i.e. basic Auditors may also conduct the audit in accordance with both
principles and essential procedures) and related guidance ISAs and auditing standards of a specific jurisdiction or
(i.e. application and other explanatory material). country.

Overall objectives - general principles - professional skepticism

Professional skepticism is defined as an attitude that includes
a questioning mind, being alert to conditions which may
“The auditor shall plan and perform an audit with indicate possible misstatement due to error or fraud, and a
“professional skepticism” recognising that critical assessment of audit evidence
circumstances may exist that cause the financial For example, management representations cannot be
statements to be materially misstated.” assumed to be necessarily correct. The auditor will usually
expect to find evidence to support them.
See also the auditor’s responsibilities for fraud and error in

Module 4.

Overall objectives - general principles - scope of an audit of financial statements

Auditors may be required to comply with other
professional, legal or regulatory requirements in addition
“In determining the audit procedures to be to ISAs.
performed in conducting an audit in accordance
ISAs do not override local laws and regulations that
with ISAs, the auditor shall comply with each of the govern and audit, and an auditor may perform additional
ISAs relevant to the audit.” procedures necessary to comply with the relevant additional
standards of a specific jurisdiction or country.
“The auditor shall not represent compliance with
Exceptionally, the auditor may depart from following an
ISAs in the auditor's report unless the auditor has ISA as long as the departure is necessary for the
complied fully with all of the ISAs relevant to the achievement of the objective of the audit.
audit.”
The auditor should document the departure as required
by ISA 230, “audit documentation” in order to represent
compliance with ISAs.

Overall objectives - general principles - professional judgement

Professional judgement is necessary in particular
regarding decisions about:
“The auditor shall exercise professional judgement • materiality and audit risk
in planning and performing an audit. Professional • the nature, timing and extent of audit procedures
• evaluating whether sufficient appropriate audit evidence
judgement is essential to the proper conduct of an has been obtained
audit. This is because interpretation of relevant • the evaluation of management’s judgements in applying
ethical requirements and the ISAs and the informed the entity’s applicable financial reporting framework
• the drawing of conclusions based on the audit evidence
decisions required throughout the audit cannot be obtained
made without the application of relevant knowledge
and experience to the facts and circumstances. ”

Overall objectives - general principles - sufficient appropriate audit evidence and audit risk
• management are responsible for identifying business risks
“To obtain reasonable assurance the auditor shall and responding to them
• the auditor is ultimately concerned only with risks that may
obtain sufficient appropriate audit evidence to affect the financial statements
reduce audit risk to an acceptably low level and • the concept of reasonable assurance acknowledges that
thereby enable the auditor to draw reasonable there is a risk the audit opinion is inappropriate
• the risk that an auditor expresses an inappropriate opinion
conclusions on which to base the auditor’s when the financial statements are materially misstated is
opinion .” known as audit risk
• audit risk is a function of the risk of material misstatement
of the financial statements (prior to audit) and the risk that
the auditor will not detect such misstatement (“detection
risk”)

Overall objectives - scope

Factors to be taken into account The audit process
An audit conducted in accordance with ISAs must have In summary, this covers:
regard to the requirements of:
Agree terms of
• ISAs (i.e. to plan, evaluate controls, obtain evidence, form
engagement
conclusions and report) Obtain
• relevant professional bodies (e.g. ACCA) Form opinion in
understanding
auditor’s report
• legislation and regulations (e.g. Companies Acts) of business
• the terms of the audit engagement and reporting
requirements
Obtain
management Plan
representations
Documentation
Assess risk
Analytical and internal
procedures controls
Verify assets Test controls and

and liabilities transactions

Overall objectives - scope

Fundamental concepts Inherent limitations
However, the auditor may not be able to detect all

material misstatements because:
“Reasonable assurance - in an audit engagement, • testing is on a sample basis (see Module 4 - fraud in an
the auditor provides a high, but not absolute, level audit of financial statements [ISA 240]) because it is
impractical to audit every matter exhaustively due to
of assurance, expressed positively in the audit constraints of time and cost
report as reasonable assurance, that the • any accounting and internal control system has inherent
information subject to audit (i.e. the financial limitations (see Module 6 Internal control and risk
assessment - [ISA 315])
statements) is free of material misstatement.” • Financial reporting involves judgement by management,
subjective decisions or assessments, or a degree of
Reasonable assurance uncertainty
• most audit evidence is persuasive rather than conclusive
To provide such assurance, the auditor assesses the (e.g. an asset purchased by an entity, though physically
evidence collected in respect of the financial statements as possessed, may no longer be owned if title has been
a whole and expresses a conclusion thereon. transferred to another)
• transactions between related parties (i.e. where one has
the ability to control or exercise significant influence over
the other) may not be identified as such

What you have learned - overall objectives

now be able to:
• explain the objective of an audit of financial statements
• understand the concepts which underlie the nature and
scope of the audit
• describe the general principles which govern auditors and
their work


The ISAs appear to be very lengthy and detailed standards. If This is certainly not the case. The ISAs establish the basic
an audit is performed in accordance with ISAs does it mean requirements that must be followed, but the application of
that there is no place for professional judgement and that the these is heavily dependent on professional judgement. For
audit process becomes a “box-ticking” exercise? example, the ISAs require the auditor to assess risk and
materiality and professional judgement and experience are
then needed to perform this assessment and to design the
To reveal our answer, click below: appropriate audit procedures in order to obtain sufficient
appropriate audit evidence.

Module review
This module has given you an introduction to the framework
of principles that underlie the ISAs.
What the following modules will do is to look at each stage of

the audit in turn, introducing more detailed standards relevant
to each stage, but you will recognise the basic objectives and
requirements of ISA 200 in each of them.

Module 2 quick quiz


Question 1
The objective an audit of financial statements is to enable the auditor to:
A Protect the interests of minority

shareholders
B Detect misstatement resulting from fraud
and error
C To express an opinion on the financial
statements
D Compile information and report on
factual findings

Question 2
The “financial statements” referred to in an auditor’s report does not include:
A An income statement
B An accounting policies note
C A five year summary of results
D A statement of changes in equity

Question 3
When conducting an audit in accordance with ISAs the auditor must have regard to the
requirements of which of the following?
1. Ethical codes
2. Legislation and regulations
3. The terms of the audit engagement
4. None
A 1 only
B 2 and 3
C 1, 2 and 3
D4

Question 4
Which of the following factors is not an inherent limitation in an audit affecting the auditor’s
ability to detect material misstatements?
A The going concern basis

B The nature of the audit process
C The nature of financial reporting
D The need for the audit to be conducted
within a reasonable period of time and at
a reasonable cost.

Question 5
Preparing working papers is important, because doing so:
A Is generally required under national

legislation
B Provides evidence to support the audit
opinion
C Enables next year’s audit to be planned
D Prevents the auditor from being sued for
negligence

Module 3: Audit documentation Certificate in International Auditing

Audit documentation - ISA 230

• preparing and retaining documentation
• assembly of the final audit file
• confidentiality

Introduction
ISAs are not only prescriptive in terms of how an audit should
be conducted, but also in terms of what must be documented
at each stage of the audit. This will help the audit run
smoothly and also provide a record of what work was done
and conclusions drawn in case the auditor’s judgement is
challenged later.

Audit documentation - ISA 230

Objectives In addition to the above objectives, audit documentation
serves a number of purposes including:
To establish standards and provide guidance on audit • assisting the audit team to plan and perform the audit
documentation. • assisting members of the audit team responsible for
supervision to direct and supervise the audit work, and
discharge their review responsibilities in accordance with
The auditor shall prepare, on a timely basis, audit ISA 220, “quality control for audits of historical financial
documentation that provides: information”
• a sufficient and appropriate record of the basis for the • enabling the audit team to be accountable for its work
auditor’s report • retaining a record of matters of continuing significance to
• evidence that the audit was performed in accordance with future audits
ISAs and applicable legal and regulatory requirements • enabling an experienced auditor to conduct quality control
reviews and inspections in accordance with ISQC 1,
"Quality Control for firms that perform audits and reviews
Preparing sufficient and appropriate audit documentation of financial statements, and other assurance and related
on a timely basis helps to enhance the quality of the audit services engagements"
and facilitates the effective review and evaluation of the audit • enabling an experienced auditor to conduct external
evidence obtained and conclusions reached before the inspections in accordance with applicable legal, statutory
auditor’s report is finalized. or other requirements

Audit documentation - definitions

Audit documentation - the record of audit procedures
performed, relevant audit evidence obtained, and conclusions
the auditor reached (terms such as ’working papers’ or
‘workpapers’ are also sometimes used)
Audit file – One or more folders or other storage media, in

physical or electronic form, containing the records that
comprise the audit documentation for a specific engagement.
Experienced auditor - an individual (whether internal or

external to the firm) who has practical audit experience, a
reasonable understanding of audit processes, ISAs and
applicable legal and regulatory requirements, the business
environment in which the entity operates, and auditing and
financial reporting issues relevant to the entity’s industry.

Audit documentation - nature of audit documentation

Audit documentation may be stored on paper or on
electronic or other media.
“The auditor shall prepare the audit documentation
that is sufficient to enable an experienced auditor, Audit documentation, assembled in an audit file:
• includes audit programs, analyses, issues memoranda,
having no previous connection with the audit, to summaries of significant matters, letters of confirmation
understand: and representation, checklists, and correspondence
(including e- mail) concerning significant matters, and
a. the nature, timing and extent of the audit abstracts or copies of the entity’s records (as appropriate)
• is not a substitute for the entity’s own accounting records
procedures performed to comply with ISAs and • ordinarily excludes superseded drafts, notes that reflect
applicable legal and regulatory requirements incomplete thinking, duplicates of documents and
documents corrected for errors
b. the results of the audit procedures and the audit
Matters which are important in providing evidence must
evidence obtained be documented to:
• support the audit opinion
c. significant matters arising during the audit the • demonstrate that the audit was performed in accordance
conclusions reached thereon, and significant with ISA
professional judgments made in reaching those
conclusions.”

Audit documentation - form

Matters to consider Direction
• nature of the engagement, e.g.: Means informing assistants of:

a. private or public sector • their responsibilities
b. other services undertaken (e.g. taxation, systems • the objectives of the tasks they are to undertake
advice) • matters that may affect the nature, timing and extent of
• form of the auditor’s report (e.g. a standardized, “short- audit procedures
form” report in which matters can be assumed unless
otherwise reported by exception (resulting in a “modified” Communication tools include:
opinion) • overall audit plan
• nature and complexity of the organization and its • audit program
accounting and internal control systems (e.g. the extent of • time budgets
computerization)
• specific audit methodology (e.g. a risk-based approach) Supervision
and technology (e.g. computer-assisted audit techniques)
used in the course of the audit Includes monitoring progress to ensure that:
• standardization • assistants have the necessary skills and competence
• extent of schedules, analyses and other documentation • assistants understand their instructions
prepared by the entity • work is proceeding in accordance with the overall audit
• needs for direction, supervision and review of tasks plan, audit programme and time budget
assigned to assistants

Audit documentation - form

Review
A person of at least equal competence should consider

whether:
• the results of work performed are adequately documented
• all significant audit matters have been resolved
• audit objectives have been achieved
• conclusions are consistent with the results of the work
performed and support the audit opinion
Standardization
It is common practice for audit firms to use standard pre-

printed documentation on audit engagements. For
example:
• audit completion, disclosure and other checklists
• internal control questionnaires
• audit programs
• specimen letters - e.g. management representation letters
• indices for standard organization of working papers

Exercise - standardization
Please review the following exercises:
Suggest four advantages and disadvantages of standardising

audit working papers. Consider your answer to the question, when you are ready click next to
enter it into the course blog.
You may wish to discuss this with a colleague before finally submitting it.
You can then review the ideas of other students on this subject.

Audit documentation - form – documentation techniques

Narrative notes Factors to consider
Written descriptions require little formal training and are best
suited to small, simple systems descriptions or to explain The form and extent of this documentation is influenced
peripheral aspects of larger systems not dealt with by other by such factors as:
techniques (e.g. the issue of credit notes). • size and complexity of entity
• nature of accounting and internal control systems (e.g.
Flowcharts manual or electronic)
Visual descriptions highlight controls and are easy to • auditors’ intended reliance on internal controls
understand by a trained user. However, different audit firms • whether prepared by client (e.g. internal audit department)
and their clients use different types (e.g. documentation or external auditor
flowcharts, information flowcharts and overview flowcharts). • ease of preparation and/or updating
Questionnaires
Internal control questionnaires (ICQs) are designed to
indicate which parts of a system are strong or weak and so
make a preliminary assessment of the extent to which the
auditor seeks to place reliance (if any) on internal controls.

Audit documentation - summary

Significant matters
“In documenting the nature, timing and extent of The auditor shall document discussions of significant
audit procedures performed, the auditor shall matters with management and others on a timely basis. It
is particularly important that the known, relevant facts of all
record the identifying characteristics of the specific significant matters (e.g. of principle, judgment and concern)
items or matters being tested.” are recorded at the time conclusions were reached. One of
the reasons why the auditor’s report is dated is to establish
Recording the identifying characteristics enables the the point in time after which new evidence would not have
audit team to be accountable for its work and facilitates been considered in reaching the audit opinion.
the investigation of exceptions or inconsistencies.
If the auditor has identified information that contradicts
or is inconsistent with the auditor’s final conclusion
regarding a significant matter, the auditor shall document
how the auditor addressed the contradiction or inconsistency
in forming the final conclusion.
The auditor does not have to retain incorrect or

superseded documentation.

Audit documentation - documentation of departures from relevant requirements

Identification of preparer and reviewer
If, in exceptional circumstances, the auditor judges
“ In documenting the nature, timing and extent of audit
it necessary to depart from a relevant requirement
procedures performed, the auditor shall record:
in an ISA, the auditor shall document how the • who performed the audit work and the date such work was
alternative audit procedures performed achieve the completed
• who reviewed the audit work performed and the date and
aim of that requirement, and the reasons for the
extent of such review
departure .”
The requirement to document who reviewed the audit
work performed does not imply a need for each specific
working paper to include evidence of review.

Audit documentation - assembly of the final audit file

When the auditor finds it necessary to modify existing
audit documentation or add new audit documentation after
“The auditor shall complete the assembly of the the assembly of the final audit file has been completed, the
final audit file on a timely basis after the date of the auditor shall, regardless of the nature of the modification or
additions, document:
auditor’s report.”
• when and by whom they were made, and (where
applicable) reviewed
“After the assembly of the final audit file has been • the specific reasons for making them
completed, the auditor shall not delete or discard • their effect, if any, on the auditor’s conclusions
audit documentation before the end of its retention
period.”

Audit documentation - changes to audit documentation in exceptional circumstances after the date of
the auditor’s report
“When exceptional circumstances arise after the

date of the auditor’s report that require the auditor
to perform new or additional audit procedures or
that lead the auditor to reach new conclusions, the
auditor shall document the circumstances
encountered, the new or additional audit procedures
performed, audit evidence obtained, and
conclusions reached; and when and by whom the
resulting changes to audit documentation were
made, and (where applicable) reviewed.”

Exercise 1 - permanent vs. current audit files

Please review the following exercise:
Suggest the audit papers which you would expect to be filed

as “permanent”. Consider your answer to the question, when you are ready click next to

Exercise 2 - permanent vs. current audit files

Suggest the audit papers which you would expect to be filed

as “current”. Consider your answer to the question, when you are ready click next to

Audit documentation - indexing

Current Audit File Index L Taxation
A Audit control papers M Capital and reserves
A1 Financial statements N Income statement
A2 Audit completion checklist P Revenue
A3 Review schedules Q Purchases
A4 Points forward to next year R Wages and salaries
A5 Time record and budget S Extended trial balance and adjustments to profit
B Overall audit plan
C Intangible assets
D Tangible non-current assets Standard indices may be used for both permanent and
E Investments current audit files. These are usually tailored (e.g. by circling
F Inventories the references used).
G Receivables
H Cash Alternative referencing systems might include separate
J Payables sections for interim audit working papers, systems work, or
K Provisions and contingencies analytical procedures.

Audit documentation - confidentiality and safe custody

Retention
ISA 230 refers to the principles in ISQC 1 on quality General principle

control that ‘auditors should establish policies and For a period sufficient to meet the needs of the audit practice
and in accordance with legal and professional requirements.
procedures designed to maintain the confidentiality,
safe custody, integrity, accessibility and
retrievability of engagement documentation.' Minimum period recommended by ISA 230:
Audit working papers – no shorter than 5 years from the date
Practical procedures will vary depending on whether the of the auditor’s report.
documentation is in paper or electronic form but will include:
• the use of a password to restrict access to authorized
users Minimum period recommended by ACCA:
• back-up routines at appropriate stages of the audit Audit working papers - 7 years. Tax files - 7 years and then
• procedures for distributing documentation to team returned to client (or former client)
members at the start of the audit, processing it and
collating it at the end of the engagement
• restricting access to and confidential storage of hard copy
documentation

What you have learned - audit documentation

now be able to:
• explain the importance of preparing and retaining
documentation
• describe the form and content of different types of working
papers


Does ISA 230 require the use of standardized working No, although many firms will use standardized working papers
papers? in practice, this is not a requirement of ISA 230. What the
standard does establish is what should be documented, and
the level of detail of that documentation. Exactly how this is
To reveal our answer, click below:
done is a decision for individual firms of auditors. Many will
use standardized documentation for certain aspects of the
audit, their objective being to ensure that all their audit staff,
including the least experienced of them, prepare
documentation that will meet the requirements of ISA 230.

Module review
In this module you have seen the basic requirements of ISA
230 in respect of audit documentation. Audit firms operate in
an environment of ever closer scrutiny and oversight so it is
important that they not only perform their work to the highest
professional standards, but that they have documented all of
the evidence and conclusions that support their audit
opinions.
You have also seen some practical aspects of documentation.
Many other ISAs contain specific requirements as to issues

that must be documented and you will spot these as you work
through the later modules, particularly those on planning and
audit evidence.

Module 3 quick quiz


Question 1
During the course of an audit, the auditor may use the following documents:
1. An analysis of expenditure for tax purposes

2. An aged receivables listing
3. Suppliers’ statement reconciliations
Which of these are acceptable if prepared by the client as a basis for further audit work?
A None
B 1 only
C 1 and 2
D 1, 2 and 3

Question 2
“The use of standardized working papers may improve the efficiency with which such working
papers are prepared and reviewed”.
Which of the following is most suited to standardization?
A An engagement letter
B A letter of request for a bank report
C An overall audit strategy
D A letter of representation

Question 3
Auditors’ working papers are conventionally divided into current and permanent files for both
convenience and control.
Which of the following letters is most likely to appear on the permanent audit file rather than
the current audit file?
A Engagement letter
B Report on deficiencies in internal control
C Management representation letter
D Bank confirmation letter

Question 4
Which of the following is most likely to constitute an error, rather than fraud?
A Oversight or misinterpretation of facts

resulting in an incorrect accounting
estimate
B Recording transactions without economic
substance
C Suppression or omission of effects of
transactions from records or documents
D Misappropriation of assets

Module 4: Fraud in an audit of financial statements Certificate in International Auditing

Fraud in an audit of financial statements - ISA 240

• fraud in an audit of financial statements
• types of fraud and the difference between fraud and error
• role of those charged with governance and management
in preventing and detecting fraud
• the limitations of internal controls
• ways of recognizing material misstatements
• responsibilities of the auditor
• substantive procedures
• withdrawing from an engagement

Introduction
The responsibility of auditors in respect of preventing and
detecting fraud is a common area of misunderstanding. The
earlier modules have set out the auditor’s key responsibilities
and this module explains what is expected of the auditor
under ISAs with regard to frauds.


Objective
To describe the auditor’s responsibilities and to consider

fraud in the audit of financial statements. ISA 240 has
been reissued in Clarity form.
Definitions - “Error”
Unintentional misstatement in financial statements including
omissions.
Definitions - “Fraud”
Intentional act of deception by one or more individuals to
obtain an unjust or illegal advantage.
Individuals may be:

• involved in management or charged with corporate
governance (i.e. “management fraud”)
• employees (i.e. “employee fraud”)
• third parties

Exercise - fraud and error

Classify each of the following as either “fraud” or “error”:

Consider your answer to the question, when you are ready click next to
1. Alteration, falsification or manipulation of accounting enter it into the course blog.
records or documents.
2. A mistake in applying accounting policies.
3. Collusion. You can then review the ideas of other students on this subject.
4. Mathematical or clerical mistakes in collecting or
processing accounting data.
5. Misapplication of accounting policies.
6. Misappropriation of assets (i.e. theft).
7. Oversight or misinterpretation of facts resulting in an
incorrect accounting estimate.
8. Recording transactions without economic substance.
9. Suppression or omission of effects of transactions from
records or documents.

Fraud in an audit of financial statements - types of fraud

Fraud is motivated and the perpetrator must perceive an Misappropriation (theft) of assets
opportunity to commit it (e.g. through the circumvention or
overriding of internal controls). There are two types of fraud: Often motivated by persons “living beyond their means”,
• fraudulent financial reporting this includes:
• misappropriation of assets • embezzlement (of moneys)
• stealing assets (physical)
Fraudulent financial reporting • using another’s intangible asset (e.g. copying CDs)
• causing the business to pay for goods and services not
Misstatements or omissions of amounts or disclosures received
intended to deceive users of financial statements • using an entity’s assets for personal use (e.g. as collateral
motivated, for example, by pressures to achieve earnings for a personal loan)
target. This includes:
• deception - e.g. through alteration of accounting records Theft may be, but is not necessarily, concealed by falsified
or supporting documents records or documents.
• omission of disclosure of significant information.
• deliberate omission of significant uncertainties (e.g.
relating to going concern or pending legal matters)
constitutes fraud
• deliberate misapplication of accounting principles affecting
the measurement, recognition, disclosure, etc. of elements
of financial statements

Fraud in an audit of financial statements - responsibilities of those charged with governance & of
management
Primary responsibility for prevention and detection of
fraud lies with those charged with governance of the
entity and with management.
Through implementing and operating an adequate

accounting and internal control system. Adequate systems
reduce but do not eliminate the possibility of fraud.
The respective responsibilities of management and those

charged with governance (if any) may depend on the
entity, voluntary codes, legal requirements, etc.
Management creates the control environment. Those charged
with governance oversee management to ensure the integrity
of the accounting and financial reporting systems and that
appropriate controls are in place.

Fraud in an audit of financial statements - communication

Communication - of a misstatement resulting from fraud Communication - to management:
(or a suspected fraud). • communicate factual findings if:
a. fraud may exist (even if potentially immaterial)
b. fraud or significant error exists
If the auditor has identified a fraud or has obtained • on a timely basis for management to take action
“ information that indicates a fraud may exist the • level of management depends on:
a. nature
auditor shall communicate these matters on a b. magnitude
timely basis to the appropriate level of c. frequency
management ”. d. likelihood of recurrence
• report to a level above that of persons believed to be
implicated otherwise seek legal advice
Communication - to those charged with governance:
• matters to be reported:
a. aggregated uncorrected misstatements
b. identified fraud, (whether or not it results in a
material misstatement)
c. evidence that indicates that fraud may exist (even if
immaterial)

Fraud in an audit of financial statements - communication

To regulatory and enforcement authorities To users of the auditor’s report
The auditor’s professional duty to maintain Although the auditor’s report is not explained until much
confidentiality of client information may preclude later it should be noted that if a matter is immaterial there will
reporting fraud to a party outside the client entity. Where this be no grounds for qualifying the audit report. Thus immaterial
is the case seek legal advice to determine the appropriate fraud is not drawn to the attention of the users of financial
course of action. This may be necessary to consider the statements.
public aspect interests of identified fraud.
In some countries professional duty may be overridden

by statute, law or courts of law.
Under some jurisdictions, there may be a statutory duty

to report fraud or misstatements not reported by
management and those charged with governance to
supervisory authorities.

Exercise - communication
Suggest specific matters to be reported to those charged with

governance (other than those identified on pages 9 and 10). Consider your answer to the question, when you are ready click next to


Responsibilities of the auditor Inherent limitations of an audit even though the audit is
properly planned and performed in accordance with ISAs
For prevention:
• is not and cannot be held responsible for prevention of Unless the audit reveals evidence to the contrary, the
fraud and error auditor is entitled to accept representations as truthful and
• however, annual audit may act as a deterrent records and documents as genuine, only forensic auditors are
trained to be experts in authentication.
For detection, the auditor shall consider the risk of material
misstatement arising from fraud and error when: However, “the auditor should plan and perform the audit
• planning and performing audit procedures with an attitude of professional scepticism, recognizing that
• evaluating and reporting on the results thereof. conditions or events may be found that indicate that fraud or
• error is more likely to be detected than fraud since fraud is error may exist”.
ordinarily accompanied by acts specifically designed to
conceal its existence e.g. collusion, forgery, deliberate Internal controls may fail to operate as designed.
failure to record transactions, intentional
misrepresentations to the auditor Any accounting and internal control system may be
• there is an unavoidable risk that material misstatements ineffective against fraud involving collusion among
resulting from fraud (and to a lesser extent error) may not employees or committed by management.
be detected due to inherent limitations of an audit
• subsequent discovery of material misstatement does not,
in itself, indicate audit failure (i.e. not adhering to the
requirements of the ISAs), but depends on suitability of
audit procedures and audit opinion in the circumstances


Responsibilities of the auditor
The auditor shall: • The auditor may also meet with those charged with
• discuss the entity’s susceptibility to fraud and error corporate governance to discuss such high level issues as:
amongst the audit team; and a. the risk of management fraud;
• inquire of management: b. management’s competence and integrity in discharging
a. management’s own risk assessment of fraud (and their responsibilities, e.g. whether recommendations for
management of such risk); improvements in internal controls are implemented
b. their understanding of the accounting and internal • Knowledge of fraud or material errors suspected or found
control systems necessary to discharge their is important in:
responsibilities for the prevention and detection of a. identifying possible internal control weaknesses (if
error; control procedures failed to prevent something); and
c. any fraud or material error suspected and/or found. b. providing evidence about the effective operation of
• discuss within the audit team to raise awareness of the control procedures (in detecting anomalies)
potential for material misstatement
• discuss with management will include the role of internal
audit

Risk assessment
The auditor’s assessment of inherent risk and control risk
As well as considering how the financial is detailed in paragraph 25 and 26 of ISA 315 “identifying
“
statements could be materially misstated due to and assessing the risks of material misstatement through
understanding the entity and its environment”.
fraud or error, the auditor shall consider whether
fraud risk factors exist to suggest the possibility of The existence of fraud risk factors may indicate that
fraud of either of the two types previously control risk cannot be assessed at less than high for
certain financial statement assertions.
described. Fraud risk factors identified should be
documented (in accordance with ISA 230 However, tests of controls on internal control procedures
documentation) .” designed to mitigate those fraud risk factors may support a
less than high control risk assessment.
Next we will consider:

• fraudulent financial reporting
• misappropriation of assets

Fraud in an audit of financial statements - planning - fraudulent financial reporting

Examples of fraud risk indicators
Management bias arising from: Industry conditions (i.e. economic and regulatory
• bonuses, share options etc. dependent on meeting environment):
aggressive operating/financial targets • new regulatory, accounting or statutory requirements that
• a need to maintain share price, earnings per share, etc. could impair the financial stability or profitability of the
• tax-motivated reasons entity (e.g. environmental legislation)
• a highly competitive or saturated market (with declining
A lax attitude towards internal control and financial margins) and/or technologically obsolete products
reporting, e.g.:
• significant disregard for regulatory authorities Operating characteristics and financial stability including
• failure to correct known material internal control nature and complexity of the entity, its transactions,
weaknesses on a timely basis financial condition and profitability:
• significant pressure to obtain necessary finance (e.g. for
Strained relationships between management and current capital expenditure)
or predecessor auditors, concerning, for example: • significant related party or complex transactions
• disagreements about financial reporting matters • bank accounts and/or operations in tax-haven jurisdictions
• unreasonable time constraints on completion of audit work • high vulnerability to interest rate changes
• attempts to influence the scope of the audit work • a threat of imminent bankruptcy, foreclosure or hostile
takeover
Weak or ineffective corporate governance structure (e.g.
a lack of non-executive directors (NEDs)

Exercise - fraudulent financial reporting

Suggest events or conditions in addition to those already

identified that provide an opportunity, a motive or a means to Consider your answer to the question, when you are ready click next to
commit fraudulent financial reporting, or indicate that such a enter it into the course blog.
fraud may already have occurred. You may wish to discuss this with a colleague before finally submitting it.

Fraud in an audit of financial statements - planning - misappropriation of assets

These fraud factors arise from: Lack of controls:
• susceptibility of assets to misappropriation • inadequate management supervision especially of remote
• lack of controls designed to prevent or detect such locations
misappropriation • lack of screening of job applicants for positions of trust
• inadequate record kept for assets susceptible to
The importance of controls increases with increasing risk misappropriation
of misappropriation • inadequate segregation of duties and/or lack of
independent checks
Susceptibility to misappropriation: • inadequate authorization and approval of transactions
• large amounts of physical cash (e.g. in purchasing)
• small (portable), high value inventory items • poor physical safeguards over assets and documents of
• easily convertible assets (e.g. diamonds, bearer bonds, ownership
Krugerrands) • employees performing key control functions not taking
• small, marketable non-current assets lacking ownership holidays
identification (e.g. laptop computers)

Exercise - misappropriation of assets

The size, complexity and ownership characteristics of a

business have a significant influence on the consideration of Consider your answer to the question, when you are ready click next to
relevant fraud risk factors. Suggest three fraud risk factors enter it into the course blog.
that might ordinarily be considered for a large business which You may wish to discuss this with a colleague before finally submitting it.
may be inapplicable or less important for a smaller business.

Fraud in an audit of financial statements - substantive procedures - detection risk
The auditor’s design of substantive procedures to reduce The auditor’s substantive procedures shall include the
detection risk to an acceptably low level is explained in following procedures related to the financial statements
paragraph 18 of ISA 330, “the auditor’s responses to closing process:
assessed risks”. Paragraphs 13 and A42 to A44 of ISA 200, • agreeing the financial statements to the underlying
“overall objectives of the independent auditor and the conduct accounting records
of an audit in accordance with international standards on • examining material journal entries and other adjustments
auditing” give details of what detection risk is. made during the course of preparing the financial
statements
Substantive procedures are performed in order to detect
material misstatements at the assertion level, and When, in accordance with paragraphs 26 to 28 of ISA 315,
include: the auditor has determined that an assessed risk of
• tests of details of classes of transactions, account material misstatement at the assertion level is a
balances and disclosures significant risk, the auditor shall perform substantive
• substantive analytical procedures procedures that are specifically responsive to that risk.
Irrespective of the assessed risk of material
misstatements, the auditor shall design and perform For example, if management are under pressure to meet
substantive procedures for each material class of shareholders’ or a stock exchange’s expectation of
transactions, account balance, and disclosure. earnings then there may be a risk that management is
inflating sales by, for example, invoicing sales before
This is because the auditor’s assessment of risk is shipment. In these circumstances the auditor may have to
judgemental and may not be sufficiently precise to identify all design the audit tests which allow for such an occurrence to
risks of material misstatement. be detected.

Fraud in an audit of financial statements - substantive procedures - detection risk

In order to obtain sufficient appropriate audit evidence, The following should be considered in deciding whether
the substantive procedures related to significant risks are to perform substantive procedures at an interim date:
most often designed to obtain audit evidence with high • the control environment and other relevant controls
reliability. • the availability of information at a later date that is
necessary for the auditor’s procedures
• the objective of the substantive procedure
When substantive procedures are performed at an interim • the assessed risk of material misstatement
date, the auditor shall perform further substantive • the nature of the class of transactions or account balance
procedures or substantive procedures combined with tests of and related assertions
controls to cover the remaining period that provide a • the ability of the auditor to perform appropriate substantive
reasonable basis for extending the audit conclusions from the procedures or substantive procedures combined with tests
interim date to the period end. of controls to cover the remaining period in order to reduce
the risk that misstatements that exist at period end are not
detected
Performing substantive procedures at interim date
increases the risk that misstatements that may exist at The greater the risk of material misstatement, the greater
the period end are not detected by the auditor. The further the extent of substantive procedures. Module 9 deals with
from the period end the interim date is, the higher this risk is. analytical procedures (ISA 520) and audit sampling (ISA 530).
In utilising sampling, sample sizes are affected by the risk of
material misstatement.

Fraud in an audit of financial statements - substantive procedures - possible misstatements

The implications for the auditor’s report should be
considered if the financial statements are confirmed to be
“When circumstances indicate that a material materially misstated (or it is not possible to draw a
misstatement may exist, procedures should be conclusion thereon).
performed to confirm whether or not the financial
statements are materially misstated.” The evaluation of misstatements is further considered in
ISA 320 “materiality in planning and performing an audit”.
Examples of circumstances:
• concerning management (and its integrity) Implications for the auditor’s report are explained in ISA
• accounting matters 700 “forming an opinion and reporting on financial
• problems in obtaining sufficient appropriate audit evidence statements”.
crucial to drawing reasonable conclusions on which to
base the audit opinion
• transactions which are unusual
• accounting and internal control weaknesses
• control mechanisms
• specific to a computer information system environment
• other

Exercise - implications of fraud for the audit
“The auditor shall evaluate whether it may be enter it into the course blog.
indicative of fraud; and if so, the implications for the You may wish to discuss this with a colleague before finally submitting it.
audit particularly the reliability of written You can then review the ideas of other students on this subject.
representations.”
Suggest the audit implications of:

1. A fraud involving misappropriations of petty cash; and
2. Fictitious sales contracts being entered into by the sales
director.
Give four answers for 1 and four answers for 2, with reasons
for each answer.

Fraud in an audit of financial statements - substantive procedures - management representations

Substantive procedures - management representations
Auditors should obtain written acknowledgement of • it has disclosed to the auditor its knowledge of any
management’s responsibility for the financial statements allegations of fraud, or suspected fraud, affecting the
(see ISA 580, “written representations”). entity’s financial statements communicated by employees,
former employees, analysts, regulators or others
The auditor shall obtain written representations from
management that: Due to the nature of fraud and the difficulties
• it acknowledges its responsibility for the design and encountered by auditors in detecting material
implementation of internal control to prevent and detect misstatements in the financial statements resulting from
fraud fraud, it is important that the auditor obtains a written
• it has disclosed to the auditor the results of its assessment representation from management confirming that it has
of the risk that the financial statements may be materially disclosed to the auditor the results of management’s
misstated as a result of fraud assessment of the risk that the financial statements may be
• it has disclosed to the auditor its knowledge of fraud or materially misstated as a result of fraud and its knowledge of
suspected fraud affecting the entity involving: actual, suspected or alleged fraud affecting the entity.
a. management
b. employees who have significant roles in internal control
c. others where the fraud could have a material effect on
the financial statements

Fraud in an audit of financial statements - withdrawal

Exceptional circumstances which may bring into question Communicating reasons
the auditor’s ability to continue performing the audit:
If it is not possible to continue performing the audit, the
Entity does not take the appropriate action regarding auditor considers:
fraud that the auditor considers necessary in the • his professional and legal responsibilities (e.g. to report to
circumstances even when the fraud is not material for the those who appoint him or, in some cases, to regulatory
financial statements. authorities)
The auditor’s consideration of the risks of material • the possibility of withdrawing from the engagement
misstatements due to fraud and the results of audit tests
indicate a significant risk of material and pervasive fraud. In the UK, the auditor’s only direct communication with
The auditor has significant concerns about the shareholders is the auditors’ report. If the engagement
competence or integrity of management or those charged with cannot be completed, the auditor can communicate matters
governance. such as pervasive fraud through the additional rights which
can be exercised upon his resignation (or removal) from
Factors to be considered: office.
• whether management or those charged with governance
are implicated In the event of withdrawal the auditor should:
• the effects on the auditor of continuing an association with • discuss the reasons for so doing with the appropriate level
the client of management (and those charged with governance)
• any professional and legal responsibilities in such • consider any professional or legal requirements to report
circumstances his withdrawal (with reasons)
• the alternatives, if any, to withdraw
• legal advice

Fraud in an audit of financial statements - withdrawal - inquiry from a proposed (successor) auditor
The extent to which an existing auditor can advise his
successor (“nominee”) depends on:
• whether or not the client gives permission to discuss its
affairs
• ethical requirements (e.g. IFAC’s Code of Ethics for
Professional Accountants [“The Code”])
On receiving an inquiry from a proposed successor

auditor (in accordance with The Code) the existing auditor,
should advise, with the client’s permission, any professional
reasons why the nominee should not accept the appointment.
If the client’s permission is not granted that fact should be

disclosed to the nominee.
If fraud or suspected fraud contributed to the change in

appointment the existing auditor must take care to state only
the facts of the matter.

Fraud in an audit of financial statements - documentation

The documentation of the auditor’s understanding of the The auditor shall document communications about fraud
entity and its environment and the auditor’s assessment made to management, those charged with governance,
of the risks of material misstatement required by regulators and others.
paragraph 32 of ISA 315 shall include:
• the significant decisions reached during the discussion
among the engagement team regarding the susceptibility When the auditor has concluded that the presumption
of the entity’s financial statements to material that there is a risk of material misstatement due to fraud
misstatement due to fraud related to revenue recognition is not applicable in the
• the identified and assessed risks of material misstatement circumstances of the engagement, the auditor shall document
due to fraud at the financial statement level and at the the reasons for that conclusion.
assertion level
The documentation of the auditor’s responses to the The extent to which these matters are documented is for
assessed risks of material misstatement shall include: the auditor to determine using professional judgement.
• the overall responses to the assessed risks of material
misstatements due to fraud at the financial statement level
and the nature, timing and extent of audit procedures, and
the linkage of those procedures with the assessed risks of
material misstatement due to fraud at the assertion leve
• the results of the audit procedures, including those
designed to address the risk of management override of
controls

What you have learned - fraud in an audit of financial statements

now be able to:
• distinguish between fraud and error and different types of
fraud
• know that ISA 240 primarily deals with fraud
• discuss the respective responsibilities of management and
the auditor for the prevention and detection of fraud
• appreciate the limitations of internal control systems in the
context of fraud
• recognise fraud risk factors and circumstances which
indicate that a material misstatement may exist
• explain the auditor’s responsibility for the communication
of misstatements resulting from fraud
• state the exceptional circumstances in which the auditor
may be unable to complete the engagement


Would an auditor be at fault in failing to detect a material Subsequent discovery of material misstatement (arising
fraud? through fraud or error) does not, in itself, indicate audit
failure (i.e. not adhering to basic principles and essential
procedures). What is important is whether or not the auditor
To reveal our answer ,click below: properly considered the risk of fraud when planning and
performing the audit and took account of fraud risk factors
identified (if any). Remember that because fraud is ordinarily
accompanied by acts to conceal it, there is an unavoidable
risk that material misstatements resulting from fraud may not
be detected (due to inherent limitations of an audit).

Module review
In this module you have learned the requirements imposed on
auditors by ISA 240. The basic requirement is driven by the
auditor’s responsibility to assess the risk of material
misstatement.
On the one hand, the standard makes it clear that it is not the
auditor’s job to detect every fraud that may occur in an entity.
On the other hand it also emphasises that any discovery or
suspicion of fraud must be considered in terms of its
implications for other areas of the audit. The principle of
professional scepticism means that in circumstances where
there is suspicion of fraud at a high level within the company,
any representations obtained from management must be
treated with caution.

Module 4 quick quiz


Question 1
During the examination of transactions around the year end an auditor finds numerous
alterations which post-date suppliers’ invoices, with the result that they are not included in
trade payables. The auditor also discovers that several copy sales invoices have been ante-
dated and included in sales for the year and figures on physical inventory records have been
altered.
This combination of circumstances is most likely to indicate:

A the use of subsequent transactions and
manipulation of records to cover a
misappropriation of cash receipts
B fraudulent financial reporting, designed to
improve declared profits for the year under
review
C fraud involving the collusion of employees
with suppliers to extract payments for goods
not ordered or received
D the correction of cut-off errors to take
account of goods received and
despatched during physical inventory
counting

Question 2
Which of the following statements best expresses the auditor’s duty of confidentiality to his
client in respect of information acquired in the course of professional work?
A The auditor should only reveal confidential

client data after having received consent
from the board of directors to do so
B The auditor must supply any client data
requested of him by a shareholder at the
annual general meeting
C The auditor should never reveal client
confidential data unless it is essential to the
understanding of the qualified audit report
D The auditor should reveal certain client
confidential data if he believes that he
has a legal right or duty to do so

Question 3
ISA 240 the auditor’s responsibilities relating to fraud in an audit of financial statements,
specifically requires the auditor to do all of the following except:?
A Communicate with management and those

charged with governance
B Design and perform audit procedures to
respond to the risk of management
override of controls
C Obtain written representations from
management relating to fraud
D Write to the bank for a confirmation of
bank balances to prove that no fraud has
occurred

Question 4
According to ISA 240 “the auditor’s responsibilities relating to fraud in an audit of financial
statements”, which of the following is not an error:
A Altering records and terms relating to

significant and unusual transactions
B A mistake in gathering or processing data
from which financial statements are
prepared
C A mistake in the application of accounting
principles relating to measurement,
recognition, classification, presentation or
disclosure
D An incorrect accounting estimate arising
from oversight or misinterpretation of facts

Question 5
According to ISA 240 “the auditor’s responsibilities relating to fraud in an audit of financial
statements”, which of the following circumstances does not indicate the possibility of fraud:
A Last-minute adjustments that

significantly affect financial results
B Low morale among senior management
C Significant unexplained items on
reconciliations
D Tolerance of violations of the entity’s
code of conduct

Module 5: Planning Certificate in International Auditing

This module is divided into three parts:
Planning an audit of financial statements - ISA 300

• planning an audit of financial statements
• overall audit strategy
• developing an audit program
Understanding the entity and its environment - ISA 315

• understanding the entity and its environment
• internal controls
• sources and use of knowledge to help you understand
new and existing clients
Audit materiality - ISAs 320 and 450

• audit materiality
• audit conduct
• planning materiality
• evaluation of misstatements

Introduction
Module 5 describes the “core” standard on planning (ISA
300) which explains the essential procedures of the
planning process. This ISA 300 has been redrafted under
the Clarity project. This “core” standard introduces the need
for other standards which are also covered in this module:
• understanding the entity and its environment (ISA 315)
• the importance of materiality as an auditing concept (ISA
320)
Other standards linked to this area will be covered in later
modules:
• assessing the risk of material misstatement (Module 6 -
ISA 315)
• accounting and internal control systems (Module 6 - ISA
315)
• nature, timing and extent of procedures - including tests of
controls and substantive procedures (Module 8 - ISA 501
and 505)
The audit programs provided as an appendix to “planning an

audit of financial statements” (ISA 300) provide a resource of
audit procedures which can be skimmed at this stage and
referred back to as directed in later modules.


The purpose of performing these preliminary engagement
activities is to help ensure that the auditor has considered
“The objective of the auditor is to plan the audit so any events or circumstances that may adversely affect the
that it will be performed in an effective manner.” auditor’s ability to plan and perform the audit engagement to
reduce audit risk to an acceptably low level.
Objective
To establish the principles for planning recurring audits.
Preliminary engagement activities
The auditor shall undertake the following activities at the

beginning of the current audit engagement:
• perform procedures regarding the continuance of the
client relationship and the specific audit engagement
• evaluate compliance with ethical requirements, including
independence
• establish an understanding of the terms of the
engagement

Definition Requirement
Planning entails: The auditor shall document the overall audit strategy.
• establishing the overall audit strategy for the engagement
• developing a detailed approach for the nature, timing and
extent of audit procedures – the “audit program” – in order
to reduce audit risk to an acceptably low level
Role
• to devote appropriate attention to important areas
• to identify and resolve potential problems on a timely
basis
• to complete work in an effective and efficient manner (i.e.
expeditiously)
• to assist in assigning/directing/supervising/coordinating
audit work

Exercise - audit strategy

Suggest ten matters to be considered in developing the
overall audit strategy, using the following five headings as You may wish to discuss this with a colleague before finally submitting it.
prompts:
Co-ordination, direction, supervision and review
Knowledge of the business
Risk and materiality
Accounting and internal control systems
Nature, timing and extent of procedures

Planning an audit of financial statements - overall audit strategy - form and content
Must be sufficiently detailed to facilitate the development
of the audit program.
Will depend on the:

• entity (e.g. a multi-national engineering group, a small
retailer)
• complexity of the audit and methodology used (e.g. audit
or business risk approach and the use of IT in automating
the audit process)

Planning an audit of financial statements - overall audit strategy - typical content of an audit strategy
Terms of the engagement
The work to be done i.e. audit work, accounting work to be
done for the client, tax work, letters to be sent. Including
reports required and client expectations.
The client and its background

History, products, locations, noting factors like a new
managing director/computer system/product.

Planning an audit of financial statements - overall audit strategy - typical content of an audit strategy
Group structure
Important figures and ratios (analytical procedures) Client assistance

From previous years audit working papers and if available, Client contacts. Assistance from the client may be required in
from management and draft accounts. providing documents and analyses, providing computer time,
arranging visits to branches. Also the extent to which internal
Audit approach audit may be involved.
Extent of reliance on internal control, the use of tests of
controls and substantive procedures. Timetable
Key dates including audit visits (interim, year-end and final
Critical audit objectives and risk areas audit visits), preparation of the draft management letter and
These might include intangibles, inventories, contract work in reporting deadlines.
progress, contingent liabilities, revenue recognition, foreign
currency, related party transactions. Staffing requirement
Offices and audit staff - including associated practices.
Preliminary estimate of materiality
The maximum amount of error acceptable to be satisfied that Time budget and audit fee estimate
financial statements show a true and fair view.

Planning an audit of financial statements - audit program

Requirement Additional considerations in initial audit engagements
The auditor shall document the audit plan. (This The auditor should perform the following activities prior
document is more commonly referred to as the audit to starting an initial audit:
program). • perform procedures regarding the acceptance of the client
relationship and the specific audit engagement
This serves as a record of the proper planning of the • communicate with the previous auditor, where there has
audit procedures that can be reviewed and approved prior to been a change of auditors, in compliance with relevant
their performance. ethical requirements
The overall audit strategy and audit plan should be Typical contents:
updated and changed as necessary during the audit. The • audit objectives
reasons for any significant changes must be documented. • audit procedures
• time budget
• timing of tests of controls and substantive procedures

Planning an audit of financial statements - audit program - examples
To review the example audit program you will need

Adobe Acrobat Reader. If you do not have Adobe
Acrobat Reader installed on your PC you can download
it here.
Click here to download a printable copy of an example

audit program (199Kb).

What you have learned - planning an audit of financial statements

now be able to:
• define “planning”
• explain the basic principles of planning
• identify factors to be taken account of in developing an
audit plan

Understanding the entity and its environment

Objective
“The objective of the auditor is to identify and • ISA 315 “identifying and assessing the risks of material
assess the risks of material misstatement, whether misstatement through understanding the entity and its
environment” has been redrafted under the Clarity project
due to fraud or error, at the financial statement and
• to explain the relevance of understanding the entity and
assertion levels, through understanding the entity its environment to the audit process
and its environment, including the entity’s internal
The auditor’s understanding of the entity and its
control, thereby providing a basis for designing and
environment consists of an understanding of the
implementing responses to the assessed risks of following aspects:
material misstatement. • industry, regulation, and other external factors, including
the applicable financial reporting framework
• nature of the entity, including its operations, its ownership
The members of the engagement team shall discuss and governance structures, its investments and finance
the susceptibility of the entity’s financial statements arrangements
• the entity’s selection and application of accounting
to material misstatements.”
policies
• objectives and strategies and the related business risks
that may result in a material misstatement of the financial
statements
• measurement and review of the entity’s financial
performance
• internal control

Understanding the entity and its environment - nature
The auditor shall obtain an understanding of the nature of The auditor shall obtain an understanding of the entity’s
the entity. The nature of the entity includes: selection and application of accounting policies and
• its operations consider whether they are appropriate for its business and
• its ownership consistent with the application of financial reporting
• its governance framework and accounting policies used in the relevant
• the type of investments that it makes industry. The understanding encompasses:
• the way that the entity is structured • the methods the entity uses to account for significant and
• the way that the entity is financed unusual transactions
• the effect of significant accounting policies in controversial
or emerging areas for which there is a lack of authoritative
Understanding the nature of the entity enables the auditor guidance or consensus
to understand the classes of transactions, account balances, • changes in the entity’s accounting policies and the impact
and disclosure to be expected in the financial statements. of those changes on the entity’s financial statements

Business risks, which are broader than the risk of

material misstatement, result either from the setting of
“The auditor shall obtain an understanding of the inappropriate objectives and/or strategies, or from significant
entity’s objectives and strategies, and the related conditions, events, circumstances, actions or inactions that
could adversely affect the entity’s ability to achieve its
business risks that may result in material
objectives and execute its strategies.
misstatement of the financial statements.”
The auditor assesses the likelihood of a business risk
giving rise to a risk of material misstatement by utilising
The entity conducts its business in the context of the documentation produced as the formal plans or
industry, regulatory and other internal and external strategies for business risk management put in place by the
factors to which the management should respond by defining entity; where such do not exists the auditor obtains the
objectives for the entity. understanding by observation and inquiry.

Management’s measurement and review of financial

performance is to be distinguished from the monitoring of
“The auditor shall obtain an understanding of the controls, though their purposes may overlap.
measurement and review of the financial
Internally-generated performance measures may include
performance.”
key performance indicators (KPIs), budgets, variance
analysis, and segment information.
Performance measures, whether external or internal, Understanding an entity’s performance measures assists
create pressures on the entity that, in turn, may motivate the auditor in considering whether pressures have resulted in
management to take action to improve the business an increased risk of material misstatement and whether these
performance or to misstate the financial statements. measures are precise enough to detect such material
misstatements.

Understanding the entity and its environment - internal control
Internal control is the process designed and effected by

those charged with governance, management, and other
“The auditor shall obtain an understanding of personnel to provide reasonable assurance about the
internal control relevant to the audit.” achievement of the entity’s objectives with regard to reliability
of financial reporting, effectiveness and efficiency of
operations and compliance with applicable laws and
Not all of the controls established by management will be regulations.
relevant to the audit. The auditor must use professional
judgment to determine whether a control is relevant to Internal control consists of five components. These are:
the audit. • the control environment
• the entity’s risk assessment process
The auditor uses the understanding of controls to identify • the information system, including the related business
types of potential misstatements, consider factors that affect processes, relevant to financial reporting and
the risks of material misstatements, and design the nature, communication
timing and extent of further audit procedures. • control activities
• monitoring of control

Understanding the entity and its environment - control environment
“The auditor shall obtain an understanding of the

control environment.”
The control environment includes the governance and

management function, and the attitudes, awareness and
activities of those charged with governance and management,
which collectively provide an appropriate foundation for the
other components of internal control.
As part of understanding the control environment, the

auditor considers whether management has created and
maintained a culture of honesty and ethical behavior.

Exercise - sources of knowledge to help understanding

When obtaining an understanding of the entity and its

environment to support your audit, you are likely to rely on Consider your answer to the question, when you are ready click next to
various types of information. This activity requires you to
categorise each type of information as to its likely source: You may wish to discuss this with a colleague before finally submitting it.
• Client
• External You can then review the ideas of other students on this subject.
• Auditor
1. Budgets. 10. Predecessor auditor.

2. Chart of accounts. 11. Previous experience.
3. Customers, etc. 12. Specialist publications.
4. Government data. 13. Technical experts.
5. Industry regulators. 14. Trade journals.
6. Internal audit. 15. Visit premises.
7. Legal advisers.
8. Management.
9. Minutes of meetings.

Understanding the entity and its environment - use of knowledge
• assess components of risk

• develop the overall audit strategy and audit plan
• determine materiality levels.
• evaluate audit evidence including management
representations
• identify related parties and related party transactions
• recognize conflicting information and unusual
circumstances
• make informed inquiries and assess the reasonableness
of responses
• appraise the appropriateness of accounting policies and
financial statement disclosures
• provide a better service to clients and be responsive to
their needs

Understanding the entity and its environment - new audits - matters to consider
Before accepting appointment:

• capability and resources:
a. size, location
b. nature of business
c. timing
d. staffing
e. current commitments
• independence
• problems e.g. professional reasons for not accepting the
appointment expressed by the predecessor audit
After accepting appointment:

• Obtain more detailed knowledge and information sufficient
to plan the audit and an effective audit approach.

Exercise - new audits

Information needs
Please review the following exercise: for a new client

suggest, under the following headings, up to five types of Consider your answer to the question, when you are ready click next to
information you will require:
General economic
Management & ownership
Financial performance
Industry
Business
Reporting environment

Exercise - existing clients

In the case of companies audited in prior years, most of the
information required for planning will be available in the
working papers (“WPs”) and other files.
For an existing client, suggest 5 internal and 5 external areas
that may cause changes that will need to be documented. You can then review the ideas of other students on this subject.

What you have learned -understanding the entity and its environment
now be able to:
• explain the need for and use of understanding the entity
and its environment
• identify sources of knowledge to help you understand new
and existing clients

Audit materiality - ISA 320
“As part of the Clarity Project, the IAASB issued a

revised and redrafted version of ISA 320 ‘materiality
in planning and performing an audit’ and separated
the guidance on evaluation of misstatements into a
new standard, ISA 450 ‘evaluation of misstatements
identified during the audit.’”
Objective
To describe the concept of materiality and its relationship

with audit risk.

Audit materiality - definitions
The International Accounting Standards Board’s ISA 320 sets out a frame of reference for auditors to use
Framework for the Preparation and Presentation of in determining materiality if there is no discussion of the
Financial Statements states that: concept of materiality in the applicable financial
“Information is material if its omission or misstatement could framework:
influence the economic decisions of users taken on the basis • misstatements are considered to be material if they
of the financial statements....” individually, or in aggregate, could reasonably be
expected to influence the economic decisions of users
taken on the basis of the financial statements
• judgements about materiality are made in the light of
Materiality depends on the size of the item or error surrounding circumstances, and are affected by the size or
judged in the particular circumstances of its omission or nature of a misstatement, or a combination of both
misstatement. It provides a threshold or cut-off point rather • judgements about matters that are material to users of the
than being a primary qualitative characteristic which financial statements are based on a consideration of the
information must have if it is to be useful. common financial information needs of users as a group

Audit materiality - context
“Materiality should be considered when planning

and performing the audit; determining the nature,
timing and extent of audit procedures; and
evaluating misstatements.”
ISA 320 emphasises that the assessment of what is

material is a matter of professional judgement.

Audit materiality - considerations - economic decisions of users
The ISA refers to “professional judgement” and the Investors and advisers
“amount” and “nature” of misstatements as Providers of capital are concerned with the risk and return of
considerations. It also recognises that the auditor’s their investment. They need information:
determination of materiality is affected by the auditor’s • for decision-making (buy, hold or sell?)
perception of the information needs of users of the financial • to assess the enterprise’s ability to pay dividends
statements and says that it is reasonable for the auditor to
assume that users: Employees
• have a reasonable knowledge of business and economic • stability and profitability of employers
activities and accounting and are willing to study the • ability to provide remuneration, retirement benefits and
financial statements with reasonable diligence employment opportunities
• understand that financial statements are prepared and
audited to levels of materiality Lenders (i.e. banks)
• recognize the uncertainties inherent in measurements • whether loans and interest will be paid when due
based on estimates, judgement and the consideration of
future events Suppliers and creditors
• make reasonable economic decisions on the basis of the • whether amounts owing will be paid when due
information in the financial statements
Customers
In practical terms the information needs of users will vary. • continuance - important for long-term involvement with, or
dependence on, the enterprise

Audit materiality - considerations - economic decisions of users
Governments The auditor ordinarily reports to the shareholders who

• allocation of resources and, therefore, activities of are of primary importance when setting materiality levels.
enterprises Different users base their assessment of materiality on
• Information to regulate activities, determine taxation different criteria.
policies and as the basis for national income and similar
statistics For example
A bank considering a loan application will consider matters to
Public be material if they affect the company’s:
• contribution to local economy including number of • profit before interest (affects interest cover)
employees and patronage of local suppliers • net assets (affects solvency)
• trends and recent developments in prosperity and range
of activities
Management
• to plan, make decisions and control operational activities

Audit materiality - considerations - amount
In designing the audit plan, the auditor sets acceptable As a “yardstick”, materiality must be relevant to the user
materiality levels so as to detect quantitatively material rather than the preparer of financial statements. “Critical
misstatements. points” include those at which:
profit → loss
When establishing the overall audit strategy the auditor net current assets → net current liabilities
shall determine materiality for the financial statements as a
whole. Note that although net current assets (liabilities) is a required
disclosure for UK companies, it is not a balance drawn by IAS
1 “presentation of financial statements”.
In general context
In a particular context
Look at an item in relation to financial statements as a whole,
e.g. comparison to: Comparing an item to a category as a whole e.g. an inventory
• revenue error of $50,000 compared to total inventory value of
• profit before taxation $650,000.
• total assets
• capital and reserves Misstatements of relatively small amounts could,
cumulatively, have a material effect on financial
statements, e.g. an error in a month end procedure could be
repeated each month. These could remain undetected if the
audit plan was based around the overall materiality level.

Audit materiality - considerations - amount
Performance materiality
In addition to the overall materiality level, ISA 320 • key disclosures in the industry in which the entity operates
requires auditor to establish a performance materiality (for example, research and development costs for a
level. Performance materiality means the amount or amounts pharmaceutical industry)
set by the auditor at less than materiality for the financial
statements as a whole, to reduce to an appropriately low level • where attention is focused on a particular aspect of the
the probability that the aggregate of uncorrected and entity’s business that is separately disclosed (for example,
undetected misstatements exceeds materiality for the a newly acquired business)
financial statements as a whole.
Some balances are capable of “precise determination” -
others are not.
Materiality levels for particular classes of transactions,
account balances or disclosures. There may be particular Capable of “precise determination”:
items where misstatements of lesser amounts than materiality • e.g. directors’ emoluments and share capital
for the financial statements as a whole could be reasonably • any error (however small) may be considered material and
expected to influence the economic decisions of users: adjusted
• where users’ expectations of the measurement or
disclosure of certain items are affected by law, regulation Not capable of “precise determination”:
or the applicable accounting framework (for example the • e.g. inventory provisions and contingent liabilities
disclosure of management remuneration) • some degree of latitude is acceptable

Audit materiality - considerations - nature
Examples of qualitative misstatements
Inadequate or improper description of an accounting

policy, when user might be misled.
Failure to disclose the breach of regulatory requirements,

when consequent restrictions might impair operating
capability.

Audit materiality - audit conduct - planning materiality

“Preliminary” materiality
Assessment based on latest available reliable financial

information related to specific account balances and classes
of transactions.
ISA 320 emphasises the importance of audit judgement in

assessing materiality but recognises that it may be
appropriate to use benchmarks such as those illustrated in
this section.
% guides Use of “standard” thresholds provides consistency
between audits
5 - 10% profit
0.5 - 1% net assets
Less than lower limit is immaterial; greater than
1 - 2% total assets upper limit is material
0.5 - 1% revenue

Exercise - planning materiality

Consider conducting an audit for a company with the following

profile: Consider your answer to the question, when you are ready click next to
Revenue $5,000,000 You may wish to discuss this with a colleague before finally submitting it.
Total assets $6,250,000
Profit before tax $417,000
Based on this profile complete the following questions:

1. Comment on the suitability of setting a materiality level for
planning purposes at:
a. $20,000
b. $40,000
c. $100,000
2. Justify a materiality level which you consider to be more

suitable (if any).

Exercise - effect on audit work

Trade receivables total approximately $210,000 made up as

follows: Consider your answer to the question, when you are ready click next to
Value range Number of Total You may wish to discuss this with a colleague before finally submitting it.
$000’s balances $000’s
10 - 15 2 22.3 You can then review the ideas of other students on this subject.
5 - 10 6 41.5
1-5 40 87.0
0-1 89 59.6
Total 137 210.4
Prepayments amount to $16,450.
Suggest how a materiality level of $25,000 may affect audit

procedures on trade receivables and prepayments.

Audit materiality - audit conduct - relationship with audit risk
The auditor’s understanding of the entity and its Assessment of materiality helps the auditor decide what
environment helps the auditor to establish materiality and items to examine and the extent to which the auditor can
to evaluate whether the judgement about materiality remains use sampling and substantive analytical procedures. This
appropriate as the audit progresses. enables the auditor to select audit procedures that, in
combination, can be expected to reduce audit risk to an
As seen in Module 2 acceptably low level.
Audit risk is the risk that the auditor expresses an The relationship between materiality and the level of audit
inappropriate audit opinion when the financial statements risk is described as “inverse” (i.e. the higher the materiality
are materially misstated. Audit risk is a function of the risks level, the lower the audit risk and vice versa). Low monetary
of material misstatement and detection risk. materiality equals higher audit risk which leads to more tests
of controls or substantive procedures.
Materiality and audit risk are considered throughout the
audit, in particular when: Revision as the audit progresses
• identifying and assessing the risks of material
misstatement The auditor shall revise materiality for the financial
• determining the nature, timing and extent of further audit statements as a whole (and performance materiality and
procedures levels of materiality for particular classes of transactions,
• evaluating the effect of uncorrected misstatements, if any, account balances or disclosures) if the auditor becomes
on the financial statements and in forming the opinion in aware of information during the audit that would have caused
the auditor’s report the auditor to have determined a different amount (or
amounts) initially).

Audit materiality - evaluation of misstatements - ISA 450
In the auditor’s report, the auditor’s responsibility is to Further considerations, if aggregate may be material:
conclude whether reasonable assurance has been obtained • any further adjustments which management propose or
about whether the financial statements as a whole are free are prepared to make; management are more likely to
from material misstatement. adjust for a specific misstatement than a projected error
• the impact (if any) on critical points
The auditor shall accumulate misstatements identified • whether projected errors can be reduced (to bring the
during the audit, other than those that are clearly trivial. aggregate below an acceptable threshold) by extending
The auditor shall determine whether the audit strategy and audit procedures
audit plan need to be revised if:
• the nature and circumstances of the misstatements If management refuses to adjust the financial statements
indicate that other misstatements may exist that, and the results of extended audit procedures do not enable
aggregated with misstatement accumulated during the the auditor to conclude that the aggregate of uncorrected
audit, could be material, or misstatements is not material, the auditor should consider the
• the aggregate of misstatements accumulated during the appropriate modification to the auditor’s report in accordance
audit approaches materiality with ISA 700 “forming an opinion and reporting on financial
statements”.
Uncorrected misstatements = specific misstatements +
best estimate of other misstatements.

Exercise - evaluation of misstatements

During the course of an audit, the following three errors are

discovered: Consider your answer to the question, when you are ready click next to
Trade accounts receivable Overstated by $40,000 You may wish to discuss this with a colleague before finally submitting it.
Inventories Overstated by $58,000
Trade payables Understated by $80,000
$100,000 is considered to be material.
Determine the minimum adjustment (if any) that must be

made for the presentation of the financial statements to be
evaluated as fair if (1) all three errors affect profit and (2) only
error two affects profit.

What you have learned - audit materiality

now be able to:
• define and illustrate the concepts of materiality
• assess planning materiality
• evaluate the effect of misstatements

When can percentages be used to decide if something is Care should always be exercised when using
material? percentages for establishing materiality. As a general rule
the following provides a rough guide:
To reveal our answer, click below:

Likely conclusion Profit before tax Turnover Total assets
Probably not
<5% < 0.5% <1%
material
Possibly material >5% and <10% >0.5% and <1% >1% and < 2%
Probably material >10% >1% >2%
However, when profits are small (or losses) the profit

measure should not be used. Remember also that some
matters are material, irrespective of the monetary amounts
involved (and therefore %) e.g. matters that are required to be
(such as transactions involving directors and other related
parties).

Module review
Although the topics in this module have been considered

under “planning” it is important to appreciate that they
have relevance throughout the conduct of an audit:
The audit strategy and plans drawn up at the planning

stage must be revised as necessary to take account of new
information and the results of audit procedures undertaken.
Understanding of the entity and its environment is

accumulated - not only to provide the means for planning
how the audit objectives will be achieved, but also to enable
the auditor to draw informed conclusions.
The preliminary assessment of materiality made at the

planning stage is essential to determining the nature, timing
and extent of audit procedures - however, materiality is re-
evaluated before a conclusion on the financial statements as
a whole can be drawn.

Module 5 quick quiz


Question 1
A document whose primary purpose is to describe the scope and content of an audit is
commonly known as:
A An engagement letter
B An audit strategy
C An audit program
D A management letter

Question 2
The principal reason for planning an audit is so as to:
A Perform the audit in an effective manner

B Formulate and agree a timetable with the
client
C Advise the client of the approximate fee
D Ensure that the audit team know what is
expected of them

Question 3
The primary purpose of an audit plan (audit program) is to provide:
A A series of detailed questions to

ascertain and evaluate all important
characteristics of the system of internal
control in operation
B A list of disclosure and other
requirements which must be met in order
to ensure compliance with ISAs,
statutes, accounting standards and stock
exchange rules
C A list of general instructions on the audit
firm’s methods of auditing in each area
and the firm’s general procedures
D A set of instructions to audit assistants
and as a means to control and record the
execution of their work

Question 4
The auditor’s primary objective in obtaining an understanding of the entity is:
A To identify and understand the events and

transactions that may significantly affect
B To assess the risk of fraudulent financial
reporting
C To understand industry specific
requirements
D To plan for the audit to be performed in an
effective manner

Question 5
On which of the following matters is understanding the business least likely to be
relevant to the auditor?
A Non-compliance with international financial

reporting standard
B Assessments of inherent and control risk
C Evaluating management representations
D Identifying related party transactions

Question 6
Which of the following best describes a material item of information?
A Its omission or misstatement could

influence the economic decisions of
users of the financial statements
B It is significant in relation to specific
account balances and classes of
transactions
C It provides a threshold between such
critical points as profit to loss
D It is a matter to be judged qualitatively
and quantitatively

Question 7
The following errors, which all affect profit, are discovered during an audit:
1. Trade payables understated by $40,000.

2. Inventories overstated by $29,000.
3. Trade accounts receivable overstated by $20,000.
If $50,000 is considered to be material, the minimum adjustment that must be made for the
presentation of the financial statement to be evaluated as fair is:
A Nil
B $39,000
C $50,000
D $89,000

Module 6: Internal control and risk assessment Certificate in International Auditing

Communicating deficiencies in internal control to those

charged with governance and management – ISA 265
• What is meant by significant deficiency in internal control
• How and to whom should significant deficiencies be
communicated
Assessing the risks of material misstatements - ISA 315

• assessing the risks of material misstatement
• the auditor’s procedures in responding to assessed risks
(ISA 330)
• responding to material assessments at the assertion level
• tests of controls
• substantive procedures
• audit, inherent, control and detection risks and risk
assessment
Audit considerations relating to an entity using a service

organisation- ISA 402
• audit considerations relating to entities using service
organisations
• how service organisations affect risk assessments
• considerations of the auditor and auditor’s reports

Introduction
This module examines in detail the need to obtain an
understanding of the entity and its environment and
assessing the risks of material misstatement. It also deals
with the auditor’s procedures in response to assessed risk.
The audit risk standards (ISA 315, ISA 330) have been
redrafted under the Clarity Project principles. The
components of audit risk are discussed in the revised and
redrafted ISA 200 “overall objectives of the independent
auditor and the conduct of an audit in accordance with
international standards on auditing”.
This module also covers the implications for the auditor

where the entity makes use of a service organisation,
such as a computer services provider. ISA 402 “Audit
considerations relating to an entity using a service
organisation” gives guidance in this area.


Objective
“The objective of the auditor is to identify and To describe the concept of materiality and its relationship
assess the risks of material misstatement, whether with audit risk.
due to fraud or error, at the financial statement and
assertion levels, through understanding the entity
and its environment, including the entity’s internal Risk assessment procedures include:
• inquiries of management and of others within the entity
control, thereby providing a basis for designing and • analytical procedures
implementing responses to the assessed risks of • observation and inspection
material misstatement.”


Risks for which substantive procedures alone do not
provide sufficient appropriate audit evidence.
“The auditor shall determine which of the risks
identified are, in the auditor’s judgement, risks that In respect of some risks, the auditor may judge that it is
not possible or practicable to obtain sufficient
require special audit consideration (such risks are
appropriate audit evidence only from substantive
defined as ‘significant risks’).” procedures. In such cases, the entity’s internal controls over
Factors to be considered: such risks are relevant to the audit and the auditor shall
• whether the risk is a risk of fraud obtain an understanding of them.
• whether the risk is related to recent significant economic,
accounting or other developments These risks may relate directly to the recording of routine
• the complexity of transactions classes of transactions and may include the risk of
• whether the risk involves significant related party inaccurate or incomplete processing of significant
transactions classes of transactions such as revenue, purchases, and
• the degree of subjectivity in the measurement of financial cash receipts or cash payments. The auditor may consider
information this to be the case where a significant amount of the entity’s
• whether the risk involves significant transactions that are information is initiated, recorded, processed or reported only
outside the normal course of business for the entity, or in electronic form in an integrated system.
that otherwise appear to be unusual
When the auditor has determined that a significant risk

exists, the auditor shall obtain an understanding of the
entity’s controls, including control activities, relevant to that
risk.


Documentation
The auditor shall document:

• the discussion among the engagement team regarding
the susceptibility of the entity’s financial statements to
material misstatements due to error or fraud, and the
significant decisions reached
• key elements of the understanding obtained regarding
each of the aspects of the entity and its environment
including each of the internal control components
identified to assess the risks of material misstatement of
the financial statements; the sources of information from
which the understanding was obtained; and the risk
assessment procedures
• the identified and assessed risks of material misstatement
at the financial statement level and at the assertion level
• the risks identified and related controls about which the
auditor has obtained an understanding

The auditor’s procedures in responding to assessed risks – ISA 330

Objective
To describe the procedures that the auditor should Irrespective of the assessed risks of material
employ in responding to assessed risks at the financial misstatement, the auditor shall design and perform
statements level. substantive procedures for each material class of
The following is an overview of the requirements of this transactions, account balance and disclosure.
standard:
• the auditor shall design and implement overall responses The auditor shall evaluate whether the risk assessments
to address risks of material misstatement at the financial remain appropriate and to conclude whether sufficient
statements level appropriate audit evidence has been obtained.
• more persuasive audit evidence shall be obtained the
higher the auditor’s assessment of risk The auditor should document the overall responses to
• The auditor shall design and perform tests of controls to address the assessed risks of material misstatements at
obtain sufficient appropriate audit evidence as to the the financial statements level and the nature, timing and
operating effectiveness of relevant controls when: extent of the further audit procedures, the linkage of these
a. the auditor’s assessment of risks of material procedures with the assessed risks at the assertion level, and
misstatement at the assertion level includes an the results of the audit procedures.
expectation that the controls are operating
effectively; or
b. substantive procedures alone cannot provide
sufficient appropriate audit evidence at the
assertion level

Responding to assessed risks of material misstatements at the assertion level

Whether the auditor performs only substantive
procedures or a mix of tests of controls and substantive
“The auditor shall design and perform further audit procedures will be determined by the outcomes of the
procedures whose nature, timing, and extent are auditor’s assessment of the effectiveness of controls and the
efficiency of testing such effectiveness. The auditor needs to
responsive to the assessed risks of material
be satisfied that performing only substantive procedures for
misstatements at the assertion level.” the relevant assertion would be effective in reducing the risk
of material misstatement to an acceptably low level.
The purpose of this standard is to provide matters which
should be considered including: In small entities, there may not be many control activities
• the significance of the risk that could be identified by the auditor. For this reason, the
• the likelihood that a material misstatement will occur auditor’s further audit procedures are likely to be primarily
• the characteristics of the class of transactions, account substantive procedures. In such cases the auditor should
balance, or disclosure involved consider whether in the absence of controls it is possible to
• the nature of the specific controls used by the entity and obtain sufficient appropriate audit evidence.
in particular whether they are manual or automatic
• whether the auditor expects to obtain audit evidence to
determine if the entity’s controls are effective in
preventing, or detecting and correcting, material
misstatements

Responding to assessed risks of material misstatements at the assertion level

The nature of further audit procedures refers to: The auditor may perform tests of controls or substantive
• their purpose (i.e. either tests of controls or substantive procedures at an interim date or at period end.
procedures) Determination of when to perform audit procedures should be
• their type, which could be one of: informed by considering the following:
a. inspection of records and documents • the control environment
b. inspection of tangible assets • when relevant information is available
c. observation • the nature of the risk
d. inquiry • the period or date to which the audit evidence relates
e. confirmation
f. recalculation The extent of further audit procedures includes the
g. re-performance quantity of a specific audit procedure to be performed
h. analytical procedures (e.g. sample size or number of observations of a control
activity). The extent is determined by the auditor after
The timing of further audit procedures refers to when determining:
audit procedures are performed or the period or date to • the materiality
which the audit evidence applies. • the assessed risk
• the degree of assurance the auditor wishes to obtain
The auditor should always ensure that the procedure is

relevant to the specific risk – the auditor should consider
the nature of the audit procedure.

Responding to assessed risks of material misstatements – tests of controls

The auditor is required to perform tests of controls when: For example the auditor may find it impossible to design
• the auditor’s risk assessment includes an expectation of effective substantive procedures that by themselves
the operating effectiveness of controls; or provide sufficient appropriate audit evidence at the
• substantive procedures alone do not provide sufficient assertion level when an entity conducts its business using IT
appropriate audit evidence at the assertion level (Information Technology) and no documentation of
transactions is produced or maintained, other than through
When the auditor’s assessment of risks of material the IT system.
misstatement at the assertion level includes an
expectation that controls are operating effectively, the Tests of operating effectiveness of controls are
auditor should perform tests of controls to obtain sufficient performed only on those controls that the auditor has
appropriate audit evidence that the controls were operating determined are suitably designed to prevent, or detect and
effectively at relevant times during the period under audit. correct a material misstatement in an assertion.
When the auditor has determined that it is not possible or Performing risk assessment procedures provides the
practicable to reduce the risks of material misstatement auditor with evidence that an entity has, and is using,
at the assertion level to an acceptably low level with audit relevant controls whereas performing tests of the operating
evidence obtained only from substantive procedures, the effectiveness of controls provides the auditor with evidence
auditor should perform tests of relevant controls to obtain that the controls operate effectively.
audit evidence about their operating effectiveness.

Nature of tests of controls

The auditor should perform other audit procedures in
combination with inquiry to test the operating effectiveness
of controls.
The absence of misstatements detected by a substantive

procedure does not provide audit evidence that controls
related to the assertion being tested are effective.

Timing of tests of controls

The timing of tests of controls depends on the auditor’s If the auditor plans to rely on controls that have changed
objective and determines the period of reliance on the since they were last tested, the auditor shall test the
controls. operating effectiveness of such controls in the current audit.
If the auditor plans to rely on controls that have not

When the auditor obtains audit evidence about the changed since they were tested, the auditor shall test the
operating effectiveness of controls during an interim operating effectiveness of such controls in every third audit
period, the auditor shall: (or more frequently if the auditor so decides).
• obtain audit evidence about significant changes to those
controls subsequent to the interim period When there are a number of controls for which the
• determine what additional audit evidence should be auditor determines that it is appropriate to use audit
obtained for the remaining period evidence obtained in prior audits, the auditor should test
the operating effectiveness of some controls each audit.
If the auditor plans to use audit evidence about the When the auditor has determined that an assessed risk of
operating effectiveness of controls obtained in prior material misstatement at the assertion level is a
periods, the auditor shall obtain audit evidence about significant risk and the auditor plans to rely on the operating
whether changes in those specific controls have occurred effectiveness of controls intended to mitigate that significant
subsequent to the prior period. The auditor should obtain this risk, the auditor shall obtain the audit evidence about the
evidence by performing inquiry in combination with operating effectiveness of those controls from tests of controls
observation or inspection to confirm the understanding of performed in the current period.
those specific controls.

Extent of tests of controls

The auditor designs tests of controls to obtain sufficient The more the auditor relies on the operating
appropriate audit evidence that the controls operated effectiveness of controls in the assessment of risk, the
effectively throughout the period of reliance. Matters the greater the extent of the auditor’s tests of controls.
auditor may consider in determining the extent of the auditor’s
tests of controls include the following: Due to the inherent consistency of IT processing (when
• the frequency of the performance of the control by the the computer program or the permanent data remain
entity during the period unchanged), the auditor may not need to increase the extent
• the length of time during the audit period that the auditor is of testing of an automated control.
relying on the operating effectiveness of the control
• the relevance and reliability of the audit evidence to be
obtained in supporting that the control prevents, or detects
and corrects, material misstatements at the assertion level
• the extent to which audit evidence is obtained from tests
of other controls related to the assertion
• the extent to which the auditor plans to rely on the
operating effectiveness of the control in the assessment of
risk (and thereby reduce substantive procedures based on
the reliance of such controls)
• the expected deviation from the control

Responding to assessed risks of material misstatements - substantive procedures

Substantive procedures are performed in order to detect The auditor’s substantive procedures shall include the
material misstatements at the assertion level, and include following audit procedures related to the financial
tests of details of classes of transactions, account balances, statement closing process:
and disclosures and substantive analytical procedures. The • agreeing the financial statements to the underlying
auditor plans and performs substantive procedures to be accounting records
responsive to the related assessment of the risk of material • examining material journal entries and other adjustments
misstatement. made during the course of preparing the financial
statements
Irrespective of the assessed risk of material When the auditor has determined that an assessed risk of
misstatement, the auditor shall design and perform material misstatement at the assertion level is a
substantive procedures for each material class of significant risk, the auditor should perform substantive
transactions, account balance, and disclosure. procedures that are specifically responsive to that risk.

Responding to assessed risks of material misstatements - substantive procedures - nature & timing
Nature of substantive procedures Timing of substantive analytical procedures
Substantive procedures are either substantive analytical When substantive procedures are performed at an interim
procedures or tests of details. date, the auditor shall perform further substantive
procedures or substantive procedures combined with
The auditor should link the direction of testing with the tests of controls to cover the remaining period that provide a
audit assertion (i.e. for overstatement – existence or reasonable basis for extending the audit conclusions from the
occurrence select items from financial statements and for interim date to the period end, or if the auditor determines that
understatement – completeness select items from an it is sufficient, further substantive procedures only.
alternative population, that indicating that an item should be
included in the relevant financial statement amount and If misstatements are detected in classes of transactions
investigate whether it has been so included). or account balances at an interim date, the auditor
ordinarily modifies the related assessment of risk and planned
nature, timing, or extent of the substantive procedures
covering the remaining period that relate to such classes of
transactions or account balances, or extends or repeats such
audit procedures at the period end.

Responding to assessed risks of material misstatements - substantive procedures – extent

Extent of the performance of substantive procedures
The greater the risk of material misstatement, the greater

the extent of substantive procedures. Because the risk of
material misstatement takes account of internal control, the
extent of substantive procedures may be increased as a
result of unsatisfactory results from tests of the operating
effectiveness of controls. However, increasing the extent of
an audit procedure is appropriate only if the audit procedure
itself is relevant to the specific risk.
The auditor shall perform audit procedures to evaluate

whether the overall presentation of the financial
statements, including the related disclosures, are in
accordance with the applicable financial reporting framework.

Sufficiency of evidence
If the auditor has not obtained sufficient appropriate audit
evidence as to a material financial statement assertion,
“Based on the audit procedures performed and the the auditor shall attempt to obtain further audit evidence. If the
audit evidence obtained, the auditor shall evaluate auditor is unable to obtain sufficient appropriate audit
evidence, the auditor should express a qualified opinion or a
whether the assessments of the risks of material
disclaimer of opinion.
misstatement at the assertion level remain
appropriate.
“The auditor shall conclude whether sufficient

appropriate audit evidence has been obtained. In
forming an opinion, the auditor shall consider all
relevant audit evidence, regardless of whether it
appears to corroborate or to contradict the
assertions in the financial statements.”

Responding to assessed risks of material misstatements - substantive procedures – documentation

The auditor shall document the overall responses to
address the assessed risks of material misstatement at
the financial statement level and the nature, timing, and
extent of the further audit procedures, the linkage of those
procedures with the assessed risks at the assertion level, and
the results of the audit procedures. In addition, if the auditor
plans to use audit evidence about the operating effectiveness
of controls obtained in prior audits, the auditor shall document
the conclusions reached with regard to relying on such
controls that were tested in a prior period.
The auditor’s documentation shall demonstrate that the

financial statements agree or reconcile with the underlying
accounting records.

Assessing the risks of material misstatements - risk - audit or “ultimate” risk

Relationship with materiality
“The risk that the auditor gives an inappropriate The relationship between materiality and the level of audit
audit opinion when the financial statements are risk is described as “inverse” (i.e. the higher the materiality
level, the lower the audit risk and vice versa).
materially misstated.”
For example, if acceptable materiality level is lower, audit
Audit risk is also called “ultimate risk” risk is increased. The auditor compensates for this by either:
• reducing the assessed risk of material misstatement (if
Audit risk is a function of the risk of material possible) and carrying out extended or additional tests of
misstatement (inherent risk and control risk – i.e. the risk that controls, or
the financial statements are misstated prior to audit) and the • reducing detection risk by modifying the nature, timing and
risk that the auditor will not detect such misstatement extent of planned substantive procedures
(“detection risk”).
For example, issuing an unmodified opinion where, in

fact, a modified opinion was appropriate.
An overall acceptable level of audit risk may be quantified

as a matter of practice (i.e. audit firm) policy (e.g. 5%).
This % may provide the basis for mathematical derivation of
detection risk and sample sizes, e.g. where statistical
sampling techniques are used.

Assessing the risks of material misstatements - inherent risk

Note the assumption - if it is not assessed as less than
high, it is assumed to be high - this is also true of control
“The susceptibility of an assertion (account balance risk. The ISAs do not ordinarily refer to inherent risk and
or class of transactions) to misstatement that control risk separately, but rather to a combined assessment
of the ‘risk of material misstatement’. The auditor is at liberty
could be material (individually or in aggregate)
to make separate or combined assessments of inherent and
assuming no related internal controls.” control risk depending on preferred audit techniques or
methodologies and practical considerations.
Basic principle Financial statement vs. assertion levels
Inherent risk should be: Auditor assess:

• assessed at the financial statement level - in developing • at financial statements level → overall audit strategy
the overall audit plan • at account balance and class of transaction level → audit
• assessed at the assertion level (see below) or otherwise program
assumed to be high - in developing the audit program
Financial statement assertions concern account balances
and classes of transactions. Thus the “assertion level” is a
more concise way of referring to the “account balance and
class of transactions level”.

Exercise - inherent risk
State at which level, financial statements or assertion, the 10. Numerous locations and geographical spread of
following factors would be evaluated: production facilities.
11. Changes in consumer demand.
1. Doubts about the integrity of management. 12. Transactions not subject to ordinary processing.
2. Management inexperience in the preparation of the
financial statements.
3. Accounts which involve a high degree of estimation. Consider your answer to the question, when you are ready click next to
4. Entity lacks sufficient capital to continue operations. enter it into the course blog.
5. Potential for technological obsolescence of products and
services. You may wish to discuss this with a colleague before finally submitting it.
6. Complex underlying transactions and events which might
require using the work of an expert.
7. Complex capital structure.
8. Highly desirable and movable assets (e.g. cash)
susceptible to loss or misappropriation (e.g. theft,
embezzlement).
9. Unusual and complex transactions completed at or near
the period end.

Assessing the risks of material misstatements - inherent risk - explanation

Consider doubts about the integrity of management, In conclusion then, doubts about management integrity
could that inherent risk affect the financial statements as have a pervasive effect on the financial statements as a
a whole or just a few individual account balances? whole and so this risk is assessed at the financial
Suppose management wanted to overstate profit (e.g. in statement level. Consider cash balances (i.e. physical
order to pay themselves bonuses). To increase profit money rather than bank balances). These balances may be
management could: very small in relation to the assets as a whole (e.g. cash floats
• overstate revenue (e.g. by bringing forward next year’s in the till/register of a shop). At the financial statement level
sales revenue into the current year - i.e. a deliberate cut- the auditor may take no account of these and so ignore them
off error) in the overall audit plan.
• understate costs (e.g. by suppressing purchase and
expense invoices) However, cash is inherently risky (because it can be
stolen if safeguards are not adequate) and cannot be
Because every Dr has a Cr there are then implications for
ignored at the account balance level. In a cash-based
the statement of financial position:
business (i.e. cash revenue, purchases and assets paid for in
• overstatement of trade receivables (because they do not
cash) this would be considered at the financial statement level
owe the money at the year end)
(i.e. in the preparation of the overall audit strategy) because,
• understatement of trade payables (because liabilities are
again, it has a pervasive effect.
not recorded)
Profit could also be increased by understating provisions Numerous locations are likely to involve one or more of:
against assets: • “consolidation”
• obsolescence provisions against inventory • transfer pricing
• depreciation provisions against tangible long-term assets • inventory/tangible asset movements
• bad and doubtful debt provisions (allowances) against
trade receivables

Assessing the risks of material misstatements - inherent risk - explanation

Lower risk factors:
• established stable industry, little influenced by external
conditions
• strong control environment, control conscious
management - little chance of management override
• long-standing audit client, requiring few adjustment with
unmodified opinions
• low labour turnover (of management and employees)
• experienced, competent management
• restricted share ownership (i.e. private limited companies)
Note: the “converse” of these factors give rise to a higher

risk assessment.

Exercise - control risk
“The risk that a misstatement that could occur (at Consider your answer to the question, when you are ready click next to
the assertion level) and be material will not be
prevented; or detected and corrected on a timely You may wish to discuss this with a colleague before finally submitting it.
basis by the accounting and internal control You can then review the ideas of other students on this subject.
system.”
In other words, given that risks arise (inherent risk),
control risk is the risk that they are not dealt with by the
client’s systems.
Suggest six factors which may indicate high control risk.

Assessing the risks of material misstatements - control risk - preliminary assessment

There will always be some control risk because of the
The evaluation of the effectiveness of the inherent limitations of any accounting and internal
“ control system.
accounting and internal control systems in
preventing, detecting, correcting material Control risk will be assessed as high when:
misstatements .” • accounting and internal control systems are not effective;
or
Basic principles and essential procedures • evaluating the effectiveness of accounting and internal
control systems would not be an efficient audit approach
The preliminary assessment of control risk should be:
assessed at the assertion level for each material account
balance or class of transactions assumed to be high
UNLESS:
• internal controls which are likely to prevent/detect/correct
material misstatement relevant to the assertion are
identified
• tests of controls are planned to be performed to support
the assessment

Assessing the risks of material misstatements - risk assessment - documentation

Objective
ISA 315 does not prescribe how the risk assessment

should be documented. The manner in which matters are
documented is for the auditor to determine using professional
judgement. This section outlines generally accepted auditing
practice for documenting the understanding and assessment
of control risk.

Exercise - risk assessment - documentation

Comparison of common techniques
Please review the following exercise: Answer all the following statements for all three methods:
a. easy to read/understand
Indicate the relative advantages of the following three b. little formal training required
methods. Use Y for an advantage, X for not an advantage
c. quick
and a ? for possibly an advantage. The three methods are:
1. Narrative Notes. d. comprehensive
2. Flowcharts. e. diagrammatic/visual
3. Questionnaires. f. highlights key features/controls
g. standardised
h. little narrative necessary
i. “story” approach
j. easy to amend
k. used to assess controls

Assessing the risks of material misstatements - "walk through" tests
Definition
Involves tracing a few transactions through the

accounting system.
Objectives
To obtain knowledge of the design and operation of the

system.
To confirm that there is no reason to suppose that the

system does not operate in the manner recorded, but
insufficient to support control risk assessment.

Assessing the risks of material misstatements - flow charts

Purpose
• to reduce procedures to basic components and Document (e.g. sales File with letter in centre:
emphasize logical relationships order) ‘A’ for alphabetical order
• to facilitate tracing a connected pattern of activity from ‘N’ for numerical order
‘D’ for date order
beginning to end Account book ‘T’ (TA, TN or TD) for
• to depict a sequence of events and the temporary filing
department/function responsible for each
Pre-numbered set Document flow
Symbols
Three parts or copies Information flow
The following symbols are used within typical flowcharts:
‘Ghosting’ of documents Documents crossing
Operation Time flow of document
Connect to additional
Alternative routine
chart e.g. ref: A4
Connect from chart e.g.

Check or inspection
ref: A4

Assessing the risks of material misstatements - flow charts

Illustration
The following is an example of a typical flowchart, Narrative Op no F Bloggs A Clark

note the use of the symbols:
Passed Delivery
note
daily from
warehouse
Sales
Invoice 1 ledger
raised Invoice
Quantities 2
checked
Posted 3 D
weekly

Assessing the risks of material misstatements - internal control questionnaires

IQ features Illustration
Client Normanton
Checklists of questions designed to: Year end
31 December Prepared BE
• discover the existence of internal controls 2008 by Mignano
• identify possible areas of weakness Cycle Sales Date 7.5.08
Yes/No Flowchart
Questions are framed in order to highlight situations or N/A reference
where: 1. To ensure all orders received are processed
• there is no subdivision of duties between essential to keep errors to a minimum
● Are persons responsible for preparation of sales
functions orders independent of credit control, custody of
• controls do not exist, or inventory and recording sales transactions?
• essential aspects of management supervision of controls ● Are sales orders pre-numbered?
do not exist ● Do sales order clerks check the goods ordered
are available in quantity and quality required?
● Are standard prices, delivery and payment terms
An ICQ is phrased consistently so that, for example, a
in written form for the use of sales order clerks?
“yes” answer indicates a strength, and a “no” answer a
2. To ensure that sales orders are not accepted
weakness.
in respect of a bad credit risk
● Is the credit controller independent of the sales
Weaknesses should be cross-referenced to the relevant order clerks?
part of the audit program. ● Are new credit customers vetted for credit-
worthiness by reference to independent persons or
organisations? etc.

Assessing the risks of material misstatements - internal control questionnaires - construction

Step 1: identify the cycle Step 4: ask “what could go wrong?”
For example, for sales:

• what do we start with? opening trade Customer order
receivables Can goods be
• what do we do to change transactions Sales order despatched without
it? authorisation?
• what do we end up with? closing trade receivables Can invoice be
raised if no goods Despatch note Can goods be
despatched? despatched
Step 2: consider overall audit approach but not invoiced?
Invoice
• opening balances - agree to prior year working papers Can invoices be
• transactions - controls help ensure completeness and raised
Sales day book but not recorded?
accuracy
• closing balances - auditor can obtain comfort on Can goods be
General ledger Dr
completeness and accuracy Sales (receivables)
Sales charged
(receivables) to the wrong
ledger control
ledger customer?
Step 3: break down the transaction types into account Cr sales
components
Customer order → sales order → dispatch note → sales

invoices → sales day book → ledger(s)

Assessing the risks of material misstatements - internal control questionnaires - construction

Step 5: formulate internal control questions
Questions should be phrased consistently e.g.:

• are invoices pre-numbered and issued in strict numerical
sequence?
• are there procedures to ensure that all invoices are
cancelled?
Alternative structure
Instead of structuring “subsidiary” questions around “key”

questions, the objectives can be rephrased as control
objectives e.g.:
Can goods be ordered without authorization? → To ensure
that goods cannot be ordered without authorization.

Exercise - internal control questionnaires - construction

Use the steps on pages 35-36 to break down the purchases

cycle into its components and generate four key control Consider your answer to the question, when you are ready click next to
questions.

Assessing the risks of material misstatements - internal control evaluations - ICEs description
An ICE may be used as well as or instead of an ICQ. Many
audit firms make no distinction between an ICQ and an ICE.
However, an ICE usually goes further than an ICQ and:

• contains only key control questions on which reliance is
sought
• records the key control which satisfies the key control
question (an ICQ may well be required to distinguish the
key control from the non-key controls)
• describes nature and extent of tests of controls
• records test conclusions and how substantive procedures
effected

Assessing the risks of material misstatements - detection risk

Vary detection risk Basic principle
Methods For example, where inherent and control For a given level of audit risk, the acceptable level of
risk are high detection risk bears an inverse relationship to the
1. Change nature of → Direct tests towards independent assessment of the risk of material misstatement at the
audit work parties rather than documentation
within entity
assertion level. The greater the risk of material misstatement
the auditor believes exists, the less the detection risk that can
→ Use tests of detail in addition to
analytical procedures be accepted. Conversely, the less the risk of material
misstatement the auditor believes exists, the greater the
detection risk that can be accepted.
2. Change extent of → Use a larger sample size
audit work
3. Change timing of → Perform a procedure at the period

audit work end rather than at an earlier (interim)
date

What you have learned - assessing the risks of material misstatements

now be able to:
• describe the methods by which risk and risk assessment
are documented
• prepare narrative notes and/or extracts of questionnaires
• deal with risk assessment and internal controls

Communicating deficiencies in internal control to those charged with governance and management –
ISA 265
Communicating deficiencies in internal control to those Where the auditor has identified one or more deficiencies in
charged with governance and management – ISA 265 internal control, the auditor shall determine whether
individually or in combination, they constitute significant
deficiencies.
“The objective of the auditor is to communicate A significant deficiency in internal control is one that, in the
appropriately to those charged with governance and auditor’s professional judgment, is of sufficient importance to
merit the attention of those charged with governance.
management deficiencies in internal control that the Significant deficiencies should be communicated in writing on
auditor has identified during the audit and that, in the a timely basis. This written communication should include a
auditor’s professional judgment, are of sufficient description of the deficiencies and their potential effects.
importance to merit their respective attentions.”
A deficiency in internal control exists where:

• A control is unable to prevent, or detect and correct,
misstatements in the financial statements on a timely
basis, or
• A control to prevent, or detect and correct, misstatements
in the financial statements on a timely basis is missing.

Significant deficiencies in internal control

Examples of matters that should be considered in ISA 265 suggests that the appropriate level of management to
determining whether a deficiency is significant: whom significant deficiencies should be communicated is
• The likelihood of the deficiencies leading to material likely to be the chief executive officer or chief financial officer.
misstatements in the financial statements in the future.
• The susceptibility to loss or fraud of the related asset or Certain identified significant deficiencies in internal control
liability. may call into question the integrity or competence of
• The subjectivity and complexity of determining estimated management. For example, there may be evidence of fraud or
amounts, such as fair value accounting estimates. intentional non- compliance with laws and regulations by
• The financial statement amounts exposed to the management, or management may exhibit an inability to
deficiencies. oversee the preparation of adequate financial statements that
• The volume of activity that has occurred or could occur in may raise doubt about management’s competence.
the account balance or class of transactions exposed to Accordingly, it may not be appropriate to communicate such
the deficiency or deficiencies. deficiencies directly to management.
• The importance of the controls to the financial reporting
process

Audit considerations relating to an entity using a service organization

Introduction
“The objectives of the auditor, when the entity uses A client may use a service organisation such as one that
the services of a service organisation, are: executes transactions and maintains related accountability or
records transactions and processes related data. A good
(a) To obtain an understanding of the nature and example is a computer systems service organisation.
significance of the services provided by the service
organisation and their effect on the entity’s internal If the entity uses a service organisation, certain policies,
procedures and records maintained by the service
control relevant to the audit, sufficient to organisation may be relevant to the audit of the financial
identify and assess the risks of material statements of the client.
misstatement; and
A service organisation may establish and execute
(b) To design and perform audit procedures policies and procedures that affect the entity’s internal
responsive to those risks.” control. These policies and procedures are physically and
operationally separate from the entity.
Objective
To set out the audit considerations where an entity uses

a service organisation to undertake activities on its
behalf, and describe the service organisation auditor’s
reports which may be obtained by the entity’s auditors.


Services provided by a service organisation are relevant to The auditor obtains an understanding of the following, as
the audit of an entity’s financial statements when those appropriate:
services, and the controls over them, are part of the entity’s • nature of the services provided by the service organisation
information system, including related business processes, • terms of contract and relationship between the entity and
relevant to financial reporting. the service organisation
• extent to which the entity’s internal controls interact with
The main issue for the auditor to consider is how significant the systems at the service organisation
the operations of the service organisation are to the financial • the entity’s internal control relevant to the service
statements. For example, often the payroll function is organisation activities such as those applied to the
provided by a service organisation, and payroll is a significant transactions processed, and the identification and
class of transaction for many entities. management of risks related to use of the service
organisation
• service organisation’s capability and financial strength,
including the possible effect of the failure of the service
organization on the entity
• information about the service organisation such as that
reflected in technical manuals
• information available on controls relevant to the service
organisation’s information systems such as general IT
controls and application controls


• Contact the service organisation to obtain specific
information.
“When obtaining an understanding of internal • Visit the service organisation and perform procedures that
control relevant to the audit in accordance with ISA will provide the necessary information about the relevant
controls
315, the auditor shall evaluate the design and
implementation of relevant controls at the entity The service organisation auditor’s report may be read in
that relate to the services provided by the service order to obtain a sufficient understanding of internal control
affected by the service organization.
organisation, including those that are applied to the
transactions processed by the service If the auditor uses the report of the service organisation
auditor, the auditor should consider making inquiries
organisation.”
concerning that auditor’s professional competence in the
The auditor may not be able to obtain a sufficient context of the specific assignment undertaken by the service
understanding of the nature and significance of the services organisation auditor.
provided by the service organisation from the client company.
In this case the auditor shall perform one or more of the
following procedures to obtain this understanding:
• Obtain a report on the description and design of controls
at the service organisation from the service organisation’s
auditor – this report may also contain assurance as to the
operating effectiveness of the controls at the service
organisation

Audit considerations relating to entities using service organizations - auditor's reports

The auditor should consider the scope of work performed
by the service organization auditor and should evaluate the
“When using a service organisation auditor’s usefulness and appropriateness of reports issued by the
report, the auditor should consider the nature of service organization auditor.
and content of the report.”
Type A reports would not be used as audit evidence
about the operating effectiveness of controls whereas
The service organization auditor’s report, which will be type B reports would. Part of the assessment when a type B
one of two types (type A – report on the design and report is to be used as evidence is consideration of the
implementation of internal control or type B – report on the relevance and adequacy of the work done in producing the
design, implementation and operating effectiveness of internal type B report. With respect to the adequacy of the tests of
control), will ordinarily contain restriction as to use (generally controls and the results, two key considerations are the length
to management, the service organization and its customers, of the period covered by the service organization auditor’s
and the entity’s auditors). tests and the time since the performance of those tests.

Audit considerations relating to entities using service organizations - auditor's reports

The auditor of a service organization may be engaged to
perform substantive procedures that are of use to the
“For those specific tests of controls and the results entity’s auditor. Such engagements may involve the
that are relevant, the auditor should consider performance of procedures agreed upon by the entity and its
auditor and the service organization and its auditor.
whether the nature, timing and extent of such tests
provide sufficient appropriate audit evidence about
the operating effectiveness of the internal control to
When the auditor uses a report from the auditor of a
support the auditor’s assessed risks of material service organization, no reference should be made in the
misstatement.” entity’s auditor’s report to the auditor’s report on the service
organization.

What you have learned - audit considerations relating to entities using service organisations
now be able to:
• illustrate the use of service organizations
• describe the implications of the use of service
organizations on risk assessments
• explain the role of service organization auditor’s reports as
audit evidence

If an audit is performed in accordance with ISAs, is it No, it is not mandatory. ISA 315 requires tests of controls to
mandatory to perform tests of controls? be performed in two circumstances:
• if the preliminary assessment of risk contains an
assumption that controls are operating effectively, and
To reveal our answer, click below: • If it is not possible to obtain sufficient appropriate
evidence through substantive procedures (this may be
the case in high volume processing with IT systems)
It is certainly true that in many circumstances auditors will

perform tests of controls, as the majority of modern
accounting systems contain many control features that can be
tested quite quickly, especially if the auditor is using computer
assisted techniques. However, if the auditor’s risk
assessment indicates that controls are weak, or if substantive
testing is considered a more effective use of audit time and
will provide sufficient evidence, then it is possible to perform
as ISA-compliant audit without the use of tests of controls.

Module review
The proper identification and assessment of audit risk
appears to be key to carrying out an appropriate audit
under the current standards. The audit risk standards are
key to this approach and the way these standards deal with
audit risk must be understood. There has been a shift in
emphasis from the old approach which centred around the
audit risk model.

Module 6 quick quiz


Question 1
The susceptibility of an account balance or class of transactions to material misstatement is
known as:
A Audit risk
B Control risk
C Inherent risk
D Detection risk

Question 2
Detection risk in the context of the audit of the financial statements of a company is the risk
that:
A The company’s accounting system will not
prevent or detect and correct material
misstatements
B The auditor’s procedures will not detect
material misstatement
C The auditor will be held liable to other
parties due to the failure to detect a
material misstatement
D Arises from the susceptibility of
transactions and balances to material
misstatements

Question 3
In what circumstances should the auditor document an understanding of a client’s accounting
and internal control systems?
A Only when auditing a limited company

B Only when seeking to place reliance on
internal controls
C Only when accounting and internal
control systems are relatively complex
D Always, regardless of any other audit work
planned

Question 4
According to ISA 315 “identifying and assessing the risks of material misstatement through
understanding the entity and its environment”, which of the following is not part of the role of
the discussion among the audit team members:
A Provides an opportunity for more

experienced engagement team members
to share their insights based on their
knowledge of the entity
B Allows the engagement team members
to exchange information about the
business risks to which the entity is
subject and about how and where the
financial statements might be susceptible
to fraud or error
C Assists the engagement team members
to understand how the results of the
procedures they perform may affect
other aspects of the audit
D Measure and review the entity’s financial
performance

Question 5
What are control activities according to ISA 315 “identifying and assessing the risks of
material misstatement through understanding the entity and its environment”?
A Information systems and related business

processes relevant to financial reporting
B Installation of significant IT systems related
to financial reporting
C Open communication channels which help
ensure that exceptions are reported and
acted upon
D Policies and procedures that help ensure
that management directives are carried out

Question 6
An extract from the systems description of a supermarket states that all cash received
during the day by the cashiers must be deposited in the night safe by the store
manager after the close of business.
The types of control utilised in this part of the system are:
A Authorization and physical
B Physical and segregation of duties

C Supervision and segregation of duties
D Accounting and physical

Question 7
According to ISA 315 “identifying and assessing the risks of material misstatement through
understanding the entity and its environment”, which category of policies and procedures are
not likely to be considered as control activities that may be relevant to an audit:
A Corporate restructuring
B Performance reviews
C Physical controls
D Segregation of duties

Question 8
The purpose of the procedure of tracing a few transactions through the accounting system
(known as a “walk-through” test) is to:
A Confirm or obtain an understanding of

the accounting and internal control
system
B Identify weaknesses in the system of
accounting and internal control
C Identify internal controls on which the
auditor may wish to rely
D Confirm the preliminary assessment of
control assessment

Question 9
Which of the following conditions may indicate the existence of risks of material misstatement:
1. Application of new accounting pronouncements

2. Changes in the IT environment
3. Expanding into new locations
4. High degree of complex regulation
A 1 and 3 only
B 1 and 4 only
C 2, 3 and 4 only
D 1, 2, 3 and 4

Question 10
According to ISA 200 “overall objectives of the independent auditor and the conduct of an
audit in accordance with international standards on auditing”, what risk is defined as:
The risk that a misstatement that could occur in an assertion and that could be material, either
individually or when aggregated with other misstatements, will not be prevented, or detected
and corrected, on a timely basis by the entity’s internal control?
A Audit risk
B Control risk
C Detection risk
D Inherent risk

Question 11
The susceptibility of an assertion to a misstatement that could be material either individually

or when aggregated with other misstatements, before consideration of any related controls?
A Audit risk
B Control risk
C Detection risk
D Inherent risk

Question 12
The risk that the procedures performed by the auditor to reduce audit risk to an acceptably
low level will not detect a misstatement that exists and that could be material, either
individually or when aggregated with other misstatements?
A Audit risk
B Control risk
C Detection risk
D Inherent risk

Question 13
Which of the following activities outsourced by an entity to an external service provider is least
likely to be relevant to the entity’s external auditor?
A Preparation of financial statements

B Staff training and recruitment
C Management of leased vehicle
D Debt factoring

Question 14
A finance company uses a service organisation to process a high volume of its most complex
transactions. Which of the following circumstances would be most likely to affect the finance
company auditor’s ability to form an opinion?
A The possibility of loss of input

documentation in transmission to
the service organisation
B Inadequate back-up and reconstruction
facilities at the service organisation
C Failure of the service entity’s staff to
identify exceptions in output
D Refusal of permission to visit the service
organization to undertake tests of control

Question 15
Which of the following matters is not included in a type A report prepared by a service
organisation for the restricted use of its management, customers and client auditors?
A Suitability of design to meet stated

objectives
B Effective operation based on tests of
controls
C Operational existence of controls
D Accuracy of description

Question 16
According to ISA 330 “the auditor’s responses to assessed risks”, which of the following is not
a factor influencing the auditor’s judgement as to what constitutes sufficient appropriate audit
evidence?
A Constraints on the availability of capital

and credit
B Effectiveness of the management’s
responses and controls to address
the risks
C Persuasiveness of the audit evidence
D Sources and reliability of the availability

information

Question 17
The primary purpose of performing tests of control is to provide reasonable assurance that:
A The flow of documentation through, and

the operation of accounting control in,
the system is properly understood
B All accounting control procedures are
properly evidenced
C Accounting and internal control systems
are suitably designed and internal
controls operate throughout the period
D Operational control procedures are
effective in the entity’s risk management

Question 18
Which of the following would the auditor NOT consider in deciding if an internal control
deficiency were significant?
A The financial statement amounts exposed
to the deficiencies
B The volume of activity exposed to the
deficiency
C The planned audit work on the financial
statement area exposed to the deficiency
D The cause and frequency of the
exceptions detected as a result of the
deficiency

Question 19
How should significant deficiencies in internal control be communicated?
A Verbally, at the end of the audit

B In writing, at the end of the audit
C Verbally, on a timely basis
D In writing, on a timely basis

Module 7: Audit evidence Certificate in International Auditing

Audit evidence - ISA 500

• identifying sources of evidence
• financial statement assertions and distinguishing between
the testing of transactions and balances
• evaluating evidence collected
• procedures for obtaining audit evidence

Introduction
“ISA 500 “audit evidence” sets out the key

requirements relating to the amount and nature of
evidence that the auditor must obtain. This module
covers the framework set out in this standard and
how it is applied to practical situations.”

Audit evidence - ISA 500

Sources
“The objective of the auditor is to design and
perform audit procedures in such a way as to It includes:
• source documents
enable the auditor to obtain sufficient appropriate
• accounting records
audit evidence to be able to draw reasonable • corroborating information from other sources, e.g.:
conclusions on which to base the auditor’s a. tangible assets
b. client management
opinion ”
c. third parties (e.g. customers, legal advisers)
Objective Documentary evidence may be:

• generated and provided to auditors by a third party (i.e.
To identify sources of evidence and its relationship to independent of entity)
critical audit objectives. • generated by a third party and held by the entity
• generated and held by the entity
Definition
Audit evidence is all the information used by the auditor

in arriving at the conclusions on which the audit opinion
is based and includes the information contained in the
accounting records underlying the financial statements and
other information.

Exercise - sources of evidence

Use the following ideas list to generate examples of sources

of evidence relevant to the audit of tangible non-current Consider your answer to the question, when you are ready click next to
assets:
1. Accounting systems – internal written evidence.
2. Documentation – internal written evidence. You can then review the ideas of other students on this subject.
3. Tangible assets – physical.
4. Management & employees – internal oral/written evidence.
5. Customers & suppliers – external oral/written evidence.
6. Other third parties (e.g. banks, solicitors) – independent
oral/written evidence.
7. Analytical procedures – auditor-generated evidence.

Audit evidence - sufficient evidence

Factors to consider
• the risk of misstatement – the greater the risk the more When information produced by the entity is used by the
audit evidence is likely to be required auditor to perform audit procedures, the auditor should
• the quality of the audit evidence – the higher its quality, obtain audit evidence about the accuracy and completeness
the less of it is likely to be required of the information.
• higher quantity of audit evidence may not compensate for
its poor quality Although the auditor should consider the relationship
• nature of accounting and internal control systems e.g. if between the cost of obtaining audit evidence and the
computerized usefulness of the information obtained, difficulty or
• risk assessment and evaluation of the effectiveness of expense is not a valid reason for omitting a necessary audit
internal controls procedure. If audit evidence is not sufficient, the implications
• Cumulative auditors’ knowledge & experience (“CAKE”) for the audit opinion must be considered.
gained in previous audits
• materiality of items – immaterial items may require little, if
any, evidence
• audit findings (e.g. fraud or error)
• reliability of the information to be used as audit evidence

Audit evidence - appropriateness - relevance

Appropriateness is interrelated with sufficiency and has Classification and understandability: transactions and
two aspects in the context of audit evidence. events have been recorded in the proper accounts, and is
clearly presented and described.
Financial statement assertions
Occurrence: a transaction or event took place which related
Evidence is required to support financial statements to the entity during the period - the equivalent of existence for
assertions, i.e. assertions by management, explicit or assets/liabilities, i.e. only what should have been recognised.
otherwise, that are embodied in the financial statements.
Valuation: assets, liabilities and equity interests are included
Accuracy: amounts and other data relating to recorded in the financial statements at appropriate amounts.
transactions and events have been recorded appropriately.
Existence: an asset or a liability exists at a given date the
Completeness: there are no unrecorded assets, liabilities, equivalent of occurrence for transactions/events.
transactions or events or undisclosed items, i.e. all that
should have been correctly recognised. Rights and obligations: an asset or liability relates to the
entity at a given date, e.g. the reporting date.
Cut-off: transactions and events have been recorded in the
correct accounting period. Mnemonic for the above: ACCA COVER
Allocation: any allocation adjustments are appropriately

recorded.

Audit evidence - appropriateness - relevance

ISA 315 (paragraph A111) lists these as three categories Illustration - sales cycle
as shown in the table below:
Testing sales for Testing receivables for
Sales system
Assertions about Assertions about Assertions about completeness existence
classes of transactions account balances presentation and Order
and events for the at the period end disclosure
period
under audit
↓
Occurrence and rights Goods despatch note
Occurrence Existence
and obligations
Completeness Rights and obligations Completeness ↓
Classification and Invoice
Accuracy Completeness
understandability
Cut-off Valuation & allocation Accuracy & valuation ↓
Classification Sales day book
(journal)
Direction of testing ↓
Ledger accounts(s)
The assertion(s) for which evidence is sought influences
the source of evidence and direction of testing, e.g.:
• completeness of recording sales transactions - trace from
goods movement into accounting records - tests for
understatement
• existence of plant and equipment – trace from recorded
asset (e.g. in plant register) to physical asset - tests for
overstatement

Audit evidence - appropriateness - reliability

Reliability
General presumptions “rules of thumb” (recognising that

exceptions may exist):
• independent external sources are more reliable than
evidence from within the entity (internal)
• entity’s records are more reliable when the related internal
controls are effective
• evidence obtained directly by the auditor is more reliable
than evidence obtained indirectly or by inference
• documentary/written is more reliable than verbal/oral
• original documents are more reliable than
photocopies/facsimiles (faxes)
Consistency:
• consistency increases persuasiveness (i.e. provides
cumulative assurance)
• any inconsistency creates doubt (giving rise to further
work) until resolved otherwise consider audit opinion

Exercise - appropriateness
Rank the following items of audit evidence concerning the

ownership of land, using a scale of 1 (for worst) to 4 (for best): Consider your answer to the question, when you are ready click next to
a. ask management if the client company owns the land You may wish to discuss this with a colleague before finally submitting it.
b. phone bank and ask if they hold title deeds on client’s
behalf You can then review the ideas of other students on this subject.
c. visit bank and examine title deeds
d. ask bank for written confirmation that they hold deeds

Audit evidence - how is evidence obtained?

Three types
Audit evidence is obtained from an appropriate mix of • when substantive procedures alone do not provide
“risk assessment procedures”, “tests of controls” and sufficient appropriate audit evidence. The auditor is
“substantive procedures”. required to perform tests of controls to obtain audit
evidence about their operating effectiveness
1. Risk assessment procedures
3. Substantive procedures
The auditor always performs risk assessment procedures
to provide a satisfactory basis for the assessment of The auditor plans and performs substantive procedures
risks at the financial statements level and assertion level. to be responsive to the related assessment of the risks of
Risk assessment procedures by themselves do not provide material misstatement, which includes the results of tests
sufficient appropriate evidence on which to base the audit of controls, if any. The auditor’s risk assessment is
opinion, however, and are supplemented by further audit judgemental, however, and may not be sufficiently precise to
procedures in the form of tests of controls, when necessary, identify all risks of material misstatement. Further there are
and substantive procedures. inherent limitations to internal control, including the risk of
management override, the possibility of human error and the
2. Tests of controls effect of systems changes. Therefore, substantive procedures
Tests of controls are necessary in two circumstances: for material classes of transactions, account balances, and
• when the auditor’s risk assessment includes an disclosures are always required to obtain appropriate audit
expectation of the operating effectiveness of controls. The evidence.
auditor is expected to test those controls to support the
risk assessment

Audit evidence - how is evidence obtained?

Examples
1. Risk assessment procedures: 2. Tests of controls:

• identify risks through the process of obtaining an • check bank reconciliation initialled as approved by
understanding of the entity and its environment, chief accountant
including relevant controls that relate to the risks, and by • observe buyer checking goods received note (“GRN”)
considering the classes of transactions, account balances, and invoice before authorizing cheque for payment
and disclosures in the financial statements, e.g. the
cashier performs bank reconciliations and no one else 3. Substantive procedures - two types:
checks them • tests of detail:
• relate the identified risks to what can go wrong at the a. agree general ledger expense account totals to
assertion level, e.g. the cash at bank amount may be purchase day book (PDB) also called purchase
overstated journal
• consider whether the risks are of a magnitude that b. check (a sample of) casts and extensions in the PDB
could result in a material misstatement of the financial c. agree (a sample of) quantities on purchases invoices
statements, e.g. whether the cash at bank amount to GRNs
overstatement can be material to the financial statements • analytical procedures
• consider the likelihood that the risks could result in a
material misstatement of the financial statements, e.g.
assess how likely that the cash at bank will be overstated
materially

Audit evidence - procedures

ISA 500 recognises the following audit procedures for
obtaining audit evidence:
• Inspection (e.g. of records, documents, assets)
• Observation (e.g. of control activities)
• External confirmation (e.g. bank confirmation regarding
cash balances)
• Recalculation
• Reperformance (e.g. the auditor’s independent execution
of procedures or controls originally performed by the
client)
• Analytical procedures
• Inquiry (within and external to the client)

Exercise - procedures
Distinguish between and give examples of the following

procedures: Consider your answer to the question, when you are ready click next to
1. Inspection. You may wish to discuss this with a colleague before finally submitting it.
2. Observation. You can then review the ideas of other students on this subject.
3. Inquiry and confirmation (or enquiry).
4. Recalculation.

Exercise - procedures - techniques for generating "client-specific" audit evidence

Financial statement assertions: consider “relevant” audit
evidence.
Please review the following exercise: Consider your answer to the question, when you are ready click next to
Suggest audit evidence for additions to plant and equipment: You may wish to discuss this with a colleague before finally submitting it.
Completeness You can then review the ideas of other students on this subject.
Occurrence
Measurement
Presentation & disclosure
Appropriate carrying value
Rights (& obligations)
Existence

What you have learned - audit evidence

now be able to:
• identify sources of evidence
• explain financial statement assertions and distinguish
between the testing of transactions and balances
• evaluate evidence collected
• describe procedures for obtaining audit evidence


How does the auditor assess the relevance of individual items The financial statement assertions set out in ISA 315
of evidence? establish objectives for the audit procedures for each class of
transaction, balance and disclosure. So, in the case of a
period end balance, such as trade receivables, the auditor
To reveal our answer ,click below: must consider whether evidence is relevant to the assertions
of existence, rights and obligations, completeness,
valuation and allocation.


What is the best audit evidence? Generally, in terms of reliability:
• documentary is better than oral evidence (the documents
To reveal our answer, click below: should ideally be originals, not copies or faxes)
• third party evidence (e.g. from bankers, customers,
lenders) is better than that obtained from an internal
source. It is less likely to be subject to bias in the way that
management representations may be
• auditor-generated evidence is best. For example,
inspection of assets (a good test for the assertion of
existence) and analytical procedures (eg for the assertion
of completeness)
However, what is “best” depends also on its relevance (to a

financial statement assertion) and sufficiency. For example:
• inspection of an asset proves its existence but only
corroborates ownership (rights to use the asset)
• inspection of a document of title (e.g. purchase invoice)
may prove that ownership has passed (though this may be
conditional on the invoice has been paid) - but even if the
asset exists, it may not still be owned. For example, when
inventory is purchased and subsequently sold but still held
At best, most evidence is persuasive rather than providing
absolute assurance. Hence the need for consistency when
considering the sufficiency of evidence.

Module review
This module has introduced the framework of requirements
that the auditor must follow when gathering audit evidence.
This evidence must be sufficient, and appropriate (relevant
and reliable). ISA 500 also defines the three main types of
procedures, risk assessment procedures, tests of controls
and substantive procedures.
Ultimately the auditor must use professional judgement in

assessing the amount and quality of evidence required, but
this framework, added to the considerations about risk and
materiality, as covered in earlier modules, provide guidance
that can be applied to all areas of the audit.

Module 7 quick quiz


Question 1
Physical inspection of tangible assets is primarily aimed at the financial statement assertion
of:
A Ownership of the assets
B Existence of the assets
C Completeness of recording of assets
D Accuracy of recording of assets

Question 2
Which of the following is likely to be the least reliable form of audit evidence?
A Bank Certificate
B Response to a direct confirmation request
C External valuer’s report
D Written management representation

Question 3
When deciding on the amount of evidence required to form an opinion on a particular matter,
the auditor should be least influenced by the:
A Time involved in obtaining the evidence
B Materiality of the matter being examined
C Terms of his engagement
D Source of the evidence

Question 4
ISA 500 “audit evidence” states that “....the reliability of evidence is dependent on individual
circumstance....”
Which of the following would generally be regarded as the most reliable source of audit
evidence?
A Purchase invoices from suppliers
B Oral confirmations from directors
C Bank confirmation letter
D Goods received notes

Question 5
Which of the following is a test of control?
A Re-performing the bank reconciliation as at

the reporting date
B Counting physical cash at the year end
and agreeing the total with the recorded
amount
C Reviewing purchase invoices for a
signature authorising payment to the
supplier
D Agreeing payment details on a bank
statement to supporting purchase invoices

Question 6
Which of the following is a substantive procedure on the revenue figure in a set of financial
statements?
A Comparing actual figures with previous

years’ and budgeted monthly sales and
cost of sales figures
B Following one or two transactions
through the system from order to
remittance, as recorded in the systems
notes
C Examining a sample of sales invoices to
see whether the prices, costs and
extensions have been initialled as
checked by the sales clerk
D Reviewing several pages of the sales day
book to ensure that the sequence of sales
invoices is complete

Module 8: Specific items Certificate in International Auditing

Specific items - ISA 501 and 505

• physical inventory counting procedures
• litigation and claims
• segment information
• designing and evaluating an external confirmation

Introduction
In the previous module you learned about the basic principles
of audit evidence as set out in ISA 500. In this module you will
learn about two further standards which are based on these
principles and apply them to specific items. These standards
are:
• ISA 501 “audit evidence – specific considerations for
selected items”
• ISA 505 “external confirmations”

Specific items - ISA 501 and 505

Objective
To describe further aspects of audit evidence relating to ISA 505 “external confirmations” deals with:
specific financial statement amounts and other • relationships of external confirmation procedures to the
disclosures. auditor’s assessments of risk of material misstatements
• design of the external confirmation request
This part covers: • use of positive and negative confirmations
ISA 501 “audit evidence - specific considerations for • the external confirmation process
selected items” contains objectives dealing with
obtaining sufficient appropriate evidence regarding the:
• Existence and condition of inventory
• Completeness of litigation and claims against the client
• Presentation and disclosure of segment information in
accordance with the applicable financial reporting
framework.

Specific items - physical inventory count - essential procedures

All inventory is usually physically counted at least once a If an auditor is unable to attend the physical inventory
year: count on the date planned:
• as a basis for the preparation of the financial statements; • some physical counting should be observed on an
or alternative date
• to confirm the reliability of a perpetual inventory system, • tests on intervening transactions should be undertaken (if
which in turn provides a basis for the preparation of the necessary)
If physical inventory counting is conducted at a date other
When inventory is material the auditor shall obtain than the date of the financial statements, the auditor shall
sufficient appropriate audit evidence regarding its perform audit procedures to obtain audit evidence about
existence and condition by attendance at physical inventory whether changes in inventory between the count date and the
counting (unless impracticable). date of the financial statements are properly recorded.
Purpose: When attendance is impracticable (e.g. inventory kept in a

• to evaluate management’s instructions and procedures for bonded warehouse) alternative procedures may provide
recording and controlling the results of the entity’s physical sufficient appropriate audit evidence of existence and
inventory counting condition to conclude that there is no limitation on the scope
• to inspect inventory of the audit.
• to observe compliance with management’s count
procedures for recording and controlling the results of the
count
• to perform test counts (to obtain evidence about the
reliability of management’s procedures):
a. book record to physical
b. physical to book record

Exercise - essential procedures

Suggest three alternative procedures which may provide

sufficient appropriate audit evidence of existence and Consider your answer to the question, when you are ready click next to
condition of inventory.

Specific items - physical inventory count - types of inventory records and stock taking
Regulations
Many jurisdictions have requirements to keep “proper

accounting records” including:
• statements of inventory held at the end of each financial
year Before/after Perpetual
inventory system
• statements of stocktakings from which statements of year end
inventory are prepared
It is a common misconception that such requirements

make annual inventory counts a legal requirement.
Although it is true that there may be requirements to count
inventory periodically (e.g. for tax purposes), the above Before/after
At year end
requirements can be met by an effective perpetual inventory year end
system.
Period inventory system
Inventory quantities are ascertained by a count

conducted periodically, usually at the end of an accounting
period, but may be half-yearly (e.g. for interim financial
statements) or quarterly (e.g. for management accounts).

Exercise - types of inventory records and stock taking

1. Suggest four advantages and four disadvantages of a full

physical count at the year end. Consider your answers to the questions, when you are ready click next to
2. Suggest three advantages and disadvantages of a full You may wish to discuss this with a colleague before finally submitting it.
physical count shortly before the year end, called “interim
stock taking”. You can then review the ideas of other students on this subject.

Specific items - physical inventory count - perpetual inventory system

Inventory quantities are adjusted for every receipt and
sale of items - facilitated by computerisation.
Counts should be programmed so all inventory counted

at least once a year - “continuous stocktaking”.
Even daily counts of certain items may be facilitated by

the use of hand held scanners for bar-coded products.
All material differences between book inventory and

physical counts must be investigated and the reasons for
the differences understood.

Exercise - perpetual inventory system

1. Suggest five reasons why physical inventory may:

a. exceed book quantities, and Consider your answers to the questions, when you are ready click next to
b. five reasons why it may be less than book quantities
2. Suggest two advantages and two disadvantages of a
perpetual inventory system. You can then review the ideas of other students on this subject.

Specific items - attendance at physical inventory counting

Before = planning: After = follow-up:
• review prior year working papers • follow up cut-off tests
• discuss instructions with management • check “in bulk” copies of stock sheets and check
• familiarisation: nature, value, location(s) etc. sequence
• assess risk of material misstatement related to inventory • ensure perpetual inventory records adjusted
• arrange third party certificates (direct confirmation) • follow up third party certificates
• consider need for expert(s) • conclude on reliability of quantities used as a basis for
• assess the nature of the internal control related to computing inventory
inventory
• consider role of internal audit
• extract representative sample
During = attendance:
Click here to review an example of an audit program (pages 8-12 of the
• observe compliance with instructions pdf relate to the audit of inventory).
• perform test counts (from physical to record and vice
versa)
• take copies of stock-sheets
• record details of unused stock sheets
• obtain details of damaged inventory
• note cut-off details

Specific items - segment information

The auditor shall obtain sufficient appropriate Segment information is considered in relation to the
“
audit evidence regarding the presentation and financial statements as a whole.
disclosure of segment information in accordance
Audit procedures:
with the • analytical procedures are important (e.g. comparisons
applicable financial reporting framework .” with budgets and prior periods)
• tests of detail may be appropriate
• discuss how management determines segment
The auditor can obtain evidence by:
information including elimination of inter-segment amounts
a. Obtaining an understanding of the methods used by
management in determining segment information, and:
i. Evaluating whether such methods are likely to result in
disclosure in accordance with the applicable financial
reporting framework; and
ii. Where appropriate, testing the application of such
methods; and
b. Performing analytical procedures or other audit procedures
appropriate in the circumstances.

Specific items - litigation and claims - essential procedure
“The auditor shall design and perform audit Actual and pending liabilities arising from litigation and
claims may have a material impact and require disclosure
procedures in order to identify litigation and claims and/or provision in the financial statements.
involving the entity which may give rise to a risk of
material misstatement, including: Direct communication with the entity’s lawyers should be
sought when litigation or claims are identified or may exist.
(a) Inquiry of management and, where applicable, The letter should:
others within the entity, including in-house legal a. be prepared by management
b. be sent by the auditor
counsel;
c. request direct communication with the auditor
(b) Reviewing minutes of meetings of those
charged with governance and correspondence Ordinarily specifies:
a. a list of litigation and claims
between the entity and its external legal counsel; b. management’s assessment of the outcome and
and financial estimate (including costs)
(c) Reviewing legal expense accounts.”
Requests lawyer to:
a. confirm reasonableness of management’s assessments
b. provide further information if the list is
incomplete/incorrect
In certain circumstances meet lawyer to discuss the

likely outcome of litigation and claims, with management’s
permission and a management representative in attendance.

Specific items - litigation and claims - permission to communicate refused

If:
a. management refuses to give the auditor permission to
“Management’s refusal of permission to communicate or meet with the entity’s external legal
communicate with legal advisors is a limitation on counsel, or the entity’s external legal counsel refuses to
respond appropriately to the letter of inquiry, or is
the scope of the audit, that will usually result in a prohibited from responding; and
qualified opinion or a disclaimer of opinion.” b. the auditor is unable to obtain sufficient appropriate audit
evidence by performing alternative audit procedures, the
auditor shall modify the opinion in the auditor’s report in
A scope limitation would similarly arise if a legal advisor accordance with ISA 705.
fails to respond.

Specific items - external confirmations - ISA 505 - definition

The auditor can request confirmations in two ways:
“External confirmation – Audit evidence obtained Positive confirmation request – A request that the confirming
as a direct written response to the auditor from a party respond directly to the auditor indicating whether the
confirming party agrees or disagrees with the information
third party (the confirming party), in paper form, or in the request, or providing the requested information.
by electronic or other medium.”
Negative confirmation request – A request that the confirming
party respond directly to the auditor only if the confirming
party disagrees with the information provided in the request.

Exercise - external confirmations - Question 1

Suggest eight matters on which it may be appropriate to seek

direct confirmation. Consider your answer to the question, when you are ready click next to

Specific items - external confirmations

The need for external confirmations Reliability
The factors to be considered when determining the need Received directly by the auditor from independent third
for external confirmations are: parties, therefore relatively reliable.
• characteristics of the prevailing environment
• practice of potential respondents in dealing with such However, the auditor must exercise control over
requests confirmation requests and responses.
The weaker internal controls are (i.e. the higher control The characteristics of the respondents and restrictions
risk is), the more important external confirmation. imposed by management (e.g. not to request balances from
certain customers) may impair reliability.
Confirming balances (e.g. accounts receivable) on a test
basis may reduce the scope of detailed tests on related
transactions (e.g. sales).

Specific items - external confirmations - risk assessment

The higher the auditor’s assessment of risk, the more
reliable and relevant is the audit evidence sought by the
auditor from substantive procedures. In such situations the
use of confirmation procedures may be effective in providing
sufficient and appropriate audit evidence.
The lower the assessed risk of material misstatement, the

less assurance the auditor needs from substantive
procedures to form a conclusion about an assertion.
When the auditor has identified a risk as being significant

the auditor may give particular consideration to whether
confirmations of certain matters may be an appropriate way of
reducing the risk of material misstatement.

Exercise - external confirmations - Question 2

Identify the financial statement assertion(s) most relevant to

the external confirmation of: Consider your answer to the question, when you are ready click next to
1. An account receivable.
2. Goods held on consignment. You may wish to discuss this with a colleague before finally submitting it.
3. An account payable.

Specific items - external confirmation - design of request

Methods
“External confirmation requests should be tailored Positive vs. Negative

to the specific audit objective.” Request to confirm agreement with Request to reply only in event of
balance shown or express disagreement with recorded balance
disagreement
Preferred when high inherent or Appropriate when:

Factors to be considered: control risk e.g.: • good internal controls
• financial statements assertions • weak internal controls • large number of small accounts
• prior experience • suspicion of irregularity or • errors not expected
• respondents (competence, independence, motivation, amounts in dispute
authority or willingness to provide information, knowledge • numerous bookkeeping errors
of the matter being confirmed, and objectivity)
• the type of information respondents will readily confirm,
e.g. single transactions (e.g. invoices) rather than overall It is a popular misconception, but the difference between
account balance “positive” and “negative” is not whether or not the
• management’s authorisation to respondents to disclose customer is given a balance to agree. A balance must be
information requested given for a negative request. It is usual to give a balance in
positive request (to prompt a response if overstated).

Specific items - external confirmation - management requests
Management’s request not to confirm certain information
If the auditor agrees to management’s request not to

confirm certain information (on valid grounds), alternative
procedures should be applied to obtain sufficient appropriate
evidence.
If management’s request is not valid the possible impact on

the auditor’s report of the limitation on scope should
considered.
Factors to be considered:
• the need for professional scepticism
• any implications regarding management’s integrity
• the possible existence of fraud or error

Specific items - external confirmations - confirmation process

The auditor should have control over: Constructing a sample
• the selection process
• sending confirmation requests Receivables vs. Payables
• receiving responses If testing primarily for If testing primarily for
overstatement, select from understatement, select from
receivables’ ledger (reconciled “reciprocal” population (e.g.
To minimize the risks of: to control a/c in general ledger) suppliers identified by audit
• sample bias tests on purchases)
• interception of requests
• alteration of responses
Results should be evaluated in the context of ISA 530

“audit sampling”. Special attention to be given to:
• old unpaid a/cs
• a/cs written off during period
• credit/debit balances in receivables/payables
• nil balances
• a/cs paid by date of examination
Audit sampling and other selective testing procedures are

described in ISA 530 “Audit sampling”.

Specific items - external confirmations - confirmation process

Request Replies
• agree or reconcile differences
Specially prepared form or letter or an attachment to the
normal statement giving a copy of the customer’s ledger Non-replies
account. The latter is more likely to detect error or fraud. • alternative audit procedures should be undertaken to
provide equivalent evidence (i.e. about the same financial
To.... To: statement assertions)
Messrs Pears, Cross, • alternative procedures are usually undertaken after
Audit confirmation Brannigan & Co
131/133 Dutchman Avenue making a second request
Will you please return the enclosed
slip to our auditors, Messrs Pears, Audit confirmation balance due to:
Cross, Brannigan & Company, of Solti Potato Crisps Inc.
131/133 Dutchman Avenue, at 30 June 2001
indicating whether or not you agree
the enclosed account by deleting the Please delete as necessary:
line that does not apply. • We confirm that the balance
due from us to the above
In the event of disagreement, please company at the above date was
give details. A stamped addressed $....
envelope is enclosed for your reply.
• According to our records the
amount due from us to the
above company was $....
Yours faithfully

Exercise - confirmation process

Suggest four alternative procedures which may provide

sufficient appropriate audit evidence of the existence and Consider your answer to the question, when you are ready click next to
completeness of accounts receivable. enter it into the course blog.

Specific items - external confirmations - causes and frequency of exceptions and evaluating results
Causes and frequency of exceptions
When the auditor forms a conclusion that the

confirmation process and alternative audit procedures
have not provided sufficient appropriate audit evidence
regarding an assertion, the auditor should perform additional
audit procedures to obtain sufficient appropriate audit
evidence.
Evaluating the results of the confirmation process
The auditor should evaluate whether the results of the

external confirmation process together with the results from
any other audit procedures performed, provided sufficient
appropriate audit evidence regarding the assertion being
audited.

What you have learned - specific items

now be able to:
• describe physical inventory counting procedures
• state the essential procedures for:
a. litigation and claims
b. segment information
• design and evaluate an external confirmation


In the context of the audit of a manufacturing company where The procedures performed by the auditor will depend on how
inventories represent a material balance on the statement of the entity arrives at the inventory quantity at the reporting
financial position, does the auditor always have to attend a date. If this is based on a physical count at the year end,
year end inventory count? then it will be essential for the auditor to attend that count as it
will be difficult to obtain alternative evidence.
To reveal our answer, click below: However, the entity may count inventories at an interim date,
in which case the auditor would attend that count and would
also have to design procedures to test the entity’s records of
transactions arising between that date and the reporting date.
If the entity has a perpetual inventory system, then no year
end count will take place and the auditor will place more
emphasis on testing the inventory records, including
performing tests of controls such as the observation of a
sample of the periodic inventory counts that the entity may
have put in place as a control over the accuracy of the
records.

Module review
This module has covered more practical detail on how the
requirements of ISAs on audit evidence are applied in specific
circumstances and you should be able to explain the main
issues and requirements relating to the audit of specific items,
namely inventories, claims and litigation, and segment
information. You should also be able to identify when it is
appropriate to use direct confirmations to obtain audit
evidence, how they are performed and to explain the issues
surrounding their evaluation.

Module 8 quick quiz


Question 1
The primary purpose of the auditor’s attendance at a physical inventory count is to confirm the
inventory’s:
A Existence
B Ownership
C Valuation
D Completeness

Question 2
The auditor’s main task when attending the year end physical inventory count of a client
company is to:
A Obtain assurance that management’s

procedures are adequately implemented
B Assist management in the proper
supervision and conduct of the count
C Identify any errors in counting of obsolete
stock
D Check that all the physical counts agree
with the book quantities

Question 3
Which of the following procedures is unlikely to provide evidence concerning contingent
liabilities?
A Review of responses to a direct

confirmation request received from
customers
B Review of board minutes
C Discussion with the company’s legal

executives
D Review of letters received from the bank

Question 4
Direct confirmation of trade receivable balances is most relevant and sufficient to which of the
following audit objectives?
A Valuation
B Classification
C Existence
D Completeness

Question 5
The managing director of a client company has requested the auditor not to write to a major
customer, xyz, selected for direct confirmation, as xyz is a close personal friend who may be
offended by the request.
In these circumstances the auditor’s next step would be to:

A Indicate that this refusal constitutes a
restriction of scope on the audit which
will lead to a modification of the auditor’s
report
B Perform the external confirmation as
planned since the auditor’s responsibility
is to the shareholders and not the
directors
C Carry out the external confirmation
substituting another customer with
similar characteristics so as to preserve
the integrity of the sample
D Carry out the external confirmation for
other customers selected and apply
alternative procedures to obtain sufficient
appropriate evidence regarding xyz

Module 9: Analytical procedures, audit sampling & written representations Certificate in International Auditing

Analytical procedures - ISA 520

• when to use analytical procedures
• types of analytical procedures and tests
• determining the consistency of financial and related
information
Audit sampling - ISA 530

• gathering audit evidence
• audit sampling and other selective testing procedures
• selecting samples
• testing and evaluating results
• statistical vs. non-statistical sampling
Written representations - ISA 580

• written representations as audit evidence

Introduction
This module looks at certain key audit techniques, which have
all been referred to in overview in earlier modules. Here you
will learn in detail about when analytical procedures are used
during an audit, and you will see some practical examples of
their use. You will also learn about the requirements relating
to audit sampling and about when it is appropriate to seek
written representations from client management, and the role
of these representations as audit evidence.


Objective Comparisons of financial information
To describe the role of analytical procedures in the audit With Examples

process.
Prior periods 2008 2008 2007
Meaning and nature

Anticipated results
(from budgets and
} Turnover($)
Actual
11,900
Budget
12,000
Actual
10,000
forecasts)
ISA 520 “analytical procedures”:
Evaluation of financial information made by a study of Predictive estimates Depreciation for year ≈ 15% x year end cost
plausible relationships among both financial and non-financial Similar industry information Receivables turnover vs. industry average
data.


Consideration of relationships Methods
Between Examples Range from simple comparisons to intricate analyses

using advanced statistical techniques.
Elements of financial Gross profit margin
information expected to May be applied to:
conform to a predicted • consolidated financial statements
pattern • components (e.g. subsidiaries, divisions, segments)
• individual elements of financial information (e.g. account
Financial information and Payroll costs to number of balances)
relevant non-financial employees
information

Analytical procedures - when they are used

ISA 315 requires that the auditor shall perform analytical Purposes
procedures as part of risk assessment procedures.
As risk assessment procedures to obtain an understanding
ISA 520 deals with the use of analytical procedures to: of the entity and its environment.
• obtain relevant and reliable audit evidence when using As substantive procedures at the detailed testing stage -
substantive analytical procedures; and when more effective or efficient than tests of detail, i.e.
• design and perform analytical procedures near the end of optional.
the audit that assist the auditor when forming an overall
conclusion as to whether the financial statements are As an overall review, to conclude whether financial
consistent with the auditor’s understanding of the entity. statements as a whole are consistent with auditor’s
understanding of the entity.

Analytical procedures - risk assessment

Need for risk assessment Analytical procedures relevant to financial condition
The auditor should apply analytical procedures as risk Deterioration in financial performance and cash
assessment procedures to obtain an understanding of availability potentially increases inherent risk as
the entity and its environment. deliberate misstatement/manipulation is more likely.
Ability to meet debts as they fall due underlies the going
concern basis of preparation of financial statements.
“Preliminary” analytical procedures are used to:
• help identify the existence of unusual transactions or How it is assessed:
events, and amounts, ratios, and trends that might indicate • short-term - liquidity indicators such as the current ratio
matters that have financial statement and audit • long-term - gearing and profitability indicators, e.g.:
implications a. debt/equity ratio
• increase understanding of the entity through the b. return on capital employed (ROCE)
accumulation of information on trends in key relationships c. gross profit (GP)%
• determine the nature, timing and extent of further audit d. earnings per share (EPS)
procedures • loans and borrowings - defaults in and renegotiation of
repayments
Based on: • cash flow projections - receipts from operations less than
• interim financial and non-financial information maturing debt
• budgets/forecasts and management accounts
• draft financial statements

Analytical procedures - substantive procedures - sufficiency

Illustration
Analytical procedures can themselves provide sufficient Payroll Analytical procedures Tests of detail (ideas
audit evidence where an item can be verified directly by (assertions) in outline)
reference to another (valid) item (e.g. commission on sales, Completeness Compare cost with budget/prior Postings from payroll
period(s) - month on month and to general ledger
bank interest, rental expense, depreciation). for year
“Proof in total” Personnel records
Analytical procedures may be effective in testing for
Occurrence Compare cost with budget/prior Cash book payments
understatement (i.e. completeness). For example, in period(s) and similar
predicting sales from purchases and known margins. organisation/industry
Ratio analysis e.g. average cost Starters and leavers
Where sufficient substantive evidence is not obtained by per employee by department
analytical procedures alone, some tests of detail will also Measurement Compare accruals (e.g. statutory Postings from payroll
be required. (amount and in deductions, holiday pay, etc. to general ledger
correct period) with prior period(s)
Labour turnover (should Sample of payroll
decrease with increasing transactions
remuneration) (accuracy, etc.)
Presentation Compare disclosure with prior Disclosure checklist
and disclosure year financial statements
Ratios e.g. payroll to cost of Postings from general
sales, average pay per ledger to payroll
employee

Exercise - substantive analytical procedures

Financial statement assertions

1. For each of the following financial statement assertions
relevant to sales revenue, suggest a suitable analytical You may wish to discuss this with a colleague before finally submitting it.
procedure:
a. completeness You can then review the ideas of other students on this subject.
b. occurrence
c. accuracy
2. Where analytical procedures may not be applicable or

insufficient, suggest a test of detail.

Analytical procedures - substantive procedures - extent of use
Factors to consider Impact on use

Audit objectives (see assertions See extent of reliance (see here)
here) and extent of reliance
Degree of disaggregation of Procedures are more effective when
available information applied to components
Availability of financial and non- Independently prepared non-financial
financial data data should result in more effective
procedures
Reliability of information Budgets prepared with sufficient care
available will facilitate more effective procedures
Relevance of information Budgets based on expectation are more
useful than goals to be achieved
Sources of information Independent sources are more reliable
Comparability of information Broad industry data may not be relevant

to specialised products
Knowledge gained previously Effective procedures are based on
(cumulative audit knowledge and recognising unusual/unexpected
experience - “CAKE”) variations. If knowledge is limited, it is
difficult to know what to expect
Nature of enterprise and its Steady trends develop in some
operations businesses - therefore easier to know
what to expect and identify variations

Exercise - substantive procedures - extent of use

Albatros Ltd had 100 employees last year with total wages of
$840,000 and 100 employees this year with a wage bill of Consider your answer to the question, when you are ready click next to
$950,000, an increase of 13%. The annual pay rise was 6%
and the level of business has remained approximately You may wish to discuss this with a colleague before finally submitting it.
constant.
1. Suggest two reasons other than error or irregularity which
could account for the greater than expected increase.
2. In the absence of a satisfactory reason for the increase,

suggest four ways the payroll could have been inflated by
error or irregularity.

Analytical procedures - substantive procedures - types of test

Trend analysis (graphical time series or regression Illustration
analysis)
• “scatter graph” relies on visual inspection Testing petrol costs in a taxi firm:
• time-series analysis can be cumbersome
• statistical regression (using computer program) is most Steps Application
objective
• useful for income and expenditure a/c analysis 1 Identify factors likely Petrol costs determined by kilometres driven
to influence the
Ratio analysis examples: amount to be tested
• receivables collection period
2 Clarify relationship
• inventory turnover and confirm it is
• asset turnover credible and relevant
• payables payment period 3 Predict likely range Kms Average price Expected
• ratios identify stable relationships therefore more relevant of values driven per litre ($) petrol costs
than absolute changes Jan 2,387 0.599 270 - 311
• useful for both balance sheet and income and expenditure Feb 2,954 0.610 322 - 392
a/c analysis etc.
Reasonable test = “proof in total” examples: 4 Compare predictions with actuals Prediction ($) Actual ($)
• on payroll Jan 270 - 311 297
• depreciation
Feb 322 - 392 401
• investment income
5 Investigate variances and corroborate explanations
• rental income
• “models” can be very precise, even simple models can be
very effective
• most useful for income and expenditure a/c analysis

Analytical procedures - proofs in total

• payroll - use information about workforce, numbers of
starters and leavers, wage rates, pay rises, productivity
“An independent check on the total value of a bonuses etc. to construct a model for the total payroll
population.” figure
e.g.: (last year’s audited expense (confirmed base data)
starters/leavers) × (1+i) where i is the average percentage
Mechanics pay rises further adjusted to reflect when the pay rises
came into effect
Calculate the expected value of a population - base data • investment income - apply known interest rates to nominal
must be independent of the population being tested or value of investments (audited)
otherwise confirmed to be materially correct. • hotel revenue - income for year:
a. occupancy room rate; or
Compare with recorded value. b. last year’s income (audited) x (1+i) where i is the
percentage increase in room rate
Difference should not be material. • fuel (petrol) costs - for each category of vehicle running on
different grades of fuel (e.g. leaded, unleaded, diesel)
Examples: calculate consumption
• depreciation - for each category of asset: e.g.: mileage (per tacograph or mile-meter) consumption
(cost + additions - disposals) x straight line % = charge for rate (e.g. miles per gallon or kilometres per litre)
year
Alternatively, using reducing balance method, adjust
accumulated depreciation for additions and disposals also
and calculate depreciation on net amount

Analytical procedures - substantive procedures - extent of reliance

The extent of reliance will depend on the risk that Greatest use
analytical procedures may identify relationships as • existing well-established client
expected when, in fact, a material misstatement exists. • well-known, stable industry
• predictive information available (budgets, cash flow
Factor Impact on reliance - examples forecasts)
Materiality of Cannot rely only on analytical procedures for material
• effective accounting and internal control systems
items involved inventory balances, but may rely solely for immaterial
items and income and expense items
Other Reviewing subsequent cash receipts might confirm or
procedures dispel queries raised by analytical procedures on an
ageing of customers’ accounts
Accuracy of Greater consistency expected in comparing gross profit
predictions margins from one period to another than in comparing
discretionary expenses (e.g. research or advertising)
Risk If internal control over sales order processing is weak (i.e.
assessments CR is high) more reliance on tests of details in drawing
(IR and CR) conclusions on receivables may be required

Analytical procedures - overall review stage

Examples
• comparison of current year results with previous year(s) -
“The auditor shall design and perform analytical a “reasonableness test”
procedures near the end of • review of significant trends and ratios to identify emerging
patterns or changes in known patterns e.g. if liquidity ratios
the audit that assist the auditor when forming an deteriorating - quick or acid test ratios
overall conclusion as to whether the financial • recalculation of key ratios and trends to reflect
statements are consistent with the auditor’s adjustments to the financial statements
understanding of the entity.”

Analytical procedures - fluctuations

Investigations
• unexpected trends or deviations should be discussed with
“Significant fluctuations, inconsistent management in the first instance - or other knowledgeable
relationships or deviations from predicted amounts persons amongst client’s staff
• explanations must be substantiated, e.g. by reference to
should be investigated and adequate explanations existing knowledge and audit evidence already obtained
and appropriate corroborative evidence obtained.” • if management’s explanation is inadequate, further audit
procedures may be necessary

What you have learned - analytical procedures

now be able to:
• explain the need for and role of analytical procedures in
the audit process
• suggest suitable analytical procedures including proofs in
total
• analyse the consistency of financial and related
information by substantive analysis

Audit sampling - ISA 530

Objective Gathering audit evidence
Selection methods
• items should be selected for testing by appropriate means
“The objective of the auditor, when using audit so as to gather sufficient appropriate audit evidence to
sampling, is to provide a reasonable basis for the meet the objectives of the audit procedures
• any one or a combination of:
auditor to draw conclusions about the population a. selecting all items (100% examination)
from which the sample is selected.” b. selecting specific items
c. audit sampling
Risk considerations
• professional judgement should be used to:
a. assess audit risk (which includes inherent and
control risk)
b. design further audit procedures to reduce audit risk
to an acceptably low level
• this requires consideration of:
a. the risk of material misstatement (inherent and
control) and detection risk
b. sampling and non-sampling risk

Exercise - selecting all items (100% examination)

Suggest four circumstances in which a 100% check of a class

of transactions or account balances check might be Consider your answer to the question, when you are ready click next to
necessary:

Audit sampling - selecting specific items

Factors to consider
• understanding of the entity
• the assessed risk of material misstatement
• characteristics of the population being tested
Specific items
• high-value or key items e.g. risk prone or with a history of
error
• all items over a certain amount to verify a large proportion
of the population
• items to obtain information e.g. about the nature of
transactions and accounting and internal control system
• items to test control activities
Main advantage: usually an efficient means of gathering

audit evidence.
Main disadvantage: it is not audit sampling, therefore cannot

validly project results to population.

Exercise - selecting specific items

Suggest five reasons why it is unnecessary for an auditor to

carry out a complete check of all the transactions and Consider your answer to the question, when you are ready click next to
balances of a business.

Audit sampling - definitions

Sampling risk can lead to two types of erroneous
conclusions:
“Applying procedures to less than 100% of items . . • that controls are more effective than they actually are (for
. such that all sampling units have a chance of a test of controls) or that a material error does not exist
when in fact it does (for a substantive test); this type of risk
selection . . . in order to form a conclusion affects audit effectiveness and is more likely to lead to an
concerning the population.” inappropriate audit opinion
• the risk the auditor will conclude that controls are less
effective than they actually are (for a test of controls) or
Anomaly - a misstatement or deviation that is demonstrably that a material error exists when in fact it does not (for a
not substantive test); this type of risk affects audit efficiency as
representative of misstatments or deviations in the population. it would usually lead to additional work to establish that
initial conclusions were incorrect
Population - the entire set of data from which the auditor
wishes to sample. For example, all items in an account Confidence level - the mathematical complement of risk (e.g.
balance 5% risk 95% confidence).
or a class of transactions. A population may be divided into
strata, or sub-populations, with each stratum being examined
separately.
Sampling risk - arises from the possibility that the auditor’s

conclusion, based on a sample, may be different from the
conclusion that would be reached if the entire population were
subjected to the same audit procedure.

Audit sampling - definitions

Non-sampling risk - arises from factors that cause the Stratification - the process of dividing a population into sub-
auditor to reach an erroneous conclusion for any reason not populations, each of which is a group of sampling units, which
related to the size of the sample. For example, the auditor have similar characteristics (often monetary value). The
might use inappropriate procedures or misinterpret evidence reduction of variability of items within each strata permits a
and thus fail to recognize an error - judgemental selection is reduction in sample size (without increasing sampling risk).
subject to non- sampling risk.
Tolerable misstatement - a monetary amount set by the
Sampling unit - the individual items constituting a population, auditor in respect of which the auditor seeks to obtain an
for example credit entries on bank statements, sales invoices, appropriate level of assurance that the monetary amount set
trade receivable balances, or a monetary unit (e.g. $1). by the auditor is not exceeded by the actual misstatement in
the population.
Statistical sampling - any approach to sampling that has the
following characteristics: Tolerable rate of deviation - a rate of deviation from
• random selection of a sample prescribed internal control procedures set by the auditor in
• use of probability theory to evaluate sample results, respect of which the auditor seeks to obtain an appropriate
including measurement of sampling risk level of assurance that the rate of deviation set by the auditor
A sampling approach that does not have these characteristics is not exceeded by the actual rate of deviation in the
is considered non-statistical sampling. population.

Audit sampling - application

Audit sampling can be applied using either non-statistical
or statistical sampling methods. Stages in the sampling
process include:
• sample design
• sample selection
• performing audit procedures (“testing”)
• error evaluation

Audit sampling - designing an audit sample

Selection methods
“Matters to be considered when designing an audit Matters to consider
sample are the purpose of the audit procedure and

characteristics of the population from which the
Specific audit Population and Sample size
sample is to be drawn.” objectives sampling unit and use
Note 1 of stratification
Diagram notes:
1. For example, “customers exist” or “receivables are Appropriate Sampling Stratification
recoverable”. Value-weighted selection may be particularly and complete unit (into subgroups)
efficient in testing for overstatement. Note 2 Note 3 Note 4
2. Must be appropriate (may be a “reciprocal” population for
Considerations
understatement tests) and complete.
3. An item number n (e.g. GRN) or a $.
4. Involves dividing a population into subgroups (“strata”) to
create relatively homogeneous groups in which variations Sampling risk Tolerable error Expected error
(acceptably low?) (=maximum
in characteristics are likely to be small. When testing for error/deviation rate
overstatement, effort is directed to higher value items. willing to accept)

Audit sampling - designing an audit sample

Sampling plan
In practice a “sampling plan” may be drawn up to cover:

• audit objectives
• population and sampling unit (or attribute)
• definition of an error (or deviation)
• sample size
• method(s) of sample selection

Exercise - sample size
“In determining the sample size the auditor shall enter it into the course blog.
determine a sampling size sufficient to reduce You may wish to discuss this with a colleague before finally submitting it.
sampling risk to an acceptably low level.” You can then review the ideas of other students on this subject.
For each of the following factors, decide whether the effect on

sample size is an increase, decrease or no effect.
1. Increase in intended reliance on accounting and

internal control systems.
2. Increase in tolerable misstatement.
3. Increase in the rate of deviation expected
(“expected error”).
4. Increase in number of sampling units in population.

Audit sampling - selection

Haphazard selection i.e. without following a structured
technique, may be an acceptable alternative (to random
“The auditor shall select items in such a way that methods) provided that conscious bias and predictability are
each sampling unit in the population has a chance avoided, e.g. avoid bias to easily located items, first and last
items, etc.
of selection.”
Other methods
Most commonly used methods of obtaining a
representative sample Block sampling (e.g. all items on a particular page) is not
generally appropriate because populations may be
Random number selection by use of random number structured so that items in a sequence have similar
tables or a computerised random number generator. characteristics to each other but different characteristics to
Clearly all items have an equal chance of selection. items elsewhere in the population, e.g. direct debits recorded
at the end of every month in the cash book (i.e. after the bank
Systematic (also called “interval”) selection uses a statement has been received).
constant interval between items selected (with a random
start) e.g. every 20th voucher. Value-weighted selection is a
method which uses monetary unit values, rather than the
items, as the sampling population e.g. every $1,000.
CAUTION! The sampling units must not be structured in such

a way that the sampling interval corresponds with a pattern in
the population.

Audit sampling - testing
“The auditor shall perform audit procedures,

appropriate to the purpose, on each item selected.”
If an inappropriate item is selected (e.g. a document which

has been made “void”) an appropriately chosen replacement
must be tested instead. There is no error if the item is
properly voided.
If the planned procedure cannot otherwise be performed

(e.g. if a customer does not reply to a direct confirmation
request) a suitable alternative should be performed (e.g.
examination of after-date cash receipts).
If no suitable alternative test can be performed, assume

that item to be an error, (e.g. if initials or signatures are found
to be missing when checking completion of “grid stamps” as a
test of control).

Audit sampling - sample results

The auditor should: Error projection
• consider: • monetary errors (i.e. in respect of substantive procedures)
a. the sample results should be projected, e.g. by extrapolation
b. the nature and cause of any identified errors • the effect of projected error (on test objective and other
c. their potential effect on the test objective and other audit areas) should be considered
audit areas
• evaluate sample results to confirm or revise the
preliminary assessment of the relevant characteristic of Compare
the population • projected error + uncorrected anomalous error vs.
tolerable misstatement
Consider qualitative aspects:
• isolated: obtain corroborative evidence of anomalous error
• common feature: Note that, for tests of controls no projection is necessary (i.e.
a. identify sub-population sample error rate represents population error rate).
b. extend audit procedures in sub-stratum

Audit sampling - sample results - evaluation of results

If projected error plus uncorrected anomalous error
exceeds tolerable misstatement, reassess sampling risk.
Tests of controls
If the sampling error rate is higher than originally assessed,
modify planned procedures e.g.
• extend sample size
• test an alternative control
• extend substantive procedures
Substantive procedures
If maximum potential and/or most likely error exceeds
tolerable misstatement:
• request management adjust for identified errors
• re-evaluate unadjusted errors

Audit sampling - statistical vs. non-statistical sampling

Statistical vs. non-statistical sampling involves the use of
random sample selection and probability theory to:
• evaluate sample results
• measure the sampling risk
ie techniques from which mathematically constructed
conclusions can be drawn
Statistical sampling precludes the use of haphazard

selection.
In practice, a high level of mathematical competence is

required if valid conclusions are to be drawn from sample
evidence. Most firms draw up complex plans which can be
operated by staff without statistical training, e.g. using tables,
graphs or computer methods.
Non-statistical sampling is also called “judgement

sampling”:
• any approach which does not fulfil all the conditions set
out in the definition of statistical sampling
• includes not only non-random selection but evaluating
errors on a “judgement” basis

Exercise - statistical vs. non-statistical sampling

Suggest five relative advantages and five disadvantages of

non- statistical sampling. Consider your answer to the question, when you are ready click next to

What you have learned - audit sampling

now be able to:
• distinguish between audit sampling and other selective
testing procedures
• describe sample selection methods
• compare non-statistical and statistical sampling

Written representations - ISA 580
“The auditor shall request written representations

from management with appropriate responsibilities
for the financial statements and knowledge of the
matters concerned.”
Objective
To describe the use of written representations as

audit evidence.
Acknowledgement of management’s responsibility
The auditor shall request management to provide written

representations that it has:
• fulfilled its responsibility for the preparation and
presentation of the financial statements in accordance with
the applicable financial reporting framework
• provided the auditor with all relevant information as
agreed in the terms of the audit engagement

Written representations - how evidence is obtained

The written representation shall be in the form of a Requirements in other ISAs
representation letter addressed to the auditor.
The representation letter will also include subject-matter
Illustration specific representations. A number of other ISAs require
the auditor to request written representations:
“We have fulfilled our responsibilities for the preparation and • ISA 240 “the auditor’s responsibilities relating to fraud in
presentation of the financial statements…. And, in particular, an audit of financial statements”
the financial statements are fairly presented in accordance • ISA 250 “consideration of laws and regulations in an audit
with (indicate relevant financial reporting framework).... of financial statements”
• ISA 450 “evaluation of misstatements identified during the
“....We have provided you with: audit”
• all information, such as records and documentation, and • ISA 501 “audit evidence – specific considerations for
other matters that are relevant to the preparation and selected items”
presentation of the financial statements; • ISA 540 “auditing accounting estimates, including fair
• additional information that you have requested from value estimates, and related disclosures”
us;and • ISA 550 “related parties”
• unrestricted access to those within the entity” • ISA 560 “subsequent events” `
• ISA 570 “going concern”
• ISA 701 “comparative information – corresponding figures
and comparative financial statements”

Written representations - other instances and inconsistencies

The auditor may request additional representations to If an inconsistency is identified between one or more
support other audit evidence relevant to the financial written representations and audit evidence obtained from
statements. Representations may be considered necessary another source, the auditor may consider whether the risk
to support an understanding that the auditor has obtained assessment remains appropriate and, if not, revise the risk
from other audit evidence of management’s judgement or assessment and determine the nature, timing and extent of
intent in relation to a specific assertion. For example, if the further audit procedures to respond to the assessed risks.
intent of management is important to the valuation basis for
investments, it may not be possible to obtain sufficient As per the guidance in ISA 500, such inconsistency
appropriate audit evidence without a written representation creates doubt and must be resolved.
from management about its intentions.
Illustration
“The company has no intention of selling the investments

included in non-current assets and disclosed in note X to the
financial statements before their maturity date”.
Although such written representations provide necessary

audit evidence, they do not provide sufficient appropriate
audit evidence on their own for that assertion.

Written representations - documentation

Basic elements: If management does not provide one or more of the
• addressee - the auditor requested written representations, the auditor shall:
• specified information • discuss the matter with management
• appropriately dated - ordinarily the same date as the • re-evaluate the integrity of management and evaluate the
auditor’s report effect this may have on the reliability of representations
• signed - ordinarily by the senior executive officer and (oral or written) and audit evidence in general
senior finance officer • take appropriate actions, including determining the
possible effect on the opinion in the auditor’s report (see
below)
Refusal to provide representations The auditor shall disclaim an opinion on the financial
statements in accordance with ISA 705 (see Module 11) if:
Management should expect to provide written • the auditor concludes that there is sufficient doubt about
representations if necessary (as referred to in the the integrity of management such that the written
engagement letter). Therefore management’s refusal is most representations on management’s responsibilities are not
likely to signify reservations about the representation. reliable
• management does not provide these representations

What you have learned - written representations

now be able to:
• comment on the relevance, reliability and sufficiency of
written representations as audit evidence
• suggest appropriate representations

1. If tests of detail are more effective in obtaining substantive 1. Substantive analytical procedures are optional - however,
audit evidence than analytical procedures (e.g. because analytical procedures are essential at the planning and overall
there are no established trends and predictive information review stages in compliance with ISA 520. At the planning
is not available) why would an auditor perform analytical stage, they assist in understanding the key financial and non-
procedures at all? financial relationships within the client’s business. At the
2. Analytical procedures should be done at almost every review stage, they help to assess the completeness and
stage of the audit - but is it really that useful as it is only reasonableness of figures in the financial statements.
comparing one number to last year’s?
2. The term analytical procedures covers a wide range of
audit procedures. While it does include a simple comparison
To reveal our answer, click below: of (say) trade receivables to last year, it also includes:
• comparisons with relevant industry statistics
• calculation and comparisons of key ratios (e.g. margins,
return on capital, current ratio, receivable days)
• proofs in total whereby the reasonableness of one number
is confirmed by reference to one or more numbers which
have already been audited (e.g. if a loan has been
confirmed at $1m and the interest rate per the loan
agreement is 5%, then the interest charge should be
$50,000 per year). Provided the figure in the financial
statements is materially the same as this figure, no further
work is necessary
• overall reconciliations (e.g. opening inventory + purchases
- sales closing inventory, or if not, then further work is
required)

1. Statistical sampling is based on very detailed mathematical 1. Not the detail. The mathematical basis of the approach
theories - does the theory have to be understood for allows, for example, that the sample size needed to achieve
statistical methods to be used? the required level of assurance be determined objectively. It
2. Am I likely to have to calculate a sample size for a multiple also facilitates the interpolation of results across the
choice question? population being tested.
3. Do representations by management have any value and, if 2. No, but you should know the factors which affect sample
not, why obtain them? size (and how).
3. They have value for two reasons:
• they remind directors of their responsibilities in relation to
To reveal our answer, click below: the preparation and presentation of financial statements
• they improve the reliability of oral evidence by
corroborating it in writing
However, as representations are made by management, they
may have limited value because of their potential bias. Even
after obtaining the written representations, the auditor has to
reconsider whether sufficient evidence has been obtained. On
quite a few occasions, an audit qualification on limitation of
scope has been issued despite the receipt of management
representations.

Module review
In this module you have learned about the requirements of
ISAs in respect of three key aspects of audit work.
Analytical procedures can be used as risk assessment

procedures and link with what you learned in modules 5 and
6. They can also be used as substantive procedures, and the
module has shown some practical examples of how they can
be used to obtain evidence about specific assertions. They
are also used at the final stage of the audit as a final review
before the audit opinion is finalised.
Sampling also links back to the earlier modules as the

principles of sample selection are driven by the concepts of
risk and materiality. You have seen how sampling can be
used in both tests of controls and substantive procedures,
following through from sample selection, to performing the
procedures and evaluating the sample results.
Written representations are always obtained from

management at the end of the audit in order to confirm their
acknowledgement of their responsibilities relating to the
financial statements. In some cases, other specific
representations may be obtained.

Module 9 quick quiz


Question 1
At which of the following audit stages is the auditor unlikely to use analytical
procedures?
A Planning the audit
B Assessment of control risk
C As substantive procedures
D Overall review at the end of the audit

Question 2
The primary purpose of analytical procedures at the planning stage of the audit is to:
A Reduce the extent of the other audit

procedures necessary during the audit
B Identify areas of potential risk
C Perform “proofs in total”
D Confirm the consistency of the financial

statements as a whole

Question 3
Which of the following is not a typical analytical procedure?
A Study of relationships of financial

information with relevant non financial
information
B Comparison of financial information with
similar information regarding the industry
in which the entity operates
C Comparison of recorded amounts of
capital expenditure with appropriate
D invoices
Comparison of recorded amounts of capital
expenditure with budgeted amounts

Question 4
Which of the following statements most accurately describes the effectiveness of analytical
procedures?
A They are more effective when applied to

the results of an entity as a whole rather
than to its component parts
B They are ineffective in testing the
completeness of an accounting population
C They may not be appropriate for testing
areas involving a high level of management
discretion
D They are unsuitable when the accounting
data to be compared are produced
independently of each other

Question 5
Analytical procedures based on the year-end trade receivables and revenue figures shows
that the average collection period (i.e. time taken by credit customers to pay what they owe)
has increased from 73 days in 2007 to 87 days in 2008.
Which is the most plausible explanation for this increase?
A Substantial sales have been made to

credit customers in the last few days of
2008, but not in 2007
B Substantial sales have been made to
credit customers in the last few days of
2007, but not in 2008
C In 2008 the discount for prompt payment
has been increased from the 1% to 1.5%
D An exceptional bad debt of $20,000,
which arose in 2007, has been written
off in 2008

Question 6
When considering the choice of sample size from a large number of items in a population,
which of the following items would be taken into account by the auditor?
1. Stratification.
2. Number of items in the population.
3. Tolerable misstatement.
A None
B 1 only
C 1 and 2
D 1 and 3

Question 7
An auditor plans to place reliance on the internal control system in respect of purchases and
payments and designs tests of control to ensure that controls have been operating effectively
for the whole accounting period. The results of testing show that one control was not
operating effectively for one month in the year during the employment of a temporary clerk.
Follow-up of the deviations shows that they did not lead to errors in the accounting records.
Which of the following conclusions is most appropriate?
A The control is not reliable and therefore the

level of substantive procedures cannot be
reduced
B The level of substantive procedures may
be reduced throughout the year but the
error should be reported to management
C The level of substantive procedures may
be reduced for eleven months and the
remaining month tested as a separate
population
D An alternative control must be identified
and tested for the whole accounting period
before a decision on the level of
substantive procedures can be made

Question 8
As part of the audit testing to satisfy the audit objective “trade receivables are not overstated”,
the audit senior of a manufacturing company plans to circulate statements of account to a
sample of customers and request them to confirm the balance.
Which of the following approaches to sample selection would be most appropriate in these
circumstances?
A A random sample selected from the

population of individual customers used
during the year
B A sample selected from the population of
individual customers used during the year,
with a bias towards those having the
highest value of transactions in the year
C A random sample selected from the
population of customers’ year-end
balances
D A sample selected from the population of
customers’ year-end balances, with a bias
towards large balances

Question 9
When using statistical sampling in carrying out an audit test, the auditor may attempt to
reduce the non-sampling risk by:
A Ensuring that the sample is stratified
B Adequate supervision and review of

the conduct of the audit test
C Reducing the level of tolerable

misstatement
D Increasing the level of assurance required
from the test

Question 10
During the planning stage of an audit the auditor judged that an error of $30,000 was likely to
be material to profits, and planned samples and tests accordingly. The only errors found as a
result of the planned audit work were two items of inventory, each overvalued by $5,000. The
finance director is unwilling to adjust the financial statements except to avoid a modified audit
opinion.
What action should the auditor take?

A Accept the financial statements as they
stand, because the errors are not material
B Project the monetary error and compare
with the tolerable misstatement
C Require that the accounts be adjusted,
because identified errors must be
corrected
D Insist that the client re-performs the
inventory valuation

Question 11
The purpose of obtaining written representations from management is to:
A Bring to the attention of management any

significant areas of weakness identified in
the accounting records, systems and
controls examined during the audit
B ’Place on record management’s
response to points raised by the auditor
and their intended actions to rectify
weaknesses which the auditor has
identified
C Define clearly the extent of the auditor’s
responsibilities and provide written
confirmation of the terms of the auditor’s
acceptance of appointment
D Obtain confirmation that management
believes that it has fulfilled its
responsibilities and to support other audit
evidence relevant to the financial
statements

Question 12
During the course of an audit an auditor will receive oral representations from management
for which independent evidence is not available. The auditor should seek written confirmation
of these representations from management to:
A Reduce the possibility of misunderstandings

between the auditor and management
B Protect the auditor from any legal liability
arising for any misstatement in the
C Prove that management has kept proper

accounting records in accordance with the
relevant financial reporting framework
D Reduce the extent of alternative
procedures which the auditor would
otherwise perform

Question 13
Management’s refusal to provide a written representation that the auditor considers necessary
would be:
A Evidence that the financial statements are

not presented fairly
B A fraudulent act by management
C A matter to be reported in the letter of

weakness
D A scope limitation requiring a modified
auditor’s report

Question 14
Based on the following timetable, what is the most appropriate date for an auditor to obtain a
letter of representation?
1. 31 January 2009 - all audit field work completed

2. 28 February 2009 - financial statements approved by board of directors
3. 5 March 2009 - auditor’s report signed
4. 25 April 2009 - company annual general meeting held
A1
B2
C3
D4

Module 10: Internal auditing Certificate in International Auditing

• the roles of the internal and external auditors

• how external auditors assess whether to make use of
internal auditors’ work

Introduction
Many companies have an internal audit function as part of
their internal control. The internal auditors are often involved
in the monitoring and testing of controls, and in other areas
that could be relevant to the external audit.
The existence of an internal audit department does not

reduce or change the responsibilities of the external auditor –
the audit opinion is entirely the responsibility of the external
auditor. Therefore, if the external auditor wants to rely on
work done by the internal auditors, he must obtain assurance
that the work has been performed to the same professional
quality as if it had been performed by the external auditors.
This module looks at some of the main areas of work that

internal auditors, compares their role with that of external
auditors and introduces the professional requirements that
external auditors must follow if they want to rely on the work
of internal auditors.

Internal auditing - ISA 610

Objective Relationship – external vs. internal
ISA 610 “using the work of internal auditors” has been External Internal
redrafted in Clarity form. The objective of the external Role Management, usually in
Statute (typically)
auditor is to determine: required by: larger organisations
• whether, and to what extent, to use specific work of the Appointed Shareholders (usually) or
Management
internal auditors by: directors
• if so, whether such work is adequate for the purposes of Shareholders (primary
statutory duty) and
the audit Reports to:
management (professional
Management
responsibility)
For companies listed on a recognized stock exchange it Reports on: Financial statements Internal controls
is regarded as good practice to establish internal audit Adequacy of ICs as a
functions to undertake regular monitoring of key controls and Forms
contribution to the
opinions “True and fair view” (or similar)
procedures therefore listed companies might be expected to on:
economic, efficient and
have them. effective use of resources
Employee (therefore
Status: Independent of client company
potentially less objective)
May also be members of
Usually ACCA, ICAEW, ICAI,
Qualification: other professional bodies
ICAS, CPA or equivalent
(e.g. IIA) or unqualified
Scope of Unlimited, to fulfil statutory
Prescribed by management
assignment: obligation
Similar stages - planning,
Conduct of
In accordance with ISAs evaluation of A & IC
audit:
system, evidence, reporting

Internal auditing - determining whether to use internal audit work

The external auditor shall evaluate: Assessment criteria
• the objectivity of the internal audit function Factors to consider

• the technical competence of the internal auditors • Status of internal audit within the entity
• whether the work of the internal auditors is likely to be • Whether the internal audit function reports to those
carried out with due professional care charged with governance or an officer with similar
• whether there is likely to be effective communication Objectivity authority
between the internal auditors and the external auditor • Whether management acts on the
recommendations of internal audit
• Free from conflicting responsibilities
Effectiveness of internal audit is just one factor to be Technical • Technical training/proficiency
competence • Professional qualifications
considered in the external auditors’ assessment of the
control environment. Due
• Planning, supervision, review (i.e. quality control
procedures on individual audit) and documentation
professional
care • Existence of audit manuals, work programs and
working papers
• Whether meetings are held at appropriate intervals
throughout the period between internal and external
auditors
Communication • External audit access to relevant internal audit
reports and information about significant matters
• Whether the external auditor informs the internal
auditors of any significant matters that may affect
the internal audit function

Internal auditing - appraisal activities

Internal auditing personnel may also assist in carrying
“An appraisal activity established within an entity out external audit procedures, but this is outside the scope
as a service to the entity. Its functions include, of ISA 610.
amongst other things, examining, evaluating and
monitoring the adequacy and effectiveness of
internal control ”.
Scope and objectives
Operate in the following areas
Review of Examination of financial Review of the Review of compliance Special

systems and operating info (incl. economy, with external and investigations
detailed testing of efficiency and internal requirements
transactions and effectiveness of (e.g. laws and
balances) operations management policies)
Of direct interest to the auditor May impact on external audit

Internal auditing - the effect on external auditor’s procedures

In determining the planned effect of the work of the • conclusions reached are appropriate in the circumstances
internal auditors on the nature, timing or extent of the and any reports prepared by the internal auditors are
external auditor’s procedures, the external auditor shall consistent with the results of the work performed
consider: • any exceptions or unusual matters disclosed by the
• the nature and scope of specific work performed by the internal auditors are properly resolved
internal auditors
• the assessed risks of material misstatement for particular “The external auditor shall perform procedures on that
classes of transactions, account balances and disclosures work to determine its adequacy. The audit procedures may
• the degree of subjectivity involved in the evaluation of the include:
audit evidence gathered by the internal auditors in support • examination of items already examined by internal
of the relevant assertions auditors
• examination of other similar items
Specific work • observation of procedures performed by the internal
auditors”
To determine the adequacy of specific work performed by
the internal auditors for the external auditor’s purposes,
the external auditor shall evaluate whether: Illustration
• the work was performed by internal auditors having
adequate technical training and proficiency A company holds stock at 15 locations. Internal audit may
• the work was properly supervised, reviewed and observe year-end stocktaking procedures at 4 (say) provided
documented external auditor observes 6 (say). Visits would be rotated
• adequate audit evidence has been obtained to enable the each year.
internal auditors to draw reasonable conclusions

Internal auditing - the effect on external auditor’s procedures

When the external auditor uses specific work of the
internal auditors, the external auditor shall document
conclusions regarding the evaluation of the adequacy of the
work of the internal auditors, and the audit procedures
performed by the external auditors on that work.
The external auditor has sole responsibility for the audit

opinion expressed, and that responsibility is not reduced by
the external auditor’s use of the work of the internal auditors.

What you have learned - internal auditing

now be able to:
• distinguish between the roles of internal and external
auditors
• define the possible reliance on the work of internal audit
• recognise the factors which determine the extent to which
reliance can be placed on the work of internal audit


Will the existence of an internal audit function within an entity It is true that in many cases, the external auditor may be able
always reduce the amount of work to be performed by the to reduce certain procedures where the internal auditors have
external auditors? performed relevant work. For example if the internal auditors
have carried out detailed testing over controls in certain
accounting applications, the external auditor may be able to
To reveal our answers ,click below:
save the time that would have been spent in performing
similar tests and obtain evidence by reviewing the internal
audit work instead. However, this depends on:
• the external auditor having concluded that the overall
quality of work performed by internal audit is adequate
• the tests of controls covering the appropriate period (ie the
period covered by the financial statements being audited)
This will not always be the case, so even where the internal
auditor has performed work that appears to be relevant to the
external auditor’s objectives, it may not be possible for the
external auditors to reduce their work.
There will also be situations where the work performed by
internal audit is not directly relevant to the external auditor’s
objectives, for example, where the internal auditors’ main
work involves carrying out reviews of economy, efficiency and
effectiveness.

Module review
This module has concentrated on internal auditing in its
context as a potential source of evidence for the external
auditor. It completes a group of modules (modules 7 to 10)
that focus on the principles of audit evidence and the various
procedures used to gather that evidence.
Underlying all of these is the basic requirement for the auditor

to obtain sufficient appropriate evidence to be able to draw
reasonable conclusions on which to base the audit opinion.
The scope paragraph of the audit report concludes: “We

believe that audit evidence we have obtained is sufficient and
appropriate to provide a basis for our audit opinion.”
The next module of this course describes the form and

content of that opinion.

Module 10 quick quiz


Question 1
The management of a company has requested that their external auditors make use of the
company’s internal audit department.
Which of the following statements most accurately reflects the relationship between these
external and internal auditors?
A The ultimate responsibility for the audit
opinion lies with the external auditor who
should not therefore use the work of
internal auditing
B Using the work of internal auditing is
desirable as it reduces the external
auditor’s exposure to legal liability
C The external auditor should evaluate the
work of internal auditing and, if satisfied,
use specific work but only in areas of low
audit risk
D When intending to use specific work of
internal auditing the external auditors
should confirm its adequacy

Question 2
A large quoted company has recently set up an internal audit department. The board consists
of both executive and non-executive directors. In order to secure the greatest degree of
objectivity internal auditing should report to:
A The chief executive
B The finance director
C A committee of non-executive directors
D A committee of executive directors

Question 3
In which of the following areas should internal auditing not routinely operate?
A Design and implementation of internal

controls
B Review of the economy, efficiency and
effectiveness of operations
C Examination of financial and operating
information
D Check that all the physical counts agree
with the book quantities

Module 11: Reporting Certificate in International Auditing

This module is divided into two parts:
The auditor’s report on financial statements - ISA

700,705, 706
• the requirements for an auditor’s report
• auditor’s opinions on financial statements
• case studies
Going concern - ISA 570

• determining an enterprise’s ability to continue as a going
concern
• gathering audit evidence
• the auditor’s report with illustrations

Introduction
This module returns to the objective of an audit of financial The first part of this module describes the ISAs relevant
statements, namely: to reporting and the second part deals with the auditor’s
considerations in respect of going concern at all stages
of the audit.
“.... to enable the auditor to express an opinion It has been left as the last topic because the reporting
whether the financial statements are prepared, in all implications in relation to going concern are an application of
the standards on reporting covered in this module.
material respects, in accordance with an applicable
financial reporting framework.”
ISA 200, “overall objectives of the independent

auditor and the conduct of an audit in accordance
with international standards on auditing.”

The auditor's report on financial statements - ISAs 700, 705 and 706
Objective
To explain the elements of an independent auditor’s

report and the expression of an opinion on financial
statements.
The auditor’s report should contain a clear expression of

the auditor’s opinion on the financial statements.
Considerations:
• the financial reporting framework (e.g. IFRS)
• statutory requirements

The auditor's report on financial statements - basic elements

The objective of the auditor and the basic elements are all Management’s responsibility for the financial statements:
required by standards within ISA 700 “forming an opinion • Management responsible for preparation and fair
and reporting on financial statements”: presentation of financial statements in accordance with
IFRS
“The objectives of the auditor are: • Management responsible for internal controls regarding
(a) To form an opinion on the financial statements the preparation of the financial statements
based on an evaluation of the conclusions drawn Auditor’s responsibility:
from the audit evidence obtained; and • states that the audit was conducted in accordance with
ISAs or relevant national standards or practices otherwise
(b) To express clearly that opinion through a they may be presumed to be country of auditor’s address
written report that also describes the basis for that • states that the auditor complies with ethical standards
opinion.” • states that the audit was planned and performed to obtain
reasonable assurance about whether the financial
Content of an unmodified audit report: statements are free of material misstatement
• describes the audit as including:
Title e.g. “auditor’s report” a. procedures selected depending on the auditor’s
judgment
Addressee e.g. shareholders or board of directors b. consideration of internal controls relevant to the
Opening or introductory paragraph: c. assessing accounting principles used and significant
• financial statements audited estimates made by management
• date and period covered d. evaluating overall financial statement presentation
• states that the audit evidence obtained is sufficient and
appropriate as a basis for the opinion

The auditor's report on financial statements - basic elements

Opinion paragraph:
• “true and fair view” (or “present fairly, in all material
respects”) in accordance with financial reporting
framework
• compliance with requirements of statutes or law
Date of completion of audit, not before date financial

statements are signed or approved by management.
Auditor’s address e.g. city of office.
Auditor’s signature and the firm and/or personal name of

auditor.

The auditor's report on financial statements - report vs. opinion

Auditor’s reports should contain a clear expression of Unmodified opinion
opinion.
When the financial statements give a true and fair view (or
The opinion may be: are presented fairly, in all material respects) in accordance
• unmodified with the applicable financial reporting framework an
• modified unmodified opinion should be expressed.
ISA 705 “modifications to the opinion in the independent

auditor’s report” will be covered later in this session after the
first requirements relating to the unmodified form of report.

The auditor's report on financial statements Nature of audit An audit involves performing procedures to obtain audit
examination evidence about the amounts and disclosures in the
financial statements. The procedures selected depend on
the auditor’s judgement, including the assessment of the
Illustration risks of material misstatement of the financial statements,
On whose behalf is INDEPENDENT AUDITOR’S REPORT whether due to fraud or error. In making those risk
audit undertaken (Appropriate addressee) assessments, the auditor considers internal control
relevant to the entity’s preparation and fair presentation of
Report on the financial statements the financial statements in order to design audit
We have audited the accompanying financial statements procedures that are appropriate in the circumstances, but
of ABC Company, which comprise the balance sheet as not for the purpose of expressing an opinion on the
Reference can be
at December 31, 20X1, and the income statement, effectiveness of the entity’s internal control. An audit also
by page numbers statement of changes in equity and cash flow statement includes evaluating the appropriateness of accounting
for the year then ended, and a summary of significant policies used and the reasonableness of accounting
accounting policies and other explanatory notes. estimates made by management, as well as evaluating
Unmodified implies the overall presentation of the financial statements.
Management’s responsibility for the financial that changes in
statements accounting principles We believe that the audit evidence we have obtained is
Management is responsible for the preparation and fair sufficient and appropriate to provide a basis for our audit
presentation of these financial statements in accordance
etc. have been
opinion.
with International Financial Reporting Standards. This properly determined
Responsibilities responsibility includes: designing, implementing and and disclosed Opinion
maintaining internal control relevant to the preparation In our opinion, the financial statements give a true and fair
and fair presentation of financial statements that are free view of (or ’present fairly, in all material respects,’) the
from material misstatement, whether due to fraud or financial position of ABC Company as of December 31,
error; selecting and applying appropriate accounting 20X1, and of its financial performance and its cash flows
policies; and making accounting estimates that are Relevant financial for the year then ended in accordance with International
reasonable in the circumstances. reporting framework Financial Reporting Standards.
Auditor’s responsibility Report on other legal and regulatory requirements

Our responsibility is to express an opinion on these (Form and content of this section of the auditor’s report
financial statements based on our audit. We conducted will vary depending on the nature of the auditor’s other
Standards reporting responsibilities.)
our audit in accordance with International Standards on
complied with Auditing. Those standards require that we comply with (Auditor’s signature)
ethical requirements and plan and perform the audit to (Date of the auditor’s report)
obtain reasonable assurance whether the financial Must include (Auditor’s address)
statements are free from material misstatement.

The auditor's report on financial statements - modified opinion

Circumstances Pervasiveness of effects
The objective of the auditor is to express clearly an The opinion will only be modified over matters that the
appropriately modified opinion on the financial auditor judges to be material. The wordings used will
statements in two circumstances: depend on the auditor’s judgement about the pervasiveness
1. When the auditor concludes, based on the audit evidence of the effects or possible effects of the matter.
obtained, that the financial statements as a whole are not
free from material misstatement (disagreement). Pervasive - a term used to describe:
2. When the auditor is unable to obtain sufficient appropriate • the effects on the financial statements of misstatements;
audit evidence to conclude that the financial statements or
are free from material misstatement (limitation on scope). • the possible effects on the financial statements of
misstatements, if any, that are undetected due to an
The grounds should always be apparent because they are inability to obtain sufficient appropriate audit evidence
mutually exclusive - there must be sufficient evidence in
situations for disagreement. Pervasive effects on the financial statements are those
that in the auditor’s judgement:
ISA 705 outlines three types of modifications to be used, • are not confined to specific elements, accounts or items of
depending on the circumstances and the pervasiveness of the
• if so confined, represent or could represent a substantial
effects or possible effects of the matter on the financial
proportion of the financial statements
statements.
• in relation to disclosures, are fundamental to users’
understanding of the financial statements

The auditor's report on financial statements - modified opinion – types of modification

Adverse opinion
“The auditor shall express a qualified opinion when
The auditor shall express an adverse opinion when the
the auditor, having obtained sufficient appropriate
auditor, having obtained sufficient appropriate audit evidence
audit evidence, concludes that misstatements, concludes that misstatements, individually or in the
individually or in the aggregate, are material, but aggregate, are both material and pervasive, to the financial
statements.
not pervasive, to the financial statements; or the
auditor is unable to obtain sufficient appropriate
audit evidence on which to base the opinion, but Disclaimer of opinion
the auditor concludes that the possible effects on The auditor shall disclaim an opinion when the auditor is
the financial statements of undetected unable to obtain sufficient appropriate audit evidence on
misstatements, if any, could be material but not which to base the opinion, but the auditor concludes that the
possible effects on the financial statements of undetected
pervasive.” misstatements, if any, could be both material and pervasive.

The auditor's report on financial statements - modified opinion – summary
Decision 2
Decision 1
Both material and
Material
pervasive
The FS do not give

FS are materially Qualified i.e.
a true and fair view
misstated “except for”
Adverse
Inability to
Unable to
obtain sufficient Qualified i.e.
express an opinion
appropriate “except for”
Disclaimer
evidence

The auditor's report on financial statements - the basis for modification paragraph
Reason for Details to include in basis

“Whenever the auditor modifies the opinion on the modification for modification paragraph
• Description
financial statements, the auditor shall include a Material misstatement of
specific amounts in • Quantification of effects if practicable
paragraph in the report that provides a description financial statements • If not practicable to quantify, must state
of the matter giving rise to the modification. The that this is the case
Material misstatement that
auditor shall place this paragraph immediately relates to narrative • Explanation of how the disclosures are
misstated
before the opinion paragraph and use the heading disclosures
Basis for qualified opinion , Basis for adverse Material misstatement that
• Description of the nature of the omitted
‘ ’ ‘ information
opinion’, or ‘Basis for disclaimer of opinion’, as relates to non-disclosure
• Include the omitted disclosures, provided
of information required to
appropriate ”. be disclosed that it is practicable to do so and is not
prohibited by law or regulation
Inability to obtain sufficient
appropriate audit evidence • Reasons for the inability
Even if the auditor has expressed an adverse opinion or

disclaimed an opinion, the auditor shall describe in the
basis for modification paragraph the reasons for any other
matters that would have required a modification to the opinion
and the effects thereof.

The auditor's report on financial statements - modified opinions

Illustration 1: qualified opinion due to a material
misstatement of the financial statements
Basis for qualified opinion Qualified opinion

The company’s inventories are carried in the financial In our opinion, except for the effects of the matter described in
statements at xxx. Management has not stated the the basis for qualified opinion paragraph, the financial
inventories at the lower of cost and net realisable value but statements present fairly, in all material respects, (or “give a
has stated them solely at cost, which constitutes a departure true and fair view of”) the financial position of ABC Company
from International Financial Reporting Standards. The as at December 31, 20X1, and of its financial performance
company’s records indicate that had management stated the and its cash flows for the year then ended in accordance with
inventories at the lower of cost and net realizable value, an International Financial Reporting Standards.
amount of xxx would have been required to write the
inventories down to their net realizable value. Accordingly,
cost of sales would have been increased by xxx, and income
tax, net income and shareholders’ equity would have been
reduced by xxx, xxx and xxx, respectively.


Illustration 2: adverse opinion due to a material
misstatement of the financial statements
Basis for adverse opinion Adverse opinion

As explained in note x, the company has not consolidated the In our opinion, because of the significance of the matter
financial statements of subsidiary XYZ Company it acquired discussed in the basis for adverse opinion paragraph, the
during 20X1 because it has not yet been able to ascertain the consolidated financial statements do not present fairly (or “do
fair values of certain of the subsidiary’s material assets and not give a true and fair view of”) the financial position of ABC
liabilities at the acquisition date. This investment is therefore Company and its subsidiaries as at December 31, 20X1, and
accounted for on a cost basis. Under International Financial of their financial performance and cash flows for the year then
Reporting Standards, the subsidiary should have been ended in accordance with International Financial Reporting
consolidated because it is controlled by the company. Had Standards.
XYZ been consolidated, many elements in the accompanying
financial statements would have been materially affected. The
effects on the financial statements of the failure to consolidate
have not been determined.


Illustration 3: qualified opinion due to the auditor’s
inability to obtain sufficient appropriate audit evidence
(the possible effects are deemed to be material but not
pervasive to the financial statements)
Basis for qualified opinion Qualified opinion

ABC Company’s investment in XYZ Company, a foreign In our opinion, except for the possible effects of the matter
associate acquired during the year and accounted for by the described in the basis for qualified opinion paragraph, the
equity method, is carried at xxx on the balance sheet as at financial statements present fairly, in all material respects, (or
December 31, 20X1, and ABC’s share of XYZ’s net income of “give a true and fair view of”) the financial position of ABC
xxx is included in ABC’s income for the year then ended. We Company as at December 31, 20X1, and of its financial
were unable to obtain sufficient appropriate audit evidence performance and its cash flows for the year then ended in
about the carrying amount of ABC’s investment in XYZ as at accordance with International Financial Reporting Standards.
December 31, 20X1 and ABC’s share of XYZ’s net income for
the year because we were denied access to the financial
information, management, and the auditors of XYZ.
Consequently, we were unable to determine whether any
adjustments to these amounts were necessary.


Illustration 4: disclaimer of opinion due to the auditor’s
inability to obtain sufficient appropriate audit evidence
about a single element of the financial statements (the
possible effects are deemed to be both material and
pervasive to the financial statements)
Basis for disclaimer of opinion Disclaimer of opinion

The company’s investment in its joint venture XYZ (Country Because of the significance of the matter described in the
X) Company is carried at xxx in the company’s financial basis for disclaimer of opinion paragraph, we have not been
statements, which represents over 90% of the company’s net able to obtain sufficient appropriate audit evidence to provide
assets as at December 31, 20X1. We were not allowed a basis for an audit opinion. Accordingly, we do not express
access to the management and the auditors of XYZ, including an opinion on the financial statements.
XYZ’s auditors’ audit documentation. As a result, we were
unable to determine whether any adjustments were
necessary in respect of the company’s proportional share of
XYZ’s assets that it controls jointly, its proportional share of
XYZ’s liabilities for which it is jointly responsible, its
proportional share of XYZ’s income and expenses for the
year, and the elements making up the statement of changes
in equity and cash flow statement.

Exercise - ISA 700

Please review the following exercise: The following matters may affect your audit opinions:
The audit assignments of four companies (continues on the A. Jasper (profit before tax $150,000)
following page) with year end 31 March 20X1, are nearing On 23 April 20X1 a letter was received informing the company
completion. Please answer the following questions for each that a customer, who owed Jasper $30,000 as at the year
of the four companies. end, had been declared bankrupt on 17 April. It is expected
that unsecured creditors, such as Jasper, will receive nothing
1. Assess materiality (e.g. $A represents x% of profit before in respect of amounts owing to them. Jasper’s management
tax and is therefore material or immaterial as appropriate). refuses to change the accounts to provide for the loss, on the
grounds that bankruptcy was declared after the year end
2. Identify relevant accounting requirements and state date.
compliance or otherwise with them (e.g. non-compliance IAS
16 as asset must be depreciated). Total trade receivables shown in the statement of financial
position amounted to $700,000.
3. State a suitable audit opinion (just one, e.g. modified
“except for”).

Exercise - ISA 700

B. Ruby (profit before tax $500,000) D. Emerald (profit before tax $100,000)
On 31 January 20X1 a customer sued Ruby for personal This client is a construction company, currently building a
damages arising from an unexpected defect in one of its warehouse on its own premises, and using some of its own
products. Shortly before the year end the company made an work-force. The cost of labour and materials has been
out- of-court settlement with the customer of $10,000, included in the cost of the non-current asset in the statement
although this agreement is not reflected in the financial of financial position, the total figure being based on the
statements as at 31 March 20X1. Further, the matter company’s costing records. The warehouse is almost
subsequently became known to the press and was complete and the cost shown in the statement of financial
extensively reported. The company’s legal advisers have now position includes direct labour costs of $10,000. However,
informed you that further claims have been received following during audit testing, it was discovered that the costing
the publicity, although they are unable to place a figure on the records, showing the direct labour costs for the warehouse in
potential liability arising from such claims which have not yet the early part of the year, had been destroyed accidentally.
been received. The company had referred to the claims
received in a note to the financial statements stating,
however, that no provision had been made to cover them
because the claims were not expected to be material. Consider your answer to the question, when you are ready click next to
C. Garnet (profit before tax $250,000) enter it into the course blog.
Audit work revealed that an item of investment property stated You may wish to discuss this with a colleague before finally submitting it.
in the statement of financial position at $500,000 had suffered
an impairment in its carrying value of $300,000. The You can then review the ideas of other students on this subject.
management of Garnet admits that the decline has occurred,
but refuses to write down the item on the grounds that other
investment properties (not held for resale) have risen in value
and are stated at amounts considerably below their realizable
values.

The auditor's report on financial statements - emphasis of matters and other matters - ISA 706
Emphasis of matter paragraph When the auditor includes an Emphasis of Matter paragraph
A paragraph included in the auditor’s report that refers to a the auditor shall:
matter appropriately presented or disclosed in the financial • include it immediately after the Opinion paragraph in the
statements that, in the auditor’s judgement, is of such auditor’s report
importance that it is fundamental to users’ understanding of • use the heading “Emphasis of Matter” (or other
the financial statements. appropriate heading)
• include in the paragraph a clear reference to the matter
The emphasis of matter does NOT affect the auditor’s opinion being emphasised and to where relevant disclosures that
fully describe the matter can be found in the financial
Other matter paragraph statements
A paragraph included in the auditor’s report that refers to a • indicate that the auditor’s opinion is not modified in
matter other than those presented or disclosed in the financial respect of the matter emphasised
statements that, in the auditor’s judgement, is of such
importance that is relevant to users’ understanding of the Circumstances in which an Emphasis of Matter paragraph
audit, the auditor’s responsibilities to the auditor’s report. may be necessary:
• an uncertainty relating to the future outcome of
These definitions are taken from ISA 706 “emphasis of matter
exceptional litigation or regulatory action
paragraphs and other matter paragraphs in the independent
• early application of a new accounting standard (where
auditor’s report”.
permitted) that has a pervasive effect on the financial
statements in advance of its effective date
• a major catastrophe that has had, or continues to have, a
significant effect on the entity’s financial position

The auditor's report on financial statements - emphasis of matters and other matters - illustration
Emphasis of matter Other matters - requirements
When the auditor includes an other matters paragraph

the auditor shall:
“We draw attention to note x to the financial • include it immediately after the opinion paragraph and any
statements which describes the uncertainty related to emphasis of matter paragraph in the auditor’s report, or
the outcome of the lawsuit filed against the company elsewhere if the matter is relevant to the other reporting
responsibilities section
by XYZ Company. Our opinion is not qualified in • use the heading “Other Matter” (or other appropriate
respect of this matter.” heading)
Circumstances in which an other matters paragraph may

Reference to a note is critical. If the auditor has to “make be necessary:
good” a lack of disclosure in the audit report the auditor must • law or regulation may require or permit the auditor to
qualify the opinion on the grounds of inadequate disclosure. elaborate on matter that give further explanation of the
auditor’s responsibilities or the auditor’s report
• restriction of distribution or use of the auditor’s report (only
where the financial statements have been prepared for a
special purpose)

What you have learned - the auditor's report on financial statements

now be able to:
• explain the nature and meaning of the auditor’s report
• discuss the contents and wording of the report
• evaluate and determine the circumstances in which it is
necessary to modify audit opinions
• evaluate and determine the circumstances in which it is
necessary to use emphasis of matter or other matter
paragraphs
• determine an appropriate audit opinion in a given situation
• draft paragraphs of an auditor’s report which comply with
ISAs 700, 705 and 706

Going concern - ISA 570

Objective Responsibilities - auditor’s objectives
To explain the auditor’s responsibilities for the going • to obtain sufficient appropriate audit evidence about the
concern assumption used in preparation of financial appropriateness of management’s use of the going
statements, including consideration of management’s concern assumption in the preparation and presentation of
assessment of the enterprise’s ability to continue as a going the financial statements
concern. • to conclude, based on the audit evidence obtained,
whether a material uncertainty exists that may cast doubt
on the entity’s ability to continue as a going concern
• to determine the implications for the auditor’s report

Going concern - responsibilities - presentation of financial statements (IAS 1)

Definition Accounting requirements
Enterprise will continue Generally a period of at Financial statements should be prepared on a going
in operation for the least one year after concern basis unless that basis is inappropriate.
foreseeable future reporting date
Material uncertainties which cast significant doubt on the

appropriateness of the going concern basis should be
Assume neither intention nor
necessity to liquidate disclosed.
or curtail materially the scale
of operation When the going concern basis is not used the financial
statements should disclose:
• that fact
• the basis of preparation
If assumption justified If unjustified • why the enterprise considered not to be a going concern,
• Assets will be realised • Amounts recorded in e.g. if assets are being liquidated
& liabilities discharged in respect of assets may
normal course of not be realised
business • Amounts and maturity
dates of liabilities may
need adjustment

Going concern - responsibilities - management and auditor's

The management’s responsibility
IAS 1 requires that management assesses the

enterprise’s ability to continue as a going concern.
Where a financial reporting framework does not explicitly

state management’s responsibility, that responsibility is
implied because going concern is a fundamental principle.
The auditor’s responsibility
To consider:
• management’s use of the going concern assumption
• whether material uncertainties require disclosure

Going concern - planning considerations

If not, management should be asked to make an
assessment, particularly if such events and conditions are
“When performing risk assessment procedures as apparent.
required by ISA 315 the auditor shall consider
Management’s assessment may not require detailed
whether there are events or conditions which may
analysis when the enterprise is profitable and has adequate
cast doubt on the enterprise’s ability to continue as financial resources.
a going concern should be considered when
planning the audit.”
Management may have already made a preliminary

assessment of going concern issues and plans to
address them, e.g.:
• raise capital
• increase borrowings
• restructure debt
• defer capital expenditure; or put research and
development projects on hold
• liquidate assets

Exercise - planning considerations

Give examples of financial, operational and other events or

conditions which, individually or collectively, may indicate Consider your answer to the question, when you are ready click next to
significant doubt about the going concern assumption:
• Financial: six examples
• Operational: three examples
• Other: three examples

Going concern - planning considerations

Mitigating factors Throughout the audit
Management’s plans to maintain adequate cash flows by The auditor shall remain alert for audit evidence of such
alternative means: events or conditions and related business risks which
• disposal of assets may cast significant doubt on the entity’s ability to continue as
• rescheduling of loan repayments a going concern. If identified the auditor should:
• obtaining additional capital • perform additional procedures
The auditor must assess the feasibility of plans and the • consider whether they affect the auditor’s assessment of
likelihood that they will improve the situation. the risks of material misstatement
Availability of a suitable alternative source of supply.

Going concern - audit evidence

Evaluating management’s assessment Beyond the assessment period
The auditor shall inquire of management if they have

knowledge of indicators of significant doubt beyond the
“Management’s assessment should be evaluated period of assessment (i.e. at least 12 months from the
for the same period as required by the financial reporting date).
reporting framework. This should be extended to 12
This is the only audit procedure required in respect of
months from the reporting date (if greater).” this period. It provides a good example of a “certain
instance” in which it is appropriate to obtain written
management representation.
Sources of information
• client’s system for timely identification of warnings of
risks/uncertainties
• budgets, forecast information, etc.
• obligations, undertakings, guarantees with lenders,
suppliers, etc.
• bank borrowing facilities and suppliers’ credit
• management’s plans for future action

Going concern - audit evidence - additional procedures

Cash flow forecasts
“When there are indicators of significant doubts, the
When analysing and discussing cash flow and profit
auditor shall review management s plans for future forecasts with management, consider:
’
actions and obtain written representation thereon; • reliability of the entity’s system for generating such
gather sufficient appropriate evidence to determine information
• appropriateness of underlying assumptions
whether or not a material uncertainty exists if so, it • comparison of prospective financial information:
requires disclosure; seek written representations a. for recent prior periods with historical results
from management regarding its plans for the b. for current period with results achieved to date
future .”
Material uncertainty
A material uncertainty exists when the magnitude of its

potential impact is such that its disclosure is necessary
for the fair presentation of the financial statements, i.e. a
lack of disclosure would render the financial statements
misleading.

Going concern - audit evidence - other relevant procedures

• review subsequent events for items affecting going • consider unfulfilled customer orders
concern assumption • discuss management’s plans for future action - relevance
• analyse and discuss latest available interim financial generally decreases as time scale increases:
statements a. to liquidate assets
• review terms of debentures/loan agreements for possible b. to borrow money or restructure debt
breaches c. to reduce or delay expenditures
• read minutes of meetings for reference to financing d. to increase capital
difficulties • seek written management representations regarding plans
• inquire of the entity’s lawyer regarding litigation and claims that might have a significant effect on solvency within the
• confirm existence, legality and enforceability of foreseeable future - confirm plans feasible and likely to be
arrangements to provide or maintain financial support with implemented
related and third parties and assess the financial ability of
such parties to provide additional funds

Going concern - conclusions - existence of a material uncertainty

In extreme cases, such as situations involving multiple
uncertainties that are significant to the financial
“If a material uncertainty exists the auditor shall statements, the auditor may consider it appropriate to
determine whether the financial statements express a disclaimer of opinion instead of adding an
emphasis of matter paragraph.
adequately describe the events or conditions that
cast significant doubt as to the entity’s ability to
continue as a going concern and management’s If adequate disclosure is not made in the financial
statements, the auditor shall express a qualified or
plans to deal with those events and conditions.” adverse opinion, as appropriate (see ISA 705). The auditor
shall state in the auditor’s report that there is a material
uncertainty that may cast significant doubt about the entity’s
If adequate disclosure is made in the financial ability to continue as a going concern.
statements, the auditor shall express an unmodified opinion
and include an emphasis of matter to highlight the existence
of a material uncertainty relating to the event or condition that
may cast significant doubt on the entity’s ability to continue as
a going concern and draws attention to the note in the
financial statements that discloses the matters relating to the
material uncertainty.

Going concern - when a going concern assumption is inappropriate

Management unwilling or unable to extend its
“If the financial statements have been prepared on a assessment
going concern basis but, in the auditor’s judgment,
If management is unwilling to make or extend its
management’s use of the going concern assessment when requested to do so by the auditor, the
assumption in the financial statements is auditor shall consider the need to modify the auditor’s report
as a result of the inability to obtain sufficient appropriate audit
inappropriate, the auditor shall express an adverse
evidence.
opinion .”
The auditor can issue an unqualified opinion on financial

statements drawn on an alternative basis if that is
appropriate. An emphasis of matter may be included in the
auditor’s report to draw attention to the fact of the alternative
basis.

Going concern - conclusions - disclosure requirements where material uncertainty exists

Disclosure requirements where material uncertainty
exists - suggested by auditing standard ISA 570 rather
than specified by an IAS.
Description of:
• principal events or conditions raising substantial doubt
• management’s plans, including mitigating factors
Statement that there is material uncertainty, therefore

entity may be unable to realize assets and discharge liabilities
in normal course of business.
Statement that financial statements do not include any

adjustments relating to the recoverability and classification of
recorded asset amounts and liabilities.

Exercise - reporting
Please review the following exercise: Situation 3: The going concern assumption is appropriate
but material uncertainty exists, but adequate
For each of the following six situations : disclosure is not made.
1. Suggest an appropriate audit report modification, (if any); Situation 4: The going concern assumption is
a. unmodified inappropriate but the financial statements
b. unqualified with emphasis of matter have been prepared on a going concern
c. qualified “except for” basis.
d. adverse Situation 5: The going concern assumption is
e. disclaimer inappropriate and the financial statements
2. State the grounds for such a modification. have been prepared on an alternative basis,
a. none which is adequately disclosed.
b. significant uncertainty(disagreement) Situation 6: Management does not make an assessment
c. inability to obtain sufficient evidence (limitation on for a period of at least 12 months from the
scope) balance sheet date when asked to do so.
Situation 1: Based on the audit evidence obtained there is

no material uncertainty.
Situation 2: The going concern assumption is appropriate Consider your answer to the question, when you are ready click next to
but material uncertainty exists which is enter it into the course blog.
adequately disclosed. You may wish to discuss this with a colleague before finally submitting it.
You can then review the ideas of other students on this subject .

Exercise - reporting summary
Situations 1 to 5 in this exercise can be summarised as follows:
Basis Material Basis

appropriate uncertainty inappropriate
Sufficient evidence to Disclosure required Basis used is:

support the assumption
Adequate Inadequate Going concern Alternative
→ Do not modify report → Unqualified with → Qualified or → Adverse opinion → Unqualified with
(assuming any mitigating emphasis adverse opinion emphasis of
factors adequately of matter matter
disclosed)
See illustration 1 See illustration 2
(next page) (next page)

Exercise - reporting - illustrations

Illustration 1 - adequate disclosure → emphasis of matter Qualified opinion
“Without qualifying our opinion we draw attention to note In our opinion, except for the omission of the information
x in the financial statements which states that the included in the basis of qualified opinion paragraph, the
Company incurred a net loss of xxx during the year financial statements give a true and fair view of the financial
ended December 31 20X1 and, as of that date, the position of the Company at December 31 20X1 and the
Company’s current liabilities exceeded its total assets by xxx. results of its operations and its cash flows for the year then
These conditions, along with other matters as set out in note ended in accordance with....”
x, indicate the existence of a material uncertainty which may
cast significant doubt about the Company’s ability to continue An adverse opinion should be expressed when the
as a going concern.” financial statements as a whole do not give a true and fair
view (or fairly present) the financial position (e.g. if
Illustration 2 - inadequate disclosure → basis of qualified management were considering ceasing to trade or filing for
opinion bankruptcy).
“The Company’s financing arrangements expire and
amounts outstanding are payable on (date). The Company Note that if a company is not a going concern, an adverse
has been unable to re-negotiate or obtain replacement opinion should be expressed if the financial statements
financing. This situation indicates the existence of a material are prepared on a going concern basis. This is irrespective
uncertainly which may cast significant doubt on the of any disclosure made. “Inappropriate accounting treatments
Company’s ability to continue as a going concern and are not rectified by disclosure of the accounting policies used
therefore it may be unable to realise its assets and discharge or by notes or explanatory materials” IAS 1 “presentation of
its liabilities in the normal course of business. The financial financial statements”.
statements (and notes thereto) do not disclose this fact.

What you have learned - going concern

now be able to:
• identify sources of information and indicators regarding
the appropriateness of the going concern assumption
• design audit procedures to gather sufficient appropriate
audit evidence when there is significant doubt about the
going concern assumption
• recommend and justify an opinion on the going concern
assumption in financial statements

If an auditor’s report is qualified in respect of going concern, it Definitely not. A decision to modify on going concern
might affect the client’s ability to raise funds and so lead to means, for example:
the company ceasing to trade. Should this affect the auditor’s • that the enterprise is not a going concern (adverse
decision whether and how to modify the auditor’s report? opinion)
• that the client has failed to make necessary disclosures
about factors affecting the company’s future viability
To reveal our answer ,click below:
(“except for” – material lack of disclosure)
• although the going concern assumption is appropriate a
material uncertainty exists which is adequately disclosed
(emphasis of matter)
In any of these situations the users of accounts should

have their attention drawn to these issues. The auditor
cannot use a “lesser” modification (or even worse, fail to
modify his opinion) just because it may prophesise or
contribute to the crystallisation of significant doubts.

Module review
Having completed this module and this course you
should now be fully conversant with those international
standards on auditing most relevant to fulfilling the objective
of an audit of financial statements - that is expressing an
opinion.
Going concern is a high risk area for auditors with potentially

major implications for the audit report. The considerations set
out in ISA 570 must be addressed in every audit.
You should also be aware that all ISAs should be read in

the context of ISA 200 “overall objectives of the independent
auditor and the conduct of an audit in accordance with
international standards on auditing”.

Module 11 quick quiz


Question 1
An auditor’s opinion must be qualified on the grounds of inability to obtain sufficient
appropriate evidence where senior management:
A Appoints the auditor after the year end

physical inventory count
B Requests that certain customers be

excluded from a year-end circularisation of
account balances
C Refuses the auditor access to the minutes

of directors’ meetings
D Declines to confirm in a letter of

representation the likely outcome of a
pending legal claim

Question 2
A company’s financial statements include an amount due from a customer which is material.
The auditors do not believe that any part of the balance will be paid.
What form should the auditor’s report take?
A Unmodified
B Disclaimer
C Adverse
D Except for

Question 3
The accounting records of a company were destroyed by fire shortly before the year end. The
financial statements have been prepared on the basis of estimates, but it has not been
possible for the auditor to carry out many audit procedures (ISA 700 “forming an opinion and
reporting on financial statements”).
What is the most appropriate form of auditor’s report?
A Material misstatement with regard to

accounting estimates - adverse opinion
B Inability to obtain evidence - disclaimer of
opinion
C Emphasis of matter - significant
uncertainty
D Inadequate disclosure - except for

Question 4
The financial statements of a company show a profit before tax of $15 million and net assets
of $100 million. Certain products in inventory shown in the statement of financial position at a
cost of $6 million are slow moving. The company’s management is confident that all these
products will eventually be sold but the auditors consider that a provision of $2 million is
required. Management has refused to adjust the financial statements.
The auditor’s report should be:
A Modified “except for” - misstatement
B Modified “except for” - inability to obtain

evidence
C Unmodified as the matter is not material
D Unqualified with an emphasis of matter

paragraph

Question 5
An auditor is of the opinion that a company cannot continue to trade due to a change in
legislation making the business of the company illegal. The financial statements are prepared
on a going concern basis and the facts are fully disclosed in the notes.
The auditor’s report should:
A Express an adverse opinion
B Be qualified “except for” disagreement

over the basis of preparation of the
accounts
C Be unmodified
D Express an unqualified opinion with an
emphasis of matter paragraph highlighting
the going concern problem

Question 6
Which of the following factors is not relevant when an auditor is deciding whether or not to
refer to a going concern problem when reporting on the financial statements of a subsidiary of
a listed company?
A The fact that any such reference might

lead to the appointment of a receiver or
liquidator to the subsidiary
B Forecast management information and
budgets for the subsidiary
C The repayment of a substantial bank
loan which is due 15 months after the
reporting date
D Guarantees of financial support given by
the parent company

Question 7
Although there is materiality uncertainty about a company’s ability to continue as a going
concern, the company’s directors have prepared the financial statements on a going concern
basis and the auditors agree with its use. The financial statements disclose the conditions that
give rise to significant doubts and the nature of adjustments that would be necessary if the
financial statements were prepared on an alternative authoritative basis.
The auditors should:
A Disclaim any opinion as going concern is

an assumption which underlies the
preparation of financial statements
B Qualify the auditor’s opinion “except for”

disagreement as the going concern basis
is inappropriate
C Add an emphasis of matter paragraph to
highlight a material matter regarding a
going concern problem
D Issue an unmodified auditor’s report

Glossary Certificate in International Auditing
Glossary - A
A & IC Accounting and internal control(s) Audit evidence The information obtained by the auditor in
Adverse The auditor is reporting a misstatement that is both arriving at the conclusions on which the audit opinion is
material and pervasive and a qualification is not adequate to based; it comprises source documents and accounting
disclose the extent to which the financial statements are records underlying the financial statements and corroborating
misleading or incomplete information from other sources
Adverse opinion Expressed when the effect of a Audit strategy General strategy for the audit which sets out
misstatement is so material and pervasive to the financial the direction for the audit, describes the expected scope and
statements that the auditor concludes that a qualification of conduct and provides guidance for the development of the
the report is not adequate to disclose the misleading or audit program
incomplete nature of the financial statements Audit program Sets out the nature, timing and extent of
Analytical procedures The analysis of significant ratios and planned audit procedures required to implement the overall
trends including the resulting investigation of fluctuations and audit strategy; it serves as a set of instructions to assistants
relationships that are inconsistent with other relevant involved in the audit and as a means to control
information or which deviate from predictable amounts the proper execution of the work
Application package A program unique to a particular Audit risk The risk that the auditor gives an inappropriate
function/use e.g. payroll, accounts audit opinion when the financial statements are materially
Assertions Representations by management, explicit or misstated; the components of audit risk are inherent risk,
otherwise, that are embodied in the financial statements, as control risk and detection risk
used by the auditor to consider the different types of potential Audit risk standards See Risk ISAs
misstatements that may occur.
Audit sampling Involves the application of audit procedures
Audit The objective of an audit of financial statements is to
to less than 100% of items within an account balance or class
enable the auditor to express an opinion whether the financial of transactions such that all sampling units have a chance of
statements are prepared, in all material respects, in selection; this will enable the auditor to obtain and evaluate
accordance with an identified financial reporting framework audit evidence about some characteristic of the items
Audit documentation The record of audit procedures selected in order to form or assist in forming a conclusion
performed, relevant audit evidence obtained, and conclusions concerning the population from which the sample is drawn;
the auditor reached (terms such as “working papers” or audit sampling can be used with a statistical or non-statistical
“workpapers” are also sometimes used). approach
© 2011 Association of Chartered Certified Accountants 0
Glossary - B , C
Batch total A control total Control environment Includes the governance and
management functions and the attitudes, awareness and
Business risk A risk resulting from significant conditions,
actions of those charged with governance and management
events, circumstances, actions or inactions that could
concerning the entity’s internal control and its importance in
adversely affect an entity’s ability to achieve its objectives and
the entity. The control environment is a component of internal
execute its strategies, or from the setting of inappropriate
control.
objectives and strategies.
Control procedures Those policies and procedures in
CAATs Computer-assisted audit technique
addition to the control environment which management has
Check digit A number added to the end of a code that established to achieve the entity’s specific objectives
facilitates checking for transcription, transposition & random
Control risk The risk that a misstatement (that could occur
errors e.g. using the “modulus 11 algorithm” is summing the
in an account balance or class of transactions and that
digits, dividing by 11, the remainder gives the check digit
could be material individually or when aggregated with other
Conforming amendments Those amendments which were misstatements) will not be prevented or detected and
made to other ISAs as a result of revising another standard or corrected on a timely basis by the accounting and internal
the development of a new standard control system
Control total Summed both manually (e.g. for input) and
Component A division, branch, subsidiary, joint venture,
automatically (e.g. on processing) and the totals compared
associated company or other entity whose financial
and agreed (or reconciled); both totals may be determined
information is included in financial statements audited by the
automatically
principal auditor
Corporate governance Those charged with corporate
Computer bureau An entity that specializes in offering
governance are responsible for overseeing the systems of
computer-related services e.g. data entry and programming
risk monitoring, financial control and compliance with legal
requirements

Glossary - D, E, F
Deficiency in internal control This exists when: Engagement letter Documents and confirms the auditor’s
a. A control is designed, implemented or operated in such a acceptance of the appointment, the objective and scope of
way that it is unable to prevent, or detect and correct, the audit, the extent of the auditor’s responsibilities to the
misstatements in the financial statements on a timely basis; client and the form of any reports
or
Error (in general) An unintentional mistake in financial
b. A control necessary to prevent, or detect and correct,
statements
misstatements in the financial statements on a timely basis
is missing. Error (in audit sampling) Either control deviations (when
performing tests of controls ) or misstatements (when
Detection risk The risk that the procedures performed by the
performing substantive procedures)
auditor to reduce audit risk to an acceptably low level will not
detect a misstatement that exists and that could be material, External confirmation Audit evidence obtained as a direct
either individually or when aggregated with other written response to the auditor from a third party (the
misstatements. confirming party), in paper form, or by electronic or other
medium.
Disclaimer The possible effect of an inability to obtain
evidence is so material and pervasive that sufficient evidence Financial statements The statements of financial position
has not been obtained as a basis for expressing an opinion (balance sheets), income statements (or profit and loss
accounts), statements of changes in financial position (which
Disclaimer of opinion Expressed when the possible effect of
may be presented in a variety of ways (e.g. as a cash flow
misstatements that could be undetected due to the inability to
statement), notes and other statements and explanatory
obtain sufficient appropriate audit evidence is so material and
material which are identified as being part of the financial
pervasive that the auditor is unable to express an opinion on
statements
Financial statement assertions Assertions by
Emphasis of Matter paragraph A paragraph included in the
management, explicit or otherwise, that are embodied in the
auditor’s report that refers to a matter appropriately presented
financial statements and can be categorized as accuracy,
or disclosed in the financial statements that, in the auditor’s
existence, rights and obligations, occurrence, cut-off,
judgment, is of such importance that it is fundamental to users’
completeness, valuation, allocation, classification
understanding of the financial statements.

Glossary - F, G, H, I, J
Format checks Check that data conforms to the specified IFAC International Federation of Accountants
alphanumeric format and length e.g. if product code is a letter
followed by three numbers then S512 is valid but 5512, IFRIC Interpretations Interpretations of the International
S5122 and SS12 would be invalid Financial Reporting Interpretations (IFRIC) deal with issues of
reasonably widespread importance covering:
Fraud An intentional act by one or more individuals among
• mature issues (where there is unsatisfactory practices
management, employees or third parties which results in a
within the scope of existing IFRSs/IASs)
misrepresentation of financial statements; three categories
• emerging issues
broadly are (1) defalcation (unauthorized obtaining of assets),
(2) misrepresentation (production of financial information not Inherent risk The susceptibility of an account balance or
derived from authorized transactions), (3) computer misuse class of transactions to misstatement that could be material,
individually or when aggregated with other misstatements,
Fraud risk factors Events or conditions that provide an
assuming that there were no related internal controls
opportunity, a motive or a means to commit fraud, or indicate
that fraud may already have occurred Internal control system All the policies and procedures
(internal controls) adopted to assist in achieving
General controls (in CIS) The framework of overall control
management’s objective of ensuring, as far as practicable, the
over CIS activities to provide a reasonable level of assurance
orderly and efficient conduct of the entity’s business (including
that the overall objectives of internal control are achieved
adherence to management policies, safeguarding assets,
Going concern Continuing in operation for the foreseeable prevention and detection of fraud and error, the accuracy and
future; the enterprise has neither the intention nor the need to completeness of the accounting records, and the timely
liquidate or curtail materially the scale of its operations - as a preparation of reliable financial information)
result assets are valued on the basis of continued use, such
Inventories Assets (1) held for sale in the ordinary course of
as historical cost or replacement cost rather than net
business; (2) in the process of production for sale; (3)
realisable value or liquidation value
materials/supplies to be consumed in producing
Hash total A meaningless sum of inappropriate fields (e.g. goods/rendering services
employee numbers) for checking accuracy (completeness
ISA International Standards on Auditing
and correctness) of input and processing

Glossary - K, L, M, N, O
Key control One whole failure (1) could lead to material Non-sampling risk Arises from factors that cause the
misstatement and (2) is not compensated for by another auditor to reach an erroneous conclusion for any reason not
control (a control which is compensated for is not “key”) related to the sample size e.g. most audit evidence is
persuasive rather than conclusive, the auditor might use
Lien A right to retain possession of the owner’s property inappropriate procedures or misinterpret evidence and fail to
until the owner pays what he owes to the person in recognize an error
possession
Non-statistical sampling A sampling approach that does
Management Officers and others who also perform senior not have all the necessary characteristics of statistical
managerial functions; management includes directors and the sampling
audit committee only in those instances when they perform
such functions Objectivity A combination of impartiality, intellectual
honesty and freedom from conflicts of interest
Materiality Information is material if its omission or
misstatement could influence the economic decisions of users On-line Connected to the computer; in real-time and on-line
taken on the basis of the financial statements systems, terminals must be continuously connected
to the computer
Misstatement A mistake in financial information which
would arise from errors and fraud On-line system Data is input through a computer terminal
as it arises (and some checking may be carried out
Modified auditor’s report If the report is qualified, or has an immediately), but it is then stored temporarily for later
adverse opinion or disclaimer of opinion processing and updating
Overall audit strategy Sets the scope, timing and direction

of the audit, and guides the development of the more detailed
audit plan.

Glossary - P,Q,R
Password A sequence of characters known only to the user Range checks Data has to lie within certain values
which allows access to a computer system (or part thereof); Reasonable assurance In an audit engagement, the auditor
ideally, it should not be a word in a dictionary and neither too provides a high, but not absolute, level of assurance,
short nor too long expressed positively in the audit report as reasonable
Performance materiality The amount or amounts set by the assurance, that the information subject to audit is free of
auditor at less than materiality for the financial statements as material misstatement
a whole to reduce to an appropriately low level the probability Reasonableness checks Test whether data is reasonable
that the aggregate of uncorrected and undetected when compared to a standard (e.g. hours worked, interest
misstatements exceeds materiality for the financial rates) or previous input (e.g. consumption, purchase prices)
statements as a whole. If applicable, performance materiality
also refers to the Risk assessment procedures Audit procedures to obtain
amount or amounts set by the auditor at less than the an understanding of the entity and its environment
materiality level or levels for particular classes of transactions, Risk ISAs International Statements on Auditing (ISA) 315,
account balances or disclosures. 330 and 500 are collectively known as the risk ISAs (or audit
Pilot operation (1) Retrospective parallel running processes risk standards)
historic data and compares new system results with those Risk of material misstatement The risk that the financial
already known; this parallel running “out-of phase” is statements are materially misstated prior to audit. This
effectively a large test data exercise (2) a limited number of consists of two components, described as follows at the
transactions are processed live though less rigorous than (1) assertion level:
it is less costly than duplicated entry a. Inherent risk - The susceptibility of an assertion about a
Population The entire set of data from which the auditor class of transaction, account balance or disclosure to a
wishes to sample in order to reach a conclusion e.g. all of the misstatement that could be material, either individually or
items in an account balance or a class of transactions when aggregated with other misstatements, before
constitute a population; a population may be divided into consideration of any related controls.
strata, or sub- populations, with each stratum being examined b. Control risk - The risk that a misstatement that could occur
separately; the term population is used to include the term in an assertion about a class of transaction, account
stratum balance or disclosure and that could be material, either
individually or when aggregated with other misstatements,
Qualitative characteristics Attributes that make information will not be prevented, or detected and corrected, on a
provided in financial statements useful to users, timely basis by the entity’s internal control.
encompasses understandability, relevance, reliability and
comparability
Glossary - S
Sampling risk Arises from the possibility that the auditor’s Sequence checks Test that a series of transactions are
conclusion, based on a sample, may be different from the completely input/processed in (number) order
conclusion that would be reached if the entire population were
Service organisation A third-party organisation (or segment
subjected to the same audit procedure; there are two types of
of a third-party organisation) that provides services to user
sampling risk:
entities that are part of those entities’ information systems
1. The risk the auditor will conclude that control risk is lower
relevant to financial reporting.
than it actually is (in the case of a test of control) or that a
material error does not exist when in fact it does (in the Significant deficiency in internal control A deficiency or
case of a substantive test); this type of risk affects audit combination of deficiencies in internal control that, in the
effectiveness and is more likely to lead to an inappropriate auditor’s professional judgment, is of sufficient importance to
audit opinion. merit the attention of those charged with governance.
2. The risk the auditor will conclude that control risk is higher
Stratification The process of dividing a population into sub-
than it actually is (in the case of a test of control) or that a
populations, each of which is a group of sampling units which
material error exists when in fact it does not (in the case of
have similar characteristics (often monetary value)
a substantive test); this type of risk affects audit efficiency
as it would usually lead to additional work to establish that Statistical sampling Any approach to sampling that has the
initial conclusions were incorrect. following characteristics: (1) random selection of a sample
and (2) use of probability theory to evaluate sample results,
Sampling units The individual items constituting a
including measurement of sampling risk
population e.g. credit entries on bank statements, sales
invoices, trade receivable balances, or a monetary unit (e.g. Substantive procedures Tests performed to obtain audit
$1) evidence to detect material misstatements in the financial
statements, and are of two types: (1) tests of details of
Segregation of duties Separation of the responsibility for
transactions and balances, and (2) analytical procedures
the custody of assets from the records which account for
them

Glossary - T, U, V, W
Tests of controls Performed to obtain audit evidence about Validation Includes consistency, format and range checks
the effectiveness of the:
• design of the accounting and internal control systems, that Walk-through test Involves tracing a few transactions
is, whether they are suitably designed to prevent or detect through the financial reporting system.
and correct material misstatements
• operation of the internal controls throughout the period Working papers A record of the auditor’s planning; nature,
timing and extent of the auditing procedures performed and
Those charged with governance The person(s) or
results of such procedures and the conclusions drawn from
organisation(s) (for example, a corporate trustee) with
the evidence obtained; working papers may be in the form of
responsibility for overseeing the strategic direction of the
data stored on paper, film, electronic media or other media
entity and obligations related to the accountability of the
entity. This includes overseeing the financial reporting
Written representation A written statement by management
process. For some entities in some jurisdictions, those
provided to the auditor to confirm certain matters or to support
charged with governance may include management
other audit evidence. Written representations in this context
personnel, for example, executive members of a governance
do not include financial statements, the assertions therein, or
board of a private or public sector entity, or an owner-
supporting books and records.
manager.
Unmodified opinion The opinion expressed by the auditor
when the auditor concludes that the financial statements are
prepared, in all material respects, in accordance with the
applicable financial reporting framework.
Users Present and potential investors, employees, lenders,
suppliers, customers, governments and the public

International Audit

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

International Audit

Uploaded by

Copyright:

Available Formats

PDF Certificate in International Auditing

Important Notes for PDF Download

This pdf download document includes all you need to study

These pages require your interaction and can only be seen

Thank you and enjoy the course.

© 2011 Association of Chartered Certified Accountants

course menu page 1 of 4

Welcome to the course

© 2011 Association of Chartered Certified Accountants

course menu page 2 of 4

© 2011 Association of Chartered Certified Accountants

course menu page 3 of 4

Course contents and the learning process

It should take you between 20 and 30 hours to complete, but

You can also download and print this course as an Acrobat

To download the printable copy of this course (35mb) click the

© 2011 Association of Chartered Certified Accountants

course menu page 4 of 4

International Standards on Auditing (ISAs)

© 2011 Association of Chartered Certified Accountants

course menu page 1 of 20

Module 1: What you will learn

© 2011 Association of Chartered Certified Accountants

course menu page 3 of 20

© 2011 Association of Chartered Certified Accountants

course menu page 4 of 20

Standards on auditing - IFAC - mission

In carrying out this mission, the IFAC:

© 2011 Association of Chartered Certified Accountants

course menu page 5 of 20

Standards on auditing - IFAC - organisation

For further information on member bodies click on the

© 2011 Association of Chartered Certified Accountants

course menu page 6 of 20

Standards on auditing - IFAC - membership

© 2011 Association of Chartered Certified Accountants

course menu page 7 of 20

Standards on auditing - IFAC - work program

By standard-setting and technical committees, including:

© 2011 Association of Chartered Certified Accountants

course menu page 8 of 20

Standards on auditing - IFAC - work program

© 2011 Association of Chartered Certified Accountants

course menu page 9 of 20

Standards on auditing - IFAC - work program

© 2011 Association of Chartered Certified Accountants

course menu page 10 of 20

Standards on auditing - IFAC - work program

© 2011 Association of Chartered Certified Accountants

course menu page 11 of 20

Standards on auditing - IAASB - mission and operating procedures

Subcommittee selects subjects for detailed study

© 2011 Association of Chartered Certified Accountants

course menu page 12 of 20

Standards on auditing - IAASB - scope and authority of documents issued

© 2011 Association of Chartered Certified Accountants

course menu page 13 of 20

Standards on auditing - Framework - financial reporting framework

Financial statements need to be prepared in accordance

© 2011 Association of Chartered Certified Accountants

course menu page 14 of 20

Standards on auditing - framework - audit

“Level of assurance - concerns the degree of