BAC 582 :ADVANCED AUDITING AND

ASSURANCE
 Brief Outline
Introduction
Professional Conduct
Professional Appointments
Professional Responsibility And Liability
Practice Management & Environment
Audit Planning And Strategy
Audit Evidence
Audit Evaluation And Review
Audit Reports
Audit Of Financial Statements
TOPIC ONE: INTRODUCTION
1.1 Definition of key concepts
Regulatory bodies and standards
a) IIAs
b) IAS
c) ISA
d) IFRSs
e) GAAP
f) IFAC
g) ICPAR
• Audit is an official inspection of an organization's accounts,
processes, procedures conducted by an independent person
or audit firm.
• It is the examination of an entity's accounting records, as
well as the physical inspection of its assets.
• An assurance engagement as “one in which a practitioner
expresses a conclusion designed to enhance the degree of
confidence of the intended users other than the responsible
party about the outcome of the evaluation or measurement
of a subject matter against criteria (by ISA)
Key elements in assurance engagement
3-party
relationship

Report Subject
Elem matter
ents

Evidence Criterion
Levels of assurance engagement
• There are various levels of assurance but these depends on:
i) Individual engagement
ii) The criteria applied
iii) Subject matter
• However, ISA refers to two types:
a) Reasonable level of assurance
b) Limited level of assurance
• Note also that absolute assurance cannot be guaranteed.
1.2 Why Auditing & Assurance
i. Protects the entity or owner’s interest
ii. Agent-Principal challenges
iii. Maintaining confidence in the market
iv. To ensure Compliancy
v. For decision making
vi. Risk mitigation
vii. As a statutory requirement
1.3 Types of audit
• Audit is classified into many different types and levels
of assurance according to the objectives, scopes,
purposes, and procedures of how auditing is
performed.
 Internal audit
Statutory
audit External audit

Compliance
audit
Types Forensic audit

Operation Financial
audit audit
Tax audit
1.4 Audit Procedure

Appointment

Planning

Execution

Reporting
1.5 Audit Techniques
• These are processes and methods that auditors perform to obtain
audit evidence which enables them to make a conclusion on the set
audit objective and express their opinion.
 Analytical
Review

Inspection
Observations
Audit
Techniques

Recalculation
Inquiry
 1.6 Limitation of an audit
i) Not exhaustive
ii) Its dependent on representations from management
iii) Evidence gathered is persuasive rather than conclusive
iv) Auditing is not purely an objective exercise
v) The timing of an audit
vi) An unqualified audit opinion is not a guarantee of a company’s
future viability, the effectiveness and efficiency of
management, nor that fraud has not occurred in the company
1.7 Audit Environment
Ethics
Legal &
Regulatory Internal Controls &
environment financial statements

Audit
Risk Corporate
assessment Governance &
current issues
Reporting
TOPIC TWO: PROFESSIONAL CONDUCT
• An auditor should carry his/her responsibilities within the
professionalism required in the code of ethics.
• The IFAC and ICPAR code of ethics provide the fundamental principles
to be followed:
 Integrity

Objectivity
Professional
behavior

Professional
competence &
Confidentiality due care

Independence
• Note: Different circumstances may raise specific threats
(or risks) to compliance with the fundamental principles.
• According to ICPAR conceptual framework, it is the duty
of the auditor to:
i) Identify
ii) Evaluate
iii) Address the threat
The risk can be reduced to acceptable levels, eliminated or
an auditor can decline/terminate the engagement
• Advantages of a framework over a system of rules:
i) A framework requires that the auditor reviews
threats for every given situation and act accordingly
ii) A framework prevents the auditor from interpreting
technical issues
iii) Rules don’t always cover all situations
iv) Rules need to be constantly amended
 2.2 Audit Independence
• Independence is a state of mind that permits the provision of an
opinion without being affected by influences that compromise
professional judgment.
• It allows an individual to act with integrity and exercise
objectivity and professional judgment.
• Two kinds of independence are required:
i) Independence of mind
ii) Independence in appearance
• An auditor needs to be and seen to be independent
• It is the responsibility of the auditor to:
i) Avoid circumstances that can compromise his/her
independence
ii) Provide an objective opinion
iii) Act professionally when dealing with the client
The auditor’s independence is important because in
increases the public confidence in the markets.
2.2.1 Threats to independence
 Self-interest

Self-review

Familiarity

Management threats

Intimidation

Advocacy
Independence
Threat
2.2.2 Safeguards to Independence
• These tend to eliminate or reduce threats to
acceptable levels:
a) Safeguards created by profession, legislation or
regulation
b) Safeguards in the work environment (within auditor
system or client’s company)
• International standard on quality control sets out standards and
procedures regarding a firm’s responsibilities for its system of quality
control audits:
i) The firm should establish a system of quality control designed to
provide it with reasonable assurance that the firm and its personnel
comply with professional standards and regulatory and legal
requirements.
ii) The firm’s system of quality control should include policies and
procedures addressing elements such as leadership responsibilities,
ethical requirements, acceptance of engagements, human
resources, engagement performance and monitoring.
iii) The quality control policies and procedures should be documented
and communicated to the firm’s personnel.
 2.3 Audit Confidentiality
• Any information acquired should not be
i) disclosed to third parties without proper and specific authority
ii) Used for personal interest
• Exceptions:
i) Disclosures permitted by law
ii) Disclosure authorized by client
iii) Money laundering cases
iv) Where there is theft and fraud offences
v) Where professional duty calls
• Having decided that there should be some disclosure, the auditor
must consider-
i) Whether the interests of any parties could be harmed by such
disclosure and whether the auditor will incur legal liability as a
result of the disclosure.
ii) Whether all relevant facts are known and substantiated.
iii) The type of communication that is expected and to whom it
should be addressed.
ISA 250 provides that if auditors become aware of a suspected or
actual occurrence of non-compliance with law and regulation
which give rise to a statutory right or duty to report, they should
report it to the proper authority immediately. In all cases of
disclosure where there is a duty of confidentiality, you should seek
legal advice.
2.4 Areas of Controversy on Independence
• Many audit firms are now offering a wider variety of
services
i) Specialist services
ii) Seeking second opinions
iii) Conflict of interest
iv) Insider dealings
TOPIC THREE: PROFESSIONAL
APPOINTMENTS
3.1 Accepting new audit clients
• ISA 200 sets out the ethical principles governing the auditor’s
professional responsibilities including professional behavior.
• ICPAR (in line with International Federation of Accountants’
(IFAC’s) Code of Ethics) states that while advertising their
services, auditor should be truthful and honest.
• They should not make any exaggerated claims for the
services they are able to offer, the qualifications they possess
or the experience they have gained.
• When considering whether to take an audit engagement, an audit
firm must consider whether they want to do the work and they
must have regard for the ethical considerations, such as
independence and professional competence. In addition, they
need to consider fees and some other practical issues.
• The following factors should be considered when setting out a
fee:
i) What does the job involve: Is it audit and/or tax or is there
some other complicated work involved?
ii) Which staff will need to be involved, numbers and quality. How
long will they be required. Is the nature of the business
complex.
iii) What charge out rates are to be applied.
 Practical issues
• It is important that the auditor also considers a number of other issues:
i) Can the audit assignment be fitted in to the audit firms current work
plan?
ii) Is their suitable audit staff available?
iii) Will any specialist skills be required? What are the future plans for the
company?
iv) Is there any training required for current staff and what will be the cost
of that training?
v) What work does the client actually want. Audit and/or tax.
vi) Is this the first time the company has been audited? Whether the client
is seeking to change its auditors and if so what is the reason behind it
• In submitting a tender form, the following matters should be
included in the proposal:
i) The audit fee and the basis for its calculation
ii) An assessment of the needs of the client
iii) How the firm means to meet the needs of the client
iv) Any assumptions made to support the proposal
v) The audit approach to be adopted by the firm
vi) A brief outline of the firm
vii) Details and background of the key audit staff on the
proposed engagement
• IFAC code of ethics for Professional Accountants states that:
‘Before accepting a new client relationship, a professional
accountant in public practice shall determine whether the
acceptance would create any threats to compliance with the
fundamental principles. Potential threats to integrity or
professional behaviour may be created from, for example,
questionable issues associated with the client (its owners,
management or activities).’
• The audit firm should investigate the potential client, its
owners and business activities in order to evaluate whether
there are any questions over the integrity of the potential
client which create unacceptable risk.
• In order to comply with the International Standards on Quality
Control (ISQC1)
i) Make sure there are no ethical issues which would prevent you
from accepting this assignment.
ii) Make sure that you are professionally qualified to carry out the
work requested and that your firm has the resources available in
terms of staff, expertise and time.
iii) Check out references for the directors of the client firm especially if
they are unknown to the audit firm.
iv) Consult previous auditors as a matter of professional courtesy and
establish from them whether there is anything that you ought to
know about this vacancy
3.2 Preconditions for an audit
Once an audit firm has decided to go ahead with an audit
engagement, it must comply with the requirements of ISA
210, - ”Agreeing the Terms of Audit Engagements”.
ISA 210 defines preconditions for an audit as follows: ‘The use
by management of the prospective client of an acceptable
financial reporting framework in the preparation of the
financial statements and the agreement of management and,
where appropriate, those charged with governance to the
premise on which an audit is conducted’.
• The auditor must
i) determine the acceptability of the financial reporting
framework to be applied in the preparation of the
financial statements. This includes evaluating
whether law or regulation prescribes the applicable
financial reporting framework, considering the
purpose of the financial statements, and the nature of
the reporting entity.
ii) obtain the agreement of management that it
acknowledges and understands its responsibility:
• For the preparation of the financial statements in
accordance with the applicable financial reporting
framework.
• For internal controls to enable the preparation of
financial statements which are free from material
misstatement, whether due to fraud or error.
• To provide the auditor with access to all information
necessary for the purpose of the audit.
iii) Determine whether other non-audit assignments are involved
• The audit firm must again carefully consider whether it is
ethically and professionally acceptable to take on the additional
service.
• The main ethical threat created by the provision of non-audit
services is the threat to objectivity.
• The threats created are most often self-review, self-interest and
advocacy threats and if a threat is created that cannot be
reduced to an acceptable level by the application of safeguards;
the non-audit service shall not be provided.
3.3 Change of Auditor
• A company can decide to change a client based on:
i) Audit fee
ii) Audit firm not seeking reelection
iii) Growing size of the company
iv) Professional misconduct of the auditor
v) Threat to independence and objectivity
• Assignment 1
• You are a student interested in taking up auditing as your professional
career. With this interest, you want to gain as much audit skills in your
studies. Your lecturer has pointed out that one way of growing your
audit skills is through evaluating independent audit reports provided
in the annual reports of companies. Select one company of your
choice and analyze the auditor’s report.
• Maximum 2 pages
• Submit TUESDAY 12Pm
 TOPIC FOUR: PROFESSIONAL RESPONSIBILITY
AND LIABILITY
• 4.1 Introduction
• In order to ensure efficiency and effectiveness in auditing, an
audit firm must clearly ensure that the management and the
audited firm are aware of their responsibilities.
• In addition, the management should provide the necessary
environment that supports the audit function of the independent
auditor.
• Management is responsible for adopting sound accounting
policies and for establishing and maintaining internal control that
will initiate, record, process and report transactions.
4.2 Auditor’s Responsibility
• The auditor has a responsibility to plan and perform the
audit to obtain reasonable assurance about whether the
financial statements are free of material misstatement,
whether caused by error or fraud.
• To acquire professional qualifications and act within these
framework.
• to express an opinion on the financial statements
• may make suggestions about the form or content of the
financial statements or draft them, in whole or in part
 4.3 Fraud and Auditor’s Responsibility
• An auditor’s main concern in an audit is the risk of a material
misstatement in the financial statements. These material
misstatements can arise from fraud or error.
• An error is an unintentional misstatement in the financial
statements, whether an omission of an amount or a disclosure. It
can be a mistake in gathering or processing data for the accounts,
an incorrect accounting estimate or a mistake in the application of
accounting principles.
• Fraud is an intentional act by one or more individuals among
management, employees or third parties, involving the use of
deception to obtain an unjust or illegal advantage.
• ISA 240: the auditor’s responsibility to consider fraud in an
audit of financial statements, states clearly that the primary
responsibility for the prevention and detection of fraud rests
with the management and those charged with governance of
the entity. It is their responsibility to establish a control
environment to assist in achieving the orderly and efficient
conduct of the entities operations.
• It is up to them to put a strong emphasis within the entity on
fraud prevention.
• The auditor does not have a specific responsibility to prevent
or detect fraud, but he must consider whether it has caused a
material misstatement in the financial statements.
• Types of fraud:
• There are two types of intentional misstatement:
i) Fraudulent financial reporting
ii) Misappropriation of assets
• Fraudulent financial reporting may occur:
a) From manipulation, falsification, or alteration of
accounting records
b) From misrepresentation of a transaction
c) Intentional omission of a transaction
d) Intentional misapplication of accounting principles
relating to amounts, classification, manner of
presentation or disclosure.
• Misappropriation of assets involves the theft of a company’s
assets and may occur from
a) Embezzling receipts
b) Stealing physical assets or intellectual property
c) Causing a entity to pay for something they never received
d) Using an entity’s assets for own personal use
Auditor’s approach to fraud
• According to ISA 240.3, in order for an auditor to reduce risk
to an acceptable level, the auditor should consider the risks
of material misstatement in the financial statements due to
fraud.
 Professional
Skepticism

Assess
Communicate susceptibility to
fraud

Obtain
management Risk assessment
report
Assess if
misstatement is
fraudulent
 4.4 Professional Liability
• Auditors may have professional liability under statute law and in the tort of
negligence.
• There are occasions when auditors have professional liability under statute
law:
i) In insolvency legislation, the auditor could be found to be an officer of the
company and thus could be charged with a criminal offence in connection
with the winding up of the company.
ii) An auditor could be found to be guilty of insider dealing, which is a
criminal offence.
iii) Auditors could be found guilty of a criminal offence in respect of money
laundering issues as to their failure to report any known suspicions to the
proper authority.
 Who would take an action against an auditor?
• If an auditor gave an incorrect audit opinion the following
parties might take an action:
The company
The shareholders
 A bank
Other lenders
Other interested third parties
The key difference between all the above mentioned
parties is the nature and duty of care owed to them by the
auditor.
• The auditor’s duty of care to a client is automatic and is
enshrined in the law.
• The auditor can only owe a duty of care to parties other
than the audit client, if one can be established.
• Third parties include: any individual shareholder, bank,
lenders, potential investors, government…In these cases,
there is no contract with the auditor.
• Auditors should bear full responsibility for something for
which they have the primary responsibility.
 Litigation Avoidance
• One way of dealing with litigation is to try and avoid it, through:
i) Having clear client acceptance procedures, screen new clients,
use an engagement letter.
ii) Performing all audit work in accordance with standards and best
practice.
iii) Having sensible and effective quality control procedures in place.
iv) Issuing appropriate disclaimers. Auditors may attempt to limit
their liability by issuing disclaimers, although this may not always
be effective in law.
v) Taking indemnity insurance cover
 Case study
• In a case involving EG. Royal Bank of Scotland v Bannerman, Johnstone
Maclay and other in 2002 had a significant impact on the auditor’s
liability.
• The bank provided an overdraft facility to the company, who it is
claimed misstated its position due to a fraud. It was argued that the
auditors neglected to find the fraud. The judge found that the auditors
had a duty of care. They knew that the bank needed audited accounts
as part of the overdraft arrangement and could have issued a disclaimer
to the bank. But they didn’t and this was an important factor in deciding
that they did owe a duty of care.
TOPIC FIVE: PRACTICE MANAGEMENT &
ENVIRONMENT
5.1 Risk Exposure
• Just like any other business, audit firms are exposed to business risks.
• Therefore, in order to manage their own business effectively, auditors
should have a system of risk management in place.
Specific risks to audit firms
Loss of key Reputation
personnel risks

Business
Litigation
risks risks

Competition Client loss

5.2 Quality Control
• Auditing standards stress the importance of quality
control, both at the audit firm level and the audit
engagement level.
• Both ISQC1 and ISA 220 helps audit firms establish
quality standards and procedures in their audit
engagement.
 5.2.1 Quality control at firm level
• ISQC1 (11) establishes that the firm should establish a system of
quality control designed to provide it with reasonable assurance.
• The firm should ensure that the firm and its personnel comply
with:
i) professional standards
ii) regulatory and legal requirements
iii) Reporting standards: that reports issued by the firm or
engagement partners are appropriate in the circumstances.
• Elements of a system of quality control:
i) Leadership responsibilities for quality within the firm
ii) Ethical requirements
iii) Acceptance and continuance of client relationships and
specific engagements
iv) Human resources
v) Engagement performance
vi) Monitoring
 5.2.2 Quality control at audit engagement
level
• ISA 220.2 states that the engagement team should implement
quality control procedures that are applicable to the individual
audit engagement.
• This standard applies the principles laid down in the ISQC1.
• The engagement partner should:
i) Take responsibility for the overall quality on each audit
engagement to which the partner is assigned.
ii) Consider whether members of the engagement team have
complied with ethical requirements.
iii) Form a conclusion on compliance with
independence requirements that apply to the
audit engagement
iv) Be satisfied that appropriate procedures
regarding the acceptance and continuance of
client relationships and specific audit
engagements have been followed, and that
conclusions reached in this regard are
appropriate and have been documented.
v) Be satisfied that the engagement team has the
appropriate capabilities, competence and time to
perform the audit engagement in accordance with
professional standards and regulatory and legal
requirements, and to enable an auditor’s report that is
appropriate in the circumstances.
vi) Take responsibility for the direction, supervision and
performance of the audit engagement in compliance
with professional standards and regulatory and legal
requirements.
5.3 Audit and Assurance Services
Reviews

Whistleblow Assurance
ing Engagements

Systems Risk
Reliability assessments
Performance
Management
TOPIC SIX: AUDIT PLANNING AND STRATEGY
6.1 Audit Planning
• An audit plan involves developing a general strategy
and detailed approach for expected timing, nature
and extent of audit.
• Auditors formulate an overall audit strategy which is
translated into a detailed audit plan for audit staff to
follow.
• The Principal Auditor should perform the audit with an
attitude of “Professional Skepticism” recognizing that
circumstances may exist, which could cause the Financial
Statements to be materially misstated.
Such circumstances include:-
i) Inherent limitations of audit
ii) Inherent limitation factors of accounting and internal
control systems
iii) The fact that most audit evidence are persuasive rather
than conclusive
iv) Judgment is involved in accounting and audit work.
6.2 Types of Audit Plan
i) Overall Plan
It is the general strategy for audit, which provides:
a) the direction for audit
b) the expected audit scope
c) How audit will be conducted
d) guidance for the development of audit program.
ii) Audit Program.
This is the detailed set of instructions to implement overall plan for the
nature, timing and extent of audit procedures.
6.3 General Planning matters
The following administrative details of an audit should be considered
while developing audit plan.
i) Logistics
ii) Use of IT
iii) Time budgets
iv) Subsidiary objectives of the assignment
• Factors affecting the form and content of the overall audit include:
i) Size of the entity
ii) Complexity of the audit
iii) Specific methodology and technology (e.g. computers) used by the
auditor
• Maters to be considered in overall audit plan:
i) Knowledge of client’s business
ii) Understanding the accounting ad internal control system
iii) Risk and materiality
iv) Nature, timing and extent of procedure
v) Coordination, direction, supervision and review
6.4 Importance of Audit Plan
• It is a vital area of the audit, primarily conducted at the beginning of audit
process to ensure that:-
• Appropriate attention is devoted to important areas
• Potential problems are promptly identified and resolved on a timely basis
• The audit engagement is properly organised and managed
• There is proper assignment of work to engagement members • There is
direction and supervision of team members and review of their work
• Work is completed expeditiously
• Work is properly coordinated
6.5 Audit Programmes
• These are written instruction, which lay down the
procedures to be performed by the audit assistants in order
to implement the audit plan.
• They help in controlling proper execution of the audit work.
• An audit program ensures that the audit work is carried out
in accordance with audit plan.
An audit programme may also contain the following:-
i. Audit objectives for each area; and
ii. An hourly time budget for various audit areas or
procedures.
iii. Assessment of inherent and control risks
iv. Required levels of assurance from substantive procedures
v. Timing of tests of controls and substantive procedures
vi. Availability of assistants
vii. Involvement of other auditors or experts
viii. Assistance from the client
Field survey
• This is a very critical step as it allows auditor to determine the scope
and extent of audit effort. It is done in advance of detailed testing and
analysis work. The auditors can familiarize themselves with the
system and control structure.
• The field survey is the initial contact point and might take one or two
days depending on the size of the audit. Flowcharts should be
prepared for the major activities, processes, procedures and internal
control points.
• Things to be considered while preparing audit programme
• Needs of potential users of the audit report
• Legal and regulatory requirements
• Management controls
• Significant findings and recommendations from previous audits that
could affect the current audit objectives. Also determination of
whether corrective action has been taken and earlier
recommendations implemented.
• Potential sources of data that could be used as audit
evidence and consider the validity and reliability of
these data.
• Consider whether the work of other auditors and
experts may be used to satisfy some of the audit
objectives.
• Provide sufficient staff and other resources to do the
audit
• Criteria for evaluating areas under audit.
6.6 Audit Methodology
i) Determine the scope and the audit approach
ii) Ascertain the system and controls
iii) Assess the system and internal controls
6.7 Audit Documentation
• Audit documentation is the record of audit procedures performed,
relevant audit evidence obtained and conclusions reached. The
terms ‘working papers’ or ‘work papers’ are also sometimes used.
ISA 230: It is important to document audit work performed in working
papers because of the following reasons:-
i) To enable the reporting partner to ensure all planned work has
been completed adequately
ii) To provide details of work done for future reference
iii) To assist in planning and control of future audits
iv) To encourage a methodical approach
v) It provided evidence of the auditor’s basis for a conclusion about
the achievement of the overall objectives.
vi) It provides evidence that the audit was planned and performed in
accordance with ISAs and other legal and regulatory requirements.
vii) It assists the engagement team to plan and perform the audit.
viii) It assists team members responsible for supervision to direct,
supervise and review audit work.
ix) It enables the team to be accountable for its work.
x) It allows a record of matters of continuing significance to be
retained.
xi) It enables the conduct of quality control reviews and inspections
(both internal and external).
• ISA requires working papers to be sufficiently complete and detailed
to provide an overall understanding of the audit.
The form and content of working papers are affected by matters such
as:-
i. The size and complexity of the entity
ii. The nature of the audit procedures to be performed
iii. The identified risks of material misstatements
iv. The significance of the audit evidence obtained
v. The nature and extent of exceptions identified
vi. The need to document a conclusion or the basis for a conclusion
not readily determinable from the documentation of the work
performed or audit evidence obtained
vii. The audit methodology and tools used
Audit Files
• Working papers are classified into:
i) Permanent audit files
ii) Current working files
Permanent audit files
These contain:-
i. Engagement letters
ii. New client questionnaire
iii. The memorandum and articles of association of the client company
iv. Other legal documents such as prospectuses, leases, sales
agreements
v. Details of the history of the client’s business
vi. Board minutes of continuing relevance
vii. Previous year’s signed accounts, analytical review and management
letters
viii. Accounting systems notes, previous year’s control questionnaires
Current audit files
They contain information of relevance to the current year’s audit.
These should be compiled on a timely basis after the completion of the
audit and should contain the following:-
i. Financial statements
ii. Accounts checklists
iii. Management accounts details
iv. Reconciliations of management and financial accounts
v. A summary of unadjusted errors
vi. Report to partner including details of significant events and errors
vii. Review notes
Audit planning memorandum
ix. Time budgets and summaries
x. Representation letter
xi. Management letter
xii. Notes on Board minutes
xiii. Communications with third parties such as experts
or other auditors
• Standardized and automated working files help the auditor
to be more effective during the audit and for documentation
purposes.
Questions for discussion
• Read Ltd carries on a wholesale book operation. To the end of 2010
the growth in turnover to RWF25m has continued to match the rate
of inflation. Costs have been contained by reducing staff numbers
from 96 to 90. The asset turnover is holding at five times. The
accountant has prepared draft accounts and has included a directors’
responsibilities statement. “The directors are required by company
law to prepare financial statements for each financial period which
give a true and fair view of the state of affairs of the group as at the
end of the financial period and of the profit and loss for that period.
In preparing the financial statements, suitable accounting policies
have been used and applied consistently, and reasonable and prudent
judgment and estimates have been made, applicable accounting
standards have been followed.
• The directors are also responsible for maintaining adequate
accounting records, for safeguarding the assets of the group and for
preventing and detecting fraud and other irregularities.” On reading
the statement, a director comments that the statement included
aspects he had always assumed were the responsibility of the auditor
and complained about all these irrelevant new rules. He requested
that the accountant should prepare a memo for the board of directors
what is going on. Assume you are the accountant and draft a memo
for the board explaining: 1. The background to the directors’
responsibilities statement and its inclusion in the annual report 2.
What is meant by a true and fair view and how the board can assess
whether the financial statements give a true and fair view and
recommend adequate steps for safeguarding the assets and
preventing and detecting fraud.
TOPIC SEVEN: AUDIT EVIDENCE
7.1 Introduction
• ISA 500 provides guidelines on
i) what constitute an audit evidence
ii) The quantity of audit evidence
iii) The quality of audit evidence
iv) Audit procedure to be followed
• Audit evidence is important because it forms the basis
for forming an audit opinion.
• The audit evidence should be
i) Sufficient
ii) relevant
iii) reliable
• By approving the financial statements, the directors are
making representations about the information therein.
These assertions may fall into the following categories:
(a) Assertions about classes of transactions and events for the
period under audit:
i) Occurrence
ii) Completeness
iii) Accuracy
iv) Cut-off
v) Classification
(b) Assertions about account balances at the
period end:
i) Existence
ii) Completeness
iii) Rights and obligations
iv) Valuation and allocations
(c) Assertions about presentation and disclosure:
i) occurrence, rights and obligations
ii) Completeness
iii) Classification and understandability
iv) Accuracy and valuation
7.2 Audit Procedure
• There are various audit procedures that can be used to
gather audit evidence:
i) Inspection of tangible assets
ii) Inspection of documents and records
iii) Observation
iv) Inquiry and confirmation
v) Recalculation and re-performance
vi) Auditing automated tools
vii) Analytical procedures
7.3 Sufficient and Appropriate
• Sufficiency is a measure of quantity of audit evidence
• Appropriateness is the measure of the quality
(reliability & relevance) of the evidence.
• This applies to both tests of controls and substantive
procedures.
• An auditor’s judgment as to what is sufficient appropriate
evidence is influenced by the following factors:
i) Risk assessment, is it low or high
ii) The nature of the accounting and internal control
systems
iii) The materiality of the item being examined
iv) The experience gained during previous audits
v) The auditor’s knowledge of the business and industry,
vi) The results of audit procedures
vii) The source and reliability of the information available
• Appropriate- relevance
• The relevance of audit evidence should be considered
in relation to the overall audit objective of forming an
audit opinion and reporting on the financial
statements.
• The evidence should allow the auditor to conclude on
the following:
• Balance sheet items: Is there suitable completeness,
existence, ownership, valuation and disclosure issues?
• Profit and loss items: Is there suitable completeness,
occurrence, valuation and disclosure issues?
• Appropriate – reliable
• Reliability of audit evidence depends on the particular
circumstances of each case. However, the following
should be considered:
i) Documentary evidence is more reliable that oral
evidence
ii) Evidence from external independent sources is more
reliable than that within an entity
iii) Evidence from the auditor by such means as analysis
and physical inspection is more reliable than evidence
obtained by/from others
7.3.1 Related Parties
• ISA 550 states that the auditor should perform audit
procedures designed to obtain sufficient appropriate audit
evidence regarding the identification and disclosure by
management of related parties and the effect of related
party transactions that are material to the financial
statements.
• Where there is any indication that such circumstances exist,
the auditor should perform audit procedures as are
appropriate in the circumstances.
• Parties are related if one controls the other or is in a
position to exercise influence over the other in financial
and operational decisions.
• Related transactions are those between related parties
regardless of whether any consideration has taken
place.
7.3.2 Management Representation
• ISA 580 states that the auditor should obtain
appropriate representations from management. These
are an important source of evidence.
• The auditor should obtain a written representation
from management concerning the completeness of
information provided regarding the identification of
related parties; and the adequacy of related party
disclosures in the financial statements.
• What procedures should a company put in place:
i) Advise all directors and officers that they have a
responsibility to disclose appropriate transactions
ii) Record all such transactions in the minutes of directors’
meetings
iii) Maintain a register of all details which should be
disclosed;
iv) Set out approval procedures in respect of transactions
which fall under related party issues
v) Obtain a formal statement annually from each director
indicating the necessary disclosures.
• Factors to put in place:
i) Acknowledgment by Management of its Responsibility
for the Financial Statements
ii) Representations by Management as Audit Evidence
iii) Documentation of Representations by Management
• Basic elements of a management representation letter:
i) It should be addressed to the auditor
ii) It should contain specified information
iii) It should be appropriately dated and signed.
7.4 Nature of Audit Evidence
• Auditor seek to obtain audit evidence to support assertions
made by Directors of client organizations when they present
Financial Statements to Auditors for audit.
• The audit evidence should be
i) Sufficient
ii) Reliable
iii) Timely
iv) Relevant
The Auditor's attitude to each item in the Accounts will be as
follows:
a. Identify the express and implied assertions made by the
Directors in including (or excluding) the item in the Accounts.
b. Evaluate each assertion for relative importance to assess the
quality and quantity of evidence required.
c. Collect information and evidence.
d. Assess the evidence for :
i. Appropriateness. Appropriateness subsumes the ideas of quality
and reliability of a particular piece of audit evidence and its
relevance to a particular assertion.
ii. Sufficiency.
7.5 Limitations of Audit Evidence
The quality and quantity of audit evidence may be
constrained by the following:
i) Absolute proof is impossible
ii) Some assertions are not material
iii) Time is limited. Accounts have to be produced
within a time scale and the Auditor may have to
make do with less than perfection to comply with
time scale.
iv) Financial Resources (Money) are limited. The ideal
evidence may be too expensive to obtain.
v) Sensitivity. Some items are of greater importance
than others (valuation of property in property
companies, for example) or capable of greater
variation (stock and work in progress).