Professional Documents
Culture Documents
AtZel l
,ourmi ssi
oni st obeIndi a’
sforemostt r
aini
ngcenter
,
revol
ut i
onizingcar eer sbymaki ngitaffordableandaccessibletoal l
.
Ourpr imar yobjectivei st
opr ovidetop-notcheducat i
onandski l
l
upgradat i
ont hroughpar t
nershipswithi ndustryexpert
sandby
i
ncor porati
ngt hebesteducat ionalpractices.Wear ecommi t
tedt o
deli
ver i
nghi gh-qual i
tylearni
ngexper iencest hatempowerindividuals
tothriveint heirprofessionaljourneys.
OUR PROGRESS
STUDENTSLI
FEI
MPACTED HOURSOFR&D ON EXPERTS I
NDUSTRYEXPERTASFACULTY CORPORATETRAI
NINGS
I
N EXPERI
ENTI
ALMETHOD AND MENTORS
OUR ACHI
EVEMENTS
STUDENTSATISFACTI
ON ASSI
STED FOR PLACEMENT STUDENTCERTI
FIED STUDENTSJOIN USBASI
S
RATI
O RECOMMENDATION
Chapter 1: Introduction to Auditing 1
Table of Contents
Foreword
These notes are designed with a simple mission, to fill the gap for Indian students who don’tfind comfort
in studying from notes that are framed in a complex manner. Our priority at Zell is to improve the
results our students achieve by providing all that they need, be it quality education, state of the art
infrastructure and techniques or the next step, the content that perfectly fits in making the trifecta or
the winning formula.
Here at Zell, we don’t worry about the background, prior knowledge or preferencessomeone has. The
aim is simple, by the time a student is done with a paper, they are on thesame page as anyone else and
that for us, should be enough knowledge to be able to call them a professional truly.
Keeping all this in mind, we bring to you these notes, created by us, for you, to truly help make the
difference and turn your journey of ACCA into an even better one. This is just the beginning; there is
more in store.
Thank you
Credits
Authored by:
Ishitha Raichura
Designed by:
Rushil Shah
Ayushi Bhatia
Knowing how much importance ACCA places on application-based learning is important. You must
understand that rote learning in any exam for any concept will mostly amount to zero marks being
scored.
Students leave minimal time to their core exam preparation and directly jump into mock exams
without finishing the exam kit. Leave the exam month for core practice of questions available to you,
ensure you finish the conceptual understanding before starting to do so.
The ideal approach is to watch/attend lectures and keep up with the pace, practicing 40% of the
question bank alongside, to cement conceptual understanding. Once classes conclude, ensure the
remaining 60% of the question bank is solved, followed by at least three mock examinations before
attempting the main exam.
Exam month
• In the exam month, ensure that you finish the portion as soon as possible and shift all focus
to completing the question bank. Remember, completing thetextbook alone is not enough,
whereas completing the question bank gives you ahigher chance of clearing the exam.
• If you are done with your question bank, repeat the question bank or key questions you
marked before the exam. Only 40% of your total time should be allocated to building a
conceptual understanding, the remaining 60% to solve questions.
• You must practice newly launched past exam questions available on the ACCA website at the
end to ensure you can solve questions of the rigour expected fromyou.
• Ensure you do not get into the habit of reading a question and then reading the answer. This
approach will make you seek answers in the exam and not seek solutions on your own. Read
a question, solve it on your own, check the answer. If it is incorrect, solve the question again
to get another answer, rather than reading the explanation to understand what you did
wrong. That should always bethe last resort.
Chapter 1: Introduction to Auditing 4
• For subjective questions, do not simply read the answer and make notes. Type theanswer or
solve it on a spreadsheet before checking the solution. Practicing on a computer for a
computer-based exam can make the difference for you in finishingthe exam.
• Familiarise yourself with the scientific calculator, the CBE exam platform and other tools to
ensure you are comfortable with the same in the actual exam.
• Ensure you complete 100% of the portion. Do not skip anything as the exam will test youon a
range of interconnected topics, and leaving parts of the portion will guarantee you are losing
certain marks.
Exam strategy
There are certain things to be kept in mind before attempting the main exam.
1. Remain calm before the exam. Do not study at the last moment, as going into the exam with
a fresh mind will allow you to tackle the questions more easily.
2. There is no negative marketing in the exams. Ensure that you attempt 100% of the paper to
ensure that some of your educated guesses score some marks even in the worst case.
3. The examination is 3 hours 15 minutes long, which means you have 195 minutesfor 100marks,
or simply 1.95 minutes per mark. Ensure you don’t get overboardwith the time you take to
solve a question at hand.
4. Ensure you read the question very carefully. Don’t assume that you faced a similar question
in the past and jump to solving it as the requirements can varyeven in small concepts causing
you to lose easy marks.
5. Read the requirements carefully. Pay attention to the verb used, Define, explain, calculate,
evaluate etc., to understand what the examiner is seeking to ensure youanswer on those lines.
6. Do not go for quantity when you are answering subjective questions. The examiner will award
one mark per valid statement and one mark only per valid point. Do not elaborate on points
to simply write more.
7. The options are set up so that even answers derived using the wrong steps are available as
options. Do not jump to the conclusion that your answer has to be correct because it is
available as an option.
8. If there is a tricky question that you can’t solve, make an educated guess by eliminating the
one’s you definitely know are wrong, flag the question and moveahead. If you finish the paper
and have remaining time, revisit the flag questions to score full marks.
9. Do not sit and recalculate the answer you got more than twice, as you are likely tocalculate it
in the same way you did previously, by repeating the same mistake if any. This is a massive
waste of your crucial time. Rather move faster and revisit key questions at the end,
recalculating your answers at that point will possibly reveal mistakes and allow you to rectify
them, thus scoring more marks.
Chapter 1: Introduction to Auditing 5
Elements
The study material is curated in a manner where the syllabus provided by ACCA has been covered in
vast depth, and the order is set in a way that the flow of concepts within the material suits a student.
Various AYK style questions test the student on their ability to remember and understand concepts
thoroughly before moving to analytical questions.
Quiz
Further, there are primarily application-based quiz questions, introducing the student to analytical
and evaluative questions to bring the student one step closer to actual exam-style questions.
Recap
After the end of every main chapter, there is a recap page summarising all the important topics,
formulae etc., to enable ease of revision for the student.
Mind Maps
Mind maps are flowcharts that summarise the information visually, making it more likely for a
student to retain the knowledge and build upon it. These are present at the end of the book toenable
last-minute revision by simply spending time on those pages.
Chapter 1: Introduction to Auditing 6
The articulated version of the notes is available on the platform, allowing students to get
fully immersed in their learning and complete more in less or equivalent time they spend
reading the book.
Case studies
Case studies are specifically tailored to address the audience commonly using these notes.
Having interesting case studies based on current affairs, covering key organisations etc.,
contribute to further professional development.
Technical articles
ACCA’s technical articles are placed strategically in the material, allowing students to understand
when to go through these all-important technical articles.
Exam experience
The system mimics the exam experience to ensure that the student has conceptually
and technically mastered the paper before appearing for the exam. This includes
various objective questions, live spreadsheets and word processors to practice typing,
presentation and most importantly, time management.
The students have access to unit tests, half portion tests, progressive tests, mock tests
and unlimited practice tests with all performance data allowing them to know where they
stand, the improvements required before the exam day arrives.
Check the last page of this book for more information on Nimbus™ LMS by Zell
Chapter 1: Introduction to Auditing 7
ACCA support
The examiners’ reports are an essential study resource. Read them to learn about mistakes
that students commonly make in exams and how to avoid them.
Practice tests
Practice Tests are an interactive study support resource that will replicate the format of all
the exams available as on-demand computer-based exams (CBEs). They will help you to
identify your strengths and weaknesses before you take an exam.
As well as giving you an insight into a live exam experience, Practice Tests will also provide
feedback on your performance. Once you complete the test, you will receive a
personalized feedback diagram showing how you have performed across the different
areas of the syllabus.
Specimen exams
The specimen exam indicates how the exam will be assessed, structured and the likely style
and range of questions that could be asked. Any student preparing to take this exam should
familiarize themselves with the exam style.
Technical articles
There is a range of technical articles available on ACCAs website under ‘Study support
resources’. These include a range of simplified articles on complex topics, study support
videos, articles on exam technique etc. making it an important tool to be practised when
nearing the exam.
FAQs
Various commonly asked questions about the style of the examination, the coverage,
computer- based exam setup etc., are covered here to allow a student to stay up to date
and ensure their understanding is aligned with that of the ACCA body.
Question practice is a vital part of exam preparation. Practising in the CBE environment
provides a fantastic opportunity to get fully prepared for the real exam.
The ACCA Practice Platform contains a range of content that allows you to attempt
questions to time and then mark and debrief your answers. It also contains a blank
workspace that allows you to answer constructed response questions from other sources
in the CBE environment.
Past exams are made available to view and become familiar with the styles of questions
that you may face in your exam.
Make sure you log into the ACCA Practice Platform early in your studies - completing your
practice in the CBE environment is the only way to prepare for your exam fully.
Chapter 1: Introduction to Auditing 8
CBE Support
Getting ready for your CBE includes getting familiar with the CBE functionality and how to
use it to your advantage in the exam. You should be thinking about your exam approach
well before exam day itself.
There are series of videos that will help you get ready for your exam. It includes what to
think about before your exam day, exam strategy, how to manage your CBE workspace
effectively and techniques you could use to plan and complete your answers.
Chapter 1: Introduction to Auditing 9
Syllabus
The Audit and Assurance syllabus is essentially divided into six areas. The syllabus starts
with the nature, purpose and scope of assurance engagements, including the statutory
audit, its regulatory environment, and introduces governance and professional ethics
relating to audit and assurance. It then leads into planning the audit and performing risk
assessment.
The syllabus then covers a range of areas relating to an audit of financial statements
including the scope of internal control and the role and function of internal audit. These
include, evaluating internal controls, audit evidence, and a review of the financial
statements.
In addition to final review procedures, the syllabus concentrates on reporting, including
the form and content of the independent auditor’s report.
Finally, the syllabus contains outcomes relating to the demonstration of appropriate digital
and employability skills in preparing for and taking the AA examination. This includes being
able to interact with different question item types, manage information presented in digital
format and being able to use the relevant functionality and technology to prepare and
present response options in a professional manner. These skills are specifically developed by
practicing and preparing for the AA exam, using the learning support content for computer-
based exams available via the practice platform and the ACCA website and will need to be
demonstrated during the live exam.
Main capabilities
a. Explain the concept of audit and assurance and the functions of audit, corporate
governance, including ethics and professional conduct.
b. Demonstrate how the auditor obtains and accepts audit engagements, obtains an
understanding of the entity and its environment, assesses the risk of material
misstatement (whether arising from fraud or other irregularities) and plans an audit
of financial statements
c. Describe and evaluate internal controls, techniques and audit tests, including IT
systems to identify and communicate control risks and their potential
consequences, making appropriate recommendations. Describe the scope, role and
function of internal audit.
d. Identify and describe the work and evidence obtained by the auditor and others
required to meet the objectives of audit engagements and the application of the
International Standards on Auditing (ISAs)
e. Explain how consideration of subsequent events and the going concern principle can
inform the conclusions from audit work and are reflected in different types of
auditor’s report, written representations and the final review and report.
f. Demonstrate employability and technology skills
Chapter 1: Introduction to Auditing 10
Exam Structure
Section A
Section A of the exam comprises three 10-mark case-based questions. Each case has five
objective test questions worth 2 marks each.
Section B
Section B of the exam comprises one 30-mark question and two 20-mark questions.
Section B of the exam will predominantly examine one or more aspects of audit and
assurance from planning and risk assessment, internal control or audit evidence, although
topics from other syllabus areas may also be included.
It is appreciated when answering audit risk and response questions to mention the IAS
applicable.
IAS 2 Inventories
IAS 7 Statement of cash flows
IAS 8 Accounting policies, changes in accounting
estimates and errors
IAS 10 Events after the reporting period
IAS 12 Income taxes
Table of Contents:
The very strand of thinking that only the owners and shareholders are concerned with financial
information that is communicated via the financial statements has now been changed in its entirety.
Financial information derived from financial statements is used and applied in decision making by
various classes of persons deeply intertwined and concerned with the performance of the company.
These persons expect more than just profits from the company. They hold stakes in a company
beyond just financial holdings and are imperative to the very existence and functioning of a company.
These persons are called stakeholders. Every class of stakeholders is an essential element for the
company in its existence and functioning and the interest of each such class has to be safeguarded
by the company.
The decisions taken by each class of stakeholder are driven by inferences made from reported
financial information and hence the information that is reported must be “true and fair” enabling
their decision making and interest protection. Classes of stakeholders and their respective decisions
and concerns have been summarized below:
Vendors and • Ability of the company to repay operating credit within the
Operational lenders contractually defined timeframes
• Soundness and safety in further operational dealings with the
company
Employees • Ability of the company to provide personal financial enrichment
in terms of increased salaries
• Potential of the company to provide better quality of work
thereby supplementing professional growth
Government Categorizing the company as a compliant taxpayer and as a regulation
abiding entity with respect to other laws and regulations
Chapter 1: Introduction to Auditing 13
Customers Whether to continue association with company or opt for other service
provider/vendor.
Society at large Whether to place trust in the corporation as socially beneficial in terms of
overall transparency in operations, quality of work life provided to
employees, quality of products and services provided, etc.
Chapter 1: Introduction to Auditing 14
What is assurance?
Being assured is a feeling of security and safety and providing that feeling of assurance is a
responsibility.
Assurance results in companies gaining the confidence and trust of stakeholders, who are connected
with these companies financially, operationally, legally or even as beneficiaries. Assurance is
provided by an independent expert’s opinion about specific information so that the stakeholders,
who rely on the financial information of the company are able to make confident decisions. These
decisions are made knowing that the risk of this financial information being incorrect or manipulated
is reduced. Hence, assurance is a confidence booster in reducing the financial and operational risk of
the users of financial information.
The international framework for assurance engagements, defines assurance as “An engagement in
which a practitioner obtains sufficient appropriate evidence in order to express a conclusion designed
to enhance the degree of confidence of the intended users ither than the responsible party about the
outcome of the evaluation or measurement of a subject matter against criteria”.
Chapter 1: Introduction to Auditing 15
Assurance is provided by performing “audit” and the auditor is hence the provider of that assurance
An audit is defined as the independent examination of and expression of opinion on financial
statements of an entity by a duly appointed auditor in pursuit of that appointment.
Chapter 1: Introduction to Auditing 16
Objectives of an auditor
The objectives of an auditor have been clearly laid down in ISA 200- Overall Objective of the.
Independent Auditor, and the Conduct. of an Audit in Accordance with. International Standards on
Auditing. There are two fore-most objectives that an auditor has to achieve in the process of
conducting audit are obtaining evidence and presenting audit findings based on the evidence
gathered in the form of an auditor’s report
1. Obtaining reasonable assurance based on the evidence gathered and audit procedures
followed and applied:
The auditor has to be obtain reasonable assurance about whether the financial statements
as a whole are free from material misstatement, whether due to fraud or error.
This enables the auditor to express an opinion on whether the financial statements are
prepared in all material respects, in accordance with the applicable financial reporting
framework.
2. Reporting audit findings:
The auditor’s report on the financial statements is the primary deliverable in any audit
assignment/engagement. The audit findings have to be communicated via the auditor’s
report to the management and the shareholders of the company. The report shall be drawn
as per all applicable ISAs.
Types of audits
For the purposes of our academic understanding, audit as a function is divided into two categories
of action as under:
Corporate laws and allied regulations mandate a company to submit audited financial
information to regulators and stakeholders on a timely basis. The audits prescribed under
any law or regulation for the time being in force are called “Statutory Audits”. These audits
require an auditor to perform an independent examination of the financial statements of the
company and certify whether the information communicated in these financial statements
is true and fair in all material aspects.
An independent examination entails the examiner to be independent of the entity and not
be influenced by it either financially or operationally. Statutory audits essentially require the
auditor to be a person from outside the organization or external to it. Hence, these audits
are also called External audits.
Chapter 1: Introduction to Auditing 17
The certification of financial statements requires the external auditor to attest i.e. sign and
certify whether the financial statements are true and fair- thereby enabling the stakeholders
to rely or not rely upon the financial information communicated therein.
Audited information and findings serve as a key input for managerial decision making. The
management of a company may choose to analyse selected areas of operations closely or
microscopically like revenue and sales, manufacturing, cost control, employee benefits, etc.
The purpose of this kind of audit is purely internal decision making such as process correction
and improvement, bonus and reward mechanisms for star performers, etc. These voluntary
audits do not require certification or attestation and are called “Internal audits” or non-attest
audits. The core focus areas of such audits is generally the givernance, risk and compliance
of a company.
Advantages of Audit
1. Audit safeguards the interests of stakeholders. Protection of minority interests is one of the
key benefits of audit as a function.
2. Audit promotes a culture of transparency and accountability in an organization and acts as
an automated moral check on employees and management.
3. Audited figures of income and expenses prove crucial in the settlement of tax liabilities
towards the exchequer. Also, tax deductions made for various payments need to be
deposited in a timely manner adherent to deadlines, this compliance too is naturally carried
out owing to audit.
4. Audit helps in checking internal revenue leakages and expenditure controls. Audit results in
a thorough examination of internal control by analysing the effectiveness of internal
control measures and processes.
5. Audit brings about an increased degree of transparency in financial reporting and an overall
increased quality in the accounting function of an enterprise.
6. Audited financial statements are naturally trusted and considered reliant hence supporting
in raising loans and increasing the overall confidence that society has in the business.
Chapter 1: Introduction to Auditing 18
Most of the audit evidence from which the auditor draws conclusions and bases his professional
opinion on, is persuasive in nature rather than being conclusive. This simply means that the evidence
is never assertive, rather it requires the auditor to apply his professional judgement on matters and
issues that can be extremely subjective or grey. The unconclusive nature of auditor evidence is the
foremost inherent limitation for an audit.
Inherent limitations of an audit arise from:
a. Resistance from the management – wherein the management and others do not provide
complete information either intentionally or unintentionally.
b. Sophisticated attempts at concealment – Companies attempting to camouflage existing
malpractices or frauds may have a well devised web of concealing the relevant financial
information where in the auditor would be unable to unearth misdoings owing to
limitations of scope, time and other resources.
c. Scope Limitations – Audit is a process to oversee if the financial statements present a
true and fair view of the enterprise and not an official investigation into alleged
misdoings. The auditor does not have specific legal powers such as the power of search
which may be necessary for such an investigation. Primarily the audit and investigation
are two distinct exercises, often misconstrued to be similar to one another.
Materiality
All classes of stakeholders base their decisions pertaining to their involvement and association with
an enterprise based on the information that is communicated via its financial statements. These
decisions have been generically summarized as under:
The accuracy of reported information is crucial for stakeholders basing their decisions. Here it must
be appreciated that although automated, all accounting systems are operated by people, thus leaving
this reported information vulnerable to human error. These errors can be caused by a host of reasons
like calculation mistakes, application of inaccurate rates, casting errors, etc. Erroneous financial
information may lead to some or many stakeholders basing decisions in a direction that could be
detrimental to their own personal interests as well the interests of the company. It needs to be
accepted that human error can never be completely eliminated no matter how perfectly executed
any system is or can be. Furthermore, the risk of fraud or misstatement occurring in any company
heightens the risk of inaccurate numbers being reported in the financial statements.
We have already determined in the section of inherent limitations of audit, that an absolute degree
of assurance is never a possibility. Hence, while the auditor strives to provide a degree of reasonable
assurance, it must be accepted that errors are likely to persist. But, just “how much” of these errors
can we “tolerate” in a way that improper or inaccurate decisions are not taken based on reported
numbers?
Materiality is considered to be a level or rather a threshold below which even if there exists errors,
decisions and opinions on the financial statements are not impacted. For instance, if we say that the
level of materiality determined for the area of revenue from sale of goods is say $500, any revenues
reported below the figure of $500 can be passed off as immaterial by the auditor as they do not
impact decision making. However, there must be a degree of caution as immaterial items when
aggregated could very well end up being material.
It is one of the foremost duties of the auditor to ensure that all financial information above the
materiality threshold is true, fair and free of any error and misstatements. The auditor may designate
an amount below which misstatements would be clearly trivial and would not need to be
accumulated because the auditor expects that the accumulation of such amounts clearly would not
have a material effect on the financial statements.
“Clearly trivial” is not another expression for “not material”. Matters that are “clearly trivial” will be
of a wholly different (smaller) order of magnitude than materiality determined in accordance with
ISA 320 Audit Materiality, and will be matters that are clearly inconsequential, whether taken
individually or in aggregate and whether judged by any criteria of size, nature or circumstances.
Hence, the information communicated in the financial statements of the company results in being
accurate enough to ensure informed and appropriately based decision making.
The concept of tolerable misstatement has been defined in the section of audit evidence.
Exception Gap
Audit does not provide a 100% guarantee that the financial statements are accurate or correct.
Owing to the inherent limitations of audit, only a reasonable assurance can be provided that the
financial statements are true and fair i.e. they are not misleading.
The auditor’s opinion is not a certified guarantee that the financial statements are correct. Here the
users of financial information need to understand:
1. Audit as a process is risk based and materiality driven hence all transactions are not
covered but specific events and transactions that can result in misleading financial
information if not checked are subjected to audit.
2. The auditor may not be able to detect all fraudulent activities as frauds are committed and
concealed throughout the year where as audit is conducted for a limited period. The
auditor is not responsible for the effectiveness of internal controls, he is merely a critic of
the effectiveness of internal controls.
3. It is not the responsibility of the auditor to prepare the financial statements – the auditor’s
responsibility is to assess the financial statements for material misstatements and issue an
opinion on whether they truly and fairly present the position of the business.
Chapter 1: Introduction to Auditing 24
The persuasive nature of audit evidence coupled with the inherent limitations of audit result in an
audit being performed on a test check basis depending on materiality thresholds. This simply means
that the auditor does not analyse all transactions and events a cent per cent rather on a basis that
best covers and represents all transactions and occurrences. For this the auditor is required to obtain
audit evidence that best represents the entire class of transactions, account balances and
occurrences that are to be analysed. This is called the sample-based or test check approach to audit
which is followed across all industries today.
The purpose of the auditor is not to microscopically detect fraud but to provide an overall assurance
that financial statements are free from fraud, misstatements and errors.
Think of the auditor as a watch dog and not a blood hound. A watch dog merely escalates the
presence of an intruder while a blood hound sniffs an intruder out. The auditor is sceptical in his
approach and not pessimistically investigative to find flaws.
How an audit is to be planned and performed has been discussed in further chapters in great detail,
this cursory explanation is meant to merely provide a flavour of how and with what purpose an audit
is conducted.
Chapter 2: Rules and Regulation 25
Table of contents:
Auditors and their respective national regulators like the ICAI, ACCA, ICAEW, etc., have individually
and collectively tried to regain the trust of society at large in the auditing profession and function as
overseers of truthful and fair financial reporting. This process has seen the introduction of a three-
fold initiative graphically illustrated as under:
Chapter 2: Rules and Regulation 26
To achieve these three- fold initiatives, adherence to regulatory compliances plays the role of natural
control mechanism. For the purposes of our examination, the following regulatory compliances are
referred to in this lesson:
Entities that have a large participation of public stakeholders and public funds are naturally
necessitated to undergo audit to ensure a safeguard is put in place for their funds as well as other
interests. This makes it imperative for public and listed entities to undergo audit as they operate
using publica savings and investments.
Small Private companies, sole traders and owner managed companies do not have an exposure to
public funds and hence audit for such entities may be a burdening compliance as well as cost.
However, such entities can easily gain exposure to public funds in the form of bank loans and
borrowings. In such cases even smaller organizations that have relied on borrowed funds from public
financial institutions are meant to undergo audit to ensure a safeguard of public money that has been
lent to them.
Small private companies, sole traders and other owner managed forms of organization that only rely
on personal or group equity for operations and financing are generally exempt from audit. This comes
in light of risk being concentrated in the hands of owners who themselves are managers of these
businesses.
Individuals need to seek membership with Recognized Supervisory Bodies (RSB) such as ICAI, ACCA,
ICAEW, etc to be eligible to be appointed as auditors. This is the first step for an individual to enter
the sphere of auditing and assurance.
In certain select cases, the Government of the respective country can appoint individuals as auditors
irrespective of their membership with RSBs.
Individuals on becoming members of their respective RSBs can practice as auditors in the capacity of:
• Sole practitioners
• Members in partnership in a partnership firm
• Members in partnership in a limited liability partnership
• Directors of an audit service company
Chapter 2: Rules and Regulation 27
The Corporate laws of a country for the time being in force automatically exclude individuals or firms,
whose partners are not independent of a financial or fiduciary relationship with the company, from
being appointed as auditors.
Over and above the independence condition, there are specific services that cannot be provided by
auditors. Also, if these services are provided by other service providers, they are ineligible to be
appointed as auditors. This restriction is a blanketed restriction the world over and not just in the UK.
These services are listed down as under:
The Codes of Professional Ethics in every country too prescribe disqualifications for being
appointed as auditors. These disqualifications are driven by:
Removal of auditor:
The removal of an incumbent auditor is a legal process that requires the auditee entity to show just
and reasonable cause. Generally, the world over the following reasons are the primary drivers of
an auditor’s removal from office:
Resolution of shareholders:
The removal of an auditor is a process that requires the assent and approval of shareholders taken in
a shareholders General / Extra-ordinary meeting. Depending on the corporate laws in the country,a
simple/ordinary majority (more than 50%) of shareholders voting in favour of removal of the auditor
is a must. Some countries like India need a special majority resolution (more than 75%) of the
shareholders for removal of the auditor from office.
The auditor has a right of being represented and heard at the meeting where a resolution for
removal is being moved.
Regulatory Compliances:
The company has to ensure that the concerned regulatory authority is appraised of auditor’s
removal and all requisite compliances such as those listed below are filed in a timely manner as
prescribed in the regulations:
• Forms
• Notices
• Resolutions
• Board minutes
• Statement of circumstances
On general terms, the auditor tenders in his resignation owing to disagreements with the
management or inability to work with them. This arises on account of reasons listed below:
Specific circumstances can result in reasons beyond those listed above which may cause an auditor
to resign from his position. The auditor too has to comply with specifically applicable regulations in
the process of resignation. The reason of resignation has to be filed with the regulatory authorities
overseeing the audit.
Notifying ACCA:
Auditor’s resignation or removal from office before the conclusion of the term must be notified to
the ACCA.
Under UK laws, the auditor is required to deposit the following at the company’s registered office:
In the spirit of professional co-operation, the auditor is required to promptly comply with requests
for clearance from new auditors.
International Regulation
The International Federation of Accountants (IFAC):
The International Federation of Accountants (IFAC) is the global organization for the accountancy
profession. IFAC promotes international regulation of the accountancy profession. IFAC helps to
being about greater public confidence in the accountancy profession by:
One of the subsidiary boards of the IFAC is the International Audit and Assurance Standards Board
(IAASB). It is the responsibility of the IAASB to develop and promote International Standards on
Auditing. (ISAs). Currently there are 37 ISAs and 2 International Standards on Quality management.
• ISAs are professional guidance that the auditor must follow to ensure consistency and quality
in audit
• ISAs are not legal requirements. If local law and ISAs are in contradiction or conflict, the local
law shall prevail
• ISAs are written in the context of an audit of financial statements.
• ISAs can be applied to historical financial data
• ISAs must be applied in all but exceptional cases where the auditor deems it necessary to
depart from the ISAs to achieve the overall aim of audit.
• Rigorous qualifications to acquire the knowledge and skills needed to provide competent
service
• Support members to demonstrate high professional and ethical values
• Technical expertise to governments on accounting and business matters thereby shaping the
introduction of new laws and regulations.
Chapter 3: Governance
Table of Contents
a. To ensure that companies are run well in the interests of their shareholders, employees and
other key stakeholders
b. To try to prevent company directors from abusing their power which may adversely affect
any stakeholder group.
Directors drawing mammoth salaries obviously leaves behind a smaller sum to allocate ot the
middle and low level employees.
a. Greater transparency
b. Greater accountability
c. Efficiency of operations
d. Better ability to respond to risks
e. A higher degree amongst all classes of shareholders
One such international body is The Organization for Economic Co-operation and Development
(OECD). OECD has pronounced 6 principles of corporate governance. These principles have listed as
under:
Chapter 3: Governance 32
The UK corporate governance code is derived from the above OECD principles. This code is split into
5 parts as under:
In this light, the Board shall be led by a chairman whose role shall be:
To understand who is Independent, first, let’s understand who isn’t. The following cases will be
deemed not to be independent:
If a director:
• Is, or has been an employee of the company or group within the last five years
• Has or has had within the last three years a material business relationship with the company
either directly, or as a partner, shareholder, director or senior employee of a body that has
such a relationship with the company.
• Has received or receives remuneration from the company in addition to a director’s fee,
participates in the company’s share option or a performance related pay scheme, or is a
member of the company’s pension scheme.
• Has close family ties with any of the company’s advisers, directors or senior employees
• Holds cross-directorships or has significant links with other directors through involvement in
other companies or bodies
• Represents a significant shareholder
• Has served on the board for more than 9 years form the date of his/her first appointment.
All individuals other than those covered above are Independent and hence qualify to be
appointed as NEDs.
Chapter 3: Governance 34
Division of responsibilities:
• Composition, succession and evaluation are overseen under the aegis of the Nomination and
Remuneration Committee (NRC).
• The NRC is a sub-committee of the Board of Directors comprising of a majority of NEDs.
• The appointment to the Board of Directors is a formal and rigorous procedure that is
transparently executed by the NRC
• Appointment and succession to the Board should be driven purely by merit
• An annual evaluation of the members of the Board should be conducted by the NRC
• All directors should be subject to annual re-election.
• There must be an appraisal and evaluation of the Chairman every 3 years. This evaluation
should be conducted by an external evaluator and the finds should be published in the annual
report to the shareholders.
• NRC must ensure that the Board is evenly balanced in terms of gender.
• The Annual report should transparently describe the work done by the NRC which covers:
a. Process of making appointments to the Board
b. Conduct of Board evaluation
c. Inclusion, gender balance and diversity in appointment to Senior Management positions
Financial statements of any entity are accepted by shareholder only when they are audited. The
function of audit is critical to the success and sustenance of a company. Hence, it is imperative that
this function be overseen by independent directors to ensure that:
The task of overseeing the audit function is handled by the Audit Committee – a sub-committee of
the Board of directors comprising of NEDs. (3 NEDs for medium to large companies; 2 NEDs for small
companies)
Chapter 3: Governance 35
The audit committee shall comprise of at least one independent director with the ability to read and
understand financial statements.
The Chairman of the company is expressly prohibited from being a part of the audit committee
1. Recommend individual practitioners/ firms for being appointed as the auditor of the
company. Recommend on the matter of removal of the auditor as well.
2. Oversee the remuneration and terms of appointment of the auditors
3. Review and monitor the auditor’s independence, performance, effectiveness as well as the
effectiveness of the audit process
4. Examine the financial statements and the auditor’s opinion thereon
5. Determine whether the auditor can provide non-audit services
6. Monitor the integrity of the financial statements
7. Oversee the external audit process and its effectiveness.
8. Approve and oversee transparent reporting and disclosure of transactions with related
parties
9. Scrutinize inter corporate loans and investments
10. Oversee the valuation of the company’s undertakings wherever necessary
11. Evaluate the effectiveness of internal controls in the company, specifically internal controls
over financial reporting
12. Evaluate and review the company’s risk management systems
13. In case the company does not have an internal audit function, the audit committee will
consider if there is the need to have the same. In case there is, this shall be communicated
to the Board.
14. Monitor the end use of publicly raised funds
The annual report of the company shall summarize the work done by the audit committee including:
Risk management:
The Board of directors have to ensure that they have mechanisms in place to Identify risk when it
arises but before it impacts the business. However, given the ever-changing nature of risk, a collision
with business may not be avoidable. In such cases the management must have an effective risk
management mechanism in place to:
• Transfer risk – Pass the burden of risk to a third party by the means of insurance
• Avoid risk – Cease risky activity
• Reduce risk – implement corrective mechanism which will reduce the impact of risk
• Accept risk as a cost of doing business.
Internal Controls
Risk identification, minimization and avoidance are by-products of an effectively functioning internal
control environment. It is the responsibility of the Board of Directors to implement an effectively
functioning internal control mechanism that evolves into an effective control environment for the
entity.
The auditor is not responsible for minimizing risk. The responsibility of the auditor is to assess if the
internal controls are effectively functioning and accordingly gauge the impact of risk on the audit as
a whole.
Here, the audit committee can support the Board by helping to institute an internal audit function
with the organization or help appoint a service provider as an internal auditor. An internal audit
function is tasked with overseeing the implementation and effective functioning of internal controls.
Remuneration
• Remuneration should be designed to promote long term sustainability and retain valuable
human resource.
• The Board of directors in conjunction with the NRC should institute fair and transparent
mechanisms for developing an effective remuneration policy.
• No director should be authorized to set his/her own remuneration and benefits
• An impartial view that takes into account individual performance, company performance and
external circumstances should be applied in authorizing remuneration.
Chapter 3: Governance 37
Table of contents:
The IESBA develops and issues in the public interest high-quality ethical standards and other
pronouncements for professional accountants for use around the world. The IESBA Code of Ethics for
Professional Accountants applies to all professional accountants, whether in public practice, in
business, education, or the public sector. The IESBA Code serves as the foundation for codes of ethics
developed and enforced by members of the International Federation of Accountants (IFAC). No
member body of IFAC or firm issuing reports in accordance with International Auditing and Assurance
Standards is allowed to apply less stringent standards other than those stated in the IESBA code.
A rigorous due process followed by the IESBA is critical to ensure that the views of those affected by
its standards and interpretations are thoroughly considered. The process outlined below is applicable
to the development of all IESBA pronouncements.
• Research and consultation—A project task force is ordinarily established with the
responsibility to develop a draft standard or interpretation. The task force develops its
positions based on appropriate research and consultation.
• Transparent debate—A proposed standard or interpretation is presented as an agenda
paper for discussion and debate at an IESBA meeting, which is open to the public.
• Exposure for public comment—Exposure drafts are placed on the IESBA website (www.
ethicsboard.org) and are widely distributed for public comment. The exposure period is
ordinarily no shorter than 90 days.
• Consideration of comments received on exposure—The comments and suggestions
received as a result of exposure are considered at an IESBA meeting, which is open to the
public, and the exposure draft is revised as appropriate. If the changes made after exposure
are viewed by the IESBA to be so substantive as to require re-exposure, the document is
reissued for further comment.
• Affirmative approval—Approval of exposure drafts, re-exposure drafts, standards and
interpretations is made by the affirmative vote of at least twelve of the members in person
or by simultaneous telecommunications link.
The Public Interest Oversight Board (PIOB) oversees the public interest activities of IFAC. The
objective of the PIOB is to increase confidence of investors and others that such activities, including
the setting of standards by the IESBA, are properly responsive to the public interest. PIOB members
are nominated by international institutions and regulatory bodies
Chapter 4A: Ethics 39
Both the IESBA and ACCA follow a conceptual framework which identifies:
This conceptual framework relies on a rule-based approach. Here it is imperative for you to
understand the basic lines of demarcation between a principle-based approach to ethical behaviour
and a rule-based approach to ethical behaviour:
The consequence of not adhering to the code of ethics, invites disciplinary hearing which could
result in:
• Fines
• Suspension of membership
• Disqualification of license to practice
• Disqualification of membership.
The IESBA requires accountants to 5 fundamental principles which have been discussed in the
following section.
The IESBA prescribes 5 fundamental principles of ethical behaviour to accounts globally, these are
given as under:
Chapter 4A: Ethics 40
1. Objectivity:
The accountant must not allow the following to compromise professional or business
judgements:
• Bias
• Conflicts of interest
• Undue influence of management, those charged with governance or any other
party.
2. Professional behaviour:
A professional accountant must comply with:
• All applicable laws and regulations for the time being in force
• All the pronouncements of the applicable standards on auditing
• Applicable financial reporting framework in the course of assessing the financial
statements.
4. Integrity:
The accountant must be straightforward and honest in all professional and business
relationships.
5. Confidentiality:
The accountant must not disclose any information acquired in the course of the audit of the
client without the consent of the client that has engaged him.
The only exception to this rule is where the law or regulation for the time being in force
require that the auditor make disclosures as per its directives.
Chapter 4A: Ethics 41
“On the path of truth and righteousness, one may often come across temptations that test virtue.
Stay strong.”
Being ethical is a difficult task when personal gains seem easily attainable at the cost of small
compromises. Factors that can pose threats in the auditor transparently and ethically fulfilling his
duty are threats to objectivity. These threats have been discussed as under:
Wherever the auditor has a financial or other professionalinterest in the auditee entity – this interest
leads to inappropriately influencing the auditor’s judgement and behaviour.
Factors driving self-interest threats have been enumerated as under:
1. Fee dependency:
If the audit fees of the client in question comprise a large proportion of the auditor’s
revenue, it can lead to the auditor automatically ignoring adjustments and corrections
required in the financial statements.
The following factors play a key role in determining the existence of self-interest threats:
a. Operating structure of the firm
b. Significance of the client to the firm – as an existing source of business and as a
multiplier for future opportunity.
c. How well established is the firm, a newer firm could easily develop a self-interest threat
owing to a small portfolio of clients.
Measures to counter:
Measures to counter:
• Loans and guarantees should be permitted only if they are immaterial to the firm/individual
making the loan/guarantee and the client receiving the same.
• Loans and guarantee between a bank and its auditor or any of the auditor’s immediate
family members is not permitted.
• Immaterial loans from banks or financial institutions who are audit clients under normal
lending procedures will result in a thorough review of the audit work done.
• Only immaterial loans are permitted from clients who are not banks or financial
institutions.
3. Overdue Fees:
In substance overdue fees from the client to the auditor can be looked at as a loan given by
the auditor to the client. Here the auditor can trat the client leniently to ensure recovery of
the overdue sum.
Measures to counter:
Measures to counter:
Measures to counter:
• A direct financial interest or an indirect financial interest in the client should not be held by:
a. The auditor/ audit firm
b. Members of the audit firm
c. Relative of both a,b above.
• Immediate family members of the auditor a member of the audit team holding interest in
the auditee client must forego their interest. The auditor or member of audit team will not
be permitted to perform the audit so long as such a share has not been foregone. Further,
there will be an appropriate review of the audit work performed by an independent
professional.
• Any financial interest received indirectly must be foregone (Inheritance/ gift)
Measures to counter:
• Audit firms must establish practices whereby individuals would be required to inform the
firm of the possibility of employment with the client.
• The individuals seeking potential employment with the client should be replaced on the
audit assignment
• The audit work performed should be subjected to a review from an independent
professional.
Measures to counter:
• No such business relationship should be entered into unless clearly trivial or immaterial.
8. Contingent Fees:
In case of contingent fees, the auditor would have incentive to ensure that a particular
outcome is achieved.
Measures to counter:
• Contingent fees should be disallowed for assurance engagements.
• Contingent fees for non-assurance engagements will be allowed only in case such fees are
immaterial to the firm.
Measures to counter:
10. The avenue of providing non-attest services which can be more rewarding:
A self-interest threat can be created if the auditor identifies personal gain in providing non-
attest / non-audit services like portfolio management or financial consulting to the client.
Here the auditor would position these supplementary services to the client by cultivating
favour, obviously by overlooking questionable events and transactions.
Measures to counter:
C. Familiarity Threats:
A long-standing relationship with the client may lead to a report resulting in the auditor becoming
too sympathetic or trusting of a client. This can result in the auditor losing the edge of professional
scepticism and unbiased judgement.
A long-standing association with the management and those charged with governance can result in
the auditor becoming too trusting of their motives which may ultimately offer such senior personnel
the leeway to exploit the organization and the stakeholders.
The auditor supporting the reporting entity in recruiting accounting and senior financial staff can
result in familiarity threats.
Measures to safeguard:
• A partner or employee of the audit firm shall not serve as an employee or director of the
client organization unless permitted by the local legislation.
• The engagement partner, Engagement Quality Reviewer, or other key audit partner should
not act as a the auditor for a period of more than 7 cumulative years.
• The following cooling off periods will be applicable during which the individual cannot be an
engagement team member for the client in question, cannot consult with the engagement
team and the client, provide any services to the client:
• Engagement partner – 5 years
• Engagement Quality Reviewer- 3 years
• Other key audit partner- 2 years (Will be allowed to serve and extension for 1 year in
exceptional circumstances pertaining to quality of the audit assignment.)
D. Self-Review threats:
Great is the artiste who honestly critiques the work of another, even greater is the one who
honestly critiques his own.
Self-review threats occur when the auditor performs non-audit tasks such as accounting and
booking for the reporting entity which are ultimately audited by the auditor himself.
Performing such tasks results in the auditor invariably auditing his own work which would result in
errors, if any, not being identified. The following services result in self-review threats:
Auditing the accounting services provided by himself/itself is a clear self-review threat for the
auditor/audit firm. These services include:
Measures to counter:
1. Only non-listed clients to be provided with accounting and booking services which are routine
and mechanical, this includes:
• Payroll calculations
• Recording recurring transactions
• Depreciation related calculations and workings
• Posting transactions to be client ledger
• Preparing Financial statements based on a client approved trial balance.
Chapter 4A: Ethics 46
2. In case of listed clients, accounting and book keeping services of any nature, including trivial
cannot be performed. However, accounting services can be provided for divisions or related
parties of the listed entity in case:
• A separate team than the audit team provides the accounting and book keeping
services
• The division or related party are immaterial to the listed entity.
Measures to counter:
• Members who are not audit team members can be used to perform internal audit for non-
listed entities
• An auditor cannot provide internal audit services to a listed client, where the services
would relate to internal controls over financial reporting, financial accounting systems or
be related to amounts or disclosures that are material to the financial statements.
c. Tax Services:
Providing tax planning and tax management services may create a self-review threat in case
the client also avails audit services from the audit firm/auditor. These tax services include:
• Tax return preparation
• Tax calculations for preparing accounting entries
• Tax planning and advisory services
• Tax services involving valuations
• Assistance in the resolution of tax disputes
Measures to counter:
• Members who are not audit team members can be used to perform tax services for non-
listed entities
• An auditor cannot provide tax preparation services to a listed client, where the services
would relate to calculations of deferred tax, current tax and advance tax.
Chapter 4A: Ethics 47
d. IT services
Adjudicating the effectiveness of the IT systems that the auditor has himself set up is a clear
self-review threat.
The firm should consider:
• The nature of the service
• The nature of the IT systems and the extent to which they impact or interact with
the client’s accounting records or financial statements
• The degree of reliance that the audit team will place on the IT systems.
Measures to counter:
• Members who are not audit team members can be used these services
• An auditor cannot provide IT services to a listed client, where the services would relate to
internal controls over financial reporting or generation of information that is significant
to the financial statements.
e. Valuation services
Providing valuation for assets of the entity the balances of which are later to be audited by
the auditor himself is a clear self-review threat.
The auditor should consider the following:
• The use and purpose of the valuation report, including whether the report will be
made public.
• The extent of the client’s involvement in determining matters of judgement.
• The degree of subjectivity
• Whether the valuation will have a material effect in the financial statements
• The degree of dependence on future events that might create significant volatility
in the amounts involved.
Measures to counter:
• Valuation services will not be provided to audit clients if the valuation involves a
significant degree iof subjectivity and the valuation will have a material effect on the
financial statements.
• An auditor cannot provide valuation services to a listed client, where the valuation
pertains to assets or liabilities that are material to the financial statements.
• In case such services are to be provided, professionals who are not members of the audit
team shall be deployed.
• An appropriate independent reviewer will review the audit work performed.
Chapter 4A: Ethics 48
Measures to counter:
• In case such services are to be provided, professionals who are not members of the audit
team shall be deployed.
• An appropriate independent reviewer will review the audit work performed.
• The auditor is strictly prohibited from promoting, dealing and underwriting the audit
client’s shares.
• Corporate financial services where:
• The effectiveness of the advice depends on a particular accounting treatment od
presentation in the financial statements
• The audit team has reasonable doubt as to the appropriateness of the accounting
treatment
• The outcome will have a material effect on the financial statements.
Shall be prohibited
g. Legal Services
Providing legal services to a client result in both a self-review as well as advocacy threat.
Legal services should be provided by members of the BAR.
The auditor should consider:
• The materiality of the matter in relation to the financial statements.
• Complexity of the legal matter and level of interpretation and judgement involved.
Measures to counter:
• In case such services are to be provided, professionals who are not members of the audit
team shall be deployed.
• An appropriate independent reviewer will review the audit work performed.
• A partner or employee of the firm will not act as general counsel to for the audit client
• No advocacy roles to be performed when the amounts involved are material in nature.
Chapter 4A: Ethics 49
h. Body Shopping/Outsourcing:
Outsourcing personnel from the audit firm to the reporting entity and then assessing their
work is a clear self-review, advocacy and familiarity threat.
However, staff can be body shopped in case:
• The outsourcing duration is less
• The staff does not assume management responsibilities
• The auditee is responsible for directing and supervising the staff.
Measures to counter:
• Perform an additional review of the work performed by the personnel who have been
loaned to the client.
• The outsourced personnel will not be given an audit responsibility.
E. Advocacy Threats:
If the auditor:
The following activities if carried out by the auditor would amount to advocacy threats:
a. Negotiating interest rates on borrowings with bankers/lenders on behalf of the client
b. Outsourcing audit firm staff to the reporting entity for financial reporting closure
c. Providing non-attest services like portfolio management, accounting advisory, investment
banking, project report formulation
d. Vouching for the effectiveness of internal controls in a quality control check performed by
large customers prior to offering business contracts.
F. Intimidation threats:
The following cases are considered as instances of intimidation threats when the client:
a. Exerts pressure on the auditor not to modify the opinion pertaining to a materially
misstated set of financial statements;
b. Attempts to exercise undue influence;
c. Attempts to leverage gifts given for overlooking inconsistencies
d. Intimidates the auditor with verbal or physical threats
Confidentiality
• External auditors are in a unique position of having a legal right of access to all information
about their client.
• The client must be able to trust the auditor not to disclose anything about its business to
third parties as it could be detrimental to its operations.
• Confidential information may be obtained from:
• Firm or employing organization
• Current or previous clients
• Prospective clients and employers.
Conflict of interest
A conflict of interest arises when the same audit firm is appointed for two companies that interact
with each other, for example:
A conflict of interest may create a threat to the fundamental principles of objectivity and
confidentiality. It may be perceived that the auditor cannot provide objective services and advice to
a company where it also audits a competitor.
Professional accountants should always act in the best interests of the client. However, where
conflicts of interest exist, the firm's work should be arranged to avoid the interests of one being
adversely affected by those of another and to prevent a breach of confidentiality.
In order to ensure this, the firm must disclose the nature of the conflict to the relevant parties and
obtain consent to act. The following additional safeguards should be implemented:
• Separate engagement teams (with different engagement partners and team members) who
are provided with clear guidance on maintaining confidentiality.
• Review of the key judgments and conclusions by an independent person of appropriate
seniority.
Table of Contents:
The acceptance of an audit engagement has impacts that are far reaching not just for the auditor
but for the stakeholders too. Engagement acceptance confers upon the auditor, the responsibility
to conduct and conclude the audit in a manner that provides reasonable assurance to the users
of financial statements about whether the information contained therein is - true and fair. To
conclude on the quality of financial information, the auditor has to meticulously plan the audit
engagement such that all material areas and aspects have been examined and analysed.
A first hand understanding of the entity under audit can be sought by:
It is undisputable, that the auditor must have a thorough understanding of the auditee entity
and the environment it functions in. This understanding entails having sufficient knowledge
about:
a. Relevant industry, regulatory and other external factors including applicable financial
reporting framework
b. Nature of the entity, including:
• Its operations
• Its ownership and governance structures
• The types of investments that the entity is making and plans to make
• The way the entity is structure and how it is financed
c. The entity’s selection and application of accounting policies, including the reasons for
change thereto.
d. The entity’s objectives and strategies, and those related business risks that may result in
the risk of material misstatement
e. The measurement and review of the entity’s financial performance.
Chapter 4B: Client Acceptance by Auditor/Audit
53
Firm
Let’s deviate from the jargon here, for just one bit. Shouldn’t you as an auditor know what you’re
getting into and committing to attest and certify?
Yes, of course it is. The above understanding enables the auditor to gauge and map the level of
inherent risk in the audit engagement.
This risk is the sole determining factor of whether or not an engagement is to be accepted. There
arises no doubt that risky audit engagements too are accepted by auditors and executed well.
However, the social impact of accepting a risky assignment and being unable to provide the
necessary degree of honest assurance, can be catastrophic. Stakeholders can be impacted to
levels beyond comprehension in such cases.
The long ques outside the Punjab National Bank after loan defaults by Nirav Modi and Mehul
Choksi, exposed one painful truth – the cost of auditor negligence and high engagement risk
impacted tens of thousands of innocent depositors who lost their valuable life savings and are still
seeking redressal.
In the chapter on Ethics, we have already discussed how members are bound by the ethical
code and must act within its sacrosanct boundaries. Professional engagements must be
carried out by adhering to the highest standards of professional integrity and ethics. Members
must seek professional work assignments, abiding by:
Here it must be appreciated that members shall engage in advertising their attainments and
services in a manner that is approved by the above ethical codes. Members are required to adhere
to “pull marketing” rather than “push marketing.”
It is a fact that member firms compete with one another to secure professional assignments.
This competition should be healthy and not unfairly played out by using unethical tactics like
unduly influencing existing clients or using price negative tactics like charging fees below market
rates.
(The codes of ethics have been discussed in detail in the chapter “Ethics”)
Chapter 4B: Client Acceptance by Auditor/Audit
54
Firm
In b and c above, the incoming auditor is required to have a formal chain communication with the
outgoing auditor.
Prior to accepting the audit engagement, the incoming auditor is required to communicate with
the outgoing auditor. This enables the incoming auditor to know the reasons switching audit
practitioners, cited by the auditee company. Knowledge of these reasons shall enable the
incoming auditor to:
In the spirit of transparency, the incoming auditor must communicate with the outgoing auditor
only after obtaining the permission of the auditee entity. In case the auditee entity is reluctant to
provide this permission or refuses to provide this permission, the auditor must refuse the audit
engagement. Such refusal or reluctance is displayed only when the auditee entity is attempting to
conceal some material facts that the outgoing auditor is/maybe aware of which the auditee would
prefer to conceal from the incoming auditor. Such concealment of facts will add into the inherent
limitations of audit and will greatly cripple the auditor’s efforts to acquire reliable audit evidence
on which to base his opinion.
Appointment, reappointment, and removal of auditor are significant events that require a
company to abode by applicable corporate law compliances that govern these events. Be it the:
All of the above cases have defined processes and compliances (Board and shareholder
resolutions, regulatory approvals, the auditor’s opportunity of being heard, etc.) that the auditee
entity must abide by. Non-compliance is punishable by fine and raises questions about the quality
of governance that the company adheres to in its functioning.
Chapter 4B: Client Acceptance by Auditor/Audit
55
Firm
For the appointment of the auditor to be considered legally valid, these compliances must be
adhered to. The spirt of following these compliances is to enable stakeholders to understand and
appreciate the process by which the auditor is appointed by the company. The adherence to such
compliances emphasizes transparent behaviour on the part of the company with regard to a
function as sensitive and crucial as audit.
In the process of accepting or continuing an audit engagement, the basis of performance of the
engagement must be agreed upon between the auditor and the auditee. The basis of performance
is agreed through:
Basis of performance in simple terms entails an implied basis of cooperation between the
auditor and auditee wherein its is assumed that the auditee shall:
a. Provide all required information that is necessary for the auditor to be applied as evidence
in the course of the engagement. (Vouchers, account balances, board resolutions and
minutes, draft financial statements, etc.)
b. Cooperate in acquiring information from third parties like vendors, lenders, creditors, etc
of the auditee to be used as external confirmations in the course of the engagement
c. Answer all pertinent questions and queries regarding treatment of transactions, events
and occurrences and whether these have been accounted for as per the applicable
financial reporting framework.
a. Conclude the audit engagement within the defined and agreed timelines;
b. Maintain highest levels of integrity, objectivity and independence; and
c. Adhere to ethical and professional behaviour throughout the course of the audit
engagement.
Chapter 4B: Client Acceptance by Auditor/Audit
56
Firm
Situations and factors that will result in the audit engagement being rejected by the auditor
If the management or those charged with governance of the entity impose limitations on the scope of
the auditor’s work in terms of a proposed audit engagement which leads the auditor to believe that
finding the relevant quantum and quality of evidence maybe hampered, the auditor will not accept
such an engagement.
If preconditions are not present, the auditor shall discuss the engagement and its nuances with the
management. The auditor shall not accept the proposed audit engagement if:
a. It has been determined that the financial reporting framework to be applied in the
preparation of the financial statements is unacceptable; and/or
Chapter 4B: Client Acceptance by Auditor/Audit
58
Firm
b. The management does not agree with its responsibilities prescribed above.
The process of audit engagement acceptance reaches its logical conclusion when the audit
engagement has been accepted by the auditor. The acceptance of the audit engagement is
communicated by the auditor to the management of the auditee entity via the engagement
letter.
The engagement letter is a structured communication touching upon the vital aspects of the
audit. It defines the expectations from the management, summarizes the auditor’s
responsibilities and pronounces the audit fees for the assignment.
The agreed upon terms of an audit engagement are recorded in the audit engagement letter. This
shall include:
Auditor shall not agree to any changes in the terms of the audit engagement laid down in the
engagement letter, unless there is a reasonable justification for doing so. Changes in the terms
of audit engagement are proposed prior to the completion of the audit.
If the change requested results in the auditor conveying a lower level of assurance, the auditor
shall apply his professional judgement in determining the risks that the users of financial
statements may be subjected to by providing them a level of lower assurance. The auditor shall
accept the change if there is reasonable justification in doing so without severely impacting the
interests of stakeholder relying on audited financial information.
If changes to the engagement are justified and the said justification is accepted by the
auditor, the new terms of engagement shall be laid down in a new engagement letter or
other suitable form of written agreement.
In case the auditor is unable to accept the changes proposed to the audit engagement for
ethical, operational or other reasons, the auditor shall convey his rejection to the proposed
changes. If the management does not accept the auditor’s rejection of the changes in terms
of the audit engagement, the auditor shall:
Chapter 5: Risk
Table of contents:
1. Understanding the entity and its environment
2. Misstatements, Risk of Material Misstatements (ROMM)
3. Inherent Risk, Control Risk, Detection Risk:
i. The relationship between ROMM and Inherent Risk, Control Risk
ii. Audit Risk as a product of Inherent Risk, Control Risk and Detection Risk
iii. Risk Matrices
4. Materiality and Audit Risk
i. Materiality by size
ii. Materiality by nature
iii. Performance Materiality
iv. The relationship between Materiality and Audit Risk
5. Analytical Procedures:
i. Application
ii. Utility
iii. Chronology
iv. A stepwise approach to applying analytical procedures.
v. The use of ratio analysis
vi. Technology and tools in analytical procedures
Chapter 5: Risk 62
To identify and assess the risk of material misstatement, whether due to fraud or error, the auditor
is required to gain an understanding of the entity and its environment, including the entity’s internal
control. This understanding will help the auditor to design and implement responses to the assessed
risk of misstatement.
In simple terms, before assessing and evaluating the financial statements of an entity it is
imperative that the auditor gain an understanding of the entity itself. This understanding entails
how the entity functions, the applicable accounting norms, regulatory norms, the trends and
patterns of the entity business in conjunction with the industry in which is functions, etc.
Understanding the entity and its environment entails of gaining an insight into:
a. Relevant industry, regulatory and other external factors including appliable financial
reporting framework
b. The nature of the entity including:
i. Its operations
ii. Its ownership and governance structures
iii. The types of investments that the entity is making and planning to make
iv. The way the entity is structured and how it is financed
c. The financial reporting framework that is applicable to the entity and the entity’s selection
and application of accounting policies, including the reasons for changes thereto.
d. The entity’s objectives and strategies. And those related business risks that may result in
risks of material misstatement
e. The measurement and review of the entity’s financial performance
f. The entity’s business model including the extent to which the business model integrates
the use of IT.
g. Industry factors that have a specific bearing on the entity
h. Regulatory factors and applicable regulatory compliances
Chapter 5: Risk 63
Once the auditor has a cursory understanding the entity’s environment, a scrutiny of the inner
workings of the company is a must. For this, the auditor must gain an understanding of how the
entity functions and operates. The processes and procedures that result in the entity
functioning and operating its day to day require the auditor to gauge and gain an understanding
of the entity’s internal control by:
• The auditor shall obtain an understanding of internal control relevant to the audit.
• Although most controls relevant to audit are likely to relate to financial reporting, not all
controls that relate to financial reporting are relevant to audit.
• While obtaining understanding of controls that are relevant to audit, the auditor should
evaluate the design of those controls and determine whether they have been
implemented.
Once the auditor has gained an understanding of the entity and its structure, the auditor can assess
what can actually go wrong or prove to be misleading in the entity’s financial reporting. This enables
the auditor to assess the risk that the entity’s financial statements can have an exposure to.
While there is no hint of a doubt that the company accountant has made a misstatement, the
curious and sceptical mind of the auditor begins to analyse whether the misstatement was a mere
error or whether it is the tip of the iceberg lying low – fraud.
Misstatements occur due to risk. And the auditor is required to conduct a thorough assessment of
risk that the financial statements of the entity are subject to. In the process of conducting this risk
assessment, the audit will be able to:
Chapter 5: Risk 64
This process will result in the risk of reputational and punitive damage for the entity and the
auditor.
As discussed earlier, a misstatement is considered material when it is so large that it impacts the
decisions that are to be taken by the users of financial information.
a. Inherent risk
b. Control risk
• Risk of Material Misstatement (ROMM) is the possibility that material misstatements will
impact the financial statements.
• ROMM is a product of Inherent risk and Control Risk. It can be expressed as:
ROMM = Inherent Risk X Control Risk
Inherent Risk
The essential characteristic of deep-sea diving, bungee jumping, paragliding, highlining, base
jumping, etc. is that risk and thrill is essentially embedded in them and they are not for the faint
hearted. No matter what one does to secure himself while participating in these activities they
remain inherently risky. Something could always, go wrong.
The same goes with some transactions, account balances or disclosures – no matter how
elaborately presented in the financial statements – their inherently complex nature or the
inherently complex method of their structuring or execution makes them “inherently risky.” No
matter how carefully calculated or cautiously reported, there could always be a misstatement.
Control Risk
Control risk can best be illustrated by an example of human behaviour. An individual suffering with
a condition of diabetes is required to control or avoid the consumption of certain food products,
most notably sweets and confectionery that can lead to a spike in his/her blood sugar levels. The
willpower to “control” the consumption of such foods is the primary determinant in how healthy
the individual himself/herself endeavours to be. The diabetic health risk can be prevented in case
the individual controls his/her urges to consume something sweet.
The same goes for financial statements and financial reporting. A risk that a misstatement could
occur and that it can be material can very well be prevented if the entity’s own internal control
mechanisms and process are operating effectively.
Control risk is defined as “The risk that a misstatement could occur and that could be material, will
not be prevented or detected and corrected on an timely basis by the entity’s controls.”
Types of Controls:
Controls can help prevent, detect, correct or compensate for misstatements. Generally internal
controls are of 4 types, namely:
1. Preventive controls
2. Detective controls
3. Corrective controls
4. Compensatory controls
Chapter 5: Risk 68
The nature of the above-mentioned controls and their purpose can be summarized as under:
Risk Co-relations
The degree of effectiveness of internal control is inversely related to the control risk. This has been
tabulated as under:
The degree of control risk coupled with inherent risk has a directly proportional bearing on ROMM.
This has been tabulated as under:
Inherent Risk Control Risk ROMM
High Low Medium
Low Low Low
Low High High
High High High
From the above, we can gather that the effectiveness of internal controls is inversely proportional
to ROMM. Higher the ROMM, higher/more audit procedures will have to be performed to analyse
the impact of misstatement on the financial statements. A high degree of ROMM will have to be
evidenced by larger quantum of audit evidence. Always remember higher the quantum of audit
evidence required, higher will be the quantum of audit procedures to be performed and vice versa.
This has been tabulated as under:
• For entities with absolutely no sign of internal controls, the auditor will have to determine
whether or not to accept such a risky engagement.
• In cases where the auditor is expected to play an active role with the management to help
install and design controls and where the auditor’s professional judgement shall be
respected and opinions adhered, then certainly the auditor can play the role of an architect
of control design in such entities.
• However, this role should be permitted as per the code of professional ethics which the
auditor has to mandatorily abide by.
Chapter 5: Risk 71
Detection Risk:
The phrase “looking for a needle in a haystack” probably best describes detection risk. Imagine
having to look for a single book through in a vast library of similarly coloured and bound books –
this search may prove to be an optical maze for the looker.
Similarly, a collection of account balances and transactions is a maze for the auditor who faces the
risk of not being able to detect that one incorrect or erroneous entry that has put the entire set of
financial statements at a risk of being inaccurate or misleading.
With limited time and resources at hand, the auditor is required to perform procedures that enable
him to express his opinion on the financial statements.
In this entire exercise chances are high that the auditor is unable to detect a misstatement that
actually is material. The failure of detecting such a misstatement is called detection risk.
Detection risk is defined as “the risk that the procedures performed by the auditor to reduce audit
risk to an acceptably low level will not detect a misstatement that exists and that could be material.
Chapter 5: Risk 72
Detection risk combined with ROMM is the expression of audit risk. Detection risk is dependent on
efficiency in planning and merit in execution of audit procedures. Out of inherent risk, control and
detection risk, detection risk is the only risk that is under the control of the auditor.
In cases where the inherent risk and control risk result in a high ROMM, the auditor automatically
is required to acquire more audit evidence which naturally requires more
comprehensive/additional audit procedures.
However, where ROMM is low, the quantum of audit evidence required is lower which
automatically results in a lesser quantum or magnitude of audit procedures. Where the quantum
of audit procedures is lower/lesser automatically the risk of not being able to detect the existence
of misstatement i.e., Detection risk becomes higher. Detection risk is inversely proportional to
ROMM.
The relationship between inherent risk, control risk, detection risk and audit risk has been tabulated
as under:
Detection risk can be mitigated/avoided by varying the nature, timing and extent of audit
procedures.
Chapter 5: Risk 75
Imagine having to run a few errands for the household. Picking up groceries, vegetables, fruits,
dropping off the laundry and buying a new pair of shoelaces for your sneakers. You have a
meticulously complied list of every item to be picked up and you go along getting everything as per
that list. Finally, you arrive at the sports shop and find them to be short stocked on shoe laces. Well,
with everything else apart from the laces in tow the shopping trip has been a success because you
know somewhere that you can do without the shoelaces because all though you “want” the laces,
they aren’t as “essential” as the groceries and the veggies that you simply cannot do without. The
laces do not impact the success of your shopping trip simply because they are not as important, in
terms of audit they are not material.
Similarly in the course of the audit of financial statements there are certain class or classes of
transactions or account balances that maybe one-off or non-recurring or so miniscule in their very
nature that they do not impact the quality and transparency of the financial statements. These
transactions or account balances are not material in determining whether the financial statements
are true and fair because whether or not these items be reported, the accuracy of the financial
statements will not be impacted.
• A one-off water tank cleaning charge paid to a service provider by an I.T company or
• A purchase of sundry items like chips and cola by the local newspaper company for
celebrating the local team’s success in the Metropolitan Football Shield.
These items are petty in their dollar value and they do not impact the truthfulness or fairness of
the financial statements of these entities.
Significance of Materiality:
If material information in the financial statements is misstated, the financial statements cannot be
deemed to show a true and fair view.
Materiality drives the design of audit procedures as these procedures are designed and executed
to detect misstatements that are immaterial.
Determining Materiality:
A dollar value that serves as a threshold of materiality is determined by the auditor’s professional
judgement. The auditor must consider the following while determining materiality:
1. Does the misstatement affect the economic decision of the users of financial statements?
2. The size and nature of the misstatement
3. The information needs of users as a group and the impact the misstatements have on these
groups.
Chapter 5: Risk 76
• Size
• Nature
• Performance
Materiality is subjective and has to considered in the light of the client’s circumstances.
Chapter 5: Risk 77
Materiality by size:
Based on the auditor’s professional judgement a financial threshold can be determined to guide the
audit plan and audit procedures. The rates of materiality thresholds are distinct for each audit
engagement undertaken This threshold can be based on benchmarks such as (These are generalized
rates, and not mandatorily replicated for all audits):
• ½% - 1% of Revenue
• 1% - 2% of Total Assets
• 5% - 10% of Gross Profit
Materiality by nature:
Materiality is driven not just by the amount involved but also by the impact that the item has on
the financial statements and their fair presentation.
For instance,
a. Non-compliances with income tax and corporate filings are considered to be material and
the financial statements of such a non-compliant enterprise are deemed to be misleading.
b. Non-compliance with debt covenants
c. Misstatements with items such as closing inventory that can turn a gross profit to gross loss
or vice versa.
d. Misstatements with items such as current assets that can turn a working capital surplus to
working capital deficit.
e. Transactions with related parties like group entities, directors, key managerial persons, etc.
f. Disclosures of contingent liabilities such as litigations that can have a bearing on future cash
flows and asset position.
Performance Materiality
You must be familiar with the phrase “Many drops make an ocean.” Why and in what context is
that phrase relevant in a discussion about materiality?
Imagine leaving home for a shopping trip, you budget for the things you need to buy. Maybe it’s
clothing or gadgetry or something else. You budget the price of the commodity you want to buy.
What you don’t factor into your budget is that you have to travel to the location of the bazaar or
store, you end up having a nice meal while on the go and top it off with an evening’s snacks after a
successful day at shopping. These smaller costs of travelling, the packaged water, the early
afternoon lunch, the late evening snack coupled with a host of other things you never budgeted
that you will need to buy – result in you spending far exceeding what you originally budgeted.
The smaller immaterial items that were overlooked, when accumulated becoming material is what
performance materiality is. The small drops of inconsequence suddenly become an ocean of
material risk.
Chapter 5: Risk 78
Performance materiality is “the amount or amounts set by the auditor at less than materiality for
the financial statements as a whole to reduce to an appropriately low level the probability that the
aggregate of uncorrected and undetected misstatements exceeds materiality for the financial
statements as a whole.”
Chapter 5: Risk 79
Items below the level of performance materiality are those that do not impact the audit opinion
and are referred to as clearly trivial.
There arises no doubt that there is room for human error in the process of drawing up the financial
statements. This always leaves the financial statements vulnerable to misstatements owing to
error. However if the quantum of these errors can be reduced to a level which does not impact the
fairness of the financial statements, risk of material misstatement is avoided.
The errors that individually or in aggregated do not impact audit opinion and do not result in the
financial statements presenting a misleading picture are called tolerable errors.
Audit risk is minimized when errors are below the threshold of auditor’s tolerance.
The lower the level of materiality, the lesser the margin for error there is in reporting and higher is
the degree of audit risk and vice versa. This relationship between materiality levels and audit risk is
tabulated as under:
Analytical Procedures
Analytical procedures are an audit procedure to cope with and mitigate audit risk. Analytical
procedures encompass the evaluation of financial information through analysis of relationships
among both financial and non-financial data.
1. The auditor uses analytical procedures to obtain relevant and reliable audit evidence; and
2. The auditor designs and performs analytical procedures near the end of the audit. This
assists in forming an overall conclusion as to whether the financial statements are
consistent with the auditor’s understanding of the entity.
a. Identifying inconsistencies, unusual transactions or events and amounts, ratios and trends
that might have audit implications.
b. Identifying risks of material misstatements due to fraud
c. Identifying and assessing aspects of the entity of which the auditor was unaware.
Analytical procedures are used in various stages of the audit process, this has been summarized as
under:
1. Analytical procedures applied in risk assessment and planning are referred to as Preliminary
Analytical Procedures
2. Analytical procedures using in the process of acquiring sufficient and appropriate audit
evidence are called Substantive Analytical Procedures
3. Audit procedures to ensure a consistency in audit closure for forming the audit opinion are
called Final Analytical Procedures
In the process of applying analytical procedures, the auditor will have to consider relationships
between items such as:
• Figures that have a chain of relationship with each other such as:
- Revenue, receivables, cash collections
- Purchases, COGS, Payables and cash payments
- Number of employees and the payroll cost, % of payroll cost attributable to
director’s and key managerial personnel remuneration
Chapter 5: Risk 81
Step Description
Step 1: Determining the auditability of The use of analytical procedures requires the
particular substantive analytical procedures consideration of:
• Availability of data
• Disaggregation
• Account type being analyzed
• Predictability
• Nature of assertion being examined
Step 2: Evaluation of the reliability of data The following factors affect the reliability of
data:
• Source of information available
• Comparability of the information
available
• Nature and relevance of the
information available
• Controls over the preparation of the
information
Step 3: Develop an expectation of recorded The following factors need to be considered
amounts or ratios and evaluate whether the here:
expectation is sufficiently precise to identify Accuracy with which the expected results of
material misstatement substantive analytical procedures can be
predicted degree to which information can be
disaggregated. The availability of information
both financial and non-financial
Step 4: Determine the amount of any
difference of recorded amounts from
expected values that is acceptable without
further investigation.
Ratio analysis is widely used in the application of analytical procedures and establishing logical
linkage between data. Key ratios applied in analytical procedures are listed by function as under:
a. Trend analysis
b. Reasonableness tests
c. Structural modelling
Chapter 6: Audit Planning 82
Table of contents:
The first phase of planning an audit begins with preliminary engagement activities being completed.
Preliminary engagement activities have been discussed in the chapter audit acceptance and
preliminary engagement activities. The activities that need to be completed in this phase are
summarized as under:
• Performing procedures regarding the acceptance and continuance of the client relationship
and audit engagement
• Evaluating compliance with ethical requirements
• Ensuring that there is no misunderstanding with the client as to the terms of the
engagement.
• Communication with the predecessor auditor, where there has been a change of auditors
in compliance with relevant ethical requirements.
In today’s auditing scenario, rotation of auditors is mandated by statute. Hence, this requirement
of communication with the predecessor auditor is a key feature in the audit of listed public entities.
Audit Strategy
The audit strategy sets the scope, timing and direction of the audit and guides the development of
the audit plan. Establishing an audit strategy is key and in this process the auditor shall:
• Ascertain the reporting objectives of the engagement to plan the timing of the audit and
the nature of communications required.
These objectives cover:
➢ Timetable for reporting
➢ Communication with the client
➢ Communication among the audit team
➢ Communication with third parties
Chapter 6: Audit Planning 84
• Ascertain the nature, timing and extent of the procedures necessary to perform the audit.
These include:
➢ Selection of the audit team
➢ Budget
Audit Plan:
The audit plan is the way of executing the matters covered in the audit strategy. The audit strategy
is overarching, and should not be changed unless absolutely critically necessary. However, the audit
plan concerns itself more with the ground level realities of the audit such as timelines, resource
limitations, data constraints and quality – it is this plan that has to be dynamic to deal with
limitations and challenges that arise in the course of the audit.
The audit plan shall address:
Consider the below analogy to understand the relationship between the audit strategy and audit
plan.
➢ The audit strategy determines the scope and direction of audit and determines its
development. The audit strategy with every aspect of its execution, defined with
granularity is the audit plan. The plan simply shows and directs how the strategy is to be
implemented.
➢ The audit plan is more detailed than the overall audit strategy which includes the nature,
timing and extent of audit procedures to be performed by the engagement team members.
Planning for these audit procedures takes place over the course of the audit as the audit
plan for the engagement develops.
For instance,
- Risk Assessment Procedures are planned early on in the audit process. However, the
nature, timing and extent of further audit procedures depends on the outcome of Risk
Assessment Procedures.
- The auditor may begin the execution of further audit procedures for some classes of
transactions, account balances and disclosures before planning all remaining audit
procedures.
➢ The plan can and does undergo tweaks at a micro level in the course of its execution. The
plan has to be dynamic and adaptable in its essence to counter challenges and limitations
that will arise in the course of the audit.
➢ While experience and professional judgement of the auditor ensure that paradigm
shifting changes are not taking the plan by storm, the plan has to have adaptability
infused in it.
➢ At times, the strategy has to be revised to counter the lack of evidence and increased risk
exposure which automatically impacts the audit plan. But in terms of change, the plan can
be revised multiple times in its execution but the strategy cannot be revised as frequently.
➢ The strategy may undergo revision once to counter newfound surprises in the course of
the audit. Any strategy that undergoes continued change maybe considered to be
ineffective and incapable of executing the audit end to end.
Chapter 6: Audit Planning 86
Audit Documentation
Documentation is the record of:
Like audit evidence, documentation too requires a degree of sufficiency to purport that the auditor
has carried out his duties up to the extent and degree required by the audit engagement at hand.
Documentation helps enhance the quality of the audit and facilitates the effective review and
evaluation of the audit evidence obtained and conclusions reached.
Chapter 6: Audit Planning 87
Audit documentation is the documented basis on which the current period’s audit opinion is
expressed. The documentation of the current period under audit is a tangible handover for the
subsequent period under audit for the engagement team.
a. A sufficient and appropriate record of the basis for the auditor’s report; and
b. Evidence that the audit was planned and performed in accordance with the applicable
international standards on auditing and all other applicable regulatory requirements.
Documentation is retained in the audit file for the period required by national regulatory
requirements.
Fraud maybe defined as an intentional act involving the use of deception to obtain an unjust or
illegal advantage by one or more individuals among management, those charged with governance,
employees or third parties.
Frauds result in the financial statements being represented; however, this misrepresentation is
intentional and is also referred to as a misappropriation.
Error on the other hand is unintentional. It arises on account of inaccurate accounting treatment,
mistakes in calculation and casting of entries, negligence and a general lack of awareness. Errors
can be avoided by rendering the right kind of training and support to ensure that mistakes are
avoided.
The auditor’s scope of fraud detection is limited only to frauds that cause material misstatements
in the financial statements. This makes two types of financial statements relevant to the auditor:
The most commonly used means of committing fraud have been listed below:
a. Recording fictitious journal entries, particularly close to the end of the accounting period,
to manipulate operating results or achieve other objectives.
e.g.:
Journalizing sales that have never occurred close the end of the accounting period to
overstate the current period’s income and reversing the sales in the next period as returns
to cloak the previous period’s entry. This results in profits being overstated
d. Concealing, or not disclosing facts that could affect the amounts recorded in the financial
statements.
e.g.: Obsolete inventory and obsolete items of Property, plant and equipment are not
written down to their realizable values to avoid reporting losses in financial statements- the
financial statements as a consequence are over-stated.
• A fraud can be committed only when there exists an opportunity. The availability of
opportunities and reasons to commit fraud are called fraud risk factors.
• Wherever, these fraud risk factors exist – the entity is vulnerable to succumbing to a
fraud.
• These fraud risk factors are generalized and listed as under:
Chapter 6: Audit Planning 89
The primary responsibility for the prevention and detection of fraud rests with both those
charged with governance and the management.
• An auditor is responsible for obtaining reasonable assurance that the financial statements
taken as a whole are free from material misstatement, whether caused by fraud or error.
• When obtaining reasonable assurance, the auditor is responsible for maintaining an
attitude of professional scepticism throughout the audit.
• The auditor should recognize the possibility that a material misstatement due to fraud
could exist, notwithstanding his past experiences of the honesty and integrity of the
entity’s management and those charged with governance.
• Unless, doubtful situations are present, the auditor may accept records and documents as
genuine.
• If conditions cause the auditor to believe that a document may not be authentic or that
terms in a document have been modified, the auditor shall investigate further.
• Where responses to inquiries of management or those charged with governance are
inconsistent, the auditor should investigate the inconsistencies.
Audit procedures for assessing fraud risk and responding the assessed / detected level of fraud
risk:
The enquiries of those charged with governance are based on how those charged with
governance supervise the management’s processes of handling the affairs of a company. The
scope of inquiry is limited here with the auditor only checking whether those charged with
governance are aware or wary of any fraudulent activity that may have occurred.
The auditor shall evaluate whether unusual or unexpected relationships identified in performing
analytical procedures may indicate risks of material misstatements due to fraud.
➢ If the auditor identifies a fraud, they must communicate the matter on a timely basis to
the appropriate level of management. The appropriate level of management are those
individuals/departments that have the primary responsibility for prevention and
detection of fraud.
➢ If suspected fraud involves management, the auditor must communicate the matter to
those charged with governance.
➢ If the auditor has doubts about the integrity of those charged with governance, the
auditor should seek legal advice regarding an appropriate course of action.
➢ In addition to these responsibilities, the auditor must also consider whether they have a
responsibility to report the occurrence of a suspicion to a party outside the entity. Whilst
the auditor does have an ethical duty to maintain confidentiality, it is likely that any legal
responsibility will take precedence. In these circumstances it is advisable to seek legal
advice.
➢ If the fraud has a material impact on the financial statements the audit opinion will be
modified. When the opinion is modified, the auditor will explain why it has been modified
and this will make the shareholders aware of the fraud.
Chapter 6: Audit Planning 92
It is the responsibility of the management and Those Charged with Governance to ensure that
1. The entity’s operations are conducted in accordance with relevant laws and regulations
2. The entity’s financial statements are prepared in all material respects as per the
applicable financial reporting framework
3. To provide to the auditor all requisite understanding regarding the entity, its internal
control processes, its methodology and premise of recording transactions
4. To support the auditor in his process of acquiring SUFFICIENT AND APPRPORIATE AUDIT
EVIDENCE from within the entity.
Auditor’s responsibility:
It is the objective of the auditor to ensure the implementation of quality control procedures at the
engagement level that provide reasonable assurance that:
An audit is driven and led by the engagement partner in the case of a firm. The relebant
ethical requirements in quality control require:
1. The engagement is to remain alert for evidence of non-compliance with relevant ethical
requirements by the engagement team through:
• Inquiry; and
• Observation.
2. If there is an indication of non-compliance with relevant ethical requirements, the
engagement partner should:
• Consult others in the firm
• Determine appropriate action.
3. Overall, the engagement partner must:
• Identify, evaluate and address ethical threats
• Remain alert throughput the audit for breaches of ethical requirements
• Take appropriate action where ethical requirements have not been fulfilled
• Prior to dating the auditor’s report, take full responsibility for determining
whether ethical requirements have been fulfilled.
Engagement Resources:
The engagement partner shall ensure that there is no dearth in the required respurces to perform
an audit engagement.
scepticism and
judgement
• Understanding the
firm’s policies and
procedures
Insufficient human resources
may result in:
➢ Change in the audit
plan
➢ Extension to deadlines
➢ Withdrawal from the
engagement
Engagement performance
• The direction, supervision and performance of the audit engagement in compliance with
professional standards and regulatory and legal requirements.
• Enable the auditor’s report that is appropriate in the circumstances to be issued.
Chapter 6: Audit Planning 95
Reviews:
• The work has been performed in accordance with professional standards, policies and
procedures
• Reviews are being performed in accordance with the firm’s review policies and
procedures
• Appropriate consultations have taken place
• The objectives of engagement procedures have been achieved.
• Be satisfied that sufficient appropriate audit evidence has been obtained to support the
conclusions reached and audit report to be issued through:
✓ Review of documentation.
✓ Discussion with engagement team.
Consultation:
• Take responsibility for the engagement team undertaking consultation on difficult issues
• Be satisfied that members of the engagement team have undertaken such consultation.
• Be satisfied that nature and scope and conclusions of such consultations are agreed with
the consultant.
• Determine that conclusions resulting from such conclusions have been implemented.
Required in case of audit for financial statement of listed entities and other audit engagement for
which engagement quality control review is required, the engagement partner shall:
Differences of opinion:
The engagement team shall follow the firm’s policies and procedures for dealing with and
resolving differences of opinion.
1. Monitoring process provides the firm with reasonable assurance that its policies and
procedures relating to the system of quality control are relevant, adequate and operating
effectively.
2. To monitor quality control policies, the engagement partner will consider:
• Results of the firms’ monitoring process
• Whether deficiencies noted may affect the audit engagement.
3. The monitoring process shall ensure that relevant reliable and timely information about
the design, implementation and operation of the system of quality management be made
available. This shall ensure that appropriate actions and responses against deficiencies
can be affected on a timely basis. In order to achieve this, the firm must:
• Establish quality objectives
• Identify and assess quality risks
• Design and implement responses to address quality risks
Chapter 7: Audit Evidence 97
Table of contents:
1. Meaning and attributes of audit evidence – how much is sufficient and what is appropriate?
2. Financial statements assertions
3. Audit procedures/Methods for acquiring audit evidence
4. Sources of audit evidence
5. Sampling
6. Relying on the work of external parties:
a. Management expert
b. Internal auditor/ Internal audit function of the auditee entity
c. Service organizations
Audit evidence quite simply put is the basis of forming an audit opinion.
ISA 500 defines audit evidence as, “Information used by the auditor in arriving at the conclusions on
which the auditor’s opinion is based. Audit evidence includes both information contained in the
accounting records underlying the financial statements and other information.”
In the process of audit, most if not all information is of an accounting or financial nature. This
information is:
We have summarized examples in categories that will best enable your understanding on sources
of audit information, here under:
Information in accounting recording Information obtained from Information obtained from sources
underlying the financial statements withing the entity but not from outside the entity i.e. external sources
accounting records
• Account balances of trade • Understanding processes of • Bank balance confirmations from
receivables and payables revenue recognition, company’s bankers
• Details of revenue recognized purchase, payments, debt • Payable confirmations from
and classified as unearned settlement, etc. company’s vendors
• Useful life estimates for • Board minutes, board • Receivable confirmations from
property, plant and equipment resolutions company’s customers
• Calculations of employee • Valuer’s certificates for fair • Company credit rating to analyse
benefits value of assets. credit health of the company.
• Confirmations/certificates for • Agreements of high value
timely deposit of all taxes transactions like leases, title
collected and deducted documents for assets, etc.
Chapter 7: Audit Evidence 99
The audit process has to be designed in a manner that enables the collection of audit evidence to
facilitate the formation of a conclusive audit opinion.
If the information is such that the opinion of the auditor shall be based on it, it has to be reliable to
say the very least. Accounting information is primarily numerical in its nature, and hence it can be
used to analyse trends. For information to be supportive of any trend, it has to display repetitive or
specific characteristics that prove the existence of such a trend. And such trends can be proven
when information is abundant in its quantity such as:
• High number of transactions for areas like - revenues, expenses, related party transactions
• Repetitive entries for employee benefit accounting, depreciation, utility bills etc.
Quantitatively abundant evidence is no guarantee that the evidence is of the required quality.
Evidence must have a quality to support conclusions and quantity to prove their prevalent
existence. Hence characteristic of evidence acquired must be both qualitative as well as
quantitative.
All audit procedures must be designed in a way that enable obtaining sufficient and appropriate
audit evidence.
Sufficiency refers to the quality of audit evidence. It is affected by the assessment of the risk of
material misstatement. Whether the quality of evidence acquired is sufficient depends on:
Appropriateness of evidence:
Appropriateness of audit evidence refers to the measure of quality of audit evidence. The quality
of audit evidence is based on its relevance and reliability. Just how supportive the evidence at hand
is for the auditor to base his opinion upon is the true measure of its quality.
The following factors are important when judging the reliability of audit evidence:
Higher the degree the reliability of audit evidence, lower would-be quantity needed to
base the audit opinion and vice versa.
Chapter 7: Audit Evidence 101
Relevance of audit evidence caters to the purpose and objective of audit procedure. How
relevant a piece of information is, depends on the financial statement assertion that is being
examined by the auditor.
Consider the following examples for getting a better understanding of the relevance of audit
evidence:
• While auditing the area of revenue recognition, customer contracts for sale of
goods/services are more relevant than cash collection cycles from those customers. The
cash collection cycle will be dictated by the terms and conditions laid down in the contract
with the customer. The contract of sale will dictate the periodicity of collection of the
contract price. Hence, relevant evidence here is the contract of sale. Cash collection
details are merely supplementary to the main contract.
Relevance of the audit evidence obtained, has an impact on its reliability. Higher the relevance of
the evidence, higher is its reliability and vice versa. Hence, relevance will indirectly impact the
quantum of evidence to be collected.
The attributes of relevance and reliability enhance the audit evidence obtained. These attributes
are merely indicators of the existence of risk of material misstatement and do not contribute in
reducing or enhancing such risk. Here, the reader is requested to appreciate that:
For those of you who enjoy detective flicks and mystery dramas, remember that evidence
does not prevent the crime, it merely helps you detect the crime and the perpetrator.
In conclusion:
• Relevance and reliability are the factors that determine the appropriateness (quality) of the
audit evidence.
• Sufficiency of audit evidence coupled with its appropriateness enable the auditor to
conclude if there exists any ROMM in the financial statements.
• This conclusion about the existence of ROMM is the basis on which the auditor compiles
his opinion which is ultimately conveyed to the users of financial statements and
information.
• The relevance of audit evidence acts as the basis of testing audit assertions, which is our
next topic of discussion.
Chapter 7: Audit Evidence 103
Assertions are claims made by the management regarding accounting balances reported and
transactions entered into by the company. These assertions are audited by acquiring audit
evidence.
Now, let us understand what financial statement assertions are in their true essence. Consider the
undermentioned extract of the Balance Sheet i=of Reliance India Ltd (RIL) as on 31 March 2021:
Chapter 7: Audit Evidence 104
The balance sheet extract presents financial information such as the value of total assets of RIL as
on 31 March 2021. A break up and categorization of total assets as per the relevant accounting
framework has been provided for users of the financial statements.
1. While RIL reports that the book value of Property, plant and equipment is INR 2,92,092
crore, how do you as the reader and user of financial information, know whether this
statement made by RIL is true or untrue?
2. While RIL states that the value of Inventory is INR 37,437 crore, how do you as the reader
and user of financial information, know whether this statement made by RIL is true or
untrue?
3. While RIL states that the value of Loans given is INR 993 crore, how do you as the reader
and user of financial information, know whether this statement made by RIL is true or
untrue?
Financial statement assertions are nothing, but claims made by the management regarding the
financial position of the company.
So, when the management of RIL states that the value of PPE is INR 2,92,092 crore or that the value
of inventory is INR37,437 crore or that the value of loans given is INR 993 core, these are nothing,
but claims made by the management of RIL.
How will you, an outsider, a small minority shareholder/investor determine whether these claims
are true, or not? The answer lies in audit. It is the auditor who verifies these claims -i.e., financial
statement assertions by gathering audit evidence which has to be sufficient and appropriate. Based
on such evidence, the auditor assures that the financial statements are true and fair which simply
means that the claims made by management i.e., the management assertions are true and fait and
not misguiding or false.
Investors, lenders and other classes of users of financial information base their decisions of
investing in and lending to the company on the data that is reported in the financial statements
– these data are nothing but management assertions about account balances of assets and
liabilities and transactions entered into by the company.
For providing this assurance, the auditor must evaluate the assertions made by the management.
These assertions are misleading if they are misstated due to material misstatements stemming from
error or fraud.
The evaluation of whether these assertions are misleading is made by assessing the risk of material
misstatement at the level of the financial statements as a whole and at the assertion level.
Chapter 7: Audit Evidence 105
• This risk refers to material misstatements impacting the financial statements as a whole. It
stems from assertions and impacts the assertions made as well.
For instance, if depreciation is based on a 10-year useful life, it impacts the asset position in
the Balance sheet and in case there exist conditions that adversely impact the useful life of
the asset, such conditions then impact the reported asset numbers (an assertion in itself)
and estimate made for the useful life.
• The risk of material misstatement at financial statement level particularly derives from a
deficient control environment. A lack of internal control on the part of the management
will automatically lead to an increase in the amount of audit procedures and efforts to be
undertaken.
At the assertion level the risk of material misstatement impacts account balances, classes of
transactions and disclosures. Assertions made by the management have to be evaluated by the
auditor under three categories:
Transactions are the lifeblood of any business. Transactions result in revenue, expenses, asset
creation, liability generation, gains, and losses. The true essence of a transaction always lies beyond
its mere legal form and financial reporting as a function is tasked with the responsibility of capturing
that very essence. What a transaction entails and how exactly it impacts the financial position of an
enterprise is what the makers of financial statements i.e., the management of the reporting entity
are tasked with to explain to the users of financial information. The management reports all
transactions that have taken place during the year in the financial statements by basing this
reporting on certain assertions. These assertions are to be evaluated by the auditor. In the process
of doing so, certain rudimentary and fundamental questions have to be asked by the auditor. These
questions are answered on the basis of the evidence gathered by the auditor whereby the auditor
finally signs-off on whether the assertion i.e., claim made by the management is true and fair or
misleading/misrepresented.
Chapter 7: Audit Evidence 107
The following table lists down all the assertions made by the management in reporting transactions
in financial statements, that the auditor shall evaluate:
Assertion to be evaluated What question does the What is the assertion trying
auditor ask while evaluating to convey in the financial
this assertion? statements?
Occurrence Has the transaction actually Transactions that have
occurred during the period for occurred during the reporting
which audit of financial period have been recorded in
statements is being the financial statements
conducted?
Completeness Has every aspect of the Transactions that have
transaction been completely occurred during the reporting
recorded in the financial period have been reported in
statements? the financial statements in
manner that captures their
entire essence and impact.
Accuracy Has the transaction been Transactions have reported at
accurately recorded in the their accurate value in a
financial statements in waythat manner that the financial
there is no scope of distortion statements are free from
or misstatement owing to error
misrepresentation of or purposeful numerical
commercial and factual reality? distortion.
Cut-off Do all the reportedtransactions Transactions have been
pertain/relate to the reporting recorded in the correct
period? reporting period - All
Is/are there any transaction(s) transactions that relate to this
that although have occurred reporting period have been
during the reported period, recorded in this very the
have not been captured or reporting period.
reported in the financial
statements owing to unique
contractual terms and
obligations?
Classification Have the recorded transactions Transactions have been
been accurately classified as properly classified into capital
per applicable accounting and revenue. Deferments
norms and principles? have been transparently
disclosed and accurately
justified in the accounts and
notes to the accounts.
Presentation Is the presentation as per the Transactions have to be
applicable financial reporting presented with respect to all
framework? material facts and
Does the presentation information related to the
support/aid the user’s transactions.
understandability of the The presentation has to be in
financial statements? line with the applicable
financial reporting
framework.
Chapter 7: Audit Evidence 108
Class discussion
Let us understand assertions impacting transactions during the year with the help of the following
case:
Haers Ltd. placed an order for a machine on 29 June 20X1. This custom-built machine is delivered
to Haers on 26 October 20X1 by the vendor. On the date of delivery, Haers begins the process of
installing the machine in its factory and the same is completed on 16 December 20X1 from when it
begins using it for production and manufacturing. As per contractual stipulations, Haers makes the
payment to the vendor on 15 February 20X2. The reporting year/period for Haers is January 20X1
to December 20X1.
As the auditor of Haers which assertions would you evaluate for the above transaction?
Transactions create account balances. Amounts are paid and received in the course of the reporting
period and each such amount takes the form, shape and colour of an account balance. Cash is
transformed into assets, which create goods which then lead to becoming account receivables who
ultimately become cash again. Purchases and expenses create accounts payable who then claim
cash and are eventually settled.
How one commercial item transforms into another has to be accurately tapped into and
appropriately disclosed. The management reports all account balances that have been:
A. Carried forward from previous reporting periods to the current reporting period either to
be settled in the current period or carried forward to future reporting period,
B. Created and settled during the current period,
C. Created in the current reporting period and carried forward to the next reporting period
These balances are reported based on certain assertions. These assertions are to be evaluated by
the auditor. In the process of doing so, certain rudimentary and fundamental questions have to be
asked by the auditor. These questions are answered on the basis of the evidence gathered by the
auditor whereby the auditor finally signs-off on whether the assertion i.e., claim made by the
management is true and fair or misleading/misrepresented.
Chapter 7: Audit Evidence 109
The following table lists down all the assertions made by the management in reporting account
balances in financial statements that the auditor shall evaluate:
Assertion to be evaluated What question does the What is the assertion trying to
auditor ask while evaluating convey in the financial
this assertion? statements?
Existence Each account balance relates to The assets and liabilities,
a tangible (sometimes connected to and represented
intangible) item or resource. by the account balances in the
Do these items or resources financial statements, exist.
really exist?
Rights and obligations Does the entity have a right of All tangible and intangible
ownership / title over the rights represented by their
assets reported? respective titles have been
disclosed as assets.
Is the entity obligated to settle All obligations that result in
the liabilities reported? and shall result in an outflow
of resources have been
disclosed as liabilities.
Completeness Has the entirety of assets and Assets with their respective
liabilities been recorded in the additions and deductions have
financial statements? been recorded in their
entirety.
Liabilities with their
accumulations and
settlements have been
recorded in their entirety.
Valuation and allocation Have assets and liabilities been Assets and liabilities are
reported at their appropriate reported in the financial
fair values as per GAAP statements at appropriate
requirements? amounts and allocation
adjustments have been made
Have adjustments to the values as per GAAP requirements
of assets and liabilities been with the requisite supporting
appropriately reported in the like valuer’s certificate, etc.
financial statements?
Classification Classification for account All account balances should
balances ensures appropriate reflect the transactions that
grouping of transactions under impact them. For instance, an
the relevant head of reporting issue of equity shares at a
– premium should reflect in:
For instance: A. The Account balances
✓ All material purchases of issued Share capital
are ultimately B. The Reserve and
aggregated under Cost Surplus Balance of
of Goods Sold. Premium.
✓ All movements in
Equity due to issue,buy
back and forfeiture
of shares are
ultimately aggregated
Chapter 7: Audit Evidence 110
• The entity’s objectives and controls relate to financial reporting, operations and
compliance; however, not all of these objectives and controls are relevant to the auditor’s
risk assessment.
• The auditor shall obtain an understanding of internal control relevant to the audit.
• Although most controls relevant to the audit are likely to relate to financial reporting, not
all controls that relate to financial reporting are relevant to the audit.
• It is a matter of the auditor’s professional judgment whether a control, individually or in
combination with others, is relevant to the audit.
Chapter 7: Audit Evidence 111
For instance, bank balance numbers reported by the entity are confirmed by
acquiring the most recent bank statement directly from the bankers.
Recalculation This method involves checking the mathematical accuracy of documents and
records by manual or electronic calculations.
- For instance, the summation of salaries paid by all departments like
Production, Marketing, Sales, HR, Finance, Administration is
reported as the total number of “Salary” which is debited to the
statement of profit and loss.
- Recalculation could involve rechecking the individual total of each
department after considering leaves, over-time bonuses, promotion,
and appraisal, etc.
Re- This method requires the auditor to independently execute processes or
performance controls that are in place in the entity to:
• Re-check their existence; and
• Check their effectiveness
Analytical Evaluate financial information by studying relationships between financial and
procedures non-financial data.
- For instance, if a segment or line of business has been reporting
constant growth over the past few years, the auditor should analyse:
• Quality of payable management via recurrence and duration of
payments to vendors.
• Quality of receivable collection via credit period granted, credit check
detailing prior to granting credit to customers, modes of recovery and
discounts offered for early payment.
Inquiry Inquiries may range from formal written inquiries to informal verbal inquiries.
Inquiries must be supported with written representations from management
wherever appropriate.
Audit procedures:
Inherently, the audit process begin with a test of controls that enables the auditor to determine the
effectiveness of the internal controls in the auditee entity.
Effectively operating internal controls automatically reduce the gravity of audit risk.
Tests of Controls:
• Tests of control is an audit procedure which will provide evidence as to whether the control
procedure is in place and working effectively.
• Tests of control focus on control procedures.
• Test of controls rely on direct controls to function effectively. Direct controls are control
procedures which are properly designed, in place and working effectively at addressing the
risk of material misstatements at the assertion level.
• If a direct control is identified to be tested under tests of control, the auditor will be
required to acquire sufficient and appropriate audit evidence about the effectiveness of the
said direct control – for instance segregation of duties.
• Tests of control are not substantive in nature i.e., auditor does not check the balances which
will go in the financial statements.
Chapter 7: Audit Evidence 113
Substantive procedures:
Analytical Procedures:
Auditor’s objectives:
a. To obtain relevant and reliable audit evidence when using substantive analytical
procedures
b. To design and perform analytical procedures near the end of the audit that assist the
auditor when forming an overall conclusion as to whether the financial statements are
consistent with auditor’s understanding of the entity.
Chapter 7: Audit Evidence 114
Auditor’s procedures:
At the very outset let us clarify that a sample is the smallest unit of audit evidence that enables the
auditor to base his opinion upon. It is one transaction selected to check the fairness of its assertions,
out of multitudes of similar such transactions. If this one transaction seems fairly reported and
presented, the auditor leads to believe that all the similar transactions that are represented by this
one transaction too maybe fairly reported and presented.
The process of acquiring a sample is referred to as sampling and this can be performed using various
methods, each of which have been discussed ahead.
The auditor faces inherent limitations under which he performs the audit. These limitations pertain
to nature, extent and timing of work to be carried out. In any audit engagement, the auditor cannot
practically examine the entire population of transactions or account balances owing to these
limitations. Audit is an art, where under the auditor has to scientifically pick and choose a few
transactions (sampling) that best represent the entire universe of transactions that an entity has
entered into. These limited few transactions (samples) that are representative of a wider
population of transactions are the basis on which the auditor expresses his opinion.
To perform the above evaluations of tests of control and details, samples have to be selected for
both:
There are scientific methods of drawing a sample from within a sea of transactions. These methods
have been explained in the next section. The sampling process carries its own risks and challenges,
an improper or unsuitable sample can produce misleading results which can hamper the audit
process and impact the overall accuracy of the auditor’s opinion on the financial statements.
Selection of samples is driven by two methods, viz a viz, statistical and non-statistical. They are
enumerated as under:
Statistical Sampling
Random Selection Systematic Selection Monetary Unit Sampling
• This method ensures that • Under this method the • This method is avalue
all items within a number of sampling units in weight-based
population stand anequal a population is divided by selection where in
chance of selectionby the the sample size to give a sample size, selection
use if random number sampling interval. and evaluation result
tables or random number Say for instance, each 50th in a conclusion in
generators. unit is selected. monetary amounts.
• Here the sampling units • Under this method the • For instance, all sales
can be physical items starting point is determined made on credit basis
such as sales, invoices or haphazardly. that exceed $20,000.
monetary units • Here, to ensure that the
• Most suitable for: sample is truly random, the
Population that following can be used:
consists of - Computerized
reasonably similar random number
units that fall within generator
a reasonable range. - Random number
tables
Non-Statistical Sampling
Haphazard Selection Block Selection
• Under this method, samples are selected • It involves the selection of blocks of
without following a structuredtechnique. contiguous items from within the
• Although, no structured technique is population
used, the audit would nonetheless avoid • Block selection cannot ordinarily ne used
any conscious bias or predictability. This in audit sampling because most
ensures that all items in the population populations are structured such that
have a chance of selection. items in a sequence can be expected to
• For audits that merit the use of statistical have similar characteristics to each other,
sampling, haphazard selection cannot be but different characteristics from items
used. elsewhere in the population.
• In some circumstances it may be
appropriate audit procedure to examine
a block of items, it would rarely be an
appropriate sample selection technique
when the auditor intends to draw valid
inferences about the entire population
based on the sample.
Chapter 7: Audit Evidence 118
The universe of transactions that an auditee entity engages in the course of the period under
audit.
Sampling is merely a synchronised, scientific selection of transactions that best represent the
entire universe of transactions that the auditee has engaged in. The samples selected have been
encircled as shown below:
Chapter 7: Audit Evidence 119
Sampling Risk:
Sampling supplements the formation of the audit opinion. Sampling has its own risks and if
performed erroneously can result in misleading or inaccurate audit conclusions and opinion.
Sampling risk that affects audit effectiveness Sampling risk that affects audit efficiency
Sampling risk pertaining to tests of control: Sampling risk pertaining to tests of control:
The sample selected demonstrates that The sample selected demonstrates that
internal controls are effective. However, in internal controls are ineffective. However, in
reality they are not effective. reality they are effective.
This is the misleading conclusion that an Here the internal controls appear to be less
improperly selected sample for tests of control effective than they actually are.
can lead to.
This results in the auditor having to performing
Here the internal controls appear to be more additional work and tasks around acquiring
effective than they actually are. more evidence and performing additional tests
Sampling risk pertaining to tests of details: Sampling risk pertaining to tests of details:
The sample selected demonstrates that The sample selected demonstrates that
material misstatements do not exist. However, material misstatements exist. However, in
in reality misstatements do exist. reality misstatements do not exist.
Chapter 7: Audit Evidence 120
a. The purpose of the audit procedure to which the sample will serve as evidence.
b. The combinations of procedures that are being performed where the sample will serve as
evidence.
c. The nature and characteristics of evidence that is sought.
d. Possible misstatements that can occur in the reporting area from which the sample is
sought.
1. Management’s expert.
2. Internal auditor / Internal Audit function of the auditee entity.
3. Service organizations.
ISA 500: Audit Evidence provides express guidance on what the auditor should consider before and
while relying on the work of a management’s expert. This has been summarized as under:
Chapter 7: Audit Evidence 121
Evaluation of
Competency of management Capability of capability of Objectivity of management
expert management expert expert
Evaluation of competency of Evaluation of the capability of Evaluation of the objectivity of
the management’s expert the management’s expert the management’s expert
relates to the nature and level relates to how well the said entails the possible effects
of expertise the management expert is able to exercise its that:
expert has in adding value to level of competency • Bias
the preparation of the • Conflict of interest
financial statements • Influence exerted by
others
May have on the professional
or business objectivity of the
management expert.
Sources of information while evaluating the competence, capability and objectivity of the
management’s expert, include but are not limited to:
An evaluation of the competency, capability and objectivity of the management’s expert is based
on:
The auditor’s responsibility is not reduced where the work of the management’s expert is relied
upon. As a matter of professional responsibility, it is amplified to the extent that this work has to
be cross verified and evaluated to meet the degree of suitability that provides the auditor with
reasonable comfort on relying with such work.
Relying on the Internal Auditor / Internal Audit function of the auditee entity:
The external auditor has the sole responsibility for the audit opinion expressed. This responsibility
can be better executed by using the work of the internal audit function, if it exists in the auditee
entity.
An internal audit department forms the part of the auditee entity’s system of internal control. IA
helps correct and maintain internal control by identifying and plugging gaps in an entity’s processes.
An effectively functioning IA department results in control risk being reduced and therefore reduces
the need for the auditor to perform detailed substantive testing.
However, the auditor has to ensure professional scepticism with respect to the data and findings
presented by the IA department as where the auditee entity has an inhouse IA department, the
internal auditor and the IA function as a whole are not independent of the entity.
The scope of the internal audit function has been graphically illustrated as under:
Chapter 7: Audit Evidence 124
Before relying on the work of IA or IA function, the auditor has to evaluate the following:
a. IA function overall
b. Objectivity of IA in the organization under audit
c. Competence of IA in the organization under audit
d. Work performed by IA or IA
While evaluating the IA function overall, the auditor must ask the following questions:
1. Do the internal audit function’s organizational status and relevant policies and procedures
support the objectivity with which internal auditors perform their work?
2. How competent is the IA function?
3. Does the IA function apply a systematic and disciplined approach?
If the answers to the above questions are favourable, the auditor chooses to rely on the work
performed by the IA function by applying the appropriate degree of professional scepticism.
While evaluating the objectivity of the IA function, the auditor must ask the following questions:
1. Does the IA function report to TCWG or does the IA function have access to TCWG?
2. Is the IA function free from operational responsibility?
3. Who takes the employment and remuneration decisions of the IA function, is it TCWG or a
committee of non-executive directors like the Audit committee?
4. Are there any restrictions or constraints placed on the IA function by the management or
TCWG?
5. Are the IA members of any professional body such as the Association of Chartered Certified
Accountants or the Institute of Chartered Accountants of England and Wales?
If the answers to the above questions are favourable, the auditor opines that the IA function as well
as IA are objective in their approach to the work they perform.
While evaluating the competence of the IA function, the auditor must ask the following questions:
1. Are the resources of the IA function appropriate and adequate for the size of the
organization and the nature of its operations?
2. What are the established policies for hiring, training and assigning internal auditors to the
IA function and IA engagements?
3. Do the IA have adequate training and proficiency, including professional qualifications and
experience?
4. Do the IA have the required knowledge of the entity’s financial reporting framework?
5. Do the IA have the necessary skills to perform work related to the entity’s financial
statements?
If the answers to the above questions are favourable, the auditor opines that the IA function as well
as IA are competent to serve the organization and add value to the internal control process.
Chapter 7: Audit Evidence 125
While evaluating the work performed by the IA function, the auditor must ask the following
questions:
1. Has the work performed by the IA or the IA function been properly planned, performed,
supervised, reviewed and documented?
2. Has SAAE been obtained by the IA or IA function while designing controls that are in place?
3. Have the conclusions been reached appropriate under the current/applicable
circumstances?
4. Are the reports prepared consistent with the work performed?
If the answers to the above questions are favourable, the auditor opines that the IA function as well
as IA have performed their work effectively.
Once auditor has evaluated the IA function on the basis of its objectivity, competence, work and an
overall basis, the auditor can use internal audit to provide direct assistance in the audit process. All
assistance taken in the audit process has to be documented.
The IA function can provide assistance in gathering audit evidence under the supervision and review
of the external auditor. While using the IA to provide direct assistance, the following considerations
will have to be made:
1. Direct assistance cannot be provided where the laws and regulations directly prohibit the
same.
2. Threats to objectivity and competence of the IA and IA function have to be considered
before relying on the same. It must be appreciated that the IA function per se are
employees of the organization under audit and they are answerable first and foremost to
the management of the organization. IN organizations that have lapses in governance and
ethics, the IA and the IA function will perform as per the demands of the leadership of the
organization. Relying on the IA function under these circumstances will naturally increase
the ROMM owing to fraud.
3. Selection of samples involving significant judgment cannot be left/allocated to IA
4. Any work planned and allocated to the IA must be communicated to TCWG.
Documentation to be maintained by the external auditor in case assistance has been provided by
the IA or IA function:
Service Organizations:
A service organization is a third-party organization that provides services to user entities. These
services are part of the user entity’s information system relevant to financial reporting.
For instance, companies use service organizations to perform business functions such as:
But it’s not as simple as it may sound, the below graphic illustrates the challenge in this kind of
arrangement:
Chapter 7: Audit Evidence 127
Understanding how the user entity uses the services of the service organization:
The user auditor shall obtain an understanding of how user entity uses the services of a service
organization in the suer entity’s operation, including:
a. Nature of the service provided by the service organization and the significance of those
services to the user entity
b. The nature and materiality of the transactions processes or financial reporting processes
affected by the service organization
c. The degree of interaction between activities of service organizations and those of the user
entity
d. The nature of relationship between user entity and the service organization including the
relevant contractual terms for the activities undertaken by the service organization.
The user auditor shall obtain an understanding of how the user entity uses the services of a service
organization in the user entity operation including:
a. Nature of service provided by the service organization and the significance of those services
to the entity.
b. The nature and materiality of the transactions processed or financial reporting processes
affected by the service organization.
c. The degree of interaction between activities of service organization and those of the user
entity
d. The nature of relationship between user entity and the service organization including the
relevant contractual terms for the activities undertaken by the service organization.
Chapter 7: Audit Evidence 128
Auditor’s considerations:
• The user auditor shall evaluate the design and implementation of relevant controls of user
entity that relate to the services provided by the service organization.
• The user auditor shall determine whether a sufficient understanding of nature and
significance of services provided by service organization and their effect on the user entity’s
internal control relevant to the audit has been obtained, to provide basis for identification
and assessment of ROMM
• If user auditor is unable to obtain a sufficient understanding from the user entity, the user
auditor shall obtain that understanding form one or more of the following procedures:
- Obtaining a type 1 or type 2 report if available
- Contacting the service organization through the user entity to obtain the sufficient
information
- Visiting the service organization
- Using another auditor to perform procedures that will provide the necessary information
about the relevant controls at the service organization.
The suer auditor shall determine whether SAAE with respect to the financial statement assertions
are available from records held at the user entity. If not:
Independence Competence
The service organization is external to the user. The service organization is considered as a
Hence, the audit evidence derived from it is specialist of the services it provides.
regarded as being more reliable than evidence Hence, it is more competent in executing its
generated internally by the user role than the user’s internal department
resulting in fewer errors which automatically
reduces the ROMM due to error.
Table of contents:
1. Components of internal control
2. Objectives of internal control
3. Inherent limitations of internal control
4. Impact of tests of control on strategy and planning
5. Material weaknesses in internal controls
6. IT risks
7. Documentation
8. An overview of specific systems
Internal Control is the process designed, implemented and maintained by TCWG, management
and other personnel to provide reasonable assurance about then achievement of an entity’s
objective with regard to:
➢ Reliability of financial reporting
➢ Effectiveness and efficiency of operations
➢ Safeguarding of assets
➢ Compliance with applicable laws and regulations
The term “controls” refers to any aspects of one or more of the components of internal control.
Control Environment
The entity’s risk assessment process forms the basis for how management determines the risks to
be managed. If that process is appropriate to the circumstances, including the nature, size and
complexity of the entity, it assists the auditor in identifying ROMM. Risk can arise or change due to
the below mentioned circumstances:
1. Changes in operating environment:
Changes in the regulatory or operating environment can result in changes in competitive
pressures and significantly different risks.
2. New Personnel:
New personnel may have a different focus on or understanding of internal control.
4. Rapid growth:
Significant and rapid expansion of operations can strain controls and increase the risk of
breakdown in controls.
Chapter 8: Systems and Controls 132
5. New technology:
Incorporating new technologies into production processes or information systems may
change the risk associated with internal control.
7. Corporate restructuring:
Restructuring maybe accompanied by staff reductions and changes in supervision and
segregation of duties that may change the risk associated with internal control.
The information system relevant to financial operating objectives which includes the accounting
system consists of the procedures and records designed and established to:
1. Initiate, record, process and report entity transactions
2. Resolve incorrect processing of transactions
3. Process and account for system overrides or bypasses to controls
4. Transfer information from transaction processing systems to the general ledger
5. Capture information relevant to financial reporting for event s and conditions other than
transactions such as the depreciation and amortization of assets
6. Ensure information required to be disclosed by the applicable financial reporting
framework is accumulated, recorded, processed, summarized and appropriately reported
in the financial statements.
Control activities are the policies and procedures that help ensure that management
directives are carried out and may pertain to following:
1. Performance reviews
2. Information processing
3. Physical controls
4. Segregation of duties
Control activities on a general basis have been illustrated here under:
Monitoring of controls
➢ Human Error:
The possibility of human error occurring can never be eliminated no matter how strong
the control mechanism. Inadvertent human error in casting, totalling, tallying, reconciling
will always be a vulnerability resulting in risk of misstatement.
➢ Collusion:
In environments where fraud risk factors exist, staff collusion cannot be written off. At
any given opportunity, there looms a risk of interdepartmental staff collusions to override
and by pass controls.
➢ Abuse of power:
Tone at the top dictates the effectiveness of governance and control mechanisms. If the
leadership frequently over rise controls, this can lead to abuse of power and authority
which ultimately affects the effectiveness of controls.
➢ Management Judgement:
Financial reporting is driven by estimates made out of management experience and
judgement. Even the most experienced leaders can be vulnerable to inaccurate estimates
not just in financial reporting but in operations too.
Chapter 8: Systems and Controls 136
If the auditor identifies a control procedure to assess or test, he will acquire SAAE about the
effective working of that procedure.
For instance, if Authorization is the control the auditor identifies, whether or not purchases of goods
are authorized by the Purchase manager or whether the purchase of fixed assets above a certain
monetary threshold has been authorized by the Board of directors is what the auditor shall assess.
Tests of controls are not substantive procedures. Hence when performing a test of control, the
auditor does not test the account balance or transaction value that is reported in the financial
statements.
The effectiveness of internal controls has a direct bearing on ROMM. The assessed degree of ROMM
dictates the audit strategy and in turn this affects the nature, timing and extent of audit procedures
to be performed. Internal controls can either be effective or ineffective. The impact of the
effectiveness of internal controls on the audit process has been discussed here under:
Chapter 8: Systems and Controls 137
➢ Where the auditor assesses the degree of effectiveness of internal controls to be high,
automatically more reliance can be placed on:
a. Internal controls of the entity
b. Evidence generated internally within the entity.
➢ As discussed earlier in Lesson 5, Risk – where the degree of effectiveness of internal
controls is high, the control risk is low.
➢ A low degree of control risk corresponds to interim audit testing being
effective/appropriate.
➢ The quantum of substantive testing to be carried out corresponds directly the degree of
control risk. A lower degree of control risk (due to a highly effective internal control
system) warrants a lower quantum of substantive testing and vice versa.
➢ The quantum of substantive testing is directly proportional to the size and quantum of
audit samples that need to be collected as audit evidence. A lower degree of substantive
testing owing to a lower degree of control risk naturally translate into a smaller sample
size required to arrive upon the audit opinion.
➢ This naturally results in:
• Less comprehensive audit procedures
• Faster audit completion process
• Lower manpower resource requirement
➢ Where the auditor assesses the degree of effectiveness of internal controls to be low,
automatically lesser reliance can be placed on:
1. Internal controls of the entity
2. Evidence generated internally within the entity.
➢ As discussed earlier in Lesson 5, Risk – where the degree of effectiveness of internal
controls is low, the control risk is high.
➢ A high degree of control risk corresponds to interim audit testing being ineffective/
inappropriate.
➢ The quantum of substantive testing to be carried out corresponds directly the degree of
control risk. A higher degree of control risk (due to a poorly effective internal control
system) warrants a higher quantum of substantive testing and vice versa.
➢ The quantum of substantive testing is directly proportional to the size and quantum of
audit samples that need to be collected as audit evidence. A higher quantum of
substantive testing owing to a higher degree of control risk naturally translate into a
larger sample size required to arrive upon the audit opinion.
➢ This naturally results in:
• More comprehensive audit procedures
• Slower audit completion process
• Higher manpower resource requirement
Chapter 8: Systems and Controls 138
Less
High Low High High High Low Small Comprehensive Low Faster Low
More
Low High Low Low Low High Large Comprehensive High Slower High
A higher degree of control risk impacts the scope and extent of the audit process. Naturally, the
audit plan has to be designed or re-evaluated to accommodate such a risk. This process has been
summarized and tabulated with the help of key pointer as under:
Any identified material weaknesses to internal control shall be communicated on a timely basis to
TCWG. Material weaknesses in control which merit the attention of TCWG are enumerated as
under:
➢ The likelihood of deficiencies and weaknesses in control leading to the financial statement
being materially misstated.
➢ Susceptibility of assets to losses owing to fraud/theft/misappropriation
➢ Subjectivity in determining amounts of estimates
➢ Important reporting quadrants of the financial statements like Revenue, EBIT, etc. being
exposed to deficiencies in control leading to these amounts being materially misstated.
1. Deficiency Identified:
• The nature and description of why a particular aspect in the operating or
financial process is highlighted as deficient.
• The reason for highlighting such a deficiency can be supported with evidence or
in case it is driven by the auditor’s professional judgement, the same shall have
to be elaborated upon.
Case: The auditor has observed that some sales invoices are missing from the sales master file.
You are required to prepare a report to be addressed to TCWG identifying the deficiency,
consequence and recommendation for the above case.
Deficiency:
Sales invoices are missing from the sequentially numbered invoice file.
Chapter 8: Systems and Controls 140
Consequence:
a. Sales are not completely recorded leading to reported revenue figures being understated
and eventually misstated.
b. Accounts receivables for credit sales will not be completely recorded leading to lapses in
cash collection and understated current asset position in the financial statements.
c. There will be an impact on the reported liquidity and operating profit figures of the entity.
Recommendation:
1. All invoices should be sequentially marked and filed by the sales department in the sales
information system.
2. Accounts department should be granted limited or restricted access to this information
system for the purposes of reconciliation
3. The accounts department is recommended to perform regular checks to ensure
completeness in reported revenue figures.
4. Missing items should be investigated and copies should be requested for.
Chapter 8: Systems and Controls 141
1. Internal control systems are reliant on IT in the form of information systems and
programs. Here there are two risk factors:
a. Systems and programs processing data inaccurately owing to errors or flaws in
program design.
b. Systems and programs processing data that is inaccurate due to human errors in input
and capture of data
2. Unauthorized access to data results in destruction of data or improper changes to data
which include:
a. Recording of unauthorized or non-existent transactions
b. Inaccurate recording of transactions
This risk is amplified when multiple users access a common database.
3. Unauthorized changes to data in master files
4. Unauthorized changes to systems and programs
5. Failure to make necessary changes and upgrades to systems and programs
6. Inappropriate manual intervention
7. Potential loss of data or inability to access data as required.
8. The possibility of IT personnel gaining access beyond the degree necessary to perform
assigned duties thereby breaking down segregation of duties and authorization.
In the above process, existing knowledge of the client’s systems and operations plays a crucial
role. Here due consideration has to be made for changes that have occurred in the client’s
systems and process improvement that have occurred between the previous audit period and the
current one.
These changes result in certain controls becoming redundant as they no longer address or counter
a significant risk. Although International standards on audit prescribe a test of controls every third
audit i.e. after every three years, professional experiences unanimously dictate a test of controls
to be performed before a fresh audit commences every year.
a. Narrative notes
b. Flowcharts
c. Questionnaires
d. Internal control evaluation questionnaires
e. Organization charts
The objectives of controls in the purchase system have been serially tabulated as under:
B. Sales System
Chapter 8: Systems and Controls 145
The objectives of controls in the sales system have been serially tabulated as under:
6 Cash collection a. Depending on the terms and condition of the contract, cash
shall be collected from the buyer. Here cash collection
implies an electronic fund transfer as well.
b. Collection teams should ensure the collection of cash as per
the contractually agreed upon period. In case there are
delays, applicable fines, penalties and interest should be
levied if the contract stipulations permit.
c. Credit should be granted only based on the customer’s
credit worthiness and market reputation with respect to
payment.
d. New customers/ first time dealings should not be granted
credit unless they become repeat buyers across 1 or 2
reporting periods.
Chapter 8: Systems and Controls 147
C. Payroll System:
Chapter 8: Systems and Controls 148
The objectives of controls in the sales system have been serially tabulated as under:
2. Authorization:
• Payments made only after approval of authorizing personnel is received. This shall
ensure that personal expenses or non-business expenses are not charged to
company account.
3. Physical safeguards:
• Cash is kept under lock and key to prevent theft
4. Monitoring:
• Timely records of cash movement are maintained and tallied against the bank
pass book.
Summarized below are certain objectives and the corresponding controls that help those
objectives:
Also, weekly reconciliation of bank balances between the accounting records and the actual
banked balance are a must to ensure that the cash collection and deposit mechanism is
uncompromised.
Inventory system:
Inventories are often material to the financial statements. The receipt, issue to production, sale,
valuation, closing balance and order placement of inventory are areas that require requisite
controls. The objectives of inventory control systems are listed as under:
1. Operational efficiency:
• The inventory levels should meet the requirements of production and customer
demand.
• Inventory levels should be optimally maintained by applying disciplines like only
ordering economic order quantities
2. Completeness:
• All inventory movement in and out of the entity should be completely recorded.
3. Valuation:
• Irrespective of the method used to record and account for inventory which
could be FIFO, Weighted Average or LIFO (used only in US GAAP), the items of
inventory should be valued and reported at the lower of cost or net realizable
value. Only in case of exceptional circumstances laid out in IAS 2 is inventory
allowed to be valued and reported at its replacement cost.
4. Title of Inventory:
• Only inventory that the entity has a title over i.e. ownership is recorded in the
financial statements
• This covers goods sent on consignment basis and goods sent on approval or
return basis.
5. Physical safeguards:
• Physical safeguards include the secure storage of the items of inventory that
prevent theft
• Also, maintaining a clean, hygienic, ventilated and secure storage space ensure
that inventory is protected from physical damage – in the case of perishable
goods like food products damage caused by pests can lead to heavy losses.
Chapter 8: Systems and Controls 151
Summarized below are certain objectives and the corresponding controls that help those
objectives:
Table of contents:
12. The need for internal audit
13. The difference between internal and external audit
14. The scope of internal audit
- Additional roles of the internal auditor
- Periodic reviews to be performed by the internal audit function
15. The essential qualities of an internal auditor and an effective internal audit function
16. Limitations of internal audit
17. Outsourcing the internal audit function – Pros and Cons
18. Internal audit assignments
d. Operational audits
e. Audit of IT systems
19. Reporting
The role of internal audit as a function and the internal auditor as an employee or consulting
professional is to ensure that the entity has an effectively functioning control environment, which
automatically reduces the risk of errors or fraud. The need for internal audit is driven by:
Internal audit does not provide any assurance, there is no opinion, there is no attestation. Internal
audit is a deep dive into the operating, financial and administrative nitty-gritties of an entity to
ensure that revenues do not leak away and costs are controlled and wherever necessary bridged.
Embedding efficiency is the underlying flavour by ensuring that all wastages are plugged and
avoided. Internal audit has no defined end -point. It is perpetual in nature just like the entity.
Chapter 9: Internal Audit 153
Within the above scope, the key activities to be performed by the internal auditor are
summarized as:
In addition to the above key activities, the internal auditor also performs the following functions:
Periodic and continuous review as applicable, is the critical success factor of internal audit. The
following reviews have to be regularly undertaken by the internal audit function to ensure
effectiveness and value addition to the reporting entity:
The function of internal audit although an efficiency booster faces its own limitations. These
limitations are driven by the nature and type of entity using the internal audit function. There can
never be a one size fits all internal audit function across industries or even for companies within
the same industry as each entity has its own distinct risk fingerprint.
The generic limitations of internal audit have been listed down as under:
An in-house internal auditor or internal audit function are employees of the company. The
employer-employee relationship between the internal auditors and the company creates a clear
lack of independence. While organizations do strive to achieve the highest degrees of effective
corporate governance, an in-house internal audit function will always be driven by the tone at the
top. Despite the best intent of the internal auditor, the scepticism that they are executing the
ulterior motives of the management will always play large in the mind of an external observer.
Without the element of independence, the internal auditor may not be able to effectively challenge
prevalent management practices and policies.
Chapter 9: Internal Audit 158
The internal audit function must be overarching as an observer and course corrector over all
functional departments and functions in an organization. However most small and mid-size
companies integrate the internal audit function with the finance function. Fundamentally the act of
performing accounting and financial management is distinct form establishing internal controls over
effective financial reporting and financial management. The internal audit function is multi-
disciplinary and integrating it with the finance function reduces the overall effectiveness of internal
audit.
3. Familiarity threat:
The internal auditor and internal audit function has access to all the functional departments of an
organization making them privy and party to sensitive organizational information. The employment
longevity i.e. longer duration of staying employed with the organization increases the possibility of
leniency and overlooking smaller control defects and flaws. This greatly increases risk in cases of
unforeseen or undealt challenges.
1. Independence:
Essentially, organizations enter into professional services contracts with professional
internal audit service providers to avail their internal audit services and expertise. These
professional firms follow high standards of professionalism and adhere to the ethical code
of conduct prescribed by professional bodies such as the Association of Chartered Certified
Accountants, Institute of Chartered Accountants of England and Wales, etc. This enables a
strong degree of independence to be maintained on the part of the internal auditor. In
addition to this, an external service provider is free to resign an assignment which
raises/creates concerns regarding their independence in case of pressure or non-
cooperation from the management of the auditee entity.
4. Confidentiality agreements:
Professional services firms have sacrosanct clauses of confidentiality with respect to client
privacy, data and information acquired in the course of the engagement. This creates a
protected environment enabling the client to share sensitive information about their
business which is then used by the internal auditor to provide better solutions.
2. Contractual constraints:
Engagements with contractual firms are driven by iron clad agreements that make
scope revision and value additions difficult. The service providers may lack flexibility
and availability owing to having to adhere to the contractual requirements.
An assignment is analysed for its ability to deliver value for money based on three indicators – the
3 Es as under:
Value for money assignments aim at receiving the best possible services at the most economical
and justifiable cost. An organization must aim to maximize the value of services it receives for the
costs it bears.
Performance indicators help determine if the possible value for money has been received for the
cost borne. These indicators differ from company to company and industry to industry. The
highest applicability of the value for money criteria is observed in public sector or not for profit
organizations.
Here students need to understand that acquiring resources for a cheap/economical rate in
isolation is not value for money.
Take for instance a material supplier who supplies materials at a rate 25% cheaper/lower than the
prevailing market rate. However, if these materials are used, they require 50% more quantity as the
cheap price results in low quality materials that do not withstand a robust manufacturing process.
Operational Audit:
Chapter 9: Internal Audit 161
1. Appraisal of costs
2. Evaluation of performance
3. Appraisal of objective and plans
4. Appraisal of organizational structure
Audit of IT systems:
In an increasingly digitized world, enterprises use IT not merely for data processing or recording
transactions. The role of IT has become far more strategic and focused towards creation of a
competitive advantage. IT as a function has progressed from data processing to Management
information systems to Decision Support Systems to an automated online business enabler.
The external auditor is more concerned with the accuracy and fairness in financial reporting that
IT enables an organization to achieve. However, the internal auditor has to view IT more from a
value for money vantage point. The internal auditor considers the following aspects for an audit
of IT systems:
1. Segregation of duties for the procurement of IT assets and resources
2. Controls used to Safeguard IT assets and resources
3. Controls used to identify maintenance requirements for IT assets and resources
4. If the reliance of the organization on IT is more from an operational standpoint, the
internal auditor has to ensure that IT is contributing towards the achievement of business
objectives.
The internal auditor has to ensure that IT as a function contributes to business process and
business objectives. For this the internal auditor has to evaluate the effectiveness of the IT
function at the following levels:
a. Strategy and planning
b. Management control
c. Operations and execution including operational control.
Chapter 9: Internal Audit 162
Financial Audit:
The aim of any reporting system is to create reliable information. An effective financial reporting
system aims to create information that is:
• Accurate
• Complete
• Timely and efficient
Such information acts a compass for the management and those charged with governance in
overseeing the functioning, operations and overall management of the company/entity.
Stakeholders like shareholders, investors, lenders, vendors, etc. also derive directional and
decision-making utility from such information.
• Financial statements
• Monthly management information systems
• Financial projections and forecasts
• Interim financial information used by management
• Crux/ crucial ledgers used in decision making
Internal audit is a tool for managing and mitigating risk. Internal audits around financial
information aims to ensure that the information presented is:
Internal audit around financial information is a valuable input for internal decision making. This
process helps the decision makers of an entity assess the financial health of the business. Internal
auditor of financial information focuses on processes and control that are in place to ensure the
creation of financial information. Also, there are triggers instituted that help identify risks such as:
Reporting
The external auditor’s report is subject to defined format that has been laid down as per applicable
corporate laws of the country or region in question. These laws draw references from the
International Standards on Auditing (ISA). Each country or region has a professional regulator that
oversees the audit profession, for instance in India the Institute of Chartered Accountants of India
(ICAI) lays down standards on auditing in consultation with the Indian Ministry of Corporate Affairs
(MCA), these standards prescribe a format for the external auditor’s report.
However, the need for internal audit the need may not always be pronounced by law or regulation.
Internal audit is need based, case/project specific where the finds are meant to act as inputs for the
management to bring about improvements in or maintain a certain level of efficiency.
While external audit reports are public documents that certify the authenticity of the financial
statements, internal audit reports are internal documents that focus on the overall process
efficiency of the organization. These reports are focused on improving and maintaining internal
controls across various operational, financial and administrative processes.
Table of contents:
1. Directional testing
2. Audit of:
• Share capital
• Reserves and surplus
• Borrowings
• Trade receivables
• Cash and cash equivalents
• Inventories
• Tangible Fixed assets
• Intangible fixed assets
• Trade Payables
• Revenue / Sales
• Purchases
• Employee benefits
• Depreciation/Amortization
• Other expenses – Vanilla items
• Audit of Not-for-profit organizations
Directional Testing
• Direction al testing is the technique applied to test debit and credit entries.
• Directional testing is applied as under:
a. Tests for understatements – Bottom-up approach
b. Tests for overstatements Top-Down approach
Income statement
(a) Occurrence: Transactions recognized in the Income statement have occurred and relate to the
entity.
(b) Completeness: All transactions that were supposed to be recorded have been recognized in the
Income statement and further, transactions have been recognized in the correct accounting
periods.
(c) Cut-off: Whether all income and expenses are reported in the correct accounting period. Cut-off
is a separate assertion because the substantive procedures to verify it are typically different from
those applied to the other components of completeness.
(d) Measurement: Transactions have been recorded accurately at their appropriate amounts and
further, transactions have been classified and presented fairly in the income statement.
(e) Presentation and Disclosure: Transactions have been classified and presented fairly in the
financial statements. Presentation and disclosure assertions are considered during the course of
the audit to determine that disclosures are complete and accurate.
Balance Sheet
(a) Existence: Assets, liabilities and equity balances exist as at the period end.
(b) Completeness: All assets, equity and liabilities balances that were supposed to be recorded have
been recognized in the balance sheet
(c) Cut-off: Whether all assets and liabilities are reported in the appropriate period.
(d) Valuation: Assets, liabilities and equity balances have been appropriately valued i.e. the
amounts at which they are recorded are appropriate. There has been no overstatement or
understatement.
(e) Rights & Obligations: Entity has the right to ownership or use of the recognized assets, and the
liabilities recognized in the balance sheet represent the obligations of the entity.
Chapter 10: Procedures 166
(f) Presentation and Disclosure: Whether particular items in the FS are properly classified, described
and disclosed. Presentation and disclosure assertions are considered during the course of the audit
to determine that disclosures are complete and accurate.
Assertions to be examined:
Audit Procedure:
1. Compare the year end balances of authorised, issued and paid-up share capital, to the
previous year audited F.S.
2. If there is no change during the year, obtain a written representation from the
management that there were no changes to capital structure during the year.
3. If there is any change, obtain the certified copies of relevant resolutions passed at the
meetings of board of directors, members authorising the changes in authorised and paid-
up share capital.
4. Verify whether the paid-up capital as at the year-end is within the limits of authorised
capital.
• Where a company has issued shares at a premium, whether for cash or otherwise, company
shall transfer the amount received by it to securities premium account and state the means
in which the amount in the account can be applied.
• Auditor needs to verify whether the premium received on shares, if any, has been
transferred to a "securities premium account" and whether the application of any amount
out of the said "securities premium account" is only for the purposes mentioned above.
Any share issued by a company at a discount shall be void. Auditor needs to verify that the
company has not issued any of its shares at a discount. For this purpose, he may read the minutes
of meeting of its directors and shareholders authorizing issue of share capital and the issue price.
Chapter 10: Procedures 167
Meaning of Reserve
Reserves are amounts appropriated out of profits which are not Intended to meet any liability,
contingency, commitment or diminution in the value of assets known to exist at the date of the
Balance Sheet.
Reserves are made up of amounts appropriated out of profits, held for equalising the dividends of
the company from one period to another or for financing the expansion of the company or for
generally strengthening the company financially.
Meaning of Provisions
Provisions are amounts charged against revenue to provide for depreciation, renewal or diminution
in the value of assets or a known liability the amount of which cannot be determined with
substantial accuracy or a claim which is disputed.
Amounts contributed or transferred from profits to make good the diminution in assets values due
to the fact that some of them have been lost or destroyed, as a result of some natural calamity or
debts have proved to be irrecoverable are also described as provisions.
Provisions are normally charged to the Statement of Profit and Loss before arriving at the amount
of profit.
Reserves Provisions
It is an appropriation of profit It is a charge against profit
They are not intended to meet any liability, They are made to provide for depreciation,
contingency, or diminution in the value of renewal, or a known liability or a disputed
assets though may be made for some specific claim.
purpose, like redemption of debentures.
Reserves cannot be created unless there is a They must be created regardless of profit
profit except a few like revaluation reserves
Reserves are generally optional except few Provisions are not optional and have to be
examples like creation of Debenture made as per generally accepted accounting
Redemption Reserve, etc principles.
Chapter 10: Procedures 168
Types of Reserves
➢ Revenue Reserves:
Revenue reserves represent profits that are available for distribution to shareholders held
for the time being or any one or more purpose, eg, to supplement divisible profits in lean
years, to finance an extension of business, to augment the working capital of the business
or to generally strengthen the company's financial position.
➢ Capital Reserves:
Capital reserve represents surplus or profit earned in respect of certain types of
transactions (like sale of fixed assets at a price in excess of cost, realisation of profits on
issue of forfeited shares, etc.) which are not regarded by the directors as free for
distribution as a dividend. Capital Reserves does not include any amount regarded as free
for distribution through the Statement of Profit and Loss. Capital reserves includes share
premium, capital redemption reserve, development rebate reserve and profit on reissue of
forfeited shares.
Assertions to be examined:
➢ Existence:
To establish the existence of reserves and surplus as at the year end.
➢ Completeness: Reserves and Surplus balances that were supposed to be recorded have
been recognized in the financial statements.
➢ Presentation and disclosure: Required disclosures for reserves and surplus have been
appropriately made.
Audit Procedure
1. Compare the opening balance of reserves and surplus to the previous year audited financial
statements.
For each component of other equity, whether the company has disclosed the following (to the
extent applicable):
(5) Dividends
Audit of Borrowings
Assertions to be examined:
1. Existence: Ensure that all borrowings on the balance sheet represent valid claims by banks
or other third parties.
2. Completeness: Ensure that all borrowings have been accounted for in the books of the
company on a timely basis.
4. Presentation and disclosure: Ensure that borrowings have been presented, classified and
disclosed in the Balance Sheet in accordance with the requirements of applicable financial
reporting framework.
1. Review board minutes for approval of new lending agreements. During review, ensure that
new loan agreements or bond issuances were authorized. Ensure that significant debt
commitments were approved by the board of directors.
2. Agree details of loans recorded (interest rate, nature and repayment terms) to the loan
agreement. Verify that borrowing limits, if any, imposed by agreements are not exceeded.
3. Roll out and obtain independent balance confirmations (ISA 505) in respect of all the
borrowings from the lender (banks/ financial institutions etc.).
5. In case of Debentures, examine trust deed for terms and dates of redemption, borrowing
restrictions and compliance with covenants.
6. When debt is retired, ensure that a discharge is received on assets securing the debt.
7. Obtain Written Representation that all the liabilities which have been recorded represent
a valid claim by the lenders.
Chapter 10: Procedures 171
Roll out and obtain independent balance confirmations in respect of all the borrowings from the
lender (banks/financial institutions etc.) and perform the following:
1. Ascertain that the confirmation asks for all information likely to be relevant to the tests of
debt and related interest balances (eg, applicable interest rates, due dates, collateral and
security interests).
3. Compare the balances are per the confirmations obtained to the books of account. Ask for
reconciliations, if there are any differences and test the supporting documents for the
reconciling items on a test check basis.
Obtain a schedule of short term and long-term borrowings (including debts outstanding at the end
of the previous year, as well as any new debt or renewal of debt) showing beginning and ending
balances and borrowings taken and repaid during the year, and perform the following:
1. Consider any evidence of additional debt obtained through examination of minutes of the
board of directors, significant contracts, confirmations from banks/lenders, support for
subsequent cash disbursements (when testing payables) etc.
2. Trace the closing balances as per the schedules to the general ledger.
3. Review subsequent transactions after the end of the reporting period to determine if there
are unrecorded liabilities at year end and the transactions are recorded in the correct
period. (e.g.: Fresh loan taken near the balance sheet date)
1. Determine that the accounting policies and methods of recording debt are appropriate and
applied consistently.
(a) Test that the entity is in compliance with loan covenants and other significant provisions
of the agreements.
(b) If there are any provisions with which the entity is not in compliance, determine
whether the debt should be classified as current. If enforcement of the provisions has been
waived by the lender in case of breach of any covenant by the entity, obtain confirmation
of the waiver from the lender.
Chapter 10: Procedures 172
7. Examine the due dates on loans for proper classification between long-term and short-
term.
8. Where Instalments of long-term loans falling due within the next twelve months have
been disclosed in the financial statements (e.g. in parentheses or by way of a footnote),
verify the correctness of the amount of such instalments.
9. Examine the debt agreements for any restrictive covenants. Review restrictive covenant
and provisions relating to default and ensure disclosure thereof in the financial statements.
10. Examine the important terms in the loan agreements and the documents, if any, evidencing
charge in respect of such loans and advances. Examine whether the requirements of the
applicable statute regarding creation and registration of charges have been complied with
including disclosure of the same to the extent mandated by statute and considered
necessary for proper understanding of the user of financial statements.
11. In case the value of the security falls below the amount of the loan outstanding, examine
whether the loan is classified as secured only to the extent of the market value of the
security.
12. Examine the hire purchase agreements for the purchase of assets by the entity and
ensure the correctness of the amounts shown as outstanding in the accounts, and also
examine the security aspect.
13. Carefully review the borrowings from related parties and ensure compliance with IAS 24.
14. Verify whether liabilities towards bank in respect of bills discounted, bills negotiated,
cheques discounted, etc. are correctly reflected and disclosed in the financial statements.
15. The auditor should also verify that the amount borrowed is within the borrowing powers
of the company as laid down by the Articles of Association and Memorandum of
Association.
Chapter 10: Procedures 173
Assertions to be examined:
It is important to carry out Test of Controls for checking the effectiveness of internal control over
sales as a part of the debtors' audit procedure. Following points need to be considered in respect
of trade receivables:
Audit Procedure
➢ Check whether there are controls in place to ensure that invoices cannot be recorded more
than once and receivable balances are automatically recorded in the general ledger from
the original invoice.
➢ Ask for a period-end accounts receivable ageing report and trace the balance as per the
report to the general ledger.
➢ Check whether realization is recorded invoice-wise or not. If not, check that money
received from debtors is adjusted chronologically invoice-wise and on FIFO basis f.e.
previous bill is adjusted first.
➢ If any large balance is due for a long time, auditor should ask for reasons and justification
for the same.
Chapter 10: Procedures 174
➢ A list of trade receivables selected for confirmation should be given to the entity for
preparing request letters for confirmation which should be properly addressed.
➢ The auditor should maintain strict control to ensure the correctness and proper despatch
of request letters. It should be ensured that confirmations as well as any undelivered
letters are returned to the auditor and not to the client.
➢ Any discrepancies revealed by the confirmations received or by the additional tests carried
out by the auditor may have a bearing on other accounts not included in the original
sample. The Company should be asked to investigate and reconcile the discrepancies, if
any, Where no reply is received, the auditor should perform alternate procedures
regarding the balances. This could include:
• Agreeing the balance to cash received subsequently;
• Preparing a detailed analysis of the balance, ensuring it consists of Identifiable
transactions and confirming that these revenue transactions actually occurred.
(Examination In depth for those balances)
➢ If there are any related party receivables, review them for collectability as well as whether
they were properly authorized and the value of such transactions were reasonable and at
arm's length.
➢ Check that receivables for other than sales or services are not included in the list.
➢ Review a trend line of sales and accounts receivable, or a comparison of the two over time,
to check if there are any unusual trends Le. perform Analytical procedures. Make inquiries
about reasons for changes in trends with the management and document the same in audit
work papers.
Completeness assertion in respect of account balances means that all pleteness" balances which
should have been recorded have been recorded. The auditor needs to satisfy himself about cut off
so that there is no understatement or overstatement in account balances of trade receivables.
In this context, while verifying completeness assertion of trade receivables, following audit
procedures are required:
a. Check that in respect of invoices raised in last few days nearing the cut off date, goods have
been actually dispatched and not lying with the company.
b. Check stock records, e-way bill, and transporter receipt regarding actual movement of
goods. It would provide assurance that export invoices in respect of which revenue was
booked have been actually moved out of company's premises.
c. Ensure that all goods invoiced prior to cut off date/year end have been included in
receivables on test check basis.
Chapter 10: Procedures 175
d. Ensure that no goods dispatched after year end have been included in receivables by tracing
entries in sales, stock records of next year. The same can be verified from e-way bills also
match invoices to dispatch/shipping details. Further match invoices dates to dispatch dates
to see if sales are being recorded in correct accounting period.
e. Test invoices in receivable report. Select invoices from ageing report of receivables and
compare them with supporting documentation to ensure that these are billed with correct
names, dates and amounts.
➢ Review the process followed by the Company to derive an allowance for doubtful accounts.
This will include a consistency comparison with the method used in the last year, and a
determination of whether the method is appropriate for the underlying business
environment.
➢ Obtain the ageing report of accounts receivable (both Dr/Cr balance). split between not
currently due, 30 days old, 30-60 days old, 60-180 days old, 180-365 days old and more
than 365 days old.
➢ Also, obtain the list of debtors under litigation and compare with previous year.
➢ Scrutinize the analysis and identify those debtors which appear doubtful; discuss with
management about reasons as to why these debtors are not included in the provision for
bad debts. Perform further testing where any disputes exist.
➢ He should check if provisions are made at appropriate rates considering the recoverability
of amounts due.
➢ Prepare schedule of movements of bad debts - Provision accounts and debts written off
and compare the proportion of bad debt expense to sales for the current year in
comparison to prior years to see if the current expense appears reasonable.
➢ Check that write-offs of the receivable balances have been approved by an appropriate
authority.
1. The auditor employs direct confirmation procedure with the consent of the entity under
audit. If management does not allow the auditor to seek confirmation from certain trade
receivables, the auditor should consider whether there are valid grounds for such a request.
2. While determining the information to be obtained, the auditor should consider all relevant
factors such as the effectiveness of internal control, the apparent possibility of disputes,
inaccuracies or irregularities in the accounts and the materiality of the amounts involved.
3. The trade receivables may be requested to confirm the balances either
(b) as at any other selected date which is reasonably close to the date of the balance sheet
4. Where the auditor decides to confirm the trade receivables at a date other than the balance
sheet date, he should examine the movements in debtor balances which occur between the
confirmation date and the balance sheet date and obtain sufficient evidence to satisfy himself that
debtor balances stated in the balance sheet are not materially misstated.
Chapter 10: Procedures 176
7. Any discrepancies revealed by the confirmations received or by the additional tests carried out
by the auditor may have a bearing on other accounts not included in the original sample. The entity
should be asked to investigate and reconcile the discrepancies.
8. In addition, the auditor should also consider what further tests he can carry out in order to satisfy
himself as to the correctness of the amount of trade receivables taken as a whole.
Auditor may also perform below mentioned analytical review procedures as a means of obtaining
audit evidence regarding the various assertions relating to trade receivables, loans and advances:
• comparison of closing balances of trade receivables, loans and advances with the
corresponding figures for the previous year,
• comparison of the relationship between current year debtor balances and the current year
sales with the corresponding figures for the previous year;
• comparison of actual closing balances of trade receivables, loans and advances with the
corresponding budgeted figures, if available;
• comparison of current year's aging schedule with the corresponding figures for the previous
year;
• comparison of significant ratios relating to trade receivables, loans and advances with the
similar ratios for other firms in the same industry, if available;
• comparison of significant ratios relating to trade receivables, loans and advances with the
industry norms, if available.
Chapter 10: Procedures 177
Assertions to be examined:
• Existence: To establish the existence of cash and cash equivalent balances as at the year-
end.
• Completeness: Cash and cash equivalent balances that were supposed to be recorded have
been recorded in the balance sheet.
• Valuation: Cash and cash equivalent balances have been valued appropriately.
• Presentation and Disclosure: Required disclosures for cash and cash equivalents have been
appropriately made.
Audit procedures:
1. The auditor should carry out physical verification of cash at the date of the balance sheet.
However, if this is not feasible, physical verification may be carried out, on a surprise basis, at any
time shortly before or after the date of the balance sheet and reconcile the balance shown in the
financial statements with the results of the physical verification considering the transactions for
intervening period.
2. If there are more than one cash balances, e.g, when there is a cashier, a petty cashier, a branch
cashier and, in addition, there are imprest balances with employees, all of them should be checked
simultaneously, as far as practicable so that the shortage in one balance is not made good by
transfer of amount from the others.
3. It is desirable for the cashier to be present while cash is being counted and he should be made
to sign the statement prepared containing details of the cash balance counted along with
denomination of cash. If he is absent at the time the cash is being verified, he may hold the auditor
responsible for the shortage, if any, in cash.
4. If there is any rough Cash Book or details of daily balance are separately kept, the auditor should
test entries from the rough Cash Book with those in the Cash Book to prove that entries in the Cash
Book are correct.
5. If the auditor finds any slip, chit or 1.0.U.s in respect of temporary advances paid to the
employees included as part of the cash balance, he should check whether those are approved by
an authorized official and recorded in the appropriate accounts.
6. The auditor should also perform a cash sensitivity analysis by compiling a summary of total cash
receipts and payments each month and analyzing the trends to see if there have been variations in
any specific month and request brief descriptions from the management.
Chapter 10: Procedures 178
1. The auditor needs to obtain bank reconciliation statements (BRS) for all bank accounts
maintained by the entity as at the reporting period and additionally need to understand the client's
process and periodicity of making the BRS.
2. Auditor should ensure that BRS is signed by the authorized personnel so that he is able to assign
responsibility in case of any errors.
(a) Tallying the balance as per bank book to the bank confirmation/statement.
(b) Checking of all material reconciling Items included under cheques issued but presented
for payment to the underlying bank book forming part of books of account. In addition, the
auditor should request for bank statements of subsequent period and should verify if the
cheques issued have subsequently been cleared by the bank. For all cases where cheques
have become stale i.e. 3 months or more have lapsed since the issue date, the same should
not appear in the BRS and should instead be taken back to liabilities.
(c) Checking of all material reconciling items included under cheques deposited but not
credited by bank by requesting for bank deposit slips, duly acknowledged by bank and
verifying if the balances were credited by bank subsequently by tallying to the bank
statement of subsequent period. For any instances related to cheques not cleared beyond
reasonable time, the auditor should seek brief descriptions from the management and in
case such explanations are found to be unsatisfactory, the auditor should verify therevenue
recognition related to such parties was in order and as per the Company's revenue
recognition policy.
(d) Checking of all material reconciling items included under amounts or charges
debited/credited by bank but not accounted for by requesting for bank statements for the
period under audit and tallying the same. If the amounts are found to be material, the
auditor should ensure that the management records the adjustments for the same in its
books of account. If management does not adjust, the auditor shall consider to qualify his
report.
(a) Auditor is required to confirm all year end account balance maintained with the bank.
(b) In case of any discrepancies, client should be asked to investigate and reconcile the
discrepancies, including seeking written explanations/clarifications from the banks/financial
Institutions on any unresolved queries.
(c) Auditor should emphasize for confirmation of 100% of bank account balances. In remote
situations were no reply is received, the auditor should perform additional testing regarding the
balances. This testing could include:
In addition to the procedures performed above, the auditor should ensure that all bank accounts
holding foreign currency have been restated at the closing exchange rates as per applicable PRY.
Audit of Inventories
Assertions to be evaluated
Auditor’s procedures
To establish Existence
5. When the entity uses periodic system for inventory count, it should be undertaken at the end of
the period. If the entity uses perpetual system with proper and adequate records, inventory may
be counted at interim dates.
6. Confirm or investigate any inventory of the entity lying with a third party (specifically relevant
for cases where the entity gets job work done in its process of production).
1. Perform analytical procedures (comparison tests with industry averages, budgets, prior years,
trend analysis, etc.).
3. Perform purchase and sales cut-off tests. Trace shipping documents (bills of lading and receiving
reports, warehouse records, and inventory records) to accounting records immediately before and
after year-end.
4. With respect to tagged inventory, perform tests for omitted transactions and tests for invalid
transactions.
8. Reconcile inventories which belong to client but are held with third parties like transporters,
warehouses, port authorities, etc.
9. Goods received on consignment basis have been properly segregated from other items of
inventory.
Chapter 10: Procedures 181
7. Examine invoices for evidence of ownership i.e. the invoices shall be in the name of the client.
8. Auditor shall obtain confirmation for significant items of inventory as per SA 501.
9. For instances of inventory held by third party, the auditor should insist on obtaining declaration
from the third party on its business letterhead and signed by an authorized personnel of that third
party confirming that the items of inventory belong to the entity and are being held by such third
party on behalf of and for the benefit of the entity under audit.
Chapter 10: Procedures 182
Auditor is required to analyze the expenditure incurred on PPE, whether they are of Revenue or
Capital in nature. Capital expenditure should be added to the cost of PPE. The following expenses
shall qualify as capital expenditure:
Certain revenue expenses, if incurred for creating an asset or adding to its value for achieving higher
productivity, are regarded as expenditure of a capital nature. Examples of such expenditure are:
(1) Material and wages expended on the construction of a building or erection ofmachinery.
(2) Legal expenses incurred in connection with the purchase of land or building.
(6) Interest paid for the qualifying period as per AS-16 L.e. before the asset is constructed.
Whenever, therefore, a part of the expenditure, ostensibly of a revenue nature, is capitalised It is
the duty of the auditor not only to examine the precise particulars of the expenditure but also the
considerations on which it has been capitalised.
The revenue expense like regular repairs on assets have to be charged off to the Statement of Profit
and Loss.
Assertions to be examined
• Existence: To establish the existence of tangible fixed assets (PPE) as at the year end
• Completeness: To ensure that additions to PPE during the period under audit have been
recorded in the financial statements and do not include any PPE that belong to third parties
but does include PPE owned and controlled by the entity although lying with a third party
• Rights and Obligations: The entity has valid legal ownership rights over the PPE claimed to
be held by the entity and recorded in the balance sheet.
• Valuation: PPE have been valued appropriately and as per generally accepted accounting
policies and practises
• Presentation and Disclosure: Required disclosures for PPE have been appropriately made.
Chapter 10: Procedures 183
Verification procedure:
(i) Review entity's plan for performing physical verification of PPE Le. whether performed by own
staff or by a third party and the policy regarding periodicity Le. whether physical verification shall
be done on annual basis or once in two years/three years.
(ii) Evidence of appropriate supervision of those performing physical verification of PPE should be
examined.
(iii) Obtain PPE physical verification report backed by the working sheets from the entity and
perform the following procedures:
- Assess if all items of PPE are properly tagged and carry identification marks/numbers and
physical verification work papers do capture the asset identification numbers for assets
physically verified.
- Reconciliation of items of PPE as physically verified with the fixed asset register maintained
by the entity as at the date/period of undertaking physical verification. Specifically verify if
the PPE additions up to the date of physical verification have been updated in the fixed
asset register.
- Verify the discrepancies noted, based on physical verification undertaken and the manner
in which such discrepancies have been dealt with in the entity's books and F.S. For example,
any identified shortages/assets not in working condition and/or active use should be
accounted for as deletions in the books of account post approvals by the entity's
management and depreciation should have ceased to be charged after the date of deletion.
To establish Completeness
(i) Verify the movement in the PPE schedule compiled by the management i.e. Opening balances +
Additions during the period Deletions during the period Closing balances. Tally the closing balance
to the entity's books of account.
(iii) Tally the opening balances to the previous year audited F.S.
(iv) For additions during the period under audit, obtain a listing of all additions from the
management and perform the following procedures:
• For all material additions, verify if such expenditure meets the criteria of PPE as per AS 10.
These costs include costs incurred initially to acquire or construct an item of PPE and costs
incurred subsequently to add to, replace part of, or service it.
• Verify that the cost of an item of PPE is as per AS 10. Verify and ensure that items such as
spare parts, stand-by equipment and servicing equipment are recognised as PPE only when
they are held for more than one period as per the requirements of AS.
Chapter 10: Procedures 184
• Ensure that the entity is not recognizing costs of the day-to-day servicing in the carrying
amount of an item of PPE.
• Test the purchase invoice, installation certificate or report or other similar documentation
maintained by the entity to verify the date of addition, for all additions samples of PPE
during the period under audit.
• Verify whether the PPE additions have been approved by authorized personnel.
• Verify whether proper internal processes and procedures like inviting competitive
quotations/floating tenders etc. were followed prior to finalising the vendor for procuring
items of PPE awarding of work contract for capital projects by checking the supporting
documents of the samples selected.
(v) In relation to deletions to PPE, understand from the management the reason and rationale for
deletion (example could be new purchase of similar asset once the old asset was no longer fit to be
used in production process) and the manner of disposal.
• Obtain the management approval and discard note authoring disposal of the asset from its
active use.
• Verify the process followed for sale of discarded PPE, for example- inviting competitive
quotes, tenders and the basis of calculation of sales proceeds.
• Verify that the management has accurately recorded the deletion of PPE (original cost and
accumulated depreciation up to the date of disposal) and the resultant gain/loss on disposal
of PPE item in the entity's books of account.
To establish Valuation
Value of PPE depreciates due to efflux of time, use and obsolescence. The diminution of the value
represents an item of cost to the entity for earning revenue during a given period. Unless this cost
in the form of depreciation is charged to the accounts, the profit or loss would not be correctly
ascertained and the values of PPE would be shown at higher amounts.
(i) Verify that the entity has charged depreciation on all items of PPE unless any item of PPE is non-
depreciable like freehold land.
(ii) Assess that the depreciation method used reflects the pattern in which the asset's future
economic benefits are expected to be consumed by the entity. It could be SLM, diminishing value
method, unit of production method, as applicable.
(iii) The auditor should also verify whether management has done an impairment assessment to
determine whether an item of property, plant and equipment is impaired as per the requirements
of AS 28 -Impairment of Assets.
Chapter 10: Procedures 185
(i) In addition to the procedures undertaken for verifying completeness of additions to PPE during
the period under audit, the auditor while performing testing of additions should also verify that all
PPE purchase invoices are in the name of the entity that entitles legal title of ownership to the
respective entity.
(ii) For all additions to land and building in particular, the auditor should check the conveyance
deed/sale deed to verify whether the entity is the legal and valid owner or not.
(iii) The auditor should insist and verify the original title deeds for all Immovable properties held as
at the balance sheet date.
(iv) In case the entity has given such immovable property as security for any borrowings and the
original title deeds are not available with the entity, the auditor should request the entity's
management for obtaining a confirmation from the respective lenders that they are holding the
original title deeds of immovable property as security.
(v) In addition, the auditor should also verify the register of charges, available with the entity to
assess that any charge has been created against the PPE.
An Intangible asset is an identifiable non-monetary asset, without physical substance, held for use
in the production or supply of goods or services, for rental to others, or for administrative purposes.
Examples: Computer software, patents, copyrights, motion picture films, franchises, marketing
rights etc. Goodwill is another example of an item of intangible nature which either arises on
acquisition or may be internally generated.
Assertions to be examined:
Audit Procedures
1. Auditor should ensure that intangible asset should be recognised only if-
(a) it is probable that the future economic benefits that are attributable to the asset will
flow to the enterprise; and
2. Ensure that at initial stages, intangible asset should be measured at cost. After initial recognition
an intangible asset should be carried at its cost less any accumulated amortisation and any
impairment losses.
3. For verifying the existence of software, the auditor should verify whether such software is in
active use by the entity and for the purpose, the auditor should verify the sale of related
services/goods during the period under audit, in which such software has been used.
4. For verifying the existence of design/drawings, the auditor should verify the production data to
establish if such products for which the design/drawings were purchased, are being produced and
sold by the entity.
5. In case any intangible asset is not in active use, deletion should have been recorded in the books
of account post approvals by the entity's management and amortization charge should have ceased
to be charged beyond the date of deletion.
Chapter 10: Procedures 187
1. Verify the movement in the intangible assets schedule compiled by the management i.e. Opening
balances + Additions - Deletions = Closing balances.
For additions during the period under audit, obtain a list of all additions from the management and
undertake the following procedures:
(i) For all material additions, verify whether such expenditure meets the criterion for recognition of
an intangible asset as per GAAP.
(ii) Ensure that no cost related to research gets recognized as intangible asset
(iii) Check the certificate or report or other similar documentation maintained by the entity to verify
the date of use of the intangible which could be linked to date of commencement of commercial
production/economic use to the entity, for all additions to intangible assets during the period under
audit.
(iv) Verify whether the additions (acquisitions) have been approved by appropriate entity's
personnel.
(v) Verify whether proper internal processes and procedures like Inviting competitive
quotations/proper tenders etc. were followed prior to finalizing the vendor for procuring item of
intangible assets by testing those documents on a sample basis.
(vi) In relation to deletions of intangible assets, understand from the management the reason and
rationale for deletion and the manner of disposal. Obtain the management approval and disposal
note authoring disposal of the asset from Its active use.
(vii) Verify the process followed for sale of discarded asset, example inviting competitive quotes,
tenders and the basis of calculation of sales proceeds.
(viii) Verify that the management has accurately recorded the deletion of Intangible asset (original
cost and accumulated amortization up to the date of disposal) and the resultant gain/loss on
disposal in the entity's books of account.
(1) Verify that the entity has charged amortization on all intangible assets,
(2) Verify that the amortization method used reflects the pattern in which the asset's future
economic benefits are expected to be consumed by the entity.
(3) The auditor should also verify whether the management has done an impairment assessment
to determine whether an intangible asset is Impaired. For this purpose, the auditor needs to verify
whether the entity has applied GAAP for determining the manner of reviewing the carrying amount
of its intangible asset determining the recoverable amount of the asset to determine impairment
loss, If any.
Chapter 10: Procedures 188
In addition to the procedures for verifying completeness of additions to intangible assets during the
period under audit, the auditor while performing testing of additions should also verify that all
expense invoices/purchase contracts are in the name of the entity that entitles legal title of
ownership to the entity.
Classification of Liabilities
A liability shall be classified as current when it satisfies any of the following criteria:
(c) it is due to be settled within twelve months after the reporting date; or
(d) the company does not have an unconditional right to defer settlement of the liability for at least
twelve months after the reporting date. Terms of a liability that could at the option of the
counterparty, result in its settlement by the issue of equity Instruments do not affect its
classification.
Assertions to be examined
• Existence: To ensure the existence of trade payables and other current liabilities as at the
year end.
• Completeness: To ensure that trade payables and liability balances that were supposed to
be recorded have been recognized in the financial statements.
• Valuation: To ensure that trade payables and other liability balances have been valued
appropriately.
• Presentation and Disclosure: To ensure that required disclosures for trade payables and
other liabilities have been appropriately made.
To establish Existence
(1) Check whether there are controls in place to ensure that any purchase/expense invoice does
not get recorded more than once and payable balances are automatically recorded in the general
ledger at the time of recording of expense.
(2) Obtain the accounts payable ageing report and trace its balances to the general ledger. If there
are any differences, investigate reconciling items. Journal entries specially for large amounts should
be carefully examined.
Chapter 10: Procedures 189
1. The verification of balances by direct communication with trade payables is theoretically the best
method of ascertaining whether the balances are genuine, accurately stated and undisputed,
particularly where the internal control system is weak.
2. The auditor employs direct confirmation procedure with the consent of the entity under audit.
There may be situations where the management of the entity requests the auditor not to seek
confirmation from certain trade payables. In such cases, the auditor should consider whether there
are valid grounds for such a request. Before accepting a refusal as justified, the auditor should
examine any available evidence to support the management's explanations, eg, correspondence
between the entity and the trade payables.
3. While determining the information to be obtained, the form of confirmation, as well as the extent
and timing of application of the confirmation procedure, the auditor should consider all relevant
factors such as the effectiveness of internal control, the apparent possibility of disputes,
inaccuracies or irregularities in the accounts, the probability that requests will receive
consideration, and the materiality of the amounts involved.
(b) as at any other selected date which is reasonably close to the date of the balance sheet.
5. The form of requesting confirmation from the trade payables may be either
(a) the 'positive' form of request, wherein the creditor is requested to respond whether or not he
is in agreement with the balance shown, or
(b) the 'negative' form of request, wherein the creditor is requested to respond only if he disagrees
with the balance shown.
To establish completeness:
(1) The auditor needs to perform the following cut off procedures:
- For the last 5 invoices received/recorded at the end of the reporting date (cut off date)
and which have been included in the trade payables; the goods should have been
received/risk and rewards of ownership in goods should have been transferred in favour of
the entity;
- All goods received prior to the period/ year-end should have been booked in the form of
purchases and included in trade creditors.
(2) Test purchases/expenses on a sample basis selecting the same from the accounts payable
ledgers and checking their supporting documents to ensure that the purchases were recorded at
the correct amounts and correct dates.
(3) Match purchase invoice dates to the gate entry (inward) dates to check whether the purchases
are being recorded in the correct accounting period. This can include an examination of
purchase/expense invoices received subsequent to the period being audited, to see if they should
have been included in the period under audit.
(4) Review subsequent expense vouchers. Review all material expense vouchers recorded post the
balance sheet date to see if they relate to transactions from within the audit period.
Chapter 10: Procedures 190
(5) For advance received from customers/revenue received in advance, obtain the customer wise
listing along with its ageing and the nature. Verify if any advances are outstanding beyond 6 months.
Enquire from the entity's management if there has been any dispute with the customer and if there
is any additional liability to be recorded. For all such advances, the auditor should verify the
underlying documentation based on which the entity had received the advance.
To establish Valuation
(1) Review the process followed by the Company to identify if any old creditor balance/liability
needs to be written back. This will include a consistency comparison with the method used in the
last year, and a determination of whether the method is appropriate for the underlying business
environment.
(2) Obtain the ageing of payable balances, split between current, less than 30 days old, 30-60 days
old, 60-180 days old, 180-365 days old and more than 365 days old (refer screenshot below). Also,
obtain the list of vendors with whom the Company has disputes and any claims from customers,
under litigation and compare with previous year.
(3) Check that write backs in the liability balances assessed as no payable have been approved by
an appropriate and authorised member of senior management, for example - CEO/MD. (4) Check
that the restatement of foreign currency trade payables has been done properly In accordance with
AS 11. longer
(5) Understand management's process to identify the principal amount and the interest due
thereon (if any) remaining unpaid to any Micro, Small and Medium Sized Enterprises suppliers at
the end of accounting year. Test check the management process to assess if the auditor could rely
on the management process.
Analytical Procedures
In addition to the audit procedures discussed above, the following analytical review procedures
may often be helpful as a means of obtaining audit evidence regarding the various assertions:
(a) comparison of closing balances of trade payables with the corresponding figures for the
previous year;
(b) comparison of the relationship between current year trade payable balances and the
current year purchases with the corresponding figures for the previous year;
(c) comparison of actual closing balances of trade payables, etc, with the corresponding
budgeted figures, if available;
(d) comparison of current year's aging schedule of trade payables with the corresponding
figures for the previous year;
(e) comparison of significant ratios relating to trade payables with the similar ratios for
other firms in the same industry, if available;
(f) comparison of significant ratios relating to trade payables with the industry norms, if
available.
Chapter 10: Procedures 191
5. Unpaid Dividends.
6. Application money received for allotment of securities and due for refund and interest accrued
thereon. Share application money includes advances towards allotment of share capital. Further,
the period for which the share application money has been pending beyond the period forallotment
as mentioned in the document inviting application for shares along with the reason for such share
application money being pending shall be disclosed.
7. Unpaid matured deposits/debentures and interest accrued thereon.
Audit Procedures
Audit Procedure
To establish Occurrence
1. To ensure that revenue is not overstated, auditor is required to perform the following audit
procedures:
• Check whether a single sales invoice is recorded twice or a cancelled sales invoice
could also be recorded.
• Test check few invoices with their relevant entries in sales journal.
• Obtain confirmation from few customers to ensure genuineness of sales transaction.
• Whether any fictitious customers and sales have been recorded.
• Whether any shipments were done without the consent and agreement of the
customer, especially at the year end to inflate the sales figure.
• Whether unearned revenue recorded as earned.
• Whether any substantial uncertainty exists about collectability.
• Whether customer obligations are contingent on other actions (financing, resale,
etc.).
2. Review sequence of sales invoices.
3. Review journal entries for unusual transactions.
4. Calculate the ratio of sales return to sales and compare it with previous year and enquire
for the reasons for increase/decrease.
5. Check the sales return with sales invoice, challan, credit note, stock register, etc.
To establish Completeness
1. Perform cut-off procedures to ensure that revenues are recognised in the current
accounting period and sales were not tampered towards the period end.
2. Cut-off errors will usually arise when companies recognise revenue based on the date on
which the sales invoices are generated rather than the date on which the risks and rewards
are transferred to the buyer. In order to perform a robust sales cut-off test, auditors need
to understand and consider the specific cut-off error risk of each engagement.
3. Auditors should also verify the credit notes issued after the accounting period. Sometimes
sales team or sales personnel can make fictitious sales before the year-end to meet
performance target and cancel out those sales with a post year end credit note.
4. Trace from the shipping documents to the sales journal.
Chapter 10: Procedures 193
5. Check whether quantity is appearing in sales register or not and check reconciliation of total
sales/goods dispatched as per stock records and financial records and statutory records like
GST.
To establish measurement
E. g: Take few sales transaction, and check from the receipt of sales order to the payment
of receivable balance, every underlying document to ensure if it is properly recorded at
every stage and measured accurately taking into consideration all the incentives, discounts,
if any. The recognition shall be according to the revenue recognition policy of the entity.
2. If the client is engaged in export sales, then compliance with necessary GAAP is expected.
3. Auditor must understand client's operations and related GAAP Issues eg. point of sale revenue
recognition vs. percentage of completion, wherever applicable.
4. Compare the rate of sales affected with related parties and review them for collectability, as well
as whether they were properly authorized and the value of such transactions were reasonable and
at arm's length.
Consignment Sales
1. Verify the terms of agreement between the consignor and the consignee to ascertain the terms
and conditions regarding commission and other expenses.
2. Ensure that the goods consigned are not treated as ordinary sales.
3. Ensure that the gross sale proceeds as mentioned in the account Sales has been credited to the
Consignment Account and debited to the consignee's account.
4. Ascertain that credit has been taken only for the profit c through the consignee before the year
end. No profit should be taken for the profit on goods remaining in the hands of the consignee. on
the goods sold
5. Ensure that the stock lying with the consignee at the end should be taken in the balance sheet at
cost on a consistent basis and credited to the Consignment A/c to arrive at the result of the
consignment transactions.
6. Obtain confirmation of the balance in the account of the consignee from the consignee.
7. In case, goods are consigned at invoice price, auditor should ensure that the necessary
adjustments to remove the loading have been made.
8. Examine the adjustments made at the year-end in respect of the goods not yet sold, commission
and the expense incurred by consignee.
Chapter 10: Procedures 194
1. Check maintenance of separate memoranda records of goods sent out on sale or return.
Only after approval from customer, personal account of customer is debited and the sales
account is credited.
2. Ensure that the price of such goods is unloaded from the sales account and the debtor's
record before the approval from customer.
3. In respect of the goods for which approval period has expired, ensure that either goods
have been received back or customer's account have been debited.
4. In respect of the goods for which approval period has not expired till the close of the year
and lying with the party, ensure that cost of such goods has been included in the closing
stock.
Audit of Purchases
Assertions to be Examined
• Occurrence: Ensure all purchases recorded in books of account represent goods actually
received/ services availed during the period.
• Completeness: Ensure all purchases made during the period were recorded and there in no
understatement or overstatement.
• Measurement: Ensure all purchases have been measured appropriately.
• Presentation and Disclosure: Ensure that required disclosures for purchases have been
appropriately made.
Audit Procedure
Steps to be followed:
To establish Occurrence
• Whether any fictitious vendors have been booked or purchases have been recorded by
reviewing the vendor selection process followed by the entity and also performing
procedures to ensure existence of the vendors.
• Whether the goods were received at the factory gate and whether there exists an entry in
Chapter 10: Procedures 195
• The purchase invoice received should be the "Original" copy (and not photocopy/carbon
copy) against which the entity has recorded the purchase in its books of account.
• Purchase invoice should have been booked only once risk and reward incidental to
ownership has been transferred to the entity. Specific consideration for cases where the
terms of delivery as agreed with vendor are F.O.B., C.I.F. etc.
• Purchase invoice should be in the name of entity. However, in case of different branches,
it should be addressed to the appropriate branch.
• Input tax component should have been booked in the input tax ledger. The auditor should
obtain tax returns filed with the authorities and tally the input tax as reflected in the books
to the amount disclosed in the returns.
• In case of purchases made from related parties or allied and associated concerns, the
auditor needs to verify if requisite approval from Board of Directors (appropriate authority)
has been obtained and should verify the selected samples and perform analytical
procedures in relation to price of goods to confirm that the price charged is at arm's length.
To establish Completeness
• Perform cut-off test to ensure that purchases are recognised in the correct accounting
period. For the purpose, the auditor should examine material inward records, say, last 5
transactions at the period end to check that all corresponding invoices have been duly
entered in the Purchases book and none have been omitted.
• Ensure correct accounting treatment of goods-in-transit as per the agreed terms with the
vendor regarding transfer of risk and reward of ownership in goods.
• Obtain written representation from the management that all the purchases that took place
during the year have been properly recorded in the books.
• Perform analytical procedures to obtain audit evidence as to overall reasonableness of
purchase quantity and price.
Analytical procedures
Assertions to be examined:
Auditor needs to consider the following attributes while verifying for depreciation and amortisation
expenses:
Audit procedures
Disclosure requirements
(c) Rent;
(f) Insurance;
➢ Occurrence: Recorded other expenses were actually incurred during the period.
➢ Completeness: Other expenses pertaining to the period have been recorded appropriately
and there in no understatement or overstatement.
Chapter 10: Procedures 198
➢ Presentation and Disclosure: Required disclosures for other expenses have been
appropriately made.
Rent expenses
• Obtain a month wise schedule of rent payment along with the rent agreements.
• Examine whether rent expense has been recorded for all 12 months and whether the rent
paid is as per the underlying agreement.
• Examine whether agreement contains any escalation clause, if yes, verify whether rent has
been increased/adjusted during the period only as per escalation clause.
• Verify whether the agreement is in the name of the entity.
• Verify whether the expense pertains to premises used for running business operations of
the entity
• Obtain a month wise expense schedule of payment towards power and fuel along with the
power bills.
• Examine whether the expenses have been recorded for all 12 months.
• Compile a month wise summary of power units consumed and the applicable rate and check
the arithmetical accuracy of the bill raised on monthly basis.
• Analyse the monthly power units consumed by linking it to units of finished goods produced
and investigate reasons for variance in monthly trends.
Insurance expense
• Obtain a summary of insurance policies taken along with their validity period.
• Verify whether the expense has been correctly classified between prepaid and expense for
the period based on number of days.
• Select a sample on random basis and vouch for the occurrence, completeness, measurement
and appropriate disclosure.
• Wherever possible, the auditor should try and prepare a summary of expenditure on monthly
basis and then analytically compare the trends.
• In addition, auditor should perform analytical procedures to obtain audit evidence as to overall
reasonableness of other expense which may include expenditure per unit produced.
• Auditor should analyse expense per unit produced and compare the same with previous years
and prevent industry trends and ask for the reasons from Management If any significant
variations are found.
Disclosure Requirements
(a) Rent.
(b) Insurance.
Meaning:
NFPOs are organizations that raise funds from members or donors for the social/charitable
objectives that they undertake. Apart from receiving monetary/ cash and financial donations,
NFPOs receive donations in the form of time, energy and skills from willing donors.
Incorporation:
NFPOs are incorporated/ registered under applicable laws for the time being in force in the
respective geography or region in which they have been incorporated.
• The auditor must gain and acquire knowledge of the NFPOs work, its mission and vision,
areas of operations and environment in which it operates.
• Review the legal form of the applicable incorporation documents such as the
Memorandum of Association, Articles of Association, Rules and Regulations, Bye-laws.
Once reviewed, the auditor shall ensure that the activities carried out by the NFPO are in
line with the prescriptions contained in these above-mentioned documents.
• Review the organization chart and manuals relating to financial and administrative matters.
• Study the accounting system, procedure, internal controls and internal checks existing for
the NFPO and verify the applicability of the same.
• Set the materiality level for the audit program of the NFPOs.
• Determine the nature and timing of audit reports and other communications to be issued
Chapter 10: Procedures 201
A. Receipts:
3. Membership fees:
• Check the fees received with corresponding entries made in the members register.
• Ensure a proper demarcation between:
✓ Annual fees and Fees that are a part of periodic revenues; and
✓ Life Membership fees that are generally a part of the capital
corpus.
• Reconcile the fees received with the fees to have been received in the course of the
current / relevant reporting period.
4. Subscriptions:
• Check subscription fees received with the subscription register and receipts
issued.
• Reconcile subscription received with printing and dispatch of
corresponding magazine/circulars/periodicals.
• Check the receipts with any applicable/available subscription rate
schedule.
B. Expenses
Ensure that all the expenses such as establishment expenses, project expenses and
specific expenses are recorded and disclosed as per the rules and regulations of all
applicable laws and regulations for the time being in force.
1. Vouch all acquisitions or sales of fixed assets as regards proper authorization. Further check
that charge if any against any asset has been properly provided for.
2. Check the investment register and investments physically to ensure the NFPO has title to
these investment
3. Physically verify the cash in hand balances and also check the bank reconciliation statement
4. Obtain a certificate form the management as to the quantities and valuation of the stock
at hand.
5. Where loans are given these should be vouched as regards to their respective loan
agreements, counter-foils, etc.
Chapter 11: Completion and Review 203
Table of contents:
1. Adjusting, Non-adjusting and Subsequent Events
2. Going Concern
3. Overall review of financial statements
4. Evaluation of misstatement
5. Written representations
In the course of our previous lessons, we have focused n the process of executing an audit. There
are, however, some crucial areas and events in the execution of audit that command individual
guidance. This lesson takes us across those areas and matters.
Let’s say, Anadolu Isuzu – a Turkish Automaker places an order with Tata Steel for the purchase of
galvanized steel – a high tensile and durable variety of steel- for a large batch of its SUVs. Tata Steel
provides 5 months credit to Anadolu Isuzu who has a stellar reputation in the market for paying off
its vendors within the credit window. Consider the following timeline:
Now lets say that Tata Steel and Chevrolet India enter in a transaction where, the latter places an
order for galvanized steel for its car model “ Tavera”. This steel is meant to serve as material for the
last set of 10,000 units order Chevrolet India has received for its Tavera car model.
Chevrolet India however has been facing financial and litigation challenges in India for the past 5
years. The American parent of Chevrolet India is in public talks with regulators to exist the Indian
market and is in the process of filing for bankruptcy under the Insolvency and Bankruptcy code of
India as of 31 December 2023. Auto sector competitors are eagerly waiting to bid for its large
Chapter 11: Completion and Review 204
factory premises in Pune, India. Lets assume the transaction goes through on 1 December 2022 and
the payment is contractually agreed to be completed on 5 March 2023
Now, in this case if Chevrolet India is able to pay say 90 cents on the dollar, did Tata Steel forsee
this 10% hit ?
Quite obviously they did, as the indications of this were all over public domain.
The two cases listed above have one crucial distinguishing feature:
• Tata Steel could not predict the closure of Andalou Isuzu as at the date of financial
statements as there was no indication of the same
• Tata Steel could predict or foresee the closure of Chevrolet India as at the date of financial
statements as there were clear indications of the same.
While both events occur after the Balance Sheet date (31 December 2022), the existence of
indications of their occurrence is what demarcates these events.
• Both adjusting and non-adjusting events are events that occur after the date of financial
statements i.e. the Balance Sheet date. These events impact the process of audit as the
auditor has to ensure that adjusting events have been appropriately adjusted and disclosed
in the financial statements.
• Here the auditor has to determine, whether the events after the balance sheet date (which
can be adjusting or non-adjusting) impact the audit report. Events after the balance sheet
date that are subsequent in nature impact the audit report.
• A subsequent event is:
a. Event occurring between the date of the financial statements and the date of the auditor’s
report
b. Facts that become known to the auditor after the date of the audit report
Let us consider the below case to under the concept of subsequent events in greater depth:
Chapter 11: Completion and Review 205
The reporting period covered under the financial statements for the reporting entity is 1 January
2018 to 31 December 2018. The auditor submits his report on 25 march 2019 and the financial
statements are issued to the shareholder on 15 April 2019.
Based on the definition of the term subsequent events we can assert that:
• Events occurring between 31 December 2018 (date of the financial statements) and 25
March 2019 (Date of the Audit Report) are subsequent events.
• Facts that become known to the auditor after 25 March 2019 (date of the auditor’s report)
are subsequent events.
• These events do not occur in the reporting period but if they are connected/related to
events/circumstances/transactions in the reporting period, they must be:
a. Adjusted; or
b. Disclosed; or
c. Both adjusted and disclosed
In the financial statements that cater to the reporting period.
The following section highlights the activities to be carried out and the responsibilities of the auditor
in the given time frames:
Events occurring between the date of the financial statements and the date of the auditor’s
report:
• The auditor shall perform audit procedures to obtain SAAE to ensure that events and
transactions which require adjustments or disclosure in the financial statements have been
identified.
• In determining the nature and extent of audit procedure, auditor shall:
✓ Obtain an understanding of the procedures through which management has
identified subsequent events
✓ Inquiring of the management as to occurrence of subsequent events which affect
the financial statements
✓ Read minutes of management meetings that have been held after the date of the
financial statements
✓ Read the entity’s subsequent financial statements, if any
✓ If the auditor identifies events that require adjustments or disclosures in the
financial statements, the auditor shall determine whether each such event is
appropriately disclosed and presented in the financial statements
✓ The auditor shall acquire a “Written Representation” form management that all
events occurring subsequent to the date of the financial statements and requiring
disclosure or adjustment have been adjusted or disclosed.
Facts that become known to the auditor after the date of the audit report but before the date of
the financial statements are issued
Time frame as per our case: This covers facts that become known to the auditor after 25 march
2019 but before 15 April 2019.
• The auditor has no obligation to perform any audit procedure regarding the financial
statements after the date of the audit report
Chapter 11: Completion and Review 208
• However, if a fact becomes known to the auditor that, had it been known to the auditor at
the date of the audit report – it may have caused the auditor to amend the auditor report
i.e.:
✓ an unmodified report would become modified; or
✓ A modified report would become unmodified; or
✓ A Qualification opinion would become an adverse opinion or disclaimer of opinion;
or
✓ An Adverse opinion would become a qualified opinion or a disclaimer of opinion;
or
✓ A disclaimer of opinion would become a qualified opinion or an adverse opinion.
• In this case the auditor shall:
✓ Discuss the matter with the management.
✓ Determine whether the financial statements need to be amended.
✓ Inquire how the management intends to address the matter in the financial
statements.
If the management amends the financial If the management does not amend the
statements financial statements
• Extend the audit procedures to the • The auditor shall modify the opinion if
date of the new audit report the report has not yet been provided to
• Provide a new auditor’s report on the the entity
amended financial statements • If not, the auditor shall notify the
management and TCWG not to issue
the financial statements to third
parties.
• If the management still issues the
financial statements the auditor shall
take appropriate action so as to
prevent reliance on auditor’s report.
Here it must be noted that if the applicable laws/regulations/financial reporting framework does
not prohibit the management from restricting the amendment of financial statements to the effect
of subsequent events, the auditor is permitted to restrict the audit procedures on subsequent
events to that amendment. In such a case the auditor shall:
• Amend the audit report to include an additional date restricted to that amendment
• Provide a new or amended audit report that contains an Emphasis of matter or other
matter paragraph which conveys that the auditor’ procedures on subsequent events are
restricted solely to amendments of financial statements.
Facts which became known to the auditor after the financial statements have been issued:
Time frame as per our case: This covers facts that become known to the auditor 15 April 2019.
• The auditor has no obligation to perform any audit procedure regarding such financial
statements.
• However if a fact becomes known to the auditor that has it been known to the auditor on
the date of the auditor’s report, may have caused the auditor to amend the auditor’s report
Chapter 11: Completion and Review 209
(refer the meaning of amendment of auditor’s report in the above section), the auditor
shall:
✓ Discuss the matter with the management.
✓ Determine whether the financial statements need to be amended.
✓ Inquire how the management intends to address the matter in the financial
statements.
• If the management amends the financial statements, the auditor shall:
✓ Carry out the audit procedures necessary in the circumstances on the amendment
✓ Review the steps taken by the management to ensure that anyone in receipt of the
previously issued financial statements together with the auditor’s report thereon
is informed of the situation.
✓ Extend the audit procedures to the date of the new auditor’ report.
✓ Provide a new auditor’s report on the amended financial statements
• In the amended auditor’s report , emphasis of matter paragraph referring to a note to the
financial statements that discussed the reason of amendment in financial statements
should be included.
Under the going concern basis of accounting the financial statements are prepared on the
assumption that the entity will continue its operations for the foreseeable future.
The foreseeable future is considered to be a period of 12 months from the date of the financial
statements. In simple terms, going concern is an assumption that the entity will not shut shop within
the next 12 months. In such a case the assets and liabilities are reported at their carrying values
–
a. For assets : the values that the entity expects to recover from their application in business
b. For liabilities: the value that the entity is obligated to repay
In case the going concern assumption does not hold true i.e. the entity intends to shut shop within
the immediate next 12 months, it is a clear indication that –
a. the entity intends to dispose off the assets rather than apply them in business
b. use the proceeds of these assets to repay liabilities.
In such a case the financial statements are not prepared by reporting assets and liabilities at their
carrying value rather they are made by reporting the assets and liabilities at their recoverable
values.
General purpose financial statements are prepared using the going concern basis of accounting,
unless management intends to liquidate the entity or to cease operations or has no realistic
alternative but to do so.
Special purpose financial statements may or may not be prepared in accordance with a financial
reporting framework for which the going concern assumption is relevant.
When the going basis of accounting is appropriate, assets and liabilities are recorded on the basis
that the entity will be able to realize its assets and discharge its liabilities in the normal course of
business.
• Any material uncertainty regarding the future of the company should be disclosed by the
directors in the financial statements.
Material uncertainty exists when the:
✓ Magnitude of potential impact; and
✓ Likelihood of occurrence
Are such that a disclosure of the same is necessary to ensure fair presentation of
the financial information.
Disclosures in case of a material uncertainty should allow the users of financial information to
understand the following:
▪ The principle events or conditions that cast a significant doubt on the entity’s ability
to continue as a going concern
▪ Management’s plans to deal with these events
▪ The inability of the company to realize (sell) its assets and discharge its liabilities in
the normal course of business.
• Inability to assess the going concern assumption in the usual way
In case the directors have been unable to assess the going concern basis of accounting i.e.,
they have not been able to assess whether the company has the potential to exist beyond
12 months of the balance sheet date – this inability should be disclosed.
• Wherever the going concern assumption hods true, the financial statements are prepared
on a going concern basis. However, in cases where the going concern assumption does not
hold true, the financial statements are prepared on a realizable value basis.
Chapter 11: Completion and Review 212
Audit procedures when events or conditions that cast a doubt on the going concern basis of
accounting are identified:
If events or conditions have been identified that may cast a doubt on the entity’s ability to continue
as a going concern, the auditor shall obtain SAAE to determine whether or not a material
uncertainty exists related to events or conditions that may cast a significant doubt on the entity’s
ability to continue as a going concern through performing additional audit procedures, including
consideration of mitigation factors. These procedures will include:
a. Where the management has not yet performed an assessment of the entity’s ability to
continue as a going concern, requesting management to make its assessment.
b. Evaluating management’s plans for future actions, whether the outcome of these plans is
likely to improve the situation and whether management’s plans are feasible in the
circumstances.
c. Where the entity has prepared a cash flow forecast, evaluate the reliability of the
underlying data used to prepare the forecast and determine whether there is adequate
support for the assumptions underlying the forecast.
d. Considering whether any additional facts or information have become available since the
date on which the management made its assessment.
e. Requesting written representations from management and where appropriate those
charged with governance regarding their plans for future actions and feasibility of these
plans.
Additional procedures:
1. Analysing and discussing cash flow, profit and other relevant forecasts with management
2. Analysing and discussing the entity’s latest available interim financial statements
3. Reading the terms of debentures and loan agreements and determining whether any have
been breached.
4. Reading minutes of the meeting of shareholders, Those charged with governance and
relevant committees for reference to financing difficulties.
5. Inquiring of the entity’s legal counsel regarding the existence of litigation and claims and
the reasonableness of management’s assessment of their outcome and the estimate of
their financial implications.
6. Confirming the existence, legality and enforceability of arrangements to provide or
maintain financial support with related and third parties and assessing the financial ability
of such parties to provide additional funds
7. Evaluating the entity’s plans to deal with unfulfilled customer orders.
8. Performing audit procedures regarding subsequent events to identify those that either
mitigate or otherwise affect the entity’s ability to continue as a going concern.
9. Confirming the existence, terms and adequacy of borrowing facilities.
10. Obtaining and reviewing reports of regulatory actions.
11. Determining the adequacy of support for any planned disposal of assets.
If the financial statements have been prepared using the going concern basis of accounting but in
the auditor’s judgement, the management’s use of the going concern basis of accounting in the
preparation of the financial statements is inappropriate, the auditor shall express an adverse
opinion.
Chapter 11: Completion and Review 213
Events that may cast a significant doubt about the going concern assumption:
development or other
essential investments
Implications of going concern as the basis of presenting financial statements on the audit report:
Prior to issuing the audit opinion, the auditor shall conduct a final overall review of the financial
statements. This shall include:
• Compliance check to ensure that all applicable laws and regulations for the time being in
force have been complied with in the preparation of the financial statements.
• Check to ensure that all the applicable financial reporting frameworks have been complied
with in the preparation of the financial statements.
• All bases of conclusion of the audit opinion are adequately reflected in the financial
statements
• Analytical procedures to ensure that the financial statements are consistent with the
auditor’s understanding of the entity.
• Review and check of the uncorrected misstatements to assess whether a material
misstatement arises in case these uncorrected items are aggregated. In case this risk exists,
the auditor shall discuss the same with the management.
Misstatements that the auditor has accumulated during the audit and that have not been corrected
are called uncorrected misstatements.
The auditor shall accumulate misstatements identified during the audit other than those that are
clearly trivial.
Causes of Misstatements:
a. An inaccuracy in gathering or processing data from which financial statements are prepared
b. An omission of an amount or disclosure
c. An incorrect accounting estimate arising from overlooking, or clear misrepresentation of
facts
d. Judgements of management concerning accounting estimates that the auditor considers
unreasonable or the selection and application of accounting policies that the auditor
considers inappropriate
The auditor shall determine whether the overall audit strategy and audit plan need to be revised if:
a. The nature of identified misstatement s and the circumstances of their occurrence indicate
that ither misstatements may exist that, when aggregated with misstatements
accumulated during the audit, could be material.
b. The aggregate of misstatements accumulated during the audit approaches materiality
determined during the phase of audit planning.
If at the auditor’s request, management has examined a class if transaction, account balance or
disclosure and corrected misstatements that were detected, the auditor shall perform additional
audit procedures to determine whether misstatements remain.
• The auditor shall communicate on a timely basis all misstatements accumulated during the
audit with the appropriate level of management and shall request management to correct
those misstatements
• If the management refuses to correct some or all of the misstatements communicated by
the auditor, the auditor shall obtain an understanding of the management’s reasons for not
making the corrections.
1. Prior to evaluating the effect of uncorrected misstatements, the auditor shall reassess
materiality determines in accordance to the audit plan to confirm whether it remains
appropriate in the context of the entity’s financial results.
2. The auditor shall determine whether the uncorrected misstatements are material
individually or in aggregate having regard to the following:
a. The size and nature of misstatements, both in relation to particular classes of
transactions, account balances or disclosures and the financial statements as a whole
Chapter 11: Completion and Review 216
Written representation:
The auditor shall request a written representation from management and where appropriate those
charged with governance whether they believe the effects of uncorrected misstatements are
immaterial, individually and in aggregate to the financial statements as a whole. A summary of such
items shall be included in or attached to the written representation.
• The auditor shall communicate with those charged with governance uncorrected
misstatements and the effect that they individually or in aggregate may have on the opinion
in the auditor’s report, unless prohibited by law or regulation with a request that
uncorrected misstatements be corrected.
• The auditor shall also communicate with those charged with governance the effect of
uncorrected misstatements related to prior periods on the relevant classes of transactions,
account balances or disclosures, and the financial statements as a whole.
Documentation:
Written representations are necessary information that the auditor requires in connection with the
audit, hence they are recognized as audit evidence as a response to inquiries.
Although written representations provide necessary audit evidence, they do not provide sufficient
and appropriate audit evidence on their own about the matters with which they deal or represent.
Chapter 11: Completion and Review 217
The reliability of the auditor on written representations is dictated by the prevalent effectiveness
of internal control. This is summarized as under:
• Obtain written representations form management that the management believes that it
has fulfilled its fundamental responsibilities (discussed below).
• To support audit evidence relevant to the financial statements or specific assertions in the
financial statements by means of written representations, if determined necessary by the
auditor or if required under other standards of auditing.
• The date of WR should be as near as possible to the date of the auditor’s report. However,
it should not be after the date of the auditor’s report. The WR shall be for all financial
statements and periods referred to in the audit report.
• The WR are for all periods referred to in the auditor’s report because management needs
to reaffirm that the WR it previously made with respect to the prior periods remain
appropriate. The auditor and the management may agree to a form/format of WR that
updates the WR relating to the prior periods by addressing whether there are any changes
to such WR and if so what they are.
• Situations may arise where current management were not present during all periods
referred to in the auditor’s report. Such newly appointed management persons may assert
they are not in a position to provide some or all of the WR because they are not in place
during the period. This fact however does not diminish such person’s responsibilities for
the financial statements as a whole. Accordingly, the requirement for the auditor to request
from the WR that cover the whole of the relevant period still applies.
Chapter 11: Completion and Review 219
• If the auditor has concerns about the competence, integrity, ethical values or diligence of
the management, the auditor shall determine the effect on the reliability of the WR and
audit evidence in general.
• In particular if WR are inconsistent with other audit evidence, the auditor shall perform
audit procedures to attempt to resolve the matter.
• If the auditor concludes that the WR are not reliable, the auditor shall take appropriate
action which includes determining the impact on the opinion.
• If the auditor believes that there is sufficient doubt about the integrity of management, he
shall issue a disclaimer of opinion.
• The auditor shall re-evaluate the integrity and reliability of the management.
• The auditor shall appropriate action including determining possible effects on the opinion
Table of contents:
1. Objectives of the independent auditor’s report
2. Title and addressee
3. Auditor’s opinion
4. Basis for opinion
5. Key Audit Matters Section
6. Additional Communications:
- Material uncertainty related to going concern
- Emphasis of matter
- Other matter
7. Other information section
8. Responsibilities of the management and the auditor
9. Report on other legal and regulatory requirements
10. Signature, auditor’s address and date
11. Communicating with those charged with governance (TCWG)
Remember the good old days of school? The summer holidays and the joys it brought it along? But
before the summer holidays came the open house – where your annual performance report card
was handed over to you. The report card communicated to you and your parents the quality of your
academic performance and areas of improvement, if any. It was a statement issued by the school
to your stakeholders regarding your performance. An audit report is just like an annual performance
report; however, it does not touch upon areas of improvement. The audit report only
communicates whether the financial statements are reliable – whether they transparently depict
every material event, transaction and account balance that was affected throughout the year. This
report increases the communicative appeal of the financial statements.
The audit report is a word of assurance on whether the users of financial information can place
their reliance on the financial statements and the information communicated there in to make
decisions regatrding their participation and association with the reporting entity.
The audit report signifies the completion of the audit process and underscores the auditor’s
objectives of:
The report has various heading and sub-headings which are elaborately discussed in this lesson.
Finally, the audit report boils down to just one thing –Whether or not the financial statements have
been prepared in all material respects as per the applicable financial reporting framework.
The audit report is broken down in the following sections, each of which has been discussed in the
course of this lesson:
• The title of the audit report identifies the report as an Independent Auditor’s report
• The auditor identifies the intended user of the report and show to whom to auditor owes
a duty of transparent reporting and care
The process of audit is completed when the auditor submits the “Audit Report”. The audit report
contains the auditor’s opinion on the financial statements. The auditor’s opinion is driven by
whether the financial statements are prepared in all material respects in accordance to the
applicable financial reporting framework.
To form this opinion, the auditor needs to conclude as to whether he has obtained reasonable
assurance that the financial statements as a whole are free of material misstatements, whether
due to fraud or error. This conclusion takes into account:
1. Whether SAAE has been obtained
2. Whether uncorrected misstatements either individually or in aggregate are material
An audit report conclusively communicates to all users of the financial statements, the auditor’s
opinion on those financial statements. This conclusion pronounces whether the financial
statements give a true and fair view.
The preparation of financial statements requires compliance with the prescriptions of the
financial reporting framework. In order to ensure the financial statements meet the information
requirements of a wide array of stakeholders and users of financial information, the management
maybe required to provide disclosures beyond those specifically required by the applicable
framework.
Auditor’s opinion
The auditor’s opinion is a conclusive communication on whether the financial statements present
a true and fair view. This opinion needs to be absolute and sacrosanct. However, it must be
appreciated that audit is a subjective process driven by the professional judgement of the auditor.
Hence, this opinion to be issued is categorized as under:
Unmodified Opinion:
An Unmodified opinion on the financial statements is issued by the auditor when, based on the
SAAE acquired, when the auditor holistically concludes that:
1. The financial statements are prepared in all material aspects in accordance with the
applicable financial reporting framework; and
2. The financial statements are presented fairly in all material respects in accordance with
the applicable financial reporting framework.
Chapter 12: Reporting 223
For the auditor’s opinion to be unmodified, the following conditions must be satisfied:
5. The financial statements should provide adequate disclosures to enable the users of
financial statements to understand the effect of material transactions and events.
Material events like the launch of a new product segment/service line or diversification in
a new sphere of activity , large revenue generating transactions of a recurring or non-
recurring nature should be distinctly highlighted to provide decision making basis for users
of financial information.
Modified Opinion:
a. The auditor based on the audit evidence obtained concludes that the financial statements
as a whole are not free from material misstatements. This maybe due to one of all of the
following reasons:
• Inappropriate selection of accounting policies
A manufacturing entity which produces distinct and separable units of goods opts
to value inventory by the application of weighted average method as opposed to
FIFO.
• Inappropriate application of selected accounting policies
A reporting entity using the revaluation model inaccurately credits the first/ initial
revaluation gain to the income statement as opposed to the accurate treatment of
crediting the same to the statement of other comprehensive income.
• Inappropriate or inadequate disclosures in the financial statements
A fixed asset register that does not disclose the amount of accumulated
depreciation for each class of asset from the date of purchase to the date of
presentation of financial statements.
b. The auditor is unable to obtain SAAE to conclude that the financial statements as a whole
are free from material misstatements owing to the following reasons:
Chapter 12: Reporting 225
The following are instances where the nature and timing of the auditor’s work preclude the
auditor from acquiring SAAE:
➢ In cases where the entity is able to exercise significant influence it is required to apply
the equity method of accounting however the auditor is unable to obtain SAAE to
determine whether the equity method has been appropriately applied.
➢ The timing of the auditor’s appointment is such that the auditor is unable to observe
the counting of the physical inventories.
The above circumstances result in the financial statements as a whole not being free from material
misstatements. The above instances arise in cases where the reporting entity has not complied with
the applicable financial reporting framework owing to which the financial statements do not
present a true and fair view.
Alternatively, it may so happen that the auditor is unable to acquire SAAE. This inability to acquire
SAAE leaves the auditor not being able to conclude whether or not the financial statements are
materially misstated. This automatically leads to a doubt in the auditor’s judgement regarding
whether the financial statements present a true and fair view.
In cases where the financial statements do not present a true and fair view or where the auditor
is unable to conclude owing to the lack of SAAE, the auditor issues a modified opinion.
Chapter 12: Reporting 226
Chapter 12: Reporting 227
Modifications to the audit opinion are of three types, depending on the nature of material
misstatement:
1. Qualified opinion.
2. Adverse opinion.
3. Disclaimer of opinion.
De-jargonizing Pervasiveness:
Negative nonetheless but imagine, a patient who has contracted an infection. The degree and
quantum of treatment and medication depend on the severity of the infection and the spread in
the body of the patient. Now, the infection could be restricted to a specific part of the body i.e. it
has not spread. However, the infection being localized can result in the spread being contained or
that specific part of the body being severely damaged. A severe infection that has spread across the
body of a patient calls for more serious medical examination and supervisory care. In general, the
medical course of action is dictated by:
Just as we as human beings are affected by infections, financial statements are impacted and
affected by Misstatements.
Misstatements are infection to the financial statements that are caused due to fraud or error or
both. The natural defence mechanism of the financial statements, like our immune system, is an
effectively operating system of internal control. The quantum of the spread and impact on financial
statements owing to the misstatements is measured using a metric called “pervasiveness.”
• The effects of the misstatement are not confined to specific elements, accounts or items of
the financial statements
• If so confined they represent or could represent a substantial portion of the financial
statements
• In relation to disclosures are fundamental to user;s understanding of the financial
statements.
A pervasive matter must be fundamental to the financial statements, therefore rendering them
unreliable as a whole.
Qualified Opinion:
On the basis of SAAE the auditor concludes that the misstatements individually or in aggregate are
material but not pervasive.
The auditor is unable to acquire SAAE on which he can base his opinion. However, the auditor’s
professional judgement leads him to conclude that even if not detected the effects of
misstatements on the financial statements could be material but not pervasive.
Adverse Opinion:
Since an adverse opinion takes into consideration both the materiality and pervasiveness of the
misstatement, it cannot be issued unless SAAE has been acquired by the auditor.
An adverse opinion is issued when the misstatements identified by the auditor are both material
as well as pervasive.
A disclaimer of opinion is issued in cases where the auditor is unable to acquire SAAE on which to
base the opinion. The lack of SAAE leads to an inconclusiveness as there maybe misstatements
that are still undetected. These undetected misstatements can be both material as well as
pervasive.
In such a scenario, the auditor is unable to express an opinion on the financial statements. This
inability to express an opinion arises on account of not being able to assess the cumulative effect
of undetected misstatements on the overall view that financial statements present.
Examples of scenarios where the auditor is unable to acquire SAAE are as under:
Basis of Opinion
The basis for opinion is the professional standards that the auditor has followed in order to be
able to form his opinion, whether unmodified or modified, on the financial statements. When the
auditor modifies his opinion, the basis for opinion section will explain the reason why the opinion
has been modified – which balance or transaction was misleading, materially misstated or lacked
SAAE.
The basis of arriving upon an audit opinion has been discussed in the table below:
Sr. Was SAAE Do MMS Are the Audit Nature of Short Cut
No acquired? exist based MMS Opinion Modification
on SAAE Pervasive in
acquired? their
impact?
1 Yes No No Unmodified Not True and Fair
applicable as:
1. There are no
MMS
2. Financial
statements
comply with
applicable
financial
reporting
framework
2 Yes Yes No Modified Qualified Material but
Opinion Not Pervasive
3 No The auditor The auditor Modified Qualified Material but
based on his based on his Opinion Not Pervasive
professional professional
judgement judgement
opines that opines that
undetected the
MMS exist. undetected
There is no MMS are
SAAE to not
prove this Pervasive
4 Yes Yes Yes Modified Adverse Material and
Opinion Pervasive
5 No They may or They may or Modified Disclaimer of Cannot
may not may not be Opinion determine /
exist – the Pervasive– Cannot issue an
auditor is the auditor opinion
unable to is unable to
determine determine
Key audit matters are those matters that, in the auditor’s professional judgement, were of most
significance in the audit of the financial statements of the current period. These matters are
selected from matters communicated with those charged with governance. In the process of
understanding what KAM actually are, we should understand what they are not.
1. A substitute for the auditor expressing a modified opinion when the same is required as
per the circumstances of a specific audit engagement.
2. A separate opinion on individual matters
3. A substitute for disclosures in the financial statements that the financial reporting
framework requires management to make, or that are otherwise necessary to achieve fair
presentation.
In simple terms, KAM are not events or circumstances that lead to a modified opinion. These events
are however of such utmost significance in the professional judgement of the auditor that they are
specifically highlighted in the audit report for users of financial information to take note of.
Communicating KAM:
The auditor shall describe each KAM, using an appropriate sub-heading, in a separate section of the
auditor’s report under the heading “Key Audit Matters”
The introductory language in this section of the auditor’s report shall state that:
a. KAM are those matter that in the auditor’s professional judgement were of most
significance in the audit of the financial statements of the current period; and
b. These matters were addressed in the context of the audit of the financial statements as a
whole, and in forming the auditor’s opinion thereon, and the auditor does not provide a
separate opinion on these matters.
Chapter 12: Reporting 231
The auditor shall communicate KAM with those charged with governance. Here the auditor
shall communicate why a specific matter or matters have been highlighted as KAM. In cases
where there are no KAM to communicate, the auditor shall convey the same to those charged
with governance.
We have clearly understood so far that KAM are not a substitute for modified opinions. They are
significant matters that the auditor chooses to additionally disclose in the auditor’s report to ensure
its better communicative value and support transparency and understanding of financial
information. The following is a list of matters that are generally included by the auditor as KAM:
Summary of KAM:
✓ Matters that give rise to a modified or adverse opinion or are matters of material
uncertainty are inherently KAM. However, they are not described in the KAM section of the
audit report.
✓ This is purely because the audit opinon section of the audit report amply clarifies these
matters and KAM deals with matters that are significant but do not require or invite
modifications.
✓ References can be drawn to the KAM section by the auditor while issuing a modified
opinion.
Additional Communications:
In certain circumstances auditors are required to make additional communication’s in the auditor’s
report event though the financial statements show a true and fair view. Issues requiring
communication include:
a. Uncertainties relating to the going concern basis of accounting (Has been discussed in
Lesson 11)
b. Emphasis of matter paragraph
c. Other matters paragraph
Chapter 12: Reporting 232
Ever heard the term, “Stating the obvious”? Well, most of us choose not to state the obvious in
general conversational parlance. But when the obvious is quite important, it does not hurt to
“emphasize” upon it. The auditor does exactly that by the medium of the EOM paragraph.
EOM is an additional communication made in the auditor’s report. These communication are made
when the auditor considers it necessary to draw the attention of the users of financial information
to matters presented/disclosed in the financial statements that are of such importance that they
are fundamental to the users understanding of the financial statements.
EOM is a paragraph that is included in the auditor’s report. This paragraph draws reference to a
matter that has been appropriately presented/disclosed in the financial statements. However, in
the auditor’s professional judgement this matter is of such significance that it is fundamental for
users of financial statements and information to understand the same.
EOM is not a way to modify the audit opinion. EOM is used by the auditor to communicate
significant matters that are not:
We have clearly understood so far that EOM are not a substitute for modified opinions or KAMs.
They are significant matters that have been appropriately presented or disclosed that the auditor
chooses to additionally emphasize upon in the auditor’s report to ensure its better communicative
value and support transparency and understanding of financial information. The following is a list
of matters that are generally emphasized upon by the auditor in the EOM section:
➢ A significant subsequent event that occurs between the date of the financial statements
and the date of the auditor’s report.
For instance, a major debtor that has shown signs of irregularity in payments files for
bankruptcy.
➢ Major catastrophes that have a significant impact on the entity’s financial position.
Metinvest an international steel and mining group reported major losses owing to the
Russia-Ukraine war of 2022.
Chapter 12: Reporting 233
In case of all the examples listed in italics above, while the accounting treatment and
disclosures may have been as per the applicable financial reporting framework, the impact
of the events was so significant that the users of the financial statements simply had to be
appraised of these said events and occurrences.
1. To describe a justified change in accounting principle or policy that has been dealt with
appropriately in the financial statements.
For instance an entity may opt to report its financial assets at Fair Value through the Income
statement as opposed to measuring the m at Amortized cost in case the intent of holding
undergoes a change.
2. Subsequently discovered facts that lead to a change in audit opinion.
Owing to additional SAAE the auditor may opine that the financial statements are indeed
materially misstated and may choose to qualify such financials. The evidence that resulted
in such a change in opinion can be disclosed in the EOM para.
3. Financial statements when prepared in accordance with a special purpose framework.
Chapter 12: Reporting 234
OM is an additional communication made in the auditor’s report. These communications are made
when the auditor considers it necessary to draw the attention of the users of financial information
to matters not presented/disclosed in the financial statements that are of such importance that
they are fundamental to the users understanding of the financial statements.
OM is not a way to modify the audit opinion. OM is used by the auditor to communicate significant
matters that are not:
We have clearly understood so far that OM are not a substitute for modified opinions or KAMs.
They are significant matters according to the auditor that have not been appropriately presented
or disclosed that the auditor chooses to additionally report in the auditor’s report to ensure its
better communicative value and support transparency and understanding of financial information.
The following is a list of matters that require communication via the OM section:
• To communicate audit planning and scoping matters where the law permits or requires.
• Where the entity prepares one set of accounts in accordance with a general-purpose
framework and another set-in accordance with a different one.
For instance, the holding company and consolidated financial statements are prepared as
IFRS while the subsidiary present in Munich resorts to German GAAP.
Placement of OM para:
• When the OM para is included to draw the user’s attention to a mater relating to other
reporting responsibilities addressed in the auditor’s report, the para maybe included in the
Report on Other Legal and Regulatory Requirements section.
• When relevant to all auditor’s responsibilities or user’s understanding of the auditor’s
report. The OM para may be included as a separate section following the Report on the
Other Legal and Regulatory Requirements.
Summary of OM para:
a. Financial information, other than the financial statements and auditor’s report thereon
b. Non-financial information, other than the financial statements and auditor’s report
thereon
• Chair’s report
• Corporate social responsibility report and statements
• Operating and financial review
• Social and environmental reports
• Corporate governance statements
• Any other report or statement that adds value in understand the information contained in
the financial statements.
Chapter 12: Reporting 236
• Identifies the ither information obtained by the auditor prior to the date of the auditor’s
report
• States that the auditor has not audited the other information and accordingly does not
express an opinion or conclusion on that information
• Includes a description of the auditor’ responsibilities with respect to other information
• States either that the auditor has nothing to repost or provides a description of any
identified material misstatement for additional articulation.
The final version of other information must be acquired before the date of the audit report. The
auditor must read the same to identify any:
• This section highlights and demarcates the responsibilities of the auditor and the
management which leads to minimization of an expectation gap
• The management is responsible for the preparation of the financial statements as per the
applicable financial reporting framework. Furthermore, the management is also
responsible for maintaining the requisite degree of internal controls.
• The auditor is responsible to perform the audit of the financial statements and
communicate the opinion there on to all the users of financial information. The required
opinion is based on the considerations of:
✓ Risk assessment
✓ Internal control effectiveness
✓ Going concern basis of accounting
✓ Appropriate selection and application of accounting policies
Chapter 12: Reporting 237
Signature Identifies the audit form responsible for the auditor’s report and opinion.
In cases of listed companies, the report includes the name of the engagement
partner
Address Identifies the specific office of the engagement partner responsible for the report
in case of any queries
Date Identifies the date up to which the audit work has been performed.
Any information after this date is not considered by the auditor when forming
the opinion
TCWG are those persons or organizations with responsibility for overseeing the strategic direction
of the entity and obligations related to the accountability of the entity. They include management
personnel.
For instance, in the case of all Tata group entities, Tata Sons acts as the principal holding and
governing entity. Tata Sons is the apex decision making authority for all Tata group entities like
Tata Power, Motors, Chemical, Motors Finance, Capital, Tata Consulting Services (to name a few)
Chapter 12: Reporting 238
Chairman Emeritus-
Mr. Ratan N. Tata
This section of the lesson highlights the matters that the auditor of say Tata Motors Ltd. – CA
Shiraz Vastani of BSR & Co. LLP (KPMG) , would communicate with the Audit Committee of Tata
Motors, The Chairman of the Board of Tata Sons and the Chairman Emeritus of Tata Sons, all of
whom are charged with the governance of Tata Motors, the reporting entity.
Effective two-way communication between the auditor and TCWG plays a key role in assisting:
a. Auditor and TCWG in understanding matters related to the audit in context, and in
developing a constructive working relationship.
b. The auditor in obtaining from TCWG information relevant to the audit. For example,
TCWG may assist the auditor in understanding:
✓ The entity and its environment
✓ Appropriate sources of audit evidence
✓ Providing information about specific transactions or events
c. TCWG in fulfilling their responsibility to oversee the financial reporting process thereby
reducing the risk of material misstatement on the financial statements.
The process of communicating with TCWG enables the auditor to achieve the following
objectives:
a. To communicate clearly with TCWG responsibilities of auditor and planned scope and
timing of audit
b. To obtain from TCWG information relevant to audit
c. To provide TCWG with timely observations that are significant and relevant in overseeing
final reporting process
d. To promote effective two-way communication between the auditor and TCWG
Chapter 12: Reporting 239
The auditor shall communicate with TCWG an overview of the planned` scope and timing
of the audit, which includes communicating about the significant risks identified by the
auditor. It may include:
a. How the auditor plans to address the significant risks of material misstatement
whether due to error or fraud.
b. How the auditor plans to address areas that have a higher assessed risk of material
misstatement
c. Auditor’s approach to internal control
d. Application of the concept of materiality
Auditor’s independence:
a. Statement that the engagement team and others in the firm have complied with
relevant ethical requirements regarding independence
b. All relationships and other matters between the firm, network firms, and the entity
that bear on independence; and
c. Related safeguards applied to eliminate identified threats to independence or reduce
them to an acceptable level.
Chapter 12: Reporting 241
ISA 200 Overall Objectives of the Independent Auditor and the Conduct of an Audit in
Accordancewith International Standards on Auditing.
Responsibilities of management:
Risk:
An auditor must perform the audit with professional scepticism: an attitude that
includes a questioning mind, being alert to conditions which indicate possible
misstatement due to error orfraud, and a critical assessment of audit evidence.
Summary of International Standard on Auditing (ISA) 243
The auditor should establish whether the preconditions for an audit are present:
The engagement partner takes responsibility for the overall quality of the engagement, including the
direction, supervision and performance of the engagement.
An engagement quality control reviewer must be assigned for listed entities and high riskengagements
focusing on significant matters and areas involving significant judgment.
The firm's quality control processes must be monitored to ensure they are relevant, adequate and
operating effectively.
Summary of International Standard on Auditing (ISA) 244
Objective of documentation:
ISA 240 The Auditor's Responsibilities Relating to Fraud in an Audit of Financial Statements
Definition: An intentional act involving the use of deception to obtain an unjust/illegal advantage.
Auditor’s objectives:
• Those with responsibility for overseeing the strategic direction of the entity.
Matters to be communicated:
ISA 265 Communicating Deficiencies in Internal Control to Those Charged with Governance and
Management
Reporting responsibilities:
Benefits of planning:
• Helps the auditor to devote appropriate attention to important areas of the audit.
• Helps identify and resolve potential problems on a timely basis.
• Assists in the selection of a suitable audit team.
• Helps the direction and supervision of the audit team.
• Assists the auditor to perform an efficient and effective audit.
ISA 315 Identifying and Assessing the Risks of Material Misstatement Through Understanding
the Entity and its Environment
• Control environment
• Entity’s risk assessment process
• Information system relevant to financial reporting
• Control activities
• Monitoring of controls.
Performance materiality: An amount set at less than materiality for theFS as a whole, to reduce to an
appropriately low level the probability that the aggregate of uncorrected and undetected
misstatements exceeds materiality for the FS as a whole.
The auditor shall design and perform audit procedures whose nature,timing and extent are based
on and are responsive to the assessed risks of material misstatement.
The auditor of the user entity must obtain an understanding of the services provided by the
service organisation and their effect on the user entity’s internal control relevant to the audit,
sufficient to identify andassess the risks of material misstatement and perform audit procedures
responsive to those risks.
An understanding of the services provided by the service organisationmay be obtained from the
client.
If sufficient understanding is not obtained from the client, the auditorshould perform one or more
of the following procedures:
A misstatement is:
A difference between the amount, classification, presentation, or disclosure of a reported
financial statement item and the amount, classification, presentation, or disclosure that is
required for the item to be in accordance with the applicable financial reportingframework.
Misstatements can arise from error or fraud.
Requirements:
Characteristics:
Reliability:
Procedures:
• Inspection
• Observation
• External confirmation
• Recalculation
• Reperformance
• Analytical procedures
• Enquiry.
External confirmations provide more persuasive evidence as the evidence is obtained directly by
the auditor from an independent source. This is important where there is a higher assessment of
auditrisk.
Definitions:
External confirmation – Audit evidence obtained by the auditor directly from a third party in
paperform or by electronic or other medium.
Positive confirmation request – A request for the third party to confirm whether they agree or
disagree with the information in the request, or provide the requested information.
Negative confirmation request – A request for the third party to respond directly to the auditor
onlyif they disagree with the information provided in the request.
Definition:
Definitions:
• Audit sampling: The application of audit procedures to less than 100% of items within a
population to provide the auditor with a reasonable basis to draw conclusions on the
entirepopulation.
• Sampling risk: The risk the auditor’s conclusion based on the sample may be different
fromthe conclusion if the entire population were subjected to the same audit procedure.
• Non-sampling risk: The risk the auditor reaches an erroneous conclusion for any reason
notrelated to sampling risk.
• Statistical sampling: Random selection of the sample and the use of probability theory to
evaluate results.
• Tolerable misstatement: A monetary amount set by the auditor in respect of which the
auditor seeks to obtain an appropriate level of assurance that the monetary amount set
bythe auditor is not exceeded by the actual misstatement in the population.
• The higher the assessed risk of material misstatement, the larger the sample size.
• The more the auditor is relying on other procedures, the smaller the sample size.
• The greater the level of assurance the auditor requires, the larger the sample size.
• The lower the tolerable misstatement, the larger the sample size.
• The greater the amount of misstatement the auditor expects to find, the
larger the samplesize.
• When a population can be appropriately stratified, the aggregate of the
sample sizes will beless than the sample size if one sample had been tested
from the whole population.
• For large populations, the size of the population has little effect on the sample size.
Summary of International Standard on Auditing (ISA) 251
Obtain sufficient and appropriate evidence about whether accounting estimates and related
disclosures are reasonable in the context of the financial reporting framework.
Professional scepticism should be increased in relation to the assessed level of inherent risk, and
where accounting estimates are subject to a greater degree of estimation uncertainty.
• Separately assess inherent risk and control risk to assess the risk of material misstatement.
• Respond to the risk of a material misstatement by:
- Reviewing events after the reporting period
- Testing how management made the estimate
- Developing an independent estimate
• Request written representation from management about whether the methods,
significantassumptions and data using in making the estimates are appropriate.
Obtain sufficient appropriate evidence about whether events occurring between the date of the
financial statements and the date of the auditor's report that require adjustment of or disclosure
inthe financial statements are appropriately reflected in those financial statements.
Between the date of the financial statements and the date of the auditor’s report, perform
procedures to identify events that require adjustment or disclosure in the financial statements.
No obligation to perform audit procedures after the date of the auditor’s report. If a fact becomes
known that would cause the auditor to amend the auditor’s report, discuss the matter with
management and determine whether the financial statements need amendment.
If an amendment is required and management do not amend the financial statements and then
issue the financial statements, the auditor must take action to prevent reliance on the auditor’s
report.
Summary of International Standard on Auditing (ISA) 252
Auditor must:
Definition:
Contents:
• The extent to which the internal audit function's organisational status and
relevant policiesand procedures support the objectivity of the internal
auditors.
• The level of competence of the internal audit function.
• Whether the internal audit function applies a systematic and disciplined
approach, includingquality control.
• The work was properly planned, performed, supervised, reviewed and documented.
• Sufficient appropriate evidence has been obtained.
• The conclusions reached are appropriate in the circumstances.
• The reports prepared are consistent with the work performed.
Summary of International Standard on Auditing (ISA) 253
The external auditor may use the internal audit function to providedirect assistance with the
external audit under the supervision andreview of the external auditor.
Direct assistance cannot be provided in countries where national law prohibits such assistance.
• Title
• Addressee
• Auditor’s Opinion
• Basis for Opinion
• Going Concern
• Key Audit Matters (listed companies)
• Other Information
• Responsibilities of Management for the Financial Statements
• Auditor’s Responsibilities for the Audit of the Financial Statements
• Name of Engagement Partner (listed entities)
• Signature of the Auditor
• Auditor's address
• Date of the Auditor’s Report
Summary of International Standard on Auditing (ISA) 254
ISA 701 Communicating Key Audit Matters in the Independent Auditor's Report
Key audit matters (KAM) Are those that in the auditor's professional judgment were of most
significance in the audit and are selected from matters communicated with those charged with
governance.
KAM include:
ISA 705 Modifications to the Audit Opinion in the Independent Auditor's Report
Definitions:
Modifications:
When the auditor modifies the opinion, the basis for the opinion is amended to ‘Basis for
QualifiedOpinion’, ‘Basis for Adverse Opinion’ or ‘Basis for Disclaimer of Opinion’ as appropriate.
The ‘Basisfor...’ section includes a description of the matter giving rise to the modification.
Summary of International Standard on Auditing (ISA) 255
ISA 706 Emphasis of Matter Paragraphs and Other Matter Paragraphs in the Independent
Auditor's Report
Emphasis of matter
Refers to matters appropriately presented or disclosed that are fundamental to the user’s
• Refers to matters relevant to the user’s understanding of the audit, the auditor's
responsibilities or the auditor's report.
ISA 720 The Auditor’s Responsibilities Relating to Other Information in Documents Containing
Audited Financial Statements
Auditor responsibilities:
• Read other information to identify material inconsistencies with the FS or the auditor’s
knowledge which indicates material misstatement of the FS or the other information.
If an inconsistency is identified: