Professional Documents
Culture Documents
The marking plan set out below was that used to mark this paper. Markers were encouraged to use
discretion and to award partial marks where a point was either not explained fully or made by implication.
More marks were available than could be awarded for each requirement. This allowed credit to be given for a
variety of valid points which were made by candidates.
General comments
It was disappointing to note that there was no improvement in the standard of answers to the SFQs. This
was particularly so, given that two of the three least well-answered SFQs (questions 2 and 3) were
knowledge-based and had been examined in a similar format in previous exam papers. Candidates
tended to perform better in the SFQs that required the application of knowledge to a scenario (questions 1,
5 and 6). However, a number of candidates performed poorly on question 4, which also required
application skills. These candidates did not read the requirement properly. They failed to focus on the
implications for the external audit for the year ending 31 March 2017 and instead wrote about the
implications for subsequent years’ audits.
Question 1
Total Marks: 3
Management threat:
- engagement may involve making decisions / subjective judgement
- firm’s views may be too closely aligned with management’s
This question was generally well answered as most candidates appreciated that the engagement should
not be accepted because the threats to objectivity were insurmountable. The majority of candidates
identified the self-review threat and, to a lesser extent, the management threat. The most common
omissions were in relation to the explanations of the threats. Strong candidates provided plausible
explanations of the threats, ie over-reliance and reluctance to identify errors in the case of self-review
threat and the use of judgement in respect of the management threat. Weaker candidates incorrectly
stated it would be acceptable to take on the engagement as long as safeguards were in place and wasted
time listing safeguards such as separate teams and an independent review. There were no marks for
these points because the provision of valuation services, where the amount is material to the financial
statements, to a listed entity is prohibited by the Ethical Standard.
Question 2
Total Marks: 3
Answers to this question were disappointing. The points most commonly identified related to the definition
of professional scepticism. However, a significant number of candidates failed to provide the full definition
as set out in ISA 200 and only cited "a questioning mind". Other points commonly identified related to the
importance of professional scepticism in recognising management bias and unreliable evidence. Few
candidates identified the importance of exercising professional scepticism when dealing with judgemental
areas in the financial statements. A number of candidates confused the concept of professional scepticism
with the concepts of objectivity, independence and professional judgement. Furthermore, the vast majority
of candidates failed to demonstrate an understanding that the exercise of professional scepticism is a
requirement of ISA 200.
Question 3
Total Marks: 3
For higher risk and listed clients, the EQCR provides an independent check:
- on significant judgements made by audit team
- that appropriate consultations have taken place
- that proposed audit report is appropriate
- that engagement team is independent
Answers to this question were of a mixed standard. Those candidates familiar with the contents of
sections 20/21 and 23 of ISA 220 Quality Control for an Audit of Financial Statements tended to score full
marks. The points most commonly identified in respect of the engagement quality control review (EQCR)
were those relating to significant judgements made and conclusions reached by the audit team. The point
most commonly overlooked in respect of the EQCR was that relating to appropriate consultations having
taken place. Generally, candidates were more competent in dealing with the cold review as many
identified that it was an ongoing process to ensure that quality control procedures were operating
effectively and compliance with auditing and ethical standards. Some candidates confused the EQCR with
that of the supervisory review that is required on all audit engagements. Weaker candidates did not
distinguish between the two different reviews and it was difficult to award marks as it was not clear as to
which one of reviews they were dealing with.
Question 4
Total Marks: 4
This question was well answered by candidates who identified the risk of window dressing to inflate the
value of the business. These candidates often went on to specify the specific risks associated with this, eg
overstatement of assets and understatement of liabilities. The points most commonly overlooked were
those relating to the management of detection risk and the duty of care to the prospective buyer. Weaker
candidates overlooked the risk of window dressing and incorrectly assumed that the prospective buyer
was also a client and, consequently, wasted time writing about confidentiality issues and conflicts of
interest. A number of candidates incorrectly assumed that the shares were being sold because there were
problems such as going concern issues with the business. There was nothing in the question to indicate
this and consequently no marks were available for these points.
Question 5
Total Marks: 3
Relevance of letter
This question was well answered with many candidates scoring full marks. The vast majority of candidates
identified that there was a potential going concern issue and that this had implications for the basis of
preparation and disclosures in the financial statements. Many candidates also appreciated that the issue
over the quality of goods could give rise to inventory write-downs. Weaker candidates wasted time writing,
in general terms, about the auditor's responsibilities in respect of subsequent events.
Question 6
Total Marks: 4
This question was generally well answered. Most candidates identified that an emphasis of matter
paragraph was inappropriate because the situation represented an inability to obtain sufficient appropriate
evidence and, as such, warranted a modified opinion. Although many candidates identified that the issue
was pervasive, a significant minority of these candidates incorrectly stated that an adverse opinion should
be given. These candidates failed to appreciate that an adverse opinion is given when there are pervasive
misstatements. A significant minority of candidates incorrectly suggested that an ‘Other Matters’
paragraph should be used. The point most commonly overlooked related to the ISA 570 requirement for a
disclaimer of opinion. Weaker candidates wasted time writing about the implications of the lack of
management integrity instead of focusing on the impact on the auditor's report as required by the question.
Question 7
Total Marks: 35
General comments
The overall average mark on this question was marginally the lowest on the long-form questions. This was
largely due to poor performance by candidates in part 1 of the question as answers to parts 2 and 3 of the
question were of a good standard. The strong performance on part 2 was particularly pleasing as the topic
covered was new to the 2017 syllabus.
7.1 Justify why the items listed by the engagement partner as (1) to (3) have been identified as key
areas of audit risk and, for each item, describe the procedures that should be included in the audit
plan to address those risks.
General
Justification Procedures
This is a first year audit and it may be difficult to Review the prior year auditor’s working papers and
obtain assurance over opening balances. consider whether audit work in the current year
provides evidence on the reliability of opening
balances.
Contracts straddle the year end and the full licence For contracts straddling the year end, recalculate
fee may have been incorrectly recognised on the proportion of income to be recognised in the
receipt. year based on the number of months elapsed on
the contract.
Over/under usage calculations are based on Obtain a schedule of adjustments made for
estimates. over/under usage.
Set-up activities may straddle the year end and For set-ups in progress at year end:
revenue may not reflect the amount of work done or - obtain a schedule of amounts to be
the full fee may have been incorrectly recognised on recognised in the year
receipt. - ascertain the basis of revenue recognition
and compare this to the proportion of set-
up activities that have been completed at
year end
- reperform any calculations
Shifu continuously improves Nodle which may result Ascertain the nature of any major enhancements
in an impairment of previously capitalised with reference to release notes/developers’
development costs. documentation.
Request a demonstration of enhancements
implemented on Nodle during the year.
Where enhancements replace existing features
inspect write offs of previously capitalised
development costs in the accounting records.
Inspect evidence of management’s impairment
review.
The claim against Mantis is unlikely to be settled Review the contract with Mantis and ascertain
before the audit report is signed and should only be whether the terms support the basis of the
recognised if the amount is virtually certain to be compensation claim.
received. Review correspondence with Mantis and Shifu’s
There is a risk of overstatement of compensation legal advisors to ascertain the likely outcome of the
receivable. claim.
Shifu should disclose the compensation receivable Obtain a written representation from management
if it is probable. There is a risk of inadequate that the significant assumptions used in making
disclosure. these accounting estimates are reasonable.
Answers to this part of the question were of a mixed standard with revenue being the least well addressed
audit risk. A small number of candidates failed to follow the instructions to ensure that all responses are
visible on screen and not hidden in cells. Candidates are reminded that their answers are presented to the
examiner exactly as they appear on screen.
It was pleasing to note that the majority of candidates attempted to make some use of the financial and
operational information provided in the scenario, which has been identified as a deficiency in answers in
previous examiners' reports. However, the majority of candidates restricted their calculations to the
percentage change in the financial information from 2016 to 2017. Stronger candidates provided more
robust calculations such as gross margin, licence fee per user, average set-up fee, amortisation rates or
attempted proof in total calculations, all of which attract higher marks than simple percentage change
calculations.
Many candidates overlooked that the firm had recently been appointed as external auditor and that
obtaining assurance over opening balances may be difficult.
Many candidates correctly identified that the adjustments for over/under usage at the year-end required
judgement. However, many were unable to cite relevant audit procedures in respect of these adjustments
other than obtaining a schedule of adjustments made for over/under usage and ascertaining the basis of
the estimates. Very few candidates considered testing the reasonableness of the basis of the estimates by
reference to actual users in usage reports, estimated users in contracts, refunds paid post year end or
amounts invoiced/received post year end.
Set-up fees
Most candidates justified why user licence fees had been identified as a key area of audit risk. The most
commonly overlooked justifications were that:
- ‘evenly recognised’ may not reflect the actual value of work done
- revenue is recognised before implementation is signed off by the customer
- the customer may not sign to confirm that set-up was satisfactory.
Candidates who concluded that set-up fees may be understated, based on their calculation that set-up
fees had fallen by 3.9%, failed to take into account that the number of new customers (and hence set-ups)
had fallen by 22% and therefore that the increase in the average set-up fee might actually indicate a risk of
overstatement.
Candidates cited the more basic audit procedures to address the identified risks, such as:
- enquiring of management why set-up fees had increased
- agreeing set-up fees to contracts and bank statements
- re-calculating the proportion of revenue recognised for set-ups straddling the year end.
A significant number of candidates failed to appreciate that the development costs being capitalised were
in relation to developers’ time and consequently suggested reviewing invoices as evidence of costs rather
than the time records identified in the scenario.
The majority of candidates correctly stated that compensation payable was material, as it represented
1.3% of revenue, and that it should be included in the financial statements. However, few candidates
explicitly stated that the liability and contingent asset should not be offset. Few candidates identified that
the large number of customers might lead to errors in estimating the compensation due to customers.
The justifications most commonly overlooked in relation to compensation receivable were that:
- the claim against Mantis was unlikely to be settled before the audit report was signed
- it should only be recognised if amounts due are virtually certain
- a disclosure would be required if the inflow of economic benefits is probable which might
indicate a risk of inadequate disclosure.
Audit procedures identified in relation to compensation receivable were generally better than those in
relation to compensation payable. A significant number of candidates correctly identified sources of
evidence to support the compensation receivable such as the contract with Mantis, correspondence
between Shifu and its legal advisor and obtaining a written representation from management. However, of
those candidates stating a written representation should be obtained, very few earned the extra mark
available for stating that it should cover the reasonableness of the significant assumptions used in making
the accounting estimate.
The audit procedures most commonly overlooked in relation to compensation payable were:
- agreeing the basis of amounts included to a sample of contract terms
- agreeing the estimate to any amounts paid to customers after the year end.
A significant minority of candidates entered into lengthy discussions about legal claims from customers
which was not relevant as Shifu was not disputing that compensation was due to its customers under the
existing contractual arrangements.
7.2 Identify and explain the audit risks that would arise if Shifu failed to meet its responsibilities to
protect their customers from loss of data and breaches of data security.
This part of the question was very well answered with a number of candidates scoring full marks. Most
candidates identified and explained the risks of going concern and unrecognised provisions which might
arise should Shifu fail to put measures in place to protect their customers from loss of data and breaches
of data security. The points most commonly overlooked related to the risk of misstatement due to an
inappropriate basis of preparation of the financial statements or inadequate disclosures. A minority of
candidates wrote at length about the impact on the audit of data being lost and the fact it might result in a
limitation on scope. These candidates had failed to appreciate that the question referred to data belonging
to Shifu’s customers rather than data that might be required as part of the firm’s audit procedures. A small
number of candidates identified and explained the risks that an audit firm would face if the firm failed to
meet its responsibilities for protecting client data and scored no marks.
7.3 State, with reasons, the implications for the auditor’s report if Shifu’s directors do not make
any changes to the financial statements for the year ended 31 January 2017 in respect of the
£920,000 compensation payable to Shifu’s customers.
This part of the question was very well answered with the majority of candidates scoring full marks.
Some candidates incorrectly stated that the misstatement was not material or stated that the misstatement
was pervasive and would require an adverse opinion. Weaker candidates incorrectly stated that an ‘Other
Matters’ paragraph or an Emphasis of Matter paragraph was required.
Question 8
Total Marks: 26
General comments
The average mark for this question was marginally higher than for question 7. Part 1 of the question was
very well answered by a number of candidates. However, the answers to Part 2 were of a poor standard
and therefore pulled down the overall average mark for question 8.
8.1 Identify and explain the professional and ethical issues arising in each of the situations. State
any actions that each firm’s partners or its other employees should take to address these issues.
Oogway
Professional and ethical issues
There is a threat to the firm’s objectivity and independence due to a familiarity threat:
- if Li Ping returns it will be less than one year since rotation
- this is less than the five years (of elapsed time before returning) that is required by the Ethical
Standard
- Li Ping may have developed close relationships with Oogway’s management and may be
insufficiently questioning of management’s point of view
However, the ethical standard allows an extension of up to two years to safeguard audit quality.
There is a risk to professional competence and due care if the audit planning is rushed in order to stay on
schedule.
Actions
Ascertain if there is an alternative, sufficiently experienced partner to replace Sarah Bao. If no such
partner exists and Li is reinstated as engagement partner the firm must:
- obtain agreement from Oogway’s audit committee and disclose the facts to Oogway’s
shareholders
- perform an expanded review of the audit work.
The firm should also review the audit timetable and revise it if necessary to safeguard the quality of the
audit.
Dragoon
Professional and ethical issues
This situation may indicate issues with management integrity and lack of management competency.
There is an increased risk of criminal and money laundering activities as well as breaches of laws and
regulations.
There is an increased risk that the firm expresses an inappropriate opinion due to:
- error
- deliberate misstatement
- poor control environment
- unreliable management representations
- an inappropriate limitation on the scope of work.
This would expose the firm to:
- investigation by regulatory bodies
- claims from shareholders suffering a loss as a result of relying on the audit opinion
- loss of reputation.
Actions
Review the prior year audit report.
Undertake background checks on management and hold discussions with them to assess their philosophy
and operating style.
Pand
Professional and ethical issues
The double payment to the supplier may be an indication of fraud or money laundering.
The finance director appears to be offering Peony an incentive which raises doubts about his integrity.
The firm may not want to be associated with Pand due to the risk of reputational damage.
There is a threat to the firm’s objectivity and independence due to:
Self-interest threat
- Peony may be tempted by the free holiday
Intimidation threat
- the finance director appears to be exerting pressure on Peony
There is a threat to professional competence and due care if Peony keeps quiet about the double
payment.
Actions
Peony should inform a senior manager in the firm about the issues arising.
She should refuse the offer of the holiday.
The issue should also be raised with the firm’s MLRO who should report the suspicion of money
laundering to the NCA under POCA 2002.
Dymsum
Professional and ethical issues
There is a threat to the firm’s objectivity and independence due to:
Self-interest threat
- the regular fee income will be 13.9% of firm’s annual fee income
- this is above the 10% threshold, but below the 15% threshold, set out in the Ethical Standard
- there is a risk of over-reliance on income from Dymsum
- the auditor may be reluctant to take actions adverse to the interests of the firm, such as modifying
the audit report.
Management threat
- the engagement to review the internal controls at Mei may require the firm to make management
decisions such as designing internal controls and implementing changes thereto
- the firm’s views may become too closely aligned with management.
Self-review threat
- the results of the review of the internal controls at Mei may need to be re-evaluated as part of
external audit
- the audit team may place too much reliance on the controls work and they may be reluctant to
highlight any shortcomings identified in the controls work.
There is a risk to professional competence and due care as the firm may not:
- have the resources or experience to complete the audit of Mei
- have representation in China
- have sufficient knowledge of Chinese regulations.
Actions
The firm should undertake an external independent quality control review.
The expectation that fees from Dymsum Group will exceed 10% should be disclosed to the firm’s ethics
partner and to those charged with governance at Dymsum.
The proportion of the firm’s income earned from Dymsum should continue to be monitored.
The firm should not make management decisions as part of the engagement to review internal controls at
Mei and must ensure there is informed management.
Separate teams should be used for the audit and review of internal controls.
The firm must consider the appropriateness of its resources and experience before accepting either of the
engagements at Mei.
Oogway
The majority of candidates identified the familiarity threat and provided a plausible explanation of it. Most
of these candidates were aware of the provision in ES Section 3 which allows for an extension of up to two
years to preserve audit quality. Although most of these candidates identified that an independent review
was required many failed to specify that it should be an expanded review. Weaker candidates were
unaware of the permitted extension and concluded, incorrectly, that the engagement partner must not be
reinstated.
Dragon
Although the vast majority of candidates identified that there could be issues with management integrity,
few candidates failed to explain fully the implications of this. Commonly overlooked implications included
poor control environment, unreliable representations and limitation on the scope of audit work. A
significant proportion of candidates wasted time discussing the impact on the firm’s audit procedures when
a decision had yet to be made regarding acceptance of the engagement.
Pand
The vast majority of candidates identified the self-interest and intimidation threats and provided plausible
explanations of these threats. Most of these candidates also identified the possibility of money laundering
and the actions to be taken in respect of such suspicions.
Dymsum
The majority of candidates identified the self-interest threat arising from fee dependency. Most candidates
correctly included the recurring fee income in their fee percentage calculation. However, weaker
candidates included the one-off fee in their calculation and, consequently, incorrectly concluded that the
non-audit engagement should not be undertaken. Most candidates identified the self-review threat arising
from the review engagement and the use of separate personnel to mitigate this threat. However, weaker
candidates wasted time citing the need for information barriers which were not required in this situation.
The points most commonly overlooked were those relating to the management threat and the threats to
professional competence and due care.
8.2 List the specific matters, arising from the acquisition of Mei, that Shen LLP should consider
when planning the audit of Dymsum.
The group engagement team needs to obtain an understanding of Mei to ascertain whether Mei is a
significant component and assess the risks of material misstatement.
Materiality for the group financial statements as a whole and component materiality should be determined.
If Mei is not significant then only analytical procedures at group level need to be planned.
If reliance is to be placed on a local auditor, the firm must consider whether:
- they will comply with ethical requirements relevant to group audit
- they are competent
- the group audit team will be involved in their work to the extent necessary to obtain sufficient
appropriate audit evidence
- they operate in a regulatory environment that actively oversees auditors.
Communication will be required with Mei’s auditor on timely basis and will need to cover:
- the work to be performed
- the use to be made of the work
- the form and content of Mei auditor’s communication with the group audit team.
Answers to this part of the question were very disappointing because the majority of candidates failed to
consider the implications of using a component auditor. Many candidates wasted time citing issues to be
considered prior to accepting the client (eg independence issues) rather than the planning issues to be
considered at the commencement of the group audit.
Question 9
Total Marks: 18
General comments
Answers to this question attained the highest overall average mark on the long-form questions. This was
due to very strong answers to parts 2 and 3, with many candidates obtaining maximum marks. Stronger
candidates also provided some good answers to parts 1 and 4.
9.1 State the internal control deficiencies identified when performing the planned procedures. For
each deficiency, outline the possible consequence(s) of the deficiency and provide
recommendation(s) to remedy each deficiency.
Deficiency
Journal entries are not authorised or reviewed.
Consequences
Errors may be made in journal entries which would go undetected.
This might result in a misstatement in the financial statements.
Fraudulent entries could be made.
Recommendations
All journal entries should be authorised before being entered into the accounting records.
A report of all journal entries posted should be regularly reviewed for accuracy and prior authorisation.
Approval and review should be evidenced.
Employees who are authorised to post journal entries should be restricted through the use of passwords.
Deficiency
There are no IT controls to prevent duplicate journal entries.
Consequences
This may result in errors in the financial statements.
Time and costs will be incurred to correct these errors.
Recommendations
Journal entries should have a unique reference.
IT controls should be introduced that alert users if they try to post a journal with a reference identical to an
existing journal entry.
If IT controls are not possible, an exception report of duplicate journal entries should be regularly reviewed
and duplicates followed up and corrected.
Deficiency
No evidence of goods dispatched is retained.
Consequences
Viper cannot keep track of customers’ orders and orders may be dispatched twice in error.
There is no means to prove goods were received by customer.
This reduces the likelihood of enforcing payment from customers and increases the risk of disputes and
bad debts.
There will be a cost associated with attempting to recover receivables and a negative impact on profits
and cash flow.
Orders may not be dispatched at all resulting in loss of customer goodwill.
Recommendations
A goods dispatched record should be created in the warehouse. These should be sequentially numbered
and the sequence checked regularly for completeness.
The customer should sign on delivery to acknowledge receipt of the goods and this record should be
retained by Viper.
Despatch records should be matched to customer orders and a regular review should be performed of
customer orders to ensure goods have been dispatched.
Customers should be provided with a copy of the signed despatch record in the event of a dispute.
Candidates were more competent in dealing with the journal entry deficiencies than they were with the
lack of evidence in respect of goods despatched/delivered. In respect of the journal entries, most
candidates identified the increased risk of fraud and errors, the importance of authorisation by senior
management and the introduction of IT controls for restricting access and preventing duplication of entries.
The point most commonly overlooked was that relating to the use of exception reports for highlighting
duplicate journal entries. In respect of the lack of despatch records, a significant number of candidates
incorrectly assumed that there were deficiencies in the entity's credit control system and wasted time
describing credit control procedures.
9.2 List the differences between a report prepared by a practitioner for an engagement to review
financial statements and the report prepared by auditors for an external audit engagement of an
unlisted company.
The majority of candidates attained full marks on this question. The points most commonly identified were
those relating to the addressees, the level of assurance described in the reports and whether the
opinion/conclusion was positive or negative. However, weaker candidates incorrectly stated that the level
of assurance provided by a review engagement was low. The points most commonly overlooked were
those relating to the additional information found in audit reports such as matters to be reported by
exception. A significant minority of candidates confused the contents of a report following a review of
financial information with the contents a report following an examination of prospective financial
information. A number of candidates also wasted time describing the differences between the two types of
engagement rather than the differences between the reports.
9.3 In respect of Warrior’s overdue balance, state whether you would modify your firm’s assurance
report. Give reasons for your conclusion and describe the modifications, if any, to the assurance
report.
It is unlikely the amounts from Warrior can be recovered as there is no evidence to support the claim for
the outstanding invoices.
The amounts should be written off.
They amount to 12.7% of profit before tax and are therefore material.
Most candidates correctly identified that the situation represented a material misstatement and that the
report should be modified with a qualification as the issue was not pervasive. However, many candidates
failed to make their answers specific to a review engagement and stated incorrectly that the opinion would
be modified. These candidates failed to appreciate that a practitioner expresses a conclusion, rather than
an opinion, in the report following a review engagement.
9.4 Outline the possible consequences for your firm of reaching an inappropriate conclusion
following the review of the financial statements of Viper. Describe how firms can mitigate the
impact of any financial consequences arising from an inappropriate conclusion.
Consequences
The firm may be sued for professional negligence by Viper's shareholders and by Po Bank if a duty of care
is owed to the bank.
The firm is exposed to reputational risk which may result in the loss of
- key clients
- key staff.
An increase in future professional indemnity insurance premiums may occur following a compensation
payment by the insurance company.