UNIVERSITY EXAMINATIONS

Jan/Feb 2022

AUI3701
The Internal Audit Process: Planning the engagement

100 Marks

Duration: 2 Hours

This paper consists of 12 pages.

INSTRUCTIONS:

 Keep the Honesty Declaration in consideration throughout answering this paper

 Please log into The Invigilator App. You need to be connected to the internet in order to log
in and scan the QR code.
 Scan the QR code above once the examination formally commences. If you encounter
difficulty with scanning of the QR code you can also enter the QR access code at the bottom
of the QR code in order to start the assessment.
 Once the QR code is scanned, you can place your smartphone next to you. The Invigilator
App will notify you when an action is required. Ensure your media volume Is turned up.
 You may access your MyExams in the application if you only have one device by pressing
the ‘access LMS’ button.
 Please remember to keep your smartphone on charge for the duration of the assessment.
 Keep The Invigilator app open on your cell phone during the assessment. You are not
allowed to leave or minimise the application.
 When an action is required, a notification beep will be heard. Action the request.
 Please ensure you are connected to the internet in order to commence the examination as
well as at the end of the examination. No internet connection is needed during the
assessment.
 It is important to first upload your script to the MyExams. Uploading of app data is not time
sensitive and you can do it after you have uploaded your script to the MyExams.
 It is important to note that you have to adhere to the time limit in your MyExams assessment
as the invigilation time in the app could exceed the time allocated to complete your
assessment.
 You can click the "Finish Assessment" button in the app if you finish early.
 Should you encounter any technical difficulty, please WhatsApp The Invigilator Helpdesk
on 073 505 8273.

[TURN OVER]
 CONFIDENTIAL

2 of 12 AUI3701
Jan/Feb 2022

Additional student instructions

1. Students must upload their answer scripts in a single PDF file (answer scripts must not be password
protected or uploaded as “read only” files)
2. Incorrect file format and uncollated answer scripts will not be considered.
3. NO emailed scripts will be accepted.
4. Students are advised to preview submissions (answer scripts) to ensure legibility and that the correct
answer script file has been uploaded.
5. Incorrect answer scripts and/or submissions made on unofficial examinations platforms (including the
invigilator cell phone application) will not be marked and no opportunity will be granted for resubmission.
6. Mark awarded for incomplete submission will be the student’s final mark. No opportunity for
resubmission will be granted.
7. Mark awarded for illegible scanned submission will be the student’s final mark. No opportunity for
resubmission will be granted.
8. Submissions will only be accepted from registered student accounts.
9. Students who have not utilised invigilation or proctoring tools will be subjected to disciplinary
processes.
10. Students suspected of dishonest conduct during the examinations will be subjected to disciplinary
processes. UNISA has a zero tolerance for plagiarism and/or any other forms of academic dishonesty.
11. Students are provided one hour to submit their answer scripts after the official examination time.
Submissions made after the official examination time will be rejected by the examination regulations and
will not be marked.
12. Students experiencing network or load shedding challenges are advised to apply together with
supporting evidence for an Aegrotat within 3 days of the examination session.
13. Students experiencing technical challenges, contact the SCSC 080 000 1870 or email
CASExams@unisa.ac.za, Examenquiries@unisa.ac.za or alternatively email your module lecturer –
sebasd@unisa.ac.za . ONLY communication from your myLife account will be considered.
 CONFIDENTIAL

3 of 12 AUI3701
Jan/Feb 2022

Question Main Topic Marks

1 Multiple choice questions 15

2 Part A - Risks and analytical review procedures 27
Part B - Assurance versus consulting services 6
3 IPPF 25
4 Fraud 27
100
Please note:

Although the primary purpose of the examination is to test the candidate’s knowledge and application
of the subject matter, the candidate’s ability to organise and present such knowledge in written language
of an acceptable standard will be taken into consideration by the examiners.

[TURN OVER]
 CONFIDENTIAL

4 of 12 AUI3701
Jan/Feb 2022
QUESTION 1 15 marks

REQUIRED

For each subsection of this question, select only one alternative that you consider to be the
most correct alternative. Then write down, as your answer, the number of the subsection and
the letter that precedes your selected alternative. Answer the subsections of this question in
numerical sequence, for example:

1 A

1 B

Each question counts for 1½ marks.

1. Which of the following audit objectives will be accomplished by comparing a sample of

accounts receivable debit entries with customer invoices and related shipping
documents?

A Sales are properly recorded.

B Customer credit is approved.

C Sales are invoiced at the correct price.

D Accounts receivable represent valid sales.

2. Which of the following is not a typical “rationalisation” of a fraud perpetrator?

A It’s in the organisation’s best interest.

B The company owes me because I am underpaid.

C I’m smarter than the rest of them.

D I want to get back at my boss (revenge).

[TURN OVER]
 CONFIDENTIAL

5 of 12 AUI3701
Jan/Feb 2022
3. Internal auditors perform both assurance and consulting engagements. Which of the
following would be classified as a consulting engagement?

A Assessing the organisation’s compliance with laws and regulations.

B Assessing the design adequacy of the organisation’s entity-level monitoring

activities.

C Facilitating senior management’s assessment of risks threatening the organisation.

D Assisting the independent external auditor during the financial statement audit
engagement.

4. Which of the following examples is not an example of a fraudulent action?

A Abusing authority to get a ‘better’ company car.

B Forgetting to report receiving of wine from a customer as a gift.

C Using average estimates in the monthly performance report to cover-up the poor
actual performance of the division.

D Obtaining a new office printer by using a motivation that is not relevant to your
position or responsibilities.

5. One payroll audit objective is to determine whether segregation of duties is proper.

Which of the following activities is incompatible?

A Preparing the payroll and filing payroll tax forms.

B Signing and distributing payroll cheques.

C Preparing the attendance data (clocking-in data) and preparing the payroll.

D Hiring employees and authorising changes in pay rates.

[TURN OVER]
 CONFIDENTIAL

6 of 12 AUI3701
Jan/Feb 2022

6. In planning an assurance engagement, a preliminary survey could assist with all the
following except …

A obtaining audit client comments and suggestion on control problems.

B evaluating the adequacy and effectiveness of controls.

C identifying areas of audit emphasis.

D obtaining preliminary information on controls.

7. Which of the following statements is an audit objective?

A To evaluate whether cash receipts are adequately safeguarded.

B To analyse the pattern of any cash shortages.

C To observe the deposit of the day’s cash receipts.

D To recompute each month’s bank reconciliation.

8. Internal auditors should have knowledge about factors (red flags) that have proven to be
associated with management fraud. Which of the following factors have generally not
been associated with management fraud?

A A domineering management.

B Generous performance-based reward system.

C A management preoccupation with increased financial performance.

D Regular comparison of actual results with budgets.

[TURN OVER]
 CONFIDENTIAL

7 of 12 AUI3701
Jan/Feb 2022

9. When an internal auditor uses monetary-unit statistical sampling to examine the total
value of invoices, each invoice ...

A can be represented by no more than one monetary unit.

B has an equal probability of being selected.

C has a probability proportional to its monetary value of being selected.

D has an unknown probability of being selected.

10. Which one of the following analytical trends indicates the possibility of an increase in
obsolete inventory on hand?

A A decrease in the ratio of inventory in relation to accounts payable.

B A decrease in the ratio of inventory in relation to accounts receivable.

C A decrease in the ratio of gross profit in relation to sales.

D A decrease in the inventory turnover rate.

QUESTION 2 33 marks

You have recently joined We-got-it (Pty) Ltd, a company which operates in rural Limpopo, as
an internal auditor. The company sells a wide range of products from bicycle parts to foodstuffs
and clothing. Due to difficulties in staffing and very unreliable electricity supply, the company’s
systems are not computerised.
As your first assignment, you have been asked to evaluate certain aspects of the acquisitions
and payments cycle and recommend improvements which could be implemented. The financial
director (also newly appointed) has acknowledged that aspects of the system are poor but has
stated that computerisation is not an option at this stage and that he does not want to employ
additional staff. He is, however, prepared to change job descriptions, improve documentation if
necessary and spend money on implementing any reasonable recommendations you make.

[TURN OVER]
 CONFIDENTIAL

8 of 12 AUI3701
Jan/Feb 2022
PART A

You established that the control over ordering is sound. Due to the location of We-got-it (Pty)
Ltd premises, it has been necessary for the company to work closely with suppliers regarding
reliability, pricing etc. and as a result, purchases are made only from approved suppliers.
Aspects of certain other functions within the cycle are described below:

Receiving of Goods
All goods ordered are delivered to the “receiving/dispatch” area which is adjoined to the
company’s warehouse. Both the receiving of goods from suppliers and deliveries/dispatches to
customers by We-got-it (Pty) Ltd take place in this area.

When an order is placed, a copy of the purchase order is sent by the order department to the
warehouse administration office where it is filed in numerical sequence. When a delivery from
a supplier arrives, the vehicle is directed to the “receiving/dispatch” area. Here, anyone of the
seven warehouse assistants receives the delivery. The warehouse assistants who are
responsible for the receiving, dispatching and custody of goods, report to the warehouse
foreman. To receive a delivery, the warehouse assistant obtains the purchase order number
from the supplier delivery note and confirms by scanning through the purchase orders filed in
numerical sequence in the administration office, that the delivery is in respect of a valid order.
As the goods are being offloaded, the warehouse assistant checks them against the supplier
delivery note and at the same time completes a blank pre-printed sequenced goods received
note (GRN). Any discrepancies are entered on the supplier delivery note and signed by both
the warehouse assistant and the supplier’s driver.

As most deliveries consist of numerous packages and boxes, the offloading and completion of
the goods received note is a long process. This annoys many of the drivers who want to offload
as quickly as possible so that they can start the long return journey. As a result, some of the
warehouse assistants allow the supplier deliveryman to offload the goods in the
“receiving/dispatch” area without conducting any checks at the time. Once the goods are
offloaded, the responsible warehouse assistant signs the supplier delivery note and retains a
copy. At a later stage, the warehouse assistant makes out the required goods received note,
and as normal, moves the goods from the “receiving/dispatch” area into the warehouse.

REQUIRED MARKS

2.1 Describe four (4) analytical review procedures you would perform in (6)
order to improve your understanding of the operations of the purchases
and trade creditors function.

2.2 Identify four (4) risks that a company faces when it does not implement (6)
sound control procedures over its “ordering of goods” function.
[TURN OVER]
 CONFIDENTIAL

9 of 12 AUI3701
Jan/Feb 2022

2.3 Recommend five (5) improvements that should be made to the (15)
“receiving of goods function” at We-got-it (Pty) Ltd. Provide reasons
for your recommendations. In your reasons, include the risks you will be
mitigating.
Structure your answer in the following table.

Improvement (control) - 1 mark Reason with risk – 2 marks each

for each valid control
(1 mark for reason and 1 mark
for risk)

PART B

After completion of the audit, the financial director has reconsidered and wants slowly to start
computerising certain processes, beginning with the ordering function. He has a few questions
on what constitutes an assurance and a consulting engagement. In a discussion with the chief
audit executive CAE, the CAE gave the following examples:

a) An engagement where the internal audit activity (IAA) must assist in the process of
computerising of the ordering function by recommending controls that should be in place
during the design phase of the computerised ordering system.
b) An engagement where the IAA must assess the design adequacy of the payroll business
process and controls.
c) An engagement where the IAA must educate process owners regarding the new
computerised systems and the controls that should be in place.
d) An engagement where the internal auditor is part of the evaluation team in the pre-award
phase of a tendering process and must assist by advising whether proper contract controls
are in place.
e) An engagement where the IAA facilitates the control risk self-assessment workshops for
the business process owners.
f) An engagement where the IAA reviews whether a business unit has complied with
relevant policies, procedures, laws and regulations

REQUIRED MARKS

2.4 Indicate whether the abovementioned examples (a-f) constitutes as an (6)

assurance or a consulting service.

[TURN OVER]
 CONFIDENTIAL

10 of 12 AUI3701
Jan/Feb 2022

QUESTION 3 25 marks

The following situations occurred at Cyclone Ltd:

MARKS

3.1 The internal audit activity has received a request from senior (5)
management to provide advice and counsel regarding an upcoming
merger transaction with another company. The auditor in charge of this
audit commenced with the planning of the engagement. The internal audit
charter does not make provision for the rendering of such services.

3.2 The external auditors complained that Mrs Patel, who has recently been (5)
appointed as the chief audit executive (CAE), does not want to share
information with them regarding the audits performed by the internal audit
activity during the recent year.

3.3 The organisation has developed and implemented a new computerised (5)
system at one of its branches. The branch manager has requested that
the internal audit activity participates in a team consisting of
representatives from finance, human resources and marketing. This team
was responsible for the implementation effort. The CAE assigned a senior
internal auditor to the project to assist “as required”. After completion of
the project, the senior internal auditor assisted the branch manager as
follows:
 Identifying and defining controls objectives for the new systems;
 Testing for compliance with system development standards;
 Reviewing the adequacy of systems and programming standards;
and
 Drafting operating procedures for the new system.

3.4 Raj has been experiencing difficulties in doing his current audits due to (5)
the organisation being computerised and his lack of computer literacy
skills. He enrolled for a computer course three years earlier but due to his
workload had to cancel it and did not attempt the course again.

3.5 During the planning stage of an audit, an internal auditor becomes (5)
suspicious that fraud is being committed. She discusses her finding with
her colleague in the canteen over lunch.

[TURN OVER]
 CONFIDENTIAL

11 of 12 AUI3701
Jan/Feb 2022
REQUIRED
Explain the violations against the Institute of Internal Auditor’s Code of Ethics and IIA Standards
in the scenarios above. Quote the rule of conduct or specific IIA Standard that was violated,
explain why it is a violation and recommend the correct action to be taken. Quote all relevant
IPPF requirements (Code of Ethics and IIA Standards) applicable to the scenario. Quote the
complete Rule of Conduct or IIA Standard (not just the heading).
Structure your answer as follows:

IPPF reference Reason Recommended corrective action

(2 marks mark per IPPF (1 mark) (2 marks per recommendation)

reference)

e.g. Standard 2000 –

Managing the Internal
Audit Activity.
The chief audit
executive must
effectively manage
the internal audit
activity to ensure it
adds value to the
organization. (1)

QUESTION 4 27 marks

Fraud risk is a risk that the internal auditor should consider when planning and executing
internal audit engagements. The three elements of fraud are 1) pressure/incentive; 2)
rationalisation/attitude and 3) opportunity.

Consider the following fraud risk factors relating to misstatement arising from fraudulent
financial reporting of Amaze Ltd:

1. Several significant weaknesses in internal controls which were reported to management

during the year, have not been addressed.
2. The holding company of Amaze Ltd notified all companies in the group that if reported
profits for the year do not meet targets, resignations of the directors responsible for the
poor performance would be expected.
3. Audit queries referred to management are routinely treated by the responsible officials
as being immaterial or audit responses are too vague to be meaningful and
implementable.
4. The company reconciles its creditors ledger with creditors statements only at year-end.

[TURN OVER]
 CONFIDENTIAL

12 of 12 AUI3701
Jan/Feb 2022

5. There is inadequate authorisation of expenditure incurred by management and

employees on behalf of the company, e.g., salesmen’s expense claims and management
travel claims.
6. Subsidiary companies in the Amaze Ltd group are strongly urged to purchase whatever
they need from the holding company or from fellow subsidiaries. Usually this is not
economically sound from either a subsidiary or group perspective.
7. Amaze Ltd, which is a listed company, is in negotiations with a large foreign company,
which if successful, will be very lucrative for the company. The foreign company has
indicated that the going concern ability of whichever company it contracts with is
extremely important. Amaze Ltd have made trading losses for the last two years due to
COVID-19.
8. Management and other employees constantly complain about the company and
company morale is low.
(Some were adapted from Graded Questions on Auditing 2019)

REQUIRED MARKS

4.1 Indicate which element of fraud each of the above risk factors (1 to 8) (20)
represents and give a brief explanation as to why each of the factors would
increase the fraud risk of misappropriation. Use the table below to provide
your answer:

Element of fraud (1 mark each) Explanation (1½ marks

each)

1. 1.

4.2 Discuss seven (7) anti-fraud measures that can be recommended to (7)
management for fraud prevention.

©
Unisa 2022