F8 Presentation PDF

ACCA Paper F8 –
Audit and Assurance

(INT)
December 2011 Exams

Syllabus
A Audit framework and regulation
B Internal audit
C Planning and risk assessment
D Internal control
E Audit evidence
F Review
G Reporting
Examiner and Exam Format
Question 1 Application of audit procedures to a scenario 30

Question 2 Short factual questions on ISAs and other
knowledge-based areas
10
Question 3 20
Questions with short practical scenarios
Question 4 covering topics such as: internal audit, risk 20
assessment, planning, controls, evidence,
Question 5 conclusions and reporting 20
Total 100
Chap 1
Definition of an audit
An audit is the independent examination
of the financial statements of an entity
by a duly appointed auditor.
Once the examination is done, the

auditor provides a report to the
shareholders that the FS show a ture
and fair view.
Objective of an audit
• Auditor to state an opinion as to whether

the FS:
– Give a true and fair view
– Are prepared in accordance with applicable

frameworks
Types of external audits
• Statutory
– Required by law to undertake an audit (all
public and large companies)
• Non-Statutory
– No legal requirement to do so.
Reasons to undertake a non-
statutory audit
• Providing assurance to the owners over financial
results
• Making accounts more acceptable to tax

authorities
• Making a sale of the business more easy
• Providing assurance to those providing finance

to the business
Accountability, stewardship and
agency.
• Stewardship: someone is responsible of
taking care of something on behalf of
another person. Ex. directors.
• Accountability: people in positions of power

can be held to account for their actions.
• Agency: where an agent acts on behalf of a

principle to perform tasks for them.
Materiality
 If the omission or misstatement of an item
in the FS could influence the economic
decision of users, that item is said to be
material.
 Errors found by an auditor in the FS could
be substantial, influencing the decision of
the investors. Hence such an error is
known as a material misstatement.
Types of assurance engagements:
The framework permits only 2 types of
assurance engagement:
• reasonable assurance engagement)

• limited assurance engagement)
Reasonable assurance
engagement
• Auditor gathers sufficient evidence to conclude
that the subject matter agrees in all material
respects to the agreed criteria.
• The assurance given is in the form of positive

assurance, meaning that in their opinion, the
subject has been prepared in accordance with
the criteria required.
• Reasonable assurance engagements provide

high level of assurance.
Reasonable assurance
engagement
• An example of a reasonable assurance
engagement is an audit.
• Auditor gives his report in the form of

positive assurance
– The financial statements have been prepared
in accordance with applicable legislation and
standards
Limited assurance engagement
• Auditor gathers sufficient appropriate audit
evidence to be satisfied that the subject matter is
probable in the circumstances.
• Report given in the form of negative assurance

– Nothing has come to our attention that causes us to
believe that the financial statements are not prepared
(in all material aspects) in accordance with an
applicable financial reporting framework.
Limited assurance engagement
Limited assurance engagements provide moderate
assurance.
An example of a limited assurance engagement is a

review. A review engagement is undertaken b an
auditor using less evidence than required by an audit.
The users of the review report will be those who have

commissioned the review, example banks, and not
the shareholders.
Chap 2
Regulatory environment
• International Federation of Accountants:

– Serves to strengthen the profession worldwide
– Serves the public interest, and
– Promote adherence to high quality standards.
• International Auditing and Assurance Standards

Board:
– Subsidiary of the IFAC and sets International
Standards on Auditing.
Duty of auditors
• Form an opinion as to whether the FS

provide a true and fair view, and prepared
in accordance with applicable accounting
standards.
• Prepare and issue a report.
• It is the management of the company who

has the responsibility of preparing the FS.
Benefits of statutory audits
• Investors more able to rely on the information

provided in the FS
• Management able to verify that the systems /
controls in pace are effective
• Management are less likely to undertake
fraudulent activities if they know that an audit is
to take place
• Auditor will highlight any weaknesses in a
management letter.
Appointment, resignation and removal
Appointment
• Member of a recognised supervisory

board ex ACCA
• Allowed to act as an auditor by that board
Or
• Directly authorised by the state
Appointment
• Resolution at each general meeting (re-

appointment not automatic).
• Directors pre first GM and to fill casual

vacancy.
Exclusions by law
• Those involved with the management off a

company cannot audit it:
– Directors
– Employees
– Business partners
Removal
• Special notice sent to auditor

• Auditors can make representations about why they
should stay in office.
• If resolution passed, company must notify regulatory
authority.
• Auditors must deposit statement of circumstances at
company’s office + sent to regulatory authority.
• Auditors can receive notice and speak at GM where their
term of office would have expired.
chap3
Corporate Governance
Corporate governance – system by which
companies are directed and controlled.
Corporate governance - concerned with

matters such as directors responsibilities, board
of directors, audit committee and relationship
with external auditors.
The focal point of corporate governance is to

ensure that companies are run in the interests of
their shareholders and the wider community.
OECD: Principles of Corporate Governance
• Ensuring the basis for an effective corporate governance

framework
making sure everyone involved is aware of their individual
responsibilities so no party is in doubt as to what they are
accountable for.
• The rights of shareholders
management should recognise that they are agents of the
shareholders and act in their interests.
• The equitable treatment of shareholders
All shareholders should be treated fairly and in a just manner.
• The rights of stakeholders
The corporate governance framework encourage active cooperation
between the entities and stakeholders in creating wealth, jobs and
the sustainability of financially sound entities.
OECD: Principles of Corporate Governance
• Disclosure and transparency

The corporate governance framework should ensure that timely
and accurate disclosure is made on all material matters
regarding the entity, including the financial situation,
performance, ownership and governance of the entity.
• Responsibility of the board
The corporate governance framework should ensure the
strategic guidance of the entity, the effective monitoring of
management by the board, and the board’s accountability to the
entity and its shareholders.
Combined Code of Corporate Governance
The Board
• Should meet regularly
• Rigorous/transparent nomination process
• Directors to submit for re-election
• Roles of chairman and CEO to be separate
• Board should establish a sound system of
internal control
• Audit committee should be established
• Consider the need for internal audit
Corporate governance in action
• Segregation of roles
– Chairman of the board and CEO must be
different people.
Chairman: CEO:
•Ensures full information and •Ensures the operational
discussion at board meetings functioning of the company
•Runs the board of directors
One person might end up having too much power and decisions might be
taken which are not in the best interest of the shareholders.
• Audit committees - structure
– At least one member should have relevant
financial expertise.
– At lest 2 NEDs for smaller companies, and 3
for larger ones.
Listed companies should have and audit committee with at least 3 NEDs
• Audit committees - role
– To improve the quality of financial reporting and
increase the confidence of the public in the FS
– Assist directors in meeting their responsibilities in
respect of financial reporting.
– Provide a channel to external auditors to report
concerns or issues.
– Review the company’s internal control systems
– Strengthen the position of internal audit by providing
greater independence from management.
• Audit committees - advantages
– Provides the internal audit function with an
independent reporting mechanism. Without this
management may be tempted to hide unfavourable
reports.
– leaves top management free to manage by providing
expertise on financial reporting
– Ensures that corporate governance requirements are
brought to attention of the board
– Ensure that proper internal control systems are
maintained.
– Communication between directors, external audit and
management is facilitated.
• Audit committees - disadvantages
– Finding NEDs with the necessary expertise
may be difficult
– Additional costs will be involved
Chap 4
PROFESSIONAL ETHICS AND
ACCA’S CODE OF CONDUCT
ACCA sets out a code of ethics for

members and disciplinary action is taken
against those who fail to uphold them.
The fundamental principles are the following:
• Integrity
– Members should be straightforward and honest in all
business and professional relationships
• Objectivity
– Members should not allow bias, conflicts of interest or undue
influence of others to override professional or business
judgements.
• Professional competence and due care
– duty to maintain professional knowledge and skill at a level
required to ensure that a client or employer receives competent
professional service
• Confidentiality
– respect the confidentiality of information acquired as a result
of professional and business relationships and should not
disclose any such information to third parties without proper or
specific authority or unless there is a legal or professional
right or duty to disclose
• Professional behaviour
– Members should comply with relevant laws and regulations and
should avoid any action that discredits the profession.
Threats to objectivity
Five potential threats are identified in the

ACCA’s code of ethics. Safeguards are
suggested in order to counter each of the
threats.
1. Self interest - when the auditor has either a financial or
personal interest in the client.
Examples:
Dependence on client
If a client makes up too high a percentage of an auditors income, they
may be afraid of losing the income.
Safeguard – If a Listed company makes up more than 10% of a firms

income, they should not audit that client. (15% for non listed
companies)
1. Self interest
Examples:
Lowballing
Lowballing is setting a very low fee either to attract new clients or
ensure further work.
Safeguard – Auditors should not set fees in this way, the fee must be
based on a pre-determined level of work required.
1. Self interest
Examples:
Loans, Guarantees and overdue fees
If an auditor fears he may not get such items paid back his objectivity may
be threatened. In this case significant overdue fees constitute a loan.
Safeguard – Do not offer loans, guarantees or allow fees to go unpaid for

a significant time.
1. Self interest
Other Examples:
Hospitality and Benefits

Contingent Fees
Financial or Business interest
Financial interest such as shares etc.
2. Self review threat - if an auditor provides other services
to a client such as Tax advice, then the auditor will be
reviewing their own work during the course of the audit.
Examples:
Accounting Services
If an auditor prepares the accounts it is 100% sure that they will be reviewing
their own work. They may be tempted to hide errors to save face.
Safeguard - Auditor must not undertake accounting services for a client is they
are a LISTED company.
2. Self review threat
Examples:
IT
If the auditor advises on or installs accounting software for a client this will have
to be reviewed during the audit.
Safeguard - If the IT system is important to a significant part of the accounting

system, the auditor should not design, provide or implement it.
Examples:
Valuation Services
A valuation made by the auditor could have a material effect on the financial
statements.
Safeguard – If valuation requires a degree of judgement and have a material

effect on the financial statements, then the auditor should not undertake to
provide it.
Examples:
Valuation Services
A valuation made by the auditor could have a material effect on the financial
statements.
Safeguard – If valuation requires a degree of judgement and have a material

effect on the financial statements, then the auditor should not undertake to
provide it.
Other Examples:
Tax Services
Corporate Financial Services
Internal Audit Services
Former Employee of Client joining Audit Firm
3. Familiarity threat - If the auditor is too familiar with the
client, then this may give rise to a familiarity threat.
Examples:
Participation in Client Affairs
The auditor may be too familiar with the client and be unwilling to
upset them.
Safeguard – Auditor cannot be a director, employee or business

partner of client. Cannot be part of team if have been one of these in
the last 2 years.
3. Familiarity threat
Examples:
Family/Personal Relationship
An auditor may be unwilling to criticise or upset a family member if

they work for the client.
Safeguard – No member of the audit team may have a family member

or close personal relation in the client firm.
Examples:
Audit Partners joining client
If a partner joins the client firm this may affect the judgement of the
auditors involved.
Safeguard – All links to audit firm severed. Removed from audit team
as soon as appointment made. If made director or key management
and has worked for auditor in previous two years the audit firm must
resign. (Can be reappointed after 2 yr period is up).
Examples:
Acting as Auditor for prolonged period
If a partner has acted as auditor for a client for too long a period, they
may become complacent or over familiar with them.
Safeguard - If client is listed company engagement partners should

act for maximum of 5 yrs with 5 yr break in between rotations.
A Key audit partner must have a break of 2 yrs after a period of 7 yrs
and senior staff on listed audits should also not act for more than 7
yrs. For non-listed clients it is advised that partners act for no longer
than 10 years.
4. Advocacy threat - Advocacy threat is where an auditor
represents the client or is involved in representing
them.
Examples:
Legal Services
If an auditor provides legal services, they may be perceived to take

the same view as the client and therefore lose independence.
Safeguard – No legal services to be offered to client or defence in

dispute material to the financial statements.
4. Advocacy
Examples:
Corporate Financial Services
May be seen to be less than independent if advising on such matters
Safeguard – Don’t negotiate on clients behalf with the bank or advise

on debt restructuring
5. Intimidation threat
Intimidation threat is simply what it says, i.e. that the

auditor feels unable to give an independent opinion for
fear of losing the client or upsetting someone. The
safeguards will be the same as those outlined above.
Dealing with Threats
The way in which an audit firm should deal with potential
threats to independence is to have in place procedures
to:
•Identify any potential threats

•Evaluate what level of risk they pose
•Check that necessary safeguards are in place
•Correct any problems if necessary.
Confidentiality
Information should only be disclosed by auditors:
•If the client has given their consent

•Under a legal obligation e.g. money laundering,
terrorism, drug trafficking
•If required by regulatory body e.g. FSA
•Under a court order
•If in the public interest e.g. environmental pollution.
Engagement letters
• Define auditors’ responsibilities
• Written evidence of auditors’ acceptance
• Send to board of directors/or audit
committee prior first audit
• Identify any reports to be produced in
addition to audit report
• Update for changes
Engagement letters
Contents:
• Objective of audit
• Management responsibilities
• Applicable reporting framework
• Test nature – inherent responsibilities
• Unrestricted access to records
• Confidentiality of reports
• Planning
• Fees
• Role of Internal audit
Chap 5
Internal audit
A department within the company which

oversees internal control systems and
ensures that procedures are in place to
ensure good corporate governance.
Internal audit
Provides assurance to the board by:
•Reporting on and monitoring the effectiveness of internal controls.
•Assisting with implementation of required accounting standards.
•Ensuring that laid down procedures are being followed.
•Liaising with external auditor to reduce time and expense of external audit.
•Ensures compliance with OECD Principles.

Internal audit
One of the key concepts surrounding internal audit is the
independence of internal audit from management.
Ways to keep internal audit independent are to:
• Have them report to an independent committee i.e. the Audit

Committee.
• Ensure that the internal audit function is well regarded by
other departments.
• Have a ‘whistle blowing’ function for internal audit to report
serious misconduct when found.
Outsourcing of Internal audit
Advantages Disadvantages
• The provider will have specialist • If Internal and External audit are
staff. provided by the same firm (prohibited
• Cost of employing and training under ethics rules in UK) then there
full time staff is avoided. may be a conflict of interest.
• Outsourcing provides an • Independence may not be ensured by
immediate internal audit outsourcing due to threat of
department. management not renewing the
• The time scale is flexible with the contract.
contract for the appropriate time. • The cost of outsourcing may be so high
• Independence may be improved. as to encourage the firm not to have an
internal audit function at all.
• Audit methodology and
technologies will be up to date. • Lack of understanding of firms culture,
objectives and attitudes.
• The standard of service provided
cannot be controlled.
• Blurring of the distinction between
internal and external audit function.
Types of Internal audit
assignments
Value for Money
Value for money can be broken down into 3 sectors:
• Economy: Are goals achieved at a minimum cost (still paying attention to

quality)?
• Efficiency: Are resources being used to maximise output?
• Effectiveness: Are objectives being achieved?
These three areas can be thought of as Input – Process – Output.
• Inputs – Economy – As cheap as possible given quality

• Process – Efficiency – Perform the process as efficiently as possible
• Outputs – Effectiveness – These match objectives set
Chap 6
ISA 200 Overall Objective of the
Independent Auditor
To obtain reasonable assurance, the

auditor shall obtain sufficient
appropriate audit evidence to reduce
audit risk to an acceptably low level.
Audit risk = the risk that the auditor

expresses an inappropriate audit
opinion.
ISA 200 Overall Objective of the
Independent Auditor
In order for the auditor to reduce audit

risk he identifies the areas which are
more likely to be risky, and then he
plans the audit testing accordingly.
The need to plan
- required by ISA 300 to plan the audit so
that the engagement will be performed in
an effective manner.
- planning will make the audit address
salient issues and hence less time is
wasted.
- ensuring the correct audit team is in
place
- the team is working efficiently
ISA 300 Audit planning
The audit plan involves a number of
activities:
• Risk Assessment - the identification of risk will

determine the entire audit process
• Audit Strategy - The audit strategy sets out the

scope, timing and direction of the audit.
• The scope of the audit will be determined by the
reporting framework applied as well as any industry
specific requirements
• The timing of the audit will set out any deadlines

applicable and the dates of the interim and final audit
visits.
• The direction of the audit will be determined by the

identification of high risk areas and materiality.
Prevention and detection of fraud is the responsibility of management.
The risk of fraud is important to the auditor because it may lead to a

material misstatement.
This will impact the audit strategy in the following ways:
• Testing may be focused on the areas in which fraud is suspected.

• The auditor may choose not to rely on the representations of management if
they are suspected of involvement in fraud.
• Materiality may be reduced.
• Evidence provided by the client may not be relied upon.
• The auditor may have to generate more 3rd party evidence.
Knowledge of the business - KOB
Auditors are required to obtain an
understanding of their clients, their
business and their internal controls.
The purpose is to identify the risks that the

business is exposed to and how these
could lead to a risk of material
misstatement in the financial statements.
Knowledge of the business - KOB
This generally includes:
• Industry and regulatory factors;
• Operations of the entity;
• Ownership and governance structures;
• Type of investments it makes;
• Accounting policies used by the entity;
• Entity’s objectives;
Where to get the info from?
• Information from the audit firm ex. partner;

• Information from external sources ex.
newspaper;
• Information from past audits;
• Information from the client ex. website;
Understanding the entity and its
environment
We are required to:
• Make enquiries with management and
others within the company;
• Analytical procedures;
• Observation and inspection.
Analytical procedures
Evaluation of financial information, used in:

• Planning stage of the audit;
• Testing stage of the audit;
• Review stage of the audit;
They incorporate the comparison of:

• Current and prior year figures;
• Current and budgeted/forecast figures;
• Client and industry averages.
At the planning stage analytical
procedures are useful to gain an
understanding of the client’s performance
over the last 12 months and to identify any
changes.
Chap 7
ISA 320 Materiality
Information is material if its omission or

misstatement could influence the
economic decisions of users taken on the
basis of the financial statements.
ISA 320 Materiality
Materiality is important to the auditor

because if a material item is incorrect, the
financial statements will not show a true
and fair view.
ISA 320 Materiality
Establishing materiality:
(1) 0.5-1% of turnover

(2) 5-10% of profit before tax
(3) 1-2% of total assets
Prevention and detection of fraud
and error
ISA 240 recognises that misstatement in the

financial statements can arise from fraud
or error. The first one being intentional
and the latter being unintentional.
Fraud
Fraud can be split into 2 types:
• Fraudulent financial reporting

– Misstating the accounts of the company
• Misappropriation of assets
– Theft of company’s assets
The auditor’s responsibility
• Obtaining reasonable assurance that the
financial statements are free from
material misstatement, either due to
fraud or error;
• Communicate any identification of fraud
to management;
The director’s responsibility
• Prevent and detect fraud;
• Implement an effective system of internal
control;
Chapter 8
Risk assessment
Audit risk
The risk that the auditor expresses an

inappropriate opinion on the financial
statements.
Risk assessment
Audit risk:
Inherent risk x control risk x detection risk

Inherent risk
• This is the risk related to the nature of
the activities of the company.
• Considered in the planning stages of the
audit.
Inherent risk
Examples:
– Consumables
• Auditor might be concerned about items being expired
– Clothing
• Auditor might be concerned about items becoming out of
fashion
– Electronics
• Auditor might be concerned about stock becoming
obsolete
Control risk
• Risk of material misstatement due to
inadequate internal controls within the
business
Control risk
Examples:
– No segregation of duties
– No controls over assets
– No controls over IT
– Large number of signatories
Detection risk
• The work carried out by the auditor does
not uncover a material misstatement that
exists
• This may be due to sampling and non-
sampling risk
Detection risk
Sampling risk
The risk that the conclusion reached

because of a sample being taken would
differ from the conclusion given had the
whole population been tested.
i.e. the sample taken was not correct!!!

Detection risk
Non-sampling risk
The risk that the conclusion reached by the

auditor would be incorrect due to factors other
than the sample being taken.
Example:
• Procedures used
• Interpretation of results
Affecting audit risk
Auditor cannot affect inherent risk or control

risk as these are internal to the client.
Affecting audit risk
If the auditor assesses both the inherent

risk and control risk as being high, he
has to make sure that detection risk is
low, so as to even out the other results.
Reducing detection risk
• Increase amount of tests

• Increase sample
Chap 9
Internal Control Systems
Controls set up by the management of a

company to carry out the business of the
company in an orderly and efficient
manner.
The purpose of internal controls is to help

prevent fraud and errors which would
make the accounting information incorrect.
strong controls by the entity
auditor relies on info. produced

Components of an Internal Control
System
1 - Control activities
• Approval and Control of Documents (approval by senior
management)
• Controls over IT (passwords etc)
• Reconciliations
• Arithmetical Accuracy
• Control Accounts
• Restricted access to physical assets
• Compare physical counts with accounting records
• Segregation of Duties
System
2 – Risk assessment
Management should be undertaking regular risk

assessments to ensure that all risks are identified and
mitigated.
System
3 – Information system
The auditor must ‘obtain an understanding of the

information system, including the related business
processes, relevant to financial reporting.’
The auditor must decide what areas of the information

system are relevant to the financial reporting of the entity
and only concentrate on those systems.
System
4 – Monitoring of controls
Controls may be monitored either by management or by

the internal audit function if one exists.
The auditor may be able to rely on some of the work of

internal audit, but must first gain an understanding of
how controls are monitored and how effective the
monitoring is.
System
5 – The control environment
The control environment refers to the framework around

which the controls of the organisation operate.
Management attitude will largely determine the nature of

the control environment.
Controls over IT systems
(i) – General controls
• protect the system by restricting access through

passwords, usernames etc. Other general controls will
include back-up procedures, controls over changes to
the system or software, controls to prevent access to
sensitive data.
Controls over IT systems
(ii) – Application controls
• specific control procedures over the accounting

applications that are built into the system. They will
include checks to ensure the arithmetical accuracy of
transactions as well as controls preventing the reversing
of transactions
Chapter 10
Internal control and the audit
• Tests of control test the systems in place by determining whether

the controls over it are sufficient or not. If the control in place is
strong, then the auditor is able to place reliance on the information
generated by that particular system.
• Substantive procedures on the other hand are procedures to gain

direct assurance over a figure in the financial statements
Internal control – fraud and error
If the auditor decides that the internal controls are strong, this may
mean that they may not have to gain less evidence from other
sources.
Chapter 11
Specific internal controls - Revenue
Taking orders
CONTROL OBJECTIVE CONTROL PROCEDURE
Orders should be raised All orders should be in writing from

accurately. customer or confirmed with customer.
The customer should be All customers undergo credit checks.

credit worthy.
Credit limits should be checked before
Credit limits should not be accepting an order.
exceeded.
Inventory should be checked before issuing
The company should be able an order.
to fulfil the order.
Dispatch of goods
All orders should be sent Order pads or computer generated

to the warehouse. orders should be sequentially
numbered to ensure none go
The goods required missing.
should be in inventory.
Goods should be selected from
The correct goods inventory using the customers’ order.
should be sent to the
correct customers. The order should be authorised and
signed when goods selected.
Match GDN with customer order.
Customer signs GDN & returns to

company.
GDN recorded and filed with

sequential numbers.
Raising invoice
An invoice should be GDN sent to invoicing dept. Invoice

raised for all raised to match and copy attached to
deliveries. GDN and filed sequentially.
The invoice should be Order agreed to GDN. GDN agreed

for the correct to invoice.
amount.
Invoice agreed to price list.
Any credit notes
should be valid and Above checked and signed by person
authorised. in authority.
All credit notes allocated and copy

attached to invoice to which it relates.
All credit notes authorised by line

manager.
Recording of the sale
All sales should be Review debtors’ ledger for credit

recorded. balances where invoices may not
have been recorded.
The correct amount
should be recorded for Reconcile the debtors ledger.
each sale.
Check all entries to invoices
The sale should be
recorded against the Send out statements to all customers
correct customer. regularly.
Receipt of payment
All customers should pay the Cash received agreed to invoice.

correct amount.
Review aged listing and investigate old balances.
All invoices should be paid.
Chase up old outstanding amounts.
All receipts should be
recorded. Perform regular bank reconciliations
The correct amount should be Lodge cash and cheques to the bank regularly.
recorded.
Ensure that segregation of duties exists
The payment received should
be allocated to the correct Review customer statements.
customer.
Retention of customer remittance details
All money banked promptly.
Specific internal controls -
Purchases
Raise requisition and place order
The requisition should be for a Line manager authorises all requisitions.

valid business reason.
All purchasing is centralised.
The cost of the requisition should
be reasonable. Suppliers used are approved.
Items should only be
requisitioned when required. Inventory levels checked before ordering.
Orders should be raised for all Sequentially pre-numbered requisition pads with
requisitions. order matched to requisition.
Orders confirmed in writing.
Check price is the same as price list being used.

Purchases
Goods received
For all orders that are made, the All goods received are delivered to one area which is
goods are actually received. secure.
The goods should be the correct Records are updated as soon as the goods arrive.
goods as ordered.
Sequentially numbered purchase order matched to the
The quality of the goods should GRN and checked correct.
be acceptable.
Inspect the goods received to ensure quality and
The quantity of goods received quantities.
should be as ordered.
Sign and authorise GRN
Purchases
Receipt of invoice
Invoices should be received for When goods received a copy of the

all goods received. GRN (sequentially numbered) sent to
invoicing dept. and matched to invoice.
All invoices received are for
valid purchases. Items checked to invoice to ensure
validity.
All invoices have the correct
items, quantities and prices. Invoice checked, signed and authorised
for payment.
All invoices should be
arithmetically correct.
Purchases
Recording of the purchase
The correct amount should be All invoices checked and stamped.

recorded for all purchases.
All invoices filed away should
All purchases should be therefore be stamped.
recorded.
Suppliers statements should be
The transaction should be reconciled regularly
recorded in the correct supplier
account. Reconcile purchase ledger control
account.
Purchases
Payment to supplier
All invoices should be paid. All invoices stamped as paid when

done.
All invoices should be paid on
time. Ensure system in place to pay on
time to retain credit limits and supplier
All invoices should be paid only goodwill.
once.
Ensure stamped invoice is not paid
All invoices should be paid at again by keeping separate once paid.
the correct amount.
Vouch payment amount to invoice
All payments should be for valid amount.
business expense.
All invoices should be authorised
before payment.
All payments should be authorised.

Specific internal controls - Payroll
Timesheets submitted
All of the sheets or cards The number of sheets or cards

should be received. should be counted to ensure the
number matched the number of
All sheets or cards employees.
should be valid
Access to additional sheets or cards
All of the hours should be restricted.
submitted should have
been actually worked. All sheets and cards should be
authorised by line managers.
Inputting of information
All information should be Totals should be checked.

input with none missed
or omitted. Sheets should be signed once input.
Information should be No duplicate employees should be

input accurately. possible on the system.
No information should Passwords and usernames should

be included twice. restrict access to data.
No bogus employees New employees should only be set

should exist. up on the computer by a senior
manager.
Segregation of duties should exist.

Standing data / date kept for long term inputted
Payments to leavers Managers should authorise and

should cease once promptly inform the payroll dept of
they have left. leavers and joiners.
The data on the Regular checks of standing data

system should be should be undertaken by senior
accurate. management.
Forms should be signed to verify

leavers/joiners are recorded on the
system.
Changes should be authorised by

senior member of staff.
Processing and recording of payroll
The payroll calculations should A sample printed out and checked

be correct. manually.
The correct wages, PAYE & System produces report automatically

NIC’s should be recorded on the for over/under payments.
system.
Print out signed by clerk to confirm
accuracy.
Senior management review to ensure

reasonable.
Payment made to staff
All staff should If cash wages are paid ensure that

receive payment. two people are present when
payment is made.
No bogus employees
should be paid. BACS summary should be reviewed
by manager and authorised prior to
The correct amount payment.
should be paid to
staff. List of BACS payments should be
reviewed to verify all payments made.
Inventory
Goods arrive into inventory
All goods should be Locations kept secure with access

protected from theft on restricted.
arrival.
Separate areas for new deliveries
New deliveries should and returns.
be kept separate from Goods checked for quality on arrival.
returns.
Purchases cycle controls should be in
Goods received should place. (see above)
be of suitable quality.
Inventory should be
recorded.
Only inventory ordered

should be accepted.
Inventory
Inventory stored until needed
Inventory should be Ensure that storage area is

stored safely and weather proof, has fire
securely to ensure protection and is at the correct
good condition. temperature.
Oldest inventory Ensure inventory system is
should be used first based on FIFO.
to prevent
Access to stores should be
obsolescence.
restricted.
Inventory should be
Warehouse should have a single
protected from theft.
secured exit.
Inventory
Materials leave stores to go to production
The correct The production manager

amount of should authorise all
inventory should requisitions from stores.
be sent to the
Requisition orders should be
production
checked to goods sent out.
centre.
Standard quantities of
The correct type
materials could be used.
of materials
should be sent.
Inventory
Finished goods sent to customers
The correct The same procedures as the

goods should be sales cycle apply here.
sent.
Quality should be
maintained.
Records should
be updated
promptly and
accurately.
Inventory
Inventory is counted
The count should Counted areas marked to

be accurate. prevent double counting.
Managers check accuracy by
spot counts.
Counting done in pairs.
Employees don’t count areas
they are responsible for.
Count sheets sequentially
numbered.
Controls over inventory arrivals
during the count.
Specific internal controls - Cash
Cash amounts should be safeguarded
Cash should be Perform surprise cash count.

locked in safe.
Ensure only authorised staff
Access to cash have access to cash.
restricted.
Check sequential numbering
Security of cash receipts.
movements for
Check mail is opened by two
large amounts.
members of staff to reduce
Banking the chance of fraud.
times/routes
varied.
Cash held at premises is kept to a minimum
Cash should be Check all cash lodged intact

banked regularly. to bank regularly.
Cash balances in All lodgements are
tills should be authorised.
emptied regularly
Examine bank reconciliations
and ensure regularly
performed.
Investigate old outstanding
items.
Withdrawals authorised
Limited number of Cheque book should be reviewed to

authorised signatories. ensure no cheques are missing and no
cheques are signed in advance.
Banking online should have
restricted access. Verify that cash payments are
arithmetically correct.
Cheques should not be
signed in advance. Direct debits should be consistent and
authorised.
Cheque books should be
kept under lock and key. Petty cash balances should be counted
and checks made that controls are in
place over petty cash.
Chapter 12
Reporting control weaknesses
If management are interested, the auditor
can also offer to provide what is called a
MANAGEMENT LETTER whereby
weaknesses in the controls of the
company are highlighted.
The weaknesses highlighted in this letter
are those found during the audit testing
and not necessarily all the weaknesses in
the controls of the company.
It should be highlighted that:
• The list only includes weaknesses that came to light

during the audit
• The report is for the sole use of the company
• No disclosure should be made to 3rd parties without prior
notification to the auditor
• No responsibility is assumed to other parties.
the structure of the report will be as follows:
(i) WEAKNESSES
(ii) CONSEQUENCE
(iii) RECOMMENDATION
Chapter 13
Audit evidence
ISA 500 mentions that different
assertions apply to different figures in
the financial statements. These
different figures include:
• Transactions and events

• Account balance
• Presentation and disclosure
Transactions and events
Mainly, figures relating to transactions and

events relate to entries which are reflected
in the statement of comprehensive income
/ income statement.
Account balance
Items found in the balance sheet
Presentation and Disclosure
The notes to the accounts, which
incorporate how the financial statements
have been presented and items disclosed.
Transactions and events
COMPLETENESS: all transactions that should have been recorded,
have been recorded.
OCCURRENCE: transactions which have been recorded, have occurred

and pertain to the company.
CUT-OFF: transactions have been accounted for in the proper accounting

period
CLASSIFICATION: transactions have been recorded in the proper

accounts
ACCURACY: transactions have been recorded appropriately

Account Balance
COMPLETENESS: all assets, liabilities and equity
that should have been recorded, have been recorded.
EXISTENCE: assets, liabilities and equity really exist
RIGHTS AND OBLIGATIONS: the company has

a right over the asset and the obligation over the liability
VALUATION: assets, liabilities and equity are correctly

valued in the financial statements
Presentation and Disclosure
COMPLETENESS: all disclosures that should have
been disclosed, have been disclosed.
OCCURRENCE: disclosed events have been

recorded and pertain to the entity
CLASSIFICATION: disclosures are appropriately

presented and expressed.
ACCURACY: disclosures have been disclosed

appropriately
How to test these assertions.
INSPECTION OF RECORDS/TANGIBLE ASSETS – invoices,
contracts etc.
OBSERVATION – observation of events like mail opening, stocktake

etc
ENQUIRY – asking management, accountant, staff.
CONFIRMATION – contacting third parties
RECALCULATION – example depreciation, accruals.
RE-PERFORMANCE – redo procedures like stock take, reconciliations
ANALYTICAL PROCEDURES – comparing the figures.

How to test these assertions
COMPLETENESS
• Inspection of records
• Analytical review
• Recalculation
• confirmation
RIGHTS AND OBLIGATIONS
• Confirmation
VALUATION AND ALLOCATION
• Recalculation
• Confirmation
EXISTENCE
• Inspection of assets
• Confirmation
OCCURANCE
• Inspection of assets
• Enquiry
ACCURACY
• Re performance
• Analytical review
• confirmation
Chapter 14
Audit evidence
ISA 500 states that..
The objective of the auditor is to design and

perform audit procedures in such a way to
enable the auditor to obtain sufficient
appropriate audit evidence to be able to
draw reasonable conclusions
Audit evidence
SUFFICIENT EVIDENCE
There must be ENOUGH evidence to support the auditor’s

opinion. Determining whether evidence is sufficient
depends on:
• Risk of material misstatement

• Results of tests of controls
• Size of population being tested
• Size of sample selected
• Quality of evidence obtained
Audit evidence
APPROPRIATE EVIDENCE
This is made up of:
• Reliability of evidence
• Relevance of evidence
Reliability
Evidence is considered reliable when:
• It is obtained from independent sources

• Generated internally but subject to
effective internal control
• Obtained directly by the auditor
• In documented form
• In original form
Relevance
To be relevant, audit evidence has to

address the objective of the procedure.
Accounting estimates
Characteristics of accounting estimates:
• Confirmation of estimates is difficult

• Prone to inaccuracy
• No physical evidence
• Prone to management bias
Accounting estimates
The auditor must obtain an understanding
of:
• Management’s assessment of the

estimates
• How the estimate is actually done
Not for profit organisations
Properties of a not for profit organisation:
• Lower risk – activity is relatively simple
• Direct control by owners – persons coming up with the idea of an

NFP are the ones who have total control
• Simpler systems
Evidence implications:
• Same auditing rules apply
• Quantity of evidence may be well less than for a larger

organisation
• It may be more efficient to carry out 100% testing ie no

sampling
Problems:
• Management override
• No segregation of duties
• Less formal approach

Differences from privately owned entities
NFP’s:
• Do not have profit maximisation as their main objective
• Do not have external shareholders
• Will not distribute dividends

Problems auditing NFP’s
• Weaker systems due to:

– Lack of segregation of duties
– Use of volunteers
– Less formalised systems and controls
• Income received by way of donation
• Assessing going concern may be difficult

Opening balances and comparative
information
When taking on new clients, the auditor must ensure that:
• Opening balances are correct
• Prior period closing balances have been brought forward

correctly
• Appropriate accounting policies been consistently used

or changes appropriately disclosed.
Opening balances and comparative
information
Audit procedures:
• Consult client’s management
• Reviewing documentation of prior period
• Consulting previous auditor and reviewing his working

papers
• Substantive testing if all the above are unsatisfactory

Chapter 15
Audit sampling
CONTROLS TESTING
LARGE SAMPLE TO BE
SELECTED
SMALLER SAMPLE TO BE
SELECTED
IMP: SUBSTANTIVE TESTING MUST BE ALWAYS CONDUCTED!!!

Audit sampling
Substantive procedures are carried out on samples of

the transactions making up a figure in the financial
statements.
The amount of substantive testing can be varied

depending on the size of the sample being chosen.
Due to the auditor choosing a SAMPLE he cannot give

ABSOLUTE ASSURANCE.
Ways to extract a sample
(i)Statistical sampling
(ii)Non-Statistical sampling
Statistical sampling
An approach to sampling that uses:
• Random selection of samples; and

• Probability theory to evaluate the results
Considerations when designing a
sample
• The purpose of the procedure
• Combination of procedures being
performed
• Nature of evidence sought
• Possible misstatements
Types of samples
• Random selection: use of random number tables
• Systematic selection: sampling interval used
• Monetary unit sample: selecting sample based on the

value
• Haphazard selection: no structured technique but one

avoids bias
• Block selection: involves selecting a block of items which

are next to each other in the population.
Non-Statistical sampling
Judgement is used to select items
to be tested. This usually leads to
focusing on higher value items.
Chapter 16
Audit documentation
Imp things to note:
1. If the working papers do not exist, then the auditor will be unable to
prove how and why the opinion expressed was arrived at.
2. Working papers should provide evidence that a qualified practitioner

could easily follow and report the same conclusions.
3. Unclear working papers are USELESS.

Audit file structure
Planning stage:
1. Risk assessment.
2. Materiality.
3. Knowledge of the business.
4. Use of any experts.
5. Composition of the audit team.
6. Timing.
7. Reporting (does the client form part of a group of companies to which
we must report?)
Testing:
1. Property plant and equipment
2. Intangible assets
3. Receivables
4. Cash
5. Payables
6. Share capital
7. Etc….work carried out on the specific sections which we ll be
auditing. Each section will contain its lead schedule
Completion and review:
1. Final analytical review
2. Documentation of issues found
3. Subsequent events
4. Specific topic questions
5. etc
The lead schedule
Components of a lead schedule

1. Title: client name / year end / ‘prepared by’ section / subject
2. Prior year figures
3. References
Chapter 17
Analytical Procedures
Used to highlight unusual figures in order to
focus the audit on them or to establish that
a trend has continued.
compulsory at the planning and final stage
of the audit. Also an effective tool for
gathering evidence throughout the audit.
Profitability Ratios
• Gross margin – (gross profit/sales)100

• Net margin – (net profit/sales)100
• ROCE – (profit before interest and tax / share capital +
reserves + borrowings)
Liquidity Ratios
• Receivables days – (receivables/sales)365

• Payables days – (payables/purchases)365
• Inventory days – (inventory/cost of sales)365
• Current ratio – (current assets/current liabilities)
• Quick ratio – (current assets – inventory/current
liabilities)
Whether or not to rely on analytical procedures:
• Suitability – not suitable for every assertion

• Reliability – auditor may only rely on data generated
from a system with strong controls
• Degree of precision – some figures will not have a
recognisable trend over time or be comparable
• Acceptable variation – variations having an immaterial
impact on the financial statements will not hold as much
interest to the auditor as those that do
Chapter 18
Auditing specific items
Questions in the exam will focus on a scenario with the audit of
specific items.
For this section of the exam paper, the approach to such a question
should focus on three things:
• What are the assertions for the item in the question.
• What procedures should be carried out to test the balance?
• Always relate these steps to the scenario in the question – a list of

procedures not relevant to the scenario will not get any marks!
Receivables
Payables
Tangible Non Current Assets
Non Current Liabilities
Bank and Cash
Inventory
Chapter 19
THE WORK OF OTHERS
ISA 600 deals with the use of the work of an expert by the auditor.
The auditor may not have the expertise to make judgements on all aspects
of a clients’ business and may seek help in the form of an expert. Examples
of this are specialist inventory, property valuation and complex work in
progress.
If the auditor chooses to rely on the work of an expert, they must ensure that
the expert is independent and sufficiently competent.
THE WORK OF OTHERS
The auditor will decide whether the expert is competent based on their
qualifications and their experience.
If an expert in the inventory of the entity being audited is consulted on

valuation of inventory, but works for a subsidiary of the entity then the auditor
may consider them to be not sufficiently independent.
The auditor should make no reference to the use of the work of others in the
audit report. It is the auditors’ opinion in the report and the work of others is
simply one type of evidence that may be used, if sufficient and reliable, to
come to that opinion.
THE WORK OF OTHERS
ISA 610 sets out the considerations the auditor must make before relying
on work carried out by internal audit.
The auditor should consider:
• Whether the internal audit staff are sufficiently independent to retain

objectivity.
• The qualifications and technical competence of the internal audit staff.
• The professionalism of the staff and the standing of internal audit within
the organisation.
• Are internal audit constrained in any way by management?
THE WORK OF OTHERS
If these considerations are fulfilled the auditor may assess the reliability of
the work carried out by internal audit by ensuring:
• Internal audit working papers are well documented hand have been
reviewed.
• Evidence gained by internal audit is sufficient and appropriate.
• Any conclusions drawn are reasonable and valid.
• Management have acted on recommendations made by internal audit.
Chapter 20
Computer assisted audit
techniques
USING THE COMPUTER TO TEST OR

ASSIST THE AUDITOR IN
TESTING DURING THE AUDIT
PROCEDURES
CAATS
EXAMPLES:
1. To run client data to check for errors

2. To extract samples
3. Check calculations
4. Produce reports
5. Match transactions
6. Create test data, input it in the client’s system and
compare the result to what was expected (auditing
around the computer – input vs output).
Chapter 21
Subsequent events and going
concern
During the audit it is likely that the auditor will come
across errors in the FS. The auditor should keep a record
of these and report to management.
The auditor will not be concerned with immaterial errors,

however, individual immaterial errors could aggregate to
amount to a material misstatements.
Also, there might be material misstatements.

concern
If management amend material errors, then the auditor
will issue an unqualified report.
If management do not amend the errors then a qualified

report will be issued.
concern
Between the year end and the date

of signing the audit report, the
auditor has an active duty to
search for all material events.
concern
Between the date of signing the

audit report and the date of issue
(usually AGM date), this turns to a
passive duty.
concern
Subsequent events review
– Review of post year end management accounts

– Review of post year end board minutes
– etc
Adjusting vs non-adjusting
events
Adjusting events
Provide additional evidence relating to conditions

existing at the balance sheet date.
Example: a debtor going bankrupt after year end.

Adjusting vs non-adjusting
events
Non-adjusting events
Events taking place after balance sheet date but do

not fall under the definition of adjusting events.
Example: fire destroying inventory after balance

sheet date.
Subsequent events
A question on subsequent events will usually

involve a scenario with events which you
must decide are adjusting or non-adjusting
events.
NO
IS THE EVENT MATERIAL? NO ACTION

REQUIRED
YES
DOES THE EVENT PROVIDE ADDITIONAL EVIDENCE OF

CONDITIONS EXISTING AT THE YEAR END?
YES NO
ADJUSTING EVENT NON-ADJUSTING EVENT
FINANCIAL STATEMENTS NO REQUIREMENT TO ADJUST THE

MUST BE ADJUSTED – IF FINANCIAL STATEMENTS – EVENT
MANAGEMENT REFUSE MUST BE DISCLOSED - IF
THE AUDIT REPORT WILL MANAGEMENT REFUSE THEN
BE QUALIFIED. QUALIFY THE AUDIT REPORT FOR
DISAGREEMENT
Going concern review
• Consider economic conditions of the industry in
which the company is operating
• Contact providers of finance to the business to
ensure they are happy to continue to do so.
• Assess management’s intentions of the future.
• Review any budgets
Chapter 22
Management representations
The auditor may ask management to confirm in writing
certain issues which arose during the audit.
There are specific and non-specific items to be

included in the management representation letter.
Specific items: those required by ISA’s
Non-specific items: items relevant to that particular

audit. Ex. No evidence was available on specific
elements of the FS.
Chapter 23
Audit reports
ISA 700 sets out the elements /contents of an audit report. They are:
Title
• Identifies the report as an ‘Independent Auditors Report’
Addressee
• The shareholders i.e. for whom the report is produced.
Introductory Paragraph
• Sets out which pages in the report have been subject to audit and which have not.
Statement of responsibilities of management

• Management have prepared financial statements in accordance with GAAP and
representing a true and fair view. Application of accounting policies and estimates as well
as responsibilities for systems and controls.
Statement of responsibilities of auditor

• The audit was planned and assessed the risk of material misstatement considering internal
controls and obtaining sufficient appropriate evidence. That the auditor will express an
opinion.
Audit reports
Scope Paragraph
• Standards under which the audit was conducted, the processes and the test basis as well
as the appropriateness of policies and disclosures.
Opinion
• Do the statements present a true and fair view? Are they prepared according to applicable
GAAP and legislation?
Auditors signature
• Auditor or firm is registered and authorised to conduct the audit.
Date of the Report

• Signed after approved by directors – on the same day.
Auditors address
• le on specific elements of the FS.
Audit reports
If the auditor disagrees with some aspect of the financial statements or

is unable to state that they provide a true and fair view, then a
modified audit report will be issued.
There are two types of modified audit report:
• An unqualified audit report with an ‘emphasis of matter paragraph’

• A qualified audit report.
Emphasis of matter
If the auditor wishes to draw attention to a particular matter, but agrees

with the financial statements an ‘emphasis of matter’ paragraph will be
included in the audit report.
The matter referred to will be fully disclosed in the accounts and the
auditor is simply drawing the users’ attention to it.
The paragraph will make it clear that the opinion is not qualified and
will be given a separate heading after the opinion paragraph.
Qualified Reports
There are two reasons that an auditor may qualify an audit report:
• Disagreement
• Limitation of scope
Disagreement
A qualified report for the reason of disagreement will be issued if the
auditor disagrees with the application of accounting policies, the
policies used, treatment of a particular item or the adequacy of
disclosures.
The disagreement can be such that it is either:
• Material
• Material and pervasive
Material
A material disagreement will mean that the auditor agrees with the
rest of the financial statements, but disagrees with that particular
element of them.
In this situation the auditor will qualify the audit with an ‘except for’
paragraph i.e. In our opinion, except for the effect on the financial
statements of the matter referred to in the preceding paragraph, the
financial statements give a true and fair view,
Material and pervasive
A disagreement which is material and pervasive is of such
significance that the financial statements do not give a true and fair
view.
In such a situation an adverse opinion is issued i.e. the financial

statements do not give a true and fair view.
Limitation of scope
If the auditor is unable to form an opinion, then the report will be
qualified for limitation of scope.
Limitation of scope will be due to being unable to obtain sufficient

evidence which should have been available.
A material limitation of scope will mean that the auditor agrees with
the rest of the financial statements, but is unable to agree with that
particular element of them.
In this situation the auditor will qualify the audit with an ‘except for’
paragraph i.e. In our opinion, except for the matter referred to in the
preceding paragraph, the financial statements give a true and fair view,
Limitation of scope
A limitation of scope which is material and pervasive is of such
significance that auditor is unable to state whether the financial
statements give a true and fair view.
In such a situation a disclaimer of opinion is issued i.e. the auditors

do not express an opinion on the financial statements.

F8 Presentation PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

F8 Presentation PDF

Uploaded by

Copyright:

Available Formats

ACCA Paper F8 –

Audit and Assurance

December 2011 Exams

Question 1 Application of audit procedures to a scenario 30

Once the examination is done, the

• Auditor to state an opinion as to whether

– Give a true and fair view

– Are prepared in accordance with applicable

• Making accounts more acceptable to tax

• Making a sale of the business more easy

• Providing assurance to those providing finance

• Accountability: people in positions of power

• Agency: where an agent acts on behalf of a

• reasonable assurance engagement)

• The assurance given is in the form of positive

• Reasonable assurance engagements provide

• Auditor gives his report in the form of

• Report given in the form of negative assurance

An example of a limited assurance engagement is a

The users of the review report will be those who have

• International Federation of Accountants:

• International Auditing and Assurance Standards

• Form an opinion as to whether the FS

• Prepare and issue a report.

• It is the management of the company who

• Investors more able to rely on the information

• Member of a recognised supervisory

• Resolution at each general meeting (re-

• Directors pre first GM and to fill casual

• Those involved with the management off a

• Special notice sent to auditor

Corporate governance - concerned with

The focal point of corporate governance is to

• Ensuring the basis for an effective corporate governance

• Disclosure and transparency

ACCA sets out a code of ethics for

Five potential threats are identified in the

Safeguard – If a Listed company makes up more than 10% of a firms

Loans, Guarantees and overdue fees

Safeguard – Do not offer loans, guarantees or allow fees to go unpaid for

Hospitality and Benefits

Safeguard - If the IT system is important to a significant part of the accounting

Safeguard – If valuation requires a degree of judgement and have a material

Safeguard – If valuation requires a degree of judgement and have a material

Safeguard – Auditor cannot be a director, employee or business

An auditor may be unwilling to criticise or upset a family member if

Safeguard – No member of the audit team may have a family member

Acting as Auditor for prolonged period

Safeguard - If client is listed company engagement partners should

If an auditor provides legal services, they may be perceived to take

Safeguard – No legal services to be offered to client or defence in

Corporate Financial Services

May be seen to be less than independent if advising on such matters

Safeguard – Don’t negotiate on clients behalf with the bank or advise

Intimidation threat is simply what it says, i.e. that the

•Identify any potential threats

Information should only be disclosed by auditors:

•If the client has given their consent

A department within the company which

•Reporting on and monitoring the effectiveness of internal controls.

•Assisting with implementation of required accounting standards.

•Ensuring that laid down procedures are being followed.

•Ensures compliance with OECD Principles.