Audit and Assurance (AA) - For Exams from September 2023 – June 2024

# of CardsProvider
107 CardsACCA Study Hub

1 Assurance services
2 Material
3 Professional scepticism
4 Assurance engagement
5 Corporate governance
Those charged with governance
6
(TCWG)
7 Management
independent professional services that improve the quality of information or its context for decision-makers.
information is material if its omission or misstatement could influence decisions that the primary users of general purpose financial reports make based on
those reports.
an attitude that includes a questioning mind, being alert to conditions which may indicate possible misstatement, and a critical assessment of evidence.
an engagement in which a practitioner expresses a conclusion designed to enhance the degree of confidence of the intended users, other than the
responsible party, about the outcome of the evaluation or measurement of a subject matter against criteria.
the system by which business corporations are directed and controlled. The corporate governance structure specifies the distribution of rights and
responsibilities among different participants in the corporation … and spells out the rules and procedures for making decisions on corporate affairs. By
doing this, it also provides the structure through which the company objectives are set, and the means of attaining those objectives and monitoring
performance. – OECD
individuals with responsibility for overseeing the strategic direction of the entity and obligations related to the accountability of the entity, including
overseeing the financial reporting process. – ISA 260
individuals with executive responsibility for the conduct of the entity's operations. – ISA 260

8 Acceptable level a level at which a reasonable and informed third party would likely conclude that the professional accountant complies with the fundamental principles.
actions, individually or in combination, taken by the professional accountant that effectively eliminate threats to compliance with the fundamental principles
9 Safeguards or reduce them to an acceptable level.
10 Public interest entity (PIE) a listed entity, or an entity required by a regulator to be audited as if it were listed, or an entity of significant public interest due to size or nature of business.

11 Public interest the collective well-being of the community of people and institutions the professional accountant serves.
management and, where appropriate, TCWG use an acceptable financial reporting framework to prepare the financial statements and agree to the premise
12 Preconditions for an audit on which an audit is conducted.
13 Audit documentation the record of audit procedures performed, relevant audit evidence obtained, and the auditor’s conclusions.
characteristics of events or conditions that affect susceptibility to misstatement, whether due to fraud or error, of an assertion about a class of transactions,
14 Inherent risk factors account balance or disclosure, before consideration of controls. Such factors may be qualitative or quantitative.
audit procedures designed and performed to identify and assess the risks of material misstatement, whether due to fraud or error, at the financial statement
15 Risk assessment procedures and assertion levels
the risk that the auditor expresses an inappropriate audit opinion when the financial statements are materially misstated. It is a function of the risks of
16 Audit risk material misstatement and detection risk. (ISA 200)
the susceptibility of an assertion about a class of transaction, account balance or disclosure to a misstatement that could be material (either individually or
17 Inherent risk when aggregated with other misstatements) before considering any related controls.
18 Relevant assertion an assertion about a class of transactions, account balance or disclosure that has an identified risk of material misstatement.
19 Significant risk an identified risk of material misstatement:
For which the assessment of inherent risk is close to the upper end of the spectrum of inherent risk; or
That is to be treated as a significant risk in accordance with the requirements of other ISAs.
the risk that a misstatement that could occur in an assertion and that could be material (either individually or in aggregate with other misstatements) will not
20 Control risk be:
prevented; or
detected and corrected, on a timely basis,
by the entity’s controls.
the risk that audit procedures performed to reduce audit risk to an acceptably low level will not detect a misstatement that exists and that could be material
21 Detection risk (either individually or in aggregate).
22 System of internal control the system designed, implemented and maintained by TCWG, management and other personnel to provide reasonable assurance about:
the reliability of financial reporting;
the effectiveness and efficiency of operations; and
compliance with applicable laws and regulations.
23 Control activities the policies and procedures that help ensure that management directives are carried out.
information is material if its omission or misstatement could influence the decisions of primary users taken on the basis of the financial statements.
24 Materiality Materiality depends on the nature and/or size of the items to which the information relates. It is entity specific.
the amounts set by the auditor at less than materiality for the financial statements as a whole to reduce to an appropriately low level the probability that the
25 Performance materiality aggregate of uncorrected and undetected misstatements exceeds materiality for the financial statements as a whole.
26 Error unintentional mistakes in financial statements, including the omission of an amount or disclosure.
27 Fraud an intentional act by one or more individuals that uses deception to obtain an unjust or illegal advantage.
28 Fraud risk factors events or conditions that indicate an incentive or pressure to commit fraud or provide an opportunity to commit fraud.
acts of omission or commission, intentional or unintentional, committed by the entity, TCWG, management or other individuals working under the direction
29 Non-compliance of the entity, which are contrary to the prevailing laws or regulations. Non-compliance includes personal misconduct related to business activities (e.g.
accepting a bribe from a supplier) but does not include personal misconduct unrelated to business activities.
the IT applications and supporting IT infrastructure, and the IT processes and personnel involved in those processes, that are used to support business
30 IT environment operations and achieve business strategies.

controls over the IT processes that support the continued proper operation of the IT environment, including the continued effective functioning of information
31 General IT controls processing controls and the integrity of information (i.e. the completeness, accuracy and validity of information) in the information system.

controls relating to the processing of information in IT applications or manual information processes that directly address risks to the integrity of information
32 Information processing controls (i.e. the completeness, accuracy and validity of transactions and other information).
an audit procedure designed to evaluate the operating effectiveness of controls in preventing, or detecting and correcting, material misstatements at
33 Test of controls the assertion level.
34 Substantive procedure an audit procedure designed to detect material misstatements at the assertion level.
35 Direct control controls that are precise enough to address risks of material misstatement at the assertion level.
36 Indirect control controls that support direct controls.
37 Deficiency in internal control – exists when:
A control is designed, implemented or operated in such a way that it is unable to prevent, or detect and correct, misstatements in the financial statements
on a timely basis; or
A control necessary to prevent or detect and correct misstatements in the financial statements on a timely basis is missing.
38 Significant deficiency a deficiency (or combination of deficiencies) that is of sufficient importance to merit the attention of TCWG.
an independent, objective assurance and consulting activity designed to add value and improve an organisation's operations. It helps an organisation
39 Internal audit accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and
governance processes.
– Institute of Internal Auditors IIA
40 Outsourcing the process of contracting out one or more elements of operations to a service provider outside of the organisation's management structure.
41 Value for money auditing the evaluation of management's achievements in terms of the economy, efficiency and effectiveness (the "3 Es") of operations.
42 Best value a duty to deliver services to clear standards – covering both cost and quality – by the most effective, economic and efficient means available.
43 Regulatory compliance adhering to the rules and regulations applicable to an activity prescribed by an external agency or authority.
44 Customer service the sum total of what an organisation does to meet customer expectations and produce customer satisfaction.
45 Customer experience what a customer feels and remembers about the customer service received.
– Institute of Customer Service

representations, explicit or otherwise, with respect to the recognition, measurement, presentation and disclosure of information in the financial statements
46 Assertions which are inherent in management representing that the financial statements are prepared in accordance with the applicable financial reporting framework.

evaluations of financial information through analysis of plausible relationships between both financial and non-financial data. Analytical procedures also
47 Analytical procedures encompass such investigation as is necessary of identified fluctuations or relationships that are inconsistent with other relevant information or that differ
from expected values by a significant amount.
48 Accounting estimate an approximation of a monetary amount in the absence of a precise means of measurement.
49 Estimation uncertainty the susceptibility of an accounting estimate and related disclosures to an inherent lack of precision in its measurement.
An individual or organisation possessing expertise in a field other than accounting or auditing, whose work in that field is used by the entity to assist the
50 Management's expert entity in preparing the financial statements. (ISA 500)
An individual or organisation with expertise in a field other than accounting or auditing, whose work is used by the auditor in obtaining sufficient appropriate
51 Auditor's expert audit evidence. (ISA 620)
52 Competence possession of a level of expertise.
53 Capability the ability to exercise competence.
54 Objectivity the possible effects that bias, conflict of interest or the influence of others may have on the expert's judgment.
55 Direct assistance the use of internal auditors to perform audit procedures under the direction, supervision and review of the external auditor.

56 Service organisation a third-party organisation that provides services to user entities that are likely to be relevant to user entities' internal control related to financial reporting.
applying audit procedures to less than 100% of items in a population, such that all sampling units have a chance of selection, in order to draw a conclusion
57 Audit sampling about the population.
a misstatement or deviation that is demonstrably not representative of misstatements or deviations in a population (e.g. because it arises from an isolated
58 Anomaly event that has not reoccurred other than on specifically identifiable occasions).
59 Population the entire set of data from which the auditor wishes to sample (e.g. all items in an account balance or a class of transactions).
the risk that arises from the possibility that the auditor's conclusion, based on a sample, may be different from the conclusion that would be reached if the
60 Sampling risk entire population were subjected to the same audit procedure.
61 Confidence level the mathematical complement of risk (e.g. 5% risk = 95% confidence).
arises from factors that cause the auditor to reach an erroneous conclusion for any reason not related to the size of the sample. For example, the auditor
62 Non-sampling risk might use inappropriate procedures or misinterpret evidence and fail to recognise a deviation or misstatement. (Judgmental selection is subject to non-
sampling risk.)
the individual items that constitute a population, for example, credit entries on bank statements, sales invoices, trade receivable balances or a monetary unit
63 Sampling unit ($1).
64 Statistical sampling any approach to sampling that has the following characteristics:
random selection of a sample; and
use of probability theory to evaluate sample results, including measurement of sampling risk.

65 Stratification the process of dividing a population into subpopulations, each of which is a group of sampling units with similar characteristics (often monetary value).

Tolerable misstatement (in tests of

66 the highest misstatement that could occur before the population would be considered materially misstated.
details)
Tolerable rate of deviation (in tests of the highest deviation rate (i.e. the proportion of items with deviations from controls) the auditor could accept and still conclude that the design and operation
67
controls) of an internal control over the population is effective.
68 Written representations a written statement by management provided to the auditor to confirm certain matters or to support other audit evidence.
Written representations in this context do not include financial statements, the assertions therein, or supporting books and records.
Computer-assisted audit techniques
69 computer applications of audit procedures.
(CAATs)
data (valid and invalid) generated by the auditor and processed through the client's system to enable the auditor to assess the effectiveness of programmed
70 Test data controls.
software ("computer audit programmes") specially designed for audit purposes. It is used to process and analyse the client's data independently of the
71 Audit software client's program, to verify the system’s accuracy.
72 Data analytics the science of examining raw data to draw insights from it.
73 Asset a present economic resource controlled by the entity due to past events.
74 Intangible asset an identifiable non-monetary asset without physical substance.
75 Cost includes:
 Purchase price, non-recoverable taxes (e.g. import duties), transport, handling and other costs directly attributable to the acquisition of finished goods,
materials and services.
Direct production costs (including production overheads) for work-in-progress.
Other costs only to the extent incurred in bringing the inventories to their present location and condition (e.g. maturing costs for brandy, cheese, seasoned
wood).
76 Net realisable value the estimated selling price in the ordinary course of business, less the estimated costs of completion and the estimated costs necessary to make the sale.

77 External confirmation audit evidence obtained as a direct written response to the auditor from a third party in paper form, or by electronic or other medium.
78 Liability a present obligation arising from past events, the settlement of which is expected to result in an outflow of resources.
79 Provision a liability of uncertain timing or amount.
80 Obligating event an event that creates a legal or constructive obligation that the entity is bound to settle.
a possible obligation that arises from past events and whose existence will be confirmed only by the occurrence or non-occurrence of one or more uncertain
81 Contingent liability future events not wholly within management's control; or
a present obligation that arises from past events which cannot be recognised because:
an outflow of resources is not probable; or
the amount cannot be measured with sufficient reliability.
a possible asset that arises from past events and whose existence will be confirmed only by the occurrence or non-occurrence of one or more uncertain
82 Contingent asset future events not wholly within management's control.
83 Owner-manager a proprietor involved in the day-to-day running of a smaller entity.
84 Not-for-profit organisation (NFP) an organisation that does not distribute its surplus funds to owners or shareholders but instead uses them to help pursue its goals.
a difference between the amount, classification, presentation or disclosure of a reported financial statement item and what is required for that item in
85 Misstatement (ISA 450) accordance with the applicable financial reporting framework. Misstatements can arise from error or fraud.
86 Uncorrected misstatements misstatements that the auditor has accumulated during the audit and that have not been corrected.
87 Other information financial or non-financial information (other than the financial statements and auditor's report) included in an entity's annual report.
a document or combination of documents prepared annually by management or TCWG to provide owners and stakeholders with information on the entity's
88 Annual report operations, financial results and financial position.
those events, both favourable and unfavourable, that occur between the end of the reporting period and the date on which the financial statements are
89 Events after the reporting period authorised for issue.
– IAS 10 Events after the Reporting Period
events occurring between the date of the financial statements and the date of the auditor's report and facts that become known after the date of the
90 Subsequent events auditor's report.
– ISA 560 Subsequent Events
those matters that, in the auditor's professional judgement, were of most significance in the audit of the financial statements of the current period. They are
91 Key audit matters (KAM) selected from matters communicated with TCWG.
92 Pervasive effects on the financial statements which, in the auditor's judgement:
Are not confined to specific elements, accounts or items of the financial statements;
If so confined, represent or could represent a substantial proportion of the financial statements; or
In relation to disclosures, are fundamental to users' understanding of the financial statements.
an entity that will continue to operate for the foreseeable future and has neither the intention nor the need to liquidate or significantly reduce the scale of its
93 Going concern operations.
94 Foreseeable future a period of at least, but not limited to, 12 months from the end of the reporting period.
95 Material uncertainty an uncertainty related to events or conditions which may cast significant doubt on the entity's ability to continue as a going concern.
identified events or conditions that may cast significant doubt on an entity's ability to continue as a going concern exist, but on balance, after much analysis,
96 "Close-call" scenario it is concluded that management’s mitigating plans are just about sufficient.
an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation
97 Internal auditing accomplish its objectives by bringing a systematic, disciplined approach to evaluating and improving the effectiveness of risk management, control, and
governance processes.
– The Institute of Internal Auditors (IIA)
an objective evaluation of the significant judgments made by the engagement team and the conclusions reached thereon, performed by the engagement
98 Engagement quality review quality reviewer and completed on or before the date of the engagement report.
99 Engagement quality reviewer a partner, other individual in the firm, or an external individual, appointed by the firm to perform the engagement quality review.
the financial reporting framework adopted by management in the preparation of the financial statements that is acceptable in view of the nature of the entity
100 Applicable financial reporting framework
and the objective of the financial statements or that is required by law or regulation.
101 Reasonable assurance a high, but not absolute, level of assurance.
the application of relevant training, knowledge and experience, within the context provided by auditing, accounting and ethical standards, in making
102 Professional judgement
informed decisions about the courses of action that are appropriate in the circumstances of the audit engagement.
103 Accounting records - the records of initial accounting entries and supporting records (e.g. records of electronic fund transfers, invoices, contracts);

- the general and subsidiary ledgers, journal entries and other adjustments to the financial statements that are not reflected in formal journal entries; and

- records such as work sheets and spreadsheets supporting cost allocations, computations, reconciliations and disclosures.
104 Contingent fees fees calculated on a predetermined basis relating to the outcome of a transaction or the result of the services performed.
the combination of an organisation's governance and management functions and the attitudes, awareness and actions of TCWG concerning internal
105 Control environment
control.
106 Walk-through test the tracing of transactions through a financial system.
107 Substantive procedure an audit procedure designed to detect material misstatements at the assertion level.