1.

01 - Internal control strength

02 - Internal control strength

03 - Internal control strength

04 - Internal control deficiency

05- Internal control strength

06 - Internal control deficiency

07 - Internal control deficiency

08 - Internal control strength

09 - Internal control deficiency

10 - Internal control deficiency

Identify and describe the two forms of accounts receivable confirmation requests and indicate what
factors Vicktor should consider in determining when to use each. (6 marks)

External confirmations are the audit evidences obtained as a direct written response to the auditor
from a third party (In the above case from the Debtors). Mainly there are two forms of external
confirmation requests. Which are;
 Positive Confirmation Requests – In a positive confirmation request, the debtor will be
asked to respond to the auditor directly whether they agree or disagree with the amount of
the stated account balance and if disagree by what amount.

 Negative Confirmation Requests – In a negative confirmation request, the debtor will be

only asked to respond to the auditor directly if they disagree with the amount of the stated
account balance.
Normally a positive confirmation is more reliable and its risk is lower than the negative
conformation request also. If the confirmations are going to receive directly to the auditor and
come from the originally intended confirming party, it is better to use positive confirmation
request. Further if the auditor assessed the risk of material misstatement to be high, expects a
high exception rate and the account balance to be high it is better to use positive confirmation
requests.
However if the auditor has identify following factors it is better to use a negative confirmation
request and all the following factors should be satisfied together.
a) The Viktor should have identify the risk of material misstatement to be low.
b) The population of items should be comprise a large number of small, homogeneous
account balances.
c) Viktor should expect a low exception rate.
d) The auditor would not expect that the people who are to respond wouldn’t disregard such
requests. (The auditor believes that the confirming party may give adequate consideration
to respond to the request)

 Integrity – the professional accountant should be honest and straight forward

 Objectivity - the professional accountant should not be biased should not have conflict of
interest and not override professional judgment.

 Professional competence and Due care- the professional accountant should maintain the
knowledge and skills at the required level to ensure the best performance to the client.
And should act diligently.

 Confidentiality – the professional accountant should not provide or use privileged

information to a third party or use it for your own advantage (should not disclose
information of the client company unless there is a legal or professional right to do so).

 Professional Behavior – To comply with relevant laws and regulations and avoiding
actions that discredits the profession.

 . Educational, training and experience requirements for entry in as a charted accountant.

 Chartered institute can introduced continuous professional development for the members
(Example -Conducting Seminars/ Workshops).
 Professional or regulatory monitoring and disciplinary procedures. (Example - CA Sri
Lanka Monitoring Board to monitor and punish the accountants who violate the rules and
ethics).
 Professional Standards.

Audit Risk = Inherent Risk × Control Risk × Detection Risk

1.
Audit Risk = Inherent Risk × Control Risk × Detection Risk

Inherent Risk is the susceptibility of an assertion about a class of transaction, account

balance or a disclosure to a material misstatement before consideration of any related
controls.

Control Risk is the risk that a internal control system would be unable to prevent, detect
or correct material misstatements on individual basis or in aggregate that could take place
in transactions, account balances or disclosures.

Detection Risk is the risk that audit procedures are unable to detect the material
misstatement that could take place regarding account balances, transactions individually
or aggregate.

Audit risk is the risk that auditor will incorrectly issue a clean opinion.

Audit failure is where the auditor provides a wrong opinion due to not following relevant
audit standards.
Audit risk Audit failure
Audit risk is the risk that auditor will Audit failure is where the auditor provides
incorrectly issue a clean opinion. a wrong opinion due to not following
relevant audit standards.

Auditor cannot be accused for the audit Auditor can only be accused for the audit
risk because the detection risk can happen failure.
and inherent and control risks are constant
in the organization.

Audit risk can only be reduced by Audit failure can be zero by performing
reducing the detection risk. the audit according to the relevant
standards and following correct audit
procedures.

Audit risk
  Audit risk is the risk that auditor will incorrectly issue a clean opinion.
 Auditor cannot be accused for the audit risk because the detection risk can happen and
inherent and control risks are constant in the organization.
 Audit risk can only be reduced by reducing the detection risk.

 Audit failure is where the auditor provides a wrong opinion due to not following relevant
audit standards.
 Auditor can only be accused for the audit failure.
 Audit failure can be zero by performing the audit according to the relevant standards and
following correct audit procedures.

Audit Engagement

- Provides a reasonable assurance

- Higher level of examination

- It can provide a greater degree of confidence to the stake holders.

- It takes more time.

- High level of audit procedures.

- It can cost more.

Review Engagement

- Provides a Limited assurance

- Lower level of examination

- Typically less work is required so the cost can be low.

- It takes lesser time.

- Low level of audit procedures.