Audit and Assurance

Suggested Answers
Certificate in Accounting and Finance – Autumn 2016

A.1 (a) Controls over data transmission may include the following:
 Firewalls to prevent intrusion into the programs that send and receive data
 Only using secured Wi-Fi with password protection
 Data encryption

(b) If management refuse to allow the auditor to send a confirmation request the auditor
should:
 inquire as to management’s reasons for the refusal, and seek audit evidence as to the
validity and reasonableness of those reasons;
 evaluate the implications of management’s refusal on the auditor’s assessment of the
relevant risks of material misstatement, including the risk of fraud, and on the nature,
timing and extent of other audit procedures; and
 perform alternative audit procedures designed to obtain relevant and reliable audit
evidence.

The auditor shall communicate with those charged with governance if:
 the auditor concludes that management’s refusal to allow the auditor to send a
confirmation request is unreasonable; or
 the auditor is unable to obtain relevant and reliable audit evidence from alternative
audit procedures,

(c) Performance reviews – In the context of control activities, performance review includes:
 analyses of actual performance against budget and forecasts;
 analyses of actual performance against prior period performance
 control reporting and variance analysis

(d) Communications protocol

A communications protocol is set of digital rules for message exchange within or between
computers.

When systems communicate they use pre-defined formats for exchanging the messages.
This ensures that each part of the message is recognized and interpreted by the recipient in
the intended fashion.

For each communication a protocol must define:

 Syntax – the arguments used to create the message
 Semantics – how each argument is to be interpreted
 Synchronization – how the sender and receiver will actually exchange the message

Communication protocols are implemented through a combination of hardware and

software.

(e) The main categories of general controls that an auditor would expect to find in a computer-
based information system are:
(i) controls over the development of new computer information systems and applications
(ii) controls over the documentation and testing of changes to programs
(iii) the prevention or detection of unauthorised changes to programs (for example, by an
employee committing fraud or by a ‘hacker’ accessing the system)
(iv) controls to prevent the use of incorrect data files or programs

Page 1 of 5
 Audit and Assurance
Suggested Answers
Certificate in Accounting and Finance – Autumn 2016

A.2 (a) The objective of a statutory audit (an external audit) is to express an opinion on the truth
and fairness of the views presented by the financial statements. The auditor is not primarily
responsible for the prevention or detection of fraud.

The auditor will be concerned with fraud only to the extent that it might impact on the
view shown by the financial statements. He will therefore be concerned with the risk of
material fraud.

The auditor should maintain an attitude that includes a questioning mind, being alert to
conditions which may indicate possible misstatement due to error or fraud, and a critical
assessment of audit evidence.

Further, he must respond appropriately to fraud or suspected fraud identified during the
audit.

(b) Management’s attitude towards the auditor which may indicate the possibility of a material
misstatement includes:
 Denial of access to records, facilities, certain employees, customers, vendors, or others
from whom audit evidence might be sought.
 Undue time pressures imposed by management to resolve complex or contentious
issues.
 Unusual delays by the entity in providing requested information.
 An unwillingness to add or revise disclosures in the financial statements to make them
more complete and understandable.

(c)  Rapid growth or unusual profitability.

 Significant portions of key management personnel’s compensation i.e. bonus being
contingent upon achieving aggressive targets for operating results.
 Pressure on management to show good profitability considering the proposed
acquisition.

A.3 (a) The auditor is required to assemble the final audit file(s) on a timely basis after the date of
the auditor’s report. This usually excludes drafts of working papers or financial statements,
or notes that reflect incomplete or preliminary thinking. After the assembly of the final
audit file has been completed, the auditor must not delete or discard audit documentation
before the end of its retention period.

(b) In such case the auditor is required to document:

 the circumstances;
 the new or additional procedures performed, audit evidence obtained, conclusions
reached and their effect on the auditor’s report; and
 when and by whom the resulting changes to audit documentation were made and who
reviewed them.

A.4 (a) In order to ensure the completeness of list of related parties provided by the client, your
audit procedures could include the following:
 Review working papers for previous years, to look for names of known related parties.
 Review the company’s procedures for identifying related parties.
 Inquire about the relationships between directors and other entities i.e. whether any
director is a director, CEO, major shareholder etc. in another company.
 Review shareholder records for the names of major shareholders.
 Review minutes of BOD meetings and general meetings of the company.
 Get confirmation from any other audit firms involved in the audit about related parties.
(e.g. in case of audit of a group of companies, more than one firm of auditors are
involved)

Page 2 of 5
 Audit and Assurance
Suggested Answers
Certificate in Accounting and Finance – Autumn 2016

(b) According to the International Standard on Auditing (ISAs) the auditor is required to
obtain written representations from management and, where appropriate, those charged
with governance that:
 they have disclosed to the auditor the identity of the entity's related parties and all the
related party relationships and transactions of which they are aware; and
 they have appropriately accounted for and disclosed such relationships and
transactions in accordance with the requirements of the framework.

In view of the above, the auditor should not accept the argument given by the
management. If management does not provide one or more of the requested written
representations, the auditor shall:
 discuss the matter with management/ those charged with governance;
 re-evaluate the integrity of management and evaluate the effect that this may have on
the reliability of representations (oral or written) and audit evidence in general; and
 take appropriate actions, including determining the possible effect on the opinion in
the auditor's report

A.5 (a) The statement is not appropriate, as management is also responsible for assessing the
entity’s ability to continue as a going concern and whether the use of the going concern
basis of accounting is appropriate as well as disclosing, if applicable, matters relating to
going concern.

(b) The statement is appropriate to the extent that reasonable assurance is a high level of
assurance. However, second statement is not appropriate as reasonable assurance is not a
guarantee that an audit conducted in accordance with ISAs will always detect a material
misstatement, due to inherent limitations of audit.

(c) The statement is appropriate to the extent that auditor has to obtain an understanding of
internal control relevant to the audit in order to design audit procedures that are
appropriate in the circumstances. However, the second statement is not appropriate
because the auditor is not required to express an opinion on the effectiveness of internal
controls in conjunction with the audit of the financial statements.

(d) The statement is not appropriate the responsibilities in addition to the main body of the
audit report can be included;
 Within an appendix to the auditor’s report, in which case the auditor’s report shall
include a reference to the location of the appendix; or
 By a specific reference within the auditor’s report to the location of such description on
a website of an appropriate authority.

(e) The statement is not appropriate as the audit report can either be signed in the name of the
audit firm or the personal name of the auditor or both.

(f) The statement is not appropriate as the Key Audit Matters are selected from the matters
communicated with those charged with governance and in making those assessments
matters pertaining current period only are considered as opposed to matters pertaining to
prior period.

Page 3 of 5
 Audit and Assurance
Suggested Answers
Certificate in Accounting and Finance – Autumn 2016

A.6 Test of details for verification of valuation assertion of tangible non-current assets:
 Check the cost in the financial statements against the purchase invoices/contracts for the
assets.
 Check that the purchase expenditure is analysed reasonably between land, buildings and
equipment.
 Review the allocation of total expenditure on non-current assets between capital and
revenue amounts.
 Verify amounts in the financial statements with the valuer’s report.
 Obtain an understanding of the work of the expert through considering the reasonableness of
valuations/assumptions used in valuations.
 Evaluating the competence, capabilities and objectivity of the expert.
 Check that valuations are regularly updated.
 Check that all the assets of the similar class are revalued.

A.7 (a) JL holds 51% shareholding in RL:

As Daud & Co. (DC) is not qualified for appointment as the auditor of RL due to
directorship and shareholding of partner’s wife in RL, DC cannot be appointed as the
auditor of any of its holding company i.e. JL.

(b) JL is an associated company of RL:

DL is ineligible to act as the auditor of JL, as the spouse of the partner holds shares in the
associated company. However, since Daud’s wife holds shares prior to the appointment,
DC can be appointed as auditor of JL subject to comply with the following requirements:
 Disclose this fact to JL at the time of appointment as auditor.
 Divest her investment in RL within 90 days of appointment.

The directorship of Daud’s wife in RL is not relevant for the appointment of DC as the
auditor of JL.

(c) One of the directors in JL also holds 10% shareholding in RL:

Daud and Company can be appointed as the auditor of JL as there is no disqualification
with respect to common shareholding in another company, which is neither a subsidiary
nor an associated company of the prospective audit client.

A.8 (a) Self-interest, self-review and familiarity threats will be created, as Kamran has served as an
employee in ABC.

Safeguards:
 Conducting a review of the work performed by Kamran as a member of the audit
team,
 Not including the member in the audit team.

(b) As the father of Nasir is a close family member, having a direct financial interest in DL, a
self-interest threat is created.

Safeguards:
 Disposing as soon as practicable, of all the shares by Nasir’s father (a close family
member)
 Having a professional accountant review the work of Nasir;
 Replacement of Nasir from the Audit team.

Page 4 of 5
 Audit and Assurance
Suggested Answers
Certificate in Accounting and Finance – Autumn 2016

A.9 Procedures for the review of historical financial statements will usually include the following:
 Obtain an understanding of the entity’s business and the industry in which it operates.
 Make inquiries into:
 the entity’s accounting policies, practices and procedures, including the preparation of
financial statements
 material assertions in the financial statements that are subject to the review
 decisions taken at board meetings and other meetings of the entity that may affect the
financial statements
 the completeness of the accounting records that were used to prepare the financial
statements.
 Applying analytical procedures designed to identify unusual relationships between items in
the financial statements, and individual items that appear unusual. Analytical procedures
would include:
 comparing the financial statements under review with financial statements for prior
periods
 comparing the financial statements with the anticipated results and financial position
of the entity
 a study of the relationships between elements in the financial statements that should
be expected to conform to a predictable pattern (based on the entity’s past experience
or normal ratios/relationships for the industry as a whole).

 Other procedures that will usually be carried out in a review of financial statements
include:
 discussions with the company’s auditors (if the audit firm is not the firm of
accountants that is performing the review engagement)
 obtaining representations from management
 considering the appropriateness of the accounting policies employed by the entity
 making inquiries into subsequent events (after the date of the statement of financial
position)
 making a review of the statements as a whole.

(THE END)

Page 5 of 5