Question 1

State and describe in detail those principles according to International Ethics Standards
Board for Accountants’ Code of Ethics for professional Accountants (IESBA Code). (25
marks).

The International Ethics Standards Board for Accountants (IESBA) operates under the
auspices of the International Federation of Accountants (IFAC). Auditors deal with a range of
issues on behalf of clients. They often have access to confidential and sensitive information
pertaining to their clients. IESBA Code establishes the fundamental principles of professional
ethics relevant to the auditor when conducting an audit of financial statements and provides a
conceptual framework for applying those principles. ISA 200 - Objective and general
principles governing an audit of financial statements. The conceptual framework explains
how all professional accountants are required to apply the Code in order to comply with the
fundamental principles of ethics, and where applicable, be independent. There are five
fundamental principles of ethics for professional accountants which are discussed as follows.

Integrity

The principle of integrity imposes an obligation on all professional accountants to be

straightforward and honest in professional and business relationships. Integrity also implies
fair dealing and truthfulness. A professional accountant should not be associated with reports,
returns, communications or other information where they believe that the information
contains a materially false or misleading statement, contains statements or information
furnished recklessly or omits or obscures information required to be included where such
omission or obscurity would be misleading. A professional accountant will not be considered
to be in breach if the professional accountant provides a modified report in respect of a matter
contained in the code.

Objectivity

The principle of objectivity imposes an obligation on all professional accountants not to

compromise their professional or business judgment because of bias, conflict of interest or
the undue influence of others. A professional accountant may be exposed to situations that
may impair objectivity. It is impracticable to define and prescribe all such situations.
Relationships that bias or unduly influence the professional judgment of the professional
accountant should be avoided.
Professional Competence and Due Care

The principle of professional competence and due care imposes the following obligations on
professional accountants, to maintain professional knowledge and skill at the level required to
ensure that clients or employers receive competent professional service and to act diligently
in accordance with applicable technical and professional standards when providing
professional services. Competent professional service requires the exercise of sound
judgment in applying professional knowledge and skill in the performance of such service.
Professional competence may be divided into two separate phases which are attainment of
professional competence; and maintenance of professional competence. The maintenance of
professional competence requires a continuing awareness and an understanding of relevant
technical professional and business developments. Continuing professional development
develops and maintains the capabilities that enable a professional accountant to perform
competently within the professional environments. Diligence encompasses the responsibility
to act in accordance with the requirements of an assignment, carefully, thoroughly and on a
timely basis. Where appropriate, a professional accountant should make clients, employers or
other users of the professional services aware of limitations inherent in the services to avoid
the misinterpretation of an expression of opinion as an assertion of fact.

Confidentiality

The principle of confidentiality imposes an obligation on professional accountants to refrain

from disclosing outside the firm or employing organization confidential information acquired
as a result of professional and business relationships without proper and specific authority or
unless there is a legal or professional right or duty to disclose and using confidential
information acquired as a result of professional and business relationships to their personal
advantage or the advantage of third parties. A professional accountant should maintain
confidentiality even in a social environment. The professional accountant should be alert to
the possibility of inadvertent disclosure, particularly in circumstances involving long
association with a business associate or a close or immediate family member. A professional
accountant should also maintain confidentiality of information disclosed by a prospective
client or employer. A professional accountant should also consider the need to maintain
confidentiality of information within the firm or employing organization. A professional
accountant should take all reasonable steps to ensure that staff under the professional
accountant’s control and persons from whom advice and assistance is obtained respect the
professional accountant’s duty of confidentiality. The need to comply with the principle of
confidentiality continues even after the end of relationships between a professional
accountant and a client or employer.

Professional Behaviour

The principle of professional behavior imposes an obligation on professional accountants to

comply with relevant laws and regulations and avoid any action that may bring discredit to
the profession. This includes actions which a reasonable and informed third party, having
knowledge of all relevant information, would conclude negatively affects the good reputation
of the profession. In marketing and promoting themselves and their work, professional
accountants should not bring the profession into disrepute. Professional accountants should
be honest and truthful and should not make exaggerated claims for the services they are able
to offer, the qualifications they possess, or experience that they have gained or make
disparaging references or unsubstantiated comparisons to the work of others. . All members
shall not knowingly engage in any business, occupation or activity that impairs or might
impair the integrity, objectivity, or good reputation of the Institute, and as a result would be
incompatible with the fundamental principles. Conduct that might discredit the Institute
includes conduct that a reasonable and informed third party would be likely to conclude
adversely affects the good reputation of the Institute.
Question 2

a) Describe audit risk components according to ISA 315 (15 marks)

The purpose of this International Standard on Auditing (ISA 315) is to establish standards
and provide guidance on obtaining an understanding of the accounting and internal control
systems and on audit risk and its components: inherent risk, control risk and detection risk.
The auditor should obtain an understanding of the accounting and internal control systems
sufficient to plan the audit and develop an effective audit approach. The auditor should use
professional judgment to assess audit risk and to design audit procedures to ensure it is
reduced to an acceptably low level. ISA 315 stresses Audit risk as the risk that the auditor
gives an inappropriate audit opinion when the financial statements are materially misstated.
Audit risk has three components: inherent risk, control risk and detection risk. ISA 315
requires the audit team to discuss risk factors as part of the audit planning process.

Control Risk

After obtaining an understanding of the accounting and internal control systems, the auditor
should make a preliminary assessment of control risk, at the assertion level, for each material
account balance or class of transactions. This is the risk that a material misstatement could
occur in an assertion, either individually or when aggregated with other misstatements, which
will not be prevented, or detected and corrected, on a timely basis by the entity’s internal
control. This addresses the risk that entity controls designed to mitigate a particular risk fail
to work properly resulting in a misstatement. If a company hires an auditing company, the
auditor from the external company will use the facts and figures provided by the company.
There are many companies that have poor internal controls when it comes to data. People
may misreport data or outright hide evidence of misdeeds from auditors because there were
no internal controls to stop them, and the auditor will accept the data, assuming it can from a
source of truth. When the audit is completed it will be based on the wrong numbers, which
means that the audit itself will be wrong as well.

Detection Risk

This is the risk that the auditor will not detect a misstatement that exists in an assertion that
could be material. Detection risk relates to the appropriate applicability, effectiveness, and
proper application of the audit procedures performed. Detection risk can never be reduced to
zero because of the inherent limitations in the procedures carried out, the human judgments
required, and the nature of the evidence examined. These risk factors are addressed through
adequate planning, proper assignment of audit personnel, the application of professional
skepticism, and supervision and review of the audit work performed. For a given level of
audit risk, the acceptable level of detection risk bears an inverse relationship to the
assessment of the risks of material misstatement at the assertion level. Therefore the greater
the RMM, the less the detection risk that can be accepted and the less the RMM, the greater
the detection risk that can be accepted. The auditor should consider the assessed levels of
inherent and control risks in determining the nature, timing and extent of substantive
procedures required to reduce audit risk to an acceptably low level.

Inherent Risk

This is the susceptibility of an assertion to a misstatement that could be material, either

individually or when aggregated with other misstatements, assuming that there are no related
internal control systems in place to mitigate such risks. For example, if an entity has a high-
value inventory that could be easily stolen, there would be an inherent risk relating to the
existence assertion. This assessment of risk ignores the internal control in place to protect this
inventory. Inherent risk is perhaps the hardest component of the audit risk model to mitigate.
Sometimes, even with the best intentions and the right controls, the audit ends up missing
vital information and does not uncover problems. There is an inherent risk of inaccuracy in
audits due to the complex nature of businesses and the business environment. Many times the
audit may make the right recommendations for the time when the audit was being performed,
but those recommendations may no longer be viable once the audit report is published.

b) Explain in detail the relationship between materiality and audit risk (10 marks)

The auditor should consider materiality and its relationship with audit risk when conducting
an audit as per ISA 320. Materiality and audit risk are related. Audit risk is the possibility that
an auditor expresses an inappropriate audit opinion on financial statements that are materially
misstated. Audit risk has two major components which are risks of material misstatement;
and detection risk.

Materiality should address qualitative and quantitative considerations. In some cases,

misstatements of relatively small amounts could have a material effect on the financial
statements. For example, an illegal payment of an otherwise immaterial amount or failure to
comply with a regulatory requirement may be material if there is a reasonable possibility of
such payment or failure leading to a material contingent liability, a material loss of assets, or
a material loss of revenue.

The materiality level is based on the economic decisions made by a financial statement user.
This differs from audit risk, which relates to an inappropriate audit opinion being issued on
financial statements that are materially misstated.

If the audit was planned solely to detect individually material misstatements, there would be
no margin of error to identify and account for immaterial misstatements that might exist. As a
result, it would be possible for the aggregate of individually immaterial misstatements to
cause the financial statements to be materially misstated.

Do not reduce the overall materiality level based on a high level of audit risk. Avoid the
mistake of reducing the overall (financial statement) materiality level because of a high audit
risk. This has the effect of lowering the auditor’s tolerance level for finding misstatements,
which can actually make the situation worse. It implies that because of the high audit risk, the
decision of a financial statement user would be affected by a lower amount than if no audit
risk was present.

First establish the materiality level by reference to financial statement users and then use a
lower amount at the class of transaction or account balance level for designing further audit
procedures.

These risk factors are addressed through adequate planning, proper assignment of audit
personnel, the application of professional scepticism, and supervision and review of the audit
work performed. For a given level of audit risk, the acceptable level of detection risk bears an
inverse relationship to the assessment of the risks of material misstatement at the assertion
level. Therefore the greater the RMM, the less the detection risk that can be accepted and the
less the RMM, the greater the detection risk that can be accepted. In summary, the auditor
performs audit procedures to assess the risks of material misstatement and seeks to limit
detection risk by performing further audit procedures based on that assessment.
REFERENCES

Handbook of the International Code of Ethics for Professional Accountants. (2018)

International Ethics Standards Board for Accountants. (2018)

International Standard on Auditing (UK and Ireland) 320 “Materiality in planning and
performing an audit” (ISA 320)

International Standards on Auditing (ISA 315).

Alvin, A. A. and Loebbecke, J.K. (1997). Auditing: An Integrated Approach - Seventh

Edition. New York: Prentice Hall.

Millichamp, A. H. (1996). Auditing: An Instructional Manual for Accounting Students –

ELBS Seventh Edition. London: DP Publications.